Wake on LAN example

For a software rollout planned between 03:00 am and 06:00 am on a specific date, two restarts are required. The local software rollout agent must be able to log on to Windows.

In the full disk encryption policy, under Temporary deactivation (for Wake on LAN) you configure the following settings:

Policy setting	Value
Start	Day before software rollout, 12:00 noon
End	Day of software rollout 06:00 am
Allow Windows logon during this time	Yes
Auto logon limit	5

As the auto logon limit is set to 5 the endpoint computer starts 5 times without authentication through POA.

Note: In this example, the autologon limit is set to 5 as we recommend that you allow three more restarts than necessary in case of any problems.

By setting the start time to 12:00 noon on the day before the software rollout, you make sure that the scheduling script SGMCMDIntn.exe is started in time and that the Wake on LAN process starts no later than 03:00 am on the day of the software rollout.

The following two commands have to be created for the scheduling script SGCMDIntn.exe by the software rollout team:

Start on the day before software rollout, 12:15 am, SGMCMDIntn.exe -WOLstart
Start on the day after the software rollout, 09:00 am, SGMCMDIntn.exe -WOLstop

The date of the software rollout script is defined as the day of the rollout, 03:00 am. Wake on LAN can explicitly be deactivated again at the end of the script with SGMCMDIntn.exe -WOLstop.

All endpoint computers that log on before the date specified for Start and connect to the rollout servers receive the new policy and the scheduling commands.

Any endpoint computer on which the schedule triggers the command SGMMCMDIntn -WOLStart between the day before the rollout at 12:00 noon and the day of the rollout at 06:00 am falls within the WOL time interval. Therefore Wake on LAN is activated.