The Ivanti management agent for macOS provides a veritable plethora of tools that can be used by system administrators to get work done. One of the lesser known of these tools is the local scheduler or "ldscheduler." With ldscheduler, system administrators can schedule repeating tasks like generating custom inventory information or doing other system maintenance tasks without relying on the weight of the Ivanti core server's task scheduler.
In this series of articles, we will look at how to deploy a locally scheduled task from the core server. We will also take an exhaustive look at the many scheduling options ldscheuler provides.
Before we look at the details though, let's walk through a very basic scenario where we create a simple task, package it up,
and deploy it using Ivanti.
Creating a Simple Task
ldscheduler's task description format is very loosely based on Microsoft's task scheduler schema. However, it has been extended to fill the needs of our agent. The most basic elements of a scheduler task are triggers and actions. Actions tell the scheduler what to do and triggers tell the scheduler when to do it.
A simple task would look something like this:
This task will pop up a dialog telling your users you care 10 seconds after the task is read into the local scheduler. Lines 7 - 10 establish a Time trigger with a Delay option. The Delay option uses ISO 8601 formatted duration notation. This delay is approximate depending on when the task is actually loaded into the scheduler and the processing load on the device.
Lines 12 - 17 define the action that is being scheduled. The "Command" tag takes a single shell command. This is not run through bash so things like the '~' and stream redirection will not work. The Context tag on line 15 tells the scheduler that this task should be run unprivileged as the current user. I will talk about other Context values in a future post.
Deploying the Task
To get a task into the scheduler, we need to get the XML file into the "/Library/Application Support/LANDesk/scheduler" directory. There are many ways to do this but the preferred way is to create a simple macOS package and deploy it as a software distribution task.
Creating a package on a Mac is simple. There are some GUI tools out there that you can use but for something this small, I would just use the 'pkgbuild' command line tool. First, make a directory.
mkdir task
The name of the directory does not matter but you need to have the .xml task file in a directory by itself. Let's assume I have copied the above .xml into a file called message.xml and saved it into a directory called task. I can now create a package using this command line:
pkgbuild --root task \
--install-location "/Library/Application Support/LANDesk/scheduler" \
message.pkg \
--identifier com.ivanti.message
This will create a message.pkg file that can be installed on Macs. Running this installer will put the files that were in the "task" directory into "/Library/Application Support/LANDesk/scheduler". If you go ahead and open this file by double clicking on it, about 10 seconds after the install completes, a reassuring dialog box will pop up on your screen. Copy this file to a directory on your core server from which you distribute software. Now you can create an Ivanti software distribution package from the .pkg file and schedule it to be deployed to Macs owned by users who feel under-appreciated.
This article has covered the basic process of creating and deploying a simple local task to the Ivanti Mac local scheduler. In future articles, I will give in-depth descriptions of the various triggers, filters, and execution options available to system administrators.
