Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

vbs script to copy PAC file to local machine

Posted on 2012-04-05
5
Medium Priority
?
1,100 Views
Last Modified: 2012-05-01
Hello,

I am trying to implement the use of a PAC file to set the browser proxy settings.

I have the PAC file saved to a network share.

I need a logon script that will copy the file to the users local machine. the problem that i am having is that the users don't have local admin rights, so the script fails with access denied.

Const OverwriteExisting = True
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objName= CreateObject("wscript.network")
 
objFSO.CopyFile "\\server\PAC\PAC.pac" , "C:\Windows\System32\Drivers\etc\PAC.pac" , OverwriteExisting


I have thought of trying to save it to the users profile, but not sure if GPO to to direct the proxy setting with allow %username% to be used?

Any suggestions?

Thanks
0
Comment
Question by:shipowners
  • 3
  • 2
5 Comments
 
LVL 2

Accepted Solution

by:
SEWS-E earned 2000 total points
ID: 37810788
Hi,

Here's a script I wrote to do just that. It creates a folder called IT on the C:\ drive, then modifies the folder permissions so the script can copy the new PAC file to it, and then changes the permissions back so they can't tamper with it when the script ends.

Just modify it to suit your needs :)

''''''''''''''''''''''''''''''''''''''''''
'CREATOR: Paul Stone
'CREATED: 09/02/2011
'TITLE: distributePAC.vbs
'DESCRIPTION: The script is used to distribute
' a PAC file to roaming web access users.
'It also creates an IT folder on the users
'local pc.
'''''''''''''''''''''''''''''''''''''''''''
'On Error resume next

Option Explicit

'This part of the script creates the dir C:\IT

Dim objFSO, objFolder, objShell, strDirectory, strPAC, strLocalPAC
Dim intRunError

'Constants for FileSystemObject
Const DeleteReadOnly = TRUE
Const OverwriteExisting = TRUE

strDirectory = "c:\IT"

' Create the File System Object
Set objFSO = CreateObject("Scripting.FileSystemObject")

Set objShell = CreateObject("Wscript.Shell")

' Note If..Exists. Then, Else ... End If construction
If NOT objFSO.FolderExists(strDirectory) Then
	Set objFolder = objFSO.CreateFolder(strDirectory)
	'wscript.Echo "Just created " & strDirectory
	Else
		' Assign user permission to home folder.
		'wscript.echo "IT folder exists"
		'wscript.echo "Changing permissions on IT folder"
		
		intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
		& strDirectory & " /t /c /p Administrators:F Users:C", 2, True)
		
		If intRunError <> 0 Then
			'Wscript.Echo "Error assigning permissions for user " _
			'& " to home folder " & strDirectory
		End If
		
		'wscript.quit
	End If

'Copy the pac file to the new IT folder

'Set variable for location of NEW pac file
strPAC = "\\domaincontroller01\netlogon\PAC Files\roamingpac.pac"

strlocalPAC = strDirectory & "\roamingpac.pac"

'wscript.echo strlocalPAC

'Set objFSO = CreateObject("Scripting.FileSystemObject")

'wscript.Echo "Performing some checks"

'Check if PAC file exists, and copy or overwrite with new PAC
IF NOT objFSO.FileExists(strlocalPAC) THEN
	objFSO.CopyFile strPAC , strDirectory & "\"
	'wscript.Echo "Copying new pac file to " & strLocalPAC
ELSE
	objFSO.CopyFile strPAC , strDirectory & "\", TRUE
	'wscript.Echo "Copying new pac file to " & strLocalPAC
END IF

'This part of the script modifies the permissions on the C:\IT folder

'wscript.echo "Changing Permissions Again!"

Set objShell = CreateObject("Wscript.Shell")
'Set objFSO = CreateObject("Scripting.FileSystemObject")

If objFSO.FolderExists(strDirectory) Then
	' Assign user permission to home folder.
	intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
	& strDirectory & " /t /c /p Administrators:F Users:R", 2, True)
	If intRunError <> 0 Then
		'Wscript.Echo "Error assigning permissions for user " _
		'& " to home folder " & strDirectory
	End If
End If

'wscript.echo "Boom!! Script completed!"
WScript.Quit

Open in new window

0
 

Author Closing Comment

by:shipowners
ID: 37827187
Excellent thanks, working well so far.
0
 

Author Comment

by:shipowners
ID: 37891228
Hi SEWS-E,

I'm not sure how to add additional points to this, but would you be able to point me in the direction of adding code to copy/overwrite the proxy.pac file at every logon?

I needed to add an additional site in the PAC to bypass the proxy, but it appears that once the file is in the 'IT' directory it isn't overwritten..

Thanks in advance.
0
 
LVL 2

Expert Comment

by:SEWS-E
ID: 37911143
Hi,

Looking at the script it looks like this should already be happening on lines 64 - 70:

IF NOT objFSO.FileExists(strlocalPAC) THEN
      objFSO.CopyFile strPAC , strDirectory & "\"
      'wscript.Echo "Copying new pac file to " & strLocalPAC
ELSE
      objFSO.CopyFile strPAC , strDirectory & "\", TRUE
      'wscript.Echo "Copying new pac file to " & strLocalPAC
END IF

Basically this checks whether the file (as declared in the variable strlocalPAC) is NOT on the PC. If it is NOT, it copies the pac file, and funnily enough, if it is on the pc, it still copies it!

However, if the newer version of the PAC file is not being copied as expected here's how I have handled this in the past.

1. Change the name of the new pac file on the server to mypac.pac.new.
2. Check whether mypac.pac.new is present on the local system (it won't be)
3. Copy mypac.pac.new to the local system
4. Delete, the old pac file (you can rename it if you need to keep it for historical purposes)
5. Rename mypac.pac.new to mypac.pac

Hope that helps :)
0
 

Author Comment

by:shipowners
ID: 37913743
Thanks,

I'll give it another go.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
Welcome back!  My apologies for taking so long to write part two of this series; it's been a long time coming!  As I promised in Part 1, this article will focus on how to locate those elusive AD properties that you are searching for.  Why is this us…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question