Webcast: Scanners, scan profiles, & PowerShell - Transcript

company JJB
JJ Bateman|Updated May 17, 2021
There's no place like
There's no place like
    No Data

    Thu, 4/8 • 39:44

    SPEAKERS Lex, Jordan, JJ, Kelly

    Lex  00:00 ---  Everybody selection PDQ.com scanners, scan profiles, power show excitement, I'm telling you right now. And right buckle up strap in, let's get in, let's get on, let's get going. 

    JJ  00:13 ---  All those things,

    Lex  00:14 ---   all those things. That's right, every

    Jordan  00:16 ---  single one of them.

    Lex  00:19 ---  So in talking about scanners, well, let's just talk about scanners going into inventory, we have scan profiles. Now these are the standard scan profiles that come when you purchase PDQ Deploy. Now you notice this standard scan profile is the only one that actually has a trigger on it. So let's just kind of run through and just talk about what scan the scan profile has in it. So this is a standard scan profile. And, and obviously, you can see there is a description and scan as user. So you can do scans as different, you know, local system logged on user, so on and so forth, I would definitely stick with the scan user, unless there is a compelling reason not to. Now, these are all scanners that have been included that we built for you. Now if you do hit add here, you'll notice there's files and directories, PowerShell scanner, registry scanner and WMI scanner, they're not employed in this. And these are for you. Obviously, you can use all of these but these are basically for you to use to bake custom scanner scanners. With that trigger Now the one thing you know you've seen on the screen before. The one thing that's different about this is the scan age trigger. And I like this, you know, I can schedule a scan to run weekly on Friday, but if the machines are off every Friday, you're never gonna get a scan, when you do the scan age like we have here. If they scan seven days or older, it's gonna get the scan. So if I turn my machine off for 10 days, I come in on a Wednesday, I get on the network notices on there, it will scan at that moment, Jordan, anything you want to add to, you know, triggers or scan details at this point.

    Jordan  01:56 ---  And not so much for the details. But the default scan, as you saw when you had that up is, that's a lot, it's a pretty intensive scan, it still goes pretty quick, but you don't always need all of that data. So if you need less, you might want to create your own scanners or scan profiles that have just a condensed version of what you're looking for.

    Lex  02:13 ---  Yeah, you can do that. The other thing you can do is let's say you wanted to do a more aggressive standard scan on a handful of machines, you can actually probably leave this open, go pointless scanner, duplicate it, you know, build your own, and point it at a collection source. So in my case, I would build a scanner that is very, very processor intense, looking through a registry and running it on Jordan's machine probably every 15 minutes just to mess with it. But right so beyond messing with people you can eliminate what is a scan? What was that

    Jordan  02:48 ---  it's a light touch, I'm not gonna notice at all, that's probably a good point.

    Lex  02:53 ---  Anywho, you can limit the scan. So if you're going to aggressively scan stuff, you can limit the machines that you're doing that. So if there's a group that does a lot of application installs that you allow to do that you can actually run applications against them more frequently. Now speaking of, you know, limiting that scan, that standard scans pretty big. And again, in deploy, it's usually best practice to not hit deploy once when you're talking about scanners, but you go to options, and preferences, and under deployments, it comes default with the default scan profile, which is your standard scan profile. In this case, you probably want to move it over to applications because hardware probably is not going to change unless you've got some magical software installation that installs hardware. Thoughts Jordan?

    Jordan  03:39 ---  I Yeah, definitely. Applications are incredibly cool. Can you do just that? And it's probably the perfect one to add for deployments.

    Lex  03:48 ---  Thank you. Now you can modify these and you'll notice the application scanner. If you go to details. It pulls computer details in hotfixes notched application, so you could go add, you know, let's say I wanted to grab some ad information, you could go add that to the so you can modify these. I'm not but you can. Let's jump in and do a custom scanner. And actually, we'll start out with a file file scanner. So let's go look for you know, for lack of a better thing to look for all the exes in Windows system 32 directory. So we'll call this the system 32 exes right,

    JJ  04:31 ---   or 23 whatever 

    Lex  04:32 ---  says so close my dyslexia kicks in. And you know, I'm gonna leave it fine. Puts the Lex in dyslexia. This case, I'm going to go add a file and directory scanner. Okay, I'm going to look for files, okay, you can look for directories, you can look for both. Okay, your wildcards right up here top. Okay. So in this case, I am going to use a system variable winder and then we're going to look into system 23 All right. If I say it that way, I'm going to get the right number. And then splat dot exe. I could run this against I guess the whole entire drive and grab every Exe, that's out there a couple of things, you're going to run into one, you're going to grab a lot of data, assuming you've got a lot of exes. Let's see, you're looking for temp files, or DLLs, right. So the more precise you are about the location you're looking, the faster this is going to run, you're going to limit the amount of data you get back. Also, with that right down here, we have a roll limit in there. So you don't completely just bog down your database by grabbing, you know, random information of sorts like that Jordan, thoughts before I save this and kick it off.

    Jordan  05:44 ---  I mean, 2500 is a lot. If you're running that your database is going to become bloated, you're gonna start probably seeing some performance slowdown. So it's easier if you don't want to change your limit, make sure you catch everything, you want to make sure you're getting precise with your patterns to get only what you're looking for.

    Lex  06:02 ---  That is a good point. So precise locations, precise patterns. Now, if you did want to look at system 32 and beyond, I probably should have shown you this before it closed it. In here. The wildcard for current and all subdirectories is to splats. So that's right there, which I think I covered up but at least I'm using the highlighter and JJ 

    JJ  06:22 ---  Thanks, man.

    Lex  06:24 ---   Okay, I'm going to kick this off. It'll run fairly quick. But let's take a question. While this is running.

    Kelly  06:31 ---  Dear Lexan, Jordyn The one thing that always challenges me is how to know what to use to ensure I'm bringing the data back so that it's usable in a good column or format. I struggle to get the data coming back clean. So it looks aligned and is reportable in PDQ inventory. Thanks and love you guys. A Solomon.

    Lex  06:51 ---  Hey, so aSolomon you're drinking today to see I'm assuming I'm gonna make this assumption, you're running a PowerShell scanner, and you're having formatting issues, say like maybe date formats. Jordan, thoughts on this one, because I would assume this is going into PowerShell stuff.

    Jordan  07:10 ---  Yet with most scanners the data pulls in is what it finds on the device with the PowerShell scanner, you can modify. If you go to our GitHub, the PowerShell scanners page, there's a lot of pre built scanners in there. And I think one of them is the last logged on user where it's going through. It's going through the event log, and it's converting datetime. And that one kind of gives you an idea on how you can change that one. So you can

    Lex  07:37 ---  download this and take a look.

    Jordan  07:38 ---  So there's a whole lot of things. But basically, what you want to do is you can build a at the end of this, the scan, PS custom object, and you can specify each bit of data you're looking for. And if you need to do conversions there you can to 

    Lex  07:52 ---  before you pump up that data in the column or the select Format, you alter it there. Because I know dates come back as I get what 10 or 12 digit field, which is how many seconds past my birthday, I guess the date is I don't know,

    Jordan  08:04 ---  if you if you're pulling from active directories that way, or sometimes just the format could be different than you're expecting, you can change all of that within the PowerShell scanner. Okay.

    Lex  08:15 ---  So looking at PowerShell. So that scanners are done and where to go find this information. Now we'll go pop up Bugs Bunny, will go down to files and directories. And there are all the ExE's in system32 on Bugs Bunny. Now, again, because this data is now available, you can query it. And, you know, query builds dynamic collections, so on and so forth. So I guess I could build one of those. But to be honest, I think I've built a million of these for you. So maybe I'll show you what the next scan that we build. Any Any thoughts? Any questions before I move on?

    Jordan  08:56 ---  No, sorry, my, my daughter started throwing a bouncy ball just even one secondary. Who wouldn't?

    JJ  09:03 ---  Carry on. 

    Lex  09:04 ---  Okay, carry on for a while I'm gonna have a drink. Same. Okay, so another scanner that I like, is the WMI scanner. We did the files. Registry scanners are very similar to file scanner. Let me just pop that up so you can see it. So again, you're looking for the path. It's the same wildcards. a couple of caveats on this. Jordan was telling me the other day, you can only do multiple patterns and look for multiple things in the same hive. Right, Jordan but if you're going to jump hives, you got to build another scanner. Am I saying that correct?

    Jordan  09:37 ---  Yes. So eg scanner, you can look as much as you want within a single hive, but multiple scanners if you're looking in both users and local machine, there

    Lex  09:44 ---  you go. And again, with these if you've ever opened regedit and hit find on that runs forever. So again, further down the path in the hive that you're looking for stuff that's going to speed that up for you. Let's jump down and do a WMI scanner. All right? I do a lot of these, I can do a profile, I can do a GPO, Jordan, what are you feeling today?

    Jordan  10:11 ---  Let's go profile profile.

    Lex  10:12 ---  Alright, so we're gonna call this user profiles, users with a Z, apparently, that's we're gonna call it because I'm not, I'm going to try and fix that great thing about Wi Fi is we do have the WMI Explorer, which makes it real easy to find what you're looking for. Now, originally, I went in here, and I typed in a user profile. Okay, and check the boxes and ran it. And this is kind of like running a find in your registry, it took forever, just so you know, to save us all time, it is in route c CMV2 CIMV2 excuse me. And then from here, I can just do a quick user Pro. There it is. Now, once you select that, you're going to see, again, here's the query down at the bottom, right there. Okay, and I always run these for two reasons. One, see how fast it's gonna run. Because that does matter. That was pretty quick. And also, is there any data in here that matters to me, so far, a big No. Until I get to the local path. Now, again, in the vein of keeping my database, you know, compact and clean, most data I don't care about. So I'm just going to alter this and appear and say, give me the local path. Then we'll run it once again to verify that is what I wanted. So again, at this point in a copy the query needs to remember it comes from CIMV2 to paste it in. And surprise  v two is already there. So here's users, oh, by the way, that scanner name, it's going to build a table with that. So my poor typing and spelling will be very apparent when we run this. There it is probably at an in the profile, or in the scan profile. Yeah, user profiles. Close now. And again, running this, it should run that fast on all of these. So the only overhead is going to be connecting, and then returning data. So we want to do a question while this one runs? Sure. All right.

    Kelly  12:22 ---  Hey, Lex, I created a files and directories scan profile. Can I link it to other scan profiles such as standard or applications? Or do I have to duplicate the scanner criteria in each profile I wanted in? Thanks, Chad, B.

    Lex  12:37 ---  Hey, Jed. Let's go see. So we'll go back to scan profiles, we're gonna go add our system 3023 exes, let's see if we can go add that to let's go edit one of these. So we'll go to the standard profile. And can I add it? Not like that. But what you can do is this, I believe we can go in here and copy that. And then we can paste whoops. That is not what I wanted to do, we can go back in here. And then we can go and paste that into the standard at this point, copy paste. Here's my files and directories looking for that. So referencing it, not necessarily, in this case, but you can copy and paste. Hopefully that answers that for you. Not gonna save that, but can't do that. So Alright, so that that ran. Just for kicks and giggles. Let's go take a look and Wi Fi for our users table. There it is. Vincent, here's all the different user profiles that are on the machine. So we can go see how many machines are already logged into. So I'm going to copy this. And again, now I can go and build a new dynamic collection. We'll go reference that table, I misspelled users with a local path containing paste in Mr. alread. there and we'll call this the Alread User Profile 55 machines. So I'm assuming someone's been doing maintenance because obviously, I haven't. Any, any thoughts on that Jordan?

    Jordan  14:18 ---  Yet, with the user profile, it's probably a safe bet. But when you did your WMI scanner, you were looking at your machine, which means it's the WMI built on for your build of Windows. So if it's something more obscure, it might not be the same. You want to test that on all types of operating systems in your environment to make sure that the path is the same

    Lex  14:37 ---  as you know some of the W mine windows 10 does not exist in Windows seven, so you'll get a wmi scanner. So thank you. Very good point. Very good point. All right, so I've shown you some really cool stuff. probably need to get to the true you know, truly powerful scanner which and I know Jordan's Just gonna jump for joy when I say this, which is the PowerShell scanner,

    Jordan  15:04 ---  I don't care for PowerShell,

    Lex  15:05 ---  you don't care for PowerShell at all. Alright, let's do this, we're going to build a PowerShell to pull additional ad information. So let me pull this up Jordan pre built this cuz obviously watching me type this out would take or ever to Jordan, you want to talk us through what's going on here?

    Jordan  15:26 ---  I guess the biggest problem with the using anything in AD is the ad cmdlets in PowerShell aren't native into the machine, you have to have the RSAT tools, the Remote Server Administration

    Lex  15:37 ---  time out did you have to run RSAT setup installed on all the machines,

    Jordan  15:41 ---  I found wait. So the first thing I tried to do was to get all the components I needed. So I could just include those and import the module that wasn't working. So instead, what I did is I pointed at the domain controller, because that's already going to allow remote management and it's already going to have the RSAT tools on there, too. And so basically, yeah, you have to grab the environment computer name, okay. And then when you're running as a script block you could have a dollar sign using, okay, and that lets you put through the computer in my grabs, so I can do a search against the local machine.

    Lex  16:15 ---  And in this case, AD computer using name, which is the computer name, right, properties department, DNS hostname is what we're looking for here.

    Jordan  16:24 ---  Yeah, so with the AD scanner, by default, it doesn't grab all the properties that grabs, it's like eight to 10 of them, okay, so you have to specify which properties outside of that you want to look for, and then still select those at the end, otherwise, it's not going to find it.

    Lex  16:37 ---  Okay, so under the attributor attribute attribute or Attribute Editor. Why? Yeah, I'm doing well today, guys. And I haven't even gotten into my drink really at all. These are all the additional attributes you can pull in this case, we were just pulling department and I thought it'd be kind of cool. So I added a DNS host, just to see what that was with everybody. A question Jordan, and maybe this is more clarification. We're going to run this as a domain admin, because that's the scan profile, we're running this under, can I do with local admin, or LDAP.

    Jordan  17:15 ---  So I don't think local would work because the domain controller is not going to have the local accounts. I'm not sure on labs or not, I haven't tried it. I mean, technically, that is stored on the object in the computer object, but I haven't tested that one. So in this one, we are using domain credentials that the inventory would be using.

    Lex  17:35 ---  So in this case, I just kicked that off, we are running it on Guinness, the department is tested and the DNS hostname is Guinness dot web, dub, blah, blah, blah.

    Jordan  17:42 ---  And if the department was not set, it still wouldn't even pull up the department like it didn't exist. So even though the entry does exist, you can see it in there. If it's not set at all, when you do the query, it's not going to pull it up. So just make sure that you have data in there before you before you run that one.

    Lex  18:01 ---  Okay, now, if you were pulling a date, like the last logon date, or some type of date from here, in this SELECT statement, you would be doing the formatting combined saying that correct?

    Jordan  18:10 ---  Yeah, you'd either do the select statement there or below that is where you do the in brackets PS custom object open, you could define each one there and do the

    Lex  18:19 ---  conversion. I like how Jordan says you can do it thinking I could do that Jordan can do it. Alright, so what I'm going to do is I'm going to take this super cool script and copy it. Now I gotta say block. Brock has written a blog blog has written a Brock about getting ad information imported into custom fields, Jordan, one paste in this, you want to explain the pros and cons of doing it each of these ways.

    Jordan  18:44 ---  So the scanner is going to be easier to run on a schedule, it's less intensive. And it's just something you can set it and forget it. And it's there for reports and everything you use from there. If you're using the custom field, it's a little bit more intensive, you have to run that. As long as you have RSAT on the console machine, you're going to run that there, you're going to create a CSV that has the computer name, as well as the information you want and import that back in. But the advantage for that one is it will allow you to make it filterable on the main window in inventory. So if you're looking for something you're running reports on, I'd say the scanner is the better way if it's something where if you want it front and center on your console, a custom field is gonna put that up front.

    Lex  19:29 ---  So can I run this Jordan? Will this actually do that for us? Yeah, okay, so I'm going to kick this off. It should fill in the department on I guess Guinness in this case.

    Jordan  19:39 ---  If we specified Guinness, although I don't think I specified a name that's probably going to run for everybody.

    Lex  19:44 ---  Alrighty then. Well, maybe, maybe I just filled them all in. Jordan did pre build the custom fields. I'm gonna save that. That's the scanner. I just copied it over. called AD stuff with capital SC in here. options, custom fields. Department two. Okay, so it did work in this case it filled in the test. Is there any of the machines that have department and we should just take a quick glance at

    Jordan  20:11 ---  the cat sales one I can

    Lex  20:14 ---  stylo custom fields? Super spy I like it. So in this case, we could go and to the home field here, because this is a custom field and add what was that called?

    Jordan  20:27 ---  department

    Lex  20:28 ---   department. Thank you. Justin field department, we could go add that, tag it up to the front. And now we can see. Castillo's part is super spy and guinness' test. So apparently, Jordan spent a lot of time filling in departments,

    Jordan  20:43 ---  I really I really built out the lab environment  yet an important part, you have to build the custom field before that, before you run that PowerShell otherwise gonna throw up an error saying you have to have the custom fields. Okay.

    Lex  20:57 ---  All right. So benefits I can see in the department, in this case, any of the custom fields on the default computer screen here. So let's go run our super cool AD stuff against everybody. And we're going to go pull department and DNS hostname if they have them. And so I'm hoping we can look at catstello. And I guess Guinness when they finish. I'll maybe look Babbitt too

    Jordan  21:24 ---  Yeah, all of them should have the DNS when you put it in there. But only Guinness and cat stillo

    Lex  21:29 ---  have the department. So we definitely go down to the PowerShell ad stuff again, guys. If you get nausea map drives AD stuff happens to be the alphabetically first Guinness test. And then there's your DNS hostname. So now I can again, go and make this what I love. Find the data and it's usable as soon as you get it right. So now I can go in and look for my PowerShell AD stuff table. And there's my column's department name DNS host, I can look for anybody that has a name that contains the letter G in it, or tea depending on what you're hit with. And there's 11 that have Geez, all the Granny's Bugs Bunny, so on so forth. So yeah, usable data. Any other thoughts, Jordan, in regards to your PowerShell script?

    Jordan  22:22 ---  Well, that was just kind of a quick one. For the ad, it's because the scanner is running on the local machine, you can't do you can't enter PS-session because that's interactive. But you can do an invoke-command against any machine that has what you're looking for. You can open up avenues to run commands where you can't get the commands on that machine specifically.

    Lex  22:44 ---  Well, very cool. So that's how you can do that. Again, depending on what you want to do, scheduling it, using it on, you know, the default computer screen will depend on how you want to pull that data. Should we hit a speed round? We don't have questions for speed-round.

    Kelly  22:58 ---  Oh, my my.

    Lex  23:01 ---  Yeah, my my zillion. I should have shut up earlier.

    Kelly  23:05 ---  No, no, no, this is perfect for a speed round. Okay. All right. Hey, guys, I have a PowerShell scanner that is running as the logged on user to check data in the user profile. If no one is logged on, when the scanner runs, it appears to wipe out the data from the last scan where a user was logged. Is there a setting I'm missing to not run the scan? If no one is logged on? Steve L.

    Lex  23:29 ---  Now I know there's a setting in deployed, you know, deploy, run a deployment if a user is not logged on to that I don't think you can do that with a scanner. Jordan, you could make a collection that requires someone to be logged on, and then set it the scanner to run against that collection. Okay. You'd also have to kick up the what is the computer info scan and make sure you get it as of that moment as your last here we don't

    JJ  23:54 ---  we don't track.

    Lex  23:56 ---  Keep history. You don't keep Yeah. And then again, every time that scanner runs, it's gonna put in the new data

    JJ  24:01 ---  because you do a PowerShell PowerShell scanner.

    Jordan  24:06 ---  That PowerShell scan Yeah. Save something,

    JJ  24:09 ---  you could do your own little history in his story, in that.

    Lex  24:15 ---  What do you want to do is like, I want to check if you know, I want to grab the data if no users log in, put the old data back. Is that what you're saying? JJ? 

    JJ  24:22 ---  I don't know. That sounds. It sounds tedious. But it sounds like it might solve it.

    Jordan  24:28 ---  The issue from that one is to save the data. You're basically grabbing that from the console. Yeah, with SQL query. So you have to be from their machine running it against the console to grab that data.

    JJ  24:38 ---  Yeah, it's a good point.

    Lex  24:41 ---  We don't know there's some there's some trickery in there. I mean, it probably could be done, but it's going to be some trickery. Well, we definitely went over our minute on that one.

    Kelly  24:49 ---  Yes, Yes, she did. Next question. Is there a way to collect hardware hashes using PDQ? I need to pull them from around 3000 company Voters in the district sincerely, Jeremy, who spoke in class today am hardware hashes.

    Jordan  25:07 ---  So this one, we kind of covered a little bit in the chat earlier. Basically, there is a Windows autopilot info that apparently grabs the hardware hash. Okay, so there's a command line, you can run, I think it's, I installed a script and then the name get dash, wind, Windows autopilot info, though, make that available. But I think that's going to export into a CSV, not an inventory. If you want to be an inventory, you'd have to look at how it's grabbing the data and change the data. So instead of export it to a CSV, we'd grab the information that you could put into the PowerShell scanner.

    Lex  25:46 ---  To kick it off with PowerShell, then read it with PowerShell and put it in a format,

    Jordan  25:50 ---  you have to modify a bit so it stops sending it straight to a CSV. Oh, okay.

    Lex  25:55 ---  All right. What he said, next.

    Kelly  26:01 ---  Hey, guys, I would like to run the scanner manually on a computer outside the network and then import the results back into inventory to work with them. Any chance this gets implemented? Thanks, Marcel. l

    Lex  26:15 ---  you know, that you're gonna need an agent for and we're working on agent guys. So

    Jordan  26:23 ---  well, and with his where he says he if he's running it locally there and then brings it back. It wouldn't work for a PowerShell scanner. You could if you had custom fields, imported into the machines that way?

    Lex  26:34 ---  Yeah. Oh, yeah, I guess you could. Could you? Could you, could you do this, you deploy a thing to run PowerShell that collects that data, turns it to the server and imports it using deploy, 

    JJ  26:49 ---  like a roll up? 

    Lex  26:51 ---  Kinda. What do you think they'd have to be online when it comes on? Yeah,

    Jordan  26:56 ---  there's some it's not the ideal solution, but I could hobble it together. There is some

    Lex  27:02 ---  trickery in there. Also, the word of the day, is that 

    JJ  27:06 ---  we're coming up on the 60 second mark. 

    Lex  27:08 ---  All right. Next,

    Kelly  27:10 ---  strategery, strategic, dearest Lex and Jordan, if a computer is offline, when the scan age is exceeded, will the scan trigger the next time the computer comes online? Similar to heartbeat? Josh? See?

    Lex  27:24 ---  That is exactly how that works. Yes. I made one in under a minute.

    Kelly  27:31 ---  That was easy. We're not even keeping score on this one.

    Lex  27:33 ---  Thank goodness. That's next week. Right?

    Kelly  27:36 ---  That's next week. Hey, guys, with the latest release of inventory, I have noticed that my computers still show a need to reboot after I have rebooted. Is this a known issue? Thanks, de north.

    Lex  27:48 ---  Okay, so let's say you rebooted the machine, but you haven't had a scan on that machine since the reboot, the next scan will probably collect that data for you. So again, your data in inventory is only as good as the last scan. So, you know, reboot a machine, kick a scan off a computer scan computer info scan against, it's pretty small. And see if that comes back. It should if it doesn't, more, you need a ticket or a support call.

    Kelly  28:15 ---  Hey, guys, registry scanner. Can you search currently logged on user? Or will it just search all users sincerely, Eric baba baba be

    Lex  28:27 ---  rich. Let's see scan profiles. I don't think there is a current user hive in that the

    Jordan  28:35 ---  scanner includes the current user. So it means it's only going to look at all of all of the potential users. Okay, yeah, in that one, you could use a power show to do the registry scan. And then you could specify just the current user hive.

    Lex  28:50 ---  Yeah. That's how you'd have to do that. What he said, what he said, Jordan gets the points that I said you couldn't do it. And then he said how you could. Jordan Ian's point,

    Kelly  29:04 ---  he got the moral victory more. Hi, gents, can you use PowerShell scanner to find a list of ad users not specific to an actual machine? Again, Eric Baba, Bobby,

    Lex  29:19 ---  can you do it? I mean, if you can find an ad, and you can run a PowerShell query against it. Yeah.

    Jordan  29:24 ---  It doesn't make sense as a scanner, because it's not attached to any machine. Yes. is basically you're running PowerShell scripts to query ad at that point, I

    Lex  29:33 ---  guess. Yeah. Where would you put that data? When you put it back in?

    JJ  29:35 ---  You might as well just run that as a script. 

    Jordan  29:38 ---  Maybe you have a dash AD users and then specify, I guess the, the value you're looking at, or if you want to grab all of it. Could you do it on a machine? And I don't know.

    Lex  29:50 ---  That sounds like a script in CSV to me. But

    Kelly  29:57 ---  hey, guys, is there a way to scan a client in inventory that comes online before a heartbeat schedule kicks off and deploy. For example, if an application auto update off my network and now does not need an update pushed via deploy, thanks, guys love the webcasts, Chris.

    Lex  30:16 ---  Chris s No, this is how I do that. Okay, kick it off before, not necessarily, but let's say we were going to schedule Chrome, it's on a heartbeat schedule, I would just go in and add a pre step to kick off the inventory scan you want. And then from there, you can also you know, I guess if you wanted to put conditions on the steps afterwards to not run it, you would probably need to make this a non dateable. So that you can do step one, only do this if they exist in a because properties here, he gets past these properties to run step one, and then step one inside the steps. I guess you actually could not. You can add another step in here, like a Dir. And only run. I don't know, Jordan helped me out here. I know the thought I know we can do it. I'm just trying to think how,

    Jordan  31:09 ---  if it's scanning, that means the questions are going to update. Okay. So you could put in step one, basically, it has to be a member or not a member of this collection, depending on what it is like, basically not a member of we'll say, a Chrome. Okay, and just that way after the scan, it will scan the applications. And then if they move into Chrome latest, you know, you don't need to do the install at that point.

    Lex  31:34 ---  Okay, obviously,

    Jordan  31:36 ---  right. Can you do the install step? Can you do conditions?

    Lex  31:41 ---  On this install step?

    Jordan  31:43 ---  Yeah. I can't control the master.

    Lex  31:46 ---  Can't do. Because it's a

    Jordan  31:48 ---  campaign to collect and

    Lex  31:50 ---  automatic. What is an auto download? It can't. So that's what I say, put another step in here. And then kill it on the second step. If the first step, you know, if it makes it into this collection, then just kill it. That's what I was

    Jordan  32:01 ---  saying, Oh, just a pre step that looks

    Lex  32:02 ---  for that. So step one, run the scanner. Step two, look if it's in and then if it is in Chrome latest then kill the deployment at that point. Usually, there's some PowerShell trickery, I

    Jordan  32:16 ---  know we can do it, you can specify a certain error code that will make it easy to find out this one didn't run because it is already updated. Yeah.

    Lex  32:25 ---  Honestly, a bet ya at 30 seconds after this webcast turn and go. Oh,

    Jordan  32:30 ---  that's usually how it works.

    JJ  32:31 ---   You guys are really gonna have to make up time with this speed round thing.

    Kelly  32:33 ---  Yeah, I was just gonna say so here are five on sorry, you're saying there's a chance there

    Lex  32:39 ---  is a chance you can do it. And that'd be step one, step two and a pre step. Okay. Alright, figured out step two works.

    Kelly  32:48 ---  Hey, guys, what is the best way to have PDQ apply deploy package automatically to an OU and AD, I have set up a schedule with scanners directed at the default computers, OU, and a target of only windows 10 devices with just the heartbeat it continually applies the schedule until I manually moved devices from OU. Brian, why?

    Lex  33:10 ---  No, Brian, you could add a package or a post step after that package. It's a PowerShell step to move it to a new OU. Is that an easy enough way to do it? What are your thoughts Jordan? And my?

    Jordan  33:25 ---  I mean, it depends. So if it's if you're running the deploy against the other machine to move to another, you'd have to have the ad tools to be able to run against it. Okay. But if you're something where after it installs within that one, I guess we could do the same thing we did with the scanner and say, invoke command against the domain controller to move it.

    Lex  33:51 ---  That's what I would do. As far as thinking we do

    JJ  33:55 ---  alright, speed round for real guys.

    Lex  33:58 ---  Right, ask easier? Yes, no question. Okay, these

    JJ  34:00 ---  are a lot of questions coming.

    Lex  34:02 ---  Alright, what else we got?

    Kelly  34:03 ---  All right, guys, is it possible to install Windows 10 Service Pack updates that require the user to click Download slash install to push PowerShell or something else? for him but new ?

    Lex  34:18 ---  If you're doing okay, Windows 10 service packs are totally cumulative updates

    Jordan  34:22 ---  mean is that sometimes you want to silent or did you want to give them an option to say not right now.

    Lex  34:28 ---  So I wouldn't I mean, if you I'd use deploy and if it's cumulative updates, I just use the package and push that if you wanted to let the user say yes or no. There's a webcast called intelligent building smart packages. And we have some PowerShell in there and asking questions in differing so

    Jordan  34:49 ---  yeah, so in that one, it is PowerShell that pops up window them saying, Hey, we want to install this and it gives them a count on like four or five times they can do it.

    Kelly  35:00 ---  All right,

    Lex  35:00 ---  we're getting closer

    Kelly  35:01 ---  Here we go. What is the suggested slash preferred method for managing computers on a VPN or external cellular network? Again, from Brian, why?

    Lex  35:13 ---  to Brian, I would say probably the biggest thing is on your, on your scheduled deployments and stuff for managing those, you are going to want to make sure you have that heartbeat set. Again, you're probably going to need to make sure your VPN, refreshing DNS and all the things to make the VPN work but I would definitely hit it with a heartbeat so that when they do come on to VPN, it'll start, you know, deploying that way. That being said, if their wireless sucks, and their internet connectivity sucks, you can have issues that are outside your control.

    Kelly  35:46 ---  Nice. Did I do it? Yeah, close enough. Hey, guys, not related to scripts. But is there an excellent free SQLite query analyzer that you would recommend for people who want to do custom advanced reports? If I promised to use it on machines that I'm using PowerShell and Deploy then does it relate to today's topic? A Solomon.

    Lex  36:08 ---  Um, we have been loaded on here before we blew this away. What was it called sequel lite skew?

    Jordan  36:15 ---  Yeah, I don't think it's on there now.

    Lex  36:16 ---  No blue. You know, I just googled sequel light and found one that I liked. There's a bunch of them. Little query analyzers maybe that Stephanie is watching. Possibly pop that up? She does most of SQL around here. Don't Have a good one for you.

    Kelly  36:35 ---  All right, here's one you can get in 30 seconds. I'm sure. Not a question. But a comment. Thank you for the 19 point 3.30 nerd nerd builds you did an amazing job on. The optimization inventory is working very nice. Now. Thank you, Marcel. l 

    JJ  36:51 ---  better make it 15 seconds. 

    Lex  36:52 ---  You know, I'm gonna talk on this one. I'm gonna take 59 seconds. But thank you, Marcel. And you know, good job, dev team. You guys rock. I do it?

    Kelly  37:04 ---  You did? Hey, guys, are there any plans to add support for next based systems using SSH or other tools? Eric B.

    Lex  37:12 ---  Now, here's the thing, if you get if you do a network discovery, and you get the Linux machines in, you can build a tool under Tools, custom tools that you can actually call putty and feed it the computer name. I don't think we've got one of those as of yet in here. But you can build one. It works famously well. But yeah, you'd install SSH on the console and then call the putty exe with the computer name. And that's how you get to it.

    Kelly  37:45 ---  Hey, guys, I know it takes a long time for new builds to come out. But did your team have any initial luck in the view processes function? Not working? Jeff P.

    Lex  37:57 ---  I don't know. Kelly, Jordan, anybody?

    Jordan  38:02 ---  I'm not in with what the developers are, like where they're at with it. Sorry, I can't give a good answer for that one.

    Kelly  38:08 ---  We may be able to follow up on that. Follow up. And possibly our final question today, how long does it take a collection to update after the scan is run? Josh? See?

    Lex  38:22 ---  I know this usually it's I will say it's fairly quick. I do know if you click on one it updates as you're opening it. I do know if you initiate a scan from deploy. It does bump to prioritize that. Jordan, any additional thoughts that you know about that I haven't brought up in regards to collections updating.

    Jordan  38:45 ---  And I don't I'm not way off base on this, I think but I think the information on the backend updates before you can see it visually within the collection. But the collections update pretty quick after the scan. It doesn't take more than a few seconds.

    Lex  38:58 ---  Yeah. Now granted, also the size your database might have an effect on that. But yeah. Well guys, hey, scan profiles, WMI, little files and directories and some PowerShell hopefully you learned something. Thank you guys for watching. I'm Lex PDQ.com.

    Kelly  39:18 ---  Thanks for joining our webcast today. If you have additional questions, feel free to reach out to our support forums. We appreciate you watching and we'll see you back here next week.

    company JJB
    JJ Bateman

    JJ is a technical creative. He finds joy in programming, automation, and in participating in the artistic sides of things. You'll often find him drinking on Thursdays on the PDQ webcast, rambling and raging remotely at the Bermuda Triangle/heisenbug-tier tech at the studio in SLC.

    Related articles