Changes

WPKG with winexe

5,606 bytes added, 11:24, 21 December 2009
m
Created page with 'You can use Samba's [http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#id2555613 preexec] directive to launch a script when a PC connects to Samba. To launch WPKG on…'
You can use Samba's [http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#id2555613 preexec] directive to launch a script when a PC connects to Samba. To launch WPKG on a Windows machine which connnects to Samba, we will use the below script and [http://eol.ovh.org/winexe/ winexe].

= Features =
* will run software installation on Windows PCs without any additional client-side configuration,


= Installation =

* Copy/paste/save the below script on your Samba server. Note: the script should have UNIX end-of-line characters. If you use Windows, make sure your editor saves the script with UNIX end-of-line characters; if it's saved with Windows end-of-line characters, it will not work.

* Edit these variables:
** WINUSER, PASSWORD - user which will start software installation (must have admin privileges),
** LOGPATH - where to store our logs,
** WINEXE - winexe binary,
** TIMEOUT - winexe 0.90 has some bug which prevents it from exiting in some circumstances. Makes sure it's killed if it ever happens for you.
** IGNOREIPS - don't try to start software installation on these IP addresses

* Create a LOGPATH directory (default: /var/log/wpkg)

* to smb.conf, add this to the [global] section:
<source lang="ini">
root preexec = /root/scripts/wpkg-preexec.sh %I %m %S &
</source>

* don't forget to download winexe from http://eol.ovh.org/winexe/

* That's it!


= Testing =

In one terminal, start:

<source lang="bash">
/root/scripts/wpkg-preexec.sh 192.168.145.150 pc-name-test netlogon
</source>

Meaning of command line arguments:
* "192.168.145.150" - start software deployment on 192.168.145.150
* "pc-name-test.log" - everything will be logged to /var/log/pc-name-test.log
* "netlogon" - when a PC connects to this share, we deploy software on this PC


= Some more info =
* prevents from starting multiple WPKG instances on a single Windows PC
* new software deployment is started by Samba in two cases:
** PC connects to [netlogon] share (happens automatically for domain PCs which are turned on; nobody has to log in)
** if /var/log/wpkg/<workstation>.log is not present, or is older than 24 hours


= Script source =

<source lang="bash">
#!/bin/bash

# Launches wpkg.js on a remote Windows machine
# Author: Tomasz Chmielewski (tch .at. wpkg .dot. org)

HOST_IP=$1
HOST_NAME=$2
SHARE=$3

WINUSER='DOMAIN\Administrator'
PASSWORD='secretpass'
LOGPATH=/var/log/wpkg
WINEXE=/opt/winexe

TIMEOUT=3600 # winexe seem to hang sometimes - kill it after 1 hour if it's still there

IGNOREIPS="192.168.111. 127.0.0.1 192.168.128.10"


# No need to change anything below
if [ "x$HOST_IP" == "x" -o "x$HOST_NAME" == "x" ] ; then
cat <<EOF
This script launches WPKG on a specified machine.

Usage:

$0 <host_ip> <host_name>

EOF
exit 0
fi

# We don't want to execute winexe on nagios, PDC etc.
IGNORE=0
for IGNOREIP in $IGNOREIPS; do
echo $HOST_IP | grep -q $IGNOREIP
if [ $? -eq 0 ] ; then
IGNORE=1
fi
done

if [ $IGNORE -eq 1 ] ; then
exit 0
fi


# The main "launch wpkg" function
launch_wpkg()
{
$WINEXE --debug-stderr --system -U "$WINUSER%$PASSWORD" //$HOST_IP \
cmd.exe <<EOF &>"$LOGPATH/$HOST_NAME.log"
net use \\\\branchdc\\unattended /user:$WINUSER $PASSWORD
cscript \\\\branchdc\\unattended\\packages\\wpkg\\wpkg.js /synchronize /nonotify /debug
net use /delete \\\\branchdc\\unattended
echo wpkg_run_is_done
exit 0
EOF
if [ $? -eq 0 ] ; then
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) WPKG execution finished" >>$LOGPATH/wpkg.log
elif [ $? -eq 1 ] ; then
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) cscript was already running" >>$LOGPATH/wpkg.log
else
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) unspecified error code" >>$LOGPATH/wpkg.log
fi
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) processing done" >>$LOGPATH/wpkg.log
}

echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) starting processing (share hit: $SHARE)" >>$LOGPATH/wpkg.log

UPDATE=0
if [ "$SHARE" == "netlogon" ] ; then
UPDATE=1
else
grep -q "wpkg_run_is_done" $LOGPATH/$HOST_NAME.log
if [ $? -ne 0 ] ; then
UPDATE=1
else
STAMP=$(find $LOGPATH -mtime +0 -name $HOST_NAME.log)
if [ "x$STAMP" != x ] ; then
UPDATE=1
fi
fi
fi

# Check if the host was updated in the past 24 hours
if [ $UPDATE -eq 1 ] ; then
ps aux | grep winexe | grep -q $HOST_IP
if [ $? -ne 0 ] ; then
if [ "$SHARE" == "netlogon" ] ; then
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) netlogon share hit - starting WPKG" >>$LOGPATH/wpkg.log
else
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) not updated during the last 24 h - starting WPKG" >>$LOGPATH/wpkg.log
fi
launch_wpkg &
WINEXEPID=$!
while [ $TIMEOUT -gt 0 ] ; do
sleep 10
ps -C winexe | grep -q $WINEXEPID
if [ $? -gt 0 ] ; then
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) process finished - winexe ended" >>$LOGPATH/wpkg.log
exit
else
TIMEOUT=$((TIMEOUT-10))
fi
if [ $TIMEOUT -le 0 ] ; then
kill $WINEXEPID
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) killed winexe after inactivity timeout" >>$LOGPATH/wpkg.log
fi
done
else
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) winexe already running" >>$LOGPATH/wpkg.log
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) processing done" >>$LOGPATH/wpkg.log
fi
else
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) updated during the past 24 hours - skipping an update" >>$LOGPATH/wpkg.log
echo "$(date) $HOST_NAME (IP: $HOST_IP, PID: $$) processing done" >>$LOGPATH/wpkg.log
fi
</source>

[[Category: Documentation]]