Video Screencast Help
Endpoint Management Community Blog
Showing posts tagged with Altiris Server Management Suite
Showing posts in English
Deepanshu | 17 Nov 2008 | 4 comments

Some useful information about ATTRIB command which you can use for changing attributes.

Display or change file attributes. Find Filenames.
Syntax

ATTRIB [ + attribute | - attribute ] [pathname] [/S]

Key

+ : Turn an attribute ON
- : Clear an attribute OFF

pathname : Drive and/or filename e.g. C:\*.txt
/S : Search the pathname including all subfolders.

attributes:

  • H Hidden
  • S System
  • R Read-only
  • A Archive

If no attributes are specified ATRIB will return the current attribute settings. Used with just the /S option ATTRIB will quickly search for a particular filename.

Combining the Hidden and System attributes.

If a file has both the Hidden and System attributes set, you...

dougj | 12 Nov 2008 | 1 comment

It is a misnomer to state that Custom Inventory supports certain data types. Within the aexcustinv.exe process, all data is treated as a string type. It is incumbent on the Notification Server dataloader to interpret the data types defined in the column attributes, create the table properly in the database, and validate the incoming data.

So, it is a clearer to say that when creating custom inventory XML scripts, certain data types can be processed by the NS dataloader.

Currently, the dataloader will process the following data types:

Custinv Data Type Converts to SQL Data Type
string nvarchar
int int
dateTime datetime
r4 real
float float
i2...
BRING | 10 Nov 2008 | 0 comments

Standard Reports - You should be able to trust them, especially when they have to do with how complete your patching is in your environment. Normally you can check the reports (Like the "Microsoft Compliance and Vulnerability by Computer" report), and then go set up the correct tasks, and remediate the machines.

If you are like most administrators, you will know what bulletins and tasks you have enabled for distribution. So when you see them show up as vulnerable in the report it becomes very easy to be frustrated (and it could get you in trouble too!). The next thing to do is to be absolutely sure that your reports are accurate. You do this by spot-checking or auditing a few of the individual machines that are reported as vulnerable.

But what do you do when you find that the reports you trusted were wrong? The machines actually were...

dfnkt_ | 24 Oct 2008 | 3 comments

Microsoft has released a bulletin to certain partners dated October 23, 2008 regarding a patch MS08-067 that patches a vulnerability in the server service that could allow remote code execution from an unauthenticated user. You can view more about it here: http://www.microsoft.com/technet/security/Bulletin...

Altiris has worked through the night and released the update and if your pmimport.cab download has run for today, then you should see MS08-067 in Tasks> Software Management> Patch Management> Manage Software Updates.

If your pmimport.cab has not updated then you should manually kick off this job by going to Configuration> Software Management> Patch Management> Server Settings> Microsoft Settings and right click on Microsoft Patch Management Import and select Start download...

Eshwar | 20 Oct 2008 | 7 comments

I have created the following report when I was asked to write an altiris report, to find a list of software installed on the given user’s PCs.

I was given a list of users as input to the report. Now I have to find out the list of software in each user’s PC. There are actually two reports in this.

  1. Finding primary user of the computer
  2. Display list of software on the computer

1. Finding primary user of the computer:

SELECT DISTINCT (PU.[User]), vComputer.[Name] AS 'Machine Name',
ACI.[Domain] AS 'Domain'      
FROM vComputer        
INNER JOIN [inv_aex_ac_primary_user] PU  
ON PU._ResourceGuid = vComputer.Guid        
JOIN [Inv_AeX_AC_Identification] ACI  
ON ACI.[_ResourceGuid] = vComputer.Guid   
WHERE PU.[Month] = datename(month, getdate())   
AND UPPER(PU.[User])
IN (...
dnorris | 07 Oct 2008 | 0 comments

When packaging an application requiring an exception within the XP firewall, you can automate the exception using netsh.

The XP firewall can be configured using the firewall command of the netsh utility. For full usage options, type the following:

netsh firewall ?

To add a program exception to the firewall, you will need to specify a descriptive name for the exception and the path to the executable. For this example, we'll use a description of SomeAppException and an executable path of C:\Program Files\SomeApp\App.exe.

The following script performs a check to ensure that XP is running, then calls the netsh command.

REM Allow exception in XP Firewall

REM Only perform this for XP
ver | find "XP" > nul
if %ERRORLEVEL% == 0 goto Is_XP
goto exit

:Is_XP
:Run Windows XP...
BRING | 17 Sep 2008 | 0 comments

Why do I see the same installer listed 3 times when I created the Software Update Tasks for MS08-053? See the graphic below.

They are not actually the same. In creating the task, unfortunately Microsoft did not label the tasks differently for each operating system as they have with other bulletins. You can confirm this by selecting the installer under the "Update Name" column on the screen. It will show you a different guid for each one, and the description listed is unique.

nac | 15 Sep 2008 | 6 comments

Many times we have to customize the installation of vendor MSI, by selecting complete, typical or customize installation of the package. This will install particular features when selected. If we add another feature, it may not install, and we cannot see the files and registries added by the component present in this feature.

Using Custom Action:

Check for the custom action which is installing selected features and edit to add the feature.

Edit the custom Acton to add New Feature

kevinparedes | 12 Sep 2008 | 0 comments

If you ever have a problem trying to download a package using the IIS codebase, when it just fails partway through every time, you might want to check the package to make sure that there are no folders named "BIN" in the package.

Apparently starting in Windows Server 2003 IIS and ASP.NET blocks URLs with a folder named BIN in them. Some shrink wrapped apps, like WSFTP2007 for example, have a folder named BIN in them and so can't be downloaded from the NS to a client or from the NS to a package server using the IIS codebase.

To get around this you can add the below registry entry and restart IIS.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ASP.NET]
"StopBinFiltering"=dword:00000001

This does not seem to cause any problems for Altiris, but keep in mind that if you are running other ASP.NET apps on the same server you could...

robertser | 10 Sep 2008 | 6 comments

Need to get files other than the standard .exe files into your inventories. Perhaps the programs you need to inventory do not have .exe files such as ActiveX Controls.

These can easily be added in by using the Audit Plus Configuration Editor that is part of Inventory Solution. By default it is found in this folder on your Notification Server: Program Files\Altiris\Notification Server\NSCap\Bin\Win32\X86. Run AexAPedit.exe and click on the File Masks tab.

The instructions there show that you can only enter in file types such as *.DLL or *.OCX. You can also enter in full filenames. A good example is "flash*.ocx". This inventories the different Flash Player files that will let you know what versions of Flash Player you have installed.

We use this quite extensively and can then build Software Delivery jobs and other tasks...