Video Screencast Help
Endpoint Management Community Blog
Showing posts tagged with Client Management Suite
Showing posts in English
R-Vijay | 20 Nov 2007 | 0 comments

Hi all,

Check out this Symantec White Paper to get details on the Best Practices for Windows Vista Migration Planning and Management.

Note: You will need to register for this library site. Though it takes some time for registering....This paper is worth it!


dougj | 20 Nov 2007 | 2 comments

After much research, we have found that it is possible to capture the configured speed of network cards. This is found in the root\WMI namespace in the MSNdis_LinkSpeed class.

Note that the link speed is the configured speed regardless of whether it is automatically or manually configured.

Also, the speed is in KB and the right-most digit is a single decimal. That means that 100000 is 10,000.0 KB/S.

Here is a sample custom inventory source:

<InventoryClass name='linkspeed' manufacturer='Altiris' description='' version='1.0' platform='Win32' mifClass='Altiris|MyCustomClass|1.0'>
<xml xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema">
<s:Schema id="RowsetSchema">
<s:ElementType name="row" content="eltOnly" rs:updatable="true">
<s:AttributeType name="c0" rs:name="Active" rs:number="...
Andrew Souter | 13 Nov 2007 | 1 comment

Ever wondered how you automatically notify the user that a managed password (typically the Administrator account) has been accessed by an administrator when using Local Security Solution? No Notification Policy exists by default.

Learn how to install just such a Notification Policy in this tip.

Save the following XML and import it into your Notification Policy folder under Local Security Solution.

<item guid="{08dd7ae1-476c-4315-868a-c80bd9f3db68}" classGuid="{ff0a95e4-304e-45d2-90b7-7d0267865a25}">
<!--  Type: Altiris.NS.StandardItems.Policies.NotificationPolicy  -->
<!--  Assembly: Altiris.NS.StandardItems, Version=6.0.6074.30, Culture=neutral, PublicKeyToken=d516cb311cfb6e4f  -->
<name>Notify Primary User of Admin Password Disclosure</name>
<alias />
dougj | 08 Nov 2007 | 4 comments

It has been found that, on occassion, AeXSNPlus can return more than one serial number. One such case is when a laptop is plugged into a docking station and snplus captures one serial number for the laptop and a second for the docking station. It is possible for the docking station serial number to be incorrectly reported as the laptop's serial number.

A filter for aexsnplus.exe can be created to ensure the docking station serial number is excluded.

Suppose that the docking serial number begins with "00C0".

  1. Create an ini file with the following contents and place it in the Inventory Solution package directory. By default, this is: C:\Program Files\Altiris\Notification Server\NSCap\Bin\Win32\X86\Inventory Solution. We'll assume that the ini file is named 'exclude_dockingstation.ini'.
  2. Modify the aexinvsoln*.ini file(s) that contains the applicable aexsnplus.exe...
Terry Cutler | 29 Oct 2007 | 0 comments

In mid September of this year (2007), the updates to Altiris RTSM, OOBM, and OOBSC provided support for the following Intel vPro and Centrino Pro capabilities:

First, take a look at a previous article\post about Intel AMT versions and features. At the bottom of that article, the Intel SCS versioning is explained.

With the latest release of Altiris OOBSC, the Intel SCS version is 3.0. If unsure what version you are running, check the AMTconfig windows service version information. Intel SCS version 3.0 is the latest Altiris validated version. However, if you want to try a newer version, click here. NOTE:Test this offline from the production systems before deploying.

With that - some key items you'll notice in the Altiris Client Management Suite with the latest release:

  • Ability to central change Intel AMT...
MBHarmon | 23 Oct 2007 | 6 comments

In our organization we have some very security sensitive managers, one of whom was wholeheartedly for Local Security Solution (LSS). However, he quickly became concerned that passwords, after being disclosed, were opening security holes. While limited to those computers, he was still concerned enough and he has enough pull to have this issue block our full implementation of Local Security Solution. Therefore, it quickly became important to address his issues. Instead of upping our password reset interval for everyone, I came up with the idea of just reseting those passwords that had been disclosed.

After looking through the default LSS reports I found one that almost immediately fit our needs. After ripping it apart I was able to come up with a collection of computers that have had their current Local Security Solution passwords disclosed....

R-Vijay | 19 Oct 2007 | 0 comments

Gacutil must not be called from a custom action. Gacutil is not designed to be used during installation.

Gacutil.exe works, but it is a developer tool, and developer tools go into SDKs and not runtime packages typically. It isn't really appropriate to put more tools into the runtime because that causes it to get larger, which makes it more difficult for applications to redistribute because of increased download size, etc.

In general, installing an assembly to the GAC is an application deployment activity, and is most often done during application setup. One should use Windows Installer to install your application. Starting with version 2.0, Windows Installer has built-in functionality to install assemblies to the GAC - the MsiAssembly and MsiAssemblyName tables in particular.

Its always better to use a MSI as an installer and directly authoring files, registry and GAC installation steps using built-in Windows Installer functionality instead of using a batch...

erikw | 18 Oct 2007 | 6 comments

I found a great video about Intel vPro working on Dell hardware. It's a good quick overview about a technology that's getting a lot of buzz.

Below you find the link.
Enjoy it.


R-Vijay | 15 Oct 2007 | 3 comments

Here's a command you can use to assign permissions to a registry key. You can write this action using VBScript or WiseScript. As this script needs admin privileges to work, run this action in system context in deffered execution.

SetACL.exe -on "hklm\software\microsoft\policies" -ot reg -actn ace
-ace "n:domain1\user1;p:full"

This command sets 'full' permissions on the registry key 'HKEY_LOCAL_MACHINE\Software\Microsoft\Policies' for user 'user1' in domain 'domain1'.

Vijay Raj

R-Vijay | 02 Oct 2007 | 1 comment

You can use the Windows Installer to detect missing components or files and then reinstall features containing the missing components. Because the installer installs features, and not components, it must first resolve to which component a missing file belongs and then install the feature containing that component.

If more than one feature is linked to that component, the installer installs the feature requiring the least disk space. Calling MsiGetComponentPath verifies that the key file of a component is present; however, it is still possible that other files belonging to the component are missing.

In this case, call MsiInstallMissingFile. The installer then resolves to which component the file belongs and installs the feature that is linked to the component that requires the least disk space. If the MsiGetComponentPath function...