General discussion

  • Creator
    Topic
  • #2298154

    Installing MS patches by Logon script

    Locked

    by maity-boy ·

    I am considering installing the latest RPC Patch using a logon script. We used to use the OS environment Variable to distinguish between operating systems when we only had 95 and NT but this is no use now that we have 2k and XP as they both have OS as Windows_NT. does anyone know of any other way to distinguish between the operating systems. I thought of All users path butits still the same between 2k and XP.If anyone has a sample script that would be even better

All Comments

  • Author
    Replies
    • #2743359

      Reply To: Installing MS patches by Logon script

      by maity-boy ·

      In reply to Installing MS patches by Logon script

      Maybe I was being a bit tight. Points changed to 2000

    • #2743321

      Reply To: Installing MS patches by Logon script

      by jschein ·

      In reply to Installing MS patches by Logon script

      this would would fine to make a script as such, but the users would have to have admin rights? do you have this / or want to give them admin rights?

    • #2743311

      Reply To: Installing MS patches by Logon script

      by maity-boy ·

      In reply to Installing MS patches by Logon script

      My direction on this has changed since first posting. I now plan to use logon script for NT and use microsofts vbscript for 2000 and xp. Users do not have admin rights. is this going to cause problems in nt?

    • #2743303

      Reply To: Installing MS patches by Logon script

      by curacao_dejavu ·

      In reply to Installing MS patches by Logon script

      only administrators can install patches, applications , drivers.
      that’s the builtin security in all nt based os.
      So yes, that will become a problem.
      Furthermore I would suggest rather to investigate the possibillities of Windows Update Services.
      http://www.microsoft.com/windows2000/windowsupdate/sus/default.asp

      Leopold

    • #2742918

      Reply To: Installing MS patches by Logon script

      by pclemente2 ·

      In reply to Installing MS patches by Logon script

      there are beeter way to handle this IF your company will spend the $$$$$. A product call UpdateExpert will allow you to centrally control all your systems and push the update to your workstation in a Batch, or by Machine list ip etc. It will querey the system and report back what is missing and if you do not happed to have that patch it link to MIcrosoft and downloads it for you. Look it over and see what you think. It really isn’t an answer to your original question, but it will help.

      You coould have it check for a registry key

    • #2742888

      Reply To: Installing MS patches by Logon script

      by monice ·

      In reply to Installing MS patches by Logon script

      See MS Q827227

      http://tinyurl.com/n5j9

      The Patchinstall.vbs script performs these tasks:
      1. The script reads a list of IP addresses for the remote host computers where you want to install the security patch.
      2. The script obtains this list from an ASCII text file (Ipfile.txt) that contains a list of IP address (one IP address per line).
      For example, you can use the Vulnerable.txt log file from the KB824146 scanning tool for the Ipfile.txt file.
      3. The script obtains the first IP address from the list.
      4. The script determines the Windows version on the destination computer.
      5. The script maps drive Z on the script computer to C$ on the destination computer.
      6. The script copies the correct version of the patch (for Windows XP, Windows 2000, or Windows Server 2003) to C:\Patchinst.exe on the destination computer (by using the drive Z mapping).
      7. The script causes the patch to be installed, and then automatically restarts the destination computers without any user input or dialog boxes by using the -q -f switches (Unattended installation mode).
      8. The script waits for the installation to complete.
      9. The script tries to delete the C:\Patchinst.exe file on the destination computer.
      10. The script removes the drive Z mapping.
      11. The script processes the next IP address in the list.

      Hope this solution works for you.

    • #2744288

      Reply To: Installing MS patches by Logon script

      by barry.hendriks ·

      In reply to Installing MS patches by Logon script

      Example script: This script below caters for WinXP, WinNT, Win2K, Win98/95. (Desktops)

      If you want the utility to detect OS (gettype.exe)- send me an e-mail

      This message will be truncated – more than 2000 chars!

      @echo
      off
      CLS
      echo.
      echo.
      echo ********************************************
      echo ********************************************
      echo * EMERGENCY VIRUS SCAN and SOFTWARE UPDATE *
      echo ********************************************
      echo * *
      echo * Please do not cancell this window! *
      echo * *
      echo ********************************************
      echo * Phone (086) 100-xxxx *
      echo * or e-mail the CompanyName HelpDesk *
      echo * for assistance if required *
      echo ********************************************
      echo There are critical patches that needs to be
      echo installed to protect your files and data.
      echo.
      echo After each installation, please re-boot and
      echo login into your workstation until all the
      echo critical patches has been installed.
      echo ********************************************
      echo.

      :*************************************************************************************
      :*Program to detect OS Program to detect OS Program to detect OS Program to detect OS*
      :*************************************************************************************

      if “%OS%” == “Windows_NT” goto CHECKOS
      goto W9598

      :CHECKOS

      if exist “c:\windows\system32\xpsp1hfm.exe” goto WXPALL
      if exist “c:\windows\system32\xpsp1res.dll” goto WXPALL
      if exist “c:\windows\help\sbsi\training\wxppro\xpglospr.hlp” goto WXPALL

      %logonserver%\”virusblaster\gettype.exe”

      if ERRORLEVEL=9 goto NOTFOUND
      if ERRORLEVEL=8 goto SYSSVR
      if ERRORLEVEL=7 goto SYSSVR
      if ERRORLEVEL=6 goto SYSSVR
      if ERRORLEVEL=5 goto SYSSVR
      if ERRORLEVEL=4 goto SYSSVR
      if ERRORLEVEL=3 goto SYSSVR
      if ERRORLEVEL=2 goto W2KSP3
      if ERRORLEVEL=1 goto

    • #3382690

      Reply To: Installing MS patches by Logon script

      by adrianmrutter ·

      In reply to Installing MS patches by Logon script

      Have you considered using QChain.exe from Microsoft to enable you to install multiple hotfixes one after the other without a reboot, and then maybe manually put a prompt in at the end to tell the user to reboot immediately, OR automate the reboot. i.e. drop a file to the hard disk upon completion of the script so that it does not try and install a second time.

      References
      ~~~~~~~~~~~
      http://support.microsoft.com/?kbid=296861
      http://techrepublic.com.com/5100-6268-1048774.html

    • #3382679

      Reply To: Installing MS patches by Logon script

      by maity-boy ·

      In reply to Installing MS patches by Logon script

      This question was closed by the author

Viewing 8 reply threads