#149541 - 2005-10-08 06:40 AM
Scheduled tasks running as Admin needs to "interact" with desktop
|
Redfoxdn
Fresh Scripter
Registered: 2005-09-09
Posts: 8
Loc: Missouri
|
How can a Scheduled Task-ed KIX script, running as a local Admin, interact with the currently logged on user (i.e. The Desktop - who only has USER rights) on the SAME machine?
Here is my environment/problem: I have a script that is scheduled to START 15 minutes AFTER the computer is turned on; every so often it checks to see if there is a file to copy from a specifiec UNC path (a remote PC) and It then executes a script/program to perform an action on that file.
This main script is running as user who has been give LOCAL admin rights on the current PC. Assume OS is NT4.0, W2K or XP with WMI installed.
Somehow I want to present a messagebox (or the like) to the Desktop, letting the know to close out of all application or that a particular application needs to be closed... Remember the desktop user only has User Rights (no Admin rights.)
From what I've been reading, the Scheduled Tasks, when created with WMI, has a option like that might support this, BUT then the script HAS to run as LOCALSYSTEM and cannot connect to the network - which is a REQUIREMENT for me... or is that a limitation that only applies to a full pledged service?
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/win32_scheduledjob.asp InteractWithDesktop Data type: boolean Access type: Read-only
Specified job is interactive, which means that a user can give input to a scheduled job while it is executing.
I've thought of an elaborate scheme involving WMI and passing asynchronious/semi-synchronious messages back and forth between a scrip running as a user and the scheduled task, but that gets REALLy complicated very quickly...
Any other suggestions/ideas would be helpful.
I am familiar with JT.exe but that does NOT have the InteractWithDesktop option...
Also hear of schtasks.exe but it doesn't work on some OS version and I don't want to use a hacked version...
Sincerely, David.
|
Top
|
|
|
|
#149546 - 2005-10-09 05:11 AM
Re: Scheduled tasks running as Admin needs to "interact" with desktop
|
Redfoxdn
Fresh Scripter
Registered: 2005-09-09
Posts: 8
Loc: Missouri
|
The packages are "pulled" by the "Install" Agent script running on the client workstation. That's one reason why it needs NETWORK access. INI files in a central UNC share would describe what packages to pull down. The resulting LOG files would also need to be placed back to the UNC share.
I don't want to rely on the net send message for several reasons: The way it FINDS the user is using WINS (which still relies on NetBIOS - yuck), which as many of you, has LOTS of problems displaying the message to the CORRECT desktop, IF a user is logged on multiple workstations! Which could happen in our environment - Desktop user + W2K/NT 4.0 Terminal Server sessions http://support.microsoft.com/default.aspx?scid=KB;EN-US;168893&
I also would like to be able to RECEIVE a response BACK from the user; I.e. User clicked on "Wait for 5 more minutes" type option.
POSSIBLE SOLUTION: To avoid such a complicated messaging requirement AND remove the requirement for RECEIVING responses from users, how about if the Agent script just Notified the user to logoff BEFORE the workstation Agent starts the package installation. Then there is no way the user could be the cause of a file in use issue... Also, if the package sees that file is STILL in use, (trying to patch a running service maybe?) _IT_ could reboot right away without having to wait for the user to logoff. One problem would be if the user logs BACK on before the package install is complete... But we could just place a "one-way" prompt that "all packages are done you may now log back in" type message on the console (where the CTRL-ALT-DEL) is displayed.
I'm also thinking about using the Computer Startup Script options to install the queued packages, but I'm not sure if there is an equivalent scheduling option that works with NT 4.0 Wks.
We also have the ability to display a Message-Of-The-Day at User Logon (via login scripts), which would serve as a reminder for users to leave the PCs ON but just logout... unfortunatel that may be WAY to much for non-competent users, who end up shutting down the PCs anyway...
Any additional ideas/questions/concerns are welcome!
BTW> the concept is similar to what the "Kixtart Systems Management Server" scripts perform overall. It's just that our DOMAIN users don't have ADMIN rights on the workstations (NT4.0, W2K, XP etc.).... So that's why I have to design the delivery & deployment this way.
It would be nice to be able to use the WSUS system for CUSTOM packages as well... that WOULD solve this problem with ONE exception. This script would be able to handle Windows 95-Windows XP and beyond Operating Systems, where WSUS only supports W2K SP4 and above!
|
Top
|
|
|
|
Moderator: Shawn, ShaneEP, Ruud van Velsen, Arend_, Jochen, Radimus, Glenn Barnas, Allen, Mart
|
1 registered
(Allen)
and 382 anonymous users online.
|
|
|