Deploy Infor XA Client with PowerShell

Here was a fun installer to get working silently.  This one uses something called InstallAnywhere.  It is a java based installer and if you Google InstallAnywhere silent, you will happen upon several command line options.  The correct set for this version of the installer (2009 version) can be found here.

Here’s the command to install it silently:

xaclient_Hgenas400_P36001.exe -i silent

We can also record settings into a file and play those back.  To record:

xaclient_Hgenas400_P36001.exe -r C:\temp\powerlink.properties

Finally, we end up with this to install silently:

xaclient_Hgenas400_P36001.exe -i silent -f powerlink.properties

The installer launches the program at the end: I didn’t see any settings to turn that off.

The PowerShell code starts off pretty boring:

$p = start-process .\xaclient_Hgenas400_P36001.exe -ArgumentList '-i silent -f powerlink.properties' -Wait -Passthru
icacls *.lnk /grant:r everyone:RX
copy-item *.lnk -Destination C:\users\public\desktop

We kick off the installer, tell PowerShell to wait for the process to end and return an object (-Passthru), grant Everyone read and execute rights to the icon and then copy that icon to the the system shared desktop.

If you execute this code, however, the PowerShell script never progresses. This is because the installer runs the full program as a child process from the installer and until the program is closed, it waits for the installer’s termination forever.

The program is Java based and executes two processes: Infor XA Power-Link and javaw.  We can create a loop waiting for these two processes, then kill them:

Do {

$status = Get-Process -Name "Infor XA Power-link" -ErrorAction SilentlyContinue

If (!($status)) {
Write-Host 'Waiting for process to start' ;
Start-Sleep -Seconds 2
}

Else { Write-Host 'Process has started' ;
$started = $true
Stop-Process -name "Infor XA Power-Link"
Stop-Process -name javaw
}

}
Until ( $started )

I picked 2 seconds to keep checking the process list and not hammer the CPU.  So obviously for this to work, we need to remove the -Wait and -Passthru options from Start-Process, but then how do we check if the program installed OK?  We can check if the program executable exists and then return the proper exit code:

if (Test-Path('C:\infor\ERP XA Client\Infor XA Power-Link.exe')) {
$LASTEXITCODE = 0
exit 0
} #end if

else {
$LASTEXITCODE = 1
exit 1
} #end else

Anything other than exit code 0 is usually a failure (MSIs usually return exit code 3010 to indicate a reboot).

Using the exit command with a specific number seems to pass the exit code properly back to SCCM.  Based on my Google-fu: it’s then best to wrap your PowerShell script in a batch file and then fire that from SCCM to get the exit code of any non-native command ran from within a PowerShell script:

powershell -executionpolicy bypass -file .\install_powerlink.ps1
echo %errorlevel%
exit /b %errorlevel%

  • Soli Deo Gloria

Get a Windows 10 Activation Ticket

The clock is ticking before the Windows 10 free upgrade ends on July 29th.  If you are still on Windows 7/8.1 and don’t want to upgrade by July 29th, there’s still hope!

See the following thread to save your Windows 10 activation ticket/token:

https://www.reddit.com/r/Windows10/comments/3i93mp/no_need_for_a_full_upgrade_to_install_10_from/

  • Soli Deo Gloria

Copying Files to Multiple Locations At the Same Time

Need to copy a set of files or folders to a bunch of different locations?  Try MultiRobo.  This is a GUI and multi-threaded version of robocopy.  You can even save profiles so if you have copy the same set of files periodically to the same locations, you just open the profile and click Run and away it goes!

Great for copying updated WIMs with MDT.

-Soli Deo Gloria

Powershell: Delete an Icon from All User Profiles

Started to learn Powershell recently and already found something really neat.  I’m working on deploying Smartdraw 2016 silently and it loves to put an icon on the desktop of the user that it installing the program, not in C:\users\public\desktop where it belongs.  Now, with SCCM, this use to be very tricky, because when running installs they run under the SYSTEM account and not as the logged in user and the native DEL /S command within the native CLI will do it, however, there’s no way to specify just one folder to delete from: it will search all folders under all of the user profiles.

Based on a tip from https://www.sapien.com/blog/2014/10/16/delete-desktop-icons-a-windows-powershell-tip/, we can do this instead:

Remove-Item "C:\users\*\Desktop\smartdraw ci.lnk"

which basically just searches the desktop folder of each user profile instead of all folders in each profile and deletes the now defunct Smartdraw CI icon from each desktop folder.

And now instead of looking for the uninstall productcode string to feed to MSIEXEC /x to remove Smartdraw CI: the PowerShell App Deployment Toolkit includes this nifty cmdlet do all of the heavy leaving all in one line:

Remove-MSIApplications -Name 'Smartdraw'

  • Soli Deo Gloria

Missing Drivers

Missing drivers are the bane of every tech, but I have two solutions for you and they are both free!  The first one is called Driver Solution Pack. The second one is Snappy Driver Installer.  The cool thing with SDI is that you can set a filter to “drivers not installed”, then you can extract those to a folder and import those into your deployment solution such as MDT for each make/model you have.

Don’t forget about SIV or the System Information Viewer…great program to find information on devices that are missing drivers.

  • Soli Deo Gloria

New Web Host and Blog Format

You might have noticed a change in the blog formatting recently.  That’s because I went to update one of my older postings and was getting a 403 error message.  Eleven2 was my old web host which bought out Sharkspace and to be quite honest: they were a pain in the rear end. Periodically, they were blacklisting my IP address for logging in too many times forcing me to contact their tech support to unblock me.  I moved everything over to Hawkhost.

Looking at my web site: I realized that I needed to take down much of what was there since it’s mostly stuff I wrote and used in the Windows XP era.  In it’s place is a simple place holder and this blog is now the main feature of my web site.

-Soli Deo Gloria

PDQDeploy: Installing Software Remotely and Silently

While Microsoft SCCM is nice for deploying software, sometimes you just need a quick and dirty solution for installing simple apps, such as installing Google Chrome, remotely and silently.   PDQDeploy comes to the rescue for this.  There are free and pro versions of the software.  The free version doesn’t include multi-step conditionals or retry-until-online operations, but is otherwise fully functional.

It’s so mind numblingly simple too…make a new package, point it to the MSI file, it figures out the command parameters to use itself and then you click save.  That’s it.  You can then target specific computers directly or use a TXT file of computer names.

For programs that are not MSI based: Google’s search engine comes to the rescue for us. Internet Explorer 11 upgrade?  Sure, here you go: IE11-Windows6.1-x64-en-us.exe /quiet /norestart /update-no.  You can even get around the multi-step conditional limitation by creating your own VBScript or Powershell script.

  • Soli Deo Gloria

Adding Fonts As Non-Admin

I’ve been over the Internet many times over trying to find a free solution to run certain programs as administrator without giving the end user full blown administrator rights.  An example of this is adding fonts.  This task requires administrator rights to do…but do I really need to give the end user full blown admin rights to add fonts?

The answer is no.  Meet: AutoIT.  This is free solution that includes a nifty RunAs command.  As an example we can do this:

RunAs(“srvaccount”, “your_domain”, “Pa$$W0RD”, 4, “C:\fonts\nexusfont.exe”)

Then we can compile that into a nice little EXE which hides the command line from the end user and then we give them that EXE: In this example, I’m using NexusFont since it’s a free font management solution.  NexusFont includes an option to “Copy fonts to system font folder”.  Since NexusFont is running under an account with Administrator rights, it has no problems doing this.

Make sure you give the end users read and execute only rights to the folder and EXE file so they cannot switch it out with another file.

Also, it is possible to reverse engineer the process if you are sophisticated enough and get the password, so don’t use a super sensitive password.  Assumption is that normal users aren’t going to be that sophisticated and there are probably easier ways of gaining admin rights then reverse engineering executables 🙂

– Soli Deo Gloria