Comodo Help
Find the desired product help
Endpoint Manager

Endpoint Manager

Endpoint Manager Administrator Guide 7.2

English

Print Help Download Help
Configuration Templates > Manage Procedures > Create A Custom Procedure
  • Introduction To Endpoint Manager
    • Key Concepts
    • Best Practices
    • Quick Start
    • Login Into The Admin Console
  • The Admin Console
  • The Dashboard
  • Devices And Device Groups
    • Manage Device Groups
      • Create Device Groups
      • Edit A Device Group
      • Assign Configuration Profiles To A Device Group
      • Remove A Device Group
      • Run Procedures On Customer Groups
    • Manage Devices
      • Add New Devices
      • Manage Windows Devices
        • View And Edit Device Name
        • View Summary Information
        • View Hardware Information
        • View Network Information
        • View Maintenance Windows Associated With Device
        • View And Manage Profiles Associated With A Device
        • View And Manage Applications Installed On A Device
        • View The Files On A Device
        • View Exported Configurations And Import Profiles
        • View MSI Files Installed On A Device Through Endpoint Manager
        • View And Manage Patches For Windows And 3rd Party Applications
        • View Antivirus Scan History
        • View And Manage Device Group Memberships
        • View Device Logs
      • Manage Mac OS Devices
        • View And Edit Mac OS Device Name
        • Summary Information Of Mac Device
        • View Installed Applications
        • View Quarantined Files On Mac OS Device
        • View And Manage Profiles Associated With A Device
        • View Packages Installed On A Device Through Endpoint Manager
        • View And Manage Device Group Memberships
        • View Mac Device Logs
      • Manage Linux Devices
        • View And Edit Linux Device Name
        • Summary Information Of Linux Device
        • View Network Information Of A Linux Device
        • View And Manage Profiles Associated With A Linux Device
        • View Linux Packages Installed On A Device Through Endpoint Manager
        • View And Manage Device Group Memberships
      • Manage Android Devices
        • View And Edit Device Name
        • View Summary Information
        • Manage Installed Applications
        • View And Manage Profiles Associated With A Device
        • View Sneak Peek Pictures To Locate Lost Devices
        • View The Location Of The Device
        • View And Manage Device Group Memberships
      • Manage IOS Devices
        • View And Edit Device Name Of An IOS Device
        • View Summary Information Of An IOS Device
        • View Applications Installed On An IOS Device
        • View And Manage Profiles Associated With An IOS Device
        • View The Location Of An IOS Device
        • View And Manage Group Memberships Of An IOS Device
      • View User Information
      • Remove A Device
      • Remote Management Of Windows And Mac OS Devices
        • Transfer Items To / From The Remote Computer
      • Remotely Manage Folders And Files On Windows Devices
      • Manage Processes On Remote Windows Devices
      • Manage Services On Remote Windows Devices
      • Use The Command Prompt On Remote Windows Devices
      • Apply Procedures To Windows And Mac Devices
      • Remotely Install And Manage Packages On Windows Devices
      • Remotely Install Packages On Mac OS Devices
      • Remotely Install Packages On Linux Devices
      • Send Enrollment Link To IOS Devices
      • Install Apps On Android/iOS Devices
      • Generate An Alarm On Android Devices
      • Remotely Lock Mobile And Mac OS Devices
      • Wipe Selected Mobile And Mac Devices
      • Assign Configuration Profiles To Selected Devices
      • Set / Reset Screen Lock Password For Mobile Devices
      • Update Device Information
      • Send Text Messages To Mobile Devices
      • Restart Selected Windows Devices
      • Shutdown Windows Devices
      • Wake Offline Device
      • Change A Devices Owner
      • Change The Ownership Status Of A Device
      • Add Custom Notes And Tags On Devices
      • Generate Device List Report
    • Bulk Enrollment Of Devices
      • Enroll Windows, Mac OS And Linux Devices By Installing The Communication Client
        • Enroll Windows Devices Via AD Group Policy
        • Enroll Windows, Mac OS And Linux Devices By Offline Installation Of Agent
        • Enroll Windows Devices Using Auto Discovery And Deployment Tool
      • Enroll The Android And IOS Devices Of AD Users
    • Download And Install The Remote Control Tool
  • Users And User Groups
    • Manage Users
      • Create New User Accounts
        • Manually Add Users
        • Import Users From A CSV File
      • Enroll User Devices For Management
        • Enroll Android Devices
        • Enroll IOS Devices
        • Enroll Windows Endpoints
        • Enroll Mac OS Endpoints
        • Enroll Linux OS Endpoints
      • View User Details
        • Update The Details Of A User
      • Assign Configuration Profiles To A Users Devices
      • Remove A User
      • Generate New Password For A User
      • Reset Two Factor Authentication Token For A User
      • Run Procedures On User Devices
    • Manage User Groups
      • Create A New User Group
      • Edit A User Group
      • Assign Configuration Profiles To A User Group
      • Remove A User Group
      • Run Procedures On Group Devices
    • Configure Role Based Access Control For Users
      • Create A New Role
      • Manage Permissions And Users Assigned To A Role
      • Remove A Role
      • Manage Roles Assigned To A User
  • Configuration Templates
    • Create Configuration Profiles
      • Profiles For Android Devices
      • Profiles For IOS Devices
      • Profiles For Windows Devices
        • Create Windows Profiles
          • Associated Devices Settings
          • Antivirus Settings
          • Communication Client And Xcitium Client - Security Application Update Settings
          • File Rating Settings
          • Firewall Settings
          • HIPS Settings
          • Containment Settings
          • Maintenance Window Settings
          • VirusScope Settings
          • Global Proxy Settings
          • Client Proxy Settings
          • Agent Discovery Settings
          • Communication Client And Xcitium Client - Security Application UI Settings
          • Logging Settings
          • Client Access Control
          • External Devices Control Settings
          • Monitors
          • Procedure Settings
          • Remote Control Settings
          • Remote Tools Settings
          • Miscellaneous Settings
          • Script Analysis Settings
          • Data Loss Prevention Settings
          • Patch Management Settings
          • Performance Settings
        • Import Windows Profiles
      • Profiles For Mac OS Devices
        • Create A Mac OS Profile
          • Antivirus Settings For Mac OS Profile
          • Certificate Settings For Mac OS Profile
          • Restrictions Settings For Mac OS Profile
          • VPN Settings For Mac OS Profile
          • Wi-Fi Settings For Mac OS Profile
          • Remote Control Settings For Mac OS Profile
          • External Device Control Settings For Mac OS Profile
          • Valkyrie Settings For MacOS Profile
          • Procedure Settings For Mac Profiles
          • Monitor Settings For Mac OS Profile
      • Profiles For Linux Devices
        • Create A Linux Profile
          • Antivirus Settings For Linux Profile
          • Communication Client And Comodo Client - Security Application Update Settings For Linux Profile
          • User Interface Settings For Linux Profile
          • Logging Settings For Linux Profile
          • Clients Access Control Settings For Linux Profile
          • Valkyrie Settings For Linux Profile
    • View And Manage Profiles
      • Export And Import Configuration Profiles
      • Clone A Profile
    • Edit Configuration Profiles
    • Manage Default Profiles
    • Manage Alerts
      • Create A New Alert
      • Edit / Delete An Alert
    • Manage Procedures
      • View And Manage Procedures
      • Create A Custom Procedure
      • Combine Procedures To Build Broader Procedures
      • Review / Approve / Decline New Procedures
      • Add A Procedure To A Profile / Procedure Schedules
      • Import / Export / Clone Procedures
      • Change Alert Settings
      • Apply Procedures To Devices
      • Edit / Delete Procedures
      • View Procedure Results
    • Manage Monitors
      • Create Monitors And Add Them To Profiles
        • Monitors For Windows Devices
        • Monitors For Mac OS Devices
      • View And Edit Monitors
    • Data Loss Prevention Rules
      • Create DLP Discovery Rules And Add Them To Profiles
      • View And Edit DLP Discovery Rules
      • Create DLP Monitoring Rules And Add Them To Profiles
      • View And Edit DLP Monitoring Rules
  • Security
    • Endpoint Security Status
      • Run Antivirus And/or File Rating Scans On Devices
      • Handle Malware On Scanned Devices
      • Update Virus Signature Database On Windows, Mac OS And Linux Devices
    • Security Events
      • View Security Events By Time
      • View Security Events By Files
      • View Security Events By Device
      • View Android Threat History
    • View And Manage Blocked Threats
    • View And Manage Quarantined Threats
    • View Contained Threats
    • HIPS Events
    • Firewall Events
    • View And Manage Autorun Alerts
    • Manage File Trust Ratings On Windows Devices
      • File Ratings Explained
    • View List Of File Verdicts
    • View History Of External Device Connection Attempts
    • Data Loss Prevention Scans
      • DLP Logs
      • DLP Quarantined Files
  • Network Management
    • Create And Run Network Discovery Tasks
    • Manage Profiles For Network SNMP Devices
    • Manage Network Devices
      • Manage SNMP Devices
        • SNMP Device Details Interface
      • Discovered Devices
    • Manage Network Monitors
  • Application Store
    • IOS Apps
      • Add IOS Apps And Install Them On Devices
      • Manage IOS Apps
    • Android Apps
      • Add Android Apps And Install Them On Devices
      • Manage Android Apps
    • Windows Apps
      • Install Windows Apps On Devices
  • Applications
    • View Applications Installed On Android And IOS Devices
      • Blacklist And Whitelist Applications
    • Patch Management
      • Manage OS Patches On Windows Endpoints
      • Install 3rd Party Application Patches On Windows Endpoints
        • EM Supported 3rd Party Applications
    • View And Manage Applications Installed On Windows Devices
      • Uninstall A Windows Application From Selected Devices
      • Uninstall A Windows Application From All Devices
    • Vulnerability Management
  • License Management
    • Manage Your Licenses
    • Manage License Allocation
    • Bill Forecast
  • Configure Endpoint Manager
    • Email Notifications, Templates And Custom Variables
      • Configure Email Templates
      • Configure Email Notifications
      • Create And Manage Custom Variables
      • Create And Manage Registry Groups
      • Create And Manage COM Groups
      • Create And Manage File Groups
      • View And Manage Pattern Variables
      • View And Manage Keyword Groups
    • Endpoint Manager Portal Configuration
      • Import User Groups From LDAP
      • Configure Communication And Security Client Settings
      • Configure The EM Android Client
        • Configure Android Client General Settings
        • Configure Android Client Antivirus Settings
      • Add Apple Push Notification Certificate
      • Configure Windows Clients
        • Configure Communication Client Settings
        • Configure Client Security Settings
      • Manage Endpoint Manager Extensions
      • Configure Endpoint Manager Reports
      • Device Removal Settings
      • Account Security Settings
      • Set-up Administrators Time Zone And Language
      • Configure Audit Log Settings
    • Integrate Apple Business Manager With Endpoint Manager
      • Link Endpoint Manager With Apple Business Manager
      • Manage Apple Business Manager Devices
      • Manage Apple Business Manager Profiles
      • Configure Apple Business Manager Notifications
    • View Version And Support Information
  • Appendix 1a - Endpoint Manager Services - IP Nos, Host Names And Port Details - EU Customers
  • Appendix 1b - Endpoint Manager Services - IP Nos, Host Names And Port Details - US Customers
  • Appendix 2 - Endpoint Manager License Types
  • Appendix 3 - Pre-configured Profiles
  • About Comodo Security Solutions

Create a Custom Procedure

 

Endpoint Manager lets you create custom script/patch procedures to achieve specific tasks. Click the following links to find out more:

  • Create a custom Windows / Mac OS script procedure
  • Create a custom Windows patch procedure
  • Create a custom Windows 3rd Party application patch procedure

Create a custom Windows / Mac OS script procedure

  • Click 'Configuration Templates' > 'Procedures' > 'Create' > 'Create Windows Script Procedure' or ‘Create macOS Script Procedure’




    The process to create script procedure for Windows and Mac OS is the same. Windows script procedure creation is explained below.



     

    • Procedure name - Create a label which describes the purpose of the procedure.
    • Description - Add background comments and notes about the procedure.
    • Folder - Specify where it should be saved

    Click ‘Create’.

    • You are taken to the procedure configuration screen:



    • Click 'Edit' to modify the basic settings:



     
    • Default Alert - You can view the settings of the default alert in 'Configuration Templates' > 'Alerts'. You can create custom alert settings if required from this interface. Make sure the alert is active to receive notifications.
      • Click 'Save' to apply your settings.
      • Click the 'View Procedure' tab followed by 'Edit' to define a Python script for your procedure. The built-in text editor lets you to compose your script:



      • You can include variable whose values are populated when the procedure runs.
      • To define variable parameters in the script:
      • Click the 'View Procedure' tab followed by 'Edit'
      • In the text editor, type the parameter name and enter the value as itsm.getParameter('parameter name'). Examples:
      • Age = itsm.getParameter('age')
      • Year = itsm.getParameter('year')
      • The variables will become available in the 'Parameters' tab. You can define the type, label and default values for them. An example is shown below:


      Configure the following for each parameter:

      • Type - Choose the category of variable. The supported types are:
      • Integer
      • Double
      • String
      • List
      • EM Label - Enter a name for the variable
      • Default Value – Enter a value for the parameter to be taken when no value is input during run-time
      • Click 'Save' to save the script.
      • After saving your script you need to approve it before it can be deployed in a profile.
      • You can create a schedule for a procedure when you add it to a profile. See Add a Procedure to a Profile / Procedure Schedules for more details.
      • The execution log will get populated after the procedure has successfully run on end-points. You can view the history of execution of this procedure at anytime by selecting this procedure from the Procedures interface and clicking the 'Execution Log' tab.

        • Note 1. Comodo runs a free script library at https://scripts.comodo.com/ which contains Python scripts covering a wide range of tasks. Feel free to try any script that fits your needs.  You can also use this site to request a new script for a particular task you think will be useful. You can contribute your own scripts to the MSP forum at https://forum.mspconsortium.com/forum/script-library.
        • Note 2. You can also use the Import and Clone features if you wish to create a new procedure using an existing procedure as a starting point

        Create a custom Windows patch procedure


        Windows only.

        • Click 'Configuration Templates' > 'Procedures' > 'Create' > 'Create Patch Procedure'




        • Enter a name and description and specify the folder where it should be saved. If required, you can create new sub-folders under 'My Procedures' in the 'Procedures' area.
        • Click ‘Create’ to open the configuration screen:

        Procedure Configuration




        • To configure patch options for your procedure, click the 'Execution Options' tab followed by the 'Edit' button. You can select the Microsoft software updates required for the procedure from the options.




        • Click the link 'Read the definitions from Microsoft website' link to view patch details
        • Choose which types of patch the procedure should install and click 'Save'
        • Click the 'Restart Control' tab followed by the 'Edit' button to configure restart options for the endpoint after the procedure has run successfully.



        • You can choose to:
        • Continue the operation of the endpoint without restart by selecting 'Suppress the reboot'
          • Force restart the endpoint a certain period of time after the procedure has completed.

            OR

            • Display a warning to the user and let them postpone the restart. Type a message for the user if you choose this option.
            • The 'Schedule' tab will be auto-populated once you add the procedure to a configuration profile and schedule its execution. See Add a Procedure to a Profile / Procedure Schedules for more details.
            • The 'Execution Log' will be auto-populated after the procedure has been successful executed as part of a profile. You can view a history of executions at anytime by selecting this procedure in the 'Procedures' interface and clicking the 'Execution Log' tab.
            • After saving, your patch procedure will be automatically approved, added to the 'Procedures' list and can be deployed in a profile.

            Important Note: Patches that are hidden by administrators will not be executed. See 'Manage OS Patches on Windows Endpoints' for more details.


            Create a custom 3rdparty patch procedure

            • Click 'Configuration Templates' > 'Procedures' > 'Create' > 'Create Windows 3rd Party Patch Procedure'




            • Enter a name and description for your procedure and specify the folder in which you want to save it.
            • Click ‘Create’ to open the procedure configuration screen:




            • To configure patch options for your procedure, click the 'Execution Options' tab followed by the 'Edit' button. You can select the applications to be updated from the options.



            • Select 3rd party software to update - Allows you to choose whether all upgradable applications identified at the endpoint to be updated or only specific application(s) is/are to be updated.
            • Update all applications - Select this option if you want all outdated applications in the endpoint to be updated on running the procedure
            • Update only the selected applications - Select this option if you want only specified applications are to be updated on the endpoint, then specify the applications to be updated.
            • Start entering the first few characters of the application. The upgradable applications identified from all managed endpoints and matching the search criteria will be displayed as options
            • Select the application from the list



            • Click 'Save'
            • Click the 'Restart Control' tab followed by the 'Edit' button to configure restart options for the endpoint after the procedure has run successfully.



            • You can choose to:
            • Continue the operation of the endpoint without restart by selecting 'Suppress the reboot'
            • Force restart the endpoint a certain period of time after the procedure has completed.

            OR

            • Display a warning to the user and let them postpone the restart. Type a message for the user if you choose this option.
            • The 'Schedule' tab will be auto-populated once you add the procedure to a configuration profile and schedule its execution. See Add a Procedure to a Profile / Procedure Schedules for more details.
            • The 'Execution Log' will be auto-populated after the procedure has been successful executed as part of a profile. You can view a history of executions at anytime by selecting this procedure in the 'Procedures' interface and clicking the 'Execution Log' tab.
            • After saving, your patch procedure will be automatically approved, added to the 'Procedures' list and can be deployed in a profile.
              Our Products
              • Free Antivirus
              • Free Internet Security
              • Website Malware Removal
              • Free Anti-Malware
              • Anti-Spam (Free Trial)
              • Windows Antivirus
              • Antivirus for Windows 7
              • Antivirus for Windows 8
              • Antivirus for Windows 10
              • Antivirus for MAC
              • Antivirus for Linux
              • Free Endpoint Security
              • Free ModSecurity
              • Free RMM
              • Free Website Malware Scanner
              • Free Device Manager for Android
              • Free Demo
              • Network Security
              • Endpoint Protection
              • Antivirus for Android
              • Comodo Antivirus
              • Wordpress Security
              Cheap CDN
              • Bootstrap CDN
              • Semantic UI CDN
              • Jquery CDN
              • CDN Plans
              • CDN
              • Free CDN
              Enterprise
              • Patch Management Software
              • Patch Manager
              • Service Desk
              • Website Down
              • Endpoint Protection Solutions
              • Website Security Check
              • Remote Monitoring and Management
              • Website Security
              • Device Manager
              • ITSM
              • CRM
              • MSP
              • Android Device Manager
              • MDR Services
              • Managed IT Support Services
              • Free EDR
              Free SSL Certificate
              Support Partners Terms and Conditions Privacy Policy

              © Comodo Group, Inc. 2025. All rights reserved.