AD Groups / WAPT Groups

Share your tips or issues concerning the WAPT Console or WAPT Agent here
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
elk
Messages: 6
Registration: May 4, 2018 - 11:52

May 4, 2018 - 12:06

Hello everyone,
I'm currently testing and evaluating WAPT (latest version), and now that all the agents are installed and appearing in the console, we'd like to deploy a group of common applications across all workstations.
I read on the forum (viewtopic.php?f=13&t=770&p=2364&hilit=A ... tory#p2364) that it's possible to create an Active Directory group (containing all the desired computers) and then create a group with the same name in the WAPT console. From what I've also read, you then need to select all the computers in the console and choose the "Add AD groups as dependency packages" action.
That's what I did, but unfortunately, when I perform this action, a popup titled "waptconsole" appears with the following message: "0 machines modified, 1 machine ignored (error), 0 machines unchanged."

I'm not sure which logs to look at to try and solve the problem. Furthermore, I would like confirmation that this behavior is still implemented in the latest version of Wapt (so as not to try to get something working that no longer functions). :)

Thank you in advance for your answers.

Sincerely,
High
elk
Messages: 6
Registration: May 4, 2018 - 11:52

May 5, 2018 - 10:37

I just realized that this behavior is also described in the official documentation (https://www.wapt.fr/fr/doc/Utilisation/ ... de-paquets "If you name a group with the same name as a machine group in your Active Directory (Microsoft or SaMBa4), then the machines in the AD group will be assigned to the WAPT group.").
So I have part of my answer: it should work.
But as mentioned, it doesn't work (message "0 machines modified, 1 machine ignored (error), 0 machines unchanged" when selecting the "Add AD groups as dependent packages" action).

Sincerely,
High
elk
Messages: 6
Registration: May 4, 2018 - 11:52

May 15, 2018 - 2:07 PM

Hello,

I recently reported that the expected functionality (AD groups/WAPT groups mapping) is not working in a freshly installed version of WAPT (1.5.1.23).

I understand that patience is required, however, we are pressed for time and need a clear and precise answer regarding this functionality described in the official WAPT documentation.

Should we conclude that the AD/WAPT groups mapping feature described in the documentation does not work in the WAPT community version?

Thank you in advance to the WAPT developers/admins for your response.

Sincerely,
High
User avatar
vcardon
WAPT Expert
Messages: 278
Registration: Oct 06, 2017 - 10:55 p.m.
Location: Nantes, France

May 15, 2018 - 10:49 PM

wapiti wrote: May 15, 2018 - 2:07 PM Should we conclude that the AD/WAPT group mapping functionality described in the documentation does not work in the WAPT community version?
Regards,
This is a feature that works great in the Enterprise version; perhaps we should be more specific in the documentation?

I recently watched Simon demonstrate this Enterprise feature the other day at a regional branch of the CPAM and it worked just too well, the guys were positively surprised and just won over.

With the Community edition, TIS delivers on its promise to provide system and network administrators with a tool to deploy, update, and remove software and configurations. For large networks or organizations seeking better Active Directory integration or improved auditability/traceability of actions, the Enterprise edition is the right choice.

Sincerely.

Vincent
Vincent CARDON
Tranquil IT
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

May 15, 2018 - 11:05 PM

Hello,

the function mentioned by wapiti (Add AD groups as a dependent package) no longer works in version 1.5.

We need to fix this. We haven't had time to do it yet. :(

Simon
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

May 16, 2018 - 00:49

Code: Select all

# -*- coding: utf-8 -*-
from setuphelpers import *
from active_directory import *

uninstallkey = []

def get_computer_groups():
    """Try to finc the computer in the Active Directory
        and return the list of groups
    """
    groups = []
    computer = find_computer()
    if computer:
        computer_groups = computer.memberOf
        if computer_groups:
            if not isinstance(computer_groups,(tuple,list)):
                computer_groups = [computer_groups]
            for group in computer_groups:
                # extract first component of group's DN
                cn = group.split(',')[0].split('=')[1]
                groups.append(cn.lower())
    return groups

def install():

    for group in get_computer_groups():
         if WAPT.is_available(group) :
            WAPT.install(group)
Here is a quick workaround.

This wapt package allows listing the groups to which the machine belongs; if a group has the same cn as a wapt group, then the installation will be launched.

Simon
High
elk
Messages: 6
Registration: May 4, 2018 - 11:52

May 16, 2018 - 4:09 PM

Vincent CARDON wrote: May 15, 2018 - 10:49 PM
wapiti wrote: May 15, 2018 - 2:07 PM Should we conclude that the AD/WAPT group mapping functionality described in the documentation does not work in the WAPT community version?
Regards,
This is a feature that works great in the Enterprise version; perhaps we should be more specific in the documentation?

Hello Mr. Cardon, thank you for your reply. From what I've read, this feature existed until recently in the Community version. Therefore, it's not so much the documentation that needs clarification, but rather the evolution of your choices and strategies (which are yours and perfectly valid).
Indeed, if you no longer wish to maintain this feature in the Community version, this should be clearly stated (it's a waste of time trying to keep something working that no longer functions), at least in the changelog and documentation
Vincent CARDON wrote: May 15, 2018 - 10:49 PM I recently watched Simon demonstrate this Enterprise feature the other day at a regional branch of the CPAM and it worked just too well, the guys were positively surprised and just won over.
I don't doubt it in the slightest :)
Vincent CARDON wrote: May 15, 2018 - 10:49 PM With the Community version, TIS delivers on its promise to provide system and network administrators with a tool to deploy, update, and remove software and configurations. For large networks or organizations seeking better AD integration or improved auditability/traceability of actions, the Enterprise version is the right choice.

Regards,

Vincent
Mr. Cardon, we are well aware that the Enterprise version of WAPT is a natural evolution from the Community version for companies seeking true Active Directory integration (in our case, that's all we're interested in; the other features offered by the Enterprise version aren't yet essential for our use: two people in the IT department). It would be a real advantage. In any case, and quite naturally, we want to get to grips with this very powerful tool, familiarize ourselves with the Python language, and give ourselves at least a year to evaluate it. In the long run, it's very likely that we'll subscribe to additional services and features.

In conclusion, clarity and communication about your strategic/functional choices are important and I repeat, these choices belong to you and I respect them.

Thank you again for your response and this exchange.

Sincerely,
High
elk
Messages: 6
Registration: May 4, 2018 - 11:52

May 16, 2018 - 4:12 PM

sfonteneau wrote: May 15, 2018 - 11:05 PM Hello,

The function mentioned by wapiti (Add AD groups as a dependent package) no longer works in 1.5.

We need to fix this. We haven't had time to do it yet. :(

Simon
Hello Mr. Fonteneau, thank you for your clear and concise answer, as it was exactly what I needed to know :) (works or no longer works)
I imagine you have very busy days and I understand that the correction may take some time.

Thank you again.

Sincerely,
High
elk
Messages: 6
Registration: May 4, 2018 - 11:52

May 16, 2018 - 4:14 PM

sfonteneau wrote: May 16, 2018 - 00:49

Code: Select all

# -*- coding: utf-8 -*-
from setuphelpers import *
from active_directory import *

uninstallkey = []

def get_computer_groups():
    """Try to finc the computer in the Active Directory
        and return the list of groups
    """
    groups = []
    computer = find_computer()
    if computer:
        computer_groups = computer.memberOf
        if computer_groups:
            if not isinstance(computer_groups,(tuple,list)):
                computer_groups = [computer_groups]
            for group in computer_groups:
                # extract first component of group's DN
                cn = group.split(',')[0].split('=')[1]
                groups.append(cn.lower())
    return groups

def install():

    for group in get_computer_groups():
         if WAPT.is_available(group) :
            WAPT.install(group)
Here is a quick workaround.

This wapt package allows listing the groups to which the machine belongs; if a group has the same cn as a wapt group, then the installation will be launched.

Simon
Great!!!!! Thank you so much!!!!!! We'll use this method until the feature returns in version 1.5 :)

Have a great day!.

Sincerely,
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

September 11, 2018 - 11:56

The solution we would potentially to propose is to integrate this code into the agent.

This would avoid assigning this package to each machine.
High
Locked

Return to "WAPT usage (Console, Agent) / WAPT usage (Console, Agent)"


  • To go further with WAPT