Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


DarrenWhite99 last won the day on May 24

DarrenWhite99 had the most liked content!

Community Reputation

164 Excellent

My Information

  • Location
    Redding, California, US
  • Agent Count
    1000 - 1500 Agents


    Senior Network Engineer

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Version 1.0.1


    The AD Plugin will not operate properly if credentials are missing or are not valid. This monitor will report any Domain Controller Infrastructure Master that does not have valid credentials associated with it. This is the same information available in the plugin, but you can be automatically notified when there is a problem instead of having to check it manually. Thank You to @Jacobsa for the suggestion!
  2. Version 1.0.0


    This script takes a filename to capture as a parameter. The output is a PowerShell script capable of restoring the original file. The output will be no more than 70 characters wide and is Base64 encoded. The original filename and path is also Base64 encoded Unicode, so any valid file (even with international or Emoji characters) can be captured. The file timestamp is also captured and restored. This is meant as an alternative way to capture binary content that can be transmitted as plain text and used to easily re-create the file just by running a script. The capture and restore has been tested with PoSH2/Server2003 and Windows 10. Example to Capture: powershell.exe -file captureportablefile.ps1 "c:\filetoretrieve.dat" > restorefile.ps1 The contents can also be placed in the "Execute Script" function with a filename specified as a parameter. (Include quotes around the path if it has spaces). The output script will save the file with the original name\path, or it will accepts a filename parameter for the new file to save to. The output can be used directly in "Execute Script" to re-create the file, on a different agent for example. The script will indicate success or failure restoring the file. Example to restore: powershell.exe -file restorefile.ps1 Example to restore to a different path: powershell.exe -file restorefile.ps1 "c:\newfiletosave.dat" Here is en example of the script output. Running the script below will create a file named "C:\Windows\Temp\Have a ☺ day.zip" $Base64FileName = @' QwA6AFwAVwBpAG4AZABvAHcAcwBcAFQAZQBtAHAAXABIAGEAdgBlACAAYQAgADomIABkAGEAeQA uAHoAaQBwAA== '@ $TimeStamp=[DateTime]636604097389163155 $Base64Contents = @' UEsDBAoAAAAAAP0Am0zn48F+HAAAABwAAAAZAAAASGF2ZSBhIGhhcHB5IGRheS1BTlNJLnR4dEp 1c3Qgc29tZSA/pD8/Pz8/Pz8gc3R1ZmYuDQpQSwMECgAAAAAA6QCbTORcBzs6AAAAOgAAABwAAA BIYXZlIGEgaGFwcHkgZGF5LVVuaWNvZGUudHh0//5KAHUAcwB0ACAAcwBvAG0AZQAgADomPCZrJ jsmQiZqJmAmYyZAJiAAcwB0AHUAZgBmAC4ADQAKAFBLAwQKAAAAAADxAJtMeDSP5jEAAAAxAAAA GQAAAEhhdmUgYSBoYXBweSBkYXktVVRGOC50eHTvu79KdXN0IHNvbWUg4pi64pi84pmr4pi74pm C4pmq4pmg4pmj4pmAIHN0dWZmLg0KUEsBAj8ACgAAAAAA/QCbTOfjwX4cAAAAHAAAABkAJAAAAA AAAAAgAAAAAAAAAEhhdmUgYSBoYXBweSBkYXktQU5TSS50eHQKACAAAAAAAAEAGACFbKN39t3TA UCsDnT23dMB8s/tc/bd0wFQSwECPwAKAAAAAADpAJtM5FwHOzoAAAA6AAAAHAAkAAAAAAAAACAA AABTAAAASGF2ZSBhIGhhcHB5IGRheS1Vbmljb2RlLnR4dAoAIAAAAAAAAQAYANODVGD23dMB0T1 GLPbd0wHRPUYs9t3TAVBLAQI/AAoAAAAAAPEAm0x4NI/mMQAAADEAAAAZACQAAAAAAAAAIAAAAM cAAABIYXZlIGEgaGFwcHkgZGF5LVVURjgudHh0CgAgAAAAAAABABgAYx1uafbd0wFjHW5p9t3TA YN/S2n23dMBUEsFBgAAAAADAAMARAEAAC8BAAAAAA== '@ $FileName=[System.Convert]::FromBase64String($Base64FileName) $FileName=[System.Text.Encoding]::Unicode.GetString($FileName) If(($Args) -ne $Null) { If($Args[0] -match '^[^\*\?]+$') {$FileName=$Args[0]} Else {Write-Output 'Invalid Filename.';break} } Try { $FileContents = [System.Convert]::FromBase64String($Base64Contents) $Null=Mkdir $(Split-Path -Path $FileName) -EA 0 Set-Content -Literal $FileName -Value $FileContents -Encoding Byte (Get-Item $($FileName)).LastWriteTimeUtc=$TimeStamp Write-Output "File restore complete: $($FileName)" } Catch {Write-Output "File restore failed: $($FileName)"}
  3. DarrenWhite99

    Computer Audit Dataview

    Version 1.0.1


    This Dataview incorporates some data from the Disk Inventory Dataview and the Computer Chassis Dataview, including Video Card, Memory, and CPU columns.. I created it when a client asked for assistance gathering this information. The first time we exported from multiple Dataviews and merged the columns in Excel. The next time they asked I made this so that 1 Dataview had all the columns that were important in this instance. Perhaps you would like these columns in a single Dataview also. The SQL is safe to import through Control Center->Tools->Import SQL. The Dataview should be added into the Inventory folder.
  4. Version 1.0.0


    I got tired of the useless/wrong BAD PROCESS tickets created by the stock "PROC - Bad Processes Detected" monitor, such as the "Reg.hta" classification alerting when Reg.exe is found running. This SQL will clone the stock monitor (Or update itself if you run it again) targeting the same computer groups, and using the same alert settings. (If you have removed the stock monitor it will still create the new one but it will not target any specific groups). This monitor has been adjusted to only match when the process executable matches the Bad Process Executable name. In a perfect world it would match based on the entire path, but the process classification table only holds the EXE name. Still, this should be much more accurate, much less noisy, and when you re-classify a process you are doing for the EXE name, not just the process title. This SQL only creates/updates the new monitor, so don't forget to disable the alerts assigned to the stock monitor or you will get tickets from both of them.
  5. DarrenWhite99

    Add Ticket ExternalID to Dataviews

    Version 1.0.0


    The attached SQL will modify all dataviews that include a ticketid to also include the external ticketid as "Ticket External ID". I suggest copying one or a few of the stock Dataviews, and then running this. While it will update all dataviews with ticket information, many will be flagged as having changes the next time Solution Center is ran and may be reset to original. The copied Dataviews should preserve the additional column. Save the file and import into Control Center using Tools -> Import -> SQL File. It will ask if you want to "Import 1 Statement into the database". If it says there are many statements choose "No", you have an older (buggy) Control Center and you will need to import using SQLYog or some other tool. Keywords: remote monitor free drive drives disk disks volume volumes mounted mount point no letter space percent percentage
  6. DarrenWhite99

    Alert When Agent Is Online

    The v_extradatacomputers reference is actually to a table, not a view. It is refreshed about twice an hour but is only rebuilt daily or perhaps weekly, meaning that new EDFs may take some time to appear there. #To rebuild the table (drop and rebuild the complete structure with all current computer EDFs as columns), run: call v_ExtraData(1,'computers'); #To refresh the table (update the values for existing columns in the table), run: call v_ExtraDataRefresh(1,'computers'); However, I have posted an update that no longer uses this table (avoids the build and view error, and is works immediately on live values) and also calls v_ExtraData for you to ensure the table is built correctly. The script should be the same, just download the new file and import the .SQL. It will automatically update the existing monitor for you!
  7. DarrenWhite99

    Agent Status and User Idle Time Dataview

    Some information on Dataview Formatting can be found here: https://www.labtechgeek.com/topic/3428-dataview-formatting/
  8. DarrenWhite99

    DNS Forwarder Check

    That makes me think that the file was saved in the wrong format. I re-downloaded the .ZIP and opened the file in Notepad, and when I selected "Save As" the type was UTF8. I switched it to ANSI and saved a copy. The file was 1 byte shorter. I didn't try comparing again, I just went ahead and re-uploaded. Try downloading it again, or just open your copy in Notepad and save as "ANSI". Note: Any agent that has already used this monitor will already have a copy of it, which must be deleted before it will be downloaded again. I have another solution that helps with this, comparing the agent copies of files in the Transfer\Monitors folder against the versions on the server and deleting any that are found to be a different size. This keeps remote agents current without you having to do a bunch of manual work anytime you change a remote monitor's file. See https://www.labtechgeek.com/topic/3243-solution-to-keep-exe-remote-monitors-up-to-date-with-the-server/
  9. Version 1.0.1


    This Dataview is basically the same as the "Computer Status" Dataview, but I have added a column for Agent Idle Time. I find it helpful when I need to see quickly which users are on their systems, and which machines are not being used or have long idle times so that I can work without disrupting an active user. I have added another column, `Agent Additional Users`. This shows any other logins reported by Automate, such as on a Terminal Server. For only a couple of columns difference, I have found it to be a very useful dataview and refer to it often. To import, just extract the .sql file from the zip. In Control Center select Tools->Import->SQL File. It will ask if you want to import 3 statements. This is normal. When finished, select Tools->Reload Cache.
  10. Version 1.0.2


    This is a script to test and create or reset the Cache/Location Drive user account credentials and Location Admin credentials. If the credentials are domain based (domain\username, username) they will be tested but will not be reset. If the cacheuser is defined, cannot be validated, and is a local account (.\username) it will be created if missing and the password will be reset. After testing the cache user credentials, the Location Admin will be tested. If it cannot be validated and if it is a local account it will be created if missing, the password will be reset and it will be added to the local Administrators group. The password is always set not to expire if it is being reset. This script relies on the correct Location configuration of the "Login for Administrator Access" the under the "Deployment and Defaults" tab to obtain the Admin credentials. The Cache User credentials are specified by the Location Drive settings on the General tab for the Location.
  11. Version 1.0.0


    You can't directly run .ps1 files in remote monitors like you can .vbs and .bat files. But this applies beyond just remote monitors, .ps1 doesn't run universally like .vbs or .bat. A way to get PowerShell portable is to use a .vbs or .bat file to carry the PowerShell script. Here are a couple of ways you can do this: The first is a generic way to embed text files inside a batch script. The embedded files are extracted and saved apart from the script. This example has two simple text files included. (See BATCH-WITH-EMBEDDED-FILEs.bat) The second script method is a way to include PowerShell code directly inside a batch file. This can run anywhere like a batch and the PowerShell is interpreted directly without creating any secondary files. There is a trade-off, the output will not report the correct line number for any failures, and a script crash can result in no useful output. (Output is buffered. Write-Host will be output immediately. Write-Output will buffer until the script completes.) For this reason it is harder to develop and debug PowerShell wrapped in a batch file. So this method works best when you develop and test a PowerShell script as a separate file, and then simply dump the contents to the end of the Batch framework script. (See BATCH-WITH-EMBEDDED-POWERSHELL.bat) I use method 1 when I need to include standalone files and want to move them all with one file. (An example is a batch script that imports a trusted publisher certificate. The certificate is carried inside the batch, but needs to be its own file for importing by certutil.) I use method 2 anytime I want a batch to run PowerShell. Several of my remote monitors in LabTech are .bat wrapped PowerShell scripts. I don't like creating a batch file that only turns around to create a separate PowerShell file. You have two files to clean up, etc. Aside from the starter scripts, I included examples of how I have used both methods in real life.
  12. Version 1.0.1


    This monitor will return the number of available licenses in the result. I also made the Identity field report the available agent licenses in increments of 10. This means that the monitor identity will be "50" when between 41 and 50 licenses remain, and "40" when between 31 and 40 remain. This means that a unique alert will be triggered each time the available count is reduced by 10 (or more). If you do not want new alerts as the remaining count continues dropping below the threshold, set the identity field to "computers.computerid" (no quotes). The Duplicate Alert Frequency to Once per 7 days. So after 1 week another alert would generate even if the available count did not change. Set to "Send Fail After Success" if you do not want any repeat notifications for the same "incident". The Alert Template should be the stock "Create Ticket" alert. I would suggest this be changed to an alert template that generates email so that the notice can be sent directly to the person who manages agent licenses. Unzip the attached file, and import into Control Center using "Tools -> Import -> SQL File". The Internal Monitor name will be "CWAutomate Agent Licenses Available".
  13. DarrenWhite99

    DNS Forwarder Check

    Version 1.0.2


    This monitor is designed to check the health of your DNS Server Forwarders. Copy "DNSForwarderCheck.vbs" to your LTShare\Transfer\Monitors\ folder. Import the SQL file in Control Center -> Tools -> Import -> SQL File. This will create a group monitor on the "Windows DNS Servers" group under "Service Plans\Windows Servers\Server Roles\Windows Servers Core Services". The monitor action will be "Default - Raise Alert". Here are a couple of examples of Servers with underperforming DNS Forwarders. Once you identify issues, use a tool like GRC DNS Benchmark to identify what your best server choices are. https://www.grc.com/dns/benchmark.htm
  14. Version 1.0.1


    On Windows Agents, LabTech assumes that all volumes have a drive letter associated with them. Volumes mounted to a path (CSV volumes, etc.) are not reported in the drive listing. This is a solution that uses a Remote EXE Monitor to dynamically detect mounted volumes and alert if the free space is below a configurable value. The batch file is a powershell wrapper that queries for mounted volumes with no drive letter and returns a list of all volumes with less that 10 percent free space. The free space level can be passed as a parameter, so it is easy to monitor for 20%, 5%, etc. All volumes have the same threshold however, there is no support for different thresholds on different volumes. The powershell section could also be extracted and used directly. On systems with no matching volumes, the result "No Mounted Volumes detected." is returned. If there are mounted volumes with no drive letter, the output will either be "All Mounted Volumes have above $FreeThreshold% space free.", or "Mounted Volumes at or below $FreeThreshold% free space:" with a list of all volumes that met the criteria. This was implemented as a remote EXE monitor. SQL is included to import the monitor definition to an agent (configured for agent ID 1). See the MountedVolumesFreeSpaceMonitor-README.txt file in the attachment for more details. After importing, the Ticket and Report Category and Alert Template should be verified or assigned to valid values. The monitor command is 'MountedVolumeDiskCheck.bat 10', where 10 represents the free space alert threshold. You can change threshold this globally if assigned to a group, or override the monitor on a per-agent basis to use a different threshold. After importing and testing this monitor on an agent, the monitor can be added to an appropriate group so that Windows Servers will be monitored automatically. See "Configuring Remote Monitors" in the documentation: https://docs.connectwise.com/ConnectWise_Automate/ConnectWise_Automate_Documentation/070/160/040/020 Keywords: remote monitor free drive drives disk disks volume volumes mounted mount point no letter space percent percentage
  15. Version 1.0.1


    This RAWSQL monitor uses data from the Active Directory Plugin to check for active AD Computer Accounts (with recent logon times) that do not have an Automate Agent installed. This is helpful to identify computers that were joined to the domain without the proper procedure, or computers that your agent deployment has not succeeded in reaching. The alert will be targeted against a probe computer for each client, you will need to read the alert body (or subject) to find out the name of the computer without an agent. Because the alerting is "Probe" centric, be aware of the following: If you enable group targeting, and your targeting excludes the probe computer for a client, no machines will be reported for that client. If you have no probe at any location for a client, no machines will be reported for that client. If you Exclude or Ignore the "computer", you are really excluding the Probe Computer, and if you do this no machines will be reported for that client. There is no simple way to Whitelist machines that do not have an agent installed on purpose. You will just have to live with them being reported. To Import: In Control Center, open Tools -> Import -> SQL File. (System->General->Import->SQL File in Automate 12) Select the file, and you should be asked to import 2 statements. (Cancel if it tells you a different number). The Monitor will be named "Domain Computer Without Automate Agent", and it should run every 6 hours. Keywords: active directory domain joined computer object account missing labtech automate agent machine monitor