2 Replies Latest reply on Nov 21, 2014 5:19 AM by Nick Chard

    Compliance against extended objects

      I am currently having a problem running a compliance job against an Extended Object.


      I have created a Component Template, and in Local Configuration Objects I have created an Extended Object that returns a list of Windows scheduled Tasks. The EO is

      schtasks /query /V /FO CSV

      Remote execution, csv file grammar (csv.gm)


      This works as expected, and returns a list of tasks on the target computer, with 25 different columns, each representing a different property of each task.



      I have created a compliance job that looks for the task name, which is contained in Value 1. The problem being that this compliance job always fails.


      When I am creating my compliance rule, I have selected a new Basic Condition, I can then choose from Extended Object or Extended Object Entry. The first option, Extended Object, lets me perform compliance against the Extended Object, and a simple “Exists” condition will be successful because it sees that the Extended Object exists.


      The second option, Extended Object Entry seems to be the one I need for matching Value1. However, this always fails compliance. A simple “Exists” condition fails, so does "Extended Object Entry:Scheduled Tasks Query"."Value1 as String (All OS)" Contains “xxx”.

      It appears that the compliance job can’t read the entries of my Extended Object, and fails no matter what I select.

      I tried changing the output of the Extended Object but the results are the same

      schtasks /query /V /FO table
      with name space value grammar (nsvp_space.gm)


      Next I tried to change the compliance rule to use foreach instead of basic condition. This had the opposite problem, and all compliance rules are compliant, no matter what conditions I create.





      I found this forum post that relates to the same problem, but the solution of using name = value grammar file made the Extended Object unreadable.



      Can anyone offer a solution?



        • 1. Re: Compliance against extended objects
          Bill Robinson

          for each "Extended Object Entry:Scheduled Tasks Query//**" ? that should recurse through each item.

          1 of 1 people found this helpful
          • 2. Re: Compliance against extended objects

            Thanks for your input Bill Robinson, you pointed me in the right direction and I have found the solution.


            "Extended Object Entry:Scheduled Tasks Query//**" is the correct way to recurse through each object returned by my Extended Object. When I tested this, I found that my task name was found, but the foreach loop was returning an overall non-compliant result. Presumably because it would only be compliant if every object contained a match.




            I needed the rule to be compliant if it found just one match, so that led me to experiment with some of the other compliance types.


            The obvious choice was Exists Loop (at least one asset must comply)



            I stated "Extended Object Entry:Scheduled Tasks Query//**" as my object to loop through.

            Then I could select my value to match - Value1 in my case, which is the task name.

            Now I get a compliant result when one of the results contains a match.



            I can also extend this so that I can match other properties of the scheduled task.


            Value1 = TaskName, eg DeleteLogs

            Value3 = Status, eg != Could not start

            Value6 = Last Result, eg 0

            Value11 = Scheduled Task State, eg Enabled

            Value14 = Run As User, eg SYSTEM


            So now my rule looks like this


            and it is only compliant when one entry matches all those conditions, eg