Anyone know why the following works fine at the cmd.exe prompt but completes with an empty file in a BigFix Task? Here’s the line from my client log file:
Copying everything between “waithidden” and “(action…” into an administrative cmd.exe session creates a file with 11 lines of data, but the Task-run command generates an empty file.
(FYI: The “where” filter is just to grab some sample data…I’m not actually looking for those files.)
Weird additional datapoint: running the same command as a Scheduled Task run by SYSTEM only generates a single line of data, but it’s still not blank. Curious…
It’s not a bad suggestion, but the log entry is showing the actual command being run by the BigFix agent, not the action relevance script. I left that out since the command appeared to be making it through to the client just fine and since it’s a mess of escaped brackets, parameters, and calculated timestamps. I’ve included it here as “evidence”, but I’m confident in saying that it’s not a bracket problem.
parameter "AuditName" = "audit"
parameter "Query" = " $_.name -eq 'preoobe.cmd' -or $_.name -eq 'winrm.cmd' "
folder create "C:\BigFixAudits"
waithidden powershell.exe -NoProfile -ExecutionPolicy Bypass -NonInteractive -Command "({"'" & concatenation "','" of names of drives whose (type of it is "DRIVE_FIXED") & "'"}) | % {{ gci -Path $_ -File -Recurse -Force -ErrorAction SilentlyContinue | where {{ {parameter "Query"} } | select name,length,lastwritetime,fullname | Export-CSV -NoTypeInformation -Append 'C:\BigFixAudits\{parameter "AuditName"}{("-" & (year of it as string & month of it as two digits & day_of_month of it as two digits) of date (local time zone) of it & "-" & (two digit hour of it as string & two digit minute of it as string & two digit second of it as string) of time (local time zone) of it) of now}.txt'}"
I don’t have an account that I could use across our install base other than SYSTEM. And, honestly, it should work a SYSTEM, so the default agent run state should be fine.
The Administrator and SYSTEM accounts do work differently. You can use psexec to create a cmd window with the SYSTEM account and see if it works there?
Do you have any reasons to run such big and complex command “directly” by waithidden ?
from my experience the less errors when it is done through “appendfile\createfile” and after running this created run.bat with redirecting output and error streams to files.
Trying to avoid actually writing anything to the drive. The command will actually be no less complex in a .ps1 file…just on multiple lines instead of one.
