(imported topic written by pbrenza91)
I am trying to find other users who may be using both of these products so I can deploy fixlet’s out to our BES clients while they also have DeepFreeze installed with affecting the BES database.
I am also looking for anyone who has created any custom fixlets in BES that allow the fixlets to unfreeze the workstations, send the fixlet out and apply the fixlet, and then restart the workstations in frozen mode.
Any information would be appreciated.
Thanks.
PJB
(imported comment written by Lee Wei)
In case you have not seen this from Faronics, here is their technical whitepaper written to work with BigFix:
(imported comment written by pbrenza91)
Yes. In fact I did a web conference with Faronics this afternoon about these issues. He made some recommendations about importing and/or creating custom fixlets that may help in reference to getting patches to stick. I have not seen any real answers to the duplicate computer issues though. I appreciate your response.
I understand that several educational institutions are trying to use both products, but no one has any real answers to the duplicate computer issues and/or any easy way to deploy the patches without manually placing the Deepfreeze clients into thawed mode, sending updates out, then putting the workstations back into frozen mode.
PJB
(imported comment written by jessewk)
Here are a couple of threads that discuss Deep Freeze and how it relates to BigFix:
(imported comment written by rdamours91)
The Faronics thing is an issue.
I’ve got a job that runs on the Bes server once every half hour that deletes duplicate computers as I want the Bes client to always be reporting in and I don’t want to stop the Bes client like the recommendation in the Faronics white paper. I’ve got about 6,000 pc’s or so with DeepFreeze installed so I can’t have the duplicates build up and throw off my inventory, etc.
DeepFreeze versions 6.1 and up now write to the registry with both the version and the state of the pc “thawed”, “frozen”, “seed”. I also have a thaw schedule set for between midnight and 6 am so the pc’s will get updates in the event they are ever left on or the tech thaws the pc to perform maintenance. I’ve also standardized on DeepFreeze 6.1 for now and have my baselines dynamically look with relevence for the pc’s with DeepFreeze not installed or “thawed” before the patches apply.
Here’s the relevence on my baselines that looks for DeepFreeze not installed or if it is installed it must have a thaw state to apply. Forgive me if the code looks like a monkey has written it as it was one of the first things I wrote. Over the Christmas break I will re-write it to make it a little more elegant and look for version 6.1 and greater…it does work in the interim though.
((name of operating system = “Win2000” OR name of operating system = “WinXP” OR name of operating system = “WinVista”) AND (value “UpperFilters” of key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class{4D36E967-E325-11CE-BFC1-08002BE10318}” of registry as string does not contain “DeepFrz%00”)) or ((name of operating system = “Win2000” OR name of operating system = “WinXP” OR name of operating system = “WinVista”) AND ((Exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Faronics\Deep Freeze 6” of registry) and ((value “DF Version” of it as string as lowercase = “6.10.220.1616”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Faronics\Deep Freeze 6” of registry) and ((value “DF Status” of it as string as lowercase = “thawed”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Faronics\Deep Freeze 6” of registry)))