Help

Execute Script when target is removed from a group?

Go to solution
kish_jayson
Contributor

Posted on ‎04-30-2014 10:51 AM

Is it possible to create a policy that executes a script when a target machine is removed from a Static Computer Group?

For example:

I have scoped a policy to install Firefox on any machine placed in a Static Computer Group called "Firefox". However I would like to execute a Script to remove Firefox from that machine in the event that it's ever removed from that group.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Josh_S
Contributor III

Posted on ‎04-30-2014 01:12 PM

@kish.jayson][/url - There are a couple different ways to do this with Casper 9.

You could make a smart group based on the group membership of the other group. "Remove Firefox": "Computer Group" "not member of" "Firefox". Add in an additional criterion to check if Firefox is installed. Scope an uninstall policy on this smart group. If it's not in the Firefox group, but it has Firefox installed, it will uninstall.

You could also use "Exclusions" within the policy itself. Create a Remove Firefox policy.
Scope:

  • Targets: Computers with Firefox installed.
  • Exclusions: Firefox static computer group.

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
Josh_S
Contributor III

Posted on ‎04-30-2014 01:12 PM

@kish.jayson][/url - There are a couple different ways to do this with Casper 9.

You could make a smart group based on the group membership of the other group. "Remove Firefox": "Computer Group" "not member of" "Firefox". Add in an additional criterion to check if Firefox is installed. Scope an uninstall policy on this smart group. If it's not in the Firefox group, but it has Firefox installed, it will uninstall.

You could also use "Exclusions" within the policy itself. Create a Remove Firefox policy.
Scope:

  • Targets: Computers with Firefox installed.
  • Exclusions: Firefox static computer group.
0 Kudos

Go to solution
kish_jayson
Contributor

Posted on ‎05-22-2014 11:12 AM

Based on your suggestion, here is what I ultimately ended up with. This method has allowed me to; install Firefox, remove Firefox, update Firefox (without maintaining two versions of the package on the JSS), and re-install Firefox when a machine is re-imaged, all without ever having to flush a single policy log.

Components:

+Firefox.pkg+           Package
+remove_Firefox.sh+     Script

+Firefox+               Static Computer Group
+deploy_Firefox+            Smart Computer Group
+remove_Firefox+            Smart Computer Group

+Install_Firefox+           Policy
+Remove_Firefox+            Policy

Component Details:

+**deploy_Firefox**+, Smart Computer Group

    Application Title does not have +Firefox.app+
AND Computer Group member of +Firefox+
OR  Application Title has +Firefox.app+
AND Application Version is not +29.0.1+
AND Computer Group member of +Firefox+


+**remove_Firefox**+, Smart Computer Group

    Application Title has +Firefox.app+
AND Computer Group not member of +Firefox+


+**Install_Firefox**+, Policy

Trigger:            Recurring Check-In
Execution Frequency:        Ongoing
Packages:           Install +Firefox.pkg+
Maintenance:            Update Inventory
Scope:              +deploy_Firefox+, Smart Computer Group


+**Remove_Firefox**+, Policy

Trigger:            Recurring Check-In
Execution Frequency:        Ongoing
Packages:           Uninstall +Firefox.pkg+
Scripts:            +remove_Firefox.sh+
Maintenance:            Update Inventory
Scope:              +remove_Firefox+, Smart Computer Group
0 Kudos