Problem: In our environment when a user connects to corporate WiFi or VPN, Desktop Support loses the ability to connect via the hostname. They need a way to quickly discover the machine’s IP without asking the user for it. The only solution I’ve found is to have a client agent such as SCCM or Ivanti Management Center harvest the IP via a forced heartbeat. Once harvested, it can be viewed from the console or a PowerShell command.
Our VPN client does not send a standard NLM event it so does not fire the “Network Connected” trigger in Environment Manager (link below). Since this is the case, I had to find a reliable way to detect when the network connects without using EM. We utilized Solution 2.
Solution 1: Use EM with a Network Connected trigger and session variables to perform an action.
Network Connected > Conditions > Environment > Session Variable
![]()
Add your required conditions and related actions under them
![]()
[Custom Action] – Choose what works best for your environment.
SCCM Heartbeat or MC poll now (examples below).
Deploy the config to your endpoints.
And that’s it for invoking a heartbeat! If I could have used EM, it would have saved me a ton of time.
**Note I assume the condition IsVirtual is for VPN clients. If not, there are plenty of other conditions that can be used when the trigger is fired assuming NLM events are properly sent.
Solution 2: Use a scheduled task to check against a network connected event and run a program/script.
A scheduled task needs to be created on endpoints to check against this Event ID:
Microsoft-Windows-NetworkProfile/Operational: 10000
The best way I’ve found to do this is to manually create a scheduled task and export it as an XML file, deploy all required files, and execute a script to import the scheduled task XML and copy the files on the endpoint.
[Create Scheduled Task]:
![]()
Trigger – Fires on Event ID10000:
![]()
![]()
Action – Execute heartbeat/poll now (examples below):
![]()
![]()
[Export to XML]:
![]()
[Create XML import script]
*There are multiple ways to do this. I used PowerShell.
[Deploy your 3 files with SCCM or your deployment software:]
![]()
---Script Examples---
XML Import/copy script:
$logpath="C:\LogsFolder"
$taskpath="C:\<somePath>\ScheduledTasks"
$scriptpath="C:\<somePath>\Scripts"
if (!(Test-Path$taskpath))
{
new-item-path$taskpath-ItemTypeDirectory-Force
}
Copy-Item"*.xml"$taskpath-Force
if (!(Test-Path$scriptpath))
{
new-item-path$scriptpath-ItemTypeDirectory–Force
}
Copy-Item"HeartBeatScript.PS1"$scriptpath-Force
Try
{
schtasks.exe/Create/XML"$taskpath\ScheduledTaskName.xml"--%/tn "ScheduledTaskName"
}
catch
{
$ErrorMessage=$_.Exception.Message
$FailedItem=$_.Exception.GetType().FullName
$message="$(Get-Date-Format "[MM/dd/yyyy] [HH:mm:ss]") Error - Failed to create task! $ErrorMessage$FailedItem"
Write-Output$message|Add-Content"$logpath\ScheduledTaskName.log"
}
Heartbeat/Poll Now script:
SCCM Heartbeat
PowerShell:
Invoke-WMIMethod-Namespaceroot\ccm-ClassSMS_CLIENT-NameTriggerSchedule"{00000000-0000-0000-0000-000000000003}"
Command Line:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000003}" /NOINTERACTIVE
Management Center Poll Now – I’m just restarting the service but there are several ways to force a poll now.
PowerShell:
Get-Service-Name'AppSense Client Communications Agent'|Restart-Service
Retrieval Method:
IPs can be viewed in the SCCM Console or Management console.
SCCM PowerShell example (SCCM console must be installed with proper rights on the machine running the retrieval script):
$loc=Get-Location
Import-Module (Join-Path $(Split-Path$env:SMS_ADMIN_UI_PATH) ConfigurationManager.psd1) # Import the ConfigurationManager.psd1 module
Set-Location'<SITECODE>:'# Set the current location to be the site code.
(Get-CMDevice-name'<SomeComputer>').ipaddresses
Management Center (MC Console must be installed with proper rights on the machine running the retrieval script):
$computername='COMPUTERNAME'
#----AppSense API module load and pre-config----#
# Load proxy DLL
Add-Type-Path"${Env:ProgramFiles}\AppSense\Management Center\Console\ManagementConsole.WebServices.dll"
# Management Server URL **Enter URL Here**
$url="http://SERVERNAME:7751/ManagementServer"
# Get NetworkCredential instance
$credentials=[System.Net.CredentialCache]::DefaultCredentials
$credential=$credentials.GetCredential($url,"Basic")
# Create connection to the Management Server
[ManagementConsole.WebServices]::Connect($url,$credential)
# Get DiscoveredMachinesWebService reference
$DiscoveredMachinesWebService=[ManagementConsole.WebServices]:: DiscoveredMachines
# Get MachinesWebService reference
$MachinesWebService=[ManagementConsole.WebServices]:: Machines
# Set up a Boolean to get the machines with or without summary
# machines with a summary detail the number of alerts counted
$withSummary=$true
# Get list of machines
$MachinesDataSet=$MachinesWebService.GetMachines($withSummary)
$Machines=$MachinesDataSet.Machines
#----End module load and pre-config----
$computer=$Machines|Where-Object { $_.netbiosname -eq$computername }
#foreach ($computer in $computers)
$guid=$computer.ObjectGuid.Guid
$key=$computer.MachineKey.Guid
$MachineDetails=$MachinesWebService.GetMachineDetails($key).MachineDetails #From Computer Details tab
$details=$MachineDetails|Where-Object { $_.Name -eq'IP Address' } |Select-Object-ExpandPropertyValue
$IPs= ($details-split',').trim()
$IPs
Notes:
SCCM Version 1806
Ivanti Management Center Version 2018.3
PowerShell Version 5.1
References:
https://blogs.technet.microsoft.com/charlesa_us/2015/03/07/triggering-configmgr-client-actions-with-wmic-without-pesky-right-click-tools/
https://community.ivanti.com/docs/DOC-71979
I feel full task scheduler access or Event ID triggers should be part of EM. Submitted a feature request for this:
https://ivanti.uservoice.com/forums/595681-user-workspace-manager-ideas/suggestions/36284809-windows-event-id-based-trigger-or-full-scheduled-t
As always, if there are any glaring mistakes or better options, please drop me a line.