Tasks

 

Tasks provide centralized control over some basic administrative processes that may be required to troubleshoot or correct problems identified through the MOM Console. The included tasks are all optional. You can run them manually for selected agent systems. These tasks are not triggered automatically by MOM.

These are the key functions that can be controlled by the tasks on agent systems:

  • Run scan engine updates

  • Retrieve scan engine update versions.

  • Control services centrally: stop, start, and restart them.

  • Set the Statistic Threshold Percentage

  • Trigger an immediate manual scan job.

  • Trigger a background scan (Forefront Security for Exchange Server only).

Scripts

All tasks execute scripts remotely on the selected agent systems. When you trigger a script-based task from the MOM 2005 Operator Console, it is scheduled to run on the agent systems.

All scripts are written in VBScript and are imported into MOM as part of the FFSMP installation. These scripts are called by tasks and rules.

Important

You should neither modify these scripts nor run them directly.

To successfully execute VBScript code, agent systems must support the Windows Scripting Host and Windows Management Instrumentation. These requirements are met by default on Microsoft Windows 2000 and Microsoft Windows Server 2003 operating system environments.

Script Parameters

Script parameters are variable values that control script functionality. Script parameters are passed to the script by the controlling task when it is initialized from the MOM Operator Console. All included scripts have at least one script parameter.

Most of the script parameters used in the tasks have been preset with the appropriate value. There are, however, some tasks for which you may need to set a script parameter when the task is executed. Specific parameters are discussed further in these sections: Client Console Tasks, Immediate Manual Scan Task, Background Scan Task, Services Control Tasks, Engine Update Tasks, and Retrieve Update Version Tasks.

Script Logging

When scripts are executed, they make entries in a log on the remote agent systems. These entries are simple text records describing each task that was executed and its result. The log file (Tasks.log) is automatically created in the MOMLogs subfolder under the Microsoft Forefront Security product installation folder. If the file already exists, new entries are appended to it.

This is the path for the Tasks.log file:

<Install Path>\MOMLogs\Tasks.log

Note

If the subfolder or the log file is deleted, it will be recreated automatically on the next log file WRITE action generated by a script.

Controlling Script Logging

Each scripting task has a parameter called TextLog that controls logging for that task. The default value for the TextLog parameter is True (that is, data should be logged). To disable logging of a particular task, set its TextLog parameter to False when you execute the task. However, since logging is non-verbose and can be very useful, we recommend that it remain enabled.

Running a Task

This is the procedure for running a task.

To run a task

  1. Locate the task in the Task hierarchy on the MOM 2005 Operator Console.

  2. Double-click the task. The Launch Task Wizard welcome dialog box appears.

  3. Click Next. The Script Task Parameters dialog box appears. Here, you will see each of the parameters that the script for the task accepts.

  4. Make any desired changes to the parameters by selecting a parameter and then clicking it (not a double click). However, most of them should not be changed (see the individual tasks to learn more about specific parameters).

  5. Click Next. The Task Targets dialog box appears.

  6. Select the computers that the task will run on, and then click Next. The Completing the Launch Wizard dialog box appears.

  7. Click Finish to submit the configured task.

Client Console Tasks

There are two Client Console tasks that can be launched from the MOM Console. One opens the Forefront Server Security Administrator Console and the other opens the Forefront Server Security Management Console (FSSMC).

  • The Forefront Administrator Task opens the local Forefront Server Security Administrator client.

    Note

    This requires the Forefront Server Security Administrator to be installed on the system where the MOM Operator Console is running.

    This Task launches FSSAClient.exe from a command line on a pre-configured path.

  • The Forefront Enterprise Management Console Task launches a local web browser and, by default, navigates to https://localhost/FFSMConsole in order to open the Management Console. If the FSSMC is not installed on the local host, you must modify the Task to point to the proper URL.

Set Statistic Threshold Percentage

Allows you to set the percentage of infected messages received within the last hour to designate a virus outbreak in your organization. The default is 50%. (That is, if more than 50% of the messages received in the last hour were infected, it is considered a virus outbreak and an error event is generated.) By running this task, you can change the percentage.

The script for this task accepts two parameters:

  • Threshold. A number representing the percentage of infected messages received within the last hour to designate a virus outbreak. Possible values are 0 to 100; the default is 50.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling Script Logging.

Immediate Manual Scan Task

Use the Immediate Manual Scan task to trigger an immediate manual scan job on the agent systems.

The script for this task accepts a single parameter:

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling Script Logging.

Background Scan Task (Forefront Security for Exchange Server only)

The Background Scan task triggers a background scan job on the agent systems to scan mailboxes and public folders. The job starts in approximately one minute from the time the task is launched.

The script for this task accepts two parameters:

  • ScanID. The value ‘43’ identifies the job as a background scan. You should not change this parameter.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling Script Logging.

Services Control Tasks

The Services Control tasks control Forefront Security and related services.

The tasks are:

  • Restart All. A combination of the Stop All and Start All Tasks.

    Note

    On some environments, services might not restart with the “Restart All” command. This could happen if the task takes over five minutes to stop and restart all of the services. If this occurs, simply use the “Stop All” and “Start All” tasks instead of “Restart All.”

  • Restart Essential. A combination of the Stop Essential and Start Essential Tasks.

  • Start All. Starts all Forefront- and Exchange- or SharePoint-related services. This is the reverse of the Stop All task.

  • Start Essential. This will start only the required Forefront services. This is the reverse of the Stop Essential task.

  • Stop All. This task will properly stop all Forefront- and Exchange- or SharePoint-related services, taking into account any service dependencies.

  • Stop Essential. This task will only stop those services required to stop Forefront. No Exchange or SharePoint services will be stopped.

    Note

    For systems with Forefront Security for SharePoint, IIS-related services are also affected with Start All and Stop All.

The script for these tasks accepts three parameters:

  • Function. Has the value Start, Stop, or Restart. You should not change this parameter.

  • Mode. Has the value 1 (Essential) or 2 (All). You should not change this parameter.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling Script Logging.

Engine Update Tasks

These tasks trigger scan engine updates on the agent systems. There is a separate update task for each of the scan engines (plus one for the Worm List in Forefront Security for Exchange Server systems). The script for these tasks accepts three parameters:

  • Engine. Identifies the engine to be updated. You should not change this parameter.

  • UpdatePath. Sets the engine update source path. The UpdatePath parameter is initially set to the default Microsoft HTTP update path. If you are not using that path for engine updates you must modify this parameter to reflect the correct one. Enter any valid HTTP or UNC path to an engine update source.

    Note

    If you change the path when you run one of the update tasks, it will temporarily override the default. To make a permanent change, you must edit each task that does not use the default and modify its path.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling Script Logging.

Retrieve Update Version Tasks

These tasks retrieve engine update versions for the scan engines on the agent systems. Each task retrieves and displays a scan engine’s Update Version as an event entry in the MOM Operator Console.

There is a separate task available for each of the scan engines (plus one for the Worm List in Forefront Security for Exchange Server systems). The script for these tasks accepts two parameters:

  • Engine. Identifies the engine. You should not change this parameter.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling Script Logging.

    Note

    The Forefront Security Retrieve Update Number script is also automatically triggered as a response to the “UpdateSuccessful” Event Rule. Therefore, when a scan engine is successfully updated, the new Update Version for that engine is automatically retrieved and written as an event to the MOM Operator console.