Reporting

Overall the reporting is quite good. Within the main Specops Command window a quick summary is presented for the selected GPO. A detailed feedback option lets you see a list of script success failure/details on a target by target basis. If a client does not run a script, nothing is reported so it can be difficult to see what targets have not run a script and/or why. In this scenario, it would be nice to see a list of targets that meet the criteria even if they have not processed the script. That said the details reported by the clients who do respond are quite good. Finally, a web based reporting feature is also provided (see image below).

I was hopeful to see some generic result reporting such as the recording of standard-out, but the reporting results in the web interface are also limited to success and failure details. However, you can take further advantage of the web reporting via a custom cmdlet available from Specops called Send-Feedback. You simply include the cmdlet in your GPO and pipe any response you want reported to it. For example:

get-process | Send-Feedback

The above results in a full list of processes being included in the "Feedback" field of the deployment record which is visible via "Detailed Feedback" or web reports. There was an issue with the default installation of the Specops Cmdlets which is known and being addressed by Specops now. Support provided me the procedure to register them manually and what many will consider to be the most valuable feature of Specops Command came to light: The dynamic installation of custom cmdlets (or snap-ins).

PowerShell contains dozens of powerful cmdlets which are commands to be used in your writing of scripts. They are written in verb/noun format, such as Get-Date or Set-Variable. PowerShell is very extensible in that you can write your own custom cmdlets and use them just as you would those built in to PowerShell. The problem is that the cmdlets must be installed and registered on any system where they are to be executed which adds another level of complexity to PowerShell. Specops does a great job of addressing this PowerShell headache: when you view your code in the main Specops Command display (either by typing it directly in the window or importing a file) any unknown cmdlets are colored in red. This indicates the custom cmdlet is not accounted for in the script assignment. Once the custom cmdlet is registered on the Specops Server, the custom cmdlet in the code is colored in green. This indicates it has been accounted for. Click here for a screen shot. Once a custom cmdlet is locally registered, simply using it causes Specops to include the cmdlet in the deployment with no need for you to do anything at all.

It should also be noted that Specops Command itself is ready to be automated thanks to several cmdlets included in the distribution: http://www.specopssoft.com/wiki/index.php/Specopscommand/PowerShellCmdlets

Licensing

The trial is good for 20 days and unlimited number of seats. Until you disable it, a regular warning is presented during use to warn you of the features that will stop working when the trial period is complete. It warns that the following features will stop working when it reverts to free mode:

• Undo script

• Targeting

• Scheduling

• Feedback

• Automatic PowerShell cmdlet installation

• Script signing

• VBScript language support

This would seem to be about all the features, but if you look closely, even free gets you more than Group Policy alone: in particular, you can run scripts without requiring a logon or restart event and credential elevation is still possible for user scripts.

As you may expect, Specops Command is licensed on a per seat basis. The price per seat starts at $20 for between 1-100 computers and goes down from there. Support & Software maintenance is combined (roughly 17-20% of the license cost).

Summary

It does still feel like a product in its early days, and this is as much fact as it is opinion; the version number appears to follow the more mature Specops Deploy product-- despite a version three branding on the installation, it is a version one release. Below is a quick list of both positive and negative observations I made during my review process. It should be noted that most of what I saw as a problem, can be addressed with the use of some custom cmdlets. Specops Command does a good job of leveraging the technology of Specops Deploy to serve a growing niche of administrators who want to get their PowerShell scripts out with out worrying about cmdlet distribution.

Bob Kelly
2/28/2008
AppDeploySM

[Page 4 of 4]     1 | 2 | 3 | 4