Packages ignoring machines with users in specific AD security groups
Hi Guys
Is it possible to run - say an uninstall package - across all computers but ignoring specific machines where the logged in user is in a particular AD security group?
EG we want to ensure people are using a licenced copy of 'MySoftware' and we manage the licensing and distribution of 'MySoftware' by adding users to an AD security group that grants them and their machine access to a network location with the licensed installer.
The problem is they can get unlicensed versions of the software from the internet, so we want to run a PDQ scheduled package that removes all instances of 'MySoftware' from all computers where the user is not in the particular AD security group.
Is that possible?
Thanks.
-
This is doable with a powershell or batch script (dsquery). It can query who is currently logged in, check that AD group, if they are in it, send a good exit code, if not send a bad exit code and tell PDQ Deploy to quit.
Alternatively you can use pdq inventory as well to track, more of a static way.
Please sign in to leave a comment.
Comments
3 comments