Creating a task that executes admin command line

Good morning everyone I am stumped and hope some can help.

 We use common access cards, and every 180 days our we get a error that our windows license has expired. 

We currently remedy this by executing a command line on each physical machine.

We use the ADMIN command prompt and use:

“slmgr.vbs /ltc” which pulls the CAC thumbprints that are currently in use. Then,
“slmgr.vbs /fta >cert thumbprint<” which brings up a prompt for your pin and activates the windows license for another 180 days.

What I have been asked to do is create a task/fixlet/whatever through bigfix that can automate this process… I have no idea. Any help that the community in their infinite wisdom can give me would be greatly appreciated.

1 Like

Bumping this. Has anyone had to do this? Or know how to do this?

What do you need help with (automating the licence activation or wrapping it within Bigfix)?

If you don’t yet have the activation automation then you are asking in the wrong place.

If and when you have automated the licence activation, post the details and someone will help you with the Bigfix parts.

I’m not familiar with using CAC cards for Windows licensing, but I am doing something that looks similar by activating via KMS.

The basics of my action are

action uses wow64 redirection false
delete "__appendfile"
appendfile cscript "{pathname of native system folder}\slmgr.vbs" /ato
delete "ActivateWindows.cmd"
move "__appendfile" "ActivateWindows.cmd"
waithidden cmd /c ActivateWindows.cmd

Since your version needs to present an interface to the user (to prompt for their pin), you’ll probably need to use some of “override wait” options to run as the current user rather than as LocalSystem. Your users all have local admin rights (to execute Windows Activation)?

1 Like

There are many options in override ( see https://developer.bigfix.com/action-script/reference/execution/override.html ) that can help here including running the action as admin even if the local user is not an admin. I don’t know if anyone has gotten this type of command line to actually work that way however.

1 Like

For Microsoft KMS license activation, we use a process like this …

action uses wow64 redirection false

wait cmd /C cscript c:\windows\system32\slmgr.vbs /upk > c:\windows\KMS.log
if {((string value of it contains “Windows Server 2008 R2 Standard”) of selects “caption from win32_operatingsystem” of wmi)}
wait cmd /C cscript c:\windows\system32\slmgr.vbs -ipk [code from MS licensing site] >> c:\windows\KMS.log
elseif {((string value of it contains “Windows Server 2008 R2 Enterprise”) of selects “caption from win32_operatingsystem” of wmi)}
wait cmd /C cscript c:\windows\system32\slmgr.vbs -ipk [code from MS licensing site] >> c:\windows\KMS.log
.
.
.
[insert elseif for each OS flavor in your environment]
.
.
.
endif
wait cmd /C cscript c:\windows\system32\slmgr.vbs -ato >> c:\windows\KMS.log
wait cmd /C cscript c:\windows\system32\slmgr.vbs -dlv >> c:\windows\KMS.log

It is helpful to then create an analysis for the KMS.log to see the results.

3 Likes