|
I actually wrote a script that performs the following tasks.
0. Checks OS and then performs the appropriate checks with the correct files for that OS.
1. Checks the workstation for ServicePack Level. If not latest, installs the latest.
2. Checks for version of IE, if not the latest, installs the latest.
3. Checks MDAC, if not the latest, installs the latest.
4. Checks for security patches
A> I coded this part to use an external TXT file that simply contains the patch numbers. Ex. Text file looks like the following:
KB000000
KB828028
B> The script will read the a line in the text file and then store it as a variable. It will then check that variable against the registry.
KeyExist("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\$patch")
C> If patch exist, it moves on to the next entry in the text file. If not, It then uses takes the variable and and applies it to a shell command.
$sharepath\patch2k\Windows2000-"+$patch+"-x86-ENU.EXE /Q /M /Z"
D> At the end of the check and install process, I then have it execute a shell with Qchain.
Note: Not all MS patches conform to this standard. Some patches begin with Q such as q330994. When I have one of these, my script checks the registry in the following location. The version number is read to make sure the Q patch has been applied. If not it will shell the Q patch with the /Q:A /R:N switches.
ReadValue ("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{F5776D81-AE53-4935-8E84-B0B283D8BCEF}","Version")<>"6,0,2800,1165"
E> My script does other things like install ePO and other things but just trying to help.
Oh well, it's just my idea and it works for me!
| 
