Auto-Assign means that new clients will be placed into a specific group and getting this group's configuration immediately, rather than being placed into the default "Unassigned" group without any configuration and waiting for the system administrator to add them to a group.
Autoassign allows for full automation of a NoTouch rollout:
Technically speaking, whenever a new client announces itself to NoTouch Center first time, NoTouch Center will iterate through all groups, evaluate all criteria until a match is found.
Please note that auto-assign is happening in the background, no matter if somebody is logged into the Web GUI or not. NoTouch Center will generate log messages with precise information what client was put into which group and why. If however the administrator is logged in, NoTouch Center will not automatically reload the GUI tree for performance reasons - Simply click on "Manage" to reload the management view and get a reloaded tree pane.
Provided you have not modified the default values of the master switches, autoassign will happen with the next "first-timer" device announcing itself.
Note: This depends on the hardware vendor filling in the correct values into the DMI BIOS. Some companies don't seem to get it, alas.
The configuration parameters for Auto-assign can easily be accessed by simply clicking on the group and scrolling to "Automatic assignment".
Every group has a parameter "Automatic assignment" that is "on" by default. Only if the parameter is on, this group is part of Auto-assign. If it is off, the group will be skipped in any Auto-assign evaluation and no clients will ever be auto-assigned to that group.
One way - and actually a very precise one - of auto-assign is using group keys. For each group NoTouch Center will generate a unique, somewhat memorable group key. This key can be entered into a NoTouch client's First Time Wizard providing precise and fool-proof auto-assignment that is based solely on this key, not on other criteria like network addresses etc.
In other words, you can hand the key out to your people that are supposed to install NoTouch and you are guaranteed the clients will be auto-assigned into the correct group, no relying on correct network addresses or DMI BIOSes. A scenario where this would come handy is a service provider that hands the key over to a customer, and has all their machines going into one group, and another customer would get a different.
Group keys should be treated as secret as they allow somebody to connect a new NoTouch instance to NoTouch Center and fetching the group's configuration.
On the client, by clicking on "Central Management" on the left you get to the "Central Management" dialog. Enter the group key into the "Group assignment key" field to have this client being put into this group.
NoTouch endpoints send certain pieces of hardware and environment information to NoTouch Center, so-called "status values". Examples of status values are network configuration items like IP address or MAC address, as well as DMI-BIOS information like System Product name. These status values can be used for autoassign. Potential uses are (not limited to) autoassign based on:
How does this work?
The only exception to the regex matching is the "Network address/Subnet mask" parameter. It will be matched using classic subnet rules:
A . (dot) matches any character, but just one. If you add the * (asterisk) quantifier, it will match zero or more. If you however use the + (plus) quantifier, it will match a character one or more times. The ? (question mark) quantifier matches once or zero times. A character class can be defined with , e.g. [a-z] means only a lowercase letter would match. Again, add a quantifier to denote if more of them should be allowed to match. A simple "or" can be expressed with | (pipe symbol). The ^ means start of line, the $ denotes end of line. We do not make use of any group capturing, just in case you stumble upon these while researching regular expressions.
Note for all the DOS/Windows/Shell guys: Keep in mind that the well-known Windows * wildcard alone does not mean anything in regular expressions. The correct equivalent would be .* (dot asterisk without a space in between)
More on regular expressions:
As if the aforementioned mechanisms weren't flexible enough, NoTouch Center still offers more customization potential:
There are more status values than the ones that have corresponding pattern parameters. Should you really want to evaluate such status values for auto-assign, you can add up to three such values. The parameters "User-defined status value: pattern 1" to 3 allow to store both the database name of the status value and the pattern used to match against the actual value, separated by colon (:).
For example, NoTouch Clients send detailed CPU information in the CPUINFO_MODEL status value. Say, you want to match VIA CPUs, you may use this for one of the user-defined parameters:
We suggest to look into the STATUSVALUE database table to see what values your clients deliver and decide accordingly.
A valid expression would be:
LOCATION || (VIDEOPCI && SYSPROD)
This would mean that either the location field, or the Video-PCI-IDs and the System Product value together would result in a positive match.
These are the usable values:
Taking the customizing even further, you can supply your own auto-assign functionality with a script using the Scripting interface. You may place a script named "autoassign" into the NoTouch Center script folder. If no auto-assign happens because of the parameters, then the script will be called.
NoTouch Center supplies all of the client's mac address in a variable named "id". The script can parse it and make a decision on where to put the device. NoTouch Center expects the script to set a variable named "result" that contains the "COID" value of the target group (from the CONFIGOBJECT database table).
NoTouch Center (from 4.2.195 on) allows you to assign clients to groups based on their MAC addresses via a pre-supplied text file. For instance, you can use this to export MAC addresses and target groups from an asset management database, if you don't want to use the scripting feature for this. An additional feature of this method is to set the host name and arbitrary other client based parameters.
You can supply a file named
assign-predef.txt in the
etc/ directory of your NTC installation. The file should be in CSV format, with one line describing one client. The format is
mac-address,target group,host name,further parameter 1, further parameter 2,...
The fields in detail are:
SYS_USER=Frank Johnsonwould be a valid entry. Since this format makes special use of the , and = characters, you must escape them if you want to use them.
&#CO#refers to a comma,
&#CO#to an equals sign. Thus,
SYS_USER=Frank Johnson&#CO# CEOwould lead to the parameter being set to
Frank Johnson, CEO.
Consider the following case: If a host with the MAC address of 00:0c:29:6e:48:b0 connects, it should be placed in the group id 8 and its name should be set to "franktc". Furthermore we'd like to set the system owner description parameter to "Frank Fox, Tester". This would be accomplished by the following line in the predefine file:
00:0c:29:6e:48:b0,id:8,franktc,SYS_USER=Frank Fox&#CO# Tester