K1000 script to add wireless profile to Windows 7 doesn't work
My script for adding a wireless profile isn't working. I looked at other threads here, but can't figure out what's wrong. The kicker is the commands I use work when entered manually, and the .bat file also works when run manually. I can't figure it out. I've tried making the script an online KScript, an Offline KScript and an Online Shell Script. But nothing does the trick.
Here's what I currently have:
wlan.zip contains:
EAP-PEAP.msi (a Cisco package that contains the protocols needed for our employee-access network)
employee-access.xml (wlan exported config file)
wlan.bat
wlan.bat contains:
msiexec.exe /i EAP-PEAP.msi /quiet /qn netsh wlan add profile filename=employee-access.xml reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f /v "WLAN prelogon" /t REG_SZ /d "%comspec% /c netsh wlan connect name=\employee-access\"
Answers (6)
net stop "Sophos Anti-Virus"
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f /v "WLAN prelogon" /t REG_SZ /d "%comspec% /c netsh wlan connect name=\employee-access\"
net user administrator /active:yes
psexec -accepteula -i -s "%windir%\system32\cmd.exe" /c cd /d %cd% && msiexec.exe /i EAP-PEAP.msi /quiet /qn
psexec -accepteula -i -s "%windir%\system32\cmd.exe" /c cd /d %cd% && netsh wlan add profile filename=employee-access.xml
net start "Sophos Anti-Virus"
Comments:
-
find some registry keys that get changed by this process and create a custom software inventory to look for that change. then you can create a label for machines that do not have that custom item and only push it to those and set it to run on a schedule if needed - SMal.tmcc 10 years ago
-
also one question, are these 64 bit machines that are giving you the problems taking the commands - SMal.tmcc 10 years ago
-
Yes. The majority of our PCs are Win 7 64. I haven't actually tried this on 32-bit machines since we stopped deploying 32-bit quite a while ago. - jtremblay 10 years ago
-
I have helped some others with strange problems like this and what it came down to is the kace client is 32 bit so when it carries out instructions it looks for the exe's in syswow64 and runs them which the 64bit OS does not like. I had them use the sysnative path for the exe's they wanted to call. It fixed the problem, the 32client does not then default to its native system folder of syswow64 instead it looks in the systems native folder of system32.
if you look at both folders you will see many exe's are in both the 32 and 64 system directories, netsh is one of them.
so you should call:
c:\windows\sysnative\netsh\ wlan add profile filename=employee-access.xml
to force the 32bit kace client to use the 64bit netsh program. - SMal.tmcc 10 years ago -
here is one of them
http://www.itninja.com/question/bitlocker-script - SMal.tmcc 10 years ago -
Hmm. SMal, I actually never heard of SysNative.
But I can't get there from a command prompt, I guess it's only visible to 32-bit apps? (also there's no reply on your comments.) - jtremblay 10 years ago -
sysnative is a special alais for making system calls from things like batch files or scripts.
http://msdn.microsoft.com/en-us/library/aa384187%28VS.85%29
http://ovidiupl.wordpress.com/2008/07/11/useful-wow64-file-system-trick/ - SMal.tmcc 10 years ago -
the no reply is a limit of the web site, you need to reply like you are to yourself and they will sort by date to stay in order - SMal.tmcc 10 years ago
-
Well the set up I have now seems to work "good enough". If it becomes an issue, I'll look into to this idea.
BTW, do you know if K1000 6.0 has a 64-bit agent? Or if KACE will be making one available at some time in future? - jtremblay 10 years ago -
still 32bit.
post that as question
or go to user voice if it is not already there and add that - SMal.tmcc 10 years ago
may need to be a user vs system to run, First thing is change your launch command
use
you can run this hidden via a small vbs script if you want also.
http://www.itninja.com/blog/view/how-to-hide-running-a-batch-file-from-a-kscript-with-version-5-5
Comments:
-
if the unzip is to a subdir under the kace dependancy dir you will to add that also
$(KACE_DEPENDENCY_DIR)\wlan\wlan.bat - SMal.tmcc 10 years ago-
Still no dice. I changed the command as you posted above and tried as System and as Current User. I also checked that other link, didn't try the vbscript but tried changing the XML to have job instead of policy. I don't care if it the black window is visible or not right now. - jtremblay 10 years ago
-
Unzips to current dir, no subdir - jtremblay 10 years ago
-
you can also just add the msi file as a dependency and use the launch a program and create 3 different commands and not call the batch file at all - SMal.tmcc 10 years ago
-
OK, I rebuilt the script and it still didn't work. Also tried a version as an online shell script. No difference. - jtremblay 10 years ago
does your script look like this?
Execpt you should have both the msi and the xml file as dependencies. do not bother with a zip file since you only have 2 files.
Comments:
-
sorry just noticed the parameters were cut off. just pasted your commands with a /c in front off - SMal.tmcc 10 years ago
-
It was mostly the same. The 2 commands that are critical are the first 2, so I made them look the same as you have (with EAP-PEAP.msi and employee-access.xml as dependencies). The third I have set up as a Set Registry Value. - jtremblay 10 years ago
Sorry if it's not readable, I couldn't figure out how you got that to fit on one page, so I took 2 screenies after lowering font size.
I believe that it's because you run WLAN.bat which then starts CMD in the "System32" folder. I would specify the full paths of everything in the bat file, that makes sure that it can definetly find the files your trying to specify.
I've made 2 different versions of the script. One is an online kscript and the other is online shell scripts. Here is the latter:
Again, it doesn't work when I push it, but if I go to the directory where it gets pushed and run wlan.bat manually, it works. If it's a matter of changing the script to specify paths, how would you do that since the local system doesn't know the $(KACE_whatever) variables. I suppose if you could copy the files before hand to a temp dir that would work, but not sure how to do that either.
Comments:
-
Justin,
The $(KACE_DEPENDENCY_DIR) is based on the script ID number, and will be the same path on all client machines, where 'xxx' will be replaced by the script ID number:
5.2+ $(KACE_DATA_DIR)\kbots_cache\packages\kbots\xxx
5.1 $(KACE_INSTALL)\packages\kbots\xxx
I would agree that inclusion of the full pathway may resolve the issue. - Moncus 10 years ago-
one other trick to get around that is to run the launch task from the $(KACE_DEPENDENCY_DIR) and call the exe with the full path like I do in this blog
http://www.itninja.com/blog/view/how-to-hide-running-a-batch-file-from-a-kscript-with-version-5-5 - SMal.tmcc 10 years ago