I am looking to see how people are handling new systems when they are joined to the domain. Is there a way to pull all objects from the default security group Domain Computers. I feel this is the easiest way to grab all new machines on the domain since this should contain all the objects and then add them to an automatic group where I can run a relevance statement to see which have the service installed. Not sure if this is even possible since I have not had much luck using the AD path option in the past. Any info would be great and if this is even possible.
Why not use a GPO to run a short script that looks for the BES Client and if it doesn’t find it, install it?
Tim,
That makes sense and thought about testing it that way but we have a lot of different OU’s and management of GP is great already so we were hoping to query AD with an Auto group and gather the objects that way. Is this possible?
I’m not sure I understand what you are asking for. BigFix clients can’t tell you where the client ISN’T installed. It can only tell you about systems where it IS installed. Also, remember that the client is only reporting information from the Endpoint itself, including the AD information about that computer, if it exists. The console reassembles the AD OU structure for display purposes.
The Endpoints update their AD information every 12 hours by default to prevent overloading the AD Domain Controllers.
You can use the Unmanaged Asset tool (using NMAP) to scan IP Ranges for IP’s that don’t have the BES Clint installed, and you can then push the client to them (assuming you have access to an Account with Local Admin rights).
Where I work, we tend to build from Images for speed and consistency, so the Client is already installed in the Image with it’s internal ID and Sequence Number registry entries removed. We never rely on the default OS as delivered from a Vendor, all systems are currently rebuilt after delivery from the Vendor. We are almost ready for our Primay vendor to begin delivering systems with our custom built images, to include BES Client and our Masthead file.
Tim,
Thanks for the explanation and was aware of the NMAP tool but not that easy to get that implemented here. We are installing on all new systems in our image process but wanted to see if there was another way beside the NMAP tool to accomplish this but understand. Thank you again Tim you are a great resource of information.