Using LGPO.EXE with Atera Scripts
I have several policy file variations that I use to quickly push policies to workstation. In the past, I've physically visited the workstation and run something from a thumb drive like:
LGPO.EXE /t .\technicians_pol.txt /v
and it works great. I'd like to start pushing through Atera using the Scripts function, but the LGPO program doesn't seem to have a strictly command line version. As far as I can tell, you have to use a policy file with the LGPO command. Has anyone found a way to to this that doesn't include copying a bunch of temporary files to the local machine or using a file server connection? I could connect everyone to my computer as I push them out, but even if I don't setup a persistent connection, it would suck if I'm pushing something out to 50 computers to have all of those connection to my computer. Any thoughts would be great.
Thanks,
Jeff
Comments
-
I was thinking of putting the file up on an available http source and using CURL to transfer it from a script command, but the possible security concerns of putting even an innocuous file like that in a public space made me rethink it. When you say, "write the "technicians_pol.txt" through the script," how are you proposing to write/create the file? Does Atera have a "write" file function, are you thinking of piping content to a local file, or something else? I hadn't thought about piping text to a file using Atera scripts until your reply. I might give that a try and see what happens. Please note that we block unsigned PowerShell scripts, so other than single line commands that can be run through batch files, Powershell is not an option. I've already dug into the painfully complex and difficult options for signing my own scripts, but with my limited resources, can't reasonably sign my own scripts.
On a side note, last week, I successfully did a test transfer of a script created file from an endpoint to my "IT" computer from several workstations, but had to run the script as the logged in user instead of system user for it to function. The same security issues concerns me where a central and open repository would be a security weakness that I'd rather not have to figure out and spend resources on protecting. It would be nice if the Atera agent could facilitate creating/transferring local files through it's secure agent. Does anyone know if there is a function like that?
Thanks,
Jeff
0 -
Hi @jeff ,
indeed I was thinking about piping the data into a file but if that is not allowed in your IT environment it might not be an option.
How about using a SharePoint or alternative product which is available on each computer so you can store the data over there and synchronize it with the correct client software? This would vanish the http download but as a negative side effect would give the enduser potential insights in your scripts.
0 -
@jeff Hi Jeff. For that need, I use a S3 repository (Object Storage).
In my script, I use a http download with powershell command "Invoke-WebRequest -Uri"
It works fine, and available from everywhere.1 -
No, piping to a file is fine in my environment. We just block powershell scripts that aren't signed, which means just about every powershell script that exists. I can still pipe through a .BAT file and I can do single line PS commands from a .BAT file, so unless something unexpected happens, it should work fine, possibly, mayby. :D I haven't gotten around to playing with it yet, but I'll update if it works out well and reliably.
Thanks.
0 -
Hi Samuel,
That is interesting. I don't do much with S3. I did have a client several years ago who had a backup program that piped to the Amazon S3 cloud, but they moved to an established turnkey system after some problems. What would be the benefit of S3 over an ?open/shared? S3 file?
Thanks.
0 -
Hi Jeff,
For that part, I use S3 storage on Scaleways. It's a low cost storage solution.
Available from everywhere (for all my customers, no need to access to specific server or anything else).
You can create a HTTPS link for each files.
So it's easy to use for scripts and automations needs.2
Topics
- All Topics
- 39 Getting started
- 23 Read before posting
- 8 Meet and greet
- 211 General
- 59 News and announcements
- Swag
- 1 Roadmap updates
- 63 Resources
- 8 Knowledge Base
- 11 Webinars
- 1 Shared Script Library
- 1 Blog
- 14 Pro Tips
- 26 Got an idea?
- 1 ActionAI
- 1 Copilot
- 117 Remote Monitoring and Management
- 76 Remote Monitoring
- 23 Patch Management
- 86 Professional Services Automation
- 51 Helpdesk
- 16 Billing
- 18 Reporting
- 32 Integrations & add-ons
- 18 Integrations
- 10 Add-ons
- 93 Scripting and automations
- 55 Scripts
- 28 Automations