11 Replies Latest reply on Nov 30, 2010 11:46 AM by Dataspike

    Using Custom Patch Definition to Deploy/Extract ZIP File to Computers

    kevin.foster Apprentice

      I am trying to push a 3rd Party software patch to our organization using the Patch and Compliance feature of LDMS. The definition I have created is successfully detecting machines that do not have the correct software version. There is only one rule defined, which calls for the ZIP file to be downloaded to the sdmcache folder and then unzip to a specified folder.

       

      The file will download correctly to the workstation sdmcache folder, but then it immediately errors out, result code 412.

       

      The log file from the Scheduled Repair Task is:

       

      Verifying device ID with core YHVMLANDESK1
           Done
      Updating settings
           Failed: Core could not find a file
           Done
           Failed
      Getting list of patches
           Done.  1 patches were found
           Waiting
           Done
      Running patch *Paragon9.4.624_Rule 1
      Installing patch 1 out of 1 patches
           Failed
           Done

       

      I have attached a screenshot of what the install rule looks like. Any ideas why this is failing?

        • 1. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
          Specialist

          Export the Custom Definition (XML) and post it.  That'll help give us an idea of what your detection logic is, perhaps that is where the problem is.

          • 2. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
            kevin.foster Apprentice

            <?xml version="1.0"?>
            <ExportableContainer xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" LastSavedBy="yhdomain\kf8314" Revision="0" SourceCore="YHSVRLANDESK1" Guid="fake" SaveType="Inherit">
              <DuplicateReferences />
              <SyncEnabled>No</SyncEnabled>
              <LastSavedDate>0001-01-01T00:00:00</LastSavedDate>
              <Name>Paragon9.4.624</Name>
              <AssemblyVer>9.0.2.59</AssemblyVer>
              <Items>
                <Exportable xsi:type="EVulnerability" LastSavedBy="yhdomain\kf8314" Revision="720909" SourceCore="YHSVRLANDESK1" Guid="INTL_Paragon9.4.624" SaveType="Inherit">
                  <DuplicateReferences />
                  <SyncEnabled>No</SyncEnabled>
                  <LastSavedDate>2010-11-23T13:07:17.95-05:00</LastSavedDate>
                  <Name>Paragon9.4.624</Name>
                  <AssemblyVer>9.0.2.125</AssemblyVer>
                  <Prerequisites />
                  <PublishDate>2010-11-19T00:00:00</PublishDate>
                  <Title>Paragon PCR 9.4.624</Title>
                  <Description />
                  <Summary />
                  <Lang>INTL</Lang>
                  <MoreInfoURL />
                  <FAQURL />
                  <Severity>0</Severity>
                  <Vendor>custom</Vendor>
                  <Status>Enabled</Status>
                  <Type>Custom</Type>
                  <AutoFix>false</AutoFix>
                  <Fixable>AllFixable</Fixable>
                  <CanRunSilent>AllPatchesAreSilent</CanRunSilent>
                  <Compliance>false</Compliance>
                  <Category />
                  <SupercededState>None</SupercededState>
                  <Alert>false</Alert>
                  <HasCustomVars>false</HasCustomVars>
                  <Patches>
                    <Patch Download="DManual" Silent="CRSYes" Reboot="RNo" UniqueFilename="*Paragon9.4.624_Rule 1" Hash="" Size="0">
                      <Name>Rule 1</Name>
                      <Advanced>
                        <DetectScript />
                        <DetectScriptDescription />
                      </Advanced>
                      <Comments />
                      <URL />
                      <State>Enabled</State>
                      <AdditionalFiles>
                        <AdditionalFile>
                          <Filename>\\yhsvrlandesk1\Software\Paragon9.4\9.4.624\624.zip</Filename>
                          <Hash>SwF0BfAKG2kdJnuQqsLBXg==</Hash>
                          <hashType>MD5</hashType>
                        </AdditionalFile>
                      </AdditionalFiles>
                      <QueryFilter>YHSVRLANDESK1_57</QueryFilter>
                      <Files>
                        <File>
                          <Path>C:\Program Files\Paragon94\94624.txt</Path>
                          <FileDate>0001-01-01T00:00:00</FileDate>
                          <FileSize>0</FileSize>
                          <Checksum />
                          <Version />
                          <CommandID>c</CommandID>
                          <Flags />
                        </File>
                      </Files>
                      <RegKeys />
                      <Products />
                      <Platforms>
                        <ID>winxp</ID>
                      </Platforms>
                      <UninstallInfo>
                        <canBeUninstalled>false</canBeUninstalled>
                        <requiresOriginalPatch>false</requiresOriginalPatch>
                        <Files>
                          <File>
                            <Path>C:\Program Files\Paragon94\94624.txt</Path>
                            <FileDate>0001-01-01T00:00:00</FileDate>
                            <FileSize>0</FileSize>
                            <Checksum />
                            <Version />
                            <CommandID>c</CommandID>
                            <Flags />
                          </File>
                        </Files>
                        <RegKeys />
                        <Cmds />
                      </UninstallInfo>
                      <CustVars />
                      <Cmds>
                        <Cmd Type="Unzip">
                          <Args>
                            <Arg N="dest" V="C:\Program Files\Paragon94" />
                            <Arg N="source" V="%SDMCACHE%%PATCHFILENAME%" />
                          </Args>
                        </Cmd>
                      </Cmds>
                    </Patch>
                  </Patches>
                  <AssociatedProducts />
                  <ReadonlyGroups />
                  <LANDeskRevision>11</LANDeskRevision>
                </Exportable>
              </Items>
            </ExportableContainer>

            • 3. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
              Specialist

              Didn't notice you were on v9, I'm still on 8.

               

              So... it won't let me import the file.

               

              If I am reading this right, you are checking for a file, and if it's not there the patch is needed?  Are you just checking that it's there, or date/time, etc, basically what is your detection rule?

               

              What's inside the ZIP file?  Are these just files that you have to copy over and that's it, the patch is done, or is something else needed?

              • 4. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
                kevin.foster Apprentice

                Yes, as long as the text file is present, then the patch is "applied".

                 

                The ZIP file just contains a bunch of flat files that may or may not overwrite existing files. Included is the text file that the definition is looking for. Nothing else is required once that is done.

                • 5. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
                  Specialist

                  OK.

                   

                  So if v9 is anything like v8, when you kick off the task, it should create a task log file in the "%programfiles%\ldclient\data" folder.  Can you check to see if that file is there, and post it?

                   

                  The file name will include the Task ID number, to narrow it down.

                  • 7. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
                    Specialist

                    Not exactly the detail I was hoping for.

                     

                    Give me a bit and I'll see if I can think of anything else.

                     

                    The only other thing I can think of is to see if it's the destination of the files that is causing the problem.

                     

                    Try changing your destination of the extracted files to "%temp%\Paragon" (without quotes) and see if the patch works.

                     

                    It should put it in the local users temp folder, you can access it by going to the Run command and typing %temp%\paragon.

                    • 8. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
                      kevin.foster Apprentice

                      I tried changing the destination to %TEMP%\Paragon as you suggested and it still fails immediately, same result code 412.  Nice idea though!

                      • 9. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
                        Specialist

                         

                         

                        Well... perhaps the LANDesk extraction tool is having a problem.  What are you using to ZIP the file(s)?  Try manually extracting the files, re-zip them using WinZip or even the built-in Windows zip function.  Update the hash for the patch (if you are using it) and try again.

                         

                        I'd even just try creating a new custom def.

                         

                        I just don't know what the 412 error is.

                        • 10. Re: Using Custom Patch Definition to Deploy/Extract ZIP File to Computers
                          kevin.foster Apprentice

                          I figured out what the problem was...

                           

                          I had specified the patch file location using the "Additional Files" section and providing a UNC path to the file. I remembered that patches need to run using the HTTP section. Once I did it that way, the patch worked 100% with no problem.

                           

                          Thanks for your assistance!