watsonle Posted November 19, 2012 Posted November 19, 2012 I have developed a Client/Server script to manage WSUS server patch management and have one last issue to resolve that so far has stumped me. I use the following command (see below )on the sever side to run Microsoft Patch Verification. I want to pass the user name /u and password /v as a varibles so that I can prompt the user (client) for the credentials and pass it on to the Servers mbsacli command. Below is the command that I used to scan a target client. I want to get away having to use if statements and hardcoding the usernames and passwords. If $AdminName = "Administrator" AND $Password = "P@33word!" then RunWait(@ComSpec & " /c " & '"C:\Program Files\Microsoft Baseline Security Analyzer 2\mbsacli.exe" /u administrator /p P@33word! /wa /ia /n IIS+OS+Password /target ' & _TCP_Server_ClientIP($hSocket) & " > " & $reportPath & $reportName, "", @SW_HIDE) Any help appreciated!
Moderators JLogan3o13 Posted November 19, 2012 Moderators Posted November 19, 2012 (edited) Hi, watsonle. Check out InputBox in the help file for your prompts. Something like this (you can mask the password characters with any symbol you choose): $uID = InputBox("", "Please enter your username") $pw = InputBox("", "Please enter your password", "", "*") You can then pass the variables into your command line: RunWait(@ComSpec & " /c " & '"C:Program FilesMicrosoft Baseline Security Analyzer 2mbsacli.exe" /u' & $uID & ' /p ' & $pw & ' /wa /ia /n IIS+OS+Password /target ' & _TCP_Server_ClientIP($hSocket) & " > " & $reportPath & $reportName, "", @SW_HIDE) Edited November 19, 2012 by JLogan3o13 "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
watsonle Posted November 20, 2012 Author Posted November 20, 2012 Thanks for the input! I had tried the modification you suggested (see below ) When I break at the RunWait command and look at the contents of $AdminName and $Password they have the correct data but when I allow the RunWait command to execute it appears that the mbsacli.exe command is not passing the values with the /u and /p switch. If I replace the /u ' & $AdminName & ' and the /p ' & $Password & ' with the actual /u administrator name and /p password the mbsacli.exe command works as expected. Seems like it should work. I am still looking. RunWait(@ComSpec & " /c " & '"C:Program FilesMicrosoft Baseline Security Analyzer 2mbsacli.exe" /u ' & $AdminName & ' /p ' & $Password & '/wa /ia /n IIS+OS+Password /target ' & _TCP_Server_ClientIP($hSocket) & " > " & $reportPath & $reportName, "", @SW_HIDE)
Moderators JLogan3o13 Posted November 20, 2012 Moderators Posted November 20, 2012 What happens if you do a RunAs or ShellExecute, rather than using @Comspec? "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
watsonle Posted November 20, 2012 Author Posted November 20, 2012 I think that I found the problem at least it works now. I added a space in the command line between the ' and the /wa script. Seen above there was no space. Not sure if that could have casued the issue but now it does seem fixed and now I can remotely pass the administrator name and password to the server script on the WSUS server and correctly run the mbsacli.exe command against a remote client. This was the last issue and now lets the user pass the correct credentials without having to code alot of possibilities. I could not use the RunAs command as I needed to wait for the mbsacli command to complete. Thanks so much for your suggestion!!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now