Tag: Software

Ninite Automation – With E-Mail Confirmation + Logging!

I’ve had quite a bit of communication about how the AutoNinite script I wrote quite some time ago, and there were some features in it which I actually wasn’t happy about it.

So here I am with my latest version, it can be viewed over on GitHub @ https://github.com/fenneh/NiniteSloth

There are still a few features I want to build into it, such as not having a user have to edit so many variables, altering the report generated with some colour coding,

If you’re looking to run this as a scheduled task, I’ve also included a batch file to call the PowerShell script for a windows server.

Just simply create a new scheduled task, have it re-occur every day at a certain time and hook it up to the NiniteOne.bat packaged.

But really, please test this in your environments before going crazy and remember… YOU MUST SET THE VARIABLES TO BE SPECIFIC TO YOUR ENVIRONMENT

Hopefully, this will be helpful to some people, it’s currently what is powering the software updates within my own organization.

For more “detailed” instructions on how to use it, they can be viewed here: https://github.com/fennehNiniteSloth/blob/master/README.md

If you have any questions, leave a comment or email me at blog[at]fenneh.xyz

Automating Software Deployment With Ninite!

So, as in a previous post you’ve seen, I was using PDQDeploy to push software out across our network.

Now, I’ve got to the point where I’m fed up of having to set up new tasks, packages, hacking .MSI’s, creating transforms for each deployment… So I came back to Ninite.

When I was first looking for a solution to our software patching woes I’d originally looked at Ninite, something like deploying a Ninite installer with a silent switch, this was quickly shelved… it seemed pretty unsupported and wasn’t the most robust of sounding strategies. Saying that, this was over a year ago so recently I decided to check them out again. In that time they’ve now released a very cheap PRO version which can now mimic the functionality of Linux’s apt-get -somewhat-.

This got me thinking about a few possibilities, so I set out to set up an automated software patcher using it by using a little batch script and some PowerShell to pull machines to deploy to.

The Plan

  • Automate software deployment
  • Generate a list of target machines to patch
  • Use PowerShell to generate this list from AD
  • Create a batch file and attach to scheduled task with some logging.

Pulling the data from AD

Now I went down a few routes for this, the first was using some of PowerQuest’s AD CMDlets but I was sure there was another method. My chosen one was to use ADSI.

So without further babble from me here’s the PowerShell script I used to generate a list of machines for Ninite to use to target

$NiniteADSearch=new-object System.DirectoryServices.DirectorySearcher([ADSI]‘LDAP://OU=The,OU=Computer,OU=Group,DC=My,DC=Domain,DC=Name’,’objectCategory=Computer’)

$NiniteADSearch.FindAll()|%{$_.Properties.name} | Out-File NiniteTargets.txt -Encoding Default

This lil script when run will pull a list of Machines from the OU you’ve set it to, and all the sub OU’s. As in my domain, all Desktops and Servers are in completely different OU’s, this wasn’t an issue.

The script will also output the result into a file called NiniteTargets.txt in the directory you ran it from using ANSI encoding (Ninite will bomb out without this encoding, and yes it took a while to find that out)

Plugging the results into a batch file

So you’ve managed to generate your list of machines, time to feed these into the Ninite Pro program.

This was simply done using the cmd line switches which are documented here.

My batch file looked something like the following;

set NiniteScript=D:NiniteNiniteMachineGenerate.ps1

set NiniteTargets=D:NiniteNiniteTargets.txt

set NiniteCache=D:NiniteNiniteCache

set NiniteLog=D:Ninitelog.txt

powershell.exe -command %NiniteScript%

NiniteOne.exe /updateonly /remote file:%NiniteTargets% /disableshortcuts /disableautoupdate /cachepath %NiniteCache% /silent %NiniteLog%


So what does this batch file do?

  1. Will only update currently installed apps
  2. Will generate and feed list of target machines in from the NiniteTargets.txt file generated by PowerShell script
  3. Will disable shortcuts and auto updates
  4. Will cache the installer/patch files to selected directory
  5. Will install updates silently and log the results to selected log file
And that’s about it, the result of this is an automated patching system when you set the batch file to be run as a scheduled task.
A word to the wise though, you may want to try playing around with NiniteOne.exe manually before just doing this, it’s still relatively new and you don’t want to be screwing up a big deployment now do you ;)?
I hope this helps some admin out there, especially those with a pretty tight budget.

Mozilla Firefox 10 ESR

For those out of the loop… Firefox 10 ESR is Mozilla’s attempt at trying to recoup some of their market share by catering (I use this word very loosely) to enterprise companies by now offering a deploy-able and supposed customizable Firefox package.

Now, personally, I’ve been deploying Firefox for some time by using Frontmotion .msi packages, those guys are great and will pack up a tidy .msi in no time which can then be edited in Orca to disable features such as Auto Update etc…

But none the less, Mozilla are giving it a whirl despite 7 months ago telling enterprise customers to “Drop Dead” (Source).

So, without further ado here are the gory details of Mozilla’s attempt to leap back up on market share.

Mozilla will offer an Extended Support Release (ESR) based on an official release of Desktop Firefox. Releases will be initially maintained for nine release cycles (currently 54 weeks, which is close to the target of 52 weeks the proposal is attempting to hit), with point releases coinciding with regular Firefox releases.

To permit organizations sufficient time for testing and certification, the ESR will have a two cycle (12 week) overlap between the time of a new release and the end-of-life of the previous release. This will allow organizations who control updates (e.g. have disabled automated updates) to Firefox to qualify and test against Aurora and Beta builds for twelve weeks leading up to the ESR, and an additional 12 weeks to certify and transition to a new ESR. Organizations that rely on Firefox’s built-in updater may be limited to a transition period of 6 weeks, dependant upon how the ESR releases are maintained.

The proposal can be read here.

Now, whilst I don’t totally agree with what is proposed I’ve gone ahead and deployed it to all non-developers within my organization.

Hold on a second, where can you download it?

Ah, well this was the very very first issue I had. Even though it had been released, finding the actual download was quite an issue even with my expertise in google-fu.

You can find the downloads tucked away on the Down…wait no, the FAQ page (I must confess since the first draft of this post there is now a download page located here)

Wait… it’s an .exe, enterprise??

Yeh well… uhmm.. :/ I don’t know

And, how to deploy?

Personally, I used PDQDeploy to deploy it, but you can use any of the usual methods of PSEXEC, GPO etc to get it done.

One thing you’ll want to know is the silent switch which is simple /s or I believe -ms this will allow you to deploy it and to have it install without user interaction.

Also from what I can gather is it can install over the top of previous Firefox installs, but this made need a little more testing!

Best of luck!

Free Windows Software Deployment – PDQDeploy

Now, this was one of the first issues I ran into during my foray of being a SysAdmin.

We were a small shop, about 80 desktops and most if not all software deployment was done by hand. This meant we had lots of outdated software and a sizeable overhead when an end user would request an updated to X,Y,Z.

Now, as a somewhat of a start up and being new in my role, I wasn’t one to quickly recommend the most expensive solution. Instead, I decided to give PDQDeploy a whirl. It proved a decent hit.

And why not? It ticked every box we needed

  • Simple software deployment
  • Can be scheduled
  • Post-deployment reports

And still to this day for pushing out Firefox, Java, Shockwave, Reader, Flash (Damn you!), iTunes updates and other small little programs.

When this is tied hand in hand with a Secunia mailing list it’ll give you a pretty good head start on when systems will need to be patched.

So if you’ve been tasked with restructuring your software deployment process or just looking to reduce some workload, I’d suggest you give PDQDeploy a whirl.

Damn… This reads like a sales post.