bciengineer
asked on
GP and MSI installation for Conficker Removal
I'm trying to follow http://www.sophos.com/support/knowledgebase/article/67398.html
to help a customer with the removal of Conficker. I'm testing this in a VM setup right now to run a simple batch file that runs msiexec /qn /i \\[servername]\SophosClean up\[Sophos Cleanup Tool.msi] STARTCLI=1 REBOOT=1 UNINSTALL=1. I created an OU a put a XP test pc in it and applied the conficker policy there. When the pc reboots I get a message saying the Windows installer package is invalid or it can't be accessed. I can run the batch file from the pc. I even tried adding an xcopy statment that creates a local folder on the pc then runs the installation from there. I still get the same thing. I've doublechecked permissions and etc on the share that the MSI sits in. What am I missing.
Thanks
to help a customer with the removal of Conficker. I'm testing this in a VM setup right now to run a simple batch file that runs msiexec /qn /i \\[servername]\SophosClean
Thanks
ASKER
I'm trying to get it running as a computer startup script. I've tried domain administrator, domain admin which all have access to the share. I added everyone fullaccess, domain computers, system, network etc. Also added those permissions to the GPO. I can run the same bat file from the pc and all is well. I'll check on the always wait for network at computer start. That could be it.
ASKER
Still not working. I enabled Always wait for a network connection and enabled logging in the bat file. This is all I'm getting.
=== Verbose logging started: 5/9/2011 19:42:32 Build type: SHIP UNICODE 3.01.4001.5512 Calling process: C:\WINDOWS\system32\msiexe c.exe ===
MSI (c) (CC:D4) [19:42:32:413]: Resetting cached policy values
MSI (c) (CC:D4) [19:42:32:413]: Machine policy value 'Debug' is 0
MSI (c) (CC:D4) [19:42:32:413]: ******* RunEngine:
******* Product: avtool.msi
******* Action:
******* CommandLine: **********
MSI (c) (CC:D4) [19:42:32:413]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (CC:D4) [19:42:32:413]: Grabbed execution mutex.
MSI (c) (CC:D4) [19:42:32:491]: Cloaking enabled.
MSI (c) (CC:D4) [19:42:32:491]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (CC:D4) [19:42:32:507]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (E0:F0) [19:42:32:522]: Grabbed execution mutex.
MSI (s) (E0:00) [19:42:32:522]: Resetting cached policy values
MSI (s) (E0:00) [19:42:32:522]: Machine policy value 'Debug' is 0
MSI (s) (E0:00) [19:42:32:522]: ******* RunEngine:
******* Product: C:\avtool\avtool.msi
******* Action:
******* CommandLine: **********
MSI (s) (E0:00) [19:42:32:522]: Note: 1: 2203 2: C:\avtool\avtool.msi 3: -2147287038
MSI (s) (E0:00) [19:42:32:522]: MainEngineThread is returning 2
MSI (c) (CC:D4) [19:42:32:538]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (CC:D4) [19:42:32:538]: MainEngineThread is returning 2
=== Verbose logging stopped: 5/9/2011 19:42:32 ===
=== Verbose logging started: 5/9/2011 19:42:32 Build type: SHIP UNICODE 3.01.4001.5512 Calling process: C:\WINDOWS\system32\msiexe
MSI (c) (CC:D4) [19:42:32:413]: Resetting cached policy values
MSI (c) (CC:D4) [19:42:32:413]: Machine policy value 'Debug' is 0
MSI (c) (CC:D4) [19:42:32:413]: ******* RunEngine:
******* Product: avtool.msi
******* Action:
******* CommandLine: **********
MSI (c) (CC:D4) [19:42:32:413]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (CC:D4) [19:42:32:413]: Grabbed execution mutex.
MSI (c) (CC:D4) [19:42:32:491]: Cloaking enabled.
MSI (c) (CC:D4) [19:42:32:491]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (CC:D4) [19:42:32:507]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (E0:F0) [19:42:32:522]: Grabbed execution mutex.
MSI (s) (E0:00) [19:42:32:522]: Resetting cached policy values
MSI (s) (E0:00) [19:42:32:522]: Machine policy value 'Debug' is 0
MSI (s) (E0:00) [19:42:32:522]: ******* RunEngine:
******* Product: C:\avtool\avtool.msi
******* Action:
******* CommandLine: **********
MSI (s) (E0:00) [19:42:32:522]: Note: 1: 2203 2: C:\avtool\avtool.msi 3: -2147287038
MSI (s) (E0:00) [19:42:32:522]: MainEngineThread is returning 2
MSI (c) (CC:D4) [19:42:32:538]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (CC:D4) [19:42:32:538]: MainEngineThread is returning 2
=== Verbose logging stopped: 5/9/2011 19:42:32 ===
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I just tried putting the msi file in the sysvol directory where the script is located. I double checked that domain computers has full rights along with this test pc. I'm still getting the MainEngineThread is returning 2 at the end of the log which basically means access denied. I'm fixing to try it as a login script.
Here's the batch file info
msiexec /qb /i \\X.X.X.X\sysvol\domain.co m\Policies \{2787F521 -6E40-48D2 -846B-6A88 0E192959}\ Machine\Sc ripts\Star tup STARTCLI=1 /l*v c:\conficker.txt
Here's the batch file info
msiexec /qb /i \\X.X.X.X\sysvol\domain.co
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Just got lucky with moving it to another file server and it works from there so I'm happy. Not sure why it wasn't working on the DC.
Computer Startup Script?
User Login Script?
Scheduled Task?
Does the account under whose context it is installing have access to the shared folder - check both NTFS and Share permissions. Try adding "/l <logfilename.txt>" to the command line to get more info.
One more thought, try enabling the Group Policy option "Always wait for the network at computer startup and logon" (Computer - Administrative Templates - System - Logon) on your test OU. It may be logging in with cached credentials before the network is ready and therefore unable to reach the server. Be careful with this policy setting against wireless machines.