My script for adding a wireless profile isn't working. I looked at other threads here, but can't figure out what's wrong. The kicker is the commands I use work when entered manually, and the .bat file also works when run manually. I can't figure it out. I've tried making the script an online KScript, an Offline KScript and an Online Shell Script. But nothing does the trick.

Here's what I currently have:

 

wlan.zip contains:

EAP-PEAP.msi (a Cisco package that contains the protocols needed for our employee-access network)

employee-access.xml (wlan exported config file)

wlan.bat

 

wlan.bat contains:

msiexec.exe /i EAP-PEAP.msi /quiet /qn

netsh wlan add profile filename=employee-access.xml

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f /v "WLAN prelogon" /t REG_SZ /d "%comspec% /c netsh wlan connect name=\employee-access\"
 
If I push this out to a machine, nothing gets installed. I can navigate to the $(KACE_DEPENDENCY_DIR) and see that the file got uploaded and unzipped.
I can run wlan.bat manually and everything works.
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Community Chosen Answer

1
So I finally heard from KACE support. I haven't gotten a definitive answer yet, but their suggestion was to use PSTools' PSExec http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx

So here's my script now:




Text script:

net stop "Sophos Anti-Virus"
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f /v "WLAN prelogon" /t REG_SZ /d "%comspec% /c netsh wlan connect name=\employee-access\"
net user administrator /active:yes
psexec -accepteula -i -s "%windir%\system32\cmd.exe" /c cd /d %cd% && msiexec.exe /i EAP-PEAP.msi /quiet /qn
psexec -accepteula -i -s "%windir%\system32\cmd.exe" /c cd /d %cd% && netsh wlan add profile filename=employee-access.xml
net start "Sophos Anti-Virus"

Note: I had problems with some PCs that use our antivirus, Sophos, so I script it to stop during the process here.

It's still not 100% on K1000 push-outs, but I also made a K2000 post-install and it work on 2 of 2 machines. More testing is necessary, and I'd like to make the script do some verifying/remediation, but not sure how to implement that.
Answered 06/12/2014 by: jtremblay
Purple Belt

  • find some registry keys that get changed by this process and create a custom software inventory to look for that change. then you can create a label for machines that do not have that custom item and only push it to those and set it to run on a schedule if needed
  • also one question, are these 64 bit machines that are giving you the problems taking the commands
    • Yes. The majority of our PCs are Win 7 64. I haven't actually tried this on 32-bit machines since we stopped deploying 32-bit quite a while ago.
      • I have helped some others with strange problems like this and what it came down to is the kace client is 32 bit so when it carries out instructions it looks for the exe's in syswow64 and runs them which the 64bit OS does not like. I had them use the sysnative path for the exe's they wanted to call. It fixed the problem, the 32client does not then default to its native system folder of syswow64 instead it looks in the systems native folder of system32.

        if you look at both folders you will see many exe's are in both the 32 and 64 system directories, netsh is one of them.

        so you should call:

        c:\windows\sysnative\netsh\ wlan add profile filename=employee-access.xml

        to force the 32bit kace client to use the 64bit netsh program.
      • here is one of them
        http://www.itninja.com/question/bitlocker-script
      • Hmm. SMal, I actually never heard of SysNative.
        But I can't get there from a command prompt, I guess it's only visible to 32-bit apps? (also there's no reply on your comments.)
      • sysnative is a special alais for making system calls from things like batch files or scripts.
        http://msdn.microsoft.com/en-us/library/aa384187%28VS.85%29
        http://ovidiupl.wordpress.com/2008/07/11/useful-wow64-file-system-trick/
      • the no reply is a limit of the web site, you need to reply like you are to yourself and they will sort by date to stay in order
      • Well the set up I have now seems to work "good enough". If it becomes an issue, I'll look into to this idea.

        BTW, do you know if K1000 6.0 has a 64-bit agent? Or if KACE will be making one available at some time in future?
      • still 32bit.
        post that as question
        or go to user voice if it is not already there and add that
Please log in to comment

Answers

0

may need to be a user vs system to run,  First thing is change your launch command

use

you can run this hidden via a small vbs script if you want also.

http://www.itninja.com/blog/view/how-to-hide-running-a-batch-file-from-a-kscript-with-version-5-5

Answered 05/22/2014 by: SMal.tmcc
Red Belt

  • if the unzip is to a subdir under the kace dependancy dir you will to add that also
    $(KACE_DEPENDENCY_DIR)\wlan\wlan.bat
    • Still no dice. I changed the command as you posted above and tried as System and as Current User. I also checked that other link, didn't try the vbscript but tried changing the XML to have job instead of policy. I don't care if it the black window is visible or not right now.
    • Unzips to current dir, no subdir
      • you can also just add the msi file as a dependency and use the launch a program and create 3 different commands and not call the batch file at all
    • OK, I rebuilt the script and it still didn't work. Also tried a version as an online shell script. No difference.
Please log in to comment
0

does your script look like this?

Execpt you should have both the msi and the xml file as dependencies. do not bother with a zip file since you only have 2 files.

Answered 05/22/2014 by: SMal.tmcc
Red Belt

  • sorry just noticed the parameters were cut off. just pasted your commands with a /c in front off
    • It was mostly the same. The 2 commands that are critical are the first 2, so I made them look the same as you have (with EAP-PEAP.msi and employee-access.xml as dependencies). The third I have set up as a Set Registry Value.
Please log in to comment
0

 

Sorry if it's not readable, I couldn't figure out how you got that to fit on one page, so I took 2 screenies after lowering font size.

Answered 05/22/2014 by: jtremblay
Purple Belt

  • did it work?
    print screen to paint and then highlight a long narrow strip, copy and paste to new and save
  • looking at script you may have to call the msi with the full path
    /i $(KACE_DEPENDENCY_DIR)\EAP-PEAP.msi /qn
Please log in to comment
0

I believe that it's because you run WLAN.bat which then starts CMD in the "System32" folder. I would specify the full paths of everything in the bat file, that makes sure that it can definetly find the files your trying to specify. 

Answered 05/26/2014 by: LBarclay
Orange Senior Belt

Please log in to comment
0

I've made 2 different versions of the script. One is an online kscript and the other is online shell scripts. Here is the latter:

Again, it doesn't work when I push it, but if I go to the directory where it gets pushed and run wlan.bat manually, it works. If it's a matter of changing the script to specify paths, how would you do that since the local system doesn't know the $(KACE_whatever) variables. I suppose if you could copy the files before hand to a temp dir that would work, but not sure how to do that either.

Answered 05/28/2014 by: jtremblay
Purple Belt

  • Justin,
    The $(KACE_DEPENDENCY_DIR) is based on the script ID number, and will be the same path on all client machines, where 'xxx' will be replaced by the script ID number:

    5.2+ $(KACE_DATA_DIR)\kbots_cache\packages\kbots\xxx
    5.1 $(KACE_INSTALL)\packages\kbots\xxx

    I would agree that inclusion of the full pathway may resolve the issue.
    • one other trick to get around that is to run the launch task from the $(KACE_DEPENDENCY_DIR) and call the exe with the full path like I do in this blog

      http://www.itninja.com/blog/view/how-to-hide-running-a-batch-file-from-a-kscript-with-version-5-5
Please log in to comment
Answer this question or Comment on this question for clarity
Admin Script Editor
Admin Script Editor is an integrated scripting environment available free here at ITNinja

Share