Over the last few years, I have written a few times on Workspace ONE Freestyle Orchestrator which is finally out for everyone. You can read my initial article here or my follow-up on real-world examples of using Freestyle Orchestrator. Each of them provides some very strong insight into the product and its potential. One of the gaps that I have been dealing with are centered around holes on their Windows support. Today, I am going to show you how some creative scripting to help you plug one of the few remaining holes. Let’s get started!

The Gaps Today in Freestyle Orchestrator on Windows

Today, with Products we have a few use-cases to managing Windows:

1. Deploying Files
2. Deploying Apps
3. Deploying Scripts
4. Executing Scripts/BAT files
5. Complex App Deployments

We’ve found over the last few years that some apps just deploy better and easier in Product Provisioning like Dell Command Update for example.

Before FSO, we would run 2 products together with dependencies for DCU. First, we do the Install:

The .BAT was simple like this:

C:\Apps\dellcommandupdateapp_setup.exe /s /v" /qn"

Yeah, I know, but it’s how we got it done as we found some issues, but the code itself isn’t important. After that, a DCU Configure Product would do stuff too:

That was basically dropping a settings.xml config file down, and a BAT to do the configuration:

"C:\Program Files\Dell\CommandUpdate\dcu-cli.exe" /configure -importSettings=C:\Temp\settings.xml
"C:\Program Files\Dell\CommandUpdate\dcu-cli.exe" /configure -autoSuspendBitLocker=enable
"C:\Program Files\Dell\CommandUpdate\dcu-cli.exe" /scan
"C:\Program Files\Dell\CommandUpdate\dcu-cli.exe" /applyUpdates -silent -reboot=enable

Anyways, this isn’t a DCU article but just wanted to show some of the complexities of Products and how they’re used. People use them in all sorts of ways like configuring Edge, App Installs, deploying Apps with configuration, etc.

In general, it’s been challenging because a few of the gaps we have seen so far in FSO are:

1. No File Support
2. No Timer/Repeated action stuff (This has since been address with Time Windows, which we will show next)
3. Some of the new stuff like Desired State Management is a bit confusing (will also cover this shortly)
4. A bit challenging to get some components to retry/re-run.

I’m sure there are others I am forgetting, but overall FSO is a product with a ton of potential. Today, is about how you can be creative to arrive at the “desired state” you want to achieve. By the end of this article, you will probably be able to retire 75% of your products. Let’s get into Time Windows.

Time Windows

Time Windows can be a bit confusing mainly because you would expect you could reference them a bit better in Freestyle Orchestrator. Basically, you leverage Smart Groups to tell WS1 what a device’s maintenance hours are and what its business hours are. By using these, you can decide when you want to enforce something in either an allow list or a deny list fashion.

Check out my demo for a closer look at Time Windows. The demo will give you a better idea because honestly its super confusing and not as obvious as you would think. I would prefer to be able to map a specific Time Window to Freestyle Orchestrator, which would be consistent with how scripts work.

Exploring Advanced Settings for Freestyle Orchestrator

FSO now has some new and fun capabilities that enhance the product if you know how to use them. Those features are:

1. Desired State Management (Ensures the entire workflow is re-evaluated every 4 hours and it is functional)
2. Evaluate condition without user login (obviously huge for Windows)
3. Error Handling for Profiles and Apps
4. Reinstall if removed for Apps

Let’s cover each of these briefly so you can identify how they can enhance what you’re doing with Freestyle Orchestrator.

Desired State Management with FSO

The weird thing about “Re-evaluate Condition” is it only appears on the check condition but not at the top of the workflow which can really throw people off.

You can see below, by enabling “Re-evaluate Condition” it will execute the entire workflow every 4 hours so if someone removes something or makes a change, it will re-apply based on the check conditions you have in place. This is a huge capability, which is even available on MacOS and aligns with the reasons why people put products like Chef in their MacOS environments.

On Windows, they also support “Evaluate condition even without user login” which you can also leverage (but shouldn’t if user context is needed).

Freestyle Orchestrator Error Handling

The error handling is also quite useful (available on both apps and profiles). Timeouts have been an issue with app deployments for a long time so the ability to time out the operation and force a retry is a huge benefit.

Additionally, the ability to terminate the workflow or just skip the step is also a welcome addition. Most of this is subjective and is based on what you’re trying to achieve.

Scripting Like a Pro to Work Freestyle Orchestrator Magic

So, a few of the use cases that I am focused on is:

1. Deploying and executing batch files
2. Building and dropping PowerShell scripts to be used in other parts of my workflows

Per usual, you can find this stuff on my Github.

Basically, I start with a template for creating whatever file I want to create:

New-Item C:\temp\ -ItemType File -Force
Set-Content C:\temp\ ''

From there, I will:

1. Add the name of the file I want to create e.g. deploy.bat to the “New-Item” line and the “Set-Content” line
2. Add the code in between the single quotes: ”
3. Add that and execute it as a script

This essentially creates the file I am looking for a drops it down. In the example of a Batch script I want to execute I can just call CMD from PowerShell like this:

Invoke-Expression -Command "C:\temp\deploy.bat"

You certainly have tons of ways to get it done, but basically its all about using New-Item and Set-Content to set the pace and let another script take you home to completion. As we mentioned earlier, coupling this with great check conditions to ensure things run as expected is a huge part of making this great.

Demo of Leveraging Scripts to Close the Gap

As we mentioned earlier, scripts require some creativity because of the limitations on types of scripts, but you can get it done. Check out my demo that shows how its done.

Final Thoughts

I think a major sentiment that has been in my head over the last few weeks is: “Do not wait for a vendor to fix your problems.”

I see it time and time again where someone goes “VMware hasn’t fixed it yet” and that just isn’t going to work anymore. Inevitably, it’s your circus so you can either be the ringmaster or the clown. Creative IT is the difference between being so-so and being great. Writing solutions whether its scripting or API invocation can be a difference maker in your career. 50% of IT is about effort. Most times we don’t fail because it’s too hard, but because we quit because we think it’s too hard. You never know what you can do until you try.