Solved

Apply a GPO only 1 time

Posted on 2011-02-22
9
703 Views
Last Modified: 2012-08-14
Hello,
Is it possible to deploy a GPO only one time ?

I've got an hotfix t deploy (not possible with WSUS), i made a GPO to deploy it, it works but it apply every time PCs are booting.

I can't use Preference, PCs are Windows XP SP3.

thx !
0
Comment
Question by:Mathias75000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 7

Assisted Solution

by:David_Hagerman
David_Hagerman earned 83 total points
ID: 34951000
You can run a script that writes a text file to a share and then it checks that the script has run and if it has it aborts, this way you can see if one or two machine haven't run the update as yet.

Something like this

IF EXIST \\server\share\%computername%.txt goto end
start /w mytask.exe
:end

By using a share, you can centrally check which machines already worked
the script out.

Let me know if this works for you
0
 
LVL 3

Assisted Solution

by:thomasd04
thomasd04 earned 83 total points
ID: 34951012
Hi Mathias. Would you consider running these type of patches via script instead of with the GPO. The script would use:
msiexec.exe /a <path of .msi file> /p <path of .msp file>
0
 

Author Comment

by:Mathias75000
ID: 34951050
thanks David, sounds interessting !

thanks Thomas, but i still need so call the script msiexec KB953760.exe with GPO ?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 37

Accepted Solution

by:
Neil Russell earned 84 total points
ID: 34951107
See code for example.
Found on http://social.technet.microsoft.com/Forums/en-US/ITCG/thread/734b2e6a-1092-4ed3-8a45-42c7f4ed3015
1 Set objShell = CreateObject("WScript.Shell")   
2 Set objFSO = CreateObject("Scripting.FileSystemObject")   
3   
4 strComputer = "."  
5 Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")   
6 Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_OperatingSystem WHERE Name LIKE '%Microsoft Windows XP%'")   
7 For Each objItem In colItems   
8    If objItem.CSDVersion = "Service Pack 3" Then  
9       If CheckPatch("KB953760")=True then   
10          Wscript.Echo "Patch found."  
11       Else  
12           Wscript.Echo "Patch not found. Installing patch..."  
13           objShell.Run "\\server\share\WindowsXP-kb953760-x86-ENU.exe /qn", ,TRUE   
14       End if   
15    End If  
16 Next  
17   
18 Function CheckPatch(patch)   
19   Set objSession = CreateObject("Microsoft.Update.Session")   
20   Set objSearcher = objSession.CreateUpdateSearcher   
21   Set objResults = objSearcher.Search("Type='Software'")   
22   Set colUpdates = objResults.Updates   
23   Found = False  
24   Result = 0   
25   For i = 0 to colUpdates.Count - 1   
26       Result = Instr(colUpdates.Item(i).Title, patch)   
27        If Result > 0 then   
28          Found = True  
29          Exit For  
30        End if   
31   Next  
32   CheckPatch = Found   
33 End Function

Open in new window

0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 34951135
P.S.

"I can't use Preference, PCs are Windows XP SP3." Why cant you use preferences?
0
 
LVL 3

Expert Comment

by:thomasd04
ID: 34951219
Yes, you would call the script via GPO. What scripting tool are you using? Here is another example of a script to deploy patches with Kixstart:


if (readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion","CurrentVersion")="4.0")=1
$OS="WINNT4"
endif
if (readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion","CurrentVersion")="5.0")=1
$OS="WINNT5"
endif
if (readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion","CurrentVersion")="5.1")=1
$OS="WINNT51"
endif
;-------------------------------------------
; WinXP HotFix - Q810833
;-------------------------------------------
if exist ("%windir%\Q810833.txt")=0 and ($OS="WINNT51")=1
shell "N:\OS\WinXP\Q810833_WXP_SP2_x86_ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\Q810833.txt"'
endif
;-------------------------------------------
; WinNT4 HotFix - Q810833
;-------------------------------------------
if exist ("%windir%\Q810833i.txt")=0 and ($OS="WINNT4")=1
shell "N:\OS\WinNT\Q810833i.EXE -m -z -q"
shell '%comspec% /c ipconfig >"%windir%\Q810833i.txt"'
endif
;-------------------------------------------
; WinXP HotFix - Q811630
;-------------------------------------------
if exist ("%windir%\Q811630.txt")=0 and ($OS="WINNT51")=1
shell "N:\OS\WinXP\Q811630_WXP_SP2_x86_ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\Q811630.txt"'
endif
;-------------------------------------------
; Win2K HotFix - KB824146 - RPCCSS Buffer Overflow
;-------------------------------------------
if exist ("%windir%\KB824146-1.txt")=0 and ($OS="WINNT5")=1
shell "N:\OS\WinNT2K\Windows2000-KB824146-x86-ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\KB824146-1.txt"'
endif
;-------------------------------------------
; WinXP HotFix - KB824146 - RPCCSS Buffer Overflow
;-------------------------------------------
if exist ("%windir%\KB824146.txt")=0 and ($OS="WINNT51")=1
shell "N:\OS\WinXP\WindowsXP-KB824146-x86-ENU.exe -z -q"
shell '%comspec% /c ipconfig >"%windir%\KB824146.txt"'
endif

Open in new window

0
 

Author Comment

by:Mathias75000
ID: 34951290
"preferences" are only available with Vista/7, am i wrong ?

thanks for the script, i'll try and keep you informed !

Mathias
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 34951337
0
 

Author Comment

by:Mathias75000
ID: 34951350
good to know !
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question