; = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = ; = configuration file for opsiclientd = ; = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - global settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [global] # Location of the log file. log_file = c:\\opsi.org\\log\\opsiclientd.log # Set the log (verbosity) level # (0 <= log level <= 9) # 0: nothing, 1: essential, 2: critical, 3: errors, 4: warnings, 5: notices # 6: infos, 7: debug messages, 8: more debug messages, 9: passwords log_level = 6 # Client id. host_id = # Opsi host key. opsi_host_key = # Verify tls certificates verify_server_cert = true # Trust the uib opsi CA trust_uib_opsi_ca = true # Install opsi CA into os store install_opsi_ca_into_os_store = false # Which ip version to use (4/6/auto) ip_version = auto # On every daemon startup the user login gets blocked # If the gui starts up and no events are being processed the login gets unblocked # If no gui startup is noticed after the login gets unblocked # Set to 0 to wait forever wait_for_gui_timeout = 120 # Application to run while blocking login block_login_notifier = "%global.base_dir%\\opsi-notifier.exe" -l 5 -s notifier\\block_login.ini # Use a proxy for connecting configservice # proxy_url usage: http://:@: # Example: http://proxyuser:proxypass123@proxy.domain.local:8080 # Use proxy_url = system to use system proxy proxy_url = # Suspend bitlocker on reboot suspend_bitlocker_on_reboot = false base_dir = C:\Program Files (x86)\opsi.org\opsi-client-agent log_dir = C:\opsi.org\log server_cert_dir = C:\opsi.org\tls state_file = C:\opsi.org\opsiclientd\state.json timeline_db = C:\opsi.org\opsiclientd\timeline.sqlite tmp_dir = c:\opsi.org\tmp verify_server_cert_by_ca = false ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - config service settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [config_service] # Service url. # http(s)://:/rpc url = https://:4447/rpc # Conection timeout. connection_timeout = 30 # The time in seconds after which the user can cancel the connection establishment user_cancelable_after = 30 # If this option is set, the local system time will be synced with time from service sync_time_from_service = false compression = true ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - depot server settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [depot_server] # Depot server id depot_id = # Depot url. # smb://// url = webdavs:///depot # Local depot drive drive = p: # Username that is used for network connection [domain\] username = WORKGROUP\ master_depot_id = ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - cache service settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [cache_service] # Maximum product cache size in bytes product_cache_max_size = 20000000000 # Members of this ProductGroups will be excluded from processing exclude_product_group_ids = # Only members of this ProductGroups will be excluded from processing include_product_group_ids = extension_config_dir = C:\Program Files (x86)\opsi.org\opsi-client-agent\opsiclientd\extend.d storage_dir = C:\opsi.org\cache ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - control server settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [control_server] # The network interfaces to bind to. # This must be the IP address of an network interface. # Use 0.0.0.0 to listen to all interfaces interface = 0.0.0.0 # The port where opsiclientd will listen for HTTPS rpc requests. port = 4441 # The location of the server certificate. ssl_server_cert_file = %global.base_dir%\\opsiclientd\\opsiclientd.pem # The location of the server private key ssl_server_key_file = %global.base_dir%\\opsiclientd\\opsiclientd.pem # The location of the static files static_dir = %global.base_dir%\\opsiclientd\\static_html # The maximum number of authentication failures before a client ip # is blocked for an amount of time. max_authentication_failures = 5 # Activate kiosk api endpoint (bool) kiosk_api_active = true # Event to use if action processing is triggered by systray / kiosk process_actions_event = auto ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - notification server settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [notification_server] # The network interfaces to bind to. # This must be the IP address of an network interface. # Use 0.0.0.0 to listen to all interfaces interface = 127.0.0.1 # The first port where opsiclientd will listen for notification clients. start_port = 44000 # Port for popup notification server popup_port = 45000 ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - opsiclientd notifier settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [opsiclientd_notifier] # Notifier application command command = "%global.base_dir%\\opsi-notifier.exe" -l 5 -p %port% -i %id% ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - opsiclientd rpc tool settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [opsiclientd_rpc] # RPC tool command command = "%global.base_dir%\\opsiclientd_bin\\opsiclientd_rpc.exe" "%global.host_id%" "%global.opsi_host_key%" "%control_server.port%" ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - action processor settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [action_processor] # Locations of action processor local_dir = %global.base_dir%\\opsi-script remote_dir = opsi-script\\windows\\x86 filename = opsi-script.exe remote_common_dir = opsi-script\\common # Action processor command command = "%action_processor.local_dir%\\%action_processor.filename%" /opsiservice %service_url% /clientid %global.host_id% /username %global.host_id% /password %global.opsi_host_key% # Load profile / environment of %run_as_user% create_environment = false create_user = true delete_user = true run_as_user = SYSTEM ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - events - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [event_default] ; === Event configuration # Type of the event (string) type = template # Time in seconds after which a timer / custom event is triggered for the first time after event activation (int, 0 = disabled). start_interval = 0 # Interval for timer / custom events in seconds (int, 0 = disabled). interval = 0 # Maximum number of event repetitions after which the event will be deactivated (int, -1 = never) max_repetitions = -1 # Time in seconds to wait before event becomes active (int, 0 to disable delay) activation_delay = 0 # Time in seconds to wait before an event will be fired (int, 0 to disable delay) notification_delay = 0 # Event notifier command (string) event_notifier_command = %opsiclientd_notifier.command% -s notifier\\event.ini # The desktop on which the event notifier will be shown on (all/current/default/winlogon) event_notifier_desktop = all # Block login while event is been executed (bool) block_login = false # Lock workstation on event occurrence (bool) lock_workstation = false # Logoff the current logged in user on event occurrence (bool) logoff_current_user = false # Get config settings from service (bool) get_config_from_service = true # Store config settings in config file (bool) update_config_file = true # Transmit log file to opsi service after the event processing has finished (bool) write_log_to_service = true # Shutdown machine after action processing has finished (bool) shutdown = false # Reboot machine after action processing has finished (bool) reboot = false # Members of this ProductGroups will be excluded from processing exclude_product_group_ids = # Only members of this ProductGroups will be excluded from processing include_product_group_ids = # Events will only be processes inside the working window, which can be specify like: 07:00-22:00 working_window = # A command to execute at the end of event processing post_event_command = ; === Sync/cache settings # Sync configuration from local config cache to server (bool) sync_config_to_server = false # Sync configuration from server to local config cache (bool) sync_config_from_server = false # Work on local config cache use_cached_config = false # Cache products for which actions should be executed in local depot cache (bool) cache_products = false # Maximum transfer rate when caching products in byte/s (int, 0 = no limit) cache_max_bandwidth = 0 # Dynamically adapt bandwidth to other network traffic (bool) cache_dynamic_bandwidth = false # Work on local depot cache use_cached_products = false ; === Action notification (if product actions should be processed) # Time in seconds for how long the action notification is shown (int, 0 to disable) action_warning_time = 0 # Action notifier command (string) action_notifier_command = %opsiclientd_notifier.command% -s notifier\\action.ini # The desktop on which the action notifier will be shown on (all/current/default/winlogon) action_notifier_desktop = all # Message shown in the action notifier window (string) action_message = Starting to process product actions. You are allowed to cancel this event a total of %action_user_cancelable% time(s). The event was already canceled %state.action_processing_cancel_counter% time(s). # German translation (string) action_message[de] = Starte die Bearbeitung von Produkt-Aktionen. Sie können diese Aktion insgesamt %action_user_cancelable% mal abbrechen. Die Aktion wurde bereits %state.action_processing_cancel_counter% mal abgebrochen. # French translation (string) action_message[fr] = Traitement des actions du produit. Vous êtes autorisé à annuler cet événement un total de %action_user_cancelable% fois. L'événement a été déjà annulée %state.action_processing_cancel_counter% fois. # Number of times the user is allowed to cancel the execution of actions (int) action_user_cancelable = 0 ; === Action processing # Should action be processed by action processor (bool) process_actions = true # Type of action processing (default/login) action_type = default # Update the action processor from server before starting it (bool) update_action_processor = true # Command which should be executed before start of action processor pre_action_processor_command = # Action processor command (string) action_processor_command = %action_processor.command% # The desktop on which the action processor command will be started on (current/default/winlogon) action_processor_desktop = current # Action processor timout in seconds (int) action_processor_timeout = 10800 # Command which should be executed before after action processor has ended post_action_processor_command = # Activate or deactivate trusted installer Detection trusted_installer_detection = true ; === Shutdown notification (if machine should be shut down or rebooted) # Process shutdown requests from action processor process_shutdown_requests = true # Time in seconds for how long the shutdown notification is shown (int, 0 to disable) shutdown_warning_time = 0 # Shutdown notifier command (string) shutdown_notifier_command = %opsiclientd_notifier.command% -s notifier\\shutdown.ini # The desktop on which the action notifier will be shown on (all/current/default/winlogon) shutdown_notifier_desktop = all # Message shown in the shutdown notifier window (string) shutdown_warning_message = A reboot is required to complete software installation tasks. You are allowed to delay this reboot a total of %shutdown_user_cancelable% time(s). The reboot was already delayed %state.shutdown_cancel_counter% time(s). # German translation (string) shutdown_warning_message[de] = Ein Neustart wird benötigt um die Software-Installationen abzuschliessen. Sie können diesen Neustart insgesamt %shutdown_user_cancelable% mal verschieben. Der Neustart wurde bereits %state.shutdown_cancel_counter% mal verschoben. # French translation (string) shutdown_warning_message[fr] = Un redémarrage est nécessaire pour terminer l'installation du logiciel. Vous êtes autorisé à retarder le redémarrage un total de %shutdown_user_cancelable% fois. Le redémarrage a été déjà retardé %state.shutdown_cancel_counter% fois. # Number of times the user is allowed to cancel the shutdown (int) shutdown_user_cancelable = 0 # Time in seconds after the shutdown notification will be shown again after the user has canceled the shutdown (int) shutdown_warning_repetition_time = 3600 # If enabled, the user can select a time for shutdown in the shutdown notifier. The selected time overrides shutdown_warning_repetition_time. shutdown_user_selectable_time = false # Time in seconds for how long the shutdown notification is shown when the user selected time is reached (int, 0 to disable, -1 to use shutdown_warning_time) shutdown_warning_time_after_time_select = -1 [event_opsiclientd_start] super = default type = daemon startup active = false activation_delay = 10 max_repetitions = 0 [event_opsiclientd_start{cache_ready}] active = false use_cached_config = true use_cached_products = true [event_gui_startup] super = default type = gui startup active = true block_login = true max_repetitions = 0 [event_gui_startup{user_logged_in}] shutdown_warning_time = 3600 block_login = false active = false [event_gui_startup{cache_ready}] use_cached_config = true use_cached_products = true action_user_cancelable = 3 action_warning_time = 60 [event_gui_startup{installation_pending}] active = true [event_on_demand] super = default type = custom [event_on_demand{user_logged_in}] shutdown_warning_time = 3600 [event_software_on_demand] super = default type = sw on demand shutdown_warning_time = 3600 [event_sync] super = default type = template process_actions = false event_notifier_command = sync_config_to_server = true sync_config_from_server = true cache_products = true cache_dynamic_bandwidth = true [event_timer] super = sync type = timer active = true interval = 3600 [event_net_connection] super = sync type = custom active = true wql = SELECT * FROM __InstanceModificationEvent WITHIN 2 WHERE TargetInstance ISA 'Win32_NetworkAdapter' AND TargetInstance.NetConnectionStatus = 2 AND PreviousInstance.NetConnectionStatus != 2 [event_sync_completed] super = default type = sync completed event_notifier_command = process_actions = false get_config_from_service = false write_log_to_service = false [event_sync_completed{cache_ready_user_logged_in}] reboot = true shutdown_user_cancelable = 10 shutdown_warning_time = 3600 [event_sync_completed{cache_ready}] reboot = true [event_user_login] super = default type = user login action_type = login active = false action_message = Starting to process user login actions. action_message[de] = Beginne mit der Verarbeitung der Benutzer-Anmeldungs-Aktionen. action_message[fr] = Traitement des actions à la connexion de l'utilisateur. block_login = false process_shutdown_requests = false get_config_from_service = false update_config_file = false write_log_to_service = false update_action_processor = true event_notifier_command = %opsiclientd_notifier.command% -s notifier\\userlogin.ini event_notifier_desktop = default action_processor_command = %action_processor.command% /sessionid service_session /loginscripts /silent action_processor_desktop = default action_processor_timeout = 300 [event_on_shutdown] super = default type = custom active = false max_repetitions = 0 [event_on_shutdown{installation_pending}] active = false [event_silent_install] super = default type = custom event_notifier_command = process_shutdown_requests = false action_processor_command = %action_processor.command% /productlist %action_processor_productIds% /silent action_processor_desktop = winlogon action_processor_timeout = 300 action_processor_productids = swaudit,hwaudit [event_timer_silentinstall] super = silent_install type = timer active = true interval = 60 [precondition_user_logged_in] user_logged_in = true [precondition_cache_ready] config_cached = true products_cached = true [precondition_cache_ready_user_logged_in] user_logged_in = true config_cached = true products_cached = true [precondition_installation_pending] installation_pending = true