forums.wsusoffline.net

[vtec0]

Hi,

I'm hoping someone can help.
I'm trying to use wsusoffline updates at the end of unattend script deploying windows 7. The goal is to be completely unattended with no keyboard input. Although I'm running into the issue of being prompted to run the "Recallstub.cmd" as its been copied from an unknown location.
I use the firstlogoncommands to execute the following.

Code: Select all

@echo off
net use w: \\<server>\wsus /persistent:no
w:
cd client\cmd\
call doupdate.cmd /instielatest /autoreboot

With this script and the combination of this reg file.

Code: Select all

cmd /c reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\winlogon" /v AutoLogonCount /t REG_DWORD /d 2 /f

The machine is able to log back in so that recallstub.cmd can be executed.
This is where my problem starts. I'm unable to remove the open file security prompt for "recallstub.cmd"

I've tried putting the following in the unattend.xml to no avail.

Code: Select all

cmd /c reg add "HKCU\Environment" /V SEE_MASK_NOZONECHECKS /T REG_SZ /D 1 /F
cmd /c reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" /V SEE_MASK_NOZONECHECKS /T REG_SZ /D 1 /F

I've even tried to inject the no zone check into the "PrepareRecall.cmd" without success

Code: Select all

%REG_PATH% ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v WSUSOfflineUpdate /t REG_SZ /d reg add "HKCU\Environment" /V SEE_MASK_NOZONECHECKS /T REG_SZ /D 1 /F && "%SystemRoot%\Temp\WOURecall\RecallStub.cmd" /f >nul 2>&1


Can anyone offer some advise on how to resolve this issue or perhaps another way to implement it.

[WSUSUpdateAdmin]

Hi and welcome, vtec0,

you'll have to (temporarily) disable the UAC, like WOU does it (see CreateUpdateAdminAndEnableAutoLogon.vbs).

Regards
T. Wittrock

[vtec0]

I'm not sure I follow but if you mean addressing UAC then I've already handled that in the deployment phase.
Or do you mean something else.

Code: Select all

cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f

[vtec0]

I've managed to fix the issue.

Turns out that the extracted "\client\cmd" folder that contains "RecallStub.cmd" when executed is being recognised as a "unknown publisher" preventing it from running.

I have recreated "RecallStub.cmd" and copied in the contents and now when the file is copied to the local temp folder the system runs the file on startup without prompt.

I may need to check the other files in the temp folder that are also affected by the same issue.
This has taken me two days to work out.

[vtec0]

back again.

Made some progress with the recallstub.cmd but I'm exiting on the Network Reconnection after the 2nd reboot.
It appears that woutempadmin tries to remap the network drive on the second attempt and fails.

Here is my log file.

Code: Select all

01/12/2014  8:23:05.67 - Info: Starting WSUS Offline Update (v. 9.4.2)
01/12/2014  8:23:05.67 - Info: Used path "W:\client\cmd\" on <machinename> (user: Administrator)
01/12/2014  8:23:05.67 - Info: Option /instielatest detected
01/12/2014  8:23:05.70 - Info: Option /updatecpp detected
01/12/2014  8:23:05.71 - Info: Option /instmssl detected
01/12/2014  8:23:05.73 - Info: Option /updatetsc detected
01/12/2014  8:23:05.74 - Info: Option /instdotnet4 detected
01/12/2014  8:23:05.76 - Info: Option /instwmf detected
01/12/2014  8:23:05.78 - Info: Option /autoreboot detected
01/12/2014  8:23:07.74 - Info: Found Microsoft Windows version 6.1.7601.17514 (w61 x64 enu sp1)
01/12/2014  8:23:07.76 - Info: Found Microsoft Windows Software Licensing Management Tool info...
01/12/2014  8:23:07.76 - Info: Name: Windows(R) 7, Enterprise edition
01/12/2014  8:23:07.76 - Info: Description: Windows Operating System - Windows(R) 7, VOLUME_MAK channel
01/12/2014  8:23:07.76 - Info: Partial Product Key: D49HY
01/12/2014  8:23:07.76 - Info: License Status: Initial grace period
01/12/2014  8:23:07.76 - Info: Time remaining: 43200 minute(s) (30 day(s))
01/12/2014  8:23:07.76 - Info: Found Windows Update Agent version 7.5.7601.17514
01/12/2014  8:23:07.76 - Info: Found Windows Installer version 5.0.7601.17514
01/12/2014  8:23:07.76 - Info: Found Windows Script Host version 5.8.7601.17514
01/12/2014  8:23:07.76 - Info: Found Internet Explorer version 8.0.7601.17514
01/12/2014  8:23:07.76 - Info: Found Trusted Root Certificates' version 0.0.0.0
01/12/2014  8:23:07.76 - Info: Found Revoked Root Certificates' version 0.0.0.0
01/12/2014  8:23:07.76 - Info: Found Microsoft Data Access Components version 6.1.7601.17514
01/12/2014  8:23:07.76 - Info: Found Microsoft Silverlight version 0.0.0.0
01/12/2014  8:23:07.76 - Info: Found Windows Media Player version 12.0.7601.17514
01/12/2014  8:23:07.76 - Info: Found Remote Desktop Client version 6.1.7601.17514
01/12/2014  8:23:07.76 - Info: Found Microsoft .NET Framework 3.5 version 3.5.30729.5420
01/12/2014  8:23:07.76 - Info: Found Windows PowerShell version 2.0
01/12/2014  8:23:07.76 - Info: Found Microsoft .NET Framework 4 version 0.0.0
01/12/2014  8:23:07.76 - Info: Found Windows Management Framework version 0.0
01/12/2014  8:23:07.76 - Info: Found Microsoft Security Essentials version 0.0.0.0
01/12/2014  8:23:07.76 - Info: Found Microsoft Security Essentials definitions version 0.0.0.0
01/12/2014  8:23:07.76 - Info: Found Network Inspection System definitions version 0.0.0.0
01/12/2014  8:23:07.76 - Info: Found Windows Defender definitions version 1.95.191.0
01/12/2014  8:23:07.76 - Info: Medium build date: 25/11/2014
01/12/2014  8:23:07.77 - Info: Medium supports Microsoft Windows (w61 x64 glb)
01/12/2014  8:23:27.26 - Info: Installed ..\w61-x64\glb\WindowsUpdateAgent-7.6-x64.exe
01/12/2014  8:23:50.89 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2533623-x64.msu
01/12/2014  8:24:11.15 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2639308-x64.msu
01/12/2014  8:24:48.37 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2670838-x64.msu
01/12/2014  8:25:02.29 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2729094-v2-x64.msu
01/12/2014  8:25:19.91 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2731771-x64.msu
01/12/2014  8:25:41.66 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2786081-x64.msu
01/12/2014  8:25:49.82 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2834140-v2-x64.msu
01/12/2014  8:26:04.54 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2882822-x64.msu
01/12/2014  8:26:14.95 - Info: Installed ..\w61-x64\glb\Windows6.1-KB2888049-x64.msu
01/12/2014  8:26:14.96 - Info: Installed 9 updates
01/12/2014  8:26:14.98 - Info: Saved Winlogon registry hive
01/12/2014  8:26:14.99 - Info: Suppressed Winlogon Legal Notice
01/12/2014  8:26:14.99 - Info: Saved System policies registry hive
01/12/2014  8:26:15.04 - Info: Activated temporary power scheme
01/12/2014  8:26:15.09 - Info: WSUS Offline Update was started from a network drive (W:)
01/12/2014  8:26:15.12 - Info: Prepared recall directory
01/12/2014  8:26:17.66 - Info: Created WOUTempAdmin account
01/12/2014  8:26:17.66 - Info: Registered recall
01/12/2014  8:26:14.96 - Info: Adjusted boot sequence for next reboot
01/12/2014  8:26:17.69 - Info: Ending WSUS Offline Update

01/12/2014  8:27:04.12 - Info: Reconnected network drive W: to "\\<server>\install\wsusoffline" /persistent:no

--------------------------------------------------------------------------------

01/12/2014  8:27:04.16 - Info: Starting WSUS Offline Update (v. 9.4.2)
01/12/2014  8:27:04.16 - Info: Used path "W:\client\cmd\" on <machinename> (user: WOUTempAdmin)
01/12/2014  8:27:04.16 - Info: Option /instie11 detected
01/12/2014  8:27:04.18 - Info: Option /updatecpp detected
01/12/2014  8:27:04.19 - Info: Option /instmssl detected
01/12/2014  8:27:04.21 - Info: Option /instdotnet4 detected
01/12/2014  8:27:04.22 - Info: Option /instwmf detected
01/12/2014  8:27:04.24 - Info: Option /updatetsc detected
01/12/2014  8:27:04.25 - Info: Option /autoreboot detected
01/12/2014  8:27:04.59 - Info: Adjusted power management settings
01/12/2014  8:27:05.62 - Info: Found Microsoft Windows version 6.1.7601.18247 (w61 x64 enu sp1)
01/12/2014  8:27:05.62 - Info: Found Microsoft Windows Software Licensing Management Tool info...
01/12/2014  8:27:05.62 - Info: Name: Windows(R) 7, Enterprise edition
01/12/2014  8:27:05.62 - Info: Description: Windows Operating System - Windows(R) 7, VOLUME_MAK channel
01/12/2014  8:27:05.62 - Info: Partial Product Key: D49HY
01/12/2014  8:27:05.62 - Info: License Status: Initial grace period
01/12/2014  8:27:05.62 - Info: Time remaining: 43200 minute(s) (30 day(s))
01/12/2014  8:27:05.63 - Info: Found Windows Update Agent version 7.6.7600.320
01/12/2014  8:27:05.63 - Info: Found Windows Installer version 5.0.7601.17514
01/12/2014  8:27:05.63 - Info: Found Windows Script Host version 5.8.7601.17514
01/12/2014  8:27:05.63 - Info: Found Internet Explorer version 8.0.7601.17514
01/12/2014  8:27:05.63 - Info: Found Trusted Root Certificates' version 0.0.0.0
01/12/2014  8:27:05.63 - Info: Found Revoked Root Certificates' version 0.0.0.0
01/12/2014  8:27:05.63 - Info: Found Microsoft Data Access Components version 6.1.7601.17514
01/12/2014  8:27:05.63 - Info: Found Microsoft Silverlight version 0.0.0.0
01/12/2014  8:27:05.63 - Info: Found Windows Media Player version 12.0.7601.17514
01/12/2014  8:27:05.63 - Info: Found Remote Desktop Client version 6.1.7601.17514
01/12/2014  8:27:05.63 - Info: Found Microsoft .NET Framework 3.5 version 3.5.30729.5420
01/12/2014  8:27:05.63 - Info: Found Windows PowerShell version 2.0
01/12/2014  8:27:05.63 - Info: Found Microsoft .NET Framework 4 version 0.0.0
01/12/2014  8:27:05.63 - Info: Found Windows Management Framework version 0.0
01/12/2014  8:27:05.63 - Info: Found Microsoft Security Essentials version 0.0.0.0
01/12/2014  8:27:05.63 - Info: Found Microsoft Security Essentials definitions version 0.0.0.0
01/12/2014  8:27:05.63 - Info: Found Network Inspection System definitions version 0.0.0.0
01/12/2014  8:27:05.63 - Info: Found Windows Defender definitions version 1.95.191.0
01/12/2014  8:27:05.63 - Info: Medium build date: 25/11/2014
01/12/2014  8:27:05.64 - Info: Medium supports Microsoft Windows (w61 x64 glb)
01/12/2014  8:28:07.20 - Info: Installed ..\w61-x64\glb\IE11-Windows6.1-x64-en-us.exe
01/12/2014  8:28:07.21 - Info: Adjusted boot sequence for next reboot
01/12/2014  8:28:07.24 - Info: Ending WSUS Offline Update

01/12/2014  8:28:33.16 - Error: Reconnection of network drive W: to "\\<server>\install\wsusoffline" /persistent:no  failed
01/12/2014  8:28:41.40 - Info: Restored Winlogon registry hive
01/12/2014  8:28:41.42 - Info: Restored System policies registry hive
01/12/2014  8:28:41.43 - Info: Activated previous power scheme
01/12/2014  8:28:41.45 - Info: Deleted temporary power scheme
01/12/2014  8:28:41.45 - Info: Unregistered recall
01/12/2014  8:28:41.45 - Info: Disabled autologon
01/12/2014  8:28:41.65 - Info: Deleted registry reference to WOUTempAdmin profile
01/12/2014  8:28:41.65 - Info: Registered deletion of WOUTempAdmin profile
01/12/2014  8:28:41.65 - Info: Registered deletion of recall directory
01/12/2014  8:28:44.00 - Info: Deleted WOUTempAdmin account
01/12/2014  8:28:44.00 - Info: Adjusted boot sequence for next reboot


Any suggestions on where to look. WOUTempAdmin can access the file share.

[aker]

Please take a look at the network indicator and tell me, if the network is available, when wsusou tries to reconnect to the network drive.

[vtec0]

Found the fix but in german. Once translated the fix was apparent.
Implemented a longer wait time into "RecallStub.cmd"

Code: Select all

timeout /t 10 > nul

Code: Select all

/t 2

was not long enough.

We are now installing all updates but even after reboot some 60 updates still missing.

Any ideas?

[aker]

Maybe related to viewtopic.php?f=7&t=172 ?

[vtec0]

Hi Akar,

Yes I had presumed later that it may have been critical and security related patches.

Anyway top marks guys for putting together such a versatile utility. 10/10