Uninstall Bad Microsoft Patches Using PDQ Deploy

Posted by Shane Corellian

Aug 18, 2014 4:13:00 PM

table_flipMicrosoft has advised users (MS14-045) that have installed certain patches released last week (Patch Tuesday) to uninstall the patches. Sunday night the offending patches were made unavailable for download. The rogue patches can cause Blue Screen problem in Windows 7 (and Black Screen in Windows 8 and 8.1) and can potentially brick your system if fonts are modified or certain applications are installed. Additionally, the patches can create a vulnerability. Hackers with valid logon credentials can exploit this vulnerability. Read up on this botched patch here.

The patches affected are:

  • KB2982791
  • KB2970228
  • KB2975719
  • KB2975331

You can use PDQ Deploy to remove these patches. We have placed two packages in the Package Library. The only difference between the two packages is that one will initiate a reboot after the deployment. Go ahead and download the package "Uninstall MS Black Tuesday Patches AUG. 2014".

If you have automatic updates set on your Windows computers that successfully received the update between Tuesday and Sunday it would be in your best interest to uninstall this offending patch even if you are not currently experiencing issues, issues may not be apparent until after a reboot or even a couple reboots.

See the Microsoft Security Bulletin

New in the PDQ package library is an uninstall package you can deploy to all Windows machines to quickly and silently remove the Microsoft patch with PDQ Deploy. Normally uninstall packages are available only to Enterprise Mode licenses, but this package will be available to Pro and Pro Trial users. 

Watch the below video to see how to deploy the uninstall package. 

 

 

Read More

Topics: Microsoft Windows

Up 'n' Coming - Auto Deployments

Posted by Shawn Anderson

Aug 15, 2014 9:00:00 AM

PDQ Deploy 3.2 is finishing up alpha testing. The next step will be beta and we are excited. We're bringing a very commonly requested feature to the plate with Auto Deployments.

It's kind of interesting what you learn from your customers. When we started PDQ Deploy we assumed that every admin wanted total control over every aspect of the environment (not to mention their users' lives). After all, we had all been admins before and that's how we operated.

But lo and behold, there are quite a few admins who would actually prefer to let deployments just automatically happen, kind of a "set it and forget it" thing. So, we're very pleased to provide this new feature. 

We call it Auto Deploy, and it will be an Enterprise level feature in PDQ Deploy. 

What is Auto Deploy?

Auto Deploy will allow an IT Admin to select which packages from our Package Library should be automatically deployed to computers when new updates are released. The setting will allow the admin to select the number of days after a release to automatically deploy a package (or packages). 

DEP32-MainWindow-AutoDeployPage

Finally, you can set Java or Flash (or any other package in the Package Library) to just push out to your environment after it's released.

Beta testing will hopefully be starting next week. To sign up to receive beta notification click here.

If you are an existing PDQ Deploy user you can be notified when betas are ready for download by checking the "Include Beta Versions" checkbox in File > Preferences > Auto Update.

We have a lot of users waiting for this and we hope that they like it. If you have suggestions for product enhancements please post (or vote up) your favorites in our forums

Read More

Topics: pdq deploy

Using Robocopy or xcopy to Copy Files to Multiple Computers

Posted by Annalisa Williams

Aug 11, 2014 12:18:00 PM

deploy_256There are a couple commands you can use to copy files to multiple computers, Robocopy and xcopy. Many users find Robocopy to be more efficient, but I'll go over both xcopy and Robocopy and some of the errors you might come across when deploying the command and how to resolve them.

Using xcopy

Copy files to multiple computers by creating a command step in PDQ Deploy. An example of a command step to copy the files is below. The first path specified is the origin of the file, and the second path specified is where you want the files to be copied to. 

xcopy /E /I /Y "\\TOKEN\Deploy\Student Tests" "%PUBLIC%\Desktop\Tests"

/I=if directory doesn't exist it will be created in the target machine

/E=copy all directories even if empty

/Y=to answer yes if any of the files in the target need to be overwritten. 

Place the paths in double-quotes. It is necessary if there are spaces in your path, and just good practice even if there are no spaces. 

When copying files, some PDQ Deploy users find their deployment returns an error code four. Avoid an error code four by going into package properties and making sure that your Run as is set to Deploy User and not Local System. If you run it as a local system it will not be able to access remote resources and will return Error Code 4.

Remember, the computer you're deploying from must have it has to be able to access the network share. Use a UNC path, not a mapped drive. Mapped drives require more steps, trust me you do not want to do that extra work. 

What about Robocopy?

Robocopy is hit and miss available XP, but Vista on up Windows computers will have Robocopy. Again, an example of a command step to copy the files is below. The first path specified, is the origin of the file, and the second path specified is where you want the files to be copied to. 

robocopy.exe "\TOKEN\Deploy\Student Tests" "%PUBLIC%\Desktop\Tests" /MIR

/MIR=mirror, which is Robocopy's parameter for making the target look just like the source. 

Below the command field is where success codes are entered. You need to add a "1" into this field. In Robocopy, both 0 and 1 mean success. If you do not put a "1" into this field, the files will still successfully copy but it will return as an error code. 

Note: The variable %PUBLIC% will not work for XP Machines. If you have the misfortune of having XP machines in your environment, you can create a second command step, and under "Conditions" select only XP and instead use the variable %ALLUSERSPROFILE% to copy out files to the XP machines as well. 

Read More

PowerShell:Get-Date Cmdlet

Posted by Kris Powell

Aug 7, 2014 1:26:00 PM

Today, I’d like to make use of an awesome PowerShell cmdlet, Get-Date. Get-Date as the name implies, gets the current date and time and use the results for other cmdlets. Get-Date by itself will return the current date.

powershell get date

We can manipulate this result a handful of ways to make the date into a format that’s more useful to our needs.

We can use -Format to view the date any just about any date format that we can imagine.

powershell get date change format

Here is a great link for which format patterns you can use - http://ss64.com/ps/syntax-dateformats.html

In addition to formatting the date to whatever format suits you best, there are also methods you can use to manipulate the date itself (not just the formatting).

In this example, we can see what day it will be a week from now:

powershell get date manipulate date

Here's a quick list of methods you can use to modify Get-Date:

  • AddDays
  • AddHours
  • AddMilliseconds
  • AddMinutes
  • AddMonths
  • AddSeconds
  • AddTicks
  • AddYears

We can make use of Get-Date and these methods in our scripts to do fancy things like finding all files that have been created within the last 30 days.  We can even take that result and process it to remove the files that are found.

#############################################################################
#   Find files older than 30 days 
#############################################################################

$time = (Get-Date).AddDays(-30)
$path = "C:\temp"

Get-ChildItem -Path $path -Recurse -Force | `
 Where-Object {$_.LastWriteTime -lt $time }

#############################################################################
#   Find files older than 30 days and DELETE
#   Please excercise caution. There is no undo to this action
#############################################################################

$time = (Get-Date).AddDays(-30)
$path = "C:\temp"

Get-ChildItem -Path $path -Recurse -Force | `
 Where-Object {$_.LastWriteTime -lt $time } | `
 Remove-Item -Force -Recurse -ErrorAction SilentlyContinue
Read More

Topics: powershell

Java releases Version 7 Update 67

Posted by Shawn Anderson

Aug 4, 2014 4:57:25 PM

java_logo_1An out of cycle release for Java 7 (update 67) has just been reported. We have updated our Package Library with this new release and our pro or enterprise users are now able to download and deploy this security release.

If you are not a pro or enterprise user of PDQ Deploy you can still create your own Java package. (Trial users will need to create their own as trial access does not include our pre-made Java package). You can see the steps needed to create your own Java package in this post.

Showing a video on deploying Java using the package available to pro/enterprise users below.

Read More

Topics: java

Powershell: Searching Through Files for Matching Strings

Posted by Kris Powell

Jul 31, 2014 12:51:00 PM

 

kris-151

It can be very time-consuming and tedious to sift through many files. Unless you’re a fan of working over a weekend and opening file after file while being slumped in a chair, then I would suggest making use of the information from today’s Powershell blog post!

Consider a directory, “C:\Temp” with many text files created. Each of the files has random text data inside. We’re looking for only the files that contain one particular string. Additionally, since we don’t know how many matches we are going to find, we’re going to create an array to store the found matches.

In order to search for strings or string patterns, we’re going to use the cmdlet Select-String.

###########################################################

$Path = "C:\temp"
$Text = "This is the data that I am looking for"
$PathArray = @()
$Results = "C:\temp\test.txt"

# This code snippet gets all the files in $Path that end in ".txt".
Get-ChildItem $Path -Filter "*.txt" |
   Where-Object { $_.Attributes -ne "Directory"} |
      ForEach-Object {
         If (Get-Content $_.FullName | Select-String -Pattern $Text) {
            $PathArray += $_.FullName
            $PathArray += $_.FullName
         }
      }
Write-Host "Contents of ArrayPath:"
$PathArray | ForEach-Object {$_}


##########################################################

Here’s the breakdown:

This will search the directory $Path for any items that include “.txt” in their names and that are not directories.

Get-ChildItem $Path -Filter "*.txt" | 
   Where-Object { $_.Attributes -ne "Directory"}

For every match it finds, it will check the contents of the match using Get-Content and verify any matches with $Text by using Select-String. If it finds a match, it puts the full name of the match into the $PathArray array.

      ForEach-Object { 
         If (Get-Content $_.FullName | Select-String -Pattern $Text) {
            $PathArray += $_.FullName
            $PathArray += $_.FullName
         }
      }

There you have it.

Bonus options
Exporting results to file:

If you want to export that all to a file instead of on the screen, then simply pipe it into an Out-File cmdlet. For example:

$PathArray | % {$_} | Out-File “C:\Some Folder\Some File.txt”

Searching through all subfolders:

If you want to search all subfolders for additional *.txt files as well, then add “-recurse” to the original Get-ChildItem command:

Get-ChildItem $Path -Filter "*.txt" -Recurse

 
Read More

Topics: powershell

Initiate DameWare Remote Control Session with PDQ Inventory

Posted by Annalisa Williams

Jul 30, 2014 2:35:14 PM

Many of you might know, you can initiate a remote desktop or remote assist or VNC remote control session from within PDQ Inventory. Other remote control tools, such as DameWare, can also be integrated with PDQ Inventory. Actually, any remote control software that can be initiated via command line (CLI) can also be initiated with PDQ Inventory. 

A major benefit here is that you are already in PDQ Inventory. You have the computer highlighted or you are in that the Computer window already. Why should you have to open another tool and then type in the name of that same computer? Just create a Custom Tool to handle all the heavy lifting.

1. Can your particular remote software be initiated from a command line? Do a quick Google search on your software and see if command line switches are available. You should be able to find a page such as this one for DameWare. Copy the appropriate command and its respective arguments. 

2. Add a Custom Tool. Go to Preferences>Custom Tools>Add Tool. In the pop-up dialogue box you can name the tool (in our example we used DameWare 11), this name will show under the tools dropdown in the main PDQ Inventory menu.

Copy the command switch in the command line area and specify the path of the .exe. If there are spaces in the path be sure to place the path in double-quotes. You also need to include the variable %TARGET% in the command line, which is a PDQ Inventory specific variable. (To see a list of PDQ Inventory variables click the question mark button to go to the help page for a list of supported variables.) 

Optionally, ou can create a keyboard shortcut for initiating the command as well. Be sure you shortcut command does not conflict with other shortcut commands. 

Dameware_Custom_Tool

3. Create a collection of computers that have the DameWare client or alternative clients for your remote desktop software. Highlight the computer you would like to start a session with and under Tools, select your newly created tool or if you specified a keyboard shortcut, use that shortcut. 

 

 

 

Read More

Topics: pdq inventory

How to Add Printers with PowerShell

Posted by Kris Powell

Jul 24, 2014 2:17:00 PM

kris-151

Nobody likes to manually install printers. This is not fun. People who tell you otherwise are probably, in fact, lying, mistaken and must enjoy busy work.

Want to know something that’s definitely more fun? Hiking. Hiking is awesome. But also, installing printers remotely from the comfort of your workstation is awesome.  

Now that we’ve established that, let’s move on to the fun!

(Windows 8.1 / Server 2012 R2 Users: those of you who are using either of these operating systems can follow this link for even more amazing cmdlets in Powershell that make printer management even more of a breeze!)

As for the rest of us, we’ll have to make due with what we’ve got.

Prerequisites:

  • A printer to install
  • Drivers for above printer

Here is the code. A lot of this may be self-explanatory, but I’m going to explain anyway:

####################################################
# Change these values to the appropriate values in your environment

$PrinterIP = "10.10.10.10"
$PrinterPort = "9100"
$PrinterPortName = "IP_" + $PrinterIP
$DriverName = "KONICA MINOLTA bizhub C35P PS"
$DriverPath = "\\UNC_Path\To\My\Drivers"
$DriverInf = "\\UNC_Path\To\My\Drivers\KOBJQA__.inf"
$PrinterCaption = "Konica Minolta C35P"
####################################################

### ComputerList Option 1 ###
# $ComputerList = @("lana", "lisaburger")

### ComputerList Option 2 ###
# $ComputerList = @()
# Import-Csv "C:\Temp\ComputersThatNeedPrinters.csv" | `
# % {$ComputerList += $_.Computer}

Function CreatePrinterPort {
param ($PrinterIP, $PrinterPort, $PrinterPortName, $ComputerName)
$wmi = [wmiclass]"\\$ComputerName\root\cimv2:win32_tcpipPrinterPort"
$wmi.psbase.scope.options.enablePrivileges = $true
$Port = $wmi.createInstance()
$Port.name = $PrinterPortName
$Port.hostAddress = $PrinterIP
$Port.portNumber = $PrinterPort
$Port.SNMPEnabled = $false
$Port.Protocol = 1
$Port.put()
}

Function InstallPrinterDriver {
Param ($DriverName, $DriverPath, $DriverInf, $ComputerName)
$wmi = [wmiclass]"\\$ComputerName\Root\cimv2:Win32_PrinterDriver"
$wmi.psbase.scope.options.enablePrivileges = $true
$wmi.psbase.Scope.Options.Impersonation = `
[System.Management.ImpersonationLevel]::Impersonate
$Driver = $wmi.CreateInstance()
$Driver.Name = $DriverName
$Driver.DriverPath = $DriverPath
$Driver.InfName = $DriverInf
$wmi.AddPrinterDriver($Driver)
$wmi.Put()
}

Function CreatePrinter {
param ($PrinterCaption, $PrinterPortName, $DriverName, $ComputerName)
$Printer = ([WMIClass]"\\$ComputerName\Root\cimv2:Win32_Printer")
$Printer.CreateInstance()
$Printer.Caption = $PrinterCaption
$Printer.DriverName = $DriverName
$Printer.PortName = $PrinterPortName
$Printer.DeviceID = $PrinterCaption
$Printer.Put()
}

foreach ($computer in $ComputerList) {
CreatePrinterPort -PrinterIP $PrinterIP -PrinterPort $PrinterPort `
-PrinterPortName $PrinterPortName -ComputerName $computer
InstallPrinterDriver -DriverName $DriverName -DriverPath `
$DriverPath -DriverInf $DriverInf -ComputerName $computer
CreatePrinter -PrinterPortName $PrinterPortName -DriverName `
$DriverName -PrinterCaption $PrinterCaption -ComputerName $computer
}
####################################################
 
PrinterIP - IP Address of the Printer.
PrinterPort - Port of the printer.
PrinterPortName - Name of the printer port.  IP_ is standard for TCP/IP port
DriverName - This is the name of the printer as it appears in the *.inf file (case sensitive).
DriverPath - This is the directory where the printer’s install *.inf file is found.
DriverInf - Full path and file name of the *.inf file.
PrinterCaption - Name of printer as it will appear on the workstation.
ComputerList - Names of the computers you wish to install the printer on.  Choose Option 1 or Option 2

(If you decide to use Option 2 to import from a .csv file to populate the computers, please change the highlighted word to the appropriate name of the header in your .csv file.  My .csv file (ComputersThatNeedPrinters.csv)  has a column header named “Computer”)


Import-Csv "C:\Software\Scripts\Powershell\ComputersThatNeedPrinters.csv" | % {$ComputerList += $_.Computer}

I’ve broken this script up into 3 functions: Creating the network printer port; installing the printer driver; creating the printer.  I make use of WMI for each function (WMI Info).  Feel free to use any or all of the functions in your designs.

That’s it!

I cannot guarantee that it will work in every environment, but it’s a pretty “cut and paste” script. If you decide to use it, please test it before rolling it out on any production workstations.

Busy work is monotonous, boring, and (most importantly) not fun.  On the other hand, installing printers remotely is pretty fantastic, if you have the right tools.

Go forth and print!

A pastebin of the previous code can be found here.
 
Read More

PDQ Deploy and Spiceworks

Posted by Shane Corellian

Jul 23, 2014 9:00:00 AM

  deploy_text

Did you know that you can use Spiceworks' inventory as a target source in PDQ Deploy?

Yep. You can choose targets to deploy software to based on Active Directory (OU's and Security Groups), PDQ Inventory (Collections), Target Lists (text or .csv files) and Spiceworks' Asset Groups.

In order to integrate PDQ Deploy with Spiceworks you will need the following:

  • A running Spiceworks environment
  • A Spiceworks User Account with "Admin" Access.
  • PDQ Deploy

spiceworks-logo-standardPDQ Deploy and Spiceworks do NOT have to be installed on the same machine. You can also integrate with Spiceworks in the free version of PDQ Deploy.

If you already have your Spiceworks environment up and running the open the Preferences window in PDQ Deploy (File > Preferences). Go to the Spiceworks panel. Configure the Spiceworks connection accordingly. You will need to use the appropriate server name (the server running Spiceworks) and the appropriate port. 

The email field needs to be a Spiceworks account that has Admin access. See the video below for a demonstration on setting up and using PDQ Deploy with Spiceworks.

 

 

 

**Note** If you have many computers in your Spiceworks database then loading the Targets window can take a long time. Here is a great How-To in the Spiceworks community on how you can speed up Spiceworks. Note that steps 2 and 3 seem to make a big difference.

 

Read More

Dear Oracle, Dear Ask

Posted by JJ Bateman

Jul 22, 2014 4:12:00 PM

If you've ever seen Mean Girls, you'll remember Gretchen Weiners' futile resolve to subtly inject the word "fetch" into the group's vernacular. After numerous attempts, Regina finally has enough, and squashes Gretchen's hopes. 

mean-girls-ask-toolbar

That's how we feel about the online installer of Java trying to get you to install the Ask Toolbar on your machine. (our Java packages DO NOT have Ask Toolbar bundled). Inspired by this reddit post, I decided to write open letters to both Oracle and Ask. 

Before I begin, I'd like to take a moment to announce that our Ask Toolbar uninstaller package no longer requires Pro Mode and is now free for any sysadmin to download and deploy. Use PDQ Deploy to remove Ask from your infected target machines.

Alright, here we go. 

Dear Oracle,
Please stop. Stop trying to make the Ask Toolbar happen. Java is perfectly fine without it. Consumers of Java applets are fine without it. Old people who call their tech savvy grandchildren to remove this red-circle-'Ask' thing from their homepage are especially fine without it. Go back to the days when your runtime was just a runtime, and not packaged with bloat. You can amend your ways. We hope you do.

Dear Ask Toolbar,
If you were an actual person, I'd protect and defend you from the bullying and taunting you so deserve. But you're not a person, you are a bane of society, a wart on the tech community, and you certainly don't warrant any sort of defending, whatsoever. Go away. Go away and never return. If you're a developer or a project manager for the Ask Toolbar, the Ask Partner Network, or whatever your department calls it self: quit. Please. You can find a better job. For reference, a better job includes janitor work, MLM salesperson, Ask Toolbar ex-employee support group leader. Anything. Until then, Admin Arsenal will do everything to make sure that your abysmal loatheware stays as far away from our users' machines as possible.

 

Dear blog reader,
If you haven't seen Mean Girls yet, and you enjoy the comedy of Tina Fey, then I recommend watching it.


Read More

Topics: ask toolbar, malware

Admin Arsenal Blog

Subscribe to Email Updates