"maybe boundary now that clients hold that info" if you can query that locally on a client (I didn't look for where that is)... I've never done anything like you've mentioned, but you *could* do something like... an "application" configuration Item where... The "application exists" based on a script, and you write a script which spits out any results *if* the client can respond with "maybe boundary now that clients hold that info" -- where the boundary you are looking for is "Boundary X". When it's Boundary X, then the "application" is installed <wink> so the ConfigItem continues on the inside and runs the detection logic script, and if you've enabled the CI to do so, the remediation script to "apply BITS settings".
What you MAY want to do is have more CIs where the boundary is "these other ones"; and sets the BITS settings back to normal (whatever normal means to you). In case machines travel around. by using the "only deserved if the 'application' is installed in the baseline logic, you can target a large collection, and that client figures out locally if it deserves whatever-it-is, instead of having the collection logic do that. The above is one way to do it. Another way is what you're already doing--the collection does the 'who deserves this'. Another way would be to do something similar using Application deployment logic--craft a custom Global Condition that'll spit out the Boundary that the client knows--and have multiple Deployment Types for each boundary; to set the BITS settings for each one. Another way (slightly old skool); have a task sequence with multiple steps, and the targets have to do a wmi evaluation logic on a step to see if it deserves to run that 'step' of the TS. Lots of ways to get to your end goal; you just need to work out which one makes the most sense for you. Another way--why thousands of boundaries? simplify! We have 300k+ clients, and have a total of 18 boundaries. It's all IP ranges--covering 0.0.0.0 through 255.255.255.254 We used to have fewer than that, but we had to rebalance client counts and had to split up boundaries in slightly awkward ways. 18 feels like a lot to us. On Mon, Nov 28, 2016 at 2:42 PM, Schultz, Michael A < [email protected]> wrote: > We are looking at using compliance settings to apply BITS settings to > machines based on a machine’s subnet or maybe boundary now that clients > hold that info. Has anyone done anything similar? We are currently using > client settings but it involves populating collections based off IP subnet > (boundary) and with almost 100k clients and over a thousand boundaries, it > is nightmare. > > > > Michael Schultz > > Client Systems Engineering > > Information Systems > > Providence Health & Services > > *[email protected]* <[email protected]> > > > > ------------------------------ > > This message is intended for the sole use of the addressee, and may > contain information that is privileged, confidential and exempt from > disclosure under applicable law. If you are not the addressee you are > hereby notified that you may not use, copy, disclose, or distribute to > anyone the message or any information contained in the message. If you have > received this message in error, please immediately advise the sender by > reply email and delete this message. > > -- Thank you, Sherry Kissinger My Parameters: Standardize. Simplify. Automate Blogs: http://www.mofmaster.com, http://mnscug.org/blogs/sherry-kissinger, http://www.smguru.org
