We have over a thousand Mac clients, and occassionally issue changes that affect many or all of them (such as installing new software, creating local user accounts, or applying updates). I want to know what methods you use to know that your clients are up-to-date, at a glance, for we find that when some machines miss an update, it reflects rather poorly on us :)
Issuing Changes: I'm referring to using a system that push out changes, such as Casper, Puppet, radmind, Apple Remote Desktop, or even a hacked-together ssh-empowered expect
script.
As for "at-a-glance", there are two primary places where I'd be glancing (especially if the information wasn't really obvious from the system that issued the changes):
- walking into a computer lab and looking at the screens (even from a distance)
- scanning a lab via Apple Remote Desktop and looking at the four custom fields.
It occurs to me that a simple change would be to change the login screen background, or to change the text on the login window. What might be even more powerful would be a way to take the standard desktop background and make an annotated copy (perhaps with some dots or text on it, to represent changes it has undergone). [Does anyone know how to do this, or should I ask it as a separate question, either here or on stackoverflow?]
The other simple change is to set one of the four ARD fields, like so:
defaults write /Library/Preferences/com.apple.RemoteDesktop Text4 "`date +%Y-%m-%d`"
So, what do you do to know that your clients are up to date (or, alternatively, what would you like to do if you knew how to do it?)
I'm not sure if this is exactly what you were thinking of, but I may as well share it non-the-less.
If it were possible to tell whether or not a machine was up-to-date by running a terminal command on the system, you could write your own custom Nagios plugin to automate the checks. This would involve having an SSH key on each system to allow nagios to log in as an un-privillaged user and run the check command.
One very simple way I could see of doing this would be to have your updates always leave behind some sort of string in a pre-defined place. Then have a file on the Nagios server with the "latest" string. The plugin would then just have to check the flag on the machine against the "latest" flag on the Nagios server. You could then watch the updates propagate on Nagios, and quickly see what machines are and are not up to date.
If you wanted to avoid lots of error messages when the machines are off-line you could have the plugin return a warning rather than an error when it fails to connect, and set the notifications for the check not to trigger on a warning state, only on a fail state. Perhaps even more simply you could turn the check on and off from within the Nagios GUI as and when you need to do a check rather than contstantly leaving it running.
Food for thought perhaps.
You can get app versions from command line with this
Although not every app uses that identifier in the info.plist file
When you already have an image on your computer you that you want to use for the background, this script will set it and inform the login window to reload and display the image (if no one is graphically logged in).