I'm trying to create a script on a Flashdrive to run several commands on all of our company computers. In this specific part I'm trying to run commands for AVAST to run a virus scan and do updates at 10 pm. The problem i'm running into is: in order to run these commands I have to navigate to the folder where the Avast software is. Thing is the drive letter might vary per computer.... so I'm not sure if I'm able to use a wildcard or how I would go about this. My current script is:
echo off
cd "$((get-location).drive.name):\Program Files (x86)\Avast Software"
ashupd.exe/vps
ashupd.exe/program
ashcmd.exe/*
pause
This only gets the current drive letter... which would be the flashdrive I'm running the script off of. So that's no good.
I have this little test saved for when I need to trying both 32bit and 64bit paths.
$var = Get-WmiObject win32_operatingsystem
if ($var.osarchitecture -like "64*") {
#64 bit logic here
$path = \path\to\64x\
}
else {
#32 bit logic here
$path = \path\to\86x\
}
Related
So this may be an odd request and maybe I'm going about this all wrong but I also have a unique situation. I have servers that are sometimes cloned and I need to run a script that I created on the clones servers. Due to the nature of the clones they cannot be connected to a network.
Currently I am manually putting the generic script on each server before cloning and then running the script on the clone server.
What I would like to do is have a script that runs and gathers all the information, say installed programs as an example, and generate a custom version of my current script on the servers before they are cloned.
I have both the powershell script that gets the server information and the generic one that makes the changes to the clone but I have not found a way to merge the two or any documentation so I don't know if i am hitting a limitation with this one.
Edit for more explanation and examples. I'm doing this from my phone atm so I dont have an example I can post.
Current I have a script that has a set number of applications to uninstall, registry keys to remove, services to stop ect. In another application I have a list of all the software that we have for each server and I can pull that data for each server. What I need to do is pull the data for each server, and have a script placed on each server that will uninstall just the programs for that server.
Currently the script has to run through every potential software and try to uninstall it and then check the other application to see if there are any additional programs that need to be uninstalled.
Hope this extra info helps.
Thanks.
Stop thinking of it as code.
Use script 1 to export blocks of text into a new file. for example, you might have a configuration that says all Dell servers must have this line of code run:
Set-DELL -attribute1 unmanaged
where on HP, the script would have been
Set-HP -attribute1 unmanaged
on web servers, you want:
set-web -active yes
where if not a web server, you want nothing.. so, your parent script code would look like:
$Dell = "Set-DELL -attribute1 unmanaged"
$HP = "Set-HP -attribute1 unmanaged"
$web = "set-web -active yes"
if (Get-servermake -eq "Dell")
{
$dell | out-file Child.ps1 -append
}
if (Get-servermake -eq "HP")
{
$HP | out-file Child.ps1 -append
}
if (Get-webserver -eq $true)
{
$web | out-file Child.ps1 -append
}
The result is a customized script for the specific server, child.ps1.
Now, you can take this and run with it. You could say add functionality to the child script like "Is it an AD controller", etc.
However, you might be better off having all of this in a single script, and just block off sections that don't apply in an if statement for example.
I'm still not totally sure I understand what your asking. If I've missed the mark, tell me how, and I'll tell you how to tweak this better. (And hopefully obvious is that the Get-whatever is sample code. I don't expect that to be what your using to determine a computer make/model/etc)
I have been tasked with compiling a list which contains the version and last successful auto update for all the machines on the domain.
I understand this would be much easier if I used the Sophos enterprise console but unfortunately this is not a resource that is available to me at this time.
So far I have created a PowerShell script which currently gives me back the current Sophos version, computer name, and the exe file. However I am now struggling to find a way to also display the date and time of the last successful auto update. the domain is set up to auto update every 10 minuets.
PowerShell Script :
function Get-AntiVirusProduct {
[CmdletBinding()]
param (
[parameter(ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)]
[Alias('name')]
$computername=$env:computername
)
$AntiVirusProduct = Get-WmiObject -Namespace "root\SecurityCenter2" -Class AntiVirusProduct -ComputerName $computername
#Create hash-table for each computer
$ht = #{}
$ht.'Computername' = $computername
$ht.Name = $AntiVirusProduct.displayName
$ht.'Product Executable' = $AntiVirusProduct.pathToSignedProductExe
$ht.'Version' = [System.Diagnostics.FileVersionInfo]::GetVersionInfo ("C:\Program Files (x86)\Sophos\AutoUpdate\ALUpdate.exe").FileVersion
#Create a new object for each computer
New-Object -TypeName PSObject -Property $ht
}
Get-AntiVirusProduct
I have done some research and seen where a K100 script has been used to query the auto update file but I am not sure if this would be applicable for my solution.
FileExists(C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe) AND ShellCommandTextReturn(cmd /q /c powershell.exe -command "$f=[DATETIME] '01/01/1970 00:00:00'; $f.AddSeconds((Get-ItemProperty -Path 'REGISTRY::HKLM\SOFTWARE\Sophos\AutoUpdate\UpdateStatus' LastUpdateTime).LastUpdateTime) | ForEach-Object {'{0:yyyy}-{0:MM}-{0:dd} {0:HH}:{0:mm}:{0:ss}' -f ($_.AddHours(-0))}")
The module which the update runs to is ALUpdate.exe
would appreciate any help or suggestions.
Sophos Bootable Anti-Virus (SBAV) is an antivirus tool that will allow you to perform scanning and cleaning of the infected computer without the need to install the software. This procedure will be useful when the Master Boot Record (MBR) is infected on your computer.
The Sophos Bootable Antivirus is provided for free as a Windows binary file .exe file. You can download the program to the Windows computer and then install it. Once the installation is done, you have to run a command. The program will now create an ISO file with the latest version of the Sophos Antivirus including the recent virus protection updates. The tool will boot the computer using the underlying Linux operating system and performs a scan of the computer by suppressing the local operating system.
There are practically two different methods in which you can create the Sophos Bootable Antivirus:
By using a Bootable CD
By using a Bootable USB stick
Creating a bootable CD
Double-click on the bootable downloaded sbav_sfx file.
Click Accept to the License agreement and later on specify the installation location (default location is C:\SBAV). Take note of the specified location.
Open the command prompt.
You can open the Run command by pressing the Windows + R button on the keyboard.
Type cmd then press the Enter button.
I'm verry beginer in powershell, I'm wonking in a project, the goal it's to set the Biossetting like disabling or enabling the secureBoot and UEFI mode, while installing windows 7 or 10 by MDT.
I'm working with Dell and hp computer, I have the script for setting the bios of hp or dell
Hp:
$bios=Get-WmiObject -Namespace root/hp/instrumentedBIOS -Class HP_BIOSSettingInterface
$bios.SetBIOSSetting("UEFI Boot Options", "Enable","")
Dell:
(Get-WmiObject DCIM_BIOSService -namespace root\dcim\sysman -ComputerName .).SetBIOSAttributes($null,$null,"Secure Boot","1")
Then, my first problem these command is not working in any computer I need to install some modules, some cmdlet from hp or dell website, I want to know if make my script ".exe", it's gonna work in every-computer ?
Because I need to run my script with with deployement of windows.
My second and difficult task, I want to know with variable task sequence to use in my script, to detect the os of the tasksequence, I find this code in internet, after too much research in internet
$TaskPath = "$($MdtDrive):\Task Sequences"
$ControlPath = "$MDtroot\Control"
$OSPath = "$($MdtDrive):\Operating Systems"
$OS = (Get-ChildItem -Path $OSPath | Out-GridView -PassThru -Title "Select required OperatingSystem").Name
This code detect if the OS of the task sequence I want install in my computer is windos 7 or windows 10?
Thanks !
If I recall correctly from my days of systems deployment, Dell and HP both make dedicated tools for settigns BIOS configuration. Just make sure you run it in WinPE. Depending on which BIOS settings you change you make even have to boot WinPE twice to make sure the OS installs the way you want.
Dell: http://en.community.dell.com/techcenter/enterprise-client/w/wiki/7532.dell-command-configure
HP: https://deploymentbunny.com/2010/10/18/enable-tpm-via-task-sequence-on-hp-boxes/
Although it is definitely possible to make these settings in WMI I would only look to it as a last resort. Windows has to be compatible with every piece of hardware, whereas Dell/HP tools are targeted at their systems. It's like using a scalpel vs a Swiss army knife.
I have some difficults I’m working in a script who set the bios configuration while installing windows 7 or 10 by MDT, then my first question is:
Wich variable I can use to identify the os of the new task sequence I mean the current os the mdt preparing to install in the computer after the user select the os during the installation.
I’m wondering if this code doying the job
$OS = Get-ChildItem -Path $OSPath | Out-GridView -PassThru -Title “Select required OperatingSystem”
$OSPath = “$($MdtDrive):\Operating Systems”
I've made a script to automatically change and/or create the default Outlook signature of all the employees in my company.
Technically, it gets the environment variable username where the script is deployed, access to the staff database to get some information regarding this user, then create the 3 different files for the signature by replacing values inside linked docx templates. Quite easy and logical.
After different tests, it is working correctly when you launch the script directly on a computer, either by using Powershell ISE, directly by the CMD or in Visual Studio. But when we tried to deploy it, like it will be, by using SCCM, it can't get any environment variable.
Do any of you have an idea about how to get environment variables in a script when it is deployed by SCCM ?
Here is what I've already tried :
$Name = [Environment]::UserName
$EnvVarUserName = Get-Item Env:\USERNAME
Even stuff like this :
$proc = gwmi win32_process -Filter "Name = 'explorer.exe'"
$report = #()
ForEach ($p in $proc)
{
$temp = "" | Select User
$temp.user = ($p.GetOwner()).User
$report += $temp
}
Thanks in advance and have a nice day y'all !
[EDIT]:
I've found a way of doing this, not the best one, but it works. I get the name of the machine, check the DB where when a laptop is connected to our network it stores the user id and the machine, then get the info in the staff DB.
I will still check for Matt's idea which is pretty interesting and, in a way, more accurate.
Thank you all !
How are you calling the environmental variable? $Env:computernamehas worked for me in scripts pushed out via SCCM before.
Why don't you enumerate the "%SystemDrive%\Users" folder, exclude certain built-in accounts, and handle them all in one batch?
To use the UserName environment variable the script would have to run as the logged-in user, which also implies that all of your users have at least read access to your staff database, which, at least in our environment, would be a big no-no.
We have a program running on about 400 PCs (All W7). This program is called Wisa.
We receive regular updates for this program, named something like wisa_update1.0.exe, wisa_update1.1.exe, wisa_update2.0.exe, etc. The users can not do the update themself due to account restrictions.
We manage to do the update once and distribute it with a copy-item to all PCs. Then with Enter-PSSession I can go to each PC and update the program with the following command:
wisa_update3.0 /verysilent
(with the argument /verysilent no questions are asked)
This is already a major gain in time, but I want to do the update more automatically.
I have a file "pc.txt" with all 400 PCs in it. I use this file already for the Copy-Item via Get-Content. Now I want to use this file to do the updates with the above command, but I can't find a good way to use a remote executable with a parameter in PowerShell.
What you want to do is load get-content -Path $PClist and then run your script actions in a foreach. You'll want to adapt this example to your own script:
$PClist = 'c:\pc.txt'
$aComputers = Get-Content -Path $PClist
foreach ($Computer in $aComputers)
{
code actions to perform
}
Also you can use multithreading and get it over with fraction of time (provided you have a good machine). The below mentioned link explains how to do it well.
http://www.get-blog.com/?p=22