bciengineer
asked on
GP and MSI installation for Conficker Removal
I'm trying to follow http://www.sophos.com/support/knowledgebase/article/67398.html
to help a customer with the removal of Conficker. I'm testing this in a VM setup right now to run a simple batch file that runs msiexec /qn /i \\[servername]\SophosClean
Thanks
to help a customer with the removal of Conficker. I'm testing this in a VM setup right now to run a simple batch file that runs msiexec /qn /i \\[servername]\SophosClean
Thanks
ASKER
I'm trying to get it running as a computer startup script. I've tried domain administrator, domain admin which all have access to the share. I added everyone fullaccess, domain computers, system, network etc. Also added those permissions to the GPO. I can run the same bat file from the pc and all is well. I'll check on the always wait for network at computer start. That could be it.
ASKER
Still not working. I enabled Always wait for a network connection and enabled logging in the bat file. This is all I'm getting.
=== Verbose logging started: 5/9/2011 19:42:32 Build type: SHIP UNICODE 3.01.4001.5512 Calling process: C:\WINDOWS\system32\msiexe
MSI (c) (CC:D4) [19:42:32:413]: Resetting cached policy values
MSI (c) (CC:D4) [19:42:32:413]: Machine policy value 'Debug' is 0
MSI (c) (CC:D4) [19:42:32:413]: ******* RunEngine:
******* Product: avtool.msi
******* Action:
******* CommandLine: **********
MSI (c) (CC:D4) [19:42:32:413]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (CC:D4) [19:42:32:413]: Grabbed execution mutex.
MSI (c) (CC:D4) [19:42:32:491]: Cloaking enabled.
MSI (c) (CC:D4) [19:42:32:491]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (CC:D4) [19:42:32:507]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (E0:F0) [19:42:32:522]: Grabbed execution mutex.
MSI (s) (E0:00) [19:42:32:522]: Resetting cached policy values
MSI (s) (E0:00) [19:42:32:522]: Machine policy value 'Debug' is 0
MSI (s) (E0:00) [19:42:32:522]: ******* RunEngine:
******* Product: C:\avtool\avtool.msi
******* Action:
******* CommandLine: **********
MSI (s) (E0:00) [19:42:32:522]: Note: 1: 2203 2: C:\avtool\avtool.msi 3: -2147287038
MSI (s) (E0:00) [19:42:32:522]: MainEngineThread is returning 2
MSI (c) (CC:D4) [19:42:32:538]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (CC:D4) [19:42:32:538]: MainEngineThread is returning 2
=== Verbose logging stopped: 5/9/2011 19:42:32 ===
=== Verbose logging started: 5/9/2011 19:42:32 Build type: SHIP UNICODE 3.01.4001.5512 Calling process: C:\WINDOWS\system32\msiexe
MSI (c) (CC:D4) [19:42:32:413]: Resetting cached policy values
MSI (c) (CC:D4) [19:42:32:413]: Machine policy value 'Debug' is 0
MSI (c) (CC:D4) [19:42:32:413]: ******* RunEngine:
******* Product: avtool.msi
******* Action:
******* CommandLine: **********
MSI (c) (CC:D4) [19:42:32:413]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (CC:D4) [19:42:32:413]: Grabbed execution mutex.
MSI (c) (CC:D4) [19:42:32:491]: Cloaking enabled.
MSI (c) (CC:D4) [19:42:32:491]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (CC:D4) [19:42:32:507]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (E0:F0) [19:42:32:522]: Grabbed execution mutex.
MSI (s) (E0:00) [19:42:32:522]: Resetting cached policy values
MSI (s) (E0:00) [19:42:32:522]: Machine policy value 'Debug' is 0
MSI (s) (E0:00) [19:42:32:522]: ******* RunEngine:
******* Product: C:\avtool\avtool.msi
******* Action:
******* CommandLine: **********
MSI (s) (E0:00) [19:42:32:522]: Note: 1: 2203 2: C:\avtool\avtool.msi 3: -2147287038
MSI (s) (E0:00) [19:42:32:522]: MainEngineThread is returning 2
MSI (c) (CC:D4) [19:42:32:538]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (CC:D4) [19:42:32:538]: MainEngineThread is returning 2
=== Verbose logging stopped: 5/9/2011 19:42:32 ===
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I just tried putting the msi file in the sysvol directory where the script is located. I double checked that domain computers has full rights along with this test pc. I'm still getting the MainEngineThread is returning 2 at the end of the log which basically means access denied. I'm fixing to try it as a login script.
Here's the batch file info
msiexec /qb /i \\X.X.X.X\sysvol\domain.co
Here's the batch file info
msiexec /qb /i \\X.X.X.X\sysvol\domain.co
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Just got lucky with moving it to another file server and it works from there so I'm happy. Not sure why it wasn't working on the DC.
Computer Startup Script?
User Login Script?
Scheduled Task?
Does the account under whose context it is installing have access to the shared folder - check both NTFS and Share permissions. Try adding "/l <logfilename.txt>" to the command line to get more info.
One more thought, try enabling the Group Policy option "Always wait for the network at computer startup and logon" (Computer - Administrative Templates - System - Logon) on your test OU. It may be logging in with cached credentials before the network is ready and therefore unable to reach the server. Be careful with this policy setting against wireless machines.