Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Endpoint Management Community Blog
Showing posts tagged with Client Management Suite
Showing posts in English
R-Vijay | 07 Dec 2007 | 0 comments

The internal version number for Windows Vista is 6.0. The GetVersion function returns this version number. The problem is, some applications will return a higher version number. This means trouble. Learn how to steer clear, here.

Symptoms of OS Version

  • Applications that check for OS version will get higher version number.
  • Application installers may prevent themselves from installing the app and apps may prevent themselves from starting.
  • Applications may warn users and continue to function properly.

Mitigation Techniques for OS Version

  • For apps and installers that check for OS version, a Compatibility mode is provided in Windows Vista
  • Users can right right-click the shortcut or the EXE and apply the Windows XP SP2 compatibility mode from the Compatibility tab. This applies multiple shims including "WinXPSP2VersionLie"
  • Better: Apply the shim "WinXPSP2VersionLie"
  • In many cases, applications...
kmieciooo | 06 Dec 2007 | 2 comments

Sometimes there is a need to slow down a software deployment. I had it once -- when deploying encryption software. In my case the problem was main encryption server -- which was not able to process more than 50 events from clients.

Here's how to sloooooow your deployment down a bit.

I was wondering how to deploy it slower to my more than 1000 machines. SQL helped me with simple solution -- which is -- using a SELECT TOP query in the target collection.

Simply create your target collection using the SELECT TOP ... query and it will be updated in next collection update cycle.

Enjoy your slow uptake ;-)

R-Vijay | 20 Nov 2007 | 0 comments

Hi all,

Check out this Symantec White Paper to get details on the Best Practices for Windows Vista Migration Planning and Management.

Note: You will need to register for this library site. Though it takes some time for registering....This paper is worth it!


dougj | 20 Nov 2007 | 2 comments

After much research, we have found that it is possible to capture the configured speed of network cards. This is found in the root\WMI namespace in the MSNdis_LinkSpeed class.

Note that the link speed is the configured speed regardless of whether it is automatically or manually configured.

Also, the speed is in KB and the right-most digit is a single decimal. That means that 100000 is 10,000.0 KB/S.

Here is a sample custom inventory source:

<InventoryClass name='linkspeed' manufacturer='Altiris' description='' version='1.0' platform='Win32' mifClass='Altiris|MyCustomClass|1.0'>
<xml xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema">
<s:Schema id="RowsetSchema">
<s:ElementType name="row" content="eltOnly" rs:updatable="true">
<s:AttributeType name="c0" rs:name="Active" rs:number="...
Andrew Souter | 13 Nov 2007 | 1 comment

Ever wondered how you automatically notify the user that a managed password (typically the Administrator account) has been accessed by an administrator when using Local Security Solution? No Notification Policy exists by default.

Learn how to install just such a Notification Policy in this tip.

Save the following XML and import it into your Notification Policy folder under Local Security Solution.

<item guid="{08dd7ae1-476c-4315-868a-c80bd9f3db68}" classGuid="{ff0a95e4-304e-45d2-90b7-7d0267865a25}">
<!--  Type: Altiris.NS.StandardItems.Policies.NotificationPolicy  -->
<!--  Assembly: Altiris.NS.StandardItems, Version=6.0.6074.30, Culture=neutral, PublicKeyToken=d516cb311cfb6e4f  -->
<name>Notify Primary User of Admin Password Disclosure</name>
<alias />
dougj | 08 Nov 2007 | 4 comments

It has been found that, on occassion, AeXSNPlus can return more than one serial number. One such case is when a laptop is plugged into a docking station and snplus captures one serial number for the laptop and a second for the docking station. It is possible for the docking station serial number to be incorrectly reported as the laptop's serial number.

A filter for aexsnplus.exe can be created to ensure the docking station serial number is excluded.

Suppose that the docking serial number begins with "00C0".

  1. Create an ini file with the following contents and place it in the Inventory Solution package directory. By default, this is: C:\Program Files\Altiris\Notification Server\NSCap\Bin\Win32\X86\Inventory Solution. We'll assume that the ini file is named 'exclude_dockingstation.ini'.
  2. Modify the aexinvsoln*.ini file(s) that contains the applicable aexsnplus.exe...
Terry Cutler | 29 Oct 2007 | 0 comments

In mid September of this year (2007), the updates to Altiris RTSM, OOBM, and OOBSC provided support for the following Intel vPro and Centrino Pro capabilities:

First, take a look at a previous article\post about Intel AMT versions and features. At the bottom of that article, the Intel SCS versioning is explained.

With the latest release of Altiris OOBSC, the Intel SCS version is 3.0. If unsure what version you are running, check the AMTconfig windows service version information. Intel SCS version 3.0 is the latest Altiris validated version. However, if you want to try a newer version, click here. NOTE:Test this offline from the production systems before deploying.

With that - some key items you'll notice in the Altiris Client Management Suite with the latest release:

  • Ability to central change Intel AMT...
MBHarmon | 23 Oct 2007 | 6 comments

In our organization we have some very security sensitive managers, one of whom was wholeheartedly for Local Security Solution (LSS). However, he quickly became concerned that passwords, after being disclosed, were opening security holes. While limited to those computers, he was still concerned enough and he has enough pull to have this issue block our full implementation of Local Security Solution. Therefore, it quickly became important to address his issues. Instead of upping our password reset interval for everyone, I came up with the idea of just reseting those passwords that had been disclosed.

After looking through the default LSS reports I found one that almost immediately fit our needs. After ripping it apart I was able to come up with a collection of computers that have had their current Local Security Solution passwords disclosed....

R-Vijay | 19 Oct 2007 | 0 comments

Gacutil must not be called from a custom action. Gacutil is not designed to be used during installation.

Gacutil.exe works, but it is a developer tool, and developer tools go into SDKs and not runtime packages typically. It isn't really appropriate to put more tools into the runtime because that causes it to get larger, which makes it more difficult for applications to redistribute because of increased download size, etc.

In general, installing an assembly to the GAC is an application deployment activity, and is most often done during application setup. One should use Windows Installer to install your application. Starting with version 2.0, Windows Installer has built-in functionality to install assemblies to the GAC - the MsiAssembly and MsiAssemblyName tables in particular.

Its always better to use a MSI as an installer and directly authoring files, registry and GAC installation steps using built-in Windows Installer functionality instead of using a batch...

erikw | 18 Oct 2007 | 6 comments

I found a great video about Intel vPro working on Dell hardware. It's a good quick overview about a technology that's getting a lot of buzz.

Below you find the link.
Enjoy it.