In this document, we will cover how to interact from the OS with advanced custom fields. This is a powerful tool for IT administrators to monitor and control almost anything with NinjaOne.
What tools NinjaOne offers for this purpose, and some examples.
How to Interact Between the OS and NinjaOne Custom Fields?
There are two ways, NinjaRMM-Cli and PowerShell.
1. NinjaRMM-Cli is a command line tool that can be used on the OS side along with the OS native scripting language (Batch, Bash, ShellScript, Powershell). This tool has specific commands for interacting with the custom fields.
The NinjaRMM-Cli tool is installed on an endpoint when the NinjaOne agent is installed on a Windows, Mac, or Linux endpoint.
Depending on the OS, the path for this executable file can be in the following folders.
- Windows: C:\ProgramData\NinjaRMMAgent\ninjarmm-cli.exe.
- Mac: /Applications/NinjaRMMAgent/programdata/ninjarmm-cli.
- Linux: /opt/NinjaRMMAgent/programdata/ninjarmm-cli.
NinjaRMM-Cli get is the command used to get or read a custom field value.
NinjaRMM-Cli set is the command used to assign a value to a custom field.
The syntax is ninjarmm-cli set value (set must be lowercase)
2. PowerShell, this tool used to be only for Windows, but now it’s also available for Mac and Linux.
The keys for interacting between the OS and NinjaOne using PowerShell are the Ninja-Property-Get and Ninja-Property-Set commands.
Ninja-Property-Get is NinjaOne’s PowerShell command to get or read a custom field value. The syntax is: Ninja-Property-Get fieldName.
Ninja-Property-Set is NinjaOne’s PowerShell command to set a custom field to a specific value. The syntax is: Ninja-Property-Set fieldName Value.
At the end of this document there´s a link to a more complete documentation about the use of NinjaRMM-Cli and PowerShell interaction with NinjaOne.
Strategies for Custom Fields
We are going to show two examples of how to use custom fields, both have the same objective, determine whether a device is domain joined or not. One example is using NinjaRMM-Cli, and the other is using PowerShell. We are going to create one checkbox role custom field called domainjoined, this will serve for both examples, the difference will be in the automations.
1. Create a Role Custom Field named domainjoined and map it to Windows Laptops, Windows Desktops and Windows servers.
a) Go to Administration, then Devices, then Role Custom Fields.
b) Click Add, then choose Field. A dialog box will appear.
c) Fill out the Label and Name. Label is Domain Joined; Name is domainjoined.
d) Choose the checkbox Field type.
e) Click Create.
f) Assign Permissions for Technicians as Read Only, permissions for Automations as Read/Write and Permissions for API as Read/Write.
g) Optionally fill out the description, ToolTip Text, footer text. You can also choose whether this Custom Field is required.
h) Click save. See below screenshot showing the Create Role Custom Field dialog box.
i) Go to Administration, then Devices, then Roles.
j) Hover the mouse over the Windows Server device role, the Edit button will appear at the right, click on it. A dialog box will appear.
k) Click Add. Select Field.
l) From the drop-down menu, select the Domain Joined custom field.
m)Click Save.
n) Repeat for the Windows Desktops and Windows Laptops roles.
2. Create a PowerShell automation named ChkIfDomainJoinedPS.
a) Go to Administration, then Library, then Automation.
b) Click Add, then choose New Script. The create script dialog box will appear.
c) Fill out the name field with this name: ChkIfDomainJoinedPS.
d) Optionally, fill out the description.
e) On Category, select the category of your preference.
f) On Language, select PowerShell.
g) On Operating System, select Windows.
h) On Architecture, select All.
i) Leave the Script Variables and Parameters fields empty.
j) On the left side, paste the following code.
if ((gwmi win32_computersystem).partofdomain -eq $true) {
Ninja-Property-Set fieldName 1
} else {
Ninja-Property-Set fieldName 0
}
k) Click Save. Enter your MFA method answer and then close.
3. Create a Batch automation named ChkIfDomainJoinedBatch.
a) Go to Administration, then Library, then Automation.
b) Click Add, then choose New Script. The create script dialog box will appear.
c) Fill out the name field with this name: ChkIfDomainJoinedBatch.
d) Optionally, fill out the description.
e) On Category, select the category of your preference.
f) On Language, select Batch.
g) On Operating System, select Windows.
h) On Architecture, select All.
i) Leave the Script Variables and Parameters fields empty.
j) On the left side, paste the following code:
@echo off
for /F “tokens=1*” %%G in (‘SYSTEMINFO ^| FIND /I “Domain:”‘) do set “sDomain=%%~H”
IF “%sDomain%”==”WORKGROUP” (
C:\ProgramData\NinjaRMMAgent\NinjaRMM-Cli set domainjoined 0
) ELSE (
C:\ProgramData\NinjaRMMAgent\NinjaRMM-Cli set domainjoined 1
)
k) Click Save. Enter your MFA method answer and then close.
Now, go to the Device Dashboard and choose any Windows desktop or Windows Laptop or Windows server. Check the state of the Domain Joined custom field, it should say No value. Run the ChkIfDomainJoinedPS script.
Then, choose any other Windows desktop or Windows Laptop or Windows server and repeat the previous procedure, but this time, run the ChkIfDomainJoinedBatch script.
After a few seconds, you can check the Domain Joined custom field on both devices, and the custom field state will be updated accordingly.
You can go further by creating a scheduled task and run it periodically on all your Windows devices to keep the status updated.