Summary

Script to perform offline computer group lookup’s

Issue:

When doing computer group lookups using AppSense 8.4 you will notice it is retrieving the data from AD. However when a client is offline it will be unable to do this.

This isn’t an issue for user accounts as we can use the local security token however this functionality is not available for a computer group

AppSense_Rules_20150629

Resolution:

Use a script to query the local group policy membership for the machine

James Rankin has written a good article on this very topic here:

http://appsensebigot.blogspot.co.uk/2013/06/appsense-desktopnow-environment-manager.html

Implementation:

Pretty much the same as the code from James but env variables added at the start for ease of use

# Query computer security token for specific group membership
# Initialise variables
$strSearchString = "ad-group"
$strSearchResult = $null

$strSearchResult = (GPRESULT /R /SCOPE COMPUTER | Select-String -pattern $strSearchString -list).line

$strSearchResult = $strSearchResult -replace "        ",""

if($strSearchResult -contains $strSearchString)
{
Write-Host "success"
 exit 0
}
else
{
write-host "fail"
 exit 1
}