sublimnl Posted August 24, 2007 Share Posted August 24, 2007 (edited) I found the following function on the MSDN site and would like to use it within a tool I am currently writing. Basically I need a way to force a remote machine to refresh group policy.http://msdn2.microsoft.com/en-us/library/aa374401.aspxI have never attempted anything like this before in AutoIt so I am at a loss as to how to get started. Any help would be appreciated!BTW, I decided against remotely executing gpupdate because gpupdate /force will sometimes come back with a Y/N prompt. I need something that will be completely silent and not leave a process running in the background on the remote machine. I figured it would be best to find a way to do this natively without external tools. Edited August 24, 2007 by sublimnl Link to comment Share on other sites More sharing options...
tAKTelapis Posted August 24, 2007 Share Posted August 24, 2007 You could pipe a No response directly after the GPupdate. Then it will not leave it hanging at the prompt. This should force a GPupdate, with a No response to the prompt, and a completely blank CMD prompt showing, you could always use AutoIt to supress the CMD window though, and just go with the gpupdate. @echo off echo N | gpupdate /force > NUL exit Link to comment Share on other sites More sharing options...
sublimnl Posted August 24, 2007 Author Share Posted August 24, 2007 right, but in some circumstances there will be two prompts (one for reboot, one for logoff) depending on the state of group policy. is there a way to pipe in two replies? Link to comment Share on other sites More sharing options...
lordofthestrings Posted August 24, 2007 Share Posted August 24, 2007 erm.. I'm sure you know this as you sound knowledgeable but GPUpdate has an option to perform it's actions against remote computers.. you can simply use send() to fill in the prompts using AdlibEnable() to loop at a specified interval Syntax: GPUpdate [/Target:{Computer | User}] [/Force] [/Wait:<value>] [/Logoff] [/Boot] [/Sync] Link to comment Share on other sites More sharing options...
sublimnl Posted August 24, 2007 Author Share Posted August 24, 2007 The /Target option is not for sending the command to remote computers unfortunately. It is to specify whether to update the local user or computer policy. Link to comment Share on other sites More sharing options...
lordofthestrings Posted August 24, 2007 Share Posted August 24, 2007 whoops.. that's a silly mistake of me.. Link to comment Share on other sites More sharing options...
November Posted August 24, 2007 Share Posted August 24, 2007 Hi there, You can try to do this in the machine: secedit /refreshpolicy machine_policy /enforce I dont know if its suitable for what you want, bur is an addiconal info. You can use it to refresh users too: secedit /refreshpolicy user_policy /enforce Cheers, Old Scriptology Visual Ping 1.8 - Mass Ping Program with export to txt delimited. Desktop 2 RGB and YMCK - Pick a color in the desktop and get the RGB and YMCK code. Desktop 2 RGB - Pick a color in the desktop and get the RGB code. ShootIT 1.0 - Screen Capture full and partial screen [font="'Arial Black';"]Remember Remember The Fifth of November.[/font] Link to comment Share on other sites More sharing options...
sublimnl Posted August 24, 2007 Author Share Posted August 24, 2007 thanks, but that will only work on win2k systems. secedit is no longer used for group policy refresh on winxp and above. anyone know how to implement the win32 function from my original post? Link to comment Share on other sites More sharing options...
The Kandie Man Posted August 24, 2007 Share Posted August 24, 2007 Here you go:Global Const $RP_FORCE = 1 Global Const $True = 1 Global Const $False = 0 $bMachine = $True ;[in] Specifies whether to refresh the computer policy or user policy. If this value is TRUE, the system refreshes the computer policy. If this value is FALSE, the system refreshes the user policy. Dim $Return $Return = DllCAll("Userenv.dll","int","RefreshPolicyEx","int",$bMachine,"int",$RP_FORCE) If IsArray($Return) Then ConsoleWrite("Function Returned: " & $Return[0] & @LF) Msgbox(64,"The Function Returned:","The function returned : " & $Return[0] & @CRLF & "If the value returned was not zero then the function succeeded.") Else ConsoleWrite("DllCall didn't return an array. The call was therefore unsuccessful." & @LF) MsgBox(16,"Error!","The Dll Call was unsuccessful because it did not return an array.") EndIf This worked for my anyway. Let me know if you have any questions. - The Kandie Man ;-) "So man has sown the wind and reaped the world. Perhaps in the next few hours there will no remembrance of the past and no hope for the future that might have been." & _"All the works of man will be consumed in the great fire after which he was created." & _"And if there is a future for man, insensitive as he is, proud and defiant in his pursuit of power, let him resolve to live it lovingly, for he knows well how to do so." & _"Then he may say once more, 'Truly the light is sweet, and what a pleasant thing it is for the eyes to see the sun.'" - The Day the Earth Caught Fire Link to comment Share on other sites More sharing options...
sublimnl Posted August 24, 2007 Author Share Posted August 24, 2007 KandieMan, thanks so much. That works on my local machine! One step closer...I just have to figure out how to run it against a remote machine now. Link to comment Share on other sites More sharing options...
The Kandie Man Posted August 24, 2007 Share Posted August 24, 2007 In case you don't know about Sysinternals:http://www.microsoft.com/technet/sysintern...ng/PsTools.mspxThis is the utility in particular that allows remote execution:http://www.microsoft.com/technet/sysintern...ies/psexec.mspxHope that helps.- The Kandie Man ;-) "So man has sown the wind and reaped the world. Perhaps in the next few hours there will no remembrance of the past and no hope for the future that might have been." & _"All the works of man will be consumed in the great fire after which he was created." & _"And if there is a future for man, insensitive as he is, proud and defiant in his pursuit of power, let him resolve to live it lovingly, for he knows well how to do so." & _"Then he may say once more, 'Truly the light is sweet, and what a pleasant thing it is for the eyes to see the sun.'" - The Day the Earth Caught Fire Link to comment Share on other sites More sharing options...
sublimnl Posted August 24, 2007 Author Share Posted August 24, 2007 thanks. yep, used sysinternals for years now. just wanted to do it all natively for a change to build up my knowledge. plus psexec is quarantined by mcafee in some companies I have been to in the past, so i figure best to just not rely on it. thanks for the nudge in the right direction on the script though! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now