Powershell script help

I'm trying to push out UltraVNC and specific settings.  What I have now is:

If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))

{   
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}
$strFileName="%programfiles%\UltraVNC\119x64.txt"
If (Test-Path $strFileName){
  # // File exists
}Else{
  SETUP
}
:SETUP
mkdir %programfiles%\UltraVNC
copy \\domain\netlogon\uvnc\install_server.inf
"\\domain\netlogon\uvnc\UltraVNC_1_1_9_X64_Setup.exe /verysilent loadinf=install_server.inf"
"%programfiles%\UltraVNC\winvnc.exe -install"
"\\domain\netlogon\uvnc\uvncdriver\install_silent.bat"
copy \\domain\netlogon\uvnc\ultravnc.ini "%programfiles%\UltraVNC\ultravnc.ini"
copy \\domain\netlogon\uvnc\119x64.txt "%programfiles%\UltraVNC\119x64.txt"

Open in new window


I copied the first half from a repo because I'm wanting the ps1 to be ran with elevated rights.  Basically the second half makes the new folder on the local machine, copies some files runs an install and an exe with switches.  The problem I have is it's making the new folder inside netlogon versus on the local host.

What cmdlet am I missing to make this run similarly to a batch file?
LVL 14
Ben HartAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

footechCommented:
You can't do something like this.
}Else{
  SETUP
}
:SETUP

Open in new window

That'll just give errors.

You also can't use variables like %programfiles%.  That will be interpreted literally.  So it would create "%programfiles%\UltraVNC" in the current folder.  If you want to use the environment variable it would be $env:programfiles
Line 16 will copy to the current folder.  I would make the destination explicit.
Lines 17, 18, 19 are just strings, they won't do anything.

If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{   
    $arguments = "& '" + $myinvocation.mycommand.definition + "'"
    Start-Process powershell -Verb runAs -ArgumentList $arguments
    Break
}
$strFileName="$env:ProgramFiles\UltraVNC\119x64.txt"
If (Test-Path $strFileName){
    # // File exists
}Else{
    mkdir $env:ProgramFiles\UltraVNC
    copy \\domain\netlogon\uvnc\install_server.inf $env:ProgramFiles\UltraVNC
    # etc
}

Open in new window

I don't really know what commands you need to run to perform the install.  See this link for methods of calling third party executables.
http://social.technet.microsoft.com/wiki/contents/articles/7703.powershell-running-executables.aspx
Methods 5 and 10 are what I'll usually use.  10 is the best, but is only available with PS 3.0+.
0
Ben HartAuthor Commented:
gotcha Foo.. it's been a whie since I crafted a new .ps1 so I'm a bit rusty.  Here's what ive got so far.

Set-ExecutionPolicy -ExecutionPolicy Unrestricted
$vnc_source = "\\domain\netlogon\uVNC"
$vnc_install = "\\domain\netlogon\uvnc\UltraVNC_1_1_9_X64_Setup.exe"
$vnc_destination = "c:\program files\UltraVNC"
$vnc_version = "c:\program files\UltraVNC\119x64.txt"
$vnc_ini = "\\domain\netlogon\uvnc\ultravnc.ini"
$vnc_driver = "\\domain\netlogon\uvnc\driver"
new-item -itemtype directory -path $vnc_destination
copy-item -Path $vnc_install -Destination $vnc_destination
cd $vnc_destination
.\UltraVNC_1_1_9_X64_Setup.exe /verysilent loadinf=install_server.inf
start-sleep -Seconds 20
.\winvnc.exe -install
copy-item -path $vnc_ini -Destination $vnc_destination
copy-item -path $vnc_driver -Destination $vnc_destination
cd "c:\program files\UltraVNC\driver"
.\driver\devcon.exe install mv2.inf mv_hoook_display_driver2

Open in new window


My Win7 test VM is updating right now so I can't test it.. yet.  I'm having trouble running the commands individually because I get access denied creating the new folder.  From what I understand a powershell script in a GPO for Startup Scripts are processed as the SYSTEM context so the access should not be a problem then.,
0
footechCommented:
For testing you should be able to run in an elevated prompt.  When you get to testing running it as a startup script, if there's any problem I would have it write some messages out to a location that has relaxed permissions.

I don't see any particular problem with what you just posted.  But if there's errors parsing lines 11, 13, or 17, I would first try putting the call operator at the beginning of the line, like:
& .\UltraVNC_1_1_9_X64_Setup.exe /verysilent loadinf=install_server.inf

Open in new window

What version of PS is installed on the machines where this will run?
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

Ben HartAuthor Commented:
All the targets are Win7 Pro or Ent with SP1 at least.  So IIRC version 3 mostly.. I can't say for certain because there might be a version 2 lurking somewhere.

Can you give an example of writing a log file out like for example if theres an error creating the folder?
0
Ben HartAuthor Commented:
Ok rebooting my test vm.. the folder is not created, ultravnc is not installed.. and none of the files are copied all because the folder isnt created.  I added in a line:

Start-transcript -path "writable_location" -append -noclobber, and teh required Stop-Transcript.  but no txt is generated.
0
footechCommented:
Win7 comes with PS 2.0.  So unless you upgraded them...
At this point, are you just running from the console or are you trying it as a startup script?  If not from the console, do that until things are working.  You shouldn't have any problem creating the folder if you're running from an elevated session.

Here's a quick example of writing to a log.
try {new-item -itemtype directory -path 'C:\Program Files\test' -ErrorAction Stop } catch { "Error occurred - $($_.exception.message)" | Add-Content c:\temp\errorlog.txt }

Open in new window

0
Ben HartAuthor Commented:
Gotcha.. Ok so they're all PS ver 2.0

I'm trying this as a GPO Startup Script under Computer/Policies/Windows Settings/Scripts/Startup
0
Ben HartAuthor Commented:
Ok.. turns out it's the execution policy that's killing me at least in part.

Got on my test vm, opened Powershell as Admin, ran that script and it immediately complained about the Execution Policy.  So I manually set that to unrestricted then re-ran.  The folder was created, file copied, setup was ran however it complained about ./winvnc.exe not being a valid file.

I'm thinking the cd $vnc_destination is not going to work.

Not sure how the syntax would work for a:  "& ./c:\program files\bvbd\ultravnc\winvnc.exe"
0
footechCommented:
The dot in .\winvnc.exe just means the current folder.  So if winvnc.exe isn't in "c:\program files\UltraVNC" (which is what you specified with $vnc_destination), then no, that command won't find it.  There's nothing wrong with the cd command (cd is just an alias for Set-Location in case you didn't know).  If you want to specify the full path, it would be
& c:\program files\bvbd\ultravnc\winvnc.exe

Open in new window

0
Ben HartAuthor Commented:
Ok here's what I've got so far:

# Get the ID and security principal of the current user account
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
 
# Get the security principal for the Administrator role
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
 
# Check to see if we are currently running "as Administrator"
if ($myWindowsPrincipal.IsInRole($adminRole))
   {
   # We are running "as Administrator" - so change the title and background color to indicate this
   $Host.UI.RawUI.WindowTitle = $myInvocation.MyCommand.Definition + "(Elevated)"
   $Host.UI.RawUI.BackgroundColor = "DarkBlue"
   clear-host
   }
else
   {
   # We are not running "as Administrator" - so relaunch as administrator
   
   # Create a new process object that starts PowerShell
   $newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell";
   
   # Specify the current script path and name as a parameter
   $newProcess.Arguments = $myInvocation.MyCommand.Definition;
   
   # Indicate that the process should be elevated
   $newProcess.Verb = "runas";
   
   # Start the new process
   [System.Diagnostics.Process]::Start($newProcess);
   
   # Exit from the current, unelevated, process
   exit
   }




$vnc_source = "\\difc\netlogon\uVNC"
$vnc_install = "\\difc\netlogon\uvnc\UltraVNC_1_1_9_X64_Setup.exe"
$vnc_destination = "c:\program files\UltraVNC"
$vnc_version = "c:\program files\UltraVNC\119x64.txt"
$vnc_ini = "\\difc\netlogon\uvnc\ultravnc.ini"
$vnc_driver = "\\difc\netlogon\uvnc\driver\"
$log = "\\netapp\custom\joshua\uvnc.txt"
Start-Transcript -path $log -append -noclobber
Import-Module -name Microsoft.Powershell.Host
Set-ExecutionPolicy -ExecutionPolicy Unrestricted
$objfso = new-object -comobject scripting.filesystemobject
if($objfso.fileexists("C:\program files\UltraVNC\119x64.txt" -eq $TRUE))
{echo "Version file exists"
    exit
    }
else
{
echo "Version files does not exist"
}
new-item -itemtype directory -path $vnc_destination
copy-item -Path $vnc_install -Destination $vnc_destination
cd $vnc_destination
& .\UltraVNC_1_1_9_X64_Setup.exe /verysilent /norestart /loadinf=install_server.inf
start-sleep -Seconds 30
echo "Sleeping 30 seconds"
cd "C:\program files\uvnc bvba\UltraVNC"
& .\winvnc.exe -install
echo "VNC Service Installed"
#copy-item -path $vnc_ini -Destination $vnc_destination
copy-item -path \\difc\netlogon\uvnc\ultravnc.ini -Destination "c:\program files\UltraVNC"
echo "INI Copied"
copy-item -path \\difc\netlogon\uvnc\driver\*.* -Destination "c:\program files\UltraVnc"
echo "Driver files copied"
#copy-item -path $vnc_driver -Destination $vnc_destination
cd "c:\program files\UltraVNC"
& "c:\program files\UltraVNC\devcon.exe" install mv2.inf
echo
 "Devcon ran"

pause
Stop-Transcript

Open in new window


I'd paste the transcript but it had almost nothing in it.. none of the errors were written.

So for some reason it's not being ran during startup, not sure what the deal is there.  When I manually run it UAC prompts, then an elevated window opens



I found the code portion for running elevated from here: http://blogs.msdn.com/b/virtual_pc_guy/archive/2010/09/23/a-self-elevating-powershell-script.aspx

However upon startup it does not attempt to run As far as I can tell.  Browinsg to the netlogon share and manually running it does work


I'm starting to think that I should try a different avenue as all I can find suggests you cannot install the Mirror drivers using Powershell alone.
0
footechCommented:
I've seen many a question about running scripts as a startup script that need elevated permissions, but I haven't really followed them because I haven't needed to know the answer.   If the script is working when run from the console, I'm afraid that's as far as I can guide you.  I haven't used Start-Transcript for a couple years so I'm not real familiar with it.

If this isn't something that needs to be run repeatedly, I would just look at pushing out the install via PS Remoting or PsExec.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ben HartAuthor Commented:
I sort of agree Foo.. only problem is I've invested a good two weeks into making this work.  Maybe stubbornness is my problem here.
0
footechCommented:
Being stubborn in this line of work isn't always a bad thing.  :)
But if it doesn't make sense to have it as a startup script then I wouldn't pursue it any further.  You can still use the scripting approach, but modify how you get it to run on every machine.  Do you need this to run everytime a machine starts up?

I went ahead and tested the script you posted above as a startup script (modified a couple things so no changes would be made, and changed line 75 so it wouldn't hang waiting for input), and I had no problem seeing errors in the transcript.  Perhaps you could post what you have from your transcript and I could see if I spot anything.
0
Ben HartAuthor Commented:
This question is not abandoned.. I still dont agree with the 3 day stipulation.

I am still working on testing this
0
footechCommented:
It does make it a bit harder to help though when I haven't looked at the question for a few days as I have to go back through everything to refresh myself on where we're at.
0
Ben HartAuthor Commented:
I chose to no longer work towards pushing out VNC via GPO.  Footech helped me out a lot so the points go to him.

I'm in the same boat as you Foo.  In the real world most admins cannot dedicate 100% of their time to one problem, EE should take note of that.  The time it's taken to get this far and the script still fails to me it is not worth it.  I've got 6 other projects including normal day-to-day stuff.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.