DaleMahalko Posted April 10, 2015 Posted April 10, 2015 I am trying to make a rather simple script that does exactly what AutoIT was originally meant to do: Automate an IT program via Send(), ControlGetText(), and so forth. It works perfectly fine if I start a Windows 7 remote desktop session to the remote computer, and then from within the remote desktop session: - Open an elevated (UAC) command prompt - Run the program However, for the life o' me, I simply can not get it to work when launched on a remote computer. Apparently the program I am trying to automate is being launched on the remote machine in a manner that AutoIT cannot interact with the program window. It is exasperating that it works great if I run it from an elevated command prompt via remote desktop. I suppose I could open 400 remote desktop sessions and run it that way on each remote machine, but good lord that's not the way automation is supposed to work. If I try to launch the program remotely, and I also have a remote desktop session open to the remote computer, I can see the program I'm trying to automate that it launches in the "All Users" Task Manager, and I have to kill the process via Task Manager when the automation fails. I have no idea if there's anything that can be "improved" in my source code to fix this, or if the problem is with the command line parameters I'm using with PSExec, or maybe something weird about remote UAC sessions that I don't know about. expandcollapse popup#AutoIt3Wrapper_Change2CUI=y #pragma compile(Console, true) #RequireAdmin #include <File.au3> ; ; CleanWipe automation script by Dale Mahalko ; Email: dmahalko@gmail.com - Apr 9, 2015 ; Free to redistribute ; ; Compile this into an EXE, using AutoIT: ; https://www.autoitscript.com/site/autoit/ ; ; Run: ScriptName.exe \\pathto\share\for\cleanwipe ; C:\Path\To\Temp\Dir domain\user ; password ; ; Command parameters are optional. ; You must run this script elevated, as Admin. ; ;======================================================= ; Check for valid source path and files Global $MappedDrive = False, $MDrive, $logfile IF $CmdLine[0] > 0 Then $WkDir = $CmdLine[1] Else LogIt("Using working dir as source path. Otherwise" _ & " provide source path as 1st") LogIt("parameter. (use quotes around path, if there" _ & " are spaces)") $WkDir = @WorkingDir EndIf IF $CmdLine[0] > 1 Then $tmpdir = _TempFile($CmdLine[2]) Else LogIt("Using C:\Windows\Temp as temp path. Otherwise" _ & " provide temp path as 2nd") LogIt("parameter. (use quotes around path, if there" _ & " are spaces)") $tmpdir = _TempFile("C:\windows\temp") EndIf LogIt("Work dir: " & $WkDir) LogIt("Temp dir: " & $tmpdir) IF $CmdLine[0] > 2 Then LogIt("Creating temporary drive mapping using " _ & "parameters 3 and 4 for username and password.") $MDrive = DriveMapAdd ("*", $WkDir, 0, _ $CmdLine[3], $CmdLine[4]) LogIt("Mapped temp drive letter: " & $MDrive) LogIt("Using: " & $CmdLine[3] & " - " & $CmdLine[4]) IF (StringLeft($MDrive,1) < "A" Or _ StringLeft($MDrive,1) > "Z") Then LogIt("Error mapping drive letter.") Die(@error) EndIf $MappedDrive = True EndIf IF Not FileExists($WkDir) Then LogIt("Can't find source directory.") Die(0) EndIf IF Not FileExists($WkDir & "\cleanwipe.exe") Then LogIt("cleanwipe.exe not in source dir." ) Die(0) EndIf IF Not FileExists($WkDir & "\cleanwipe.db") Then LogIt("cleanwipe.db not in source dir.") Die(0) EndIf ; Copy CleanWipe to temp directory on Windows PC. $logfile = $tmpdir & "\results.log" DirCreate ($tmpdir) ; LogIt ("Copying cleanwipe files.") FileCopy($WkDir & "\cleanwipe.exe", $tmpdir) FileCopy($WkDir & "\cleanwipe.db", $tmpdir) Local $Why, $What ; LogIt("Launching " & $tmpdir & "\Cleanwipe.exe") $Err = Run($tmpdir & "\Cleanwipe.exe") If $Err = 0 THEN Die(@error) ; LogIt("Waiting 60 seconds for launch") Local $hWnd = WinWait("[TITLE:CleanWipe]", "", 60) If $hWnd = 0 Then Die(@error) ;SendKeepActive("[TITLE:CleanWipe]" ; LogIt("1st window: Click Next") $Err = Send("{Space}") If $Err = 0 Then Die(@error) ; LogIt("2nd window: Click EULA / Next") $Err = Send("{Space}{Tab}{Tab}{Space}") If $Err = 0 Then Die(@error) ; LogIt("3rd window: Click Client software" _ & " / Liveupdate / Next ") $Err = Send("{Space}{Tab}{Tab}{Space}{Tab}{Tab}{Space}") If $Err = 0 Then Die(@error) ; LogIt("4th window: Click don't prompt to reboot / Next") $Err = Send("{Space}{Tab}{Tab}{Tab}{Tab}{Space}") If $Err = 0 Then Die(@error) ; ; Check for any CleanWipe error messages. $WTitle = WinGetTitle("[ACTIVE]") LogIt("Found output window named: " & $WTitle) If $WTitle <> "CleanWipe" Then LogIt("Error message: " & ControlGetText ( _ $WTitle, "", "[Class:Static; Instance:2]" )) LogIt("Closing error window, exit CleanWipe.") ;SendKeepActive($WTitle) $Err = Send("{Space}") If $Err = 0 Then Die(@error) sleep(500) $Err = Send("{tab}{Space}") If $Err = 0 Then Die(@error) sleep(500) $Err = Send("{Space}") If $Err = 0 Then Die(@error) ; LogIt("Temp dir name left behind: " & $tmpdir) Die(0) EndIf ; ; Next> button is inactive during the task. ; Wait for it to become active. LogIt("Waiting 15 minutes for tasks to complete.") $SleepTimer = 0 Do Sleep (1000) $SleepTimer = $SleepTimer + 1 IF $SleepTimer > 900 Then Die("Waited 900 sec, but it didn't finish.") EndIf Until (ControlCommand("CleanWipe", '', "[ID:12324]", _ 'IsEnabled')) ; LogIt("Job results: ") LogIt(ControlGetText ( "CleanWipe", "", _ "[Class:RichEdit20W; Instance:1]" ) ) ;SendKeepActive("[TITLE:CleanWipe]" LogIt("GUI: Click Next" ) $Err = Send("{Tab}{Space}") If $Err = 0 Then Die(@error) sleep(500) ; LogIt("GUI: Click Finish" ) $Err = Send("{Space}") If $Err = 0 Then Die(@error) sleep(500) ; LogIt("Completed successfully." ) LogIt("Temp dir name left behind: " & $tmpdir) If $MappedDrive = True Then DriveMapDel($MDrive) LogIt("Removed temp drive letter: " & $MDrive) EndIf Exit ; Func Die($Why) LogIt("Error, code: " & $Why ) If $MappedDrive = True Then DriveMapDel($MDrive) LogIt("Removed temp drive letter: " & $MDrive) EndIf Exit EndFunc Func LogIt($Who) If $logfile <> "" Then _FileWriteLog($logfile, $Who) ConsoleWrite($Who & @CRLF) EndFunc Typical successful logged output: C:WindowsTempps_tools>cw-auto-rev5.exe "XXXXXXXXXXNetAdminStuffSEP_Clean-Wipe" "C:Windowstempps_tools" YYYYYYYYY ZZZZZZZZZ Work dir: XXXXXXXXXXNetAdminStuffSEP_Clean-Wipe Temp dir: C:Windowstempps_tools~hljlzgj.tmp Creating temporary drive mapping using parameters 3 and 4 for username and password. Mapped temp drive letter: Z: Using: YYYYYYY - ZZZZZZZZZ Copying cleanwipe files. Launching C:Windowstempps_tools~hljlzgj.tmpCleanwipe.exe Waiting 60 seconds for launch 1st window: Click Next 2nd window: Click EULA / Next 3rd window: Click Client software / Liveupdate / Next 4th window: Click don't prompt to reboot / Next Found output window named: CleanWipe Waiting 15 minutes for tasks to complete. Job results: 22:23:06 INFO Initializing removal engine... 22:23:06 INFO Engine version: 12.1.5337.5000 22:23:07 INFO Engine initalized succesfully. 22:23:07 INFO [1/22]: Scanning Windows Installer cache 22:23:07 INFO [2/22]: Collecting product information 22:23:07 INFO [3/22]: Processing collected information 22:23:07 INFO [4/22]: Preparing to remove products 22:23:07 INFO [5/22]: Unregistering products from Windows Installer database 22:23:07 INFO [6/22]: Stopping LiveUpdate 22:23:07 INFO [7/22]: Stopping and removing services 22:23:10 INFO [8/22]: Unregistering EventLog sources 22:23:10 INFO [9/22]: Disabling startup items 22:23:10 INFO [10/22]: Verifying whether a reboot is required 22:23:13 INFO [11/22]: Reboot 22:23:13 INFO Task skipped because reboot was not required. 22:23:13 INFO [12/22]: Stopping LiveUpdate 22:23:13 INFO Task skipped because reboot was not required. 22:23:13 INFO [13/22]: Removing unused definitions 22:23:13 INFO [14/22]: Unregistering LiveUpdate content 22:23:13 INFO [15/22]: Removing symbolic links 22:23:13 INFO [16/22]: Removing files and directories 22:23:17 INFO [17/22]: Unregistering applications from InstalledApps database 22:23:17 INFO [18/22]: Uninstalling unused LiveUpdate 22:23:17 INFO [19/22]: Searching registry for product related data 22:23:29 INFO [20/22]: Removing registry keys 22:23:29 INFO [21/22]: Removing Windows Firewall exceptions 22:23:30 INFO [22/22]: Unregistering products from Windows Security Center 22:23:32 INFO Saving state... 22:23:32 INFO Removal completed successfully. GUI: Click Next GUI: Click Finish Completed successfully. Temp dir name left behind: C:Windowstempps_tools~hljlzgj.tmp Removed temp drive letter: Z: However, if I try to launch via PSExec from an elevated local command prompt, it ends up doing dumb things like this: psexec -i -h -u YYYYYYYY -p ZZZZZZZZ FFFFFF cmd /c c:windowstempps_toolscw-auto-rev5.exe "XXXXXXXXNetAdminStuffSEP_Clean-Wipe" "C:WindowsTemp" YYYYYYYY ZZZZZZZZ Failed PSExec remote elevated launch: 2015-04-09 21:44:29 : Copying cleanwipe files. 2015-04-09 21:44:30 : Launching C:WindowsTemp~bfwdsai.tmpCleanwipe.exe 2015-04-09 21:44:30 : Waiting 60 seconds for launch 2015-04-09 21:44:31 : 1st window: Click Next 2015-04-09 21:44:31 : 2nd window: Click EULA / Next 2015-04-09 21:44:31 : 3rd window: Click Client software / Liveupdate / Next 2015-04-09 21:44:31 : 4th window: Click don't prompt to reboot / Next 2015-04-09 21:44:31 : Found output window named: 2015-04-09 21:44:31 : Error message: 2015-04-09 21:44:31 : Closing error window, exit CleanWipe. 2015-04-09 21:44:32 : Temp dir name left behind: C:WindowsTemp~bfwdsai.tmp 2015-04-09 21:44:32 : Error, code: 0 2015-04-09 21:44:32 : Removed temp drive letter: Z: I'm specifying the network username and password twice in my PSExec command line. Once to logon remotely via PSExec and once to map a temporary network drive via my script. I'm making this script map its own temporary network drive to the server, because it seems I usually get Access Denied errors trying to access network shares remotely via PSExec, regardless of what PSExec username password or PSExec command line options I use. Help?
computergroove Posted April 10, 2015 Posted April 10, 2015 I dug around and found this - http://www.symantec.com/connect/forums/automating-symantec-cleanwipe-remove-sep-client-silently-upgradeI do not have a symantec program to test it on so youll have to try yourself. Can you reproduce the problem locally so you can debug why your script wont interact with the command window? It wouldnt suprise me if that was implemented by symantec for this program so hackers couldn't remotely uninstall protection. You could bypass this if you added an arduino board to each machine and program it to send mouse clicks and send commands as a keyboard emulator. The Arduino boards are arounf $7.00 each on ebay. Get Scite to add a popup when you use a 3rd party UDF -> http://www.autoitscript.com/autoit3/scite/docs/SciTE4AutoIt3/user-calltip-manager.html
DaleMahalko Posted April 10, 2015 Author Posted April 10, 2015 The script works fine elevated on my own desktop, if I go to any organizational desktop directly and run it elevated, and on a remote desktop elevated. I think it is probably some strange interaction between PSExec and UAC. Symantec Endpoint Protection 11 is end of life, and our organization is going with Avast Enterprise now. Except I discovered after installing Avast that SEP11 doesn't really completely remove itself via the Programs list, and there are lurking components that only CleanWipe and SEPPrep can remove. The SEPPrep tool does have a remote-run ability directly built into it, but it has an atom bomb approach as it removes everything including Avast, so then I would have to redo all the Avast installs again.
Developers Jos Posted April 10, 2015 Developers Posted April 10, 2015 (edited) Don't think the Send() commands will work as you are running it in the "background" as service without an actual screen session when shelled with PSEXEC on a remote computer. Either use Controlxxx() commands or preferably only commandline arguments in case the programs can run silently. Jos Edited April 10, 2015 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now