Announcement

Collapse
No announcement yet.

Pushing Patches

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Guest's Avatar
    Guest replied
    Re: Pushing Patches

    Try this. Takes an argument of a file with a list of IPs of the machines that need to be patched.

    Change the "localPathToPatches" to indicate a LOCAL path to the patches. (UNCs are not valid).

    Yes...I stole most of this from Microsoft.
    Yes...the patch names MUST match.
    Yes...NT4 boxes MUST have WMI installed.

    ' Patchinstall.vbs
    ' Patch installation script for MS03-026 and MS03-039
    ' (c) Microsoft 2003
    ' v1.03 cl

    on error resume next

    const XP_Patch = "KB824146_WXP_WKS.exe"
    const W2k_Patch = "KB824146_W2k_WKS.exe"
    const W2k3_Patch = "KB824146_2k3_SVR.exe"

    If right(ucase(wscript.FullName),11)="WSCRIPT.EXE" then
    wscript.echo "ERROR: You must run this script using cscript, for example 'cscript " & wscript.scriptname & "'."
    wscript.quit 0
    end if

    ' USAGE
    'if wscript.arguments.count <> 2 Then
    ' wscript.echo "Usage: cscript " & wscript.scriptname & " <IpFile.txt> <LocalPathToPatches>" & vbCrLf & vbCrLf & _
    ' " <LocalPathToPatches> must be a full path of a folder that contains all of these files:" & vbCrLf & _
    ' " " & XP_Patch & vbCrLf & _
    ' " " & W2k_Patch & vbCrLf & _
    ' " " & W2k3_Patch
    ' wscript.quit
    'end if

    ipFile = wscript.arguments(0)
    localPathToPatches = "J:\ntand2~1\patche~1" 'wscript.arguments(1) '

    set onet = createobject("wscript.network")
    set ofs = createobject("scripting.filesystemobject")

    ' Verify that ipfile is accessible.
    set oipFile = ofs.opentextfile(ipFile, 1, false)
    if (Err.Number <> 0) then
    wscript.echo "Cannot open " & ipFile
    wscript.quit
    end if

    ' Make sure to end with a \ character.
    if right(localPathToPatches, 1) <> "" then
    localPathToPatches = localPathToPatches & ""
    end if

    'Note that cim_datafile does not support UNC paths
    'so everything must be handled through mapped drives.
    if left(localPathToPatches, 2) = "\" then
    wscript.echo "<pathToExecutable> cannot be a UNC path, please map a drive locally"
    wscript.quit
    end if

    exeWinXP = ofs.getfile(localPathToPatches + XP_Patch).name
    exeW2k = ofs.getfile(localPathToPatches + W2k_Patch).name
    exeW2k3 = ofs.getfile(localPathToPatches + W2k3_Patch).name

    ' Verify that the patches are accessible.
    if ((len(exeWinXP) = 0) OR (len(exeW2k) = 0) OR (len(exeW2k3) = 0)) then
    wscript.echo "Cannot find patch files."
    wscript.echo "Please verify that the <LocalPathToPatches> folder contains all of these files:" & vbCrLf & _
    " " & XP_Patch & vbCrLf & _
    " " & W2k_Patch & vbCrLf & _
    " " & W2k3_Patch
    wscript.quit
    end if


    set osvcLocal = getobject("winmgmts:root\cimv2")

    'The error-handling code is below the function that may throw one - execute it.
    on error resume next

    while not oipFile.atEndOfStream
    ip = oipFile.ReadLine()
    wscript.echo vbCrLf & "Connecting to " & ip & "..."

    Err.Clear
    set osvcRemote = GetObject("winmgmts:\" & ip & "\root\cimv2")

    if (Err.Number <> 0) then
    wscript.echo "Failed to connect to " & ip & "."
    else

    exeCorrectPatch = detectOSPatch(osvcRemote)
    if (exeCorrectPatch <> "") then
    ' Lay the bits on the remote computer.
    wscript.echo "Installing patch " & exeCorrectPatch & "..."

    onet.mapnetworkdrive "n:", "\" & ip & "\C$"
    set osourceFile = osvcLocal.get("cim_datafile=""" & replace(localPathToPatches, "", "\") & exeCorrectPatch & """")
    ret = osourceFile.Copy("n:\\Patchinst.exe")
    'WScript.Echo Err.Number & " : " & Err.Description
    if (ret <> 0 and ret <> 10) then
    ' Failure detected and failure was not "file already exists."
    wscript.echo "Failed copy to " & ip & " - error: " & ret
    else
    set oprocess = osvcRemote.Get("win32_process")

    ' Start the installation without user interaction, and force a restart after completion.
    ret = oprocess.create("c:\\Patchinst.exe -q -f -z")
    if (ret <> 0) then
    wscript.echo "Failed to start process on " & ip & ": " & ret
    ExplainError(ret)
    else
    ' Get a reference to the file that was copied.
    set odestFile = osvcLocal.get("cim_datafile=""n:\\Patchinst.exe""" )

    ' Wait for the installation to complete.
    for waitTime = 0 to 120 ' Lay and wait--up to two minutes for the installation to complete.
    wscript.Sleep 1000 ' Sleep one second.
    ' Delete temporary file as soon as possible after it is freed.
    if (odestFile.Delete() = 0) then
    exit for
    end if
    next ' Otherwise, loop again and keep waiting...

    wscript.echo "Installation successful."

    end if 'Create process succeeded.
    end if 'Copy succeeded.

    onet.removenetworkdrive "n:", true
    end if ' The script knows which patch to install.
    end if ' Do the next IP address, then the next IP address...
    wend

    oipFile.close()

    'Clean up, remove drive mapping (check this time, because it may not have been mapped).
    if ofs.folderexists("n:") then
    onet.removenetworkdrive "n:", true
    end if

    wscript.echo vbCrLf & "Patching complete. Exiting."
    WScript.Quit

    function detectOSPatch(osvcRemote)

    set oOSInfo = osvcRemote.InstancesOf("Win32_OperatingSystem")
    'Only one instance is ever returned (the currently active OS), even though the following is a foreach.
    for each objOperatingSystem in oOSInfo

    if (objOperatingSystem.OSType <> 18) then
    ' Make sure that this computer is Windows NT-based.
    wscript.echo ip & " is not a Windows XP, Windows 2000, or Windows 2003 Server computer."
    else
    if (objOperatingSystem.Version = "5.0.2195") then
    ' Windows 2000 SP2, SP3, SP4.
    if (objOperatingSystem.ServicePackMajorVersion = 2) or (objOperatingSystem.ServicePackMajorVersion = 3) or (objOperatingSystem.ServicePackMajorVersion = 4) then
    systemType = exeW2k
    end if

    elseif (objOperatingSystem.Version = "5.1.2600") then
    ' Windows XP RTM, SP1.
    if (objOperatingSystem.ServicePackMajorVersion = 0) or (objOperatingSystem.ServicePackMajorVersion = 1) then
    systemType = exeWinXP
    end if

    elseif (objOperatingSystem.Version = "5.2.3790") then
    ' Windows Server 2003 RTM
    if (objOperatingSystem.ServicePackMajorVersion = 0) then
    systemType = exeW2k3
    end if
    end if

    if (systemType = "") then
    'This was a Windows NT-based computer, but not with a valid service pack.
    wscript.echo "Could not patch " & ip & " - unhandled OS version: " & objOperatingSystem.Caption & " SP" & objOperatingSystem.ServicePackMajorVersion & "("& objOperatingSystem.Version & ")"
    end if
    end if

    next

    detectOSPatch = systemType

    end Function

    Sub ExplainError(retCode)
    Select Case retCode
    Case 8
    WScript.Echo "The remote system doesn't have enough disk space to execute this patch. Perform disk maintenance."
    Case 9
    WScript.Echo "The storage control block address is invalid. (Access Denied?)"
    Case Else
    WScript.Echo Err.Description
    End Select
    End Sub

    Also, in this thread, towards the very bottom, is an "individual" patch pushing script.
    http://www.systemtools.com/HyenaBoar...ML/000032.html

    Works a little differently, but has the same effect.

    Hope this helps!

    Joel

    Leave a comment:


  • Jay
    replied
    Re: Pushing Patches

    This is of interest to me as well...

    Leave a comment:


  • cmccullough
    Guest replied
    Re: Pushing Patches

    Since you have an unattended script, you may be able to schedule this using the Scheduled Jobs function. You would schedule it on one computer, then select the computers you want to run this update on, right-click and choose More Functions->Copy Remote Job.

    If this doesn't work, you'd have to use a custom script, and you can find some examples on this board.

    Leave a comment:


  • dadude
    started a topic Pushing Patches

    Pushing Patches

    I have over 500 machines to install Microsofts new RPC patch on. I have the unattend script built, but I am not sure how to get it to push from Hyena. Any suggestions?
Working...
X