Ivanti

I recently started piloting patch management and needed the ability to exclude a number of device groups from a scope. We were already using Endpoint Manager for 3rd party patching using a simple task/scope targeting all workstations. The problem was that the task was overwriting the reboot settings of the agent configuration for devices in the patch pilot. I needed to create a new scope for all workstations that excluded all devices in the pilot (which were in multiple device groups in Endpoint Manager).

To accomplish this I did the following:

Created a dummy scheduled task and used my pilot device groups as targets in the task (you can also use a query, a scope, or individual devices here)

Created a query that excluded machines that were part of this task

…and created a scope using that query

This new scope is what I used as a target for my legacy 3rd party task. This is an easy way to exclude exclude a scope/device group/query from another scope/query. This can be very handy for more complex targeting.

Maniacal Methods

A repository of my various technical projects and findings

Category Archives: Ivanti

Excluding a scope/device group/query from another scope/query in Ivanti (LANDesk) Endpoint Manager