Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Management Community Blog
Showing posts in English
tech9 | 05 Jun 2007 | 6 comments

This tool is not only helpful for scanning/finding all IP addresses/hostnames on a LAN, but it is also useful for finding MAC addresses when creating predefined Computers within the Altiris DS Console.

www.download.com/Angry-IP-Scanner/3000-2085_4-1054...

Joel Smith | 05 Jun 2007 | 0 comments

The Intel vPro Manageability Toolkit requires a large number of prerequisites and installs to properly complete the full install. It is recommended to use the Solution Center if possible so that all prerequisites are automatically installed. This can be done by browsing to the 'Install/Upgrade Additional Solutions' node, under the 'Available Solutions' tab, under 'Segments', and 'Partner Solutions'.

However this isn't always feasible. If so, the following list provides the list of items to be installed, and in what order they should be installed in.

Here are the products, in order, found at http://www.solutionsam.com/solutions/6_0/:

Name -- Filename on solutionsam.com

  1. Altiris Notification Server with SP3 -- Altiris_NS_6_0.exe
  2. Altiris Notification Server R5 -- Altiris_NS_6_0_SP3_KB31946.exe
  3. Altiris Notification Server Documentation -- Altiris_DocNS_6_0.exe
  4. Altiris Console 6.5 -- Altiris_Console_6_5.exe...
SK | 04 Jun 2007 | 2 comments

When the Global Assembly Catalog (GAC) is viewed with Windows Explorer, only part of it is exposed, as most of it is hidden (protected) by the Operating System. How can Windows Explorer access these other areas?

Either create the following registry DWORD file and then merge it with your registry, or simply create the DWORD directly in your registry.

_________

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion]
"DisableCacheViewer"=dword:00000001

...

WiseUser | 04 Jun 2007 | 0 comments

Just in case you forgot exactly what page of the documentation details the Wise switches, here's a list (from user kv17675) that you can bookmark.

Wise Setup.exe Switches

/T test mode
/X pathname extracts files into pathname
/Z pathname extracts files into pathname and reboots
/S silent install
/M prompts for windows, system, temp dirs
/M=filename specifies a value file similar to /d above,
but for standard variables
/M1 same as /m plus it prompts before any file that is self-registered
/M2 reserved for internal use by Wise during debugger sessions

Uninstall (Unwise.exe switches)

/Z remove empty directories, including one with unwise itself in it.
/A automatic mode, no user choices other than cancel.
/S silent mode, automatic mode with no user choices...

jasoncordell | 04 Jun 2007 | 1 comment

Hey Everyone,

I am trying to automate some menial tasks and need some help. The final task for a DS imaging or PCT job is a vb script that will send an email to incidents@mydomain.com. This will cause an incident to be automatically created. Since we have bunches of these per day, I don't really want to have someone have to go into each incident and change a couple fields and close it.

I was given a tip on Altirigos to use {HelpdeskValue} in the email to set the values in the incident, but I can't seem to make it work yet.

I did some poking around on the web and I was able to find the DataIsland info in the formats.xml file and found that I should be able to use the following fields.

workitem_priority_lookup_id
workitem_status_lookup_id
workitem_category_tree_value
workitem_external_reference
workitem_action
workitem_source
workitem_category_lookup_id
...

ccole | 01 Jun 2007 | 0 comments

PCI DSS is tough on wireless LANs. I suppose wireless LANs have earned this reputation, deservingly so. Too many retailers operate open wireless networks without any encryption or they have used WEP, which can be broken in about 6 minutes of sampling.

PCI DSS requires the following of wireless LANs:

  1. 1. Firewall separation of wireless LANs from the wired network
  2. 2. If WEP is used, keys must be rotated at least quarterly
  3. 3. No default Admin IDs and passwords.
  4. 4. SNMP agents can't have community strings of "public"
  5. 5. Disable SSID broadcasts
  6. 6. Preferably use WPA or WPA2
  7. 7. Disable FTP
  8. 8. Save AP logs

Manually auditing wireless APs is time-consuming. If you are in the middle of wireless audits, www.Wifi-Owl.com is looking for beta testers with Cisco APs to audit and satisfy for requirements 2.1.1, 4.1.1, 10.5...

BRING | 31 May 2007 | 0 comments

No one likes to see too much fat anywhere. It is great when it lightly surrounds a New York strip steak, or slowly tenderizes a roast, but not in too many other places. It definitely does not belong in SQL transaction logs.

Unfortunately, some transaction logs get bigger and bigger, some by gigabytes a day, or even in hours. This is usually indicative of a problem.

The Altiris KB article entitled "Why is the SQL Transaction Log growing by Gigabytes Daily?" and found at https://kb.altiris.com/article.asp?article=35211&p=1
outlines one way that this can happen, and how to keep it from happening in the future.

Joel Smith | 31 May 2007 | 0 comments

Q:
How does Inventory Forwarding affect Inventory Solution Licensing?

A:
The short answer is that each forwarded resource will use a license node for Inventory Solution.

Inventory Forwarding sends data that creates a Managed Resource on the destination Notification Server. This consumes a license for Inventory Solution. Thus a combined license containing enough nodes for all forwarded Resources (equaling the number of nodes managed from all the lower tier Notification Servers) should be applied to the top-level Notification Server so licensing will not be exceeded.

If separate licenses have been purchased for different lower-tiered Notification Servers, they need to be combined to apply to the top-level Notfication Server. You can manage your licensed through the Altiris (now a part of Symantec) License Management Portal, or LMP.

...

Joel Smith | 30 May 2007 | 0 comments

In a secure network environment, it's important to know what Ports are accessed and utilized by your management applications. Network Discovery is an agentless discovery tool that allows the Notification Server to go out on the wire and discover what devices exist. This tech tip covers what ports are used by Network Discovery, including their corresponding protocol.

The following Ports are Required by Network Discovery:

  • SNMP : 161
  • HTTP : 80

The following Ports are Optional, but are used by Default:

  • FTP : 21
  • SSH : 22
  • Telnet : 23
  • SMTP : 25
  • Sun RPC : 111
  • Terminal Services : 3389

The following Ports are used If AMT is Enabled:

  • Small Business Mode : 16992
  • Enterprise : 16993

SNMP uses UDP, and the rest are defaulted at TCP.

*Many of the above items can be configured within the Scan Policy for Network Disocovery. See this...

tech9 | 29 May 2007 | 3 comments

An alternate tool - when PXE is busted or down. It's worked for us a couple of times. We've learned through past experience that it never hurts to have a plan "B".

http://www.reatogo.de/REATOGO.htm

Include rdeploy in your ISO.