ITarian Help

Find the desired product help

IT Endpoint Manager

IT Endpoint Manager

Endpoint Manager Administrator Guide 6.43

English

Print Help Download Help
Configuration Templates > Manage Procedures > Create A Custom Procedure
  • Introduction To Endpoint Manager
    • Key Concepts
    • Best Practices
    • Quick Start
    • Sign Up For An ITarian Account
    • Login Into The Admin Console
  • The Admin Console
  • The Dashboard
  • Devices And Device Groups
    • Manage Device Groups
      • Create Device Groups
      • Edit A Device Group
      • Assign Configuration Profiles To A Device Group
      • Remove A Device Group
      • Run Procedures On Customer Groups
    • Manage Devices
      • Add New Devices
      • Manage Windows Devices
        • View And Edit Device Name
        • View Summary Information
        • View Hardware Information
        • View Network Information
        • View Maintenance Windows Associated With Device
        • View And Manage Profiles Associated With A Device
        • View And Manage Applications Installed On A Device
        • View The Files On A Device
        • View Exported Configurations And Import Profiles
        • View MSI Files Installed On A Device Through Endpoint Manager
        • View And Manage Patches For Windows And 3rd Party Applications
        • View Antivirus Scan History
        • View And Manage Device Group Memberships
        • View Device Logs
      • Manage Mac OS Devices
        • View And Edit Mac OS Device Name
        • Summary Information Of Mac Device
        • View Installed Applications
        • View Quarantined Files
        • View And Manage Profiles Associated With A Device
        • View Mac OS Packages Installed On A Device Through Endpoint Manager
        • View And Manage Device Group Memberships
        • View Mac Device Logs
      • Manage Linux Devices
        • View And Edit Linux Device Name
        • Summary Information Of Linux Device
        • View Network Information Of A Linux Device
        • View And Manage Profiles Associated With A Linux Device
        • View Linux Packages Installed On A Device Through Endpoint Manager
        • View And Manage Device Group Memberships
      • Manage Android Devices
        • View And Edit Device Name
        • View Summary Information
        • Manage Installed Applications
        • View And Manage Profiles Associated With A Device
        • View Sneak Peek Pictures To Locate Lost Devices
        • View The Location Of The Device
        • View And Manage Device Group Memberships
      • Manage IOS Devices
        • View Summary Information Of An IOS Device
        • View And Edit Device Name Of An IOS Device
        • View Applications Installed On An IOS Device
        • View And Manage Profiles Associated With An IOS Device
        • View The Location Of An IOS Device
        • View And Manage Group Memberships Of An IOS Device
      • View User Information
      • Remove A Device
      • Remote Management Of Windows And Mac OS Devices
        • Transfer Items To / From The Remote Computer
      • Remotely Manage Folders And Files On Windows Devices
      • Manage Processes On Remote Windows Devices
      • Manage Services On Remote Windows Devices
      • Use The Command Prompt On Remote Windows Devices
      • Apply Procedures To Windows And Mac Devices
      • Remotely Install And Manage Packages On Windows Devices
      • Remotely Install Packages On Mac OS Devices
      • Remotely Install Packages On Linux Devices
      • Send Enrollment Link To IOS Devices
      • Install Apps On Android/iOS Devices
      • Generate An Alarm On Android Devices
      • Remotely Lock Mobile And Mac OS Devices
      • Wipe Selected Mobile And Mac Devices
      • Assign Configuration Profiles To Selected Devices
      • Set / Reset Screen Lock Password For Mobile Devices
      • Update Device Information
      • Send Text Messages To Mobile Devices
      • Restart Selected Windows Devices
      • Shutdown Windows Devices
      • Wake Offline Device
      • Change A Devices Owner
      • Change The Ownership Status Of A Device
      • Add Custom Notes And Tags On Devices
      • Generate Device List Report
    • Bulk Enrollment Of Devices
      • Enroll Windows, Mac OS And Linux Devices By Installing The Communication Client
        • Enroll Windows Devices Via AD Group Policy
        • Enroll Windows, Mac OS And Linux Devices By Offline Installation Of Agent
        • Enroll Windows Devices Using Auto Discovery And Deployment Tool
      • Enroll The Android And IOS Devices Of AD Users
    • Download And Install The Remote Control Tool
  • Users And User Groups
    • Manage Users
      • Create New User Accounts
        • Manually Add Users
        • Import Users From A CSV File
      • Enroll User Devices For Management
        • Enroll Android Devices
        • Enroll IOS Devices
        • Enroll Windows Endpoints
        • Enroll Mac OS Endpoints
        • Enroll Linux OS Endpoints
      • View User Details
        • Update The Details Of A User
      • Assign Configuration Profiles To User Devices
      • Remove A User
      • Generate New Password For A User
      • Reset Two Factor Authentication Token For A User
      • Run Procedures On User Devices
    • Manage User Groups
      • Create A New User Group
      • Edit A User Group
      • Assign Configuration Profiles To A User Group
      • Remove A User Group
      • Run Procedures On Group Devices
    • Configure Role Based Access Control For Users
      • Create A New Role
      • Manage Permissions And Users Assigned To A Role
      • Remove A Role
      • Manage Roles Assigned To A User
  • Configuration Templates
    • Create Configuration Profiles
      • Profiles For Android Devices
      • Profiles For IOS Devices
      • Profiles For Windows Devices
        • Create Windows Profiles
          • Associated Devices Settings
          • Remote Control Settings
          • Client Access Control
          • Client Proxy Settings
          • Communication Client Update Settings
          • Client UI Settings
          • Remote Tools Settings
          • Monitors
          • Procedure Settings
          • Patch Management Settings
          • Maintenance Window Settings
          • Global Proxy Settings
          • Communication Client Rebranding
          • Client Logging Settings
          • Antivirus Settings
          • Firewall Settings
          • HIPS Settings
          • File Rating Settings
          • Containment Settings
          • VirusScope Settings
          • Xcitium Verdict Cloud
          • Agent Discovery Settings
          • External Devices Control Settings
          • Miscellaneous Settings
          • Script Analysis Settings
          • Data Loss Prevention Settings
          • Xcitium Client Security Access Control
          • XCS Updates
          • Xcitium Client Security UI Settings
          • XCS Logging Settings
          • Thumbnails Settings
          • Performance Settings
          • Chat Settings
        • Import Windows Profiles
      • Profiles For Mac OS Devices
        • Create A Mac OS Profile
          • Antivirus Settings For Mac OS Profile
          • Certificate Settings For Mac OS Profile
          • Restrictions Settings For Mac OS Profile
          • VPN Settings For Mac OS Profile
          • Wi-Fi Settings For Mac OS Profile
          • Remote Control Settings For Mac OS Profile
          • External Device Control Settings For Mac OS Profile
          • Valkyrie Settings For MacOS Profile
          • Procedure Settings For Mac Profiles
          • Monitor Settings For Mac OS Profile
      • Profiles For Linux Devices
        • Create A Linux Profile
          • Antivirus Settings For Linux Profile
          • Communication Client And Comodo Client - Security Application Update Settings For Linux Profile
          • User Interface Settings For Linux Profile
          • Logging Settings For Linux Profile
          • Clients Access Control Settings For Linux Profile
          • Valkyrie Settings For Linux Profile
    • View And Manage Profiles
      • Export And Import Configuration Profiles
      • Clone A Profile
    • Edit Configuration Profiles
    • Manage Default Profiles
    • Manage Alerts
      • Create A New Alert
      • Edit / Delete An Alert
    • Manage Procedures
      • View And Manage Procedures
      • Create A Custom Procedure
      • Combine Procedures To Build Broader Procedures
      • Review / Approve / Decline New Procedures
      • Add A Procedure To A Profile / Procedure Schedules
      • Import / Export / Clone Procedures
      • Change Alert Settings
      • Apply Procedures To Devices
      • Edit / Delete Procedures
      • View Procedure Results
    • Manage Monitors
      • Create Monitors And Add Them To Profiles
        • Monitors For Windows Devices
        • Monitors For Mac OS Devices
      • View And Edit Monitors
    • Data Loss Prevention Rules
      • Create DLP Discovery Rules And Add Them To Profiles
      • View And Edit DLP Discovery Rules
      • Create DLP Monitoring Rules And Add Them To Profiles
      • View And Edit DLP Monitoring Rules
  • Security Systems
    • Security Dashboards
      • View Security Events By Time
      • View Security Events By Files
      • View Security Events By Device
    • View Contained Applications
    • Manage File Trust Ratings On Windows Devices
      • File Ratings Explained
    • View List Of Valkyrie Analyzed Files
    • Antivirus And File Rating Scans
      • Run Antivirus And/or File Rating Scans On Devices
      • Handle Malware On Scanned Devices
      • Update Virus Signature Database On Windows, Mac OS And Linux Devices
    • View And Manage Identified Malware
    • View And Manage Quarantined Items
    • View Android Threat History
    • View And Manage Autorun Items
    • View History Of External Device Connection Attempts
    • Data Loss Prevention Scans
      • DLP Logs
      • DLP Quarantined Files
  • Network Management
    • Create And Run Network Discovery Tasks
    • Manage Profiles For Network SNMP Devices
    • Manage Network Devices
      • Manage SNMP Devices
        • SNMP Device Details Interface
      • Discovered Devices
    • Manage Network Monitors
  • Application Store
    • IOS Apps
      • Add IOS Apps And Install Them On Devices
      • Manage IOS Apps
    • Android Apps
      • Add Android Apps And Install Them On Devices
      • Manage Android Apps
    • Windows Apps
      • Install Windows Apps On Devices
  • Applications
    • View Applications Installed On Android And IOS Devices
      • Blacklist And Whitelist Applications
    • Patch Management
      • Manage OS Patches On Windows Endpoints
      • Install 3rd Party Application Patches On Windows Endpoints
        • EM Supported 3rd Party Applications
    • View And Manage Applications Installed On Windows Devices
      • Uninstall A Windows Application From Selected Devices
      • Uninstall A Windows Application From All Devices
    • Vulnerability Management
  • License Management
    • Manage Your Licenses
    • Manage License Allocation
    • Bill Forecast
  • Configure Endpoint Manager
    • Email Notifications, Templates And Custom Variables
      • Configure Email Templates
      • Configure Email Notifications
      • Create And Manage Custom Variables
      • Create And Manage Registry Groups
      • Create And Manage COM Groups
      • Create And Manage File Groups
      • View And Manage Pattern Variables
      • View And Manage Keyword Groups
    • Endpoint Manager Portal Configuration
      • Import User Groups From LDAP
      • Configure Communication And Security Client Settings
        • Configure The EM Android Client
          • Configure Android Client General Settings
          • Configure Android Client Antivirus Settings
          • Add Google Cloud Messaging (GCM) Token
        • Add Apple Push Notification Certificate
        • Configure Windows Clients
          • Configure Communication Client Settings
          • Configure Client Security Settings
      • Manage Endpoint Manager Extensions
      • Configure Endpoint Manager Reports
      • Device Removal Settings
      • Account Security Settings
      • Set-up Administrators Time Zone And Language
      • Configure Audit Log Settings
    • Integrate Apple DEP With Endpoint Manager
      • Link Endpoint Manager With Apple DEP
      • Manage Apple DEP Devices
      • Manage Apple DEP Profiles
      • Configure Apple DEP Notifications
    • View Version And Support Information
  • Appendix 1a - Endpoint Manager Services - IP Nos, Host Names And Port Details - EU Customers
  • Appendix 1b - Endpoint Manager Services - IP Nos, Host Names And Port Details - US Customers
  • Appendix 2 – Endpoint Manager License Types
  • Appendix 3 - Pre-configured Profiles
  • About ITarian

Create a Custom Procedure

 

Endpoint Manager lets you create custom script/patch procedures to achieve specific tasks. Click the following links to find out more:

  • Create a custom Windows / Mac OS script procedure
  • Create a custom Windows patch procedure 
    • Create a custom Windows 3rd Party application patch procedure

    Create a custom Windows / Mac OS script procedure

    • Click 'Configuration Templates' > 'Procedures' > 'Create' > 'Create Windows Script Procedure' or ‘Create macOS Script Procedure’




    The process to create script procedure for Windows and Mac OS is the same. Windows script procedure creation is explained below.




    • Procedure name - Create a label which describes the purpose of the procedure.
    • Description - Add background comments and notes about the procedure.
    • Folder - Specify where it should be saved

    Click ‘Create.’

    • You are taken to the procedure configuration screen:



    • Click 'Edit' to modify the basic settings:



     
    • Default Alert - You can view the settings of the default alert in 'Configuration Templates' > 'Alerts'. You can create custom alert settings if required from this interface. Make sure the alert is active to receive notifications.
    • Click 'Save' to apply your settings.
    • Click the 'View Procedure' tab followed by 'Edit' to define a Python script for your procedure. The built-in text editor lets you to compose your script:



    • You can include variables whose values are populated when the procedure runs:
    • To define variable parameters in the script:
    • Click the 'View Procedure' tab followed by 'Edit'
    • In the text editor, type the parameter name and enter the value as itsm.getParameter('parameter name'). Examples:
    • Age = itsm.getParameter('age')
    • Year = itsm.getParameter('year')
    • The variables will become available in the 'Parameters' tab. You can define the type, label and default values for them. An example is shown below:

     

    Configure the following for each parameter:

    • Type - Choose the category of variable. The supported types are:
    • Integer
    • Double
    • String
    • List
    • EM Label - Enter a name for the variable
    • Default Value – Enter a value for the parameter to be taken when no value is input during run-time
    • Click 'Save' to save the script.
    • After saving your script you need to approve it before it can be deployed in a profile.
    • You can create a schedule for a procedure when you add it to a profile. See Add a Procedure to a Profile / Procedure Schedules for more details.
    • The execution log will get populated after the procedure has successfully run on end-points. You can view the history of execution of this procedure at anytime by selecting this procedure from the Procedures interface and clicking the 'Execution Log' tab.
        • Note 1. ITarian runs a free script library at https://scripts.itarian.com/ which contains Python scripts covering a wide range of tasks. Feel free to try any script that fits your needs. You can also use this site to request a new script for a particular task you think will be useful. You can contribute your own scripts to the MSP forum at https://forum.itarian.com/forum/script-library
          • Note 2. You can also use the Import and Clone features if you wish to create a new procedure using an existing procedure as a starting point

          Create a custom Windows patch procedure


          Windows only.

          • Click 'Configuration Templates' > 'Procedures' > 'Create' > 'Create Patch Procedure'




          • Enter a name and description and specify the folder where it should be saved. If required, you can create new sub-folders under 'My Procedures' in the 'Procedures' area.
          • Click ‘Create’ to open the configuration screen.


           

          Procedure Configuration




          • To configure patch options for your procedure, click the 'Execution Options' tab followed by the 'Edit' button. You can select the Microsoft software updates required for the procedure from the options.




          • Click the link 'Read the definitions from Microsoft website' link to view patch details
          • Choose which types of patch the procedure should install and click 'Save'
          • Click the 'Restart Control' tab followed by the 'Edit' button to configure restart options for the endpoint after the procedure has run successfully.



          • You can choose to:
          • Continue the operation of the endpoint without restart by selecting 'Suppress the reboot'
            • Force restart the endpoint a certain period of time after the procedure has completed.

              OR

              • Display a warning to the user and let them postpone the restart. Type a message for the user if you choose this option.
              • The 'Schedule' tab will be auto-populated once you add the procedure to a configuration profile and schedule its execution. See Add a Procedure to a Profile / Procedure Schedules for more details.
              • The 'Execution Log' will be auto-populated after the procedure has been successful executed as part of a profile. You can view a history of executions at anytime by selecting this procedure in the 'Procedures' interface and clicking the 'Execution Log' tab.
              • After saving, your patch procedure will be automatically approved, added to the 'Procedures' list and can be deployed in a profile.

              Important Note:Patches that are hidden by administrators will not be executed. See 'Manage OS Patches on Windows Endpoints' for more details.

              Create a custom 3rdparty patch procedure

              • Click 'Configuration Templates' > 'Procedures' > 'Create' > 'Create Windows 3rd Party Patch Procedure'




              • Enter a name and description for your procedure and specify the folder in which you want to save it.
              • Click ‘Create’ to open the procedure configuration screen:




              • To configure patch options for your procedure, click the 'Execution Options' tab followed by the 'Edit' button. You can select the applications to be updated from the options.



              • Select 3rd party software to update – Allows you to choose whether all upgradable applications identified at the endpoint to be updated or only specific application(s) is/are to be updated.
              • Update all applications - Select this option if you want all outdated applications in the endpoint to be updated on running the procedure
              • Update only the selected applications - Select this option if you want only specified applications are to be updated on the endpoint, then specify the applications to be updated.
              • Start entering the first few characters of the application. The upgradable applications identified from all managed endpoints and matching the search criteria will be displayed as options
              • Select the application from the list



              • Click 'Save'
              • Click the 'Restart Control' tab followed by the 'Edit' button to configure restart options for the endpoint after the procedure has run successfully.



              • You can choose to:
              • Continue the operation of the endpoint without restart by selecting 'Suppress the reboot'
              • Force restart the endpoint a certain period of time after the procedure has completed.

              OR

              • Display a warning to the user and let them postpone the restart. Type a message for the user if you choose this option.
              • The 'Schedule' tab will be auto-populated once you add the procedure to a configuration profile and schedule its execution. See Add a Procedure to a Profile / Procedure Schedules for more details.
              • The 'Execution Log' will be auto-populated after the procedure has been successful executed as part of a profile. You can view a history of executions at anytime by selecting this procedure in the 'Procedures' interface and clicking the 'Execution Log' tab.
              • After saving, your patch procedure will be automatically approved, added to the 'Procedures' list and can be deployed in a profile.
                Comodo Help
                • IT Platform:
                • Help
                • Scripts
                • Wiki
                • Forum
                • Developer
                • RMM
                • Patch Management
                • Service Desk
                • ITSM
                • Managed Service Provider
                • Managed Detection and Response
                • Ticketing System
                • Helpdesk
                • ITIL

                Copyright 2025 Itarian