MgsServersFromAD: Retrieve List from AD

IT Asset Management (Cloud)
This algorithm prioritizes according to lists of inventory beacons specified in Active Directory. Consequently, it is not useful for inventory devices that cannot run the Active Directory client:
  • Non-Windows devices that are not known to Active Directory
  • Any target inventory devices running legacy Windows operating systems that are without the Active Directory client.
Note: To configure this algorithm, you need to use ADSI Edit (adsiedit.msc), a GUI tool that acts as a low-level editor for Active Directory.
MgsServersFromAD (int limit, boolean discardForeign, string dnPrefix)
where:
  • limit is an optional integer setting the maximum number of inventory beacons to which priorities will be assigned by this algorithm.
  • discardForeign is an optional boolean represented by the case-insensitive strings true or false. The default is false.
    • If false or omitted, the algorithm assigns a low priority to inventory beacons that are not in the same Active Directory site as the target inventory device. Where there are multiple such inventory beacons, their relative priority is maintained.
    • If true, the algorithm sets the priorities of any inventory beacons that are not in the same Active Directory site as the target inventory device to the string literal invalid. The launcher component and the upload component will not use such inventory beacons for transfers.
  • dnPrefix is the prefix (quoted with double quotation marks) to add to a computer's distinguished name (DN), its subnet DN and its site DN in order to find an object in Active Directory with failover information. Failover information is obtained from the Description attribute in the first such object found in AD. Defaults to "CN=ManageSoft" if not specified.
    As usual for distinguished names, any of the following special characters must be escaped with a backslash (\) character wherever they appear in distinguished name components (see following example):
    , = + < > # ;
    Additionally, any double quote (") characters in dnPrefix must be similarly escaped.
Example:
MgsServersFromAD(,true,"CN=MGS Servers\, For Failover")
Including this example specification in the MgsServersFromAD preference has the following effects:
  • Gives high priority to all inventory beacons specified in the Description attribute of whichever of the following objects is found first within Active Directory:
    • CN=MGS Servers\, For Failover,CN=<computer name>,<computer's OU/ container DN>
    • CN=MGS Servers\, For Failover,CN=<subnet>,CN=Subnets,CN=Sites, CN=Configuration,<domain DN>
    • CN=MGS Servers\, For Failover,CN=<site name>,CN=Sites, CN=Configuration,<domain DN>
  • Discards any inventory beacons not specified in Active Directory from the failover list.

When the target inventory device uses this algorithm, it looks up each of these three locations (computer name, subnet, and site name) in Active Directory based on the configuration of that inventory device. Each inventory device calculates its own set of these three Active Directory queries.

Therefore, for a particular target inventory device:
  • Inventory device MachineName: mypc
  • Inventory device OU: Desktops
  • Inventory device domain: abc.com
  • Inventory device subnet: 172.16.34.0
  • Inventory device site: melbourne
including the above example specification in the MgsServersFromAD preference causes the inventory device to check for Active Directory objects in the following order:
  1. CN=MGS Servers\, For Failover,CN=mypc,OU=Desktops, DC=abc,DC=com
  2. CN=MGS Servers\, For Failover,CN=172.16.34.0,CN=Subnets,CN=Sites, CN=Configuration,DC=abc,DC=com
  3. CN=MGS Servers\, For Failover,CN=melbourne,CN=Sites, CN=Configuration,DC=abc,DC=com
If one of these objects is found, the inventory device checks the Description attribute of this object and extracts the inventory beacon information from this list. The failover information must be a comma-separated list of inventory beacon host names, using the following syntax:
serverlist[,...n]
where serverlist = [servername | random(servername[,...n])].
Some examples are:
  • srv1,srv2,srv3 — Prioritizes srv1 first, followed by srv2 and srv3
  • random(srv1,srv2,srv3) — Prioritizes srv1, srv2, and srv3 in random order
  • random(srv1,srv2,srv3),srv4 — Prioritizes srv1, srv2, srv3 in random order, followed by srv4
  • random(srv1,srv2,srv3),random(srv4,srv5,srv6) — Prioritizes srv1, srv2, andsrv3 in random order, then srv4, srv5, and srv6 in random order
  • srv0,random(srv2,srv2,srv3),random(srv4,srv5,srv6) — Prioritizes srv0 first, followed by srv1, srv2, and srv3 in random order, then srv4, srv5, and srv6 in random order
  • srv0,random(srv1,srv2,srv3),srv4 — Prioritizes srv0 first, followed by srv1, srv2, and srv3 in random order, followed lastly by srv4.

Example of MgsServersFromAD algorithm results

For Description attribute set to ds-prs-01.tmnis.org,ds-prs-02.tmnis.org:

Beacon Auto Priority discard-Foreign Incoming priority Resulting priority
ds-cls-01 true

false
true

1

2
invalid

ds-prs-01 false

false
true

4

4
4

ds-cls-02 true

false
true

2

3
invalid

ds-prs-02 true

false
true

3

1
1

In the example shown, the fact that AutoPriority has been set to false for ds-prs-01 prevents it from being given the highest priority, despite its preeminent position in the Active Directory listing.

Taking care not to orphan inventory devices

When you set the discardForeign flag to true, any inventory beacons not found in Active Directory are discarded. There is a possibility that inventory devices may become orphaned from all inventory beacons if the inventory device’s list of download locations does not contain any of the servers listed in Active Directory. If this occurs, the inventory device will not attempt to download any packages, including any updated failover settings packages.

If a value is not specified for discardForeign, it defaults to false. In this case, when a target inventory device cannot use any inventory beacon listed in Active Directory, it will still be able to use other inventory beacons identified through other algorithms.

IT Asset Management (Cloud)

Current