locked
How to scan a specific OU RRS feed

  • Question

  • I have defined a single Policy and deployed it to all my OU's in my Active Directory. Is there a way to initiate a scan from the console but tu a specific OU using the Scan Now button?

     

    I don't want to initiate a scan of ALL computers, just a single office?

    Thanks

    Stephane

    Wednesday, April 14, 2010 3:31 PM

Answers

  • This is not possible in the UI today and will probably not be included in the next version. You can however script this easily by utilizing the mpcmdrun utility included with FCS installations. You can trigger this remotely with PsExec or create a script to run the local instance and assign that script to the OU.
    Oguzhan Filizlibay | Security Escalation Engineer | Microsoft EMEA CSS Security
    Sunday, April 18, 2010 9:05 PM

All replies

  • Hi!

    unfortunatly you cannot do that in the FCS UI. you can only initiate a scan on a single computer or all computers.

    The problem is that MOM 2005 does not group the computers so there is no defined groups in MOM to send the scan job to

    You might be able to script this

    /Johan


    MCSE, forefront spec | www.msforefront.com
    Wednesday, April 14, 2010 6:57 PM
  • Thanks for the answer. Do you know if this will be available in the next version?
    Thursday, April 15, 2010 3:04 PM
  • Not sure yet. I'm just about to install the next version to start playing around with it.

    /Johan


    MCSE, forefront spec | www.msforefront.com
    Thursday, April 15, 2010 5:31 PM
  • This is not possible in the UI today and will probably not be included in the next version. You can however script this easily by utilizing the mpcmdrun utility included with FCS installations. You can trigger this remotely with PsExec or create a script to run the local instance and assign that script to the OU.
    Oguzhan Filizlibay | Security Escalation Engineer | Microsoft EMEA CSS Security
    Sunday, April 18, 2010 9:05 PM
  • If you do some tinkering with MOM tasks/groups etc there is a way to do it if you have per OU policies defined.. but it would not be via the FCS console specifically.  Basically you would create a policy for an OU and deploy it..you create a MOM attribute that groups computers per FCS policy, create a MOM task to run a mpcmdrun and the scan type, and then you are able to push that MOM task to those groups of computers based on attribute.  Not the cleanest solution I've ever seen but I have seen it used/work before if you really need something.
    CSS Security Support Engineer (FCS/MBSA/WUA/Incident Response) Check out my blog http://blogs.technet.com/kfalde
    Monday, April 19, 2010 1:14 PM