K1000 scripting - Verifying file exists as logged-in user in users profile.
I am trying to deploy a user certificate that would reside in the
current user certificate store that would be placed in the personal
folder on our windows clients. The script works well but I would like to
verify if the certificate exists first before I install the
certificate. When the certificate is installed, it is not placed in
registry, but in
c:\users\[username]\AppData\Microsoft\SystemCertificates\My\Certificates\[filename]
location.
I have the script to run as logged-in user, but I can't seem to verify if the file exists before I do a remediation. If I use the following with explicitly giving my username it works.
Verify a file exists...
Directory:
File:
If I try using an environment variable like the following, It does not work because it is looking under the system profile.
Verify a file exists...
Directory:
File:
It seems even though the script to install the cert is running as the logged in user and not as the system, the verify portion runs as the system account as I see this in the logs.
Is this bug, by design or any way to verify if the file exists before I do remediation, instead of just installing it all the time? I would like to just leave this run once week or even once a day for the selected computers, if a new computer gets inventoried and meets smart label criteria and I can't really explicitly give usernames.
I have the script to run as logged-in user, but I can't seem to verify if the file exists before I do a remediation. If I use the following with explicitly giving my username it works.
Verify a file exists...
Directory:
File:
If I try using an environment variable like the following, It does not work because it is looking under the system profile.
Verify a file exists...
Directory:
File:
It seems even though the script to install the cert is running as the logged in user and not as the system, the verify portion runs as the system account as I see this in the logs.
File does not exist: c:\users\C:\WINDOWS\system32\config\systemprofile\AppData\Microsoft\SystemCertificates\My\Certificates
Is this bug, by design or any way to verify if the file exists before I do remediation, instead of just installing it all the time? I would like to just leave this run once week or even once a day for the selected computers, if a new computer gets inventoried and meets smart label criteria and I can't really explicitly give usernames.
1 Comment
[ + ] Show comment
-
I am having same problem...any update on how to resolve? - bnerison 7 years ago
Answers (1)
Please log in to answer
Posted by:
SMal.tmcc
8 years ago
there is a bug that the verify portion still runs as system. there was a question a few weeks ago that a DSG Ninja answered about a similar situation.
http://www.itninja.com/question/trying-to-remove-see-if-a-specific-file-from-users-desktops
see the comments
http://www.itninja.com/question/trying-to-remove-see-if-a-specific-file-from-users-desktops
see the comments
Comments:
-
I have experienced this same problem ever since upgrading the agents to 6.4, works fine with 6.0 agents. My understanding is this is fixed with agent 7 but have not upgraded yet, but, have a work around. I created a new online kscript set to run and user with this program launch command:
Directory: SYS
File: cmd.exe
x - Wait for completion
Parameters: /C dir /b "C:\users\%username%\AppData\Roaming\Autodesk\ApplicationPlugins" > c:\Temp\ACADplugins.txt
Then I created a software custom inventory rule to get and .txt file and report the findings:
ShellCommandTextReturn(cmd /c type c:\temp\ACADplugins.txt) - bnerison 7 years ago
