I am new to BigFix and I am trying to mass deploy a new user to the local user group. I tried creating a task as follows:
action uses wow64 redirection false
wait net user /add Test1 {parameter “secret” of action}
wait net localgroup administrators Test1 /add
It continually stays in a running state, without adding user to local user or local administrator group. I let this run over night and it shows a “Running” status.
1 Like
When I run that command in the fixlet debugger (without the parameter) I get an exit code of 2, which means it’s an unrecognized command.
Since you’ve specified the Wait action script command, it’s possible the process never exits.
In the cases where I have to use Command Line arguments, I generally tend to test my actions using a wait command coupled with cmd.exe /k so that I can see what the shell is actually returning.
For example, in this case I would do
action uses wow64 redirection false
wait cmd.exe /k net user /add Test1 {parameter “secret” of action}
wait cmd.exe /k net localgroup administrators Test1 /add
or simply
action uses wow64 redirection false
wait cmd.exe /k net user /add Test1 {parameter “secret” of action} && net localgroup administrators Test1 /add
When running the process in Production, however, I would recommend the waithidden cmd.exe /c command instead, as you’ll briefly see a command window flash if you just use the wait command. You also want to use the /c operator with cmd.exe instead of /k so that the command window will actually close.
Finally, be cautious with net user. A default Windows install has complexity requirements for the password, and if your parameter doesn’t meet the requirements you’ll get something like
The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.
More help is available by typing NET HELPMSG 2245.
3 Likes
It was that the password was too long. Thank you for your help.
1 Like