lmichiel
(Fresh Scripter)
2002-07-22 02:40 PM
how to pass command line with options to su.exe

Hi all

I'm trying to do the following:

setl "SU_COMMANDLINE=c:\epoagent\aginst32 /remove"
setl "SU_DOMAIN=@domain"
setl "SU_PASSWORD=xxxxx"
shell "%comspec% /c su administrator"

But it goes wrong because of the /remove bit in the first line. Any clues?

btw suss.exe is running as service on the pc.

cheers
Leo


LonkeroAdministrator
(KiX Master Guru)
2002-07-22 02:45 PM
Re: how to pass command line with options to su.exe

what about:
setl 'SU_COMMANDLINE="c:\epoagent\aginst32 /remove"'

this keeps the whole line with the remove as var... or should. try and reply how it works [Big Grin]

cheers,


lmichiel
(Fresh Scripter)
2002-07-22 02:48 PM
Re: how to pass command line with options to su.exe

To bad, it doesn't work:
CreateProcessAsUser error! (rc=3)
The system cannot find the path specified.

cheers
Leo


Mark Bennett
(Getting the hang of it)
2002-07-22 02:54 PM
Re: how to pass command line with options to su.exe

I used RUNAS to achieve a switch in user. I found I had to also use ScriptIt (or AutoIt) to type the password (as RUNAS does not allow you to pipe the password into the command). The one thing I didn't like is the password was stored in a file somewhere which is a REALLY bad idea.

However the what I wanted to do was being done selectively and I knew who would be running the script and roughly when. So I put the password in a text file located in a hidden share and left it blank. Then the script would say, "This process has NOT been enabled. Please contact Mickey Mouse on 5551234!"

Mark


LonkeroAdministrator
(KiX Master Guru)
2002-07-22 03:03 PM
Re: how to pass command line with options to su.exe

heh... let's go deeper then.
you could also try something like:
setl 'commandlinearg="this" /remove'

but after the line
call cmd to see how it is written in there.
like:
setl 'commandlinearg="this" /remove'
shell "%comspec% /k set"


lmichiel
(Fresh Scripter)
2002-07-22 04:41 PM
Re: how to pass command line with options to su.exe

The script print the following:
SU_COMMANDLINE="c:\epoagent\aginst32" /remove
it down't give an error but it also doesn't perform the program with the /remove option

It seems that only c:\epoagent\aginst32 is being run


LonkeroAdministrator
(KiX Master Guru)
2002-07-22 04:45 PM
Re: how to pass command line with options to su.exe

could the wksta be xp?

lmichiel
(Fresh Scripter)
2002-07-22 04:49 PM
Re: how to pass command line with options to su.exe

Yes, my machine is running XP prof

LonkeroAdministrator
(KiX Master Guru)
2002-07-22 04:51 PM
Re: how to pass command line with options to su.exe

xp has some problem with passing first argument...

as %0 is not properly interpreted...
if just someone could check this as I don't have any XP wksta to test on


lmichiel
(Fresh Scripter)
2002-07-22 04:57 PM
Re: how to pass command line with options to su.exe

Yes but I'm not running it in a logon script yet, just locally on my PC. SO I don't use %0\..\

LonkeroAdministrator
(KiX Master Guru)
2002-07-22 05:03 PM
Re: how to pass command line with options to su.exe

yes, but xp seems to handle all those differently as you said the %1 doesn't get passed to the program.

does it work, if you open command prompt and put those variables manually and then try to run su?


lmichiel
(Fresh Scripter)
2002-07-22 05:08 PM
Re: how to pass command line with options to su.exe

I've entered the variables manually but still su doens't work
If I enter %SU_COMMANDLINE% on the command prompt, the program runs correctly so it seems to have to do with su.exe (and suss.exe)

I got those from Bryce'S Kix Library


Kdyer
(KiX Supporter)
2002-07-22 05:13 PM
Re: how to pass command line with options to su.exe

Lonkero..

It has to be C:\epoagent\aginst32.exe /remove

Leo - How about:

setl 'SU_COMMANDLINE="c:\epoagent\aginst32 /remove"'

Does that work?

Kent


LonkeroAdministrator
(KiX Master Guru)
2002-07-22 05:20 PM
Re: how to pass command line with options to su.exe

kent, what about reading carefully my first post? [Big Grin]

Kdyer
(KiX Supporter)
2002-07-22 05:21 PM
Re: how to pass command line with options to su.exe

OK..

Here we go..

Try this..

code:
$Removecmd = READVALUE("HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePolicy Orchestrator\Application Plugins\ePOAgent2000","Uninstall Command")

setl "SU_COMMANDLINE="+$Removecmd

Does this help?

Kent


Kdyer
(KiX Supporter)
2002-07-22 05:43 PM
Re: how to pass command line with options to su.exe

May I ask why you are trying to remove the ePO Agent? We just upgraded our enterprise and the Agents have all updated across the domain with little or no issue. We went from ePO 2.0 to 2.52.

The upgrade was also completed on locked down workstations too.

Thank you,

Kent


lmichiel
(Fresh Scripter)
2002-07-22 06:30 PM
Re: how to pass command line with options to su.exe

We're using epo with quite some success. However sometimes it happens that the client stops communicating with the server. So only uninstalling this client and reinstalling makes it working again (installing it again over th old installation doesn help)

I've written a perl script which checks for the last communication with the server and if this is longer than 7 days ago, it must remove th old client and reinstall it. It works like a charm on Win 9x machines but I want this to work on Win 2K as well.
I've got a kixstart version of the perl script I use so I want to get this working with SU before I try to use it with perl (the perl script is about 4 times faster)


lmichiel
(Fresh Scripter)
2002-07-22 06:33 PM
Re: how to pass command line with options to su.exe

quote:
ry this..

code:
--------------------------------------------------------------------------------

$Removecmd = READVALUE("HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePolicy Orchestrator\Application Plugins\ePOAgent2000","Uninstall Command")

--------------------------------------------------------------------------------

setl "SU_COMMANDLINE="+$Removecmd

Does this help?

Sorry, no go . It has to do with SU because the command works if I enter it as %SU_COMMANDLINE% on the command prompt


Les
(KiX Master)
2002-07-22 06:44 PM
Re: how to pass command line with options to su.exe

Instead of messing with SU, why not push to Task Scheduler? Looks like you have an admin script running so with JT.EXE, it could also push the task.

lmichiel
(Fresh Scripter)
2002-07-22 07:09 PM
Re: how to pass command line with options to su.exe

$passwd="chrompack"
settitle("logonscript")
setfocus ("logonscript")
setconsole ("foreground")
run '%windir%\System32\runas.exe /user:administrator "c:\epoagent\aginst32.exe /remove "'
sleep 0.3
sendkeys ($passwd)
sendkeys (chr(13))

THIS DOES THE TRICK WITHOUT SU!
OK it isn't very neat but it works and it is just as (un)safe as using SU. I found this one somewhere hidden on this forum :-)


lmichiel
(Fresh Scripter)
2002-07-22 07:10 PM
Re: how to pass command line with options to su.exe

No, I wasn't to hasty with publishing, the password isn't valid :-)

Kdyer
(KiX Supporter)
2002-07-23 06:25 AM
Re: how to pass command line with options to su.exe

What version of ePO are we working with?

Thanks,

Kent


lmichiel
(Fresh Scripter)
2002-07-23 07:59 AM
Re: how to pass command line with options to su.exe

Epo 2.5.1

cheers
Leo


Kdyer
(KiX Supporter)
2002-07-23 02:26 PM
Re: how to pass command line with options to su.exe

We just went to 2.52 (or SP-1) of ePO..

It has upgraded all clients automatically (even locked down). We just installed this new version on Thursday evening (18 July 2002). All appears well.

This appealed to me when investigating this upgrade:

quote:

You can also set the number of concurrent
downloads to 0. This allows you to disable
agent autoupgrade and software deployment;
for example, if you use a method other than
ePolicy Orchestrator to distribute software
updates.

Or this..

quote:

14. In the 1.1 release, the .NAP and plug-in
files for NetShield 4.5 for Windows NT and
Windows 2000 failed the FTP authentication
for AutoUpgrade and AutoUpdate. This has
been fixed.

Or...

quote:

22. In the 1.1 release, if agents were not
automatically upgraded on Windows 95
client computers, you needed to restart
the computer or re-deploy the agent. A
one-minute delay has been added after the
user logs on, enabling the task to
complete successfully.

Here is some information of interst:

Product Upgrades
www.mcafeeb2b.com/naicommon/download/upgrade/login.asp

Valid grant number required.
Contact Network Associates Customer
Service

HTH,

Kent


Chris S.
(MM club member)
2002-07-23 02:52 PM
Re: how to pass command line with options to su.exe

Why even mess with SU or Task Scheduler? Why not set up a service account with Domain Admin rights and setup the agent to use these credentials when installing? We're doing this is our org and do not have rights issues installing the agent.