Dropbox client all users install in SCCM

Dropbox is being integrated into office 365 and other tools.  But the Dropbox company has no concept beyond individual user deployment.  This script is to install Dropbox for all users using a administrator or system account on Windows 7 or Windows 8.

Yes there are changes that could be made to make this more specific (program files vs program files (x86)) or other customization... but the script is just a start.

Hopefully Dropbox will see it and they will address their client design for a all users deployment.

----- Powershell Script... Enjoy. -----
$dropboxexe = "Dropbox 2.10.52.exe"

$allusersprofile = (gci env:allusersprofile).value
$appdata = (gci env:appdata).value
$arguments=  '/S /D=C:\Program Files\Dropbox'

$LASTEXITCODE = (Start-Process -FilePath $dropboxexe -ArgumentList $arguments -Passthru).ExitCode

  $ExplorerRunning = Get-Process explorer -EA 0 
  if ($ExplorerRunning -eq $null)
    #if explorer stop restart it. 
    schtasks /Create /TN "DropBoxInstall" /TR explorer.exe /SC OnLogon /ru Users
schtasks /Run    /TN "DropBoxInstall"
schtasks /Delete /TN "DropBoxInstall" /F
  $dropboxexeRunning = Get-Process $($dropboxexe -replace ".exe") -EA 0 
  if ($dropboxexeRunning -eq $null)
    #if install is complete then stop dropbox.exe from starting
    kill -name dropbox -force
  Start-Sleep -m 500
} while ($i -lt 200)

#copy add remove programs entry
Remove-Item -path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox" -ea 0
copy-item -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox" -destination "HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox"

#copy shortcuts
$PathFrom = "$($appdata)\Microsoft\Windows\Start Menu\Programs\Dropbox\*"
$PathTo   = "$($allusersprofile)\Microsoft\Windows\Start Menu\Programs\Dropbox\"
Remove-item -path $PathTo -recurse
md $PathTo -ea 0
copy-item -path $PathFrom -destination $PathTo -recurse

Be the first to comment

CIR to Track Windows Network Card Drivers

Here is a K1000 custom inventory rule which will allow you to track the network card driver(s) on your Windows systems with MS Powershell installed.

It is based on a script posted at

FileExists(C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe) AND ShellCommandTextReturn(cmd /q /c powershell.exe -command "(Get-ChildItem 'REGISTRY::HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}' -ErrorAction SilentlyContinue | ForEach-Object {Get-ItemProperty $_.PSPath | Where-Object {$_.Characteristics -eq '132'} | Select DriverDesc, DriverVersion | Format-List | Out-String}) | ForEach-Object {If ($_ -match 'Driver') {$_.Trim()}}")
Be the first to comment

How to create a K1000 notification to monitor the status of your Windows services

If you are concerned that some of the Windows services that should normally run on all your computers are not running and you want to keep an eye on these kind of situations you can the following custom K1000 Notifications to monitor them.

In the current version of K1000 is not possible to creare this kind of notification using the wizard but we need to use a custom SQL to achieve what we need.
A bit of background before to put the hands on the SQL code.
The following SQL use many differente tables and the most important to consider are:

MACHINE        contains all the machines that are in our inventory
NTSERVICE     contains information about the services discovered on the machine, their name, version, status and other details about them.
The most important field in this table are:
NAME                     represents the name of the service
STARTUP_TYPE    represents the service startup type (if starts automatically, manually or disabled).
the most common status types are:

STATUS        represents the current status of the service. The most common values are:
NTSERVICE_JT It is used to link the MACHINE table with the NTSERVICE table

In the following example we want to monitor the DHCP Server (DHCPServer) and the DNS server status and send an email notification to the administrator when one of these two services is stopped.
First of all we need to create our notification using the wizard:
  1. Under Reporting click on Notifications
  2. Click on Choose Action -> New -> Device Notification
  3. Enter the title, the recipients (at least one) and the frequency and press Create
  4. Click on the name of the notification that you just created and, as editor option, select : "To edit the Notification using this editor, Click Here"
  5. Remove all the SQL code and replace it with the following one:


Changing the where clause and modifying the IN clause adding other services you can keep an eye on different situations.

Some important points to remember:

  1. It is recommended that you test your SQL code before to sue in a notification or in a report: you can easily connect to the internal database of the K1000 using TOAD for MySql or the native tools of MySQL
  2. Remember that the data is collected thought the Inventory and so it is not realtime: by default the inventory is sent to the machine every 2 hours. So do not exaggerate with the frequency of the notification
  3. the field NAME of the table NTSTATUS contains the real name of the service and not the descriptive one. To find out the real name of a service open the services.msc snap-in and double click on the service
    The real name of the service in the one stated in the General tab, Service name

Be the first to comment

Why do you have to type in your PIN after rebooting your phone or after a certain amount of time?

iPhone 5s/6/6 Plus users (and the newer breed of iPad users, too), have you ever wondered why you need to enter your pin after rebooting your device, why wont the Touch ID just work?

Here's the answer from Apple Support Blog itself.

"Touch ID doesn’t store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn’t possible for your actual fingerprint image to be reverse-engineered from this mathematical representation. iPhone 5s also includes a new advanced security architecture called the Secure Enclave within the A7 chip, which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of A7 and the rest of iOS. Therefore, your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can’t be used to match against other fingerprint databases."
Be the first to comment

Understanding Pipe commands to enhance your scripts

Since the Kace 1000 scripts and CIR's can call the command interpreter use can use pipe commands to chain code together for better flow


examples of pipes I use within the k1000

In CIR's

ShellCommandTextReturn(cmd /c cscript /b c:\programdata\dell\kace\user\fadmins.vbs & type c:\programdata\dell\kace\user\filteredadmins.txt )

In Kscripts and batch commands

reg.exe query hkcu\software\microsoft\windows\currentversion\run /s > C:\ProgramData\Dell\KACE\user\hkcuRunKeys.txt && if "%PROCESSOR_ARCHITECTURE%"=="AMD64" reg.exe query hkcu\software\wow6432node\microsoft\windows\currentversion\run /s >> C:\ProgramData\Dell\KACE\user\hkcuRunKeys.txt

for %%g in (c:\programdata\dell\kace\user\tempsw.txt) do (findstr /v /b /c:"ECHO is" %%g > c:\programdata\dell\kace\user\allsw.txt) & del c:\programdata\dell\kace\user\tempsw.txt /q
rename c:\programdata\dell\kace\user\allsw.txt tempsw.txt & for %%g in (c:\programdata\dell\kace\user\tempsw.txt) do (findstr /v /b /c:"Public" %%g > c:\programdata\dell\kace\user\allsw.txt) & del c:\programdata\dell\kace\user\tempsw.txt /q
REM ::this line removes Windows sidebar from the list::
rename c:\programdata\dell\kace\user\allsw.txt tempsw.txt & for %%g in (c:\programdata\dell\kace\user\tempsw.txt) do (findstr /v /b /c:"Sidebar" %%g > c:\programdata\dell\kace\user\allsw.txt) & del c:\programdata\dell\kace\user\tempsw.txt /q

Be the first to comment
Showing 1 - 5 of 2627 results