on 04-12-2013 9:22 AM
Hi,
We have successfully installed SAP Afaria 7.0 sp1 and now able to take care of our android mobile devices without any issue.
Now we want to take care our windows 2008 PC 's also with the help of Afaria. I do not find any specific configuration document for PC's.Let me know what client we have to installed in PC's so that we can connect it to Afaria like in mobile we installed afaria client from android market place.
Any hint
Regards,
Jituda
Hi,
Can anyone help finding all the dynamic predefined variables available in Afaria channel?
Variables For Ex: InteractiveUserName, ConnectionSpeed, etc.,
I am new to Afaria, so bit struggling to find out all such available variables.
Mainly I wanna know whether we have any such variable called "SendFilesFailed"?
Please help.
Thanks and Regards,
Anand
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
you have to create a channel as well, otherwise the communication between the windows 7 and the afaria server wont work.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
In Afaria Admin UI, go to 'Policy' screen and create an enrollment policy for "Windows Vista, Windows 2008 or Windows 7".
You will see download button in the policy summary screen. Clicking this button downloads the Windows client on your laptop.
After the client is downloaded, fill in other fields in the enrollment policy, create a session policy and link these two policies to a group.
Launch the Afaria client on your Windows 2008 device and click 'Connect' button.
Do let me know, if you need specific settings to enroll the device. I shall provide you if needed.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
I have created the downloadable client file and managed to connect to the Afaria server from the Windows machine.
I am now facing the lack of documentation for Windows machins for enrolling policies such as:
1. Deploying files to the windows clients
2. Managing windows Password Policies
3. Encryption of windows machines
4. Using Afaria Acress Control
Can you please guide me on how to create these policies and deploy for Windows clients?
Thank you
Raz Rafaeli
Hello Raz,
In order to manage your devices efficiently, you would need to create Groups (collection of your devices) and policies to be applied. Link a group to a policy to manage all devices in that group. Hence you must start by creating a group out of these available types:
Creating a Group (Dynamic):
Similarly, you could create other groups based on your requirements. Once you are done creating a group, create policies you would want to push on your devices. Creating a policy is as easy as:
Create a policy for scheduling device connections, collecting inventory, and configuring device settings for Windows computers.
The policy includes multiple pages, such as Summary and Schedule. Complete them in any order. To save changes on all pages, click Save at the top of any page.
You can specify duplicate policy names across tenants and within a tenant for all policy types. Changes made in the Afaria application to support duplicate policy names are compatible with Afaria 6.6 and Afaria 7 servers.
• Note – add a description for the policy.
State – indicate published or unpublished. Connecting devices receive only published policies.
• Priority – set a user-defined value that Afaria uses to determine which configuration policy prevails when multiple policies define the same default settings. The lower the numeric value, the higher the priority.
• Authentication – require the server to verify the connecting user’s identity against your authentication authority before allowing the channel to run. This option is available only if you have authentication enabled on the server, as defined on the Server >Configuration > Security page.
• Inventory – select the inventory type to collect. You can view inventory information on the Device page's Device Inspector.
• None – no inventory collection.
• Hardware – scan collects data relating to the device's physical components, such as processors and memory cards.
• Hardware and Software – scan collects hardware data and data for installed software.
On the Schedule page, you can select, edit, create, or delete schedules to define a schedule’s basic type and time properties.
In the selected schedule click Retries to define the number of times the server should retry the scheduled task, if the task fails. The retry interval is the time to wait before the next retry attempt. Retry attempts cease if the scheduled task succeeds.
Enter the following details to create a new schedule:
• Schedule – a meaningful name for the schedule.
• Note – description of the scheduled task.
• Type – type of schedule:
• For “Daily” or “Weekly” type, select the days of the week.
• For “Monthly” type, select the months of the year.
• For “Once” type, select immediately for the earliest available day at specified time, or select a specified date/time schedule.
• Setting – change the start date, time, repeat, or retry preferences by changing the settings for each individually listed schedule.
• Rate – enter the start time and days for the schedule and indicate whether to run the schedule at start-up if the server was not running at the defined start time. The options displayed here are based on the schedule type selected.
• Range – indicate whether to run the schedule always or enter the starting and the ending date range for the schedule.
• Repeat – enter the parameters for repeating the scheduled task. You can repeat until a certain time or day or for certain duration.
• Randomize – enter the parameters for randomizing the start time for the scheduled task.
Creating a Session Policy:
Create a policy for running session channels on Android, BlackBerry, Windows Mobile, or Windows devices.The policy includes multiple pages. Clicking the Save button at the top of any page saves all pages.
The connecting device requests the default channel during every connection.
For the purpose of sending files to your client, you would need a channel created and associated to a session policy which should be linked to your Group or alternatively, you may bind your channel to your enrollment policy to send the file while enrollment.
Enrollment Policy > General > Channel > Setup
Creating A Channel:
You may create channel through ‘Channel Administrator’ present in Start Menu option or in Afaria folder.
You would then see a new window ‘Work Object Editor’, wherein you may create a worklist or a sendlist object for your channel by right-clicking on the channel name.
Give a name to your worklist/sendlist object, for ex: “Deploy File”.
You will now see the events in right-side panel like: Make Directory, Send File To Client, etc.
Double-click on the event you want to add and fill in the required details. For Ex:
Source & Target File in case of ‘Send File To Client’. You may also use session variables to get the value of Target file on run-time.
Click Save and then close ‘Work Object Editor’.
Publish this channel by selecting the channel and clicking on the ‘Green Dot’ in the Channel Administrator toolbar.
When this channel is run your file should be deployed to Windows client.
Raz,
Not sure about Windows device but as far as Windows Professional or Standard devices are concerned, you could create a configuration policy for password & encryption settings. Under Security tab, you would find options to set password policy & encryption. Steps are:
1. On the Policy page, on the top toolbar, click New > Configuration > Windows Mobile Professional or New > Configuration > Windows Mobile Standard.
2. On the Security page, click Add.
3. Select the Install or Uninstall mode.
4. Click Delete at the top of the page to delete the Security Policy.
Password tab:
• Set the minimum length, change rate, disallow previous passwords.
• Power-on Enforcement – enforces password use at the device. Data Security Manager offers flexible password criteria so that you can define a device password that meets your enterprise’s password strength requirements.
• Initial password – establishes an initial value for the user password if a device password or Data Security Manager password does not already exist. This value does not override an existing user password. You must communicate this password to the user.
• Administrator password – implements an administrator password on the device.
You can use the administrator password to access the user interface at any time, including when the device enters a lock downstate with the user password disabled.
Note:
The initial user password can be the same as the administrator password.
• Sample password – allows you to validate test password against defined password rules.
• Setting – select from the Available list of Format Rules.
• Allow minutes idle before password prompt – defines a time period of inactivity that must expire before Data Security Manager requires a password again.
• Allow minutes idle before power off for Windows Mobile 5 pre-AKU 2.x – defines whether to lock and turn off the device after a defined period of inactivity, rather than waiting for the user to manually lock the device. The time period you define begins after the last user interaction, plus any time period you define for the “Allow… before password prompt” data element.
• Click on the State for Data to Encrypt on the Inbox, Notes, or PIM (Calendar, Contacts, Tasks).
• Additional files to encrypt – identifies the additional data items you selected for encryption. Click Add, and click Not Included to include sub folders and click the Save icon.
• Allow the user to select additional files for encryption – defines whether the user is allowed to use the Data Security Manager interface to select additional device data items for encryption.
Any update on documentation for creating policies and/or scripting for Windows machines?
The main tasks I wish to create are:
I am in the dark with using the Channel Administrator. I was able to do the Send File to Client command, but even then I don't know how to push the file to the client without their interaction. I have to hit the "Connect" button on the Afaria Client on the Windows machine I'm sending the file to. I thought that by selecting that Windows device in the Afaria web console and hitting "run channel" would push the file (or any work/send lists for that matter).
Hi,
With the session manager for windows 32 client you can work on many features .
Few Good features you can work for windows 32 .
1. Hardware Inventory
2.Software Inventory
3. Run VBscript
4. Run Jscript
5. Run Batch file
6. Registry setting : (Disable of USB , CDROM check for registry setting to disable the same )
7. Silent installation of application
8. Uninstallation of application
9. send file on system
10 .Delete file on system
11. Directory details
12 .execution of application
Ok. I have some additional questions for Windows-based management in Afaria:
Thank you!
Hi,
2 .Get a report on which computers have, for instance, Microsoft Office installed and what version of Office (so that we can know how many licenses have been used). If so, how (do we use custom views or dynamic groups?)
3. Easy way to show which computers are online and offline (on and connected to Afaria).
4. Does the laptop management have a command for locking and/or completely wiping the hard drive.
Thank you for your quick replies!!!
I was able to successfully use the Channel Adminstrator to push registry changes to lock the dvd drive and usb ports!!
A few more questions regarding PC administration via Afaria. Are these possible?
1. Windows 8 Store: Ability to allow only approved apps to be downloaded in the store vs using a specific portal for users to download software. (This might allow them to browse other apps in case they find another useful app and have to request I add it to the list before they can download it from the store)
2. Encryption Monitoring: Details of specific encryption technologies that Afaria supports. Also ability of Afaria to notify me or automatically re-encrypt Windows 8 drive if user was able to de-crypt said drive.
3. Remote Wipes: You said before that it is not possible to remote wipe, but how about encryption? Is there any way to open a session to enable BitLocker and encrypt drives on all Windows machines that support it?
4. Pushing Windows 8 Local Group Policy Changes: Cloud product vs hosted? Perhaps only apply certain group Policy changes.
5. Antivirus Monitoring: A list of supported Antivirus software and level of integration. For example Afaria might be able to notify me of a virus with one antivirus software, but not allow me to choose remediation options without connecting to the machine. However with another antivirus software it may be able to apply a specific remediation. I’m particularly interested in Afaria’s ability to report With the Windows 8 version of Windows Defender.
6. Windows Updates: How do I approve which updates to apply to machines. Does Afaria report back a list of all available updates from Windows and I select which ones to apply to a group of machines, or Must I using my test machine see which updates it finds, find the KB reference number, and manually add those to a list or even upload the files to Afaria?
7. Permissions: My users will not be administrators on their machine. Does Afaria run as an administrator so that these updates can be properly found and applied, especially with third party updates like Adobe Reader, Flash, etc.
8. Pushing out Non Windows files/updates: Difference in ability in the cloud and hosted solutions?
Also, On-Premise is the only way to support Windows management, right?
Hi,
Through the Afaria administrator site you can build afaria window client setup exe . and there is a option to download it .. after download you can install it on your windows.
Regards,
Thushara
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi ,
I have found one useful link for configuration of Afaria client
But do not get the mentioned downloadables in the sybase site
Sybase Control Center > Administer > Afaria Environment and Device Clients > Set Up > Afaria Clients > Creating an .NET Afaria Client
Any hint.
Regards,
Jituda
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.