cancel
Showing results for 
Search instead for 
Did you mean: 
harik
Level 7

Apply a tag using a query to find list of machines in specific group of OU - Possible?

I have few machines in one specific group of OU, these should be automatically moved to a group under System Tree of ePO once McAfee agents are installed. Is there a way to accomplish this?

I am not lookingf for AD sync option.

Can we acheive this using any query??? Please comment...

0 Kudos
8 Replies
exbrit
Level 21

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Moved provisionally to ePO for better attention.

0 Kudos
mischaboender
Level 11

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Yes, this is possible.

Create a new query with these settings:

  • Result Type:
    • System Management -> Managed Systems
  • Chart:
    • List -> Table
  • Columns:
    • (default)
  • Filter:
    • Last Communication -> Value is not blank (only true for systems with an agent)
    • Group -> System is in group or subgroup (choose your source group)

Now create a server task with these settings:

  • Actions: Run Query
  • Query: (query you just created)
  • Sub-Actions: Move Sytems
  • System Tree Group: (choose your target group)

You could also add an extra sub-action in the server task to send an email with a list systems that have been moved.

0 Kudos
harik
Level 7

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Thanks for your reply.

But the Group in the query would be from ePO System Tree itself but not from AD OU, right?

0 Kudos
mischaboender
Level 11

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Yes, correct.

0 Kudos
harik
Level 7

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Ok. But i need it from specific group from AD??

0 Kudos
mischaboender
Level 11

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Ah, you mean security group, not a (ePO) group in the system tree.

I believe it's not possible to read a security group with computer accounts from AD. But if you know a bit of powershell it should be an easy job (hint: https://community.mcafee.com/docs/DOC-4297).

0 Kudos
mischaboender
Level 11

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Here's how to apply a tag to all ePO systems in a specific Active Directory security group.

([adsi]"LDAP://CN=MyComputerGroup,OU=Department,DC=Company,DC=local").member | %{

    Add-EpoTag -ComputerName $_.Split(",")[0].Replace("CN=","") -TagName "MyTag"

}

Replace the bold/underline text with the DN for your security group and the tag you want to apply. Don't forget to run "Connect-EpoServer" first.

0 Kudos
harik
Level 7

Re: Apply a tag using a query to find list of machines in specific group of OU - Possible?

Thanks for your reply. But we are not planning to use any third party tools for this.

0 Kudos