Session Relevance with AD site and Group membership

We populate AD Site as a client property for all our clients and relays. I’m working on a relay affiliation method and what I need is the below session relevance figured out. It’s the group membership that’s messing with me.

(names of it) of bes computers
whose (
(value of results (bes property “AD Site”, it) = “site name”)
(member of it of group 1111 of site “CustomSite_BES_Servers”)
)

How about something like:

names of members whose (value of result from (bes property “AD Site”) of it as string = “site name”) of bes computer groups whose (id of it = 1111 AND name of site of it = “BES Servers”)

2 Likes

Nailed it!

Could we add one more thing? If a site has 2 or more relays, can we return the lease used relay of that site? I guess the better way to say that is, “give me the lease used server at that site”

I’m curious, what are you trying to achieve with the relay affiliation you are working on? Is relay auto-selection not working?

No. We can’t use auto select because of VPN and some other factors.

You can detect when the VPN connects and trigger a relay auto-selection at that point.

I would be surprised if there wasn’t a way to get auto-selection to work for you.

I’m told we tried auto-select in the past and because of our topography, we have clients talking to relays they have no business toaking to. We are having to be very deliberate where we send clients.

This may be due to how you set up the affiliation groups. If you just try auto-selection without affiliation groups, then clients will pick relays in a fairly random way based upon hop count.

Using affiliation groups, you have relays in one particular area advertise a group for that area, then you have clients in that area look for relays that are members of that same affiliation group. This is how you prevent clients from talking to the wrong relays.

It sounds like you are putting in a huge effort to use manual relay selection when you may not need to.