12.2 Advanced Scripting Rules

ZENworks Endpoint Security Management includes an advanced rule scripting tool that gives you the ability to create extremely flexible and complex rules and remediation actions.

The scripting tool uses either of the common scripting languages, VBScript or JScript*, to create rules that contain both a trigger (when to execute the rule) and the actual script (the logic of the rule).

Advanced scripting is implemented sequentially, along with other integrity rules. Therefore, a long-running script prevents other rules (including timed rules) from executing until that script is complete.

To add an advanced script:

  1. In the Integrity and Remediation Rules tree of the Management Console, select the Advanced Scripting Rules folder.

  2. If you want to define a new scripting rule, click New Component on the Policy toolbar.

    or

    If you want to add an existing or predefined scripting rule, click Associate Component on the Policy toolbar.

    The scripting rule is added under the Advanced Scripting Rules folder in the tree. If you add a new scripting rule, the name is displayed as New Advanced Scripting Rules. If you add an existing scripting rule, the scripting rule’s name is displayed.

  3. Name the rule and provide a description.

  4. Specify the triggering events:

    • Times and Days to Run: Specify as many as five different times for the script to run. The script runs weekly on the selected days.

    • Timer Run Every: Specify how often to run the timer.

    • Miscellaneous Events: Specify the events on the endpoint that trigger the script.

    • Location Change Event: Specify the location change event that triggers the script. These events are not independent; they are additive to the previous event.

      • Activate when switching from: The script runs whenever the user changes from this specified location to another location.

      • Activate when switching to: The script runs whenever the user changes to this specified location from any other location. If Activate when switching from was given a location (such as Office), the script runs only when the location switches from Office to this specified location.

      • Must be a manual change: The script runs only when the user manually switches from or to a location.

  5. Create any script variables. For more information see Script Variables.

  6. Write the script text. For more information, see Script Text.

  7. Click Save Policy.

12.2.1 Script Variables

This is an optional setting you can use to define a variable (var) for the script. The variable can include a firewall setting, a location, a number value, or a string value.

To create a new script variable:

  1. In the Integrity and Remediation Rules tree of the Management Console, click the + sign next to the scripting rule to expand the rule settings, then select the Script Variables folder.

  2. Click New Component to create a new script variable.

  3. Name the variable and provide a description.

  4. Select the type of variable:

    • Firewall: Defines a firewall setting that can be applied as an action.

    • Location: Defines a location that can be applied as an action.

    • Number: Defines a number value.

    • String: Defines a string value.

  5. Specify the value of the variable.

  6. Click Save Policy to save your changes.

  7. Repeat Step 1 through Step 6 to create a new variable.

12.2.2 Script Text

It is strongly recommended that you test a script before distributing the policy.

To add the script text:

  1. In the Integrity and Remediation Rules tree of the Management Console, click the + sign next to the scripting rule to expand the rule settings, then select Script Text.

  2. Select the script language (Jscript or VBscript).

  3. Specify the script in the provided field.

    For information about creating scripts, including sample scripts you can reference, see Section D.0, Advanced Scripting Rules.