jnetz added a new solution:
QuoteDisplay MoreThis flow pulls all systems from ePO and creates a set difference with all systems from AD. Each AD computer is evaluated based on FQDN and Hostname to identify if it already exists in ePO. The same process occurs for all systems in ePO with AD. The result is an HTML table with all of the results.
Prerequisites
- The OpenDXL and McAfee ePolicy Orchestrator (ePO) DXL modules have been added to the Node-RED palette.
- A DXL client has been configured in Node-RED (see Client Configuration).
- An ePO DXL service is running and available on the DXL fabric. If version 5.0 or later of the DXL ePO extensions are installed on your ePO server, an ePO DXL service should already be running on the fabric. If you are using an earlier version of the DXL ePO extensions, you can use the ePO DXL Python Service.
- The Node-RED DXL client is authorized to invoke the ePO DXL service, and the user that is connecting to the ePO server (within the ePO DXL service) has permission to execute the "system.applyTag" remote command (see Client Authorization).
- Following Node-RED modules installed in palette:
- node-red-contrib-activedirectory: A Node-RED nodes collection for Microsoft Active Directory which allows us to query AD for current computers.
- node-red-contrib-tableify: A Node-RED node which converts JSON into readable HTML for HTTP output.
The output appears as follows:
Here is the Node-RED flow content for this solution:
Display MoreCode: Node-RED Flow
- [
- {
- "id": "8567a683.e88fa8",
- "type": "tab",
- "label": "AD Compare - Systems",
- "disabled": false,
- "info": ""
- },
- {
- "id": "ed499ab9.4e71c8",
- "type": "change",
- "z": "8567a683.e88fa8",
- "name": "Set searchText request parameter",
- "rules": [
- {
- "t": "set",
- "p": "searchText",
- "pt": "msg",
- "to": "",
- "tot": "str"
- },
- {
- "t": "set",
- "p": "searchNameOnly",
- "pt": "msg",
- "to": "false",
- "tot": "bool"
- }
- ],
- "action": "",
- "property": "",
- "from": "",
- "to": "",
- "reg": false,
- "x": 280,
- "y": 240,
- "wires": [
- [
- "e786bb00.42681"
- ]
- ]
- },
- {
- "id": "e786bb00.42681",
- "type": "dxl-epo-system-find",
- "z": "8567a683.e88fa8",
- "name": "",
- "client": "fa339fae.d0c24",
- "searchNameOnly": "",
- "epoUniqueId": "",
- "returnType": "obj",
- "x": 300,
- "y": 340,
- "wires": [
- [
- "734f8e6d.22c438"
- ]
- ]
- },
- {
- "id": "df0735e3.1be5d",
- "type": "query",
- "z": "8567a683.e88fa8",
- "name": "Get AD Machines",
- "url": "ldap://<<HOST>>",
- "baseDN": "dc=example,dc=com",
- "x": 430,
- "y": 500,
- "wires": [
- [
- "1740f61d.f63ec2"
- ]
- ]
- },
- {
- "id": "734f8e6d.22c438",
- "type": "change",
- "z": "8567a683.e88fa8",
- "name": "",
- "rules": [
- {
- "t": "set",
- "p": "epo_systems",
- "pt": "global",
- "to": "payload",
- "tot": "msg"
- },
- {
- "t": "set",
- "p": "payload",
- "pt": "msg",
- "to": "(objectCategory=computer)",
- "tot": "str"
- },
- {
- "t": "set",
- "p": "ad_attributes",
- "pt": "msg",
- "to": "{\"user\":[\"displayName\",\"dNSHostName\"]}",
- "tot": "json"
- }
- ],
- "action": "",
- "property": "",
- "from": "",
- "to": "",
- "reg": false,
- "x": 360,
- "y": 420,
- "wires": [
- [
- "df0735e3.1be5d"
- ]
- ]
- },
- {
- "id": "1740f61d.f63ec2",
- "type": "change",
- "z": "8567a683.e88fa8",
- "name": "",
- "rules": [
- {
- "t": "set",
- "p": "payload.ad_systems",
- "pt": "global",
- "to": "payload.other",
- "tot": "msg"
- },
- {
- "t": "set",
- "p": "ad_systems",
- "pt": "msg",
- "to": "ad_systems",
- "tot": "global"
- },
- {
- "t": "set",
- "p": "epo_systems",
- "pt": "msg",
- "to": "epo_systems",
- "tot": "global"
- }
- ],
- "action": "",
- "property": "",
- "from": "",
- "to": "",
- "reg": false,
- "x": 500,
- "y": 580,
- "wires": [
- [
- "25f79878.5976b"
- ]
- ]
- },
- {
- "id": "25f79878.5976b",
- "type": "function",
- "z": "8567a683.e88fa8",
- "name": "Set Diff",
- "func": "/* \nSearch through each set and identify systems in AD not in ePO. And, identify systems in ePO and not in AD\"\n*/\nmsg.ad_count = msg.ad_systems.length;\nmsg.epo_count = msg.epo_systems.length;\nmsg.debuga = [];\n\nmsg.payload.ad_alone = [];\nmsg.payload.epo_alone = [];\n//Find all AD systems not in ePO\nfor (var i = 0; i < msg.ad_count; i++) {\n match_found = false;\n for (var j=0; j < msg.epo_count; j++){\n if(msg.ad_systems[i].dNSHostName && msg.epo_systems[j][\"EPOComputerProperties.IPHostName\"])\n {\n if (msg.ad_systems[i].dNSHostName.toUpperCase() === msg.epo_systems[j][\"EPOComputerProperties.IPHostName\"].toUpperCase())\n {\n //The current AD system is in the ePO systems\n match_found = true;\n \n }else if(msg.ad_systems[i].dNSHostName.substring(0,msg.ad_systems[i].dNSHostName.indexOf('.')).toUpperCase()=== msg.epo_systems[j][\"EPOComputerProperties.IPHostName\"].toUpperCase())\n {\n //The current AD system is in the ePO systems\n match_found = true;\n }\n }\n }\n \n if (msg.ad_systems[i].dNSHostName && match_found === false)\n {\n msg.payload.ad_alone.push(msg.ad_systems[i].dNSHostName);\n }\n}\n\n//Find all ePO systems not in AD\nfor (var i = 0; i < msg.epo_count; i++) {\n match_found = false;\n for (var j=0; j < msg.ad_count; j++){\n if(msg.ad_systems[j].dNSHostName && msg.epo_systems[i][\"EPOComputerProperties.IPHostName\"])\n {\n if (msg.epo_systems[i][\"EPOComputerProperties.IPHostName\"].toUpperCase() === msg.ad_systems[j].dNSHostName.toUpperCase())\n {\n //The current ePO system is ad systems\n match_found = true;\n \n }else if(msg.epo_systems[i][\"EPOComputerProperties.IPHostName\"].substring(0,msg.epo_systems[i][\"EPOComputerProperties.IPHostName\"].indexOf('.')).toUpperCase() === msg.ad_systems[j].dNSHostName.toUpperCase())\n {\n //The current ePO system is in the ad systems\n match_found = true;\n }else if(msg.epo_systems[i][\"EPOComputerProperties.IPHostName\"].toUpperCase() === msg.ad_systems[j].dNSHostName.substring(0,msg.ad_systems[j].dNSHostName.indexOf('.')).toUpperCase())\n {\n //The current ePO system is in the ad systems\n match_found = true;\n }\n }\n }\n \n if (msg.epo_systems[i][\"EPOComputerProperties.IPHostName\"] && match_found === false)\n {\n msg.payload.epo_alone.push(msg.epo_systems[i][\"EPOComputerProperties.IPHostName\"]);\n }\n}\n\n\nreturn msg;",
- "outputs": 1,
- "noerr": 0,
- "x": 580,
- "y": 660,
- "wires": [
- [
- "42f441dd.d229a"
- ]
- ]
- },
- {
- "id": "d1048efb.8743d",
- "type": "http response",
- "z": "8567a683.e88fa8",
- "name": "",
- "statusCode": "",
- "headers": {},
- "x": 770,
- "y": 900,
- "wires": []
- },
- {
- "id": "ab41af78.3595f8",
- "type": "http in",
- "z": "8567a683.e88fa8",
- "name": "",
- "url": "/epo/adcompare",
- "method": "get",
- "upload": false,
- "swaggerDoc": "",
- "x": 180,
- "y": 160,
- "wires": [
- [
- "ed499ab9.4e71c8"
- ]
- ]
- },
- {
- "id": "42f441dd.d229a",
- "type": "change",
- "z": "8567a683.e88fa8",
- "name": "",
- "rules": [
- {
- "t": "delete",
- "p": "payload.other",
- "pt": "msg"
- },
- {
- "t": "delete",
- "p": "payload.groups",
- "pt": "msg"
- },
- {
- "t": "delete",
- "p": "payload.users",
- "pt": "msg"
- }
- ],
- "action": "",
- "property": "",
- "from": "",
- "to": "",
- "reg": false,
- "x": 680,
- "y": 740,
- "wires": [
- [
- "6e63550f.4e2dbc"
- ]
- ]
- },
- {
- "id": "6e63550f.4e2dbc",
- "type": "tableify",
- "z": "8567a683.e88fa8",
- "name": "",
- "before": "This is a list of AD systems not found in ePO. And, a list of ePO systems not found in AD.",
- "after": "",
- "tableStyle": "",
- "theadStyle": "",
- "tbodyStyle": "",
- "trStyle": "",
- "tdStyle": "",
- "x": 740,
- "y": 820,
- "wires": [
- [
- "d1048efb.8743d"
- ]
- ]
- },
- {
- "id": "2e19ef8b.201fe",
- "type": "comment",
- "z": "8567a683.e88fa8",
- "name": "Create https listener",
- "info": "",
- "x": 390,
- "y": 120,
- "wires": []
- },
- {
- "id": "ab8df7c2.522b48",
- "type": "comment",
- "z": "8567a683.e88fa8",
- "name": "Set properties for the Find systems node",
- "info": "",
- "x": 560,
- "y": 200,
- "wires": []
- },
- {
- "id": "8d637bf4.30c1a",
- "type": "comment",
- "z": "8567a683.e88fa8",
- "name": "Extract ALL ePO systems",
- "info": "",
- "x": 570,
- "y": 320,
- "wires": []
- },
- {
- "id": "ca0cf131.87add",
- "type": "comment",
- "z": "8567a683.e88fa8",
- "name": "Assign global value from payload. And, prepare payload and ad_attributes to perform AD Search",
- "info": "",
- "x": 830,
- "y": 420,
- "wires": []
- },
- {
- "id": "5b0ec24c.f8cf4c",
- "type": "comment",
- "z": "8567a683.e88fa8",
- "name": "Perform a set difference on AD and ePO systems",
- "info": "",
- "x": 880,
- "y": 660,
- "wires": []
- },
- {
- "id": "826f20db.23d3b8",
- "type": "comment",
- "z": "8567a683.e88fa8",
- "name": "Convert the JSON results into HTML for rendering",
- "info": "",
- "x": 1030,
- "y": 800,
- "wires": []
- }
- ]