Solved

Help With A Batch Script

Posted on 2008-10-24
4
715 Views
Last Modified: 2012-05-05
At the servers in my network are Windows 2003. I do not run WSUS to install my updates. I would like to add on to my current login script critical updates that need to be installed. I have office PC's and shop floor PC's. All of my office PC's are running WinXP Pro along with most of my shop floor PC's. Some are running windows 2000. I am testing the following .bat file locally on my machine.

@echo off
setlocal
set PATHTOFIXES=C:\Update
%PATHTOFIXES%\WindowsXP-KB958644-X86-ENU.exe /quiet /norestart

My question is how do I incorporate an if then else statement the would only install on my office pc's and not the shop floor pc's.

Example:

If PC name = shop floor1 then "do nothing"
then
@echo off
setlocal
set PATHTOFIXES=C:\Update
%PATHTOFIXES%\WindowsXP-KB958644-X86-ENU.exe /quiet /norestart
elseif pc name = shop floor 2 then "do nothing"
then
@echo off
setlocal
set PATHTOFIXES=C:\Update
%PATHTOFIXES%\WindowsXP-KB958644-X86-ENU.exe /quiet /norestart
end if

I would also like to make it to check to see if the .exe already exists to not re-install.

Please note that I have no programming background in this so I need an easy explaination and solution.

Thanks....


0
Comment
Question by:djp12345
  • 2
  • 2
4 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 22799819
You should change your methods a little bit... you should probably use the MBSA and it can scan a range of IP's and install critical updates on certain PC's so you don't have to wait for a hotfix to install before doing work.
http://msdn.microsoft.com/en-us/library/aa302360.aspx
Read the bottom of this article to exclude pc's through the GUI
http://technet.microsoft.com/en-us/library/cc180302.aspx

You can create a list of PC's names or IP's that you want to patch and use the /listfile option
mbsacli.exe /listfile not-shop-pcs.txt /n OS
-rich
0
 

Author Comment

by:djp12345
ID: 22800060
-rich

I am currently running the scan now but I'm not sure what you mean by your last comment:

the /listfile option
mbsacli.exe /listfile not-shop-pcs.txt /n OS

I guess my question is still how do I patch these once I get my listing? Pardon my inexperience
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 100 total points
ID: 22801017
No problem... the listfile option is for the command line scanner, not the GUI, the second link I provided above details how to exclude certain PC's in the GUI. If you do use the cli, the listfile would contain one IP or PC name per line
pc01
pc02
pc03
192.168.1.5
192.168.1.6
etc...
And you call that text file with /listfile c:\name_of_file.txt
Give the full path to the file if it's not in the MBSA directory (c:\program files\Microsoft baseline security scanner)
The GUI can do much more than the cli, for some reason... and when you do use a listfile or ip range in the cli the output is much more terse and the /ld option can't be used... for all cli options just use the standard /? ( mbsacli.exe /? ) for the help function.
GFI LNSS and HFNetChk (who actually originally created the mbsa) are also great tools for patching and scanning, and have many more features and capabilities than the MBSA
http://www.gfi.com/downloads/downloads.aspx?pid=lanss&lid=en
http://www.shavlik.com/netchk-protect.aspx
-rich
0
 

Author Comment

by:djp12345
ID: 22821774
OK I'm still missing something. I understand how to use basline security analyzer to view what machines need updates. But I don't know how to push them to the machines. I'm sorry to be a rock on this but can you detail it further for a simpleton like me.

Example: step one open cmd line
step two: do this
Step three: do something else
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question