Solved

Group Policy

Posted on 2014-04-29
3
272 Views
Last Modified: 2014-05-05
I need to push out 4 .msp files to each workstation. This file needs to run only one time. Is there a way to push out a .bat file and have it run once automatically on each workstation?

This is my config for the .bat file:

msiexec.exe /update "OrmedMIS_2013_Q4_Hotfix3.msp" /l*v "%WINDIR%\Temp\Hotfix Installation.log" /quiet /norestart

msiexec.exe /update "OrmedMIS_2013_Q4_Hotfix4.msp" /l*v "%WINDIR%\Temp\Hotfix Installation.log" /quiet /norestart

msiexec.exe /update "OrmedMIS_2013_Q4_Hotfix5.msp" /l*v "%WINDIR%\Temp\Hotfix Installation.log" /quiet /norestart

msiexec.exe /update "OrmedMIS_2013_Q4_Hotfix6.msp" /l*v "%WINDIR%\Temp\Hotfix Installation.log" /quiet /norestart
0
Comment
Question by:dude02
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 84

Expert Comment

by:oBdA
ID: 40030485
You can do that with a group policy by assigning a Startup(!) script to the machines in question (see http://technet.microsoft.com/en-us/library/cc770556.aspx).
Put the msp files into a share that allows the group "Domain Computers" Read access, and use this script as Startup (or Shutdown) script:
@echo off
setlocal enabledelayedexpansion
set SourceFolder=\\SomeServer\SomeShare\SomeFolder
for /l %%i in (3, 1, 6) do (
	set FlagFile=%WINDIR%\Temp\Hotfix%%i_Installation.flg
	if not exist "!FlagFile!" (
		set LogFile=%WINDIR%\Temp\Hotfix%%i_Installation.log
		msiexec.exe /update "%SourceFolder%\OrmedMIS_2013_Q4_Hotfix3.msp" /l*v "!LogFile!" /quiet /norestart
		if not errorlevel 1 (
			>"!FlagFile!" echo Installation success
		)
	)
)

Open in new window

The script uses a flag file to track the installation success; if there are files or registry keys that are set once a patch is installed, the check could be changed accordingly.
If the patches need longer than 10 minutes to install, you need to set another policy to extend the timeout: “Maximum wait time for Group Policy scripts” in “Computer Configuration\Administrative Templates\System\Scripts”.

An alternative might be PsExec (http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx), but that's only good for a relatively small number of clients and if you're sure they're all running.
0
 
LVL 4

Author Comment

by:dude02
ID: 40030514
Thanks for the quick reply. How do I setup this script to install each .msp file?
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 40030532
Sorry, missed one replacement:
@echo off
setlocal enabledelayedexpansion
set SourceFolder=\\SomeServer\SomeShare\SomeFolder
for /l %%i in (3, 1, 6) do (
	set FlagFile=%WINDIR%\Temp\Hotfix%%i_Installation.flg
	if not exist "!FlagFile!" (
		set LogFile=%WINDIR%\Temp\Hotfix%%i_Installation.log
		msiexec.exe /update "%SourceFolder%\OrmedMIS_2013_Q4_Hotfix%%i.msp" /l*v "!LogFile!" /quiet /norestart
		if not errorlevel 1 (
			>"!FlagFile!" echo Installation success
		)
	)
)

Open in new window

0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question