Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

To run or not to run 1

Status
Not open for further replies.
jdeane

jdeane

IS-IT--Management
Sep 21, 2001
229
GB
I have a script which will utilise the 'runas' command and enter the password for me automaticaly.

I plan to use this script within a netlogon script to install MS security patches, how ever I only want to run the line once on each workstation.

The script is executed using 'patch.vbs "Q11111111.exe /q"'

How do I go about checking to see if a patch.ini file exists on the local drive, if so does it contain an entry Q11111111 if not run the rest of the script and place Q11111111 into the patch.ini file, if it already exists terminate the script.

I can post the script I already have if needed.

Thanks

Jonathan
 
Sort by date Sort by votes
Post up what you have and I will have a look for you Regards
Steve Friday
 
Upvote 0 Downvote
The orginal script came from the link below which I adapted to what I have included, once the script is completed I plan then to encrypt it so that the username and password are hidden.

The netlogon may include something like
patch "\\server\patch\q111111.exe /q"
patch "\\server\patch\q222222.exe /q"
patch "\\server\patch\q333333.exe /q"

After a few weeks then remove the entries from the netlogon




Copy and paste the script below into notepad and save as 'patch.vbs'

Change the bits in bold to use.

Usage: patch "c:\Q1111111.exe /q"

Hope you find it useful.

Thanks

Jonathan



' Start of Script
' VBRUNAS.VBS
' v1.2 March 2001
' Jeffery Hicks
' jhicks@quilogy.com ' USAGE: cscript|wscript VBRUNAS.VBS Username Password Command
' DESC: A RUNAS replacement to take password at a command prompt.
' NOTES: This is meant to be used for local access. If you want to run a command
' across the network as another user, you must add the /NETONLY switch to the RUNAS
' command.

' *********************************************************************************
' * THIS PROGRAM IS OFFERED AS IS AND MAY BE FREELY MODIFIED OR ALTERED AS *
' * NECESSARY TO MEET YOUR NEEDS. THE AUTHOR MAKES NO GUARANTEES OR WARRANTIES, *
' * EXPRESS, IMPLIED OR OF ANY OTHER KIND TO THIS CODE OR ANY USER MODIFICATIONS. *
' * DO NOT USE IN A PRODUCTION ENVIRONMENT UNTIL YOU HAVE TESTED IN A SECURED LAB *
' * ENVIRONMENT. USE AT YOUR OWN RISK. *
' *********************************************************************************



On Error Resume Next
dim WshShell,oArgs,FSO

set oArgs=wscript.Arguments

if InStr(oArgs(0),&quot;?&quot;)<>0 then
wscript.echo VBCRLF & &quot;? HELP ?&quot; & VBCRLF
Usage
end if

sCmd=oArgs(0)

set WshShell = CreateObject(&quot;WScript.Shell&quot;)
set WshEnv = WshShell.Environment(&quot;Process&quot;)
WinPath = WshEnv(&quot;SystemRoot&quot;)&&quot;\System32\runas.exe&quot;
set FSO = CreateObject(&quot;Scripting.FileSystemObject&quot;)

if FSO.FileExists(winpath) then
'wscript.echo winpath & &quot; &quot; & &quot;verified&quot;
else
wscript.echo &quot;!! ERROR !!&quot; & VBCRLF & &quot;Can't find or verify &quot; & winpath &&quot;.&quot; & VBCRLF & &quot;You must be running Windows 2000 for this script to work.&quot;
set WshShell=Nothing
set WshEnv=Nothing
set oArgs=Nothing
set FSO=Nothing
wscript.quit
end if

rc=WshShell.Run(&quot;runas /user:domain\user&quot; & &quot; &quot; & CHR(34) & sCmd & CHR(34), 2, FALSE)
Wscript.Sleep 40 'need to give time for window to open.
WshShell.AppActivate(WinPath) 'make sure we grab the right window to send password to
WshShell.SendKeys &quot;password&quot;&VBCRLF 'send the password to the waiting window.

set WshShell=Nothing
set oArgs=Nothing
set WshEnv=Nothing
set FSO=Nothing

wscript.quit

' ************************
' * Usage Subroutine *
' ************************
Sub Usage()
On Error Resume Next
msg=&quot;Usage: patch Command&quot; & VBCRLF & VBCRLF & &quot;You should use the full path where necessary and put long file names or commands&quot; & VBCRLF & &quot;with parameters in quotes&quot; & VBCRLF & VBCRLF &&quot;For example:&quot; & VBCRLF &&quot; patch &quot;&quot;<\\server\patch\Q1111111.exe> /q&quot; & CHR(34) & VBCRLF & VBCRLF & VBCLRF & &quot;patch /? | -? will display this message.&quot;

wscript.echo msg

wscript.quit

end sub
' End of Script
 
Upvote 0 Downvote
couple of questions,

1) where are you intending on saving the ini file - server or workstation - my thoughts would be to save it in a sub folder off of \\server\patch.

2) how are you going to verify the install was successful - have you heard of the qfecheck tool? I would use this to write out a list of instaled patches.

3) how are you going to deal with reboots after having applied a hotfix

I will amend the sub with a few presumptions IE
log file saved to \\server\path\machlog
I will use qfecheck to identify installed patches

back to you in a bit Regards
Steve Friday
 
Upvote 0 Downvote
answers to your questions:-

1) I was thinking of the local pc, as I was planning on making the 'patch' share read only.

2) Not sure how to verify that the installation of the patch went accroding to plan, I've heard of the qfecheck but never used it - shall take a look later today.

3)I was going to put a message at the start to alert the user that they will need to select yes to reboot when the request from the q11111111.exe is displayed.

I never really plan to call more than one or two patches at a time anyway unless MS releases a whole lot in one go and if they do I would probably use qchain.exe to build one super patch file. So the users should not get to many reboot messages at login.

It will also only be the really urgent ones that get done this way anyway.

Planning on downloading the patches from:-

and renaming them to their Q number for ease of identifaction.

Thanks

Jonathan
 
Upvote 0 Downvote
OK here goes

1) I still used a network path for the log files

\\server\patch\machlog

Log files are saved as computername.log

2) put in a section that will install qfecheck if it does not exist

3) when you run it type Patch.vbs q318138 /q

I needed the qnumber to verify if it was already installed

4) Please test thouroughly as I make no gaurantees - it works on my system but I am running win2k serv + XP workstation

5) qfecheck is Q282784

' *********************************************************************************
' * THIS PROGRAM IS OFFERED AS IS AND MAY BE FREELY MODIFIED OR ALTERED AS *
' * NECESSARY TO MEET YOUR NEEDS. THE AUTHOR MAKES NO GUARANTEES OR WARRANTIES, *
' * EXPRESS, IMPLIED OR OF ANY OTHER KIND TO THIS CODE OR ANY USER MODIFICATIONS. *
' * DO NOT USE IN A PRODUCTION ENVIRONMENT UNTIL YOU HAVE TESTED IN A SECURED LAB *
' * ENVIRONMENT. USE AT YOUR OWN RISK. *
' *********************************************************************************



'On Error Resume Next
dim WshShell,oArgs,FSO, wshNetwork

set oArgs=wscript.Arguments

if InStr(oArgs(0),&quot;?&quot;)<>0 then
wscript.echo VBCRLF & &quot;? HELP ?&quot; & VBCRLF
Usage
end if

sCmd= &quot;\\master\patch\&quot; & oArgs(0) & &quot;.exe &quot; & oArgs(1)
Set wshNetwork = Wscript.CreateObject(&quot;Wscript.Network&quot;)
set WshShell = CreateObject(&quot;WScript.Shell&quot;)
set WshEnv = WshShell.Environment(&quot;Process&quot;)
strComputer = wshNetwork.ComputerName
WinPath = WshEnv(&quot;SystemRoot&quot;)&&quot;\System32\runas.exe&quot;
set FSO = CreateObject(&quot;Scripting.FileSystemObject&quot;)

if FSO.FileExists(winpath) then
'wscript.echo winpath & &quot; &quot; & &quot;verified&quot;
else
wscript.echo &quot;!! ERROR !!&quot; & VBCRLF & &quot;Can't find or verify &quot; & winpath &&quot;.&quot; & VBCRLF & &quot;You must be running Windows 2000 for this script to work.&quot;
set WshShell=Nothing
set WshEnv=Nothing
set oArgs=Nothing
set FSO=Nothing
wscript.quit
end if
Call Patch_verification
WshShell.Run &quot;runas /user:domain\administrator&quot; & &quot; &quot; & CHR(34) & sCmd & CHR(34), 2, FALSE
Wscript.Sleep 40 'need to give time for window to open.
WshShell.AppActivate(WinPath) 'make sure we grab the right window to send password to
WshShell.SendKeys &quot;password&quot;&VBCRLF 'send the password to the waiting window.
msgbox &quot;done&quot;

set WshShell=Nothing
set oArgs=Nothing
set WshEnv=Nothing
set FSO=Nothing

wscript.quit

' ************************
' * Usage Subroutine *
' ************************
Sub Usage()
On Error Resume Next
msg=&quot;Usage: patch Command&quot; & VBCRLF & VBCRLF & &quot;You should use the full path where necessary and put long file names or commands&quot; & VBCRLF & &quot;with parameters in quotes&quot; & VBCRLF & VBCRLF &&quot;For example:&quot; & VBCRLF &&quot; patch &quot;&quot;<\\server\patch\Q1111111.exe> /q&quot; & CHR(34) & VBCRLF & VBCRLF & VBCLRF & &quot;patch /? | -? will display this message.&quot;

wscript.echo msg

wscript.quit

end sub


Sub Patch_Verification
wshShell.CurrentDirectory = &quot;C:\Windows\System32&quot;
If fso.FileExists(&quot;c:\Windows\System32\qfecheck.exe&quot;) = true Then
wshShell.run &quot;cmd /C c:\windows\system32\qfecheck > \\server\patch\machlog\&quot; & strComputer & &quot;.log&quot;,4,True
Else
qfeCmd = &quot;\\master\patch\q282784.exe -q&quot;
wshShell.run &quot;runas /user:domain\administrator&quot; & &quot; &quot; & CHR(34) & qfeCmd & CHR(34), 2, FALSE
Wscript.Sleep 40 'need to give time for window to open.
WshShell.AppActivate(WinPath) 'make sure we grab the right window to send password to
WshShell.SendKeys &quot;password&quot;&VBCRLF 'send the password to the waiting window.
While fso.FileExists(&quot;c:\Windows\System32\qfecheck.exe&quot;) = false
Wscript.Sleep 3000
Wend
wshShell.run &quot;cmd /C c:\windows\system32\qfecheck > \\server\patch\machlog\&quot; & strComputer & &quot;.log&quot;,4,True
End If
While fso.FileExists(&quot;\\server\patch\machlog\&quot; & strcomputer & &quot;.log&quot;) = false
wscript.Sleep 3000
Wend
Set objreader = fso_OpenTextFile(&quot;\\server\patch\machlog\&quot; & strcomputer & &quot;.log&quot;,1)
do Until objreader.AtEndOfStream
strline = objreader.ReadLine
qname_length = Len(oArgs(0))
If Ucase(Left(strline,qname_length)) = Ucase(oArgs(0)) Then
msgbox &quot;Already installed&quot;
Wscript.Quit
End If
Loop
End Sub Regards
Steve Friday
 
Upvote 0 Downvote
sorry forgot to mention the Patch direcotry needs to be a share on your server. Also if you keep the files on the server you will be able to check that all machine have all relevant patches and they have been installed successfully as a failure give a result in the qfecheck similar to

Q318138: This patch needs re-installing
Q282784: Successfull Regards
Steve Friday
 
Upvote 0 Downvote
Thank you for this, I will give it a whirl over the couple of days on a few test pc's before rolling it out.

To be honest it surprised me that no one had done this before, it took a few weeks of searching for me to even find the first link to do the runas bit.

I'll post to let you know how it works out.

Thanks again

Jonathan

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Don Child
  • Locked
  • Question
Oracle connection works while debugging in VBSEdit, but not when run from the command line. 1
Replies
2
Views
248
Don Child
Don Child
Alexvb6
  • Locked
  • Question
Deprecation of VBScript + Classic ASP: How to Ask Microsoft to cancel their planned craziness
Replies
0
Views
391
Alexvb6
Alexvb6
bdwilcox
  • Locked
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
1K
SoftwareRT
SoftwareRT
EdScripts
  • Locked
  • Question
Using a Variable in the Run Method - I would sure like to be able to do this !
Replies
0
Views
182
EdScripts
EdScripts
S
  • Locked
  • Question
Need to submit page when clicking a checkbox
Replies
0
Views
231
shbr5413
S

Part and Inventory Search

Sponsor

Back
Top