RUNAS administrator..
Anyone know what level of authorization the application post installers have? Does KACE make them have runas admin or something or what?
I'm trying to install a VPN client which requires a trusted certificate to be installed prior to installing the app so it does not prompt the user to 'trust' the certificate during silent install. I'm using the following script in a 'application' post installer which will in theory install the certificate into the truststore prior to the application actually being installed so the driver certificate is already trusted.
My post installer is running:
start /wait certutil -addstore "TrustedPublisher" nortelvpncert.cer
However, it is failing to work . After this post install task I have the actuall install:
start /wait NortelVPNClient.msi /qb
however it is not working... Not sure if the trust store install is causing it to fail or the actual MSI as it hangs during the MSI install
I'm trying to install a VPN client which requires a trusted certificate to be installed prior to installing the app so it does not prompt the user to 'trust' the certificate during silent install. I'm using the following script in a 'application' post installer which will in theory install the certificate into the truststore prior to the application actually being installed so the driver certificate is already trusted.
My post installer is running:
start /wait certutil -addstore "TrustedPublisher" nortelvpncert.cer
However, it is failing to work . After this post install task I have the actuall install:
start /wait NortelVPNClient.msi /qb
however it is not working... Not sure if the trust store install is causing it to fail or the actual MSI as it hangs during the MSI install
0 Comments
[ + ] Show comments
Answers (8)
Please log in to answer
Posted by:
airwolf
13 years ago
Posted by:
dchristian
13 years ago
Posted by:
vtphilk
13 years ago
Basically what I did was on a test machine installed the VPN client. When it asked to you want to trust I said "Always Trust". I then went to the certmgr.msc and exported the certificate from "Trusted Publishers" for the app to DER format.
Currently I have one post install application which I uploaded the exported DER file and run the certutil command. Then after that, I run the msi.
The certificate is NOT installed so I assume the problem is with certutil. I tried running (As the logged in admin) and found it needed a elevated command prompt to successfully import. So I'm trying to figure out howto get around this need for elevated command prompt or howto elevate the prompt the kace task runs from
Currently I have one post install application which I uploaded the exported DER file and run the certutil command. Then after that, I run the msi.
The certificate is NOT installed so I assume the problem is with certutil. I tried running (As the logged in admin) and found it needed a elevated command prompt to successfully import. So I'm trying to figure out howto get around this need for elevated command prompt or howto elevate the prompt the kace task runs from
Posted by:
dchristian
13 years ago
Posted by:
vtphilk
13 years ago
Posted by:
dchristian
13 years ago
hmmm...
This is what i use to install virtual clone drive.
I do it as one post install task in the K2.
The cert, installer and bat file are all zipped up.
I call the bat file as the command text.
Here are the contents of that installer bat.
i wonder if anybody has any ideas on whats different...
This is what i use to install virtual clone drive.
I do it as one post install task in the K2.
The cert, installer and bat file are all zipped up.
I call the bat file as the command text.
Here are the contents of that installer bat.
certutil -f -addstore "TrustedPublisher" cert.cer
SetupVirtualCloneDrive5450.exe /S /noreboot
i wonder if anybody has any ideas on whats different...
Posted by:
vtphilk
13 years ago
I am going to try and build a .bat and run in the .bat a certutil and then the MSI run line..
then in the post install task put :
start /wait installcontivity.bat
so that hopefully it will not try running any other installs because the contivity vpn really does not like other installs running in the background..
but this start /wait thing has not really been working for me..kace seems to just run more than one anyhow..
then in the post install task put :
start /wait installcontivity.bat
so that hopefully it will not try running any other installs because the contivity vpn really does not like other installs running in the background..
but this start /wait thing has not really been working for me..kace seems to just run more than one anyhow..
Posted by:
cserrins
13 years ago
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.