Solved

Apply a GPO only 1 time

Posted on 2011-02-22
9
698 Views
Last Modified: 2012-08-14
Hello,
Is it possible to deploy a GPO only one time ?

I've got an hotfix t deploy (not possible with WSUS), i made a GPO to deploy it, it works but it apply every time PCs are booting.

I can't use Preference, PCs are Windows XP SP3.

thx !
0
Comment
Question by:Mathias75000
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 7

Assisted Solution

by:David_Hagerman
David_Hagerman earned 83 total points
ID: 34951000
You can run a script that writes a text file to a share and then it checks that the script has run and if it has it aborts, this way you can see if one or two machine haven't run the update as yet.

Something like this

IF EXIST \\server\share\%computername%.txt goto end
start /w mytask.exe
:end

By using a share, you can centrally check which machines already worked
the script out.

Let me know if this works for you
0
 
LVL 3

Assisted Solution

by:thomasd04
thomasd04 earned 83 total points
ID: 34951012
Hi Mathias. Would you consider running these type of patches via script instead of with the GPO. The script would use:
msiexec.exe /a <path of .msi file> /p <path of .msp file>
0
 

Author Comment

by:Mathias75000
ID: 34951050
thanks David, sounds interessting !

thanks Thomas, but i still need so call the script msiexec KB953760.exe with GPO ?
0
 
LVL 37

Accepted Solution

by:
Neil Russell earned 84 total points
ID: 34951107
See code for example.
Found on http://social.technet.microsoft.com/Forums/en-US/ITCG/thread/734b2e6a-1092-4ed3-8a45-42c7f4ed3015
1 Set objShell = CreateObject("WScript.Shell")   
2 Set objFSO = CreateObject("Scripting.FileSystemObject")   
3   
4 strComputer = "."  
5 Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")   
6 Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_OperatingSystem WHERE Name LIKE '%Microsoft Windows XP%'")   
7 For Each objItem In colItems   
8    If objItem.CSDVersion = "Service Pack 3" Then  
9       If CheckPatch("KB953760")=True then   
10          Wscript.Echo "Patch found."  
11       Else  
12           Wscript.Echo "Patch not found. Installing patch..."  
13           objShell.Run "\\server\share\WindowsXP-kb953760-x86-ENU.exe /qn", ,TRUE   
14       End if   
15    End If  
16 Next  
17   
18 Function CheckPatch(patch)   
19   Set objSession = CreateObject("Microsoft.Update.Session")   
20   Set objSearcher = objSession.CreateUpdateSearcher   
21   Set objResults = objSearcher.Search("Type='Software'")   
22   Set colUpdates = objResults.Updates   
23   Found = False  
24   Result = 0   
25   For i = 0 to colUpdates.Count - 1   
26       Result = Instr(colUpdates.Item(i).Title, patch)   
27        If Result > 0 then   
28          Found = True  
29          Exit For  
30        End if   
31   Next  
32   CheckPatch = Found   
33 End Function

Open in new window

0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 34951135
P.S.

"I can't use Preference, PCs are Windows XP SP3." Why cant you use preferences?
0
 
LVL 3

Expert Comment

by:thomasd04
ID: 34951219
Yes, you would call the script via GPO. What scripting tool are you using? Here is another example of a script to deploy patches with Kixstart:


if (readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion","CurrentVersion")="4.0")=1
$OS="WINNT4"
endif
if (readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion","CurrentVersion")="5.0")=1
$OS="WINNT5"
endif
if (readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion","CurrentVersion")="5.1")=1
$OS="WINNT51"
endif
;-------------------------------------------
; WinXP HotFix - Q810833
;-------------------------------------------
if exist ("%windir%\Q810833.txt")=0 and ($OS="WINNT51")=1
shell "N:\OS\WinXP\Q810833_WXP_SP2_x86_ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\Q810833.txt"'
endif
;-------------------------------------------
; WinNT4 HotFix - Q810833
;-------------------------------------------
if exist ("%windir%\Q810833i.txt")=0 and ($OS="WINNT4")=1
shell "N:\OS\WinNT\Q810833i.EXE -m -z -q"
shell '%comspec% /c ipconfig >"%windir%\Q810833i.txt"'
endif
;-------------------------------------------
; WinXP HotFix - Q811630
;-------------------------------------------
if exist ("%windir%\Q811630.txt")=0 and ($OS="WINNT51")=1
shell "N:\OS\WinXP\Q811630_WXP_SP2_x86_ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\Q811630.txt"'
endif
;-------------------------------------------
; Win2K HotFix - KB824146 - RPCCSS Buffer Overflow
;-------------------------------------------
if exist ("%windir%\KB824146-1.txt")=0 and ($OS="WINNT5")=1
shell "N:\OS\WinNT2K\Windows2000-KB824146-x86-ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\KB824146-1.txt"'
endif
;-------------------------------------------
; WinXP HotFix - KB824146 - RPCCSS Buffer Overflow
;-------------------------------------------
if exist ("%windir%\KB824146.txt")=0 and ($OS="WINNT51")=1
shell "N:\OS\WinXP\WindowsXP-KB824146-x86-ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\KB824146.txt"'
endif

Open in new window

0
 

Author Comment

by:Mathias75000
ID: 34951290
"preferences" are only available with Vista/7, am i wrong ?

thanks for the script, i'll try and keep you informed !

Mathias
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 34951337
0
 

Author Comment

by:Mathias75000
ID: 34951350
good to know !
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now