PMC Supporting PowerShell Scripts

There are three PowerShell scripts that are supplied with PMC to support your installation. The use of these is optional:

  • DeactivateDuplicateAgents.ps1
  • DeactivateNonActiveAgents.ps1
  • NodeDiagnosticsLogsDownload
For more information, please see the following:

Deactivate Duplicate Agents

The script to deactivate agents with multiple hostnames is called DeactivateDuplicateAgents.ps1 and is supplied by BeyondTrust in the PowerShell folder.

Description

The script returns a list of agents that it has identified as duplicates. In each set of duplicate agents, the ones with the oldest timestamps are flagged for deactivation. These agents are immediately removed from PMC. The script pauses for five minutes before it deactivates the agents to ensure that other tasks aren't running. Lastly the script will confirm the number of agents that it has deactivated. On deactivation, the authorization status of the agent will change to Deactivated. You can view the authorization status of an agent in the Computer Details page in PMC.

This script accepts five parameters:

  • client_id: The Application ID that is below the Enable API key access check box in the Remove Access Settings page in PMC.
  • client_secret: The API Key in the PMCSettings page.
  • tenant_id: The GUID for Microsoft Azure authentication. For Windows Directory and LDAPS this is generated by the deployment tool; you should have already made a note of this.
  • cloudServiceDnsName: The PMC URL. Do not include https:// or the port when entering. For example, PMC.example.com.
  • platformApiPort: The port number the API uses. It is usually 8443.

You can run the script in PowerShell without the parameters and you'll be prompted for each one in turn, or you can build the full command line before pasting it into PowerShell.

.\DeactivateDuplicateAgents.ps1 -client_id "<client_id>" -client_secret "<client_secret>" -tenant_id "<tenant_id>" -cloudServiceDnsName "<cloudServiceDnsName>" -platformApiPort "<port number>"

For instructions on getting the tenant_id, please see Directory ID.

Deactivate Inactive Agents

The script to deactivate inactive agents is called DeactivateNonActiveAgents.ps1 and is supplied by BeyondTrust in the PowerShell folder.

Description

When running, the script states that it's retrieving a list of agents that have not connected for the defined number of days (inactiveDays) since a date and time. The date and time will be the date of the system minus the number set for inactiveDays. It then details how many agents have been identified and confirms that it will request to deactivate a specified number of agents. The script pauses for five minutes before it deactivates the agents to ensure that other tasks aren't running. The script will confirm the number of agents that it has deactivated. On deactivation, the Authorization Status of the agent will change to Deactivated. You can view the authorization status of an agent in the Computer Details page in PMC.

This script accepts six parameters:

  • client_id: The Application ID that is below the Enable API key access check box in the Remove Access Settings page in PMC.
  • client_secret: The API Key in the PMCSettings page.
  • tenant_id: The GUID for Microsoft Azure authentication. For Windows Directory and LDAPS this is generated by the deployment tool; you should have already made a note of this.
  • cloudServiceDnsName: The PMC URL. Do not include https:// or the port when entering. For example, PMC.example.com.
  • inactiveDays: The number of days the tenant has been inactive. The minimum is 15.
  • platformApiPort: The port number the API uses. It is usually 8443.

You can run the script in PowerShell without the parameters and you'll be prompted for each one in turn, or you can build the full command line before pasting it into PowerShell.

.\DeactivateNonActiveAgents.ps1 -client_id "<client_id>" -client_secret "<client_secret>" -tenant_id "<tenant_id>" -cloudServiceDnsName "<cloudServiceDnsName>" -inactiveDays "<inactiveDays>" -platformApiPort "<port number>"

For instructions on getting the tenant_id, please see Directory ID.