Monday, October 5, 2009

BigFix on the Mac

BigFix? http://bigfix.com
What's that? It's a systems management tool!
It's a big tool, with lots of stuff you can do. One of those things is deploy software or scripts to machines based on there current settings. It's called relevance.

If a machine needs the latest firefox update, we can automatically push it, based on the relevance. For example, if it's version is less than the current version, it will update.
If our admin account is missing from the machine, it can automatically add our account. Super awesome password and all. Secure and tracked using SHA1.

I've create a few tasks in BigFix so far and here are some examples of the relevance.

For the 10.6.1 update, the relevance is:
(system version = "10.6")

For Enabling remote management (Checks that Remote Management is not running and that our admin account is available):
((name of operating system = "Mac OS X") AND (not exists process whose (name of it starts with "ARDAgent")) AND (exists user "etcadmin"))

For enabling remote login (Checks overrides.plist to see if it's disabled):
(system version >= "10.6") AND (exists ((booleans of values of entries whose (key of it is "Disabled") of dictionary "com.openssh.sshd" of dictionaries of file "/private/var/db/launchd.db/com.apple.launchd/overrides.plist")) whose (it = true))

So far, it's been working pretty well. Routers slow the process down, but university IP addresses get the tasks right away. More examples to come as I work on them.

Enjoy BigFix on the Mac

No comments: