#77223 - 2003-10-24 10:05 AM
Automated patch update system in KiX
|
Mit
Fresh Scripter
Registered: 2002-06-05
Posts: 36
Loc: Derby, UK
|
Howdy pardners.
We have rolled out Windows 2000 onto all our desktop PCs over the summer but still have NT4 on the server end. As such, when it comes to rolling out security updates and so forth I've been unable to use SMS and other Microsoft systems to apply the updates. Instead, I've created my own automatic update system.
Basically there's a share on one of our servers called PATCHES which contains a folder ("AVAILABLE") in which the patch EXE files are stored. There's also a file called INDEX.TXT which contains an index of the patches that are available for the system to install.
The index file uses three lines per patch. The first line is an English description of the patch. The second line is the name of the EXE file and the third line is the name of the EXE file again but with the commandline switches that need to be used in order to apply the patch in unattended or hands-free mode.
It seems to work wonderfully - I'm very happy with it. However, there is one problem that I just can't seem to get sorted.....
Staff here run as Power Users on their PCs. The patches need to be installed using an account with Administrator rights. The RUNAS command in Win2K doesn't allow you to pass it a password for some god-known reason. Therefore I managed to track down a VBS script called VBRUNAS.VBS which allows you to get round this limitation.
VBRUNAS seems to work by calling the RUNAS command in the standard way and then sending the password to the commandline afterwards.
The problem is that every now and then, VBRUNAS doesn't manage to pass the password through properly, and RUNAS prompts for a password. Obviously this isn't good as I don't want people having to type in a password in order for their PC to be updated!
I am pretty sure that the problem does not lie with VBRUNAS as I have 100% success with using it "standalone" rather than being called from KIX.
My KIX script, InstallPatches.Kix is copied below.
code:
; install windows 2000 patches break on ? "Windows 2000 automated patch installer" ? "by T.Wiser" ? ""
; open the text file that contains the list of patches that are available for installing if Open(1, "\\nts40bdc\Patches\Index.txt") = 0 ; file opened ok else $response = MESSAGEBOX("Your PC could not be updated at this time.", "Software update", 32) endif
While @ERROR = 0 ; we're not at the end of the file yet, so read a new patch from the file $description = ReadLine(1) $filename = ReadLine(1) $actual_filename = ReadLine(1)
if $description<>"" if exist("c:\winnt\RolledOutPatches\"+$filename) ? " * Patch $filename is already installed" else ? " * New patch available! Installing "+$filename+CHR(13)+CHR(13)+CHR(13) copy "\\nts40bdc\patches\available\"+$filename "%WINDIR%\RolledOutPatches\"+$filename ; this bit of code writes the complete command into a batch file stored inside %TEMP% and then executes it $finalCommand = "cscript c:\winnt\VBRUNAS.VBS DOMAIN\account password "+CHR(34)+"C:\WINNT\ROLLEDOUTPATCHES\"+$actual_filename+CHR(34) if exist("%TEMP%\ApplyPatch.bat") del "%TEMP%\ApplyPatch.bat" endif OPEN(5, "%TEMP%\ApplyPatch.bat", 5) WRITELINE(5, $finalCommand) CLOSE(5) shell("%TEMP%\ApplyPatch.bat") ; and now terminate the script GOSUB Terminate Exit 1 endif endif Loop
:Terminate
; close the file as we're finished with it now If Close(1) = 0 ; file closed successfully else ? "Could not close file" endif
Can anyone (a) work out what I'm trying to say, and (b) see anything that could cause a problem? [ 24. October 2003, 10:05: Message edited by: Mit ]
|
Top
|
|
|
|
Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart
|
0 registered
and 248 anonymous users online.
|
|
|