Jump to content
Sign in to follow this  
SvenP

Using AutoIT to deploy patches

Recommended Posts

Hello,

This is just another example of incorporating Autoit scripting techniques in current-day situations.

To tell in short it's function (the document MSPatch.rtf inside the ZIP contains a full description):

This script tests a computer for missing 'patches' and install them if necessary. The meaning of 'patches' is global, it can be anything from the usual Microsoft hotfixes

to any other program you want to run/install.

You might think there are 100+ programs that do just the same. Yes, but in this one YOU decide what to patch or not, using a human-friendly CSV-file. And it doesn't rely on any central 'update' servers. A custom CSV file editor is now included.

It is currently being used at my workplace; a network with about 700 windows users. The script is run everytime a user logs in, checking and patching if required. It also updates the antivirus definition files to their latest version found.

Notes:

- The actual patches are not included. That would make it a huge upload for the 130 hotfixes I use ;-).

- This is also a very 'specialized' program. For 'ordinary' users, HFNETCHK or MBSA are a far better choice.

Regards,

-Sven

06-MAY-2005: Uploaded version 4.2

- Improved the CSV File Editor. Includes cut/copy/paste functions, row insertion/deletions.

- Tiny improvement in mspatch.au3: you can now use the $HSM variable to shorten HKEY_LOCAL_MACHINE\Software\Microsoft

- Added a checking routine that will check your patchlist for missing files and invalid AutoIt expressions.

Note on the expression checking routine: AutoIt has the painful property to show a dialogbox on script errors, unless you run AutoIt again from within the script with the /ErrorStdOut parameter. However the /c command can not be combined with the /ErrorStdOut parameter, so I had to create a temporary script, run autoit on it and delete the script every time.

EDIT: 01-MAY-2005:

- Corrected some issues with the new Eval() function and recent changes in boolean support (please use AutoIt V3.1.1.18 or higher)

- ADDED a simple CSV File editor to edit the patchfiles. Since I just started on this one, the functionality is somehow limited. But it's 'under development'.

EDIT: 15-APR-2005:

-Uploaded the incorrect MSPATCH4.ZIP version, fixed.

-Script requires AutoIt version 3.1.1.5 or higher to run the examples. If you have a lower version then you'll have to edit the example CSV file (replace $HSM variable).

EDIT 13-APR-2005: Uploaded version 4 of mspatch.au3:

- Modified to work with AutoIt Version 3.1.1 (@OS_VERSION=>WIN_2003)

- Script will also recognize Windows 2003 ServicePack 1

- Fixed a bug that prevented comma separated files to be read.

- It now compilable with the BETA Version 3.1.1.5 (modified Eval() function)

- New button 'Details' that shows the details of the required hotfixes (if any)

- Added more examples in file full-patchlist.csv

Todo:

- Construct something that will download all Microsoft patches from their websites and place them in the corresponding directories. If you are a new user of mspatch.au3 you will first have to download all required hotfix files manually!

- Construct something that will parse Microsoft's mssecure.xml file to create an patchlist.csv automatically and download the the required hotfix files. This requires COM support in AutoIt.

mspatch4.2.zip

Edited by SvenP

Share this post


Link to post
Share on other sites

Hello,

This is the result of an AutoIT project which I did in parallel to my AutoIT-COM Automation 'project' (http://www.autoitscript.com/forum/index.php?showtopic=7639).

It's just another example of incorporating Autoit scripting techniques in current-day situations.

I thought it might useful sharing this one with you.

To tell it in short (the document MSPatch.rtf inside the ZIP contains a full description):

The script tests a computer for missing 'patches' and install them if necessary.  The meaning of 'patches' is global, it can be anything from the usual Microsoft hotfixes

to any other program you want to run/install.

You might think there are 100+ programs that do just the same. Yes, but in this one YOU decide what to patch or not, using a human-friendly CSV-file. And it doesn't rely on any central 'update' servers.

It is currently being used at my workplace; a network with about 700 windows users. The script is run everytime a user logs in, checking and patching if required. It also updates the antivirus definition files to their latest version found.

Now this one is finished, I can point my arrows again to the COM-project.

Regards,

-Sven

<{POST_SNAPBACK}>

Hello SvenP i have download it and run the autoit3 script but ,your script make nohting =?wat is it=? :idiot:

Share this post


Link to post
Share on other sites

@Sven, Is there something that can check the web to see if any windows updates are available? I am looking for a script to check the available update numbers and install them from an update folder instead of the website. I need to compare the folder with the website on a single computer and download any updates that do not exist in the folder.

I am asking a lot, and I am not asking you to create a script. I am asking if you know of any scripts that currently do this or if you have any general pointers on how to accomplish it.


Who else would I be?

Share this post


Link to post
Share on other sites

Hello SvenP i have download it and run the autoit3 script but ,your script make nohting =?wat is  it=? :whistle:

<{POST_SNAPBACK}>

@DirtyBanditos: Did you read the manual (mspatch.rtf)?

The program is specificly created for those who have to manage a network of computers. It won't have any added value for one computer (then you could just download the patches using windows update).

Regards,

-Sven

Share this post


Link to post
Share on other sites

@Sven, Is there something that can check the web to see if any windows updates are available? I am looking for a script to check the available update numbers and install them from an update folder instead of the website. I need to compare the folder with the website on a single computer and download any updates that do not exist in the folder.

I am asking a lot, and I am not asking you to create a script. I am asking if you know of any scripts that currently do this or if you have any general pointers on how to accomplish it.

<{POST_SNAPBACK}>

That's exactly what I intended to do as a follow-up to my MSPatch; creating a utility to fill automatically the contents of the update folders.

Because now, when a new update is available you'll have to manually download them for ALL operating systems and place them in the correct folders.

In your script, you could do it in the following steps:

1. Download the security catalog from: http://go.microsoft.com/fwlink/?LinkId=18922

(that is actually a redirection to: http://download.microsoft.com/download/0/d...Secure_1033.cab )

2. Extract the .cab file to mssecure.xml

3. Use some mechanism to parse XML-files and extract the updates required.

4. Check the found updates with the existing files in your folders.

5. Download any new files and copy them into the folders.

Maybe after AutoIt-COM I'll start with this one ;-)

Regards,

-Sven

Share this post


Link to post
Share on other sites

Sounds like a plan ;-) Thanks Sven. Am I correct that if COM access is realised, then there is an ActiveX Object that can be used to interact with XML files?


Who else would I be?

Share this post


Link to post
Share on other sites

Sounds like a plan ;-) Thanks Sven. Am I correct that if COM access is realised, then there is an ActiveX Object that can be used to interact with XML files?

<{POST_SNAPBACK}>

Hello this-is-me,

I don't know if an ActiveX Object exists for handling XML. It's surely worth more investigation. Good idea!

Regards,

-Sven

EDIT: typo

Edited by SvenP

Share this post


Link to post
Share on other sites

@DirtyBanditos:  Did you read the manual (mspatch.rtf)? 

 

The program is specificly created for those who have to manage a network of computers.  It won't have any added value for one computer (then you could just download the patches using windows update).

Regards,

-Sven

<{POST_SNAPBACK}>

hello SvenP i have read it!I have wlan net wis many comps!

And i have test it again,but it wörks not for me( :idiot:

Share this post


Link to post
Share on other sites

hello SvenP i have read it!I have  wlan net wis many comps!

And i have test it again,but it wörks not for me( :(

<{POST_SNAPBACK}>

Let me ask you: What do you want to 'patch' with the program?

The program comes default with an empty CSV template, because >I< don't know what you want to be patched.

So YOU have to tell the program what to do by:

- Placing your patch.exe's in the corresponding directories.

- Fill in the patchlist.CSV with the details about your patch.exe's.

I only included an example-CSV that I use at my work. But I couldn't ofcourse distribute all .EXE files with them (that would be over 700 MB's).

Let's say you want to deploy some MS-Hotfixes, then download the ones you want from www.microsoft.com, place them in the correct directories per O.S.,

Then you COULD look in my example.csv if I created already some lines for those patches, and modify those according to your needs.

If you have done all this pre-work, then you're ready to run MSpatch.au3.

As I explained in the documentation , this program does only do YOUR patches and nothing else. If that's too much work, then the utilities like MBSA of HFnetchk are better choices for you.

Regards,

-Sven

Share this post


Link to post
Share on other sites

Excellent script, the test with PatchList.csv works fine, however, when I try it with a InstallCriteria like RegRead($HSM & "\Updates\DataAccess\Q318202","IsInstalled")=1

I get the following error. I even used the Full-PatchList.csv and get the same error. I tried digging through the code, but I'm a newbie. This error happens on both version 3 and 4.

I'm running mspatch4.au3 -l full-PatchList-Alles.csv -s patches

Is Func _Execute($LineofCode) causing this error?

I'm running the lates version of Auotit and have NOT compiled the source....

First image is from version 4 and second one is from version 3.

Edited by davezub

Share this post


Link to post
Share on other sites

Excellent script, the test with PatchList.csv works fine, however, when I try it with a InstallCriteria like RegRead($HSM & "\Updates\DataAccess\Q318202","IsInstalled")=1

I get the following error. I even used the Full-PatchList.csv and get the same error. I tried digging through the code, but I'm a newbie. This error happens on both version 3 and 4.

I'm running mspatch4.au3 -l full-PatchList-Alles.csv -s patches

Is Func _Execute($LineofCode) causing this error?

I'm running the lates version of Auotit and have NOT compiled the source....

First image is from version 4 and second one is from version 3.

<{POST_SNAPBACK}>

Stupid me, I uploaded an old version that I used at my office. Fixed that.

Secondly: The script runs best with AutoIt version 3.1.1.5 or higher. Downloadable from : http://www.autoitscript.com/forum/index.php?showtopic=10256

If you have a lower version, then you have to edit the example CSV-files and replace the $HSM variable with "HKEY_LOCAL_MACHINE\Software\Microsoft".

Regards,

-Sven

Share this post


Link to post
Share on other sites

This is a pretty cool script SvenP. It has given me a few ideas...Thanks.

Over a year ago I created a system to install patches, updates, and applications when the user logs on to their machine. It's been running like a Seiko time piece ever since. I've not had to walk over to a machine in quite some time! This is were AutoIT3 really shows its stuff!

Share this post


Link to post
Share on other sites

Looks great. I'm joining the IT Staff at my school next year (www.cait.scps.k12.fl.us), and this would be a great tool to bring to the team, I'm sure they'd appreciate it more than doing it all by hand.

Oh, just want to double check, I won't break the code if I change the CSV from a ',' or ';' delim to a '@TAB'? It's a bit too cluttered for me to easily read, that...and I like tabs for separating data :)

Nice work!

Edit: I downloaded 3.1.1.7, and your script works fine by default (i think it ran that testpatch you made), but if I change it to the Full-PatchList.csv, it starts giving errors on the $HSM variable...

Edited by MSLx Fanboy

Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

typically, CSV files are comma delimited. You would have to save the Excel file as a *.txt for tabbed. A word of caution; I had trouble with tabbed recently and began using comma delimited.

Edited by PerryRaptor

Share this post


Link to post
Share on other sites

typically, CSV files are comma delimited.  You would have to save the Excel file as a *.txt for tabbed.  A word of caution; I had trouble with tabbed recently and began using comma delimited.

<{POST_SNAPBACK}>

In that case I might just make a php front end for the csv management. I'll probably just do an add patch function for now, which includes file upload...If I get it working, I'll put it up.

Oh, you mentioned other files for CSV management. I tried Excel 2003, and it looks like crap (MSExcel's problem). Do you know any programs that actually format it in a way thats readable without having to Replace ';' with '@TAB' (and then back?)?


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

No, I do not know of another program for CSV Files. I'm an old time Excel junkie so it looks pretty normal to me.

May be you should create us one using AutoIT3.

Share this post


Link to post
Share on other sites
Guest g3cko

I am having a problem with this script where it doesn't recognize command line parameters for the patches (/quiet, /passive, and /noreboot)

I have added in some MsgBox debugs, and it seems to have the right parameters there, however they don't get run (the patch pops up, and doesn't automatically install)

Share this post


Link to post
Share on other sites

I write the patch KB83****.exe and the appropriate switches on one line in a text file. That way I can autodeploy a number of patches at one time using FileReadLine().

$Patch2Run = "KB83*****.exe /quiet /passive /noreboot"

RunWait(@ComSpec & " /c " & $Patch2Run, "", @SW_HIDE)

Are you using Run() and RunAs()?

Do you copy the patches to the affected machine prior to patching?

Share this post


Link to post
Share on other sites

Has anyone looked at the Windows Update Agent API?

I made a WSH shutdown script that uses this rather than running Automatic Updates. It's COM based, so you could do mighty things with it using the unstable release (thanks, Sven & devs).

There's an example of the API (in VBScript) here.


Yes yes yes, there it was. Youth must go, ah yes. But youth is only being in a way like it might be an animal. No, it is not just being an animal so much as being like one of these malenky toys you viddy being sold in the streets, like little chellovecks made out of tin and with a spring inside and then a winding handle on the outside and you wind it up grrr grrr grrr and off it itties, like walking, O my brothers. But it itties in a straight line and bangs straight into things bang bang and it cannot help what it is doing. Being young is like being like one of these malenky machines.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...