|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
This script doesn't work i don't know whyWindows 2003 Server Domain. if exist C:\patchs\kbxxxxxx.dat goto end if exist C:\patchs\. goto label1 md c:\patchs :label1 \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart /log:C:\patchs\echo "patch applyed" > c:\patchs\kbxxxxxx.dat :end I gave to the group "Domain Computers" read and write rights over the share where the patch is located. I know the script was actually executed because it creates the folder and the flag file. Any idea Thanks in advance.
Show quote
Hide quote
"mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in message If run as a logon script, perhaps the user lacks the privs necessary to run news:535913B3-775A-4EF6-8F3F-38D217CEFE94@microsoft.com... >I wrote this machine script to apply a patch to the computers of a OU in a > Windows 2003 Server Domain. > > if exist C:\patchs\kbxxxxxx.dat goto end > if exist C:\patchs\. goto label1 > md c:\patchs > :label1 > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart /log:C:\patchs\ > echo "patch applyed" > c:\patchs\kbxxxxxx.dat > :end > > I gave to the group "Domain Computers" read and write rights over the > share > where the patch is located. > > I know the script was actually executed because it creates the folder and > the flag file. > > Any idea the patch executable. /Al
Show quote
Hide quote
"Al Dunbar" <aland***@hotmail.com> wrote in message You might want to deploy the patch remotely. I have an example VBScript that news:esizUQmYJHA.1532@TK2MSFTNGP03.phx.gbl... > > "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in > message news:535913B3-775A-4EF6-8F3F-38D217CEFE94@microsoft.com... >>I wrote this machine script to apply a patch to the computers of a OU in a >> Windows 2003 Server Domain. >> >> if exist C:\patchs\kbxxxxxx.dat goto end >> if exist C:\patchs\. goto label1 >> md c:\patchs >> :label1 >> \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart >> /log:C:\patchs\ >> echo "patch applyed" > c:\patchs\kbxxxxxx.dat >> :end >> >> I gave to the group "Domain Computers" read and write rights over the >> share >> where the patch is located. >> >> I know the script was actually executed because it creates the folder and >> the flag file. >> >> Any idea > > If run as a logon script, perhaps the user lacks the privs necessary to > run the patch executable. > > /Al > > deploys any executable (if it runs silently with no user interaction) to all computers in a domain group linked here: http://www.rlmueller.net/Deploy.htm The program uses WMI to connect to each computer in the group and run the specified executable (with parameters). The program pings each computer first to check if they are available. The program logs everything to a log file. The person running the script must be a member of the local Administrators group. By default the group "Domain Admins" is added to the local Administrators group when the computer is joined to the domain, so if you are member of that group you should be fine. No one needs to be logged into the remote computers, but they must be connected to the network and running. I'll try your script but just for curiosity, what's the problem with the
script, why it doesn't run as supposed? Show quoteHide quote "Richard Mueller [MVP]" wrote: > > "Al Dunbar" <aland***@hotmail.com> wrote in message > news:esizUQmYJHA.1532@TK2MSFTNGP03.phx.gbl... > > > > "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in > > message news:535913B3-775A-4EF6-8F3F-38D217CEFE94@microsoft.com... > >>I wrote this machine script to apply a patch to the computers of a OU in a > >> Windows 2003 Server Domain. > >> > >> if exist C:\patchs\kbxxxxxx.dat goto end > >> if exist C:\patchs\. goto label1 > >> md c:\patchs > >> :label1 > >> \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart > >> /log:C:\patchs\ > >> echo "patch applyed" > c:\patchs\kbxxxxxx.dat > >> :end > >> > >> I gave to the group "Domain Computers" read and write rights over the > >> share > >> where the patch is located. > >> > >> I know the script was actually executed because it creates the folder and > >> the flag file. > >> > >> Any idea > > > > If run as a logon script, perhaps the user lacks the privs necessary to > > run the patch executable. > > > > /Al > > > > > > You might want to deploy the patch remotely. I have an example VBScript that > deploys any executable (if it runs silently with no user interaction) to all > computers in a domain group linked here: > > http://www.rlmueller.net/Deploy.htm > > The program uses WMI to connect to each computer in the group and run the > specified executable (with parameters). The program pings each computer > first to check if they are available. The program logs everything to a log > file. The person running the script must be a member of the local > Administrators group. By default the group "Domain Admins" is added to the > local Administrators group when the computer is joined to the domain, so if > you are member of that group you should be fine. No one needs to be logged > into the remote computers, but they must be connected to the network and > running. > > -- > Richard Mueller > MVP Directory Services > Hilltop Lab - http://www.rlmueller.net > -- > > > I ran it as a machine startup script.
Show quoteHide quote "Al Dunbar" wrote: > > "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in message > news:535913B3-775A-4EF6-8F3F-38D217CEFE94@microsoft.com... > >I wrote this machine script to apply a patch to the computers of a OU in a > > Windows 2003 Server Domain. > > > > if exist C:\patchs\kbxxxxxx.dat goto end > > if exist C:\patchs\. goto label1 > > md c:\patchs > > :label1 > > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart /log:C:\patchs\ > > echo "patch applyed" > c:\patchs\kbxxxxxx.dat > > :end > > > > I gave to the group "Domain Computers" read and write rights over the > > share > > where the patch is located. > > > > I know the script was actually executed because it creates the folder and > > the flag file. > > > > Any idea > > If run as a logon script, perhaps the user lacks the privs necessary to run > the patch executable. > > /Al > > > "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in message I'm not sure, then, but perhaps you can get some status info from the patch news:2ADD4A2E-AC7D-4018-A666-C9CE66CF75C8@microsoft.com... >I ran it as a machine startup script. executable itself: :label1 (\\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart /log:C:\patchs\ echo "patch applyed" ) > c:\patchs\kbxxxxxx.dat 2>@ :end You might find, for example, that the account that runs machine startup scripts does not have access to the patchs share on server mcse-01. Or that you have mis-spelt the share name (might it be "patches") or the executable (which likely has numbers instead of x's). /Al Show quoteHide quote > "Al Dunbar" wrote: > >> >> "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in >> message >> news:535913B3-775A-4EF6-8F3F-38D217CEFE94@microsoft.com... >> >I wrote this machine script to apply a patch to the computers of a OU in >> >a >> > Windows 2003 Server Domain. >> > >> > if exist C:\patchs\kbxxxxxx.dat goto end >> > if exist C:\patchs\. goto label1 >> > md c:\patchs >> > :label1 >> > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart >> > /log:C:\patchs\ >> > echo "patch applyed" > c:\patchs\kbxxxxxx.dat >> > :end >> > >> > I gave to the group "Domain Computers" read and write rights over the >> > share >> > where the patch is located. >> > >> > I know the script was actually executed because it creates the folder >> > and >> > the flag file. >> > >> > Any idea >> >> If run as a logon script, perhaps the user lacks the privs necessary to >> run >> the patch executable. >> >> /Al >> >> >> Thanks for take the time to answer Al.
First. The user that execute the script when it is an startup script is the "System" user, at least that's i concluded from my research on the subject, in theory it would be enough to give to the group "Domain Computers" read access to the share. If i'm wrong please let me know. Second. I rule out any miss spelling due to the fact the script runs when it is executed from the command line for any given user. Any idea Thankis in advance Show quoteHide quote "Al Dunbar" wrote: > > "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in message > news:2ADD4A2E-AC7D-4018-A666-C9CE66CF75C8@microsoft.com... > >I ran it as a machine startup script. > > I'm not sure, then, but perhaps you can get some status info from the patch > executable itself: > > :label1 > ( > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart > /log:C:\patchs\ > echo "patch applyed" > ) > c:\patchs\kbxxxxxx.dat 2>@ > :end > > You might find, for example, that the account that runs machine startup > scripts does not have access to the patchs share on server mcse-01. Or that > you have mis-spelt the share name (might it be "patches") or the executable > (which likely has numbers instead of x's). > > /Al > > > "Al Dunbar" wrote: > > > >> > >> "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in > >> message > >> news:535913B3-775A-4EF6-8F3F-38D217CEFE94@microsoft.com... > >> >I wrote this machine script to apply a patch to the computers of a OU in > >> >a > >> > Windows 2003 Server Domain. > >> > > >> > if exist C:\patchs\kbxxxxxx.dat goto end > >> > if exist C:\patchs\. goto label1 > >> > md c:\patchs > >> > :label1 > >> > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart > >> > /log:C:\patchs\ > >> > echo "patch applyed" > c:\patchs\kbxxxxxx.dat > >> > :end > >> > > >> > I gave to the group "Domain Computers" read and write rights over the > >> > share > >> > where the patch is located. > >> > > >> > I know the script was actually executed because it creates the folder > >> > and > >> > the flag file. > >> > > >> > Any idea > >> > >> If run as a logon script, perhaps the user lacks the privs necessary to > >> run > >> the patch executable. > >> > >> /Al > >> > >> > >> > > > "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in message That was just a suggestion about one possible problem. I think you are right news:DC97DBC5-E10A-42EC-B199-EE956C63E59E@microsoft.com... > Thanks for take the time to answer Al. > > First. The user that execute the script when it is an startup script is > the > "System" user, at least that's i concluded from my research on the > subject, > in theory it would be enough to give to the group "Domain Computers" read > access to the share. If i'm wrong please let me know. about the required permission - just beware of any DENY permissions that might be set. I'm not sure if you could verify this with properties - advanced - effective permissions, but alternately, you could create a test startup script that attempts to access one of the shares in question. > Second. I rule out any miss spelling due to the fact the script runs when Good point.> it > is executed from the command line for any given user. > Any idea I second \RemS's suggestion to log information to a file./Al Show quoteHide quote > Thankis in advance > > "Al Dunbar" wrote: > >> >> "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in >> message >> news:2ADD4A2E-AC7D-4018-A666-C9CE66CF75C8@microsoft.com... >> >I ran it as a machine startup script. >> >> I'm not sure, then, but perhaps you can get some status info from the >> patch >> executable itself: >> >> :label1 >> ( >> \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart >> /log:C:\patchs\ >> echo "patch applyed" >> ) > c:\patchs\kbxxxxxx.dat 2>@ >> :end >> >> You might find, for example, that the account that runs machine startup >> scripts does not have access to the patchs share on server mcse-01. Or >> that >> you have mis-spelt the share name (might it be "patches") or the >> executable >> (which likely has numbers instead of x's). >> >> /Al >> >> > "Al Dunbar" wrote: >> > >> >> >> >> "mosquito_hippy" <mosquitohi***@discussions.microsoft.com> wrote in >> >> message >> >> news:535913B3-775A-4EF6-8F3F-38D217CEFE94@microsoft.com... >> >> >I wrote this machine script to apply a patch to the computers of a OU >> >> >in >> >> >a >> >> > Windows 2003 Server Domain. >> >> > >> >> > if exist C:\patchs\kbxxxxxx.dat goto end >> >> > if exist C:\patchs\. goto label1 >> >> > md c:\patchs >> >> > :label1 >> >> > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart >> >> > /log:C:\patchs\ >> >> > echo "patch applyed" > c:\patchs\kbxxxxxx.dat >> >> > :end >> >> > >> >> > I gave to the group "Domain Computers" read and write rights over >> >> > the >> >> > share >> >> > where the patch is located. >> >> > >> >> > I know the script was actually executed because it creates the >> >> > folder >> >> > and >> >> > the flag file. >> >> > >> >> > Any idea >> >> >> >> If run as a logon script, perhaps the user lacks the privs necessary >> >> to >> >> run >> >> the patch executable. >> >> >> >> /Al >> >> >> >> >> >> >> >> >> On 20 Dez. 2008, 01:48, mosquito_hippy
<mosquitohi***@discussions.microsoft.com> wrote: Show quoteHide quote > I wrote this machine script to apply a patch to the computers of a OU in a 1. Not familar at the moment with this, but: I miss a /quiet or /> Windows 2003 Server Domain. > > if exist C:\patchs\kbxxxxxx.dat goto end > if exist C:\patchs\. goto label1 > md c:\patchs > :label1 > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart /log:C:\patchs\ > echo "patch applyed" > c:\patchs\kbxxxxxx.dat > :end > > I gave to the group "Domain Computers" read and write rights over the share > where the patch is located. > > I know the script was actually executed because it creates the folder and > the flag file. > > Any idea > > Thanks in advance. passive Parameter. http://support.microsoft.com/kb/262841/en-us 2. Maybe it's a Problem in Batch to Start the EXE on the UNC Location. Try to copy the patch local an then run it. Thank you BJ, executing from the local folder instead the UNC locations did
the trick. The working script looks like this: if exist C:\patchs\kbxxxxxx.dat goto end if exist C:\patchs\. goto label1 md c:\patchs :label1 copy \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe c:\patchscd C:\patchs mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart /log:C:\patchs\ echo "patch applyed" > c:\patchs\kbxxxxxx.dat Show quoteHide quote :end "BJ" wrote: > On 20 Dez. 2008, 01:48, mosquito_hippy > <mosquitohi***@discussions.microsoft.com> wrote: > > I wrote this machine script to apply a patch to the computers of a OU in a > > Windows 2003 Server Domain. > > > > if exist C:\patchs\kbxxxxxx.dat goto end > > if exist C:\patchs\. goto label1 > > md c:\patchs > > :label1 > > \\mcse-01\patchs\WindowsXP-KBxxxxxx-x86-enu.exe /norestart /log:C:\patchs\ > > echo "patch applyed" > c:\patchs\kbxxxxxx.dat > > :end > > > > I gave to the group "Domain Computers" read and write rights over the share > > where the patch is located. > > > > I know the script was actually executed because it creates the folder and > > the flag file. > > > > Any idea > > > > Thanks in advance. > > > 1. Not familar at the moment with this, but: I miss a /quiet or / > passive Parameter. > > http://support.microsoft.com/kb/262841/en-us > > 2. Maybe it's a Problem in Batch to Start the EXE on the UNC Location. > Try to copy the patch local an then run it. > 
Other interesting topics
Special batchfile
Is there any way to control the Transport Server (subcomponent of Windows Deployment Services) via P How can I do a WMI Bulk data retrieval ? DISKPART select command doesn't have a "noerr" command for scripti Net send over different domains Problem calling oADsSecurityUtility.SetSecurityDescriptor from VBScript Monitor Folder Recursively using WMI exporting * importing users into groups script to extract and create contacts How to Modify AD CN Field |
|||||||||||||||||||||||
