Need to have a profile for Windows

hansells · February 19, 2020, 9:49pm

Hello,

I am kind of new at this whole thing, but when I run something like dos or cmd for windows, is there an easy way to get an environment for the user running the commands? In linux I can run a --login on the command line.

thanks

TimRice · February 19, 2020, 10:49pm

Under Windows, the BigFix client runs as “Local System”, not a user. There is a way to run commands as the “Logged In User”, but if there is no user logged in, I’m not sure how you want to handle it.

hansells · February 20, 2020, 3:50pm

I see, what I run into are things that don’t run in big fix with a simple dos or cmd statement and the guy I am working with creates a whole ps1 shell or pushes a batch file to get them to run. Trying to avoid that.

What causes something like this command to not run in BigFix.

C:\Prgram Files\tivoli\tsm\baclient\gsk8capicmd_64 -cert -add -db C:\Prgram Files\tivoli\tsm\baclient\dsmcert.kdb -stashed -label “AddTrust-External-CA-Root” -file __Download\AddTrust-External-CA-Root.crt -format ascii -trust enable

It will run on a straight up command line.

TimRice · February 20, 2020, 3:55pm

So are you issuing the following …
wait "C:\Program Files\tivoli\tsm\baclient\gsk8capicmd_64.exe" -cert -add -db "C:\Program Files\tivoli\tsm\baclient\dsmcert.kdb" -stashed -label “AddTrust-External-CA-Root” -file __Download\AddTrust-External-CA-Root.crt -format ascii -trust enable

(Note: I added quotes around the path statements due to the spaces in the them. I also added the .EXE file extension to the file being executed.)

JasonWalker · February 20, 2020, 4:28pm

In addition to @TimRice’s guidance on the spaces, this may also be due to the BigFix client running in 32-bit mode by default (for backwards compatibility). When your action references “C:\Program Files”, it is by default redirected to “C:\Program Files (x86)”. You need to change the behavior on that by using action uses wow64 redirection false in the script before running hte commands.

Leaving aside the downloads, the action script would look something like

// do your downloads first
action uses wow64 redirection false

wait "C:\Program Files\tivoli\tsm\baclient\gsk8capicmd_64.exe" -cert -add -db "C:\Program Files\tivoli\tsm\baclient\dsmcert.kdb" -stashed -label “AddTrust-External-CA-Root” -file __Download\AddTrust-External-CA-Root.crt -format ascii -trust enable

For more complicated things than a one-liner like this, we might create & execute a batch file on the fly. We use relevance guards {} to replace a part of the command with a Relevance evaluation (like substituting the path of the download folder and program files folders here):

action uses wow64 redirection false
delete __appendfile

appendfile "{pathname of program files x64 folder}\tivoli\tsm\baclient\gsk8capicmd_64.exe" -cert -add -db "{pathname of program files x64 folder}\tivoli\tsm\baclient\dsmcert.kdb" -stashed -label “AddTrust-External-CA-Root” -file "{pathname of download folder}\AddTrust-External-CA-Root.crt" -format ascii -trust enable

//more appendfile commands with more statements here
// move the __appendfile to a batch file and execute it
delete Import.cmd
move __appendfile Import.cmd
waithidden cmd.exe /C Import.cmd