Windows 11 Upgrade PowerShell Sccript

anon66892505 · April 11, 2022, 7:51pm

Greetings I am not an expert on bigfix, However I am trying to run this script via BigFix to run in place upgrade for clients

Here is what I am getting

Completed // Disable wow64 redirection on x64 OSes 
Completed action uses wow64 redirection {not x64 of operating system} 
Completed // CREATEFILE 
Completed createfile until EOF 
Completed  
Failed function Write-Log {  
 [CmdletBinding()]  
 param (  
 [Parameter(Mandatory)]  
 [string]$Message 
 )  
  
 try {  
 if (!(Test-Path -path ([System.IO.Path]::GetDirectoryName($LogFilePath)))) { 
 New-Item -ItemType Directory -Path ([System.IO.Path]::GetDirectoryName($LogFilePath)) 
 } 
 $DateTime = Get-Date -Format ‘yyyy-MM-dd HH:mm:ss’  
 Add-Content -Value "$DateTime - $Message" -Path $LogFilePath 
 }  
 catch {  
 Write-Error $_.Exception.Message  
 }  
 } 
 Function CheckIfElevated() { 
 Write-Log "Info: Checking for elevated permissions..." 
 if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(` 
 [Security.Principal.WindowsBuiltInRole] "Administrator")) { 
 Write-Log "ERROR: Insufficient permissions to run this script. Open the PowerShell console as an administrator and run this script again." 
 return $false 
 } 
 else { 
 Write-Log "Info: Code is running as administrator — go on executing the script..." 
 return $true 
 } 
 } 
  
 # Main 
  
 try { 
 # Declarations 
 [string]$DownloadDir = 'C:\Temp\Windows_FU\packages' 
 [string]$LogDir = 'C:\Temp\Windows_FU\Logs' 
 [string]$LogFilePath = [string]::Format("{0}\{1}_{2}.log", $LogDir, "$(get-date -format `"yyyyMMdd_hhmmsstt`")", $MyInvocation.MyCommand.Name.Replace(".ps1", "")) 
 [string]$Url = 'https://go.microsoft.com/fwlink/?LinkID=799445' 
 [string]$UpdaterBinary = "$($DownloadDir)\Win10Upgrade.exe" 
 [string]$UpdaterArguments = '/quietinstall /skipeula /auto upgrade /copylogs $LogDir' 
 [System.Net.WebClient]$webClient = New-Object System.Net.WebClient 
  
 # Here the music starts playing ..  
 Write-Log -Message ([string]::Format("Info: Script init - User: {0} Machine {1}", $env:USERNAME, $env:COMPUTERNAME)) 
 Write-Log -Message ([string]::Format("Current Windows Version: {0}", [System.Environment]::OSVersion.ToString())) 
  
 # Check if script is running as admin and elevated  
 if (!(CheckIfElevated)) { 
 Write-Log -Message "ERROR: Will terminate!" 
 break 
 } 
  
 # Check if folders exis 
 if (!(Test-Path $DownloadDir)) { 
 New-Item -ItemType Directory -Path $DownloadDir 
 } 
 if (!(Test-Path $LogDir)) { 
 New-Item -ItemType Directory -Path $LogDir 
 } 
 if (Test-Path $UpdaterBinary) { 
 Remove-Item -Path $UpdaterBinary -Force 
 } 
 # Download the Windows Update Assistant 
 Write-Log -Message "Will try to download Windows Update Assistant.." 
 $webClient.DownloadFile($Url, $UpdaterBinary) 
  
 # If the Update Assistant exists -> create a process with argument to initialize the update process 
 if (Test-Path $UpdaterBinary) { 
 Start-Process -FilePath $UpdaterBinary -ArgumentList $UpdaterArguments -Wait 
 Write-Log "Fired and forgotten?" 
 } 
 else { 
 Write-Log -Message ([string]::Format("ERROR: File {0} does not exist!", $UpdaterBinary)) 
 } 
 } 
 catch { 
 Write-Log -Message $_.Exception.Message  
 Write-Error $_.Exception.Message  
 } 
  
 EOF 
 delete WinUpdate.ps1 
 move __createfile WinUpdate.ps1 "C:\temp\WinUpdate.ps1"

JasonWalker · April 11, 2022, 8:41pm

Please use the ‘code’ formatting when pasting your Actionscript or results so we can read it in the forum, otherwise all of the formatting is messed up. I fixed your post above.

I haven’t gone through all your PowerShell, but at first glance every ‘{’ needs to be escaped as ‘{{’ so BigFix doesn’t treat it as a relevance substitution.

anon66892505 · April 11, 2022, 8:49pm

Thank you Jason,

Sorry I am not familiar with the Formatting in here,
I have changed the ‘{’ and got and exit code “1”

Here is the new Fixlet

//Create Script

createfile until EOF

 Update Windows using Windows Update Assistant
Script Version 1.0 - 2022-11-4
 
function Write-Log {{
    [CmdletBinding()] 
    param ( 
        [Parameter(Mandatory)] 
        [string]$Message
    ) 
      
    try {{ 
        if (!(Test-Path -path ([System.IO.Path]::GetDirectoryName($LogFilePath)))) {{
            New-Item -ItemType Directory -Path ([System.IO.Path]::GetDirectoryName($LogFilePath))
        }}
        $DateTime = Get-Date -Format ‘yyyy-MM-dd HH:mm:ss’ 
        Add-Content -Value "$DateTime - $Message" -Path $LogFilePath
    }
    catch {{ 
        Write-Error $_.Exception.Message 
    }
}
Function CheckIfElevated() {{
    Write-Log "Info: Checking for elevated permissions..."
    if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
                [Security.Principal.WindowsBuiltInRole] "Administrator")) {{
        Write-Log "ERROR: Insufficient permissions to run this script. Open the PowerShell console as an administrator and run this script again."
        return $false
    }
    else {{
        Write-Log "Info: Code is running as administrator — go on executing the script..."
        return $true
    }
}
 
 Main
 
try {{
    Declarations
    [string]$DownloadDir = 'C:\WinUpgrade\Windows_FU\packages'
    [string]$LogDir = 'C:\WinUpgrade\Logs'
    [string]$LogFilePath = [string]::Format("{0}\{1}_{2}.log", $LogDir, "$(get-date -format `"yyyyMMdd_hhmmsstt`")", $MyInvocation.MyCommand.Name.Replace(".ps1", ""))
    [string]$Url = 'https://go.microsoft.com/fwlink/?linkid=2171764'
    [string]$UpdaterBinary = "$($DownloadDir)\Win11Upgrade.exe"
    [string]$UpdaterArguments = '/quietinstall /skipeula /auto upgrade /copylogs $LogDir'
    [System.Net.WebClient]$webClient = New-Object System.Net.WebClient
 
 
    Write-Log -Message ([string]::Format("Info: Script init - User: {0} Machine {1}", $env:USERNAME, $env:COMPUTERNAME))
    Write-Log -Message ([string]::Format("Current Windows Version: {0}", [System.Environment]::OSVersion.ToString()))
     
    Check if script is running as admin and elevated  
    if (!(CheckIfElevated)) {{
        Write-Log -Message "ERROR: Will terminate!"
        break
    }}
 
    # Check if folders exis
    if (!(Test-Path $DownloadDir)) {{
        New-Item -ItemType Directory -Path $DownloadDir
    }}
    if (!(Test-Path $LogDir)) {{
        New-Item -ItemType Directory -Path $LogDir
    }}
    if (Test-Path $UpdaterBinary) {{
        Remove-Item -Path $UpdaterBinary -Force
    }}
    Download the Windows Update Assistant
    Write-Log -Message "Will try to download Windows Update Assistant.."
    $webClient.DownloadFile($Url, $UpdaterBinary)
 
    If the Update Assistant exists -> create a process with argument to initialize the update process
    if (Test-Path $UpdaterBinary) {{
        Start-Process -FilePath $UpdaterBinary -ArgumentList $UpdaterArguments -Wait
        Write-Log "Updated launched"
    }}
    else {{
        Write-Log -Message ([string]::Format("ERROR: File {0} does not exist!", $UpdaterBinary))
    }
}
catch {{
    Write-Log -Message $_.Exception.Message 
    Write-Error $_.Exception.Message 
}
EOF

copy __createfile "C:\Temp\WinUpdate11.ps1"

//Run The Script

waithidden C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -file "C:\Temp\WinUpdate11.ps

JasonWalker · April 11, 2022, 8:51pm

In the forum post window, highlight all of your code and click the ‘code format’ button -

// This is my actionscript
// There is more like it

JasonWalker · April 11, 2022, 8:54pm

The exit code “1” is coming from the PowerShell interpreter.
I’m not well-versed in PowerShell…do those first couple of lines need to be commented? Does this powershell work if you run it outside of BigFix?

anon66892505 · April 11, 2022, 8:54pm

I do not need the Comments. Yes it Does run

JasonWalker · April 11, 2022, 8:55pm

Is it generating any of the log or error output? I’m not sure…whether the “LocalSystem” account that BigFix runs under will pass your check for Administrator rights

anon66892505 · April 11, 2022, 8:57pm

The PS file is created but the the script won’t run

JasonWalker · April 11, 2022, 9:04pm

I tried it on one of my machines, the PS1 file does get created…does your ‘C:\Temp’ folder exist? The ‘copy’ command requires that the C:\Temp target directory already exists.

Before performing the copy, you could just add

folder create "c:\Temp"

which will create the folder if it’s missing or skip if it already exists.

anon66892505 · April 11, 2022, 9:06pm

The Folder is in there but it is called temp not Temp not sure if that’s an issue

JasonWalker · April 11, 2022, 9:09pm

I don’t believe the copy is case-sensitive, but what you had in the most recent post does create the ps1 file for me. Is there something else in the action that’s failing?

anon66892505 · April 11, 2022, 9:28pm

Nothings is failing

Completed //Create Script 
Completed createfile until EOF 
Completed  
Completed # Update Windows using Windows Update Assistant 
Completed # Script Version 1.0 - 2022-11-4 
Completed  
Completed function Write-Log {{ 
Completed [CmdletBinding()]  
Completed param (  
Completed [Parameter(Mandatory)]  
Completed [string]$Message 
Completed )  
Completed  
Completed try {{  
Completed if (!(Test-Path -path ([System.IO.Path]::GetDirectoryName($LogFilePath)))) {{ 
Completed New-Item -ItemType Directory -Path ([System.IO.Path]::GetDirectoryName($LogFilePath)) 
Completed }} 
Completed $DateTime = Get-Date -Format ‘yyyy-MM-dd HH:mm:ss’  
Completed Add-Content -Value "$DateTime - $Message" -Path $LogFilePath 
Completed } 
Completed catch {{  
Completed Write-Error $_.Exception.Message  
Completed } 
Completed } 
Completed Function CheckIfElevated() {{ 
Completed Write-Log "Info: Checking for elevated permissions..." 
Completed if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(` 
Completed [Security.Principal.WindowsBuiltInRole] "Administrator")) {{ 
Completed Write-Log "ERROR: Insufficient permissions to run this script. Open the PowerShell console as an administrator and run this script again." 
Completed return $false 
Completed } 
Completed else {{ 
Completed Write-Log "Info: Code is running as administrator — go on executing the script..." 
Completed return $true 
Completed } 
Completed } 
Completed  
Completed # Main 
Completed  
Completed try {{ 
Completed # Declarations 
Completed [string]$DownloadDir = 'C:\WinUpgrade\Windows_FU\packages' 
Completed [string]$LogDir = 'C:\WinUpgrade\Logs' 
Completed [string]$LogFilePath = [string]::Format("{0}\{1}_{2}.log", $LogDir, "$(get-date -format `"yyyyMMdd_hhmmsstt`")", $MyInvocation.MyCommand.Name.Replace(".ps1", "")) 
Completed [string]$Url = 'https://go.microsoft.com/fwlink/?linkid=2171764' 
Completed [string]$UpdaterBinary = "$($DownloadDir)\Win11Upgrade.exe" 
Completed [string]$UpdaterArguments = '/quietinstall /skipeula /auto upgrade /copylogs $LogDir' 
Completed [System.Net.WebClient]$webClient = New-Object System.Net.WebClient 
Completed  
Completed # Here the music starts playing ..  
Completed Write-Log -Message ([string]::Format("Info: Script init - User: {0} Machine {1}", $env:USERNAME, $env:COMPUTERNAME)) 
Completed Write-Log -Message ([string]::Format("Current Windows Version: {0}", [System.Environment]::OSVersion.ToString())) 
Completed  
Completed # Check if script is running as admin and elevated  
Completed if (!(CheckIfElevated)) {{ 
Completed Write-Log -Message "ERROR: Will terminate!" 
Completed break 
Completed }} 
Completed  
Completed # Check if folders exis 
Completed if (!(Test-Path $DownloadDir)) {{ 
Completed New-Item -ItemType Directory -Path $DownloadDir 
Completed }} 
Completed if (!(Test-Path $LogDir)) {{ 
Completed New-Item -ItemType Directory -Path $LogDir 
Completed }} 
Completed if (Test-Path $UpdaterBinary) {{ 
Completed Remove-Item -Path $UpdaterBinary -Force 
Completed }} 
Completed # Download the Windows Update Assistant 
Completed Write-Log -Message "Will try to download Windows Update Assistant.." 
Completed $webClient.DownloadFile($Url, $UpdaterBinary) 
Completed  
Completed # If the Update Assistant exists -> create a process with argument to initialize the update process 
Completed if (Test-Path $UpdaterBinary) {{ 
Completed Start-Process -FilePath $UpdaterBinary -ArgumentList $UpdaterArguments -Wait 
Completed Write-Log "Updated launched" 
Completed }} 
Completed else {{ 
Completed Write-Log -Message ([string]::Format("ERROR: File {0} does not exist!", $UpdaterBinary)) 
Completed } 
Completed } 
Completed catch {{ 
Completed Write-Log -Message $_.Exception.Message  
Completed Write-Error $_.Exception.Message  
Completed } 
Completed EOF 
Completed copy __createfile "C:\Temp\WinUpdate11.ps1" 
Completed //Run The Script 
Completed waithidden C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -file "C:\Temp\WinUpdate11.ps1"

anon66892505 · April 11, 2022, 9:28pm

is there another way to run PS scripts in BigFix ?

JasonWalker · April 11, 2022, 9:30pm

Yes, either 10.0.3 or 10.0.4 added “PowerShell” as a script type, you should be able to select that from the drop-down menu in the action editor tab of the task.

anon66892505 · April 11, 2022, 9:35pm

Jason Thank you, I have tried that, but it fails without any exit codes, Let me copy the

JasonWalker · April 11, 2022, 9:39pm

Oh, in “ActionScript” type, missed a couple of places that had open-curly-brackets

JasonWalker · April 11, 2022, 9:41pm

I’m most concerned about where you say the powershell script isn’t being created at all. I’d try with a simpler case, just remove all of the powershell script and replace it with a placeholder. Don’t even try to use ‘waithidden’ to execute it, just create a dummy script and save it to the output file first.

anon66892505 · April 11, 2022, 9:44pm

Jason, I am sorry I meant the script is created, but it won’t run. I see the PS file in “C:\Temp” directory. it won’t execute it

JasonWalker · April 11, 2022, 10:24pm

Oh, ok.
And you still have the 'wow64 redirection" turned off?

anon66892505 · April 12, 2022, 1:30pm

Correct yes it is turned off