/build/static/layout/Breadcrumb_cap_w.png

Running certutil in Remediation>Run a batch file...

Hi

I am planning to:

Remediation>Run a batch file...

using KBOX scripting. Seems like the certutil section is not working. How I can achieve my goal.

msiexec.exe /i $(KACE_DEPENDENCY_DIR)\vpnclient_setup.msi /qn /norestart /log vpn.log
msiexec.exe /i $(KACE_DEPENDENCY_DIR)\ActivClient.msi /qn /norestart PINCHANGETOOLREQ=-1 PINCHANGETOOLREQ=-1 /log ActivClient.log
msiexec.exe /update $(KACE_DEPENDENCY_DIR)\FIXS1110013.msp /qn /norestart /log update.log
msiexec.exe /i $(KACE_DEPENDENCY_DIR)\idondemand_updater_plugin.msi /qn /norestart /log plugin.log
cmd /c certutil -addstore Root  $(KACE_DEPENDENCY_DIR)\RootCA.crt
cmd /c certutil -addstore CA  $(KACE_DEPENDENCY_DIR)\CA.crt
Asked 11 years ago 8954 views
3 Comments   [ + ] Show comments
  • Hmmm..."not working." Could you be a little more vague? There's too much information here to go on.

    As a kick-off, I would recommend *always* including the full path to files you're calling in script. So...

    %SystemRoot%\SYSTEM32\CMD /C %SystemRoot%\SYSTEM32\CERTUTIL -addstore [etc.] - anonymous_9363 11 years ago
  • I can see a double space between "Root $" :D - dj_xest 11 years ago
  • you also should use a start /wait at the start of each line in the batch file to keep commands in sequence. - SMal.tmcc 11 years ago

Answers (1)

Answer Summary:
Posted by: MadForMsi 11 years ago
Blue Belt
0

are these commands working manually by directly putting those on Admin cmd?

Comments:
  • run a batch using certreq.exe and certutil.exe using certadm.dll and certcli.dll google those - mikesharp1 11 years ago
  • Its all good now. Found two issues.
    1) removed the $(KACE_DEPENDENCY_DIR)\, as somehow its not able to find the ref files while I run a Batch file from the script.

    2) As KBOX executes script/batch as system user/Admin user and our pcs has users Home folder (i.e. Documents) on Network share & Admin account don't have Home network folder (H: share), the installation was failing always. So fooled the system my mapping to itself while running the BAT.

    start /wait net use H: \\localhost\c$
    start /wait msiexec.exe /i vpnclient_setup.msi /qn /norestart /log vpn.log
    start /wait msiexec.exe /i ActivClient.msi /qn /norestart PINCHANGETOOLREQ=-1 PINCHANGETOOLREQ=-1 /log ActivClient.log
    start /wait msiexec.exe /update FIXS1110013.msp /qn /norestart /log vpn_update.log
    start /wait msiexec.exe /i idondemand_updater_plugin.msi /qn /norestart /log vpn_plugin.log
    start /wait net use /delete H:
    start /wait certutil -addstore Root RootCA.crt
    start /wait certutil -addstore CA CA.crt

    Now all good. Thanks to all. - haseebiqbal 11 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ