Running a certutil and cscript within a .bat file

(imported topic written by stephen.c.perez@lmco.com91)

i created a .bat file with a commands to install a cert and configure a cert for rdp.

when the .bat file runs locally on the server, it runs and performs perfect, when i create a software distribution package or fixlet, when run, it only does the certutil command and does not seem to run the cscript command. any ideas?

the fixlet has this action:

prefetch RDP.tmp sha1:f8b7d9a4f5178f764d92ee35dc981acadb26141a size:3277 http://prde2bfx001.ihop.local:52311/Uploads/f8b7d9a4f5178f764d92ee35dc981acadb26141a/RDP.tmp

extract RDP.tmp

waithidden cmd.exe /C copy /Y __Download*.* C:\Temp

waithidden cmd.exe /C “C:\Temp\rdp.bat”

and the .bat file has:

  1. .bat file runs the certutil and cscript for wildcard cert install#

C:\WINDOWS\system32\certutil -f -p test -importpfx “C:\Temp\RDPencryption.pfx”

timeout /t 5

C:\WINDOWS\system32\cscript rdconfig.js 29617e7f4764cb5c46bf75cf7a03000741d70db3

(imported comment written by MattBoyd)

Assuming it’s a 64-bit server, it’s probably due to wow64 redirection. Try adding this to the beginning of the task:

action uses wow64 redirection false

(imported comment written by stephen.c.perez@lmco.com91)

i have both 32 and 64 bit systems… i have tested both os types

(imported comment written by SystemAdmin)

The problem is “timeout” as it displays something.

The client is a service and thus is cannot “Interact with desktop” and any attempt to display something will cause that process to just sit there basically forever. I would presume you could still see a “timeout” running somewhere on the system that tried to run this and the action would not ever complete. Is that what you are seeing?

It would be best to run these as individual wait commands and put an actionscript “pause” in there using a parameter with a start time and the now relevance for example.

(imported comment written by stephen.c.perez@lmco.com91)

even without the timeout in the .bat file… same problem. seems like the cscript commnand never runs even though the job shows successfuly completed.

again… with the .bat file on the server, it runs fine.

(imported comment written by SystemAdmin)

What does your js do? Its possible also that as you are running as Local System that what you are doing isn’t possible (as you don’t really have a user area for example)

(imported comment written by stephen.c.perez@lmco.com91)

i have figured this out and made the correct adjustments to my fixlet. and all is working. thanks