Solved

Powershell script help

Posted on 2014-09-26
16
206 Views
Last Modified: 2014-10-31
I'm trying to push out UltraVNC and specific settings.  What I have now is:

If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))

{   
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}
$strFileName="%programfiles%\UltraVNC\119x64.txt"
If (Test-Path $strFileName){
  # // File exists
}Else{
  SETUP
}
:SETUP
mkdir %programfiles%\UltraVNC
copy \\domain\netlogon\uvnc\install_server.inf
"\\domain\netlogon\uvnc\UltraVNC_1_1_9_X64_Setup.exe /verysilent loadinf=install_server.inf"
"%programfiles%\UltraVNC\winvnc.exe -install"
"\\domain\netlogon\uvnc\uvncdriver\install_silent.bat"
copy \\domain\netlogon\uvnc\ultravnc.ini "%programfiles%\UltraVNC\ultravnc.ini"
copy \\domain\netlogon\uvnc\119x64.txt "%programfiles%\UltraVNC\119x64.txt"

Open in new window


I copied the first half from a repo because I'm wanting the ps1 to be ran with elevated rights.  Basically the second half makes the new folder on the local machine, copies some files runs an install and an exe with switches.  The problem I have is it's making the new folder inside netlogon versus on the local host.

What cmdlet am I missing to make this run similarly to a batch file?
0
Comment
Question by:Ben Hart
  • 9
  • 7
16 Comments
 
LVL 39

Expert Comment

by:footech
ID: 40346434
You can't do something like this.
}Else{
  SETUP
}
:SETUP

Open in new window

That'll just give errors.

You also can't use variables like %programfiles%.  That will be interpreted literally.  So it would create "%programfiles%\UltraVNC" in the current folder.  If you want to use the environment variable it would be $env:programfiles
Line 16 will copy to the current folder.  I would make the destination explicit.
Lines 17, 18, 19 are just strings, they won't do anything.

If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{   
    $arguments = "& '" + $myinvocation.mycommand.definition + "'"
    Start-Process powershell -Verb runAs -ArgumentList $arguments
    Break
}
$strFileName="$env:ProgramFiles\UltraVNC\119x64.txt"
If (Test-Path $strFileName){
    # // File exists
}Else{
    mkdir $env:ProgramFiles\UltraVNC
    copy \\domain\netlogon\uvnc\install_server.inf $env:ProgramFiles\UltraVNC
    # etc
}

Open in new window

I don't really know what commands you need to run to perform the install.  See this link for methods of calling third party executables.
http://social.technet.microsoft.com/wiki/contents/articles/7703.powershell-running-executables.aspx
Methods 5 and 10 are what I'll usually use.  10 is the best, but is only available with PS 3.0+.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40346670
gotcha Foo.. it's been a whie since I crafted a new .ps1 so I'm a bit rusty.  Here's what ive got so far.

Set-ExecutionPolicy -ExecutionPolicy Unrestricted
$vnc_source = "\\domain\netlogon\uVNC"
$vnc_install = "\\domain\netlogon\uvnc\UltraVNC_1_1_9_X64_Setup.exe"
$vnc_destination = "c:\program files\UltraVNC"
$vnc_version = "c:\program files\UltraVNC\119x64.txt"
$vnc_ini = "\\domain\netlogon\uvnc\ultravnc.ini"
$vnc_driver = "\\domain\netlogon\uvnc\driver"
new-item -itemtype directory -path $vnc_destination
copy-item -Path $vnc_install -Destination $vnc_destination
cd $vnc_destination
.\UltraVNC_1_1_9_X64_Setup.exe /verysilent loadinf=install_server.inf
start-sleep -Seconds 20
.\winvnc.exe -install
copy-item -path $vnc_ini -Destination $vnc_destination
copy-item -path $vnc_driver -Destination $vnc_destination
cd "c:\program files\UltraVNC\driver"
.\driver\devcon.exe install mv2.inf mv_hoook_display_driver2

Open in new window


My Win7 test VM is updating right now so I can't test it.. yet.  I'm having trouble running the commands individually because I get access denied creating the new folder.  From what I understand a powershell script in a GPO for Startup Scripts are processed as the SYSTEM context so the access should not be a problem then.,
0
 
LVL 39

Expert Comment

by:footech
ID: 40346799
For testing you should be able to run in an elevated prompt.  When you get to testing running it as a startup script, if there's any problem I would have it write some messages out to a location that has relaxed permissions.

I don't see any particular problem with what you just posted.  But if there's errors parsing lines 11, 13, or 17, I would first try putting the call operator at the beginning of the line, like:
& .\UltraVNC_1_1_9_X64_Setup.exe /verysilent loadinf=install_server.inf

Open in new window

What version of PS is installed on the machines where this will run?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40346812
All the targets are Win7 Pro or Ent with SP1 at least.  So IIRC version 3 mostly.. I can't say for certain because there might be a version 2 lurking somewhere.

Can you give an example of writing a log file out like for example if theres an error creating the folder?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40346836
Ok rebooting my test vm.. the folder is not created, ultravnc is not installed.. and none of the files are copied all because the folder isnt created.  I added in a line:

Start-transcript -path "writable_location" -append -noclobber, and teh required Stop-Transcript.  but no txt is generated.
0
 
LVL 39

Expert Comment

by:footech
ID: 40346998
Win7 comes with PS 2.0.  So unless you upgraded them...
At this point, are you just running from the console or are you trying it as a startup script?  If not from the console, do that until things are working.  You shouldn't have any problem creating the folder if you're running from an elevated session.

Here's a quick example of writing to a log.
try {new-item -itemtype directory -path 'C:\Program Files\test' -ErrorAction Stop } catch { "Error occurred - $($_.exception.message)" | Add-Content c:\temp\errorlog.txt }

Open in new window

0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40363698
Gotcha.. Ok so they're all PS ver 2.0

I'm trying this as a GPO Startup Script under Computer/Policies/Windows Settings/Scripts/Startup
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40363989
Ok.. turns out it's the execution policy that's killing me at least in part.

Got on my test vm, opened Powershell as Admin, ran that script and it immediately complained about the Execution Policy.  So I manually set that to unrestricted then re-ran.  The folder was created, file copied, setup was ran however it complained about ./winvnc.exe not being a valid file.

I'm thinking the cd $vnc_destination is not going to work.

Not sure how the syntax would work for a:  "& ./c:\program files\bvbd\ultravnc\winvnc.exe"
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 39

Expert Comment

by:footech
ID: 40364671
The dot in .\winvnc.exe just means the current folder.  So if winvnc.exe isn't in "c:\program files\UltraVNC" (which is what you specified with $vnc_destination), then no, that command won't find it.  There's nothing wrong with the cd command (cd is just an alias for Set-Location in case you didn't know).  If you want to specify the full path, it would be
& c:\program files\bvbd\ultravnc\winvnc.exe

Open in new window

0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40368357
Ok here's what I've got so far:

# Get the ID and security principal of the current user account
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
 
# Get the security principal for the Administrator role
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
 
# Check to see if we are currently running "as Administrator"
if ($myWindowsPrincipal.IsInRole($adminRole))
   {
   # We are running "as Administrator" - so change the title and background color to indicate this
   $Host.UI.RawUI.WindowTitle = $myInvocation.MyCommand.Definition + "(Elevated)"
   $Host.UI.RawUI.BackgroundColor = "DarkBlue"
   clear-host
   }
else
   {
   # We are not running "as Administrator" - so relaunch as administrator
   
   # Create a new process object that starts PowerShell
   $newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell";
   
   # Specify the current script path and name as a parameter
   $newProcess.Arguments = $myInvocation.MyCommand.Definition;
   
   # Indicate that the process should be elevated
   $newProcess.Verb = "runas";
   
   # Start the new process
   [System.Diagnostics.Process]::Start($newProcess);
   
   # Exit from the current, unelevated, process
   exit
   }




$vnc_source = "\\difc\netlogon\uVNC"
$vnc_install = "\\difc\netlogon\uvnc\UltraVNC_1_1_9_X64_Setup.exe"
$vnc_destination = "c:\program files\UltraVNC"
$vnc_version = "c:\program files\UltraVNC\119x64.txt"
$vnc_ini = "\\difc\netlogon\uvnc\ultravnc.ini"
$vnc_driver = "\\difc\netlogon\uvnc\driver\"
$log = "\\netapp\custom\joshua\uvnc.txt"
Start-Transcript -path $log -append -noclobber
Import-Module -name Microsoft.Powershell.Host
Set-ExecutionPolicy -ExecutionPolicy Unrestricted
$objfso = new-object -comobject scripting.filesystemobject
if($objfso.fileexists("C:\program files\UltraVNC\119x64.txt" -eq $TRUE))
{echo "Version file exists"
    exit
    }
else
{
echo "Version files does not exist"
}
new-item -itemtype directory -path $vnc_destination
copy-item -Path $vnc_install -Destination $vnc_destination
cd $vnc_destination
& .\UltraVNC_1_1_9_X64_Setup.exe /verysilent /norestart /loadinf=install_server.inf
start-sleep -Seconds 30
echo "Sleeping 30 seconds"
cd "C:\program files\uvnc bvba\UltraVNC"
& .\winvnc.exe -install
echo "VNC Service Installed"
#copy-item -path $vnc_ini -Destination $vnc_destination
copy-item -path \\difc\netlogon\uvnc\ultravnc.ini -Destination "c:\program files\UltraVNC"
echo "INI Copied"
copy-item -path \\difc\netlogon\uvnc\driver\*.* -Destination "c:\program files\UltraVnc"
echo "Driver files copied"
#copy-item -path $vnc_driver -Destination $vnc_destination
cd "c:\program files\UltraVNC"
& "c:\program files\UltraVNC\devcon.exe" install mv2.inf
echo
 "Devcon ran"

pause
Stop-Transcript

Open in new window


I'd paste the transcript but it had almost nothing in it.. none of the errors were written.

So for some reason it's not being ran during startup, not sure what the deal is there.  When I manually run it UAC prompts, then an elevated window opens



I found the code portion for running elevated from here: http://blogs.msdn.com/b/virtual_pc_guy/archive/2010/09/23/a-self-elevating-powershell-script.aspx

However upon startup it does not attempt to run As far as I can tell.  Browinsg to the netlogon share and manually running it does work


I'm starting to think that I should try a different avenue as all I can find suggests you cannot install the Mirror drivers using Powershell alone.
0
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 40369793
I've seen many a question about running scripts as a startup script that need elevated permissions, but I haven't really followed them because I haven't needed to know the answer.   If the script is working when run from the console, I'm afraid that's as far as I can guide you.  I haven't used Start-Transcript for a couple years so I'm not real familiar with it.

If this isn't something that needs to be run repeatedly, I would just look at pushing out the install via PS Remoting or PsExec.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40372945
I sort of agree Foo.. only problem is I've invested a good two weeks into making this work.  Maybe stubbornness is my problem here.
0
 
LVL 39

Expert Comment

by:footech
ID: 40373659
Being stubborn in this line of work isn't always a bad thing.  :)
But if it doesn't make sense to have it as a startup script then I wouldn't pursue it any further.  You can still use the scripting approach, but modify how you get it to run on every machine.  Do you need this to run everytime a machine starts up?

I went ahead and tested the script you posted above as a startup script (modified a couple things so no changes would be made, and changed line 75 so it wouldn't hang waiting for input), and I had no problem seeing errors in the transcript.  Perhaps you could post what you have from your transcript and I could see if I spot anything.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40385019
This question is not abandoned.. I still dont agree with the 3 day stipulation.

I am still working on testing this
0
 
LVL 39

Expert Comment

by:footech
ID: 40385660
It does make it a bit harder to help though when I haven't looked at the question for a few days as I have to go back through everything to refresh myself on where we're at.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40415671
I chose to no longer work towards pushing out VNC via GPO.  Footech helped me out a lot so the points go to him.

I'm in the same boat as you Foo.  In the real world most admins cannot dedicate 100% of their time to one problem, EE should take note of that.  The time it's taken to get this far and the script still fails to me it is not worth it.  I've got 6 other projects including normal day-to-day stuff.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Set OWA language and time zone in Exchange for individuals, all users or per database.
Synchronize a new Active Directory domain with an existing Office 365 tenant
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now