Hi

I am planning to:

Remediation>Run a batch file...

using KBOX scripting. Seems like the certutil section is not working. How I can achieve my goal.

msiexec.exe /i $(KACE_DEPENDENCY_DIR)\vpnclient_setup.msi /qn /norestart /log vpn.log
msiexec.exe /i $(KACE_DEPENDENCY_DIR)\ActivClient.msi /qn /norestart PINCHANGETOOLREQ=-1 PINCHANGETOOLREQ=-1 /log ActivClient.log
msiexec.exe /update $(KACE_DEPENDENCY_DIR)\FIXS1110013.msp /qn /norestart /log update.log
msiexec.exe /i $(KACE_DEPENDENCY_DIR)\idondemand_updater_plugin.msi /qn /norestart /log plugin.log
cmd /c certutil -addstore Root  $(KACE_DEPENDENCY_DIR)\RootCA.crt
cmd /c certutil -addstore CA  $(KACE_DEPENDENCY_DIR)\CA.crt
Answer Summary:
Cancel
3 Comments   [ + ] Show Comments

Comments

  • Hmmm..."not working." Could you be a little more vague? There's too much information here to go on.

    As a kick-off, I would recommend *always* including the full path to files you're calling in script. So...

    %SystemRoot%\SYSTEM32\CMD /C %SystemRoot%\SYSTEM32\CERTUTIL -addstore [etc.]
  • I can see a double space between "Root $" :D
  • you also should use a start /wait at the start of each line in the batch file to keep commands in sequence.
Please log in to comment

Answers

0

are these commands working manually by directly putting those on Admin cmd?

Answered 09/05/2013 by: MadForMsi
Blue Belt

  • run a batch using certreq.exe and certutil.exe using certadm.dll and certcli.dll google those
  • Its all good now. Found two issues.
    1) removed the $(KACE_DEPENDENCY_DIR)\, as somehow its not able to find the ref files while I run a Batch file from the script.

    2) As KBOX executes script/batch as system user/Admin user and our pcs has users Home folder (i.e. Documents) on Network share & Admin account don't have Home network folder (H: share), the installation was failing always. So fooled the system my mapping to itself while running the BAT.

    start /wait net use H: \\localhost\c$
    start /wait msiexec.exe /i vpnclient_setup.msi /qn /norestart /log vpn.log
    start /wait msiexec.exe /i ActivClient.msi /qn /norestart PINCHANGETOOLREQ=-1 PINCHANGETOOLREQ=-1 /log ActivClient.log
    start /wait msiexec.exe /update FIXS1110013.msp /qn /norestart /log vpn_update.log
    start /wait msiexec.exe /i idondemand_updater_plugin.msi /qn /norestart /log vpn_plugin.log
    start /wait net use /delete H:
    start /wait certutil -addstore Root RootCA.crt
    start /wait certutil -addstore CA CA.crt

    Now all good. Thanks to all.
Please log in to comment
Answer this question or Comment on this question for clarity