How to use PEDownloader.exe to Duplicate / Troubleshoot Software Distribution

Version 10

    Verified Product Versions

    Endpoint Manager 9.6Endpoint Manager 2016.xEndpoint Manager 2017.x



    This article will cover how to make use of an Ivanti EPM Provisioning binary to help you in either troubleshooting or (if desired) duplicating detailed (sub-)steps of Ivanti EPM Software Distribution.


    If you've ever been in a situation where you'd love to have "out of band' access to Ivanti EPM technology to download "just this one file" as part of some script you're writing, this is the way to do it.


    What is PEDownloader.exe exactly?

    As the name may appear to imply - it is one of the key binaries that we make use of when downloading files into a Windows PE environment. So it's actually originally a file from the Provisioning side of the product - usually to help download "this or that" as part of the image deployment process.


    However, the binary CAN also be used inside a "full" Windows environment. It's THIS aspect that we look to exploit to make use of to help you along with a few things.


    Where is it located?

    • The "PEDownloader.exe" binary can be found in the root of the LDLOGON share of your Core Server.
    • Most clients will already have a copy of the binary in their LDCLIENT folder (so - )



    What can I get it to do?

    The short answer to that is - "anything that regular Ivanti EPM Software Distribution can do".


    You can make use of (or exclude) Peer Download, Preferred Servers, authenticating to shares, verifying downloaded files against certain hashes. In short - "everything" that regular Software Distribution does / can do, you can do via this binary (as it calls upon the same tech to do the respective deed).


    A detailed print out of all the command-line options can be had by running "pedownloader /?" - a copy of whose output is included further below for your convenience.


    How does it work? A short working example walkthrough

    PEDownloader.exe is very easy to use. It makes use of (and calls upon) all the regular software distribution technology available through regular software distribution - all available through some command line options.


    Example 1 - Download a file from a server

    Let's start with the complete basics - let's download a file from the source server. To this end, we see the command-line and the resulting output as follows (I'm using the pedownloader.exe out of the LDCLIENT directory in this scenario).




    Note that you get visual confirmation of the following:

    • Where the file(s) was/were downloaded from.
    • How long the file download took.


    So if you want/need to test peer download across your network, as an example - this is a superbly easy & convenient (and repeatable) way to do so.


    Actual command-line used in this example (split up for easier readability)

    C:\Program Files (x86)\LANDesk\LDClient>pedownloader.exe
    /O /Dest="C:\Program Files (x86)\LANDesk\LDClient\sdmcache\vlc-2.1.3-win32.exe" /AllowSource


    Note also the following here:

    • No file-hash has been specified here - so the file won't be verified upon download!
    • The use of the "/O" flag forces an overwrite of any existing file in the destination.
    • In order to make use of the Peer Download option (as in example 2), you may need to re-start the "LANDESK Targeted Multicast"-service on the device that's due to serve as a peer. This is ONLY necessary because we're not going 100% through the "regular" download process here. The process parses files in SDMCACHE every hour roughly - a manual re-start simply accelerates this as it triggers this step right away.


    Example 2 - Force a download from a peer

    So - basic download is working. Great - now let's use this to test Peer Download on the network segment that we've pulled the file from Example 1 down.


    Here, I've spun up another client and I am going to force the use of Peer Download (and only peer download).


    REMEMBER - I've re-started the "LANDesk Targeted Multicast" on the device that's due to act as a peer, so it is now aware of the new file that was downloaded upon it.


    Actual command-line used in this example (split up for easier readability):

    C:\Program Files (x86)\LANDesk\LDClient>pedownloader.exe
    /P="" /O
    /Dest="C:\Program Files (x86)\LANDesk\LDClient\sdmcache\vlc-2.1.3-win32.exe"


    Note the following bits of data we get back:

    • We get confirmation again of the download source (Peer in this case)
    • We get information the specific IP from which peer we've downloaded the file.
    • I've (again) not specified a file-hash, so the file will not be verified against it!



    Things to be aware of


    • Unless you specify a DESTINATION in your command-line, WinPEDownloader will always download files into the root of your SDMCACHE folder (by default - C:\Program Files (x86)\LANDesk\LDClient\SDMCache\ ).
    • It's good practice to always encapsulate path names with "-s (even when there are no spaces) as a "just in case" habit enforcer.



    Full Command Line options

    For reference and convenience - here's a print-out (to save you the hassle of doing so yourself) of all of the command-line options / parameters for WinPEDownloader for LANDesk Management Suite 2016. You can get your specific versions' help data by running "pedownloader.exe /?" from a command prompt.


    pedownloader.exe /?


    Downloads files or folders to the local machine.


    pedownloader.exe [options]



    [/P=<package/file path>|/Dir=<filedir>] [[/WanBW=xx]|[LanBW=xx]]

    [[/AllowMulticast /MulticastGuid=<guid> /MulticastDelay=<seconds>]|


    [[/RequirePref]|[/AttemptPref]|[/NoPref]|[/NoServerCom]] [/PreserveDir] [/O]

    [/Recursive] [/UseDownloaderCopy] [/Username=<username> /Password=<password>]

    [/ShowProgress] [/NoProxyhost] [/NoHardLink] [/Dest=<destination path name>]

    [/PushWan] [/Synchronize] [/CancelAfter=<seconds>] [/Discard=<ttl in seconds>]

    [/MaxThreads=xx] [/Hash=<md5hash>] [/NoPushHash] [/CoreServer=<core server>]



    Exclusive Options:

    [/CalculateHash /P=<local file path>] [/WOL=<MAC Addresses>]


      /P                   Specify the package to download. This can be a web path (http://server/share/package.exe) or a UNC path

                           (\\server\share\package.exe). Use quotes where needed.

      /Dir                 Specify the directory/folder to download. This can be a web path (http://server/share/folder) or a UNC path

                           (\\server\share\folder). Use quotes where needed.

      /WanBW               The bandwidth (as a percentage) to allow over the WAN.

                           (This is to the source or preferred server)

      /LanBW               The bandwidth (as a percentage) to allow over the LAN.

                           (This is to the peers)

      /AllowMulticast      Allows multicast to take place. Discovery will occur between all of the machines using the same multicast GUID, to determine the multicast representative.

                           This option requires the use of /MulticastGuid and /MulticastDelay.

      /MulticastGuid       Specify a GUID for the file or folder to download. This MUST be in a GUID format.

                           (Example: CA761232-ED42-11CE-BACD-00AA0057B223)

      /MulticastDelay      The number of seconds that the multicast representative will wait before beginning to broadcast the job.

      /MCRAllowPeer        Allows multicast representative to download from a peer. By default, the multicast representative will inherit this trait from /AllowPeer if used.

      /MCRAllowSource      Allows multicast representative to download from a source.  By default, the multicast representative will inherit this trait from /AllowSource if used.

      /PeerOneSource       Allows downloading from a peer but requires that only one of the peers can download from the source (or preferred server).

      /AllowPeer           Allows downloading from a peer.

      /AllowSource         Allows downloading from the source (or preferred server).


                           NOTE: Regardless of the order placed on the command- line, the hierarchy of the above options is...

                           /AllowMulticast, /PeerOneSource, /AllowPeer, and /AllowSource. There are no default options.



      /RequirePref         Require the use of a preferred server.

      /AttemptPref         Attempt the use of a preferred server.

      /NoPref              Do not use a preferred server (default setting).

      /NoServerCom         Specifies that no head request be done on the package.

      /PreserveDir         Preserves the full package path in the cache directory.

      /O                   Overwrites the package in the cache.

      /Recursive           Recurse the subfolders when the package is a folder.

      /UseDownloaderCopy   Moves package to location rather than copying it.

      /Username            The user name to use if authentication is needed for the package path.

      /Password            The password to use if authentication is needed for the package path.

      /ShowProgress        Shows the progress of the download.

      /NoProxyhost         Specifies to go directly to URL rather than through proxyhost.

      /NoHardLink          Do not create a hard link (copy of the package).

      /Dest                The destination on the local machine to download the package.

      /PushWan             Use WAN bandwidth for file replication.

      /Synchronize         Synchronizes files instead of just copying them.

      /CancelAfter         Cancel the job after the specified number of seconds.

      /Discard             How long (in seconds) the package should exist in the cache.

      /MaxThreads          Maximum number of peer discovery threads. (default=15, max=30)

      /Hash                The MD5 hash of the package. This ensures that the package being downloaded is the right one.

      /NoPushHash          Do not push the hash to the machine.

      /CalculateHash       Outputs the hash of a package (that resides in a local directory).

      /WOL                 Send list of MAC addresses to multicast service for WOL separated by a comma.


      /CoreServer          Overrides core server to use to get credentials and and the preferred server list.



    Deprecated options:


      /NoSource            Mapped over to /AllowPeer.

      /OneSource           Mapped over to /PeerOneSource.

      /AttemptPeer         Mapped over to /AllowPeer and /AllowSource.

      /SourceOnly          Mapped over to /AllowSource.






    To download a package (or file) from an anonymous web share and allow it to

    come from a peer or the source, enter the following:



         pedownloader.exe /P="http://server/share/package.exe" /AllowPeer




    To download a package (or file) from a secure UNC share and force it to get

    the file from the source (or preferred server), enter the following:



         pedownloader.exe /P="\server\share\package.exe" /AllowSource

         /AttemptPref /User=<username> /Password=<password>



    To multicast a folder with all of its subfolders, enter the following from

    each machine you want involved in the multicast.  The MulticastDelay will

    provide time for you to enter this on each machine:



         pedownloader.exe /Dir="http://server/share/folder" /Recursive

         /PreserveDir /AllowSource /AllowPeer /AllowMulticast /MulticastDelay=300




    With the above example it would wait 300 seconds (5 minutes), and then begin

    multicasting the files from the folder(s). It would place all of the files

    in the cache directory in the same folder structure as existed on the source.




    Depending on the version of PEDownloader used in your specific version of LANDESK Management Suite, you may have certain deprecated options - so please verify against your own version to ensure full accuracy.


    In Conclusion

    This article covered everything that you need to get started & make use of PEDownloader.exe to help you with either troubleshooting or the occasional "one-off" operation that you may even want to script.