Jump to content

Pushing a KB patch to multiple computers via script

JBritt1234

By JBritt1234
in Windows 2000/2003/NT4

 Share

Recommended Posts

JBritt1234

JBritt1234

Posted
Posted (edited)

Hello,

I have been searching for a few days to try to figure out the best way to push a KB patch out to multiple machines using a script that can be inserted into out logon scripts.

I have been working on using WSUS 3.0 sp1 and 2/3 of my machines are not reporting and i'm worried about this KB958644 patch and really want to get it pushed out. I'll then go back to getting WSUS running correctly.

So, I have mostly XP machines out there but there are some 2k. Also, some users that have logon scripts use their regular accounts to logon to some test Servers etc, so I would like the script to check the OS version and only install on 2k and XP. Servers are being patched another way. I also would like it to verify if the patch exists so that it's not installed multiple times. I would also like to be sure I can edit where it pulls the install file from as we have multiple offices and I want to save the files locally.

I'm very new to scripting, I only have learned a bit while I have been researching this the last few days. I did find this post that has a script that does kind of what I want but I don't have the skill to edit it.

http://www.msfn.org/board/Installing-Windo...ch-t113186.html

If somebody could point me to a script or help out, it would be much appreciated! Thanks!

Edited by JBritt1234

IcemanND

IcemanND

Posted
Posted

Hmm, knew I posted that somewhere. I've added additional comments on how to modify the code for your needs.

  Dim objWMIService, strOS, strOSCaption
  Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\.\root\cimv2")
  strOS = ""
  DSSBinLocation = "\\myserver\mypatches\"
  Set OSSet = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
  ' Caption value for different OS:
  ' Microsoft Windows 2000 ...
  ' Microsoft Windows XP ...
  ' Microsoft® Windows® Server 2003, ..... Edition
  ' Microsoft Windows Vista Enterprise
  For Each OS in OSSet
	strOSCaption = OS.Caption
	Select Case True
	 Case InStr(1, strOSCaption, "windows 2000", vbTextCompare) > 0
	   strOS = "Windows 2000"
	 Case InStr(1, strOSCaption, "windows xp", vbTextCompare) > 0
	   strOS = "Windows XP"
	 Case InStr(1, strOSCaption, "windows® server 2003", vbTextCompare) > 0
	   strOS = "Windows Server 2003"
	 Case InStr(1, strOSCaption, "windows vista", vbTextCompare) > 0
	   strOS = "Windows Vista"
	End Select
  Next
  if strOS = "Windows XP" then
	'get version of exist a file being updated and check to see if update needs to be applied.
	'no need to reinstall the update at each boot.
	'Replace path and file anme to chack and see if the primary file being updated has been changed or not.
	MSIFileSpec = WshShell.ExpandEnvironmentStrings("%SystemRoot%") & "\System32\msi.dll"
	If (fso.FileExists(MSIFileSpec)) Then
	  CurrentFileVersion = fso.GetFileVersion(MSIFileSpec)
	End If
	CurrentFileVersion = Replace(CurrentFileVersion, ".", "")
'change version number to reflect the version you are going to install
	if CurrentFileVersion < 3140004003 then
'set path and executable name here for the patch and appropriate switches.  
'in this case DSSBinLocation is a network path to the patch location.
	  CommandLine = DSSBinLocation & "WindowsXP-KB927891-v2-x86-ENU.exe /passive /nobackup /forceappsclose /warnrestart:4"
	  WshShell.Run CommandLine, 1, false
	end if
  end if
  set OSSet = nothing
  set objWMIService = nothing

JBritt1234

JBritt1234

Posted
  • Author
Posted

Thanks for the reply and making those mods!

So, one issue I am seeing with this after going through each line and editing is that for Win XP there are two versions of the file, each depending on what SP level it is. The file replaced is Netapi32.dll. SP 2 installs 5.1.2600.3462 and SP 3 is 5.1.2600.5694. How would I go about getting around this?

It does add another file it seems, KB958644.cat in C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}. It does not have a version that I see. Can we have it just check for that file and if it's there, not install? Looks to me like it's just modifying the if statements, but I dont have the skill to do that.

Info on the patch I want to apply;

http://support.microsoft.com/kb/958644

So, I see where you define the different OS's. Which section shows that it should only install to certian OS's? I'm thinking it's where you have the "if strOS = "Windows XP" then". So this script would only install on Win XP. Would I basically just copy this section and paste it below and modify to have if strOS = "Windows 2000" to install on 2k boxes? Yes, I know it sux but we still have some out there.

Thanks again!

IcemanND

IcemanND

Posted
Posted

Could either add a check for the SP number and check for the appropriate version from there. Or look for the existence of the CAT file, though this would not necessarily confirm that it was installed. I have seen instances where the installation failed but the CAT file was still there. Better to check the version of the file being replaced. Does 2000 have different versions depending upon SP, or are all of your 2000 systems at the same SP?

And yes just copy the "if stros="xxxxxxx" then ...<snip>... endif" section and replace Windows XP with the appropriate OS you want to do something with.

JBritt1234

JBritt1234

Posted
  • Author
Posted

Sorry, I got held up working on getting the machines to report to WSUS. But I still have over 1000 that are not reporting.

So, to answer your question, yes, 2000 has different versions also. But there is something that concerns me, that is that in the script where it looks to see if it is Windows 2000, it cannot tell if it's Professional or Server. We have only a handful of 2000 machines out there and I think the percentage of them that are not reporting to WSUS is even smaller, so I want to just concentrate on XP Pro for now and hold off on 2k.

So, how would I modify the script to have it first check for SP level, if it is SP 2, check for dll version and then install. If it's not sp2, check to see if it is sp 3, check for dll and install if needed. There are no sp 1's or 0's out there.

Again, I appreciate your help. I have included the code with my paths and the version number for the dll if it were sp2.

Dim objWMIService, strOS, strOSCaption
  Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\.\root\cimv2")
  strOS = ""
  DSSBinLocation = "\\DC1CODENV\patches\"
  Set OSSet = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
  ' Caption value for different OS:
  ' Microsoft Windows 2000 ...
  ' Microsoft Windows XP ...
  ' Microsoft® Windows® Server 2003, ..... Edition
  ' Microsoft Windows Vista Enterprise
  For Each OS in OSSet
    strOSCaption = OS.Caption
    Select Case True
     Case InStr(1, strOSCaption, "windows 2000", vbTextCompare) > 0
       strOS = "Windows 2000"
     Case InStr(1, strOSCaption, "windows xp", vbTextCompare) > 0
       strOS = "Windows XP"
     Case InStr(1, strOSCaption, "windows® server 2003", vbTextCompare) > 0
       strOS = "Windows Server 2003"
     Case InStr(1, strOSCaption, "windows vista", vbTextCompare) > 0
       strOS = "Windows Vista"
    End Select
  Next
  if strOS = "Windows XP" then
    'get version of exist a file being updated and check to see if update needs to be applied.
    'no need to reinstall the update at each boot.
    'Replace path and file name to check and see if the primary file being updated has been changed or not.
    MSIFileSpec = WshShell.ExpandEnvironmentStrings("%SystemRoot%") & "\System32\Netapi32.dll"
    If (fso.FileExists(MSIFileSpec)) Then
      CurrentFileVersion = fso.GetFileVersion(MSIFileSpec)
    End If
    CurrentFileVersion = Replace(CurrentFileVersion, ".", "")
'change version number to reflect the version you are going to install
    if CurrentFileVersion < 5126003462 then
'set path and executable name here for the patch and appropriate switches.  
'in this case DSSBinLocation is a network path to the patch location.
      CommandLine = DSSBinLocation & "WindowsXP-KB958644-x86-ENU.exe /quiet /nobackup /forceappsclose /warnrestart:60"
      WshShell.Run CommandLine, 1, false
    end if
  end if
  set OSSet = nothing
  set objWMIService = nothing

IcemanND

IcemanND

Posted
Posted 
Dim objWMIService, strOS, strOSCaption
Dim strComputer

Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

strOS = ""
StrServicePack = ""
DSSBinLocation = "\\DC1CODENV\patches\"

Set OSSet = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")

' Caption value for different OS:
' Microsoft Windows 2000 ...
' Microsoft Windows XP ...
' Microsoft® Windows® Server 2003, ..... Edition
' Microsoft Windows Vista Enterprise
For Each OS in OSSet
	strOSCaption = OS.Caption
	strServicePack = OS.ServicePackMajorVersion & "." & OS.ServicePackMinorVersion
	Select Case True
		Case InStr(1, strOSCaption, "windows 2000", vbTextCompare) > 0
			strOS = "Windows 2000"
		Case InStr(1, strOSCaption, "windows xp", vbTextCompare) > 0
			strOS = "Windows XP"
		Case InStr(1, strOSCaption, "windows® server 2003", vbTextCompare) > 0
			strOS = "Windows Server 2003"
		Case InStr(1, strOSCaption, "windows vista", vbTextCompare) > 0
			strOS = "Windows Vista"
	End Select
Next


if strOS = "Windows XP" then
	'get version of exist a file being updated and check to see if update needs to be applied.
	'no need to reinstall the update at each boot.
	'Replace path and file name to check and see if the primary file being updated has been changed or not.
	MSIFileSpec = WshShell.ExpandEnvironmentStrings("%SystemRoot%") & "\System32\Netapi32.dll"
	If (fso.FileExists(MSIFileSpec)) Then
		CurrentFileVersion = fso.GetFileVersion(MSIFileSpec)
	End If
	CurrentFileVersion = Replace(CurrentFileVersion, ".", "")
	'change version number to reflect the version you are going to install


	if ((CurrentFileVersion < 5126003462) and (strServicePack="2.0")) or ((CurrentFileVersion <5126005694) and (strServicePack="3.0")) then
		'set path and executable name here for the patch and appropriate switches.
		'in this case DSSBinLocation is a network path to the patch location.
		CommandLine = DSSBinLocation & "WindowsXP-KB958644-x86-ENU.exe /quiet /nobackup /forceappsclose /warnrestart:60"
		WshShell.Run CommandLine, 1, false
	end if
end if
set OSSet = nothing
set objWMIService = nothing

JBritt1234

JBritt1234

Posted
  • Author
Posted

Thanks! That helps a lot.

Ok, it took me all day but I got it working. I had to edit a few lines and add a couple. I wanted to post the working code in case anybody else ever could use it. Thanks again for the help!

Dim objWMIService, strOS, strOSCaption, strOSServicePack, MSIFileSpec, fso

  Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\.\root\cimv2")
   Set WshShell = CreateObject("WScript.Shell")
   Set fso = CreateObject("Scripting.FileSystemObject")

  strOS = ""
  DSSBinLocation = "\\DC1CODENV\patches\"
  Set OSSet = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
  ' Caption value for different OS:
  ' Microsoft Windows 2000 ...
  ' Microsoft Windows XP ...
  ' Microsoft® Windows® Server 2003, ..... Edition
  ' Microsoft Windows Vista Enterprise
  For Each OS in OSSet
    strOSCaption = OS.Caption
    strOSServicePack = OS.ServicePackMajorVersion
    Select Case True
     Case InStr(1, strOSCaption, "windows 2000", vbTextCompare) > 0
       strOS = "Windows 2000"
     Case InStr(1, strOSCaption, "windows xp", vbTextCompare) > 0
       strOS = "Windows XP"
     Case InStr(1, strOSCaption, "windows® server 2003", vbTextCompare) > 0
       strOS = "Windows Server 2003"
     Case InStr(1, strOSCaption, "windows vista", vbTextCompare) > 0
       strOS = "Windows Vista"
    End Select

  Next
  if strOS = "Windows XP" then
    'get version of exist a file being updated and check to see if update needs to be applied.
    'no need to reinstall the update at each boot.
    'Replace path and file name to check and see if the primary file being updated has been changed or not.
    MSIFileSpec = WshShell.ExpandEnvironmentStrings("%SystemRoot%") & "\System32\Netapi32.dll"
If (fso.FileExists(MSIFileSpec)) Then
CurrentFileVersion = fso.GetFileVersion(MSIFileSpec)
End If
CurrentFileVersion = Replace(CurrentFileVersion, ".", "")
'change version number to reflect the version you are going to install


if ((CurrentFileVersion < 5126003462) and (strOSServicePack="2")) or ((CurrentFileVersion <5126005694) and (strOSServicePack="3")) then
'set path and executable name here for the patch and appropriate switches.
'in this case DSSBinLocation is a network path to the patch location.
CommandLine = DSSBinLocation & "WindowsXP-KB958644-x86-ENU.exe /quiet /nobackup /forceappsclose /warnrestart:60"
WshShell.Run CommandLine, 1, false
end if
end if
set OSSet = nothing
set objWMIService = nothing

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...