RE: Policy priority across multiple groups

@theopenem_admin Thank you for clarification. Will look into it.

How can I set priority of policies globally?
I'd like to have multiple groups of PCs, for example different group for installing different software, but if PolicyA in Group1 has priority 0 and PolicyB in GroupB has priority 30, it doesn't start those policies based on that priority, but rather it starts them probably according to alphabetical order of the policies' names.
Endpoint and Imaging priority only deals with Com Server Clusters.

It'd be great to implement the ability for TOEMS to host its own WinGet repository or cache to limit uplink badwidth usage with large program downloads.

An official REST-based guide for local WinGet repo: https://github.com/microsoft/winget-cli-restsource

I'd like a feature of being able to save long SQL commands for Custom reports to quickly get information that I frequently check up on. Also useful for my other colleagues.

I'd like to create a Dynamic group, that uses AND between 2 diferrent groups, but I don't get any Results. Same with Categories. Any suggestions?

Just fixing few uncomfortable cavets:

• be able to use NOT with other criteria, not just one row
• be able to use AND on multiple GROUP_NAME or GROUP_ID and see computers, that are in both groups (now it doesn't show anything for some reason)

I started to see this problem with tasks, which are not started automatically. Problem seems to get resolved for a short time by restarting Windows server.
There is also long wait before loading the "Task Scheduler" page, sometimes throwing error:

Server Error in '/' Application.
Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[NullReferenceException: Object reference not set to an instance of an object.]
   Toems_FrontEnd.views.admin.taskscheduler.PopulateForm() +1337
   Toems_FrontEnd.views.admin.taskscheduler.Page_Load(Object sender, EventArgs e) +111
   System.Web.UI.Control.OnLoad(EventArgs e) +107
   System.Web.UI.Control.LoadRecursive() +89
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1532

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.8.4718.0

@theopenem_admin I'm really sorry for mentioning, but I'd really like to find a way to fix this without reinstalling the whole server and clients.
There are no "Active Replications" nor can I found a way to stop the Worker process. I tried to zip all software_uploads on TOEMS local storage, delete the contents of the folder, but it didn't help. The same if I deleted everything in that folder from SMB and local storage.

My problem is still occuring - still haven't found a way to cancel existing replication task and my software_uploads are not syncing to my Com Server. Even tried to move all files from old SMB server to new one. IIS_USERS have write permissions on local storage on Com Server.

For now I'm still using this command to start Robocopy, which does work fine:

Robocopy \\storage\toem\software_uploads O:\software_uploads /E /ZB /LOG:O:\Robocopy.log

I think in some cases it would be beneficial to let the logged in user decide if they want to have a planned policy run now, later or never (probably only during this session). Like running a software upgrade or restarting PC. And have their response logged (maybe with some notes/response from them).

@theopenem_admin Yeah i get that, but I found a program, which installs only without specifying any scope in the command. I guess it's a problem of the package maintainer, but it's better to have us as system admins specify, which scope we wish to apply from e.g. a drop-down menu in the winget module.

@theopenem_admin
Is the --scope machine hard-coded into TOEMS when installing with winget modules? Some packages cannot get installed with it and practically I have no way of overriding this option, because --scope user doesn't work, too.

I am trying to make a policy that runs on login for one particular user and shows a "Warning" message to that user. Login policies should run in the context of logged in users, so I created a PS script that checks who is logged in with this:

# Get the currently logged-in user
$currentUserName = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name

# Check if the username is "user"
if ($currentUserName -eq "user") {
    Write-Host "Logged in user is 'user'."
    exit 0
} else {
    Write-Host "Logged in user is not 'user'. Logged in user is '$currentUserName'."
    exit 1
}

and used it as a Condition script for policy and/or module. But the condition always fails with MarkNotApplicable.
I could make an Impersonation account for this one, but

Second problem is that when I tried to use "Send Message" to that PC, it output an error:

ERROR [45] ApiRequest - Error Retrieving API Response: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 127.0.0.1:9000
   at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
   at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
   --- End of inner exception stack trace ---
   at System.Net.HttpWebRequest.GetResponse()
   at RestSharp.Http.<ExecuteRequest>g__GetRawResponse|185_1(WebRequest request)
   at RestSharp.Http.ExecuteRequest(String httpMethod, Action`1 prepareRequest)

@daodio2

You probably don't have compatible ethernet drivers for that ThinkCentre installed in your WIE.

I don't know for how long this was happening. I can't get the uploaded files to replicate from SMB to TOEMS server (again). The Application.log is full of these:

2024-02-21 13:06:58,027 [Worker #7] INFO Toems_Service.Workflows.FolderSync A Replication process is already in progress.

and

2024-02-21 13:16:34,694 [Worker #3] ERROR Toems_DataModel.RawSqlRepository You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ') AND (a.provision_status = 8 OR a.provision_status = 6 OR a.provision_status = ' at line 1

The Replication job seemingly never finishes, and I have to copy the contents of the uploaded files from SMB to the only TOEMS server.

Does anyone know how to use the Sysprep Modules correctly?

@theopenem_admin I tried that, adding powershell.exe as command and a whole bunch of arguments to run it with execution bypass and adding path to application, name of the .lnk file and location to save the .lnk to.
After adding the argument with the name of the location for the .lnk, namely "Výučbový softvér", TOEMS was unable run this instant module.

Command: powershell.exe
Arguments:

-executionpolicy bypass -windowstyle hidden -noninteractive -nologo -file "C:\CIT\Scripts\shortcut-script.ps1" -SoftwarePath "C:\Program Files\Wireshark\Wireshark.exe" -ShortcutDirectory "Výučbový softvér" -ShortcutName "Wireshark.lnk"

Script contents:

param(
    [string]$SoftwarePath,
    [string]$ShortcutDirectory,
    [string]$ShortcutName
)

$publicDesktopPath = [System.Environment]::GetFolderPath('CommonDesktopDirectory')

# Create a WScript Shell object
$shell = New-Object -ComObject WScript.Shell

# Create the software directory if it doesn't exist
$softwareDirectory = "$publicDesktopPath\$ShortcutDirectory"
if (-not (Test-Path -Path $softwareDirectory -PathType Container)) {
    New-Item -Path $softwareDirectory -ItemType Directory -Force
}

# Create a shortcut object
$shortcut = $shell.CreateShortcut("$softwareDirectory\$ShortcutName")

# Set the target path for the shortcut
$shortcut.TargetPath = $SoftwarePath

# Save the shortcut
$shortcut.Save()

Write-Host "Shortcut for software created on the public desktop."
Exit 0

I could try to create a singular script for every shortcut then.

@tyler Yep

@tyler I tried to create them via Powershell script module.

In Notepad++ I found that setting the script contents to show in ANSI while being encoded in UTF8 creates exactly the same problem with letters with diacritics as the Powershell script.
Still no way to fix it though.