Archive - November 2012

"Work spares us from three evils: boredom, vice, and need." - Voltaire

Index

Adobe Photoshop CS5 Silent Installation
Installing Media Player
Adobe Acrobat Pro XI Silent Installation
Quicktime 7.73.80.64 Silent Installation
Remotely Set Permissions
Uninstall Old VLC
Display Computer Status - GUI PowerShell

SNMP Script Engine
Using Imagew.exe
Simple WinPE Boot.wim Editing
A required privilege is not held by the client.
PMDump

Δ Friday, November 30th, 2012

Δ Adobe Photoshop CS5 Silent Installation

How to install photoshop silently - not using adobe admin tool

[download resource files]

Demo

So, everyone knows how difficult deploying Photoshop to your enterprise can be. It really
makes me wonder what the heck is Adobe thinking. I like how their admin tool never
works right for their CS products. Okay, for CS5, and not using the admin tool, here is
the deployment solution that works. I use their .XML file with the override.xml
(contains your custom settings).

@Echo on
title Administrative Installation by Eddie Jackson
color 0a
set CurDir=%cd%

set UserN=%username%

if [%UserN%] EQU [] set UserN=landesk
if [%UserN%] EQU %computername% set UserN=landesk

REM STOP WINDOWS UPDATE SERVICE
%windir%\system32\net.exe stop wuauserv

REM CLEARS PENDING REQUESTS
%windir%\system32\REG.exe DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /f
%windir%\system32\REG.exe DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet1\Control\Session Manager" /v "PendingFileRenameOperations" /f
%windir%\system32\REG.exe DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet2\Control\Session Manager" /v "PendingFileRenameOperations" /f
%windir%\system32\REG.exe DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet3\Control\Session Manager" /v "PendingFileRenameOperations" /f

REM CREATE EVENT LOG
%windir%\system32\EVENTCREATE.exe /T INFORMATION /ID 777 /d "Software Packaging Engineer: Adobe Photoshop CS5 Extended 12.0.0.0 package installation STARTED by %UserN%"

REM EXRACT SOURCE FILES
"%CurDir%\SetupFiles.exe"

REM VISTA/WIN 7 INSTALLS
if exist C:\Users\Public (
"%CurDir%\set-up.exe" --mode=Silent --deploymentFile="%CurDir%\en_US_Deployment_7.xml" --overrideFile="%CurDir%\application.xml.override"
goto :END
)

REM XP INSTALLS
"%CurDir%\set-up.exe" --mode=Silent --deploymentFile="%CurDir%\en_US_Deployment_XP.xml" --overrideFile="%CurDir%\application.xml.override"
goto :END

:END
REM REG STAMP - used to run landesk queries
if exist "C:\Program Files\LANDesk\" %windir%\system32\REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\YOURSOFTWARE\Adobe\Photoshop\12.0.0.0" /v InstallDate /d "%date% %time%" /t REG_SZ /f
if exist "C:\Program Files\LANDesk\" %windir%\system32\REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\YOURSOFTWARE\Adobe\Photoshop\12.0.0.0" /v InstalledBy /d "%UserN%" /t REG_SZ /f

if exist "C:\Program Files (x86)\LANDesk\" %windir%\system32\REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\YOURSOFTWARE\Adobe\Photoshop\12.0.0.0" /v InstallDate /d "%date% %time%" /t REG_SZ /f
if exist "C:\Program Files (x86)\LANDesk\" %windir%\system32\REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\YOURSOFTWARE\Adobe\Photoshop\12.0.0.0" /v InstalledBy /d "%UserN%" /t REG_SZ /f

REM CREATE EVENT LOG
%windir%\system32\EVENTCREATE.exe /T INFORMATION /ID 777 /d "Software Packaging Engineer: Adobe Photoshop CS5 Extended 12.0.0.0 package installation COMPLETED!"
exit /b 0

Δ [email me]

Δ Wednesday, November 28th, 2012

Δ Installing Media Player

How to install media player silently

[download resource files]

This is just a simple command that can be added to your scripts.

Δ [email me]

Δ Monday, November 26th, 2012

Δ Adobe Acrobat Pro XI Silent Installation

How to install the latest adobe pro using a transform file

[download resource files]

Step 1 - Download/install CustWiz11000_en_US.exe.
Step 2 - Create a custom mst with all your settings.
Step 3 - Create your own simple script for installation.

Δ [email me]

Δ Friday, November 23rd, 2012

Δ Quicktime 7.73.80.64 Silent Installation

How to install apple quicktime silently

[download resource files]

You can download the main install from Apple. Click it to begin installation. STOP. Go look in
the %temp% folder to retrieve the individual MSIs you see in the script below.

Δ [email me]

Δ Thursday, November 22nd, 2012

Δ Remotely Set Permissions

How to remotely apply permissions using cacls and xcacls

[download resource files]

This task came to me because we had many machines in the enterprise that needed one
particular folder's permissions modified. Depending on whether you're running this from
a XP or Win7 machine...you may have to make minor adjustments to the script. But,
this was tested and working from WinXP.

@Echo off
cls
@rem ****************************************************************************
@rem Script Language: Shell
@rem Script Name: _Engine.cmd
@rem Purpose: To change permissions on a specific folder for remote computers
@rem          This script will cycle through a workstation list
@rem Creation Date: 11/29/2012
@rem Last Modified: 
@rem Directions:  add computer names to computers.txt
@rem              set user
@rem              set permission(s)
@rem              set path
@rem              launch _Engine.cmd  
@rem Author: Eddie Jackson
@rem Email: MrNetTek2000@yahoo.com
@rem ****************************************************************************

@Echo off
Title Administrative Permission Engine
color 0a
Setlocal EnableDelayedExpansion

REM EXTERNAL VARIABLES
REM SET YOUR PERMISSIONS

REM SET YOUR PATH TO APPLY THE PERMISSIONS TO
Set PATH01=C$\Program Files\YourProgramName
rem example: c$\program files\myfolder\

set USER=everyone
rem example:users, administrator, everyone

set PERM=RWM
rem example: M or MRW

rem F  Full control
rem M  Modify
rem X  read and eXecute
rem R  Read
rem W  Write

REM INTERNAL VARIABLES - do not edit below this line
REM ----------------------------------------------------------------------------

REM ENTER NAME OF COMPUTER TEXT FILE
Set PCList=computers.txt

Set CurDir=%CD%

md logs

REM CREATES DATE AND TIME TIMESTAMP
rem sets a static timestamp
for /F "tokens=2-4 delims=/- " %%p in ('date/T') do set mdate=%%r%%p%%q
for /F "tokens=1-2 delims=:- " %%p in ('time/T') do set mtime=%%p%%q
Set ReportN=%mdate%_%mtime%.txt

REM PROGRAM ROUTINE
:CYCLE
for /f "tokens=* delims= " %%a in (%PCList%) do (

REM sets dynamic timestamp
FOR /F "TOKENS=*" %%B IN ('DATE/T') DO SET NowD=%%B
FOR /F "TOKENS=*" %%A IN ('TIME/T') DO SET NowT=%%A

cls
echo Loading workstation name...
ping %%a | find "Reply" > nul
if errorlevel 1 (echo !NowD! !NowT! %%a, OFFLINE >> "logs\%ReportN%"
) else ( 
echo !NowD! !NowT! %%a, %PATH01%, %USER%:%PERM%, ONLINE >> "logs\%ReportN%"
cls
echo Found %%a...
echo.
echo Applying %USER%:%PERM% to %PATH01%
%windir%\system32\ping.exe -n 2 127.0.0.1>nul

rem IF YOU RUN THIS SCRIPT FROM A XP MACHINE
if not exist c:\users\public cscript.exe "%CurDir%\XCACLS.vbs" \\%%a\"%PATH01%"\ /G %USER%:%PERM% /e
echo.

rem XCACLS.vbs does not work/it's untested in Win7 - use icacls instead
rem IF RUN THIS SCRIPT FROM A WIN7 MACHINE
rem icacls \\%%a\\"%PATH01%" /reset /t
if exist c:\users\public icacls \\%%a\\"%PATH01%" /T /C /GRANT:r %USER%:%PERM%

)
)

pause
endlocal
exit /b 0

Δ [email me]

Δ Monday, November 19th, 2012

Δ Uninstall Old VLC

How to uninstall an older version of vlc

[download resource files]

Simple script to that shows you how to use the vlc uninstall.exe and GUID to remove VLC.

Δ [email me]

Δ Thursday, November 15th, 2012

Δ Display Computer Status in GUI using PowerShell

How to use powershell to create a gui and return info

[download resource files]

PowerShell isn't known for its GUIs just yet. But this allows you to see the returned computer
info in a GUI window. Pretty nice. Don't forget to Set-ExecutionPolicy RemoteSigned.

Param ([switch]$NoWarning,[switch]$Debug) If ($Debug) { #enable debug messages if -debug is specified $debugPreference="Continue" } If ($NoWarning) { #turn off warning messages $WarningPreference="SilentlyContinue" } function Ping-Host { Param([string]$computername=$(Throw "You must specify a computername.")) Write-Debug "In Ping-Host function" $query="Select * from Win32_PingStatus where address='$computername'" $wmi=Get-WmiObject -query $query write $wmi } function Get-OS { Param([string]$computername=$(Throw "You must specify a computername.")) Write-Debug "In Get-OS Function" $wmi=Get-WmiObject Win32_OperatingSystem -computername $computername -ea stop write $wmi } #Generated Form Function function GenerateForm { #region Import the Assemblies Write-Debug "Loading Assemblies" [reflection.assembly]::loadwithpartialname("System.Drawing") | Out-Null [reflection.assembly]::loadwithpartialname("System.Windows.Forms") | Out-Null #endregion #region Generated Form Objects Write-Debug "Creating form objects" $form1 = New-Object System.Windows.Forms.Form $lblRefreshInterval = New-Object System.Windows.Forms.Label $numInterval = New-Object System.Windows.Forms.NumericUpDown $btnQuit = New-Object System.Windows.Forms.Button $btnGo = New-Object System.Windows.Forms.Button $dataGridView = New-Object System.Windows.Forms.DataGridView $label2 = New-Object System.Windows.Forms.Label $statusBar = New-Object System.Windows.Forms.StatusBar $txtComputerList = New-Object System.Windows.Forms.TextBox $timer1 = New-Object System.Windows.Forms.Timer #endregion Generated Form Objects #---------------------------------------------- #Generated Event Script Blocks #---------------------------------------------- $LaunchCompMgmt= { #only launch computer management if a cell in the Computername #column was selected. $c=$dataGridView.CurrentCell.columnindex $colHeader=$dataGridView.columns[$c].name if ($colHeader -eq "Computername") { $computer=$dataGridView.CurrentCell.Value Write-Debug ("Launch computer management for {0}" -f $computer.toUpper()) compmgmt.msc /computer:$computer } } #end Launch Computer Management script block $GetStatus= { Trap { Write-Debug "Error trapped in GetStatus script block" Write-Warning $_.Exception.message Continue } #stop the timer while data is refreshed Write-Debug "Stop the timer" $timer1.stop() Write-Debug ("Getting content from {0}" -f $txtComputerlist.Text) if ($computers) {Clear-Variable computers} #clear the table $dataGridView.DataSource=$Null $computers=Get-Content $txtComputerList.Text -ea stop | sort if ($computers) { $statusBar.Text = ("Querying computers from {0}" -f $txtComputerList.Text) $form1.Refresh #create an array for griddata Write-Debug "Create `$griddata" $griddata=@() #create a custom object foreach ($computer in $computers) { Write-Debug "Pinging $computer" $statusBar.Text=("Pinging {0}" -f $computer.toUpper()) Write-Debug "Creating `$obj" $obj=New-Object PSobject Write-Debug "Adding Computername property" $obj | Add-Member Noteproperty Computername $computer.ToUpper() #ping the computer if ($pingResult) { #clear PingResult if it has a left over value Clear-Variable pingResult } $pingResult=Ping-Host $computer Write-Debug "Pinged status code is $($pingResult.Statuscode)" if ($pingResult.StatusCode -eq 0) { $obj | Add-Member Noteproperty Pinged "Yes" Write-Debug "Adding $($pingresult.ProtocolAddress)" $obj | Add-Member Noteproperty IP $pingResult.ProtocolAddress #get remaining information via WMI Trap { #define a trap to handle any WMI errors Write-Warning ("There was a problem with {0}" -f $computer.toUpper()) Write-Warning $_.Exception.GetType().FullName Write-Warning $_.Exception.message Continue } if ($os) { #clear OS if it has a left over value Clear-Variable os } $os=Get-OS $computer if ($os) { $lastboot=$os.ConvertToDateTime($os.lastbootuptime) Write-Debug "Adding $lastboot" $uptime=((get-date) - ($os.ConvertToDateTime($os.lastbootuptime))).tostring() Write-Debug "Adding $uptime" $osname=$os.Caption Write-Debug "Adding $osname" $servicepack=$os.CSDVersion Write-Debug "Adding $servicepack" $obj | Add-Member Noteproperty OS $osname $obj | Add-Member Noteproperty ServicePack $servicepack $obj | Add-Member Noteproperty Uptime $uptime $obj | Add-Member Noteproperty LastBoot $lastboot } else { Write-Debug "Setting properties to N/A" $obj | Add-Member Noteproperty OS "N/A" $obj | Add-Member Noteproperty ServicePack "N/A" $obj | Add-Member Noteproperty Uptime "N/A" $obj | Add-Member Noteproperty LastBoot "N/A" } } else { Write-Debug "Ping failed" Write-Debug "Setting properties to N/A" $obj | Add-Member Noteproperty Pinged "No" $obj | Add-Member Noteproperty IP "N/A" $obj | Add-Member Noteproperty OS "N/A" $obj | Add-Member Noteproperty ServicePack "N/A" $obj | Add-Member Noteproperty Uptime "N/A" $obj | Add-Member Noteproperty LastBoot "N/A" } #Add the object to griddata Write-Debug "Adding `$obj to `$griddata" $griddata+=$obj } #end foreach Write-Debug "Creating ArrayList" $array= New-Object System.Collections.ArrayList Write-Debug "Adding `$griddata to `$arry" $array.AddRange($griddata) $DataGridView.DataSource = $array #find unpingable computer rows Write-Debug "Searching for non-pingable computers" $c=$dataGridView.RowCount for ($x=0;$x -lt $c;$x++) { for ($y=0;$y -lt $dataGridView.Rows[$x].Cells.Count;$y++) { $value = $dataGridView.Rows[$x].Cells[$y].Value if ($value -eq "No") { #if Pinged cell = No change the row font color Write-Debug "Changing color on row $x" $dataGridView.rows[$x].DefaultCellStyle.Forecolor=[System.Drawing.Color]::FromArgb(255,255,0,0) } } } Write-Debug "Setting status bar text" $statusBar.Text=("Ready. Last updated {0}" -f (Get-Date)) } else { Write-Debug "Setting status bar text" $statusBar.Text=("Failed to find {0}" -f $txtComputerList.text) } #set the timer interval $interval=$numInterval.value -as [int] Write-Debug "Interval is $interval" #interval must be in milliseconds $timer1.Interval = ($interval * 60000) #1 minute time interval Write-Debug ("Timer interval calculated at {0} milliseconds" -f $timer1.Interval ) #start the timer Write-Debug "Starting timer" $timer1.Start() Write-Debug "Refresh form" $form1.Refresh() } #End GetStatus scriptblock $Quit= { Write-Debug "closing the form" $form1.Close() } #End Quit scriptblock #---------------------------------------------- #region Generated Form Code $form1.Name = 'form1' $form1.Text = 'Display Computer Status' $form1.DataBindings.DefaultDataSourceUpdateMode = 0 $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 890 $System_Drawing_Size.Height = 359 $form1.ClientSize = $System_Drawing_Size $form1.StartPosition = 1 $form1.BackColor = [System.Drawing.Color]::FromArgb(255,185,209,234) $lblRefreshInterval.Text = 'Refresh Interval (min)' $lblRefreshInterval.DataBindings.DefaultDataSourceUpdateMode = 0 $lblRefreshInterval.TabIndex = 10 $lblRefreshInterval.TextAlign = 64 #$lblRefreshInterval.Anchor = 9 $lblRefreshInterval.Name = 'lblRefreshInterval' $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 128 $System_Drawing_Size.Height = 23 $lblRefreshInterval.Size = $System_Drawing_Size $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 440 $System_Drawing_Point.Y = 28 $lblRefreshInterval.Location = $System_Drawing_Point $form1.Controls.Add($lblRefreshInterval) #$numInterval.Anchor = 9 $numInterval.DataBindings.DefaultDataSourceUpdateMode = 0 $numInterval.Name = 'numInterval' $numInterval.Value = 10 $numInterval.TabIndex = 9 $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 51 $System_Drawing_Size.Height = 20 $numInterval.Size = $System_Drawing_Size $numInterval.Maximum = 60 $numInterval.Minimum = 1 $numInterval.Increment = 2 $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 575 $System_Drawing_Point.Y = 30 $numInterval.Location = $System_Drawing_Point # $numInterval.add_ValueChanged($GetStatus) $form1.Controls.Add($numInterval) $btnQuit.UseVisualStyleBackColor = $True $btnQuit.Text = 'Close' $btnQuit.DataBindings.DefaultDataSourceUpdateMode = 0 $btnQuit.TabIndex = 2 $btnQuit.Name = 'btnQuit' $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 75 $System_Drawing_Size.Height = 23 $btnQuit.Size = $System_Drawing_Size #$btnQuit.Anchor = 9 $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 341 $System_Drawing_Point.Y = 30 $btnQuit.Location = $System_Drawing_Point $btnQuit.add_Click($Quit) $form1.Controls.Add($btnQuit) $btnGo.UseVisualStyleBackColor = $True $btnGo.Text = 'Get Status' $btnGo.DataBindings.DefaultDataSourceUpdateMode = 0 $btnGo.TabIndex = 1 $btnGo.Name = 'btnGo' $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 75 $System_Drawing_Size.Height = 23 $btnGo.Size = $System_Drawing_Size #$btnGo.Anchor = 9 $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 233 $System_Drawing_Point.Y = 31 $btnGo.Location = $System_Drawing_Point $btnGo.add_Click($GetStatus) $form1.Controls.Add($btnGo) $dataGridView.RowTemplate.DefaultCellStyle.ForeColor = [System.Drawing.Color]::FromArgb(255,0,128,0) $dataGridView.Name = 'dataGridView' $dataGridView.DataBindings.DefaultDataSourceUpdateMode = 0 $dataGridView.ReadOnly = $True $dataGridView.AllowUserToDeleteRows = $False $dataGridView.RowHeadersVisible = $False $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 870 $System_Drawing_Size.Height = 260 $dataGridView.Size = $System_Drawing_Size $dataGridView.TabIndex = 8 $dataGridView.Anchor = 15 $dataGridView.AutoSizeColumnsMode = 16 $dataGridView.AllowUserToAddRows = $False $dataGridView.ColumnHeadersHeightSizeMode = 2 $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 13 $System_Drawing_Point.Y = 70 $dataGridView.Location = $System_Drawing_Point $dataGridView.AllowUserToOrderColumns = $True $dataGridView.add_CellContentDoubleClick($LaunchCompMgmt) #$dataGridView.AutoResizeColumns([System.Windows.Forms.DataGridViewAutoSizeColumnsMode.AllCells]::AllCells) #$DataGridViewAutoSizeColumnsMode.AllCells $form1.Controls.Add($dataGridView) $label2.Text = 'Enter the name and path of a text file with your list of computer names: (One name per line)' $label2.DataBindings.DefaultDataSourceUpdateMode = 0 $label2.TabIndex = 7 $label2.Name = 'label2' $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 490 $System_Drawing_Size.Height = 23 $label2.Size = $System_Drawing_Size $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 12 $System_Drawing_Point.Y = 7 $label2.Location = $System_Drawing_Point $form1.Controls.Add($label2) $statusBar.Name = 'statusBar' $statusBar.DataBindings.DefaultDataSourceUpdateMode = 0 $statusBar.TabIndex = 4 $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 428 $System_Drawing_Size.Height = 22 $statusBar.Size = $System_Drawing_Size $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 0 $System_Drawing_Point.Y = 337 $statusBar.Location = $System_Drawing_Point $statusBar.Text = 'Ready' $form1.Controls.Add($statusBar) $txtComputerList.Text = 'c:\computers.txt' $txtComputerList.Name = 'txtComputerList' $txtComputerList.TabIndex = 0 $System_Drawing_Size = New-Object System.Drawing.Size $System_Drawing_Size.Width = 198 $System_Drawing_Size.Height = 20 $txtComputerList.Size = $System_Drawing_Size $System_Drawing_Point = New-Object System.Drawing.Point $System_Drawing_Point.X = 13 $System_Drawing_Point.Y = 33 $txtComputerList.Location = $System_Drawing_Point $txtComputerList.DataBindings.DefaultDataSourceUpdateMode = 0 $form1.Controls.Add($txtComputerList) #endregion Generated Form Code Write-Debug "Adding script block to timer" #add the script block to execute when the timer interval expires $timer1.add_Tick($GetStatus) #Show the Form Write-Debug "ShowDialog()" $form1.ShowDialog()| Out-Null } #End Function #Call the Function Write-Debug "Call GenerateForm" GenerateForm

Δ [email me]

Δ Wednesday, November 14th, 2012

Δ SNMP Script Engine

How to apply your snmp package to a list of computers

[download resource files]

This is yet another one of my script engines. It was created to deploy the snmp package that updates snmp
information on servers.

:: **************************************************************************
:: Script Language:  Shell
:: Script Name: _Script_Engine.cmd
:: Purpose: To be used to install update SNMP settings to servers
:: Creation Date: 12/05/12
:: Last Modified: 
:: Directions: add server names to computers.txt file 
::             double-click the _Script_Engine.cmd
:: Author: Eddie Jackson
:: Email: MrNetTek2000@yahoo.com
:: **************************************************************************

@echo off

color 0a
@title Script Engine - SNMP Update
set CurDir=%cd%

setLocal EnableDelayedExpansion

REM ENTER NAME OF COMPUTER TEXT FILE
Set PCList=computers.txt

for /f "tokens=* delims= " %%a in (%PCList%) do (

REM sets dynamic timestamp
FOR /F "TOKENS=*" %%B IN ('DATE/T') DO SET NowD=%%B
FOR /F "TOKENS=*" %%A IN ('TIME/T') DO SET NowT=%%A

cls
echo Workstation being tested: %%a
c:\windows\System32\ping.exe %%a | find "Reply" > nul
if errorlevel 1 (echo !NowD! !NowT!, %%a, OFFLINE >> "logs\%ReportN%" & echo %%a OFFLINE & echo.
) else (
cls
echo Copying files to server...
copy /y /v  "%CurDir%\mycommand.cmd" \\%%a\c$\windows\system32
copy /y /v  "%CurDir%\snmp_config_3.0.0.0.exe" \\%%a\c$\windows\system32
ping.exe -n 4 127.0.0.1>nul
cls
echo Updating SNMP settings on %%a...
"%CurDir%\psexec.exe" /accepteula \\%%a mycommand.cmd
echo !NowD! !NowT!, %%a, ONLINE >> "logs\%ReportN%" & echo %%a ONLINE & echo.
)
)

@echo on
pause
exit /b 0

Δ [email me]

Δ Tuesday, November 13th, 2012

Δ Using Imagew.exe

How to use imagew in your imaging

See this document link.

ImageW is a 32/64 bit imaging tool from Terabyte Unlimited licensed through Landesk.
ImageW is a program for creating and restoring images of partitions or disks. Under the
licensing through Landesk, it can be used both within Landesk or outside of Landesk and
is therefor a great alternative to Norton Ghost.

vendor site manual at Landesk

Δ [email me]

Δ Moday, November 5th, 2012

Δ Simple WinPE Boot.wim Editing

How to make the winpe/boot.wim process easier

Demo
picture

Using WinPE hard? Too hard to understand? Not anymore. I have streamlined the process
putting the steps into scripts. If you need any help, just email me. mrnettek2000@yahoo.com

mySetupFiles.exe - c:\imaging files from WAIK

How to Backup C:\ to a WIM
imagex.exe /capture c: d:\install.wim "Win 7 image" /compress fast /verify

How to Restore C:\ from a WIM
imagex.exe /apply d:\image.wim 1 c:\

Step 0 - Do this first
install waik from Microsoft
extract MySetupFiles.exe (it will extract to c:\imaging)

Step 1 - Do this only once to move over the default WIM
REM NOTE: YOU ONLY NEED TO DO THIS ONCE AND THEN USE STEPS 2-4 FROM NOW ON.

rem this copies the default winpe wim to be burned
rem this is not your custom wim
rem once this has been copied, then customize it
copy C:\imaging\winpe_x86\winpe.wim C:\imaging\wim\boot.wim

Step 2 - Do this to mount the WIM and then customize it
rem this will mount the wim to be customized
rem you can customize it in the mounted_wim folder
"C:\imaging\tools\imagex.exe" /mountrw "C:\imaging\wim\boot.wim" 1 "c:\imaging\mounted_wim"

Step 3 - Unmount and Commit your changes
"C:\imaging\tools\imagex.exe" /unmount /commit "C:\imaging\mounted_wim"

Step 4
rem copies your custom wim to the ISO folder
copy C:\imaging\wim\boot.wim C:\imaging\ISO\SOURCES\boot.wim

rem creates an iso.  Note where the iso is being created
rem once the iso has been created, use something like Roxio to burn image to CD
"%cd%\oscdimg.exe" -n -bC:\imaging\winpe_x86\boot\etfsboot.com C:\imaging\ISO C:\imaging\winpe_x86.iso

Create a bootable USB Drive
Format the USB drive. At a command prompt, execute the following commands:

1. diskpart - this will show the known drives on your PC. Make note of the drive number representing your USB drive.

2. select disk <#> where # is the USB drive discovered above.

3. clean

4. create partition primary

5. select partition 1

6. active

7. format fs=fat32 or NTFS (I use NTFS, which has to be done from a Vista box or boot DVD due to diskpart version)

8. assign

9. exit

Copy the contents of your ISO folder to the newly formated USB Drive

How to install VBScript, HTA, Scripting to your Boot.wim

rem unmount
"C:\imaging\tools\imagex.exe" /unmount /commit "C:\imaging\mounted_wim"

rem mount
"C:\imaging\tools\imagex.exe" /mountrw "C:\imaging\wim\boot.wim" 1 "c:\imaging\mounted_wim"

rem add scripting
C:\imaging\ISO\SERVICING\dism.exe /image:C:\imaging\mounted_wim /Add-Package /PackagePath:"C:\imaging\winpe_x86\WinPE_FPs\winpe-wmi.cab"
C:\imaging\ISO\SERVICING\dism.exe /image:C:\imaging\mounted_wim /Add-Package /PackagePath:"C:\imaging\winpe_x86\WinPE_FPs\winpe-scripting.cab"

rem unmount
"C:\imaging\tools\imagex.exe" /unmount /commit "C:\imaging\mounted_wim"
pause

rem other component names
rem winpe-hta.cab
rem winpe-mdac.cab
rem winpe-wds-tools.cab
rem winpe-pppoe.cab
rem winpe-setup-server.cab
rem winpe-setup-client.cab
rem winpe-setup.cab
rem winpe-legacysetup.cab

Δ [email me]

Δ Friday, November 2nd, 2012

Δ A required privilege is not held by the client.

How to fix the inability to mount wims

Demo
boot wim mount error fix

OK, so it looks like MDT is having trouble mounting the Window PE image from the WAIK.
MDT using ImageX to do this, so I figure this was a good place to start. Or, you're just having
trouble mounting the WIM in general.

Opening the Command Prompt and attempting to mount an image using ImageX.

I used the following command:

ImageX.exe /mount ..\PETools\x86\winpe.wim 1 c:\Mount

As you can see (from the image above), the results weren’t fantastic, ImageX was unable to mount and
WIM file, reporting this error:

A required privilege is not held by the client.

Δ [email me]

Δ Thursday, November 1st, 2012

Δ PMDump

How to use pmdump

[download resource files]

Automating PMDump with VBScript "PMDump is a tool that let's you dump the memory contents
of a process to a file without stopping the process." By taking a snapshot of a running process,
PMDump allows us to evaluate the memory contents of any particular process. This becomes
especially useful when dealing with malware or code that injects itself into a running process
rather than creating filesystem residue. If little is known about the machine it's probably best
to grab all the volatile information that you can. In this case dumping all PIDs. PMDump has
the ability to display running processes and to dump a single a PID, so in order to this we turn
to scripting. I'm using VBScript only because of how widespread it is. Modifying what's installed
on the box simply isn't an option when performing a live response. Depending on your
environment, a language like Perl, Ruby, or Python might be better suited.

So let's automate!

computer = "."
Set shell = CreateObject("wscript.Shell")
set objWMI = GetObject("winmgmts:\\" & computer & "\root\cimv2")
set processes = objWMI.InstancesOf("Win32_Process")
for each process In processes
if process.ProcessID > 4 then
WScript.Echo "Dumping : " & process.ProcessID & " - "& process.Name
shell.Run "pmdump.exe " & process.ProcessID & " " & process.Name & "-" & process.ProcessID & ".dump",0,True
end if
next

WScript.Echo "Dump Complete!"

The script is pretty straight forward. It loops through the PID's and runs PMDump on each one.
The result is a directory full of .dump files.

To run the code remember that you can invoke the scripting engine with cscript. If all goes well,
the results will get echoed to STDOUT and look something like this.

Microsoft (R) Windows
Script Host Version 5.6

Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
Dumping : 1424 - csrss.exe
Dumping : 1452 - winlogon.exe
Dumping : 1496 - services.exe
Dumping : 1508 - lsass.exe
Dumping : 1664 - svchost.exe
Dumping : 1756 - svchost.exe
Dumping : 1808 - svchost.exe
Dumping : 1876 - svchost.exe......Dump Complete!

Δ [email me]

About

   I'm a Computer
   Systems Engineer

   Living and Loving Life

Author