/build/static/layout/Breadcrumb_cap_w.png

Defining a group of all computers except these.

With help from this forum I've been able to identify and label a group of computers that are authorized to run a particular legacy application. How would I prevent the application from being executed on all of our KACE managed computers except for the authorized group? The "Disallowed Programs Policy" script makes it pretty easy to block execution from a defined set, but it wasn't readily apparent how to do the inverse, i.e., block execution from everything except a defined set. Thanks much!

0 Comments   [ + ] Show comments

Answers (3)

Posted by: GillySpy 14 years ago
7th Degree Black Belt
0
I would make a label whose conditions is the inverse of the other one.

You could also make a label that fires after the other one that checks to see if it's in the other label and if it isn't then label it -- this would be a custom filter.
Posted by: cblake 14 years ago
Red Belt
0
A Smart label that looks for a common criteria (like domain name or OS Name), and NOT in the authorized label might be another similar approach.
Posted by: kawelea 14 years ago
Orange Belt
0
Thanks all. Defining the inverse was not as hard as I thought it would be. Within the Scripting/Custom Inventory capabilities, I couldn't find any "Logical Not" functionality, but the capability does exist when defining a Smart Label. So I created a manual label (e.g., "AuthorizedMachines") associated with all the computers authorized to run the software, then created a Smart Label (e.g., "DenyExecute" defined by "Label Name" "does not contain" "Authorized Machines".

So now I can run the "Disallowed Programs Policy" script against the "DenyExecute" label to block them from running the app, and control who can run the app by adding/removing the machine from the "AuthorizedMachines" label.

Anything I should be concerned about with this approach?
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ