xCROv Posted May 2, 2018 Share Posted May 2, 2018 (edited) I am trying to update the WSUS AUOption on a list of computers by IP. I have the code for this that functions but it requires me to have already made a connection through regedit to this computer and that isn't helping much since I might as well import the changes there if I have to do that. I'm wondering if anyone has any ideas for validating a local admin credentials via another method. Posted my code below. #RequireAdmin #include <File.au3> #include <MsgBoxConstants.au3> Local $aArray = FileReadToArray("C:\Users\Desktop\IPlist.txt") Local $iLineCount = @extended If @error Then MsgBox($MB_SYSTEMMODAL, "", "There was an error reading the file. @error: " & @error) ; An error occurred reading the current script file. Else For $i = 0 To $iLineCount - 1 ; Loop through the array. UBound($aArray) can also be used. MsgBox($MB_SYSTEMMODAL, "", $aArray[$i]) ; Display the contents of the array. RegWrite("\\" & $$aArray[$i] & "\" & "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU", "AUOptions", "REG_DWORD", "00000004") Next EndIf Edited April 20, 2021 by xCROv Link to comment Share on other sites More sharing options...
Moderators JLogan3o13 Posted May 2, 2018 Moderators Share Posted May 2, 2018 You are using a single domain account that has administrative rights on all the machines, correct? So you can compile your script and Run it as that account. Or am I misunderstanding your meaning? "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum! Link to comment Share on other sites More sharing options...
xCROv Posted May 2, 2018 Author Share Posted May 2, 2018 Just now, JLogan3o13 said: You are using a single domain account that has administrative rights on all the machines, correct? So you can compile your script and Run it as that account. Or am I misunderstanding your meaning? These are non-domain joined computers (I know...). I am doing WSUS through registry edits at the moment and working towards getting them on a domain at a later date. My issue is that they are currently set to AUOption value 3 and that means they dont install updates automatically. I need to edit the registry value to 4 for them to actually install the WSUS updates. This is on about 150 computers so I would rather not have to do it by hand. The script above works for stepping through a array and making a connection, just having issues with validating the local credentials so that I have the permissions to write to the registry. If I connect to the computer using regedit and then run the script it does everything as expected. Link to comment Share on other sites More sharing options...
Moderators JLogan3o13 Posted May 2, 2018 Moderators Share Posted May 2, 2018 (edited) Are they bound in any way (same workgroup, homegroup, etc.), or simply a bunch of computers on the same segment? Edit: and do you at least have the same Admin credentials set on each? Edited May 2, 2018 by JLogan3o13 "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum! Link to comment Share on other sites More sharing options...
xCROv Posted May 2, 2018 Author Share Posted May 2, 2018 All have the same admin credentials. They are all in WORKGROUP. I was using RunAsWait() with the following but am not seeing the changes on the computer side. RunAsWait("USERNAME","WORKGROUP","PASSWORD", 0, "\\" & $aArray[$i] & "\c$\Windows\System32\cmd.exe" & " /c " & '%SystemRoot%\System32\reg.exe add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v AUOptions /t REG_DWORD /d 4 /f') Link to comment Share on other sites More sharing options...
bernd670 Posted May 2, 2018 Share Posted May 2, 2018 Hello, you can use psexec from pstools to run a command on a remote computer. The code in your last post run the remote cmd on your local computer. greetingsbernd I hacked 127.0.0.1 -> Link to comment Share on other sites More sharing options...
AdamUL Posted May 2, 2018 Share Posted May 2, 2018 I would compile the regwrites to a script, and then have a local script to uses PAExec to execute it on the remote computers. Adam Link to comment Share on other sites More sharing options...
xCROv Posted May 2, 2018 Author Share Posted May 2, 2018 psexec is probably the best route. Will probably go down that route. Thanks! Link to comment Share on other sites More sharing options...
xCROv Posted May 3, 2018 Author Share Posted May 3, 2018 For those of you reading from the future. Using PSExec I ran with the following. You need to change %username% and %password% with your credentials if you need them. psexec -d -u %USERNAME% -p %PASSWORD% -n 30 -s @C:\IPList.txt cmd /c "%SystemRoot%\System32\reg.exe add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v AUOptions /t REG_DWORD /d 4 /f" Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now