Silent Still Scrip, Reboot and Resume

[MRLunchBox]

Greetings,

I'm a noob when it comes to batch files and scripts etc but can somewhat piece together what I need. Basic batch files I can easiliy do, however.

I created a batch file that will install about 7 applications.

Two of the applications require a reboot (Embassy Security Center (wave which needs to run as a domain uesr) and Single Sign On). 1 could use a reboot if needed.

My issue is that the 2 that require the reboot kind of kill each other off. Meaning if its pending the reboot the second app that requires the reboot never starts or starts but fails somewhere after starting. I moved all applications around and still have the same issue.

So here is my scenario. The laptop was just imaged, joined to the domain etc. The batch file will be used by the tech to update the image and install additional applications.

What I would like is for the batch file to install XX applications reboot and contine to the rest. This would meet the requirement of one app needing the reboot.

We dont use SCCM here so I can use a task in our imaging process.

The batch file needs to be run by a doman user preferably the initial tech usng run as admin to run it vs a service account. I guess I can move the program so that after the reboot the application that need to be insall can be install using a local admin or a non domain account.

I'm willing to try any step, ie. using the run once registry key, converting to powershell etc.

Thank you for your time

color 0A
@echo off
mode con:cols=90 lines=40


Echo.
Echo. This utility will perform the following actions
Echo.
Echo. 1 Stop Windows Firewall to Prevent issues with Installation
Echo.
Echo. 2. Patch Link Client Upgrade and point to new Server
Echo.
Echo. 3. AMP Client Upgrade
Echo.
Echo. 4. Install Lync 2013
Echo.
Echo. 5. Install WebSense  (Blue Coat is no longer used)
Echo.
Echo. 6. Activate Windows and Office
Echo.
Echo. 7. Install WAVE and TDMRemoteConfig
Echo.
Echo. 8. Install Single Sign On
Echo.
Echo. 9. Install Cisco VPN and add the Profile
Echo.
Echo. Reboot to complete the instllation of the application that require it
Echo.
Echo.
Echo. Once the above have completed the job will Auto Reboot the Workstaion
Echo.
Echo.
Echo.
Echo. Press A to Start
Echo. Press B to Quit and exit
Echo.
Echo.
Echo.
set /p choice=Select your choise to Start= 
Echo.
if not '%choice%'=='' set choice=%choice:~0,1%

if '%choice%'=='A' goto Start_Job
if '%choice%'=='B' goto Exit

if '%choice%'=='a' goto Start_Job
if '%choice%'=='b' goto Exit
Echo.
Echo. "%choice%" is not a valid (answer/command)
Echo.
Echo.
Echo.


:Exit
Exit

:Start_Job

REM ***************************************
REM ***************************************
REM *******     P R E P  W O R K
REM ***************************************
REM ***************************************

REM The following folders are being created
Echo.
Echo.
Echo. Setup Folder Created at
Echo. C:\Windows\TEMP\Workstation_Setup

MD C:\Windows\TEMP\Workstation_Setup
ping -n 2 127.0.0.1>nul

MD C:\Windows\TEMP\Workstation_Setup\WAVE-2-7
ping -n 2 127.0.0.1>nul

MD C:\Windows\TEMP\Workstation_Setup\Lync-2013\
ping -n 2 127.0.0.1>nul

MD C:\Windows\TEMP\Workstation_Setup\Cisco-VPN\
ping -n 2 127.0.0.1>nul

REM Ths is where the SSO GD Logo will be copied later
MD C:\ProgramData\GD-Logo
ping -n 2 127.0.0.1>nul

REM The following are being downloaded

REM Copy Lumension Agent to local Machine
Echo.
XCOPY \\SERVER\InfrastructureSoftware\PatchLink\Win7-64Bit\LMAgentx64.msi C:\Windows\TEMP\Workstation_Setup\ /Q /Y
ping -n 3 127.0.0.1>nul
Echo. Lumension Was Downloaded
Echo.

REM Copy AMP Agent Re-instal to local machine
XCOPY \\SERVER\InfrastructureSoftware\AMP\Windows_32_and_64_Bit_Version_11.5_Re-install.exe C:\Windows\TEMP\Workstation_Setup\ /Q /Y
ping -n 3 127.0.0.1>nul
Echo. AMP Was Downloaded
Echo.
REM Copy AMP Un-Install Agent to local Machine
REM XCOPY \\SERVER\InfrastructureSoftware\AMP\Windows_32_and_64_Bit_Version_11.5_Un-install.exe C:\Windows\TEMP\Workstation_Setup\ /Q /Y
REM ping -n 3 127.0.0.1>nul

REM Copy AMP Install Agent to local Machine
REM XCOPY \\SERVER\InfrastructureSoftware\AMP\Windows_32_and_64_Bit_Version_11.5_Install.exe C:\Windows\TEMP\Workstation_Setup\ /Q /Y
REM ping -n 3 127.0.0.1>nul

REM Copy Lync 2013 to Local Machine
XCOPY \\SERVER\e$\Software\Microsoft\Lync2013_X86_Win7\*.* C:\Windows\TEMP\Workstation_Setup\Lync-2013\ /E/Q /Y
ping -n 5 127.0.0.1>nul
Echo. Lync Was Downloaded
Echo.

REM Copy WAVE to Local Machine
XCOPY \\SERVER\GeneralSoftware\WAVE\WAVE_Embassy_Security_Center_2.7\64BIT_20101221_ESCTDM64_TDM_02.07.00.043b\*.* C:\Windows\TEMP\Workstation_Setup\WAVE-2-7\ /e /Q /Y
ping -n 5 127.0.0.1>nul
Echo. WAVE Was Downloaded
Echo.

REM Copy WebSense to Local Machine
XCOPY \\SERVER\InfrastructureSoftware\WebSense_Remote_Filtering_Agent\Win_64Bit\WebsenseEndpoint_64bit.exe C:\Windows\TEMP\Workstation_Setup\ /Q /Y 
ping -n 3 127.0.0.1>nul
Echo. WebSense Was Downloaded
Echo.

REM Copy TDMRemoteConfig to Local Machine
XCOPY \\SERVER\ClientConfiguration\TDMremoteConfig64.msi C:\Windows\TEMP\Workstation_Setup\ /Q /Y
ping -n 3 127.0.0.1>nul
Echo. TDM Remote Config Was Downloaded
Echo.

REM Copy Single Sign On app and Logo
XCOPY "\\SERVER\sso$\OneSign Agent 4.7.000.10\OneSignAgentx64.msi" C:\Windows\TEMP\Workstation_Setup\ /Q /Y
ping -n 3 127.0.0.1>nul
XCOPY "\\SERVER\sso$\GD-Logo.BMP" C:\Windows\TEMP\Workstation_Setup\ /Q /Y
ping -n 3 127.0.0.1>nul
Echo. Single Sign On and GD Logo were Downloaded

REM Copy Cisco VPN and Profile
XCOPY "\\SERVER\Cisco_VPN$\*.*" C:\Windows\TEMP\Workstation_Setup\Cisco-VPN\ /q /y
Echo. Cisco VPN was Downloaded
ping -n 3 127.0.0.1>nul


REM ***************************************
REM ***************************************
REM *******   I N S T A L L
REM ***************************************
REM ***************************************

REM Stop Windows Firewall Service
sc stop MpsSvc
ping -n 2 127.0.0.1>nul
Echo. Windows Firewall Stopped
Echo.

REM Windows and Office Re-Activation
REM Windows Activation
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E967-E325-11CE-BFC1-08002BE10318} /v UPPERFILTERS /t REG_MULTI_SZ /d PartMgr /f 
ping -n 2 127.0.0.1>nul
cscript //b "c:\windows\system32\slmgr.vbs" /ipk OUR-KEY
ping -n 2 127.0.0.1>nul
cscript //b "c:\windows\system32\slmgr.vbs" /ato
ping -n 2 127.0.0.1>nul
Echo.

REM Office Activation
REM First modify registry to allow activation of Office
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E967-E325-11CE-BFC1-08002BE10318} /v UPPERFILTERS /t REG_MULTI_SZ /d PartMgr /f 
ping -n 2 127.0.0.1>nul
cscript //b "C:\Program Files (x86)\Microsoft Office\Office14\ospp.vbs" /inpkey:OUR-KEY
ping -n 2 127.0.0.1>nul
cscript //b "C:\Program Files (x86)\Microsoft Office\Office14\ospp.vbs" /act
ping -n 2 127.0.0.1>nul
Echo. Windows  and Office were activated
Echo.
Echo.
REM Patch Link Install
Echo. Staring Patch Link clinet upgrade
C:\Windows\System32\msiexec.exe /i "C:\Windows\Temp\Workstation_Setup\LMAgentx64.msi" /quiet /norestart SERVERIPADDRESS="OUR SERVER
ping -n 15 127.0.0.1>nul
Echo. Lumension was re-installed
Echo.
Echo.

REM AMP Re-install
Echo. Starting AMP clinet upgrade
C:\Windows\TEMP\Workstation_Setup\Windows_32_and_64_Bit_Version_11.5_Re-install.exe
ping -n 15 127.0.0.1>nul
Echo. AMP was Re-installed
Echo.
Echo.

REM Install WebSense
Echo. Starting WebSene client Install
C:\Windows\TEMP\Workstation_Setup\WebsenseEndpoint_64bit.exe /v"/quiet /norestart WSCONTEXT=OUR NUMBER"

ping -n 15 127.0.0.1>nul
Echo. WebSense was Installed
Echo.
Echo.

REM Lync 2013 Install
Echo. Starting Lync 2013 Install
C:\Windows\TEMP\Workstation_Setup\Lync-2013\setup.exe /adminfile "C:\Windows\TEMP\Workstation_Setup\Lync-2013\Lync_2013_x86.MSP" /config "C:\Windows\TEMP\Workstation_Setup\Lync-2013\lync.ww\config.xml"
ping -n 15 127.0.0.1>nul
Echo. Lync 2013 was Installed
Echo.
Echo.

REM INSTALL WAVE (Require Reboot)
Echo. Starting WAVE Security Center Install
C:\Windows\TEMP\Workstation_Setup\WAVE-2-7\installer.exe -silent -install
ping -n 30 127.0.0.1>nul
Echo. WAVE was Installed
Echo.
Echo.

REM Install TDMRemoteConfig
Echo. Starting TDMRemoteConfig Install
C:\Windows\System32\msiexec.exe /i C:\Windows\TEMP\Workstation_Setup\TDMremoteConfig64.msi /QB /NORESTART
ping -n 30 127.0.0.1>nul
Echo. TDM Recmote Config was Installed
Echo.
Echo.

REM Install Cisco VPN and Copy Profile
Echo. Starting Cisco VPN Install
C:\Windows\System32\msiexec.exe /I C:\Windows\TEMP\Workstation_Setup\Cisco-VPN\vpnclient_setup.MSI /QB /norestart
ping -n 15 127.0.0.1>nul
Echo. Cisco VPN was installed and Profile imported
Echo.
ECho.

REM Install Single Sign On and copy Logo to folder ( Requires Reboot)
Echo. Starting Single Sing On Install
C:\Windows\System32\msiexec.exe /I C:\TEMP\SSO\OneSignAgentx64.msi IPTXPRIMSERVER="https://OUR-SERVER.com/sso/servlet/messagerouter" AGENTTYPE="1" /qn /NORESTART
ping -n 15 127.0.0.1>nul
Reg Add HKEY_LOCAL_MACHINE\SOFTWARE\WoW6432Node\SSOProvider\CoBranding /v LogoImage /t REG_SZ /d C:\ProgramData\Logo\Logo.BMP
ping -n 15 127.0.0.1>nul
XCOPY C:\Windows\TEMP\Workstation_Setup\Logo.BMP C:\ProgramData\Logo\ /Q /Y
SSO was installed, Logo Copied and registry modified
Echo.
Echo.




REM ***************************************
REM ***************************************
REM *******  C L E A N  U P
REM ***************************************
REM ***************************************

REM Delete the downloaded applications
Del
RD C:\Windows\TEMP\Workstation_Setup /s /q

shutdown /r /f /t 30

[allen2]

There are lot of ways of doing this kind of install but unless, you want/need the tech to stay behind the computer when the install is processing, you could avoid the login thing using autologin feature with local admin account. Then i think the easiest way would to add a run item (yes run not runonce) in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" and set it to launch the local batch.

The local batch would check (using "if exist") and set flag (using files) for each app install so resuming would work and you could insert reboot in the batch. The last action of the batch would be to remove itself from the registry run key and remove autologin(if used).

Edited June 12, 2013 by allen2

[MRLunchBox]

Yes, I eventually found some thread where the suggestion was made to also use "Run" key. I can do this, howver, it will take me time to plan it out

In the mean time I found that I can use the following which I can try first.

From what I've read executing the EXEs or MSIs with the start /wait comman will force the process to complelty finish before moving to the next step.

Any optionns on how true that is?

START /W C:\Windows\System32\msiexec.exe /i C:\Windows\TEMP\Workstation_Setup\TDMremoteConfig64.msi /QB /NORESTART 
ping -n 30 127.0.0.1>nul 

START /W ETC

[allen2]

Indeed start /wait will usually (in almost all cases) wait until the process launched exit to go to next step but that doesn't mean that the application will be properly installed.

When deploying applications, it might be usefull in some case to clone the install instead of running the installer (in this case installrite might be very handy).