/build/static/layout/Breadcrumb_cap_w.png

bat file that calls from network share

is it possible to run something like certmgr.exe or a bat file that runs it with paramaters to install a .cer from a network share?

example of certinstall.bat
certmgr -add -c "certname".cer -s -r localmachine root

and have the .cer in the same directory?

0 Comments   [ + ] Show comments

Answers (9)

Posted by: anonymous_9363 15 years ago
Red Belt
0
How hard would it be to test that?!? :)
Posted by: blambson 15 years ago
Senior Yellow Belt
0
not sure what you mean, but I an verify that the cert is installed.

i have a .cer, certmgr.exe and a .bat that installs the cert on a network share
from any command prompt I can run the following:
\\kboxmngt\client\agent_provisioning\windows_platform\wscert.bat

and install the cert.

How in the new KBOX scripting environment can i run or call the .bat form the network share.
Posted by: anonymous_9363 15 years ago
Red Belt
0
So it's a question about KBox....it kind of helps to say that at th eoutset, since this is a generic 'Scripting' forum.

Unfortunately, I don't know KBox, preferring to use industry-standard stuff like VBScript or PowerShell.

Any KBoxers out there?
Posted by: lindsamw 15 years ago
Orange Senior Belt
0
In the scripting area, just launch a program. Attach your bat file as a dependency. So the program to launch would end up looking something like this “$(KACE_DEPENDENCY_DIR)\batchfile.bat”

Haven't verified if I could point the launch a program thing at a UNC, would assume you could though.
Posted by: GillySpy 15 years ago
7th Degree Black Belt
0
The KBOX Service runs under the localsystem account. To access the network share it needs rights like any other account. If you want to run a command via another account then you could use the runas batch command and put your batch file as a dependency.

Here's an FAQ that will help with your testing (you will need an active support contract to view it):
http://www.kace.com/support/customer/faq/index.php?action=artikel&cat=5&id=731&artlang=en
Posted by: jkatkace 15 years ago
Purple Belt
0
Attaching the certificate as a dependency gives you the additional benefit of the certificate being hashed and the hash checked before and after being downloaded to the client. Of course, you may want to do your own validation, in addition.

I'd make sure SSL is turned on so it's secure in transit, as well.

There was another thread here about the issues with distributing certificates.
Posted by: jg1000c 15 years ago
Orange Belt
0
Why don't you just copy the batch file to the pc and execute the command locally? you can specify the path of the certs in the script.
Posted by: dtuttle 15 years ago
Purple Belt
0
you need to map a drive with a username/password, then access it from there.... then disconnect it.
Posted by: cblake 15 years ago
Red Belt
0
I was just reading this thread and had a couple of thoughts...

VBScab: This is a KBOX section of the forum. Our friend blambson posted in an appropriate area and asked a relevant question.

blambson: There a a few approaches that are echoed here, such as using a dependacy or mappin a drive inside the script. Dependency is the least fragile. mapping a drive in the script assumes that the password of the account never changes, granting access to local services for network resources could be dangerous if not cone carefully. Multiple dependencies can help here. Upload your script, certificate, and any other possible files needed like "certmgr" that might not be in the path variable on every machine. Thhen you can kick of the script as if everything is in the same folder (because it is). Hope that helps.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ