This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- General Discussions
- Deployment to AD Security Groups
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-23-2015 03:25 PM
Hi
It would be a useful feature to have if deployment can be done to AD security groups. If we can link dynamic groups to AD security groups, that would be even better so any assets added to the AD security group in future would pick up the deployment automatically.
I also notice a lack of support for AD security groups in general especially computer security groups. This can make deployment tasks a lot easier.
Thanks.
It would be a useful feature to have if deployment can be done to AD security groups. If we can link dynamic groups to AD security groups, that would be even better so any assets added to the AD security group in future would pick up the deployment automatically.
I also notice a lack of support for AD security groups in general especially computer security groups. This can make deployment tasks a lot easier.
Thanks.
Solved! Go to Solution.
Labels:
- Labels:
-
General Discussion
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-17-2015 02:05 PM
You can already do exactly what you are describing below just by slightly modifying the AD group report we linked to.
Below is another example that lists computers in a specific group called "Test Group" that are missing a specific software called "Test Software". You can replace the highlighted criteria with your own. Reports are inherently dynamic. If you add a machine to Test Group, it will automatically show up in the report. The only thing you need to ensure is that your network is actually rescanned so the group change is detected. This can be achieved through scheduled scans. If you then run a scheduled deployment on the report, any machines in the group will automatically receive the software.
There's no need for us to add the AD group field to the dynamic group feature as well. This feature is meant to be a stripped down, simplified version of the report builder found under Reports\Create New Report. We deliberately limited the number of fields it supports. If you need to build a "dynamic group" based on another field, you can simply create a report instead.
Say, if I want to have a piece of software installed to all computers in an AD security group including any future ones I add to the group, I can just set it and forget all about it rather than having to add to both AD groups and Lansweeper deployment group each time.
Below is another example that lists computers in a specific group called "Test Group" that are missing a specific software called "Test Software". You can replace the highlighted criteria with your own. Reports are inherently dynamic. If you add a machine to Test Group, it will automatically show up in the report. The only thing you need to ensure is that your network is actually rescanned so the group change is detected. This can be achieved through scheduled scans. If you then run a scheduled deployment on the report, any machines in the group will automatically receive the software.
There's no need for us to add the AD group field to the dynamic group feature as well. This feature is meant to be a stripped down, simplified version of the report builder found under Reports\Create New Report. We deliberately limited the number of fields it supports. If you need to build a "dynamic group" based on another field, you can simply create a report instead.
Select Top 1000000 tsysOS.Image As icon,
tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
tblAssets.IPAddress,
tblAssets.Firstseen,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblADGroups.Name As ADGroupName,
tblADGroups.Description As ADGroupDescription,
Case tblADGroups.GroupType When -2147483646 Then 'security - global'
When -2147483644 Then 'security - local' When -2147483643 Then 'built-in'
When -2147483640 Then 'security - universal'
When 2 Then 'distribution - global' When 4 Then 'distribution - local'
When 8 Then 'distribution - universal' End As ADGroupType
From tblAssets
Inner Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tblComputersystem On tblAssets.AssetID = tblComputersystem.AssetID
Left Join tblADComputers On tblAssets.AssetID = tblADComputers.AssetID
Left Join tblADMembership On tblADMembership.ChildAdObjectID =
tblADComputers.ADObjectID
Left Join tblADGroups On tblADMembership.ParentAdObjectID =
tblADGroups.ADObjectID
Where tblAssets.AssetID Not In (Select Top 1000000 tblSoftware.AssetID
From tblSoftware Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblSoftware.softID
Where tblSoftwareUni.softwareName = 'Test Software ') And
tblADGroups.Name = 'Test Group ' And tblComputersystem.PartOfDomain = 1 And
tblAssetCustom.State = 1
Order By tblAssets.Domain,
tblAssets.AssetName
10 REPLIES 10
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-09-2015 01:36 PM
FYI for everyone: Lansweeper already scans Active Directory user and computer group memberships, through Domain User Scanning. You can create a report for a specific group and then deploy on this report, manually or on a scheduled basis. There's a sample report in our report center, here.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- New Integration Alert! Lansweeper and ThreatAware Team Up to Strengthen Your Cybersecurity Posture in General Discussions
- Report: Need Last User login from specific Security Group in Product Discussions
- Active Directory Security Group including other security groups in Reports & Analytics
- Split information from two columns in the same row in Reports & Analytics
- Lansweeper Health Checklist in General Discussions
