Thanks, Mark.

I'm glad to know, from the many responses I've had so far, that this is not
problem is not unique to me and that there is no ready-made solution.

I'll explore the pskill option. It would be a shame to have to resort to
that method though, especially since it's difficult to accurately judge
whether a hotfix installation is completed or not BEFORE killing it. It's
very easy to misjudge and kill the process BEFORE it finishes. That leaves
you in a bind, especially if that hotfix happens to be a super-duper
security fix that you MUST have.

I still want to believe that MS has a more elegant solution, but I'm not
willing to spend one of my PSS incidents asking about that.

Deji
----- Original Message -----
From: "M. Burnett" <MBurnettxato.net>
To: "Deji" <dejiprontomail.com>; <focus-mssecurityfocus.com>
Sent: Thursday, November 15, 2001 8:37 PM
Subject: Re: Batching Hot-fix installation

> One solution I have found is to use pskill from winternals software
> (www.winternals.com). You can also use any other kill utility that
> allows you to force a process to shut down. This is important, because
> you do not want to shut down the process normally, as that will be the
> same as clicking on OK to reboot. Also do not try to shut down the
> process in the task manager for the same reason.
>
> Essentially what you do is determine the name of the process and kill it
> in your batch file. For most of the hotfixes, the process name is
> hotfix.exe Note, however, that if you are doing this in a batch file that
> it is important to allow enough time for the process to run.
>
> This technique also works for those times when you forget to run a hotfix
> in no-reboot mode and end up with a message box asking to reboot. If
> that happens, I drop to a command prompt and type:
>
> c:\>pskill hotfix.exe
>
> or if using the win2k resource kit utility kill.exe:
>
> c:\>kill -f hotfix.exe
>
> The message box disappears and you can schedule a reboot for non-peak
> hours.
>
>
> Mark Burnett
> www.xato.net
> www.iis-insider.com
>
> -----Original Message-----
> From: "Deji" <dejiprontomail.com>
> To: "M. Burnett" <mburnettxato.net>, <focus-mssecurityfocus.com>
> Date: Thu, 15 Nov 2001 17:13:53 -0800
> Subject: Re: Batching Hot-fix installation
>
> > Sorry for hitching onto this topic here, but my question is pertinent
> > to the
> > topic underway.
> >
> > I script my hotfixes installations for deployment across hundreds of
> > clients. I still haven't been able to figure out how to supress the "do
> > you
> > want to restart...?" or "do you want to install?) prompts so the script
> > can
> > continue onto the next hotfix?
> >
> > I know most of the hotfixes have the -q -z -m switches, but there are
> > other
> > ones (like q312461.exe) that don't. How do people work around it?
> >
> > Thanks
> > Deji
> >
> > Installing hotfixes
> >
> > ----- Original Message -----
> > From: "M. Burnett" <mburnettxato.net>
> > To: <focus-mssecurityfocus.com>
> > Sent: Thursday, November 15, 2001 7:58 AM
> > Subject: Re: Batching Hot-fix installation
> >
> >
> > Here's a batch file that will install all hotfixes in the directory
> > from which it is run (may be wrapped):
> >
> > for /R %%f in (Q*.exe) do echo Installing %%f && %%f -n -z -q -m
> > qchain.exe
> > REM add any other files to install here...
> >
> >
> > This batch file will run every file matching Q*.exe in the current
> > directory. Note that not every hotfix follows that naming convention
> > (such as the one for MS01-022). For those, you can just add those
> > manually at the end.
> >
> > So make that into a batch file, throw the hotfixes into the same dir
> > and run it.
> >
> > Here's a variation:
> >
> > To verify the signature on each hotfix before installing, use
> > chktrust.exe, which is found in
> > http://msdn.microsoft.com/downloads/tools/authenticode/codesign.exe
> > (may be wrapped):
> >
> > for /R %%f in (Q*.exe) do chktrust -q %%~nxf && (echo Installing
> > %%~nxf... && %%f -n -z -q -m && echo -) || (echo %%f is corrupt
> > and will not be installed)
> >
> > qchain.exe
> > REM add any other files to install here...
> >
> >
> > Hope this helps.
> >
> > Mark Burnett
> > www.xato.net
> > www.iis-insider.com
> >
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]