Jump to content

Recommended Posts

Posted

I have developed a Client/Server script to manage WSUS server patch management and have one last issue to resolve that so far has stumped me.

I use the following command (see below )on the sever side to run Microsoft Patch Verification. I want to pass the user name /u and password /v as a varibles so that I can prompt the user (client) for the credentials and pass it on to the Servers mbsacli command.

Below is the command that I used to scan a target client. I want to get away having to use if statements and hardcoding the usernames and passwords.

If $AdminName = "Administrator" AND $Password = "P@33word!" then

RunWait(@ComSpec & " /c " & '"C:\Program Files\Microsoft Baseline Security Analyzer 2\mbsacli.exe" /u administrator /p P@33word! /wa /ia /n IIS+OS+Password /target ' & _TCP_Server_ClientIP($hSocket) & " > " & $reportPath & $reportName, "", @SW_HIDE)

Any help appreciated!

  • Moderators
Posted (edited)

Hi, watsonle. Check out InputBox in the help file for your prompts. Something like this (you can mask the password characters with any symbol you choose):

$uID = InputBox("", "Please enter your username")
$pw = InputBox("", "Please enter your password", "", "*")

You can then pass the variables into your command line:

RunWait(@ComSpec & " /c " & '"C:Program FilesMicrosoft Baseline Security Analyzer 2mbsacli.exe" /u' & $uID & ' /p ' & $pw & ' /wa /ia /n IIS+OS+Password /target ' & _TCP_Server_ClientIP($hSocket) & " > " & $reportPath & $reportName, "", @SW_HIDE)
Edited by JLogan3o13

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Posted

Thanks for the input! I had tried the modification you suggested (see below )

When I break at the RunWait command and look at the contents of $AdminName and $Password they have the correct data but when I allow the RunWait command to execute it appears that the mbsacli.exe command is not passing the values with the /u and /p switch.

If I replace the /u ' & $AdminName & ' and the /p ' & $Password & ' with the actual /u administrator name and /p password the mbsacli.exe command works as expected.

Seems like it should work. I am still looking.

RunWait(@ComSpec & " /c " & '"C:Program FilesMicrosoft Baseline Security Analyzer 2mbsacli.exe" /u ' & $AdminName & ' /p ' & $Password & '/wa /ia /n IIS+OS+Password /target ' & _TCP_Server_ClientIP($hSocket) & " > " & $reportPath & $reportName, "", @SW_HIDE)

Posted

I think that I found the problem at least it works now. I added a space in the command line between the ' and the /wa script. Seen above there was no space. Not sure if that could have casued the issue but now it does seem fixed and now I can remotely pass the administrator name and password to the server script on the WSUS server and correctly run the mbsacli.exe command against a remote client.

This was the last issue and now lets the user pass the correct credentials without having to code alot of possibilities.

I could not use the RunAs command as I needed to wait for the mbsacli command to complete.

Thanks so much for your suggestion!!

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...