Blog Posts tagged with Scripting

Ask a question

Deploying a Current Model Dell BIOS Update when there is a BIOS Password

Problem:
There is a new BIOS update for your clients, but the K1000 doesn't have an option to enter the BIOS password when deploying the BIOS update package.
 
Solution:
Create a script to deploy the BIOS.
  1. Upload the BIOS package as a dependency
  2. For the step deploying the package use the Launch a program option
  3. Set the Directory to: $(KACE_DEPENDENCY_DIR)
  4. Set the File to: <the name of the BIOS update exe file name>
  5. Set the parameters to the following:
    1. /s /f /p=<bios password>
    2. Example: O9010A10.exe /s /f /p=password
  6. Save changes for the Launch a program configuration box
  7. Add another Launch a program option
  8. Set the Directory to: $(KACE_SYS_DIR)
  9. Set the File to: cmd.exe
  10. Check the Wait for completion check box
  11. Set the Parameters to: shutdown -r -t 30 -c "BIOS Upgrade" -d p:1:1
    1. That will have the system restart 30 seconds after the upgrade and make note in the event system
  12. Save changes for the Launch a program configuration box
  13. Save the script
  14. Test deployment to a test system to confirm proper execution
NOTE: With this method of deployment the XML file for this script located at "%allusersprofile%\dell\kace\kbots_cache" will contain the BIOS password. If the folder permissions aren't sufficient to prevent your users from viewing this information then you may want to use an alternate method of performing the actual execution, like a batch file, which you can configure your script to delete after the batch file has been executed.
View comments (1)

KACE SMA (K1000) | Spectre & Meltdown Analysis

01/09/2018 update: added a Report and another CIR.
01/12/2018 update: added a screenshot of my device after installing the MS Patches.
                                updated the script to use the current script version of today (1.0.4)  > Download
                                Scriptchangelog from Microsoft:
                                        Added message directing users to explanation of output
                                        Addressed feedback regarding multiple CPUs when setting $cpu 


For an official statement from quest please visit: https://support.quest.com/kb/237193

Hi all, 

here a quick blog to check the hardware vulnarabilities CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 or better known as Spectre and Meltdown.
I am using the Microsoft security guidance ADV180002 as base script with KACE modifications. 

The outcome of this blog will be that you can easily see, filter, report and label all your Windows clients higher than Windows 7 SP1 or Server 2012 R2 which are vulnerable or secure against Spectre and / or Meltdown. To archive this we first need a script. 

The script looks like this and can be downloaded here
If you need assistance to import it to your KACE SMA (K1000) please feel free to contact me. 
cpu01.png

The script will create the logfile: "C:\Windows\Logs\KACE_CPU_Check.log" and rewrite it every time. 

To have the posibility to search, label and report these date we would need a CustomInventory.
Here you have a screenshot and can find the export as a download here.
cpu02.png
ShellCommandTextReturn(cmd /c type ""C:\Windows\Logs\KACE_CPU_Check.log"")

After that you should be able to filter everything like you know to do it. 
Enabled protections appear in the output as "true".

Example for filtering for vulnerable devices:
cpu03.png
If you go to the details you would see that this device is vulnerable against both.
cpu04.png


Now you want to check with one klick which devices are vulnerable and compatible to get patches through Patching. To do that we first need again a custom inventory which checks if the compatibility registry key is available. You can download the ready to use package here.

RegistryValueReturn(HKEY_LOCAL_MACHINE64\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat, cadca5fe-87d3-4b96-b7fb-a231484277cc, REG_DWORD) 

The next step is to import the report which can be downloaded here


SELECT mc.NAME AS Device,
       mc.LAST_INVENTORY AS Inventory,
       mc.OS_NAME AS Operating_System,
       mc.USER_FULLNAME AS Username,
       mc.BIOS_MANUFACTURER AS 'Bios Manufacturer',
       mc.BIOS_VERSION AS 'BIOS Version'
FROM (MACHINE mc
INNER JOIN MACHINE_CUSTOM_INVENTORY mci1 ON (mc.ID = mci1.ID))
INNER JOIN MACHINE_CUSTOM_INVENTORY mci ON (mc.ID = mci.ID)
WHERE mci.STR_FIELD_VALUE LIKE '%false%' AND mci.SOFTWARE_ID = (SELECT sw.ID FROM SOFTWARE sw WHERE (sw.DISPLAY_NAME = 'Inventory: Spectre & Meltdown Analysis'))
AND mci1.SOFTWARE_ID = (SELECT sw1.ID FROM SOFTWARE sw1 WHERE (sw1.DISPLAY_NAME = 'Inventory: Spectre & Meltdown QualityCompat'))


You can modify / add / delete everything wihtin the scripts, custom inventories or SQL-Reports. 
If you rename your custom inventory rules change the names in the SQL query too.

The report should look like this:


Little Update after the installation of the Microsoft Patch for my system (KB4056890).



Cheers Timo

View comments (7)

Command Line Access to WMI in XP

Link

Microsoft Windows XP includes a command-line utility (Wmic.exe) to access Windows Management Instrumentation (WMI). Until now it has been necessary to write a script to gather information from WMI. Note that WMIC can only be used by the local system administrators regardless of WMI namespace permissions on the local machine.

When you run the Wmic.exe utility for the first time, the utility compiles its .mof files into the repository.

At a command prompt, type: wmic , and an interactive-mode prompt "wmic:root\cli" is displayed.

For help, type: /? .

Also see:

* WMI Command-line

View comments (1)

Windows Explorer Switches

Link

EXPLORER.EXE [/n][/e][,/root,(object)][[,/select],{sub object}]

Switches

/n Opens a new window in single-paned (My Computer) view for each item selected, even if the new window duplicates a window that is already open.

/e Uses Windows Explorer view. Windows Explorer view is most similar to File Manager in Windows version 3.x. Note that the default view is Open view.

/root,[object] Specifies the root level of the specified view. The default is to use the normal namespace root (the desktop). Whatever is specified is the root for the display.

/select,[sub object] Specifies the folder to receive the initial focus. If "/select" is used, the parent folder is opened and the specified object is selected.

Also see:

* Change the Default Opening Folder in Windows Explorer

* Managing Files, Folders, and Search Methods

Be the first to comment

AT command line problems after IE 4+

The below article is still offered for those of you who have not upgraded, but with IE 5.01 SP1 this problem has been corrected. Read this tip for a bigger and better solution than AT.EXE!


For those of you that rely on the scheduler server to perform deployments, you likely script those commands with the AT.EXE or SOON.EXE command line tools. With IE 4 and later you may find that you get inconsistent or unexpected results.

The problem is the Task Scheduler replaces the Scheduler service and does not provide the same support at the command line. It doesn't appear to be something on the drawing board to be fixed either- this is another "functions as designed" item. Events are to be scheduled using the GUI for the Task Scheduler.

So take it off! Check out Q196731 for details on how to remove the Task Scheduler and get you beloved Scheduler Service back again:

Change this:
Key Name:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule

Value Names:

DependOnGroup: REG_MULTI_SZ

DependOnService: REG_MULTI_SZ: RpcSs

DisplayName: REG_SZ: Task Scheduler

ErrorControl: REG_DWORD: 0x1

Group: REG_SZ:

ImagePath: REG_EXPAND_SZ: C:\WINNT\System32\MSTask.exe

ObjectName: REG_SZ: LocalSystem

Start: REG_DWORD: 0x3

Type: REG_DWORD: 0x120


To this:
Key Name:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule

Value Names:

ErrorControl:REG_DWORD: 0x1

ImagePath: REG_EXPAND_SZ: %SystemRoot%\System32\AtSvc.Exe

ObjectName: REG_SZ: LocalSystem

Start: REG_DWORD: 0x2

Type: REG_DWORD: 0x10

View comments (1)
Showing 1 - 5 of 365 results

Top Contributors

Talk About Supporting Mac