Configuring Scripts with GPOs
๐Note: Installation might take around 45-50 minutes once the target device reboots
Open Server Manager, click Tools, and then click Group Policy Management.
In Group Policy Management, right-click your domain, click Create a GPO in this domain, and link it here.
In the New GPO dialog box, enter the name and click OK.
Right-click the created GPO, and then click Edit.
In the Group Policy Management Editor window, under Computer Configuration, expand Policies, expand Windows Settings, and then click Scripts (Startup/Shutdown). Select Startup and click Properties.
In Startup Properties, Click Add and then click Browse.
๐Note: The associated domain user should have Read, Write, Read and Execute Permissions to the shared "SoftwareInstallations" folder.
โ
Copy and save the script from SuperOps as a .bat file.
โ
Browse and Select the script file & Click Open.
โ
After Adding the Script, Click Apply then OK.
โ
Configure the Scope of our policy, by Adding Domain Computers (if domain computers are the targeted devices to which installation should happen)
Update the Permission of the targeted group (in the below case, itโs Domain Computers) from Read to Edit Settings.
Script File (save as Batch file)
๐ Note: Installation might take around 45-50 minutes once the target device reboots
set msiDownloadPath='<Download URL>' powershell -ExecutionPolicy Bypass -Command "& { $msiPath=%msiDownloadPath%; $log=''; $logFolder='%ProgramData%\SOPGPO'; if (!(Test-Path -Path $logFolder -PathType Container)) { try { New-Item -Path $logFolder -ItemType Directory -Force; $log='SOPGPO folder created' } catch { Write-Host 'Error in creating log folder'; Write-Host $_.Exception.Message; [Environment]::Exit(1) } } else { $log='SOPGPO Folder already exists' }; $logpath=Join-Path -Path $logFolder -ChildPath 'sopgpoLog.txt'; try { New-Item -Path $logpath -ItemType File -Force } catch { Write-Host 'Error in creating log file'; Write-Host $_.Exception.Message; [Environment]::Exit(1) }; function Addlog { param ([string]$content); try { Add-Content -Path $logpath -Value $content } catch { Write-Host 'Error in adding log'; Write-Host $_.Exception.Message } }; Addlog -content 'Starting installation using GPO'; Addlog -content $log; try { $package = Get-WmiObject -Class Win32_Product | Where-Object { $_.IdentifyingNumber -contains '{3BB93941-0FBF-4E6E-CFC2-01C0FA4F9301}' }; if($package) { Addlog -content 'Superops is already installed'; Addlog -content 'Exiting the Installation'; [Environment]::Exit(1) } else { Addlog -content 'Checked for existence of superops: False' } } catch { Write-Host 'Error in checking the installation of Superops'; Write-Host $_.Exception.Message; Addlog -content 'Error while checking superops' }; Addlog -content 'Checking existence of File'; $file=Split-Path -Path $msiPath ; if (!(Test-Path -Path $file -PathType Any )) { Addlog -content 'MSI not found in given path' }; Addlog -content 'Checking File accessibility'; $folderName = [System.IO.Path]::GetFileName($file); $installlogpath=Join-Path -Path $logFolder -ChildPath 'SOPGPOinstall.log'; try { $fileName=Split-Path -Path $msiPath -Leaf;Write-Host "$fileName"; $fileNameDownload = Join-Path -Path $logFolder -ChildPath $fileName ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Write-Host -Outfile $fileNameDownload; invoke-WebRequest -Uri $msiPath -Outfile $fileNameDownload; $process=Start-Process -FilePath msiexec -ArgumentList /i,$fileNameDownload,/qn,LicenseAccepted=YES,/L*V,$installlogpath -Wait -PassThru; Write-Host exit Status $process.ExitCode.ToString();Addlog -content "exit status"; Addlog -content $process.ExitCode.ToString(); if ($process.ExitCode -ne 0) { process $process; [Environment]::Exit($process.ExitCode);}} catch { Write-Host 'Error in Installation'; Write-Host $_.Exception.Message; Addlog -content 'Error in Installation'; Addlog -content $_.Exception.Message; [Environment]::Exit(1) }; Addlog -content 'Installation Success'; [Environment]::Exit(0) }"
โ