Selmak Posted January 10, 2006 Share Posted January 10, 2006 -Well, hardly, but a slightly more efficient approach than Windows Update for patching multiple computers. expandcollapse popup; *********************************************************************** ; The Poor Man's Systems Update Server. ; A simple Windows security-patch deployment script for small networks. ; Caters for multiple OS versions, each having its own source-folder. ; Installs patches silently where possible to avoid user-hassle. ; ; Usage: Compile with Autoit 3.1+ and place on a server share. ; ; Make one or more subfolders under the executable's location, ; whose names must match the (AutoIt) ID for the OS versions ; to be patched, e.g WIN_2000, WIN_XP ; ; Get patches using the adminstrator mode of Windows Update. ; Place the required patches in each folder. ; Other non-Microsoft executables can also be included where suitable. ; ; Call from the logon script, or launch with a startup shortcut. ; ; Status: Tested, needs a little polishing but deployable as-is. ; Presently only supports executable patches, might add .msi support later. ; *********************************************************************** ; Determine OS running, and appropriate patch-folder: $PatchFolder=@ScriptDir & '\' & @OSVersion ; You might want to put the logs on a server share for easier checking, ; by default they're in the Windows/WINNT folder. $Patchini= @WindowsDir & '\' & 'Patchlog.ini' $ok2patch=0 $nonstop=0 $silent=0 ; Check for commandline switches: ; doFailed=Repeat the failures (and do new) ; doAll=Repeat whole sequence, missing none. $doFailed=0 $doAll=0 if $cmdLine[0]>0 then if StringInStr($cmdLine[1],"/f") then $doFailed=1 endif if StringInStr($cmdLine[1],"/a") then $doAll=1 endif endif ; Enumerate patch folder: $_pathtoscan = $PatchFolder & '\*.exe' $_spSearch = FileFindFirstFile ( $_pathtoscan ) If $_spSearch = -1 Then ; MsgTip(0, "PatchError", "No patches found for this OS") exit EndIf ; Main Loop: While 1 ; Get a file in the patch folder $file = FileFindNextFile($_spSearch) If @error Then ExitLoop ; See if the patch has been installed already, and if the install was a success: ; (Patches get two tries at installing, after which they're flagged as bad) $logentry = IniRead ($Patchini,'Installed',$file,-1) if $doAll=0 then if $logentry = 'Success' then continueloop; Installed previously. if $logentry = 'Manual' then continueloop; Hopefuly installed manually. if $logentry = 'RebootSuccess' then continueloop; Installed, reboot needed. No need to repeat. if $doFailed=0 then if $logentry = 'Failed' then continueloop; Repeated failure, so stop trying. endif endif $PatchPath = $PatchFolder & '\' & $file ; Make a shortname for the Tray Tip: $shortname=$file $kbpos=stringinstr($shortname,'-kb')+1 if $kbpos > 0 then $chars=stringinstr($shortname,'-x86')-$kbpos if $chars < 1 then $chars = stringlen($shortname) $shortname= stringmid($shortname,$kbpos,$chars) endif ; We do recent Win2000 and Windows XP KBnnnn patches silently. ; Earlier W2000 patches are too varied in switch syntax for any consistent method, ; so in this case we just let the user do the clicking. ; Names of the 'silent-capable' patches start with the word 'Windows' and contain the strings '-kb' and '-x86' ; Here I'm just testing for 'Windows' which seems adequate. if stringleft($file,7)='windows' then $silent=1 else $silent=0 endif TrayTip ('MyLogon Patch Installer:','Installing Security Update: ' & $shortname & ' ',5) ; Ask user if it's OK to patch computer just now: if $ok2patch=0 then $msg=msgbox(36,"Security Patch Delivery", "Security patches are available for your computer. Do you wish to install them now?",60) if $msg=6 then $ok2patch=1 else exitloop endif endif sleep(3000) if $silent = 1 then $retcode = RunWait($patchpath & ' /Q /Z /M') else IniWrite ($Patchini,'Installed',$file,'Manual') $retcode = RunWait($patchpath) endif ; Make logfile-entry according to patch returncode: select case $retcode=0 IniWrite ($Patchini,'Installed',$file,'Success') case $retcode=3010 IniWrite ($Patchini,'Installed',$file,'RebootSuccess') if $nonstop=0 then $msg=msgbox(36,'Install more Patches?' , 'For best results, no more patches should be installed until after a restart of the computer. However, if you are a laptop-user who rarely has access to updates, you might prefer to install all of the available patches at once. Press Yes to install more patches now. Otherwise press No, or wait a few seconds.',60) if $msg = 6 then $nonstop=1 else TrayTip ('MyLogon Patch Installer:','Pausing here until next reboot',5) sleep(2000) exitloop; do only one if reboot needed. endif endif case else if $logentry = 'Aborted' then IniWrite ($Patchini,'Installed',$file,'Failed') else if $doFailed=0 then IniWrite ($Patchini,'Installed',$file,'Aborted') endif sleep(10000); wait for process to end before repeating endselect Wend ; End main loop. FileClose($_spSearch) ; Sign-off the log with date of last run, and number of times run: $RunCount = IniRead ($Patchini,'Log','RunCount',0) +1 IniWrite ($Patchini,'Log','RunCount',$RunCount) IniWrite ($Patchini,'Log','LastRun',@Year & '/' & @Mon & '/' & @Mday) exit Link to comment Share on other sites More sharing options...
Pakku Posted January 10, 2006 Share Posted January 10, 2006 nice code i'll try it later but it looks nice How can someone use Windows without using AutoIt?That one would properly don't know how to handle a computer!My scripts:Send files over internetKind of RSS reader3Draw ProUDF: convert a character string to a binary one and backCalculate PiCommand line downloader (Youtube/Google video)Set the transparency of a window just by hitting a key!Secure your pcOther things:My filemanMy profilePM me Link to comment Share on other sites More sharing options...
Selmak Posted January 13, 2006 Author Share Posted January 13, 2006 nice codei'll try it later but it looks niceI've posted a zip - save you cutting and pasting. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now