USE SUSDB PRINT 'Using SUSDB'; GO IF NOT EXISTS (SELECT * FROM dbo.tbAutoDeploymentRule WHERE ID = 2) BEGIN PRINT 'Setting IDENTITY_INSERT to On'; SET IDENTITY_INSERT tbAutoDeploymentRule ON; PRINT 'Inserting auto deployment rule'; INSERT INTO dbo.tbAutoDeploymentRule(ID, Enabled, ActionID, Name) VALUES (2, 0, 0, 'Default Auto Approval Rule'); IF @@ROWCOUNT = 0 PRINT 'Warning: No rows were affected.'; ELSE PRINT 'Rows were updated.'; PRINT 'Setting IDENTITY_INSERT to Off'; SET IDENTITY_INSERT tbAutoDeploymentRule OFF; END ELSE PRINT 'No work to do. Record already exists.'; GO --check automatic approval for detection IF EXISTS (SELECT * FROM dbo.tbAutoDeploymentRule WHERE ID = 1 AND NAME = 'Scan AutoDeployment Rule' AND Enabled = 0) BEGIN PRINT 'Automatic Approval For Detection not enabled.'; UPDATE dbo.tbAutoDeploymentRule SET Enabled=1 WHERE ID = 1 IF @@ROWCOUNT = 0 PRINT 'Warning: no rows were affected'; ELSE PRINT 'Automatic Approval For Detection enabled.'; END ELSE PRINT 'Automatic Approval For Detection is already enabled'; GO --check computer group target of approval for detection IF NOT EXISTS (SELECT * FROM dbo.tbTargetGroupInAutoDeploymentRule WHERE AutoDeploymentRuleID = 1 AND TargetGroupID = 'a0a08746-4dbe-4a37-9adf-9e7652c0b421') BEGIN PRINT 'Target group of approval for detection is not "AllComputers"' PRINT 'Inserting "AllComputers" group'; BEGIN TRANSACTION; --delete all other computer groups assigned to this rule DELETE FROM dbo.tbTargetGroupInAutoDeploymentRule WHERE AutoDeploymentRuleID = 1 INSERT INTO dbo.tbTargetGroupInAutoDeploymentRule(AutoDeploymentRuleID,TargetGroupID) VALUES(1,'A0A08746-4DBE-4A37-9ADF-9E7652C0B421') COMMIT TRANSACTION; IF @@error != 0 PRINT 'Error: Insertion failed'; ELSE PRINT '"AllComputers" Group added'; END ELSE PRINT '"AllComputers" is already the target group of approval for detection.'; GO --check if "critical update" is in the auto approval classification IF NOT EXISTS (SELECT * FROM dbo.tbUpdateClassificationInAutoDeploymentRule WHERE AutoDeploymentRuleID = 1 and UpdateClassificationID = 1) BEGIN PRINT 'Critical update is not in approval for detection classification' INSERT INTO dbo.tbUpdateClassificationInAutoDeploymentRule(AutoDeploymentRuleID,UpdateClassificationID) VALUES(1,1) IF @@ROWCOUNT = 0 PRINT 'Warning: no rows were affected'; ELSE PRINT 'Critical update is inserted to approval for detection classification'; END ELSE PRINT 'Critical update is already in approval for detection classification'; --check if "security update" is in the auto approval classification IF NOT EXISTS (SELECT * FROM dbo.tbUpdateClassificationInAutoDeploymentRule WHERE AutoDeploymentRuleID = 1 and UpdateClassificationID = 5) BEGIN PRINT 'Security update is not in approval for detection classification' INSERT INTO dbo.tbUpdateClassificationInAutoDeploymentRule(AutoDeploymentRuleID,UpdateClassificationID) VALUES(1,5) IF @@ROWCOUNT = 0 PRINT 'Warning: no rows were affected'; ELSE PRINT 'Security update is inserted to approval for detection classification'; END ELSE PRINT 'Security update is already in approval for detection classification'; --check if "service pack " is in the auto approval classification IF NOT EXISTS (SELECT * FROM dbo.tbUpdateClassificationInAutoDeploymentRule WHERE AutoDeploymentRuleID = 1 and UpdateClassificationID = 6) BEGIN PRINT 'Service pack is not in approval for detection classification' INSERT INTO dbo.tbUpdateClassificationInAutoDeploymentRule(AutoDeploymentRuleID,UpdateClassificationID) VALUES(1,6) IF @@ROWCOUNT = 0 PRINT 'Warning: no rows were affected'; ELSE PRINT 'Service pack is inserted to approval for detection classification'; END ELSE PRINT 'Service pack is already in approval for detection classification';