Tip: Running Commands and Saving Output (Windows)

Content Authoring
1

Hi, I wanted to post a Tip here on running commands (batch files) and saving the script output for reporting or troubleshooting later.

Frequently a question comes up on the correct syntax for executing a batch file, or for diagnosing why a batch file isn’t working when executed through BigFix. I wanted to point out a couple of common issues and some syntax to help troubleshoot.

  1. Avoid complex command-line parameters when you can, by moving them into the Batch File itself. Does your MSI installer have fifteen parameters in it, some of them quoted, some of them with special symbols? Build a batch file on-the-fly, so you can also test the generated batch file outside of BigFix when you need to.

  2. Disable 32-bit redirection by using the action uses wow64 redirection false statement. In almost every case, your script will expect to be running in the native environment (whatever that is for the endpoint). If 32-bit redirection is not disabled, the client would launch the 32-bit version of cmd.exe from \Windows\SysWow64; any references to C:\Program Files, C:\Windows\System32, HKEY_LOCAL_MACHINE\Software, etc. will be redirected to their 32-bit counterparts.

  3. Capture script output (stdout and stderr) through output redirection. That way there is a log file you can read in case there are any error messages. It’s also helpful in the batch file itself, to display the ERRORLEVEL return code of the commands (which will then appear in the log file). The syntax > c:\temp\output.txt redirects the “standout output” (stdout), and adding 2>&1 is the syntax for "also append error messages (stderr, i.e. output #2) to the same output as stdout (pipe #1). Using cmd.exe /c "myscript.cmd > "c:\temp\output.txt" 2>&1" will launch cmd.exe, execute the myscript.cmd file, and redirect both output and error messages to the c:\temp\output.txt file (assuming the c:\temp folder already exists).

  4. The CMD.EXE program has specific handling for quoting parameters and embedded quotes. If the command line contains spaces, it should be wrapped in a set of outer doublequotes. If an individual parameter in the command line also contains spaces (like a pathname containing “Program Files”), it should get its own set of doublequotes. CMD.EXE sorts these outs, though other commands like PowerShell may not. I prefer building a Batch file to launch PowerShell when I need to, just to have consistent quote handling.

Following is an example

delete __createfile

createfile until BIGFIX_END_OF_FILE_MARKER_TAG
REM This is a batch file generated by BigFix.  Replace this with your own script commands.

REM We can embed relevance substitutions like the following line

ECHO Action {id of action} issued by BigFix on {parameter "action issue date" of action} and executed {now}

ECHO This is a test.  Remove the REM from the next line to run a real MSI if we have downloaded one

REM msiexec /i __Download\mypackage.msi ADDLOCAL="Feature1,Feature2" ALLUSERS=1 REBOOT=ReallySuppress /QN

ECHO msiexec completed with %ERRORLEVEL%

BIGFIX_END_OF_FILE_MARKER_TAG

delete GeneratedScript.cmd

move __createfile GeneratedScript.cmd

action uses wow64 redirection false

waithidden cmd.exe /c "GeneratedScript.cmd > "C:\Windows\Temp\ScriptOutput.txt" 2>&1"

If the script executes successfully (or even if it doesn’t), we can read the results and any error messages by opening the log that the command generated at c:\Windows\Temp\ScriptOutput.txt:

C:\BES\Client\__BESData\actionsite>REM This is a batch file generated by BigFix.  Replace this with your own script commands. 

C:\BES\Client\__BESData\actionsite>REM We can embed relevance substitutions like the following line 

C:\BES\Client\__BESData\actionsite>ECHO Action 3523 issued by BigFix on Mon, 27 Mar 2023 18:55:05 +0000 and executed Mon, 27 Mar 2023 13:55:10 -0500 
Action 3523 issued by BigFix on Mon, 27 Mar 2023 18:55:05 +0000 and executed Mon, 27 Mar 2023 13:55:10 -0500

C:\BES\Client\__BESData\actionsite>ECHO This is a test.  Remove the REM from the next line to run a real MSI if we have downloaded one 
This is a test.  Remove the REM from the next line to run a real MSI if we have downloaded one

C:\BES\Client\__BESData\actionsite>REM msiexec /i __Download\mypackage.msi ADDLOCAL="Feature1,Feature2" ALLUSERS=1 REBOOT=ReallySuppress /QN 

C:\BES\Client\__BESData\actionsite>ECHO msiexec completed with 0 
msiexec completed with 0
8 Likes