• State Suggested Answer
  • Replies 4 replies
  • Answers 2 answers
  • Subscribers 19 subscribers
  • Views 2728 views
  • Users 0 members are here
Options
Related

Help me rewrite this logic that requires and with or together

sauerk
over 2 years ago

We have a VPN group where GPO based software deployment just doesnt work.  I think its because its not really on the domain until the user logs in with cached credentials to windows and then lauches the VPN application and authenticates.  Then we have a 2 Network Login desktop icon they run, which executes slogic.bat /event logon from the netlogon share.

Ran into an issue today where a user was getting a pop up message about a program was already installed and to make any changes they would have to go to Add/Remove programs.  It didn't say what it was, but in sltrace.htm It was the Proofpoint secure share plugin for Outlook.

I checked and its an msiexec command with appropriate arguments to silently install the app under certain conditions.  The conditions are

IF IP equals 192.168.55.*   (this is our VPN subnet)
AND File Exists Not Equal C:\Program Files (x86)\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe

Well the person has it installed but its not in (x86) like my two test computers, but it is in that folder on my other laptop and apparently this users.  I thought maybe I could just look in the registry instead but for the problem user its in HKLM\Software\Proofpoint, whereas in my two machines its in HKLM\SOFTWARE\WOW6432Node\Proofpoint.  I checked our inventory system Lansweeper, and theres no discernable difference between the product name or version between my computers and the problem computer or another test laptop.  They are all 64 bit Windows machines.

So I need the logic to be like this....

IF IP equals 192.168.55.*   (this is our VPN subnet)
AND File Exists Not Equal C:\Program Files (x86)\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe

OR

IF IP equals 192.168.55.*   (this is our VPN subnet)
AND File Exists Not Equal C:\Program Files\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe

But the OR/AND is a radio button.  Really it should be blocks you could drag and drop AND's or OR's wherever you want in the list. 

Is there a way to rewrite this condition?  Do you think I need to split this up into multiple application launcher elements?  Like one checking for the Program Files (x86) element and if it exists drop a file or registry key somewhere, then a second element checking if the Program Files entry exists, if so drap a file or registry key somewhere, and then finally a third element that looks to see if that registry key or file exists and if it doesn't go ahead and install the software?  That seems like the only programmatic way to resolve this.

Parents
  • 0 over 2 years ago

    Hello,

    Indeed, when you use Desktop Authority to create a condition, there are limitations when you try to group condition statements since you cannot branch AND or OR.

    You have several options to do this, since OR statements result TRUE when either one condition C1 or C2 is TRUE, in this case, given the fact that you have two different statements

    C1 = C:\Program Files\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe
    C2 = C:\Program Files (x86)\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe

    Then you have several options to implement.

    The first option is simply to create two elements E1 and E2 and assign each one a different statement or condition C1 and C2, as these are two different elements, then if C1 returns TRUE or C2 returns TRUE then the element will be applied.

    However, in this particular case, you want to find a file in one of two different locations, and I think you want to execute the element only if the file is not present in either location, indicating the software is not installed at all.

    If that is correct then you cannot use an OR operator because when it is 32 bits it will be located in ProgramFiles, but not in Program Files (x86) (C1), but if it is a 64 bits architecture it will be in Program Files (x86) and not in Program files (C2), as you can see it will always execute the element because the file will not be in both places at the same time.

    If you want to install the software only when the software does not exist, then you should use the condition:

    IF IP equals 192.168.55.* (this is our VPN subnet)
    AND File Exists Not Equal C:\Program Files (x86)\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe
    AND File Exists Not Equal C:\Program Files\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe

    With this, you will ensure the file is not in either location and the IP belongs to your VPN range.

    In the future, if you need to set an element with nested AND/OR, you may use the Definitions section in Profile or Global Options and use a script to determine the value, later on, you may use that variable in your validation logic for profiles and/or elements. If you need further assistance do not hesitate to create a service request on our Support Portal or call 1-800-306-9329.

Reply
  • 0 over 2 years ago

    Hello,

    Indeed, when you use Desktop Authority to create a condition, there are limitations when you try to group condition statements since you cannot branch AND or OR.

    You have several options to do this, since OR statements result TRUE when either one condition C1 or C2 is TRUE, in this case, given the fact that you have two different statements

    C1 = C:\Program Files\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe
    C2 = C:\Program Files (x86)\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe

    Then you have several options to implement.

    The first option is simply to create two elements E1 and E2 and assign each one a different statement or condition C1 and C2, as these are two different elements, then if C1 returns TRUE or C2 returns TRUE then the element will be applied.

    However, in this particular case, you want to find a file in one of two different locations, and I think you want to execute the element only if the file is not present in either location, indicating the software is not installed at all.

    If that is correct then you cannot use an OR operator because when it is 32 bits it will be located in ProgramFiles, but not in Program Files (x86) (C1), but if it is a 64 bits architecture it will be in Program Files (x86) and not in Program files (C2), as you can see it will always execute the element because the file will not be in both places at the same time.

    If you want to install the software only when the software does not exist, then you should use the condition:

    IF IP equals 192.168.55.* (this is our VPN subnet)
    AND File Exists Not Equal C:\Program Files (x86)\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe
    AND File Exists Not Equal C:\Program Files\Proofpoint\Proofpoint Secure Share Plug-in\PPShareNotify.exe

    With this, you will ensure the file is not in either location and the IP belongs to your VPN range.

    In the future, if you need to set an element with nested AND/OR, you may use the Definitions section in Profile or Global Options and use a script to determine the value, later on, you may use that variable in your validation logic for profiles and/or elements. If you need further assistance do not hesitate to create a service request on our Support Portal or call 1-800-306-9329.

Children
No Data