Versions Compared

Version Old Version 18 New Version Current
Changes made by

serdar ak

İrem Kara

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

GDE

...

is

...

GDE is installed on each PC manually or automatically with tools like SCCM or PDQ.

...

Directories to be indexed are specified in the settings.

...

GDE processes the new and changed files every 3 hours.

...

GDE may run as a Windows Service.

...

GDE does not copy the contents to the server. The contents found as a result of a search are found and opened from the respective computer. If the computer or GDE is not turned on, you can search but not access the document. If you want to make a backup of the documents, you should turn on the "Backup Contents" setting for the corresponding Resource in the GEODI project.

Table of Contents

Installation Checklist

You can follow the information required for installation and the steps from the list.

  • Following these steps requires IT knowledge.

  • GEODI Server must be installed and activated before GDE.

  • The options specified below are committed to a set of settings published by GEODI Server. This page describes how the settings will be set.

...

Subject

...

Description

...

Status

...

GDE Token Should Be Created

...

an agent-based discovery solution that allows indexing data on endpoints and/or file servers without requiring share definitions. It operates on Windows, Linux, macOS, and Pardus environments. The GDE agent indexes/discovers many PCs or File Servers without requiring share definitions. The GDE agent runs on Windows, Linux, or macOS. Additionally, GEODI can discover remote servers without an agent.

A connection is created by selecting Project Wizard/Feed Source/GDE. This page generates the necessary Batch file to install the GDE agent. You can copy and use it with tools like ManageEngine or SCCI. Manual installation is also possible if preferred.

GDE begins discovery with the default directories specified on this page. It repeats the process approximately every 3 hours on each machine. Content from different machines is queued and processed on the GEODI server.

Active agents can be monitored through the https://decesw.atlassian.net/wiki/spaces/geodien/pages/edit-v2/4184473601 Panel.

Table of Contents
stylenone
Tip

Requirements for Connection

  1. A user with sufficient privilege levels to install agents on client machines.

    1. Variations may exist for Linux and macOS clients.

  2. A tool like ManageEngine or SCCM for deploying to a large number of clients.

  3. Client machines must have access to the <geodi> server.

  4. <geodi> server must have access to the client machines, with port 1982 (configurable) open.

Gliffy
imageAttachmentIdatt4336386146
macroIdc02c52c0-32db-418a-8a1e-64c4cfe9a700
baseUrlhttps://decesw.atlassian.net/wiki

...

Client Machines must have port 1982 open

...

For GDE-GEODI 2-way communication, port 1982 must be open on clients by default. This value can be changed. If the ExplorerPort value is not specified in the settings, GDE will do a one-way feed, you can search for files but not view them.

...

GEODI server must have a public address

...

The GEODI Server must be accessed from client machines. This access can be via internal network or internet. Therefore, the GEODI server must have a public address with SSL defined. You can test it on the client through a browser.

...

Clients must be Windows, Linux and MacOS

...

GDE currently supports Windows, Linux and MacOS operating systems.

For Linux and MacOS machines, dotnet core 7.0 must be installed.

...

Server Disk capacity must be sufficient

...

With GDE, data from client machines is processed on the central server and additional space is needed for the generated index (not the files themselves).

Assuming an average of 10Gb index for each machine: 100 machines need 1Tb, 1000 machines need 10Tb of additional storage. If you are using the option to backup client files, the disk requirement will increase.

GEODI server can create indexes on different disks. Please refer to the related document.

...

Do you want to back up client data as a file?

...

Optionally, it may be desirable to back up the files transmitted by GDE in a centralized environment. The disk space required for this purpose should be taken into account.

...

Directories to be processed on Client Machines

...

You can specify the directories to be processed on the client machine according to your needs. The default directory is %UserProfile% (documents, downloads, desktop...). You can see which directories have been entered with Windows Explorer.

GDE ignores some file types. Many of these are file types that are not useful for system-related search and discovery.

Video and Mp3 files are ignored due to their size and content. You can change the settings according to your needs.

...

Additional Information of Files from Client Machines

...

In the meta content of files coming to GEODI from clients, the system ip, Windows username, computer name and LDAP information, if any, are written. The scope can be changed with Metadata definitions in the setting file.

...

Client data GEODI resource name

...

The "Source Name" of the data from the clients will appear in the GEODI Search Interface and in the data discovery reports.

A ready-made panel called "Discovery" will come with your project. In order for the data counts from clients to work correctly in this panel, you must also add the diagnostic named GDE to your project.

...

MSI Package and Parameters Delivered to the Customer

Update your settings file according to the information above. You will then be ready for deployment.

  • GDE installation can be done in an internet-free environment. When connected to the GEODI server, the feed process starts automatically.

  • If there is a connection problem between GDE and the server, the feed process starts automatically when the connection is restored.

  • After deployment, you can change the settings from the "Default.json" file on the GEODI server. The settings will be valid for new files. These settings will take effect in about 10 minutes.

GDE Windows Client MSI Parameters

Info

Download GDE Windows MSI

...

Action

...

Command

...

Setup

...

"<path>GEODI.DesktopExplorer.msi" /quiet GEODI_URL="https://icdemo.dece.com.tr/" GEODI_TOKEN="EAAAAL2FcQ9RvjWM…" UPDATE_URL="http://192.168.1.26:3323/GUI/autoupdate.txt"

...

Remove

...

msiexec.exe /x /qn /norestart "GEODI.DesktopExplorer.msi"

...

Update

...

start "GDE" "%ProgramFiles(x86)%\DECE Software\GEODI Desktop Explorer\Updater.exe"

...

Parameter

...

Description

...

GEODI_URL=

...

The address that agents will use to access GEODI. It is recommended that DNS/port/SSL operations are completed and finalized before installations are made.

...

GEODI_TOKEN=

...

It is explained in the TOKEN Creation step on this page. It is necessary to use a different user and keep the password of this user. If the password changes, it may need to be recreated and reinstalled.

...

UPDATE_URL

...

Optonal parameter for closed networks or if you prefer a different adres for updates.

GDE Windows Service Installation

  • GDE installation may be converted to a Windows Service using the WindowsServiceInstall.bat script in the GDE folder.

    • WindowsServiceUninstall.bat uninstalls the service setup.

    • Service mode does not require a login user.

    • For GDE Exe and GDE Service Mods not to run simultaneously, GDE Exe must be uninstalled from under startup. ---> QQQ nasıl?

...

  1. Log in with a user accessing the Source that GDEs will feed.

  2. Open the page: Generating a GEODI Token .

  3. Check Feed Checkbox and enter the name of the Source in the AllowList.

  4. Now you are ready to create the Token.

...

Deployment of the GDE Client Package

  • Script structures vary in tools such as PDQ, ManageEngine, and SCCM, but the operations are the same.

    • Ready scripts exported for the PDQ Deploy tool are in the XML file. PDQ can be imported and used.

View file
nameGDE Scripts.xml

GDE Software Update

In the default installation, packages use the DECE server to check and download current versions. If there is access to these servers after the above operations, the update is done without any problems.

If there is no access, the following steps should be followed.

  • Add the UPDATE_URL parameter to the first installation step. The link to the autoupdate.txt file where updates will be checked should be given as http/https.

  • You can request the updated GDE package and autoupdate.txt file from the DECE Support team. After receiving this file, the URL= in it should be changed.

    • You can put the updated MSI file in a user-accessible directory and give the path to it as http/https or file://<filepath>.

  • On the machine installed for Linux/MacOS update, the new version is automatically installed when the new package is to be installed.

...

nameGDE-EN
diagramAttachmentIdatt4336648300
containerId3972202552
timestamp1702733720298
image-20241219-105355.pngImage Added

MSI Link and Update

GDE agents are automatically downloaded to the GEODI directory along with the GEODI Discovery module. The required MSI files can be found in the following directory.

Windows agents will automatically update themselves from this directory when a new version is released. If you are operating in an offline environment, it will be sufficient to manually update the modules on the GEODI server.

Info

The GDE Agent can be accessed at: <geodi_url>/GUI/Agents/GDE

Here, <geodi_url> refers to the GEODI Server address.

Troubleshooting

Expand
titleIndexing does not start

  1. Check if the client has access to the GEODI Server. GEODI should be accessible through a browser on the client. Enter the GEODI address in a browser on the client; there should be access.

  2. The GEODI server should be accessible from the client's GDE. Using a browser on the client, enter <ClientIP>:<1982>/DEW?op=GetLastError. If everything is fine, it should return null. The ExplorerPort specified in GDE rules, e.g., ExplorerPort=1982 (or the chosen port), should be open.

  3. Inspect the Firewall, Antivirus, or any similar tool to ensure there is no blocking mechanism preventing communication.

  4. Check if the client machine is operational. GDE should be installed and running (Geodi.Desktopexplorer.exe should be in the task list).

  5. Verify the status of the received TOKEN: <GEODI_URL>/API/token_parser.html.

  6. Examine the Agent Management Panel; if the endpoint's status looks good, waiting for a while may resolve the issue. The GEODI Server queues incoming data, so the files at the endpoint might not be due yet.

  7. If everything seems correct but data is still not coming through, check the FolderList and IgnoreFolders values in the GDE rules.

  8. If you are not receiving the expected file type, ensure that the extension is not listed in the IgnoreFiles value in the GDE rules.

Expand
titleSettings are not effective,

  1. The Setting file may not be a valid JSON. Validate it with an online tool.

  2. Settings will generally be adjusted in an hour. If the IP of the endpoint has changed, this may take up to 3 hours.

Expand
titleSome files are not indexed

The default settings block some large files, like videos. Files larger than 100 MB or compressed files larger than 500MB are blocked. You may change the settings. The settings will be effective in about an hour.

Expand
titleThe endPoint has been formatted

Install the GDE as usual. The endpoint will be treated as new. The old data is preserved.

Expand
title1982 port is not avaliable

  1. You can change 1982 to anything available. Please be careful about not assigning ports that have already been used.

  2. You may set the GDE port to 0, but GEODI can not open the remote files in this case. The search and discovery are unaffected.

FAQ

Expand
titleHow can query files from a specific endpont?

It is no different than the other. Add layer:GDE <machinename> into query.

  1. layer:GDE <machinename> will query the files.

  2. layer:GDE <machinename> doc:*.pdf will list the PDF files.

  3. layer:GDE <machinename> doc:*.pdf contract will list the PDF files with the word contract.

Expand
titleIs it possible to Classify remote files?

The GEODI legacy data classification tool classifies remote files if you have the classification agent installed on the same endpoint.

Expand
titleIs it possible to remediate remote files?

Yes, GEODI remediation tools cover remote files as well. The only requirement is that the user should have delete/update permission on the remote machines. This way, GEODI deletes, makes, or encrypts remote files like the local ones.

Expand
titleWhat happens if the endpoint machine is closed?

Search is unaffected, but you can not open/view or remediate the files.

Expand
titleDoes GDE copy local files?

No, GDE does not copy the local files. But if you need to backup local files, check the “backup content" in the GEODI source dialog. You may activate or deactivate this setting at any time.

Expand
titleWho is going to see the files from endpoints?

  1. Sistem Admins see all files.

  2. Other users' permissions depend on Enable LDAP settings. If LDAP is enabled, then local permissions are used.

  3. It is possible to set each user to see their PC files. Please ask the DECE team how to do that.

Expand
titleWhat happens if the endPoint is formatted?

  1. Install the GDE as usual. The endpoint will be treated as new. The old data is preserved.

...

GDE configuration settings

Settings should be GEODI server <GEODI_APP>/Settings/Geodi.DesktopExplorer folder named default.json. Installed GDEs will automatically retrieve this setting in about an hour.

  • Any changes will be effective in about an hour. You may change the settings while GEODI is running.

  • To define different rules for each machine, you may use different additional files named

    • <ClientIP>.json

    ,

    • <ClientUserName>.json

    , or

    • <ClientMachineName>.json.

Code Block
languagejson
{
  "FolderList": ["%UserProfile%"],// "*" scan all directory //
  "ExplorerPort": 1982,
  "IgnoreFiles":["*.MP4","*.MOV","*.MP3"],
  "MetaData": {
	"LDAPDN":"=d.CurrentUser!=null?d.CurrentUser.DistinguishedName:null",
	"IP":"=d.ClientIP",
	"ComputerName":"=d.ClientMachineName",
	"UserName":"=d.ClientUserName"
	}
}

Setting Name

Type

Description

FolderList

string[]*

Used to specify the folders to be scanned. Folders can be identified by separating them with ",".Windows, MacOS, and Linux client folders can be used interchangeably.

The default directory is %UserProfile% ,\\Users, \\Home(includes documents, downloads, desktops,

desktop.

etc.

.). A complete list can be found at https://docs.microsoft.com/tr-tr/dotnet/api/system.environment.specialfolder?view=netframework-4.0.

).

Values are case-sensitive. Subdirectories can also be defined as %UserProfile%\\Desktop.

You can use ["*"]

if you want When a port to be used is defined, as long as the client is open, the content can be viewed on Geodi

to scan all disks.

ExplorerPort

int

If a value above 0 is entered, Explorer will run in APP→GEODI→APP mode. Firewall settings must be made in this mode.

The default is 1982.

Alternatively, you may set the port value to 0. Discovery and search will be fine, but GEODI can not open the local files in this case.

EnableLDAP

bool

If a true value is given, LDAP authorizations of the files are also indexed.

Default value: false

IgnoreFolders

string[]

List of folders to ignore. * is accepted. Used in combination with the settings under Geodi Settings/IgnoreFolders.

Example: ["*:\\data","C:\User*"]

Default value: null

(info) GEODI central file/folder ignore rules always take precedence. The restrictions specified within the settings are applied additionally.

(info) By default, to safeguard the network resource, only the name and date of files larger than 100MB are indexed. This limit is set to 500MB for compressed file contents. These values can be modified on the GEODI server.

IgnoreFiles

string[]

List of folders to ignore. * is accepted

. Used in combination

and used with the settings under Geodi Settings/IgnoreFileTypes.

Default value:["*.MP4","*.MOV","*.MP3"]

(info) GEODI central file/folder ignore rules always take precedence. The restrictions specified within the settings are applied additionally.

(info) By default, to safeguard the network resource, only the name and date of files larger than 100MB are indexed. This limit is set to 500MB for compressed file contents. These values can be modified on the GEODI server.

Metadata

You can define metadata for parsing files from clients. These metadata are specified in the settings file. The values used in the default settings can be seen in the example file.

Searching with metadata is done with <metaname>:<value> Example IP:192.168.1.1

The defined metadata and

their

values will be visible in the GEODI search interface.

Troubleshooting

...

If no data is received after setup,

  • please check your Firewall/Antivirus settings and contact your IT consultant.

  • The client may be Closed

  • Check if GDE is installed

  • Check if GDE is running (Geod.Desktopexplorer.exe should be running)

  • Check if the port (default 1982) is available or not blocked.

  • Check if the GEODI server is accessible from the client(use ping or a browser).

  • GDE continuously feeds the GEODI server. A Firewall/Virus scanner may be blocking the communication.

  • Be patient; The GEODI Server queues and processes data from many clients simultaneously. So the client data eventually be indexed if no other problem exists.

  • If the IP or Name of the client changes, previous files will be visible again in about 3 hours.

  • If the client is formatted, it is assumed a new client. The Old index is preserved.

...

Central setting changes take effect within 1 hour.

...

Only the name and date are indexed for files larger than 100 MB to preserve network resources by default. This limit is 500MB for compressed file contents. The values may be changed.

...

GDE API

You may use a browser to make these calls.

<ClientIP>:<1982>/DEW?op=GetStatus

Gets the status of GDE Agent

{"StatusText":"","RequestCount":0,"FileCount":0,"SendCount":0,"IgnoreCount":0,"Server":"<GEODI_URL>"}

(info) Default port = 1982, may be different

<ClientIP>:<1982>/DEW?op=GetLastError

Gets the GDE agent errors.

If no error, retuns null. Else

{"Server":"<GEODI_URL>", "LastErrorTime": {}, "LastError" : "", "TotalErrorCount": n}

Updating the GDE Agent

The agents check for updates every two days and, if available, automatically update themselves via the GEODI server. No manual intervention is required.

Installing GDE as a Windows Service

This option is used to index/discover FileServers with GDE.

Info

Requirements for Installation

In addition to the Windows MSI requirements:

  1. The Windows Service user must have read-only access to the FileServer directories.

  2. A separate configuration file must be created under the GEODI Server for each File Server to define the directories to be indexed and other rules. Details are provided on the main page..

After installing GDE on Windows, it can be turned into a service using the WindowsServiceInstall.bat file located in the same directory.

  1. The service mode can be removed using the WindowsServiceUninstall.bat file.

  2. When running in service mode, no logged-in user is required for the service to function.