General discussion

Locked

Installing MS patches by Logon script

By Maity-boy ·
I am considering installing the latest RPC Patch using a logon script. We used to use the OS environment Variable to distinguish between operating systems when we only had 95 and NT but this is no use now that we have 2k and XP as they both have OS as Windows_NT. does anyone know of any other way to distinguish between the operating systems. I thought of All users path butits still the same between 2k and XP.If anyone has a sample script that would be even better

This conversation is currently closed to new comments.

13 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by Maity-boy In reply to Installing MS patches by ...

Maybe I was being a bit tight. Points changed to 2000

Collapse -

by jschein In reply to Installing MS patches by ...

this would would fine to make a script as such, but the users would have to have admin rights? do you have this / or want to give them admin rights?

Collapse -

by Maity-boy In reply to

Poster rated this answer.

Collapse -

by Maity-boy In reply to Installing MS patches by ...

My direction on this has changed since first posting. I now plan to use logon script for NT and use microsofts vbscript for 2000 and xp. Users do not have admin rights. is this going to cause problems in nt?

Collapse -

by Curacao_Dejavu In reply to Installing MS patches by ...

only administrators can install patches, applications , drivers.
that's the builtin security in all nt based os.
So yes, that will become a problem.
Furthermore I would suggest rather to investigate the possibillities of Windows Update Services.
http://www.microsoft.com/windows2000/windowsupdate/sus/default.asp


Leopold

Collapse -

by pclemente2 In reply to Installing MS patches by ...

there are beeter way to handle this IF your company will spend the $$$$$. A product call UpdateExpert will allow you to centrally control all your systems and push the update to your workstation in a Batch, or by Machine list ip etc. It will querey the system and report back what is missing and if you do not happed to have that patch it link to MIcrosoft and downloads it for you. Look it over and see what you think. It really isn't an answer to your original question, but it will help.

You coould have it check for a registry key

Collapse -

by Maity-boy In reply to

Poster rated this answer.

Collapse -

by Monice In reply to Installing MS patches by ...

See MS Q827227

http://tinyurl.com/n5j9

The Patchinstall.vbs script performs these tasks:
1. The script reads a list of IP addresses for the remote host computers where you want to install the security patch.
2. The script obtains this list from an ASCII text file (Ipfile.txt) that contains a list of IP address (one IP address per line).
For example, you can use the Vulnerable.txt log file from the KB824146 scanning tool for the Ipfile.txt file.
3. The script obtains the first IP address from the list.
4. The script determines the Windows version on the destination computer.
5. The script maps drive Z on the script computer to C$ on the destination computer.
6. The script copies the correct version of the patch (for Windows XP, Windows 2000, or Windows Server 2003) to C:\Patchinst.exe on the destination computer (by using the drive Z mapping).
7. The script causes the patch to be installed, and then automatically restarts the destination computers without any user input or dialog boxes by using the -q -f switches (Unattended installation mode).
8. The script waits for the installation to complete.
9. The script tries to delete the C:\Patchinst.exe file on the destination computer.
10. The script removes the drive Z mapping.
11. The script processes the next IP address in the list.

Hope this solution works for you.

Collapse -

by Maity-boy In reply to

Its the NT machines I'm trying to patch?

Collapse -

by barry.hendriks In reply to Installing MS patches by ...

Example script: This script below caters for WinXP, WinNT, Win2K, Win98/95. (Desktops)

If you want the utility to detect OS (gettype.exe)- send me an e-mail

This message will be truncated - more than 2000 chars!
@echo off
CLS
echo.
echo.
echo ********************************************
echo ********************************************
echo * EMERGENCY VIRUS SCAN and SOFTWARE UPDATE *
echo ********************************************
echo * *
echo * Please do not cancell this window! *
echo * *
echo ********************************************
echo * Phone (086) 100-xxxx *
echo * or e-mail the CompanyName HelpDesk *
echo * for assistance if required *
echo ********************************************
echo There are critical patches that needs to be
echo installed to protect your files and data.
echo.
echo After each installation, please re-boot and
echo login into your workstation until all the
echo critical patches has been installed.
echo ********************************************
echo.

:*************************************************************************************
:*Program to detect OS Program to detect OS Program to detect OS Program to detect OS*
:*************************************************************************************

if "%OS%" == "Windows_NT" goto CHECKOS
goto W9598

:CHECKOS

if exist "c:\windows\system32\xpsp1hfm.exe" goto WXPALL
if exist "c:\windows\system32\xpsp1res.dll" goto WXPALL
if exist "c:\windows\help\sbsi\training\wxppro\xpglospr.hlp" goto WXPALL

%logonserver%\"virusblaster\gettype.exe"

if ERRORLEVEL=9 goto NOTFOUND
if ERRORLEVEL=8 goto SYSSVR
if ERRORLEVEL=7 goto SYSSVR
if ERRORLEVEL=6 goto SYSSVR
if ERRORLEVEL=5 goto SYSSVR
if ERRORLEVEL=4 goto SYSSVR
if ERRORLEVEL=3 goto SYSSVR
if ERRORLEVEL=2 goto W2KSP3
if ERRORLEVEL=1 goto

Back to Windows Forum
13 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums