I'll detail as much as I can so you can understand in which environment I'm working on and what I am trying to do.
I am using Nagios at work to monitor our servers. Each one of our Windows servers has NSclient++ installed on it. One of the many scripts Nagios' calling is check_updates.vbs; here 's how it goes if someone need to know:
On the Nagios' server side, we execute the following command:
/usr/lib/nagios/plugins/check_nrpe -H WindowsServerIpAddress -p 5666 -t 120 -c check_updates
When we execute that command, here is what's happening on the Windows Server:
By using the nscp service, it calls the following command, defined in the nsclient.ini file (into NSclient++ folder):
check_updates=cscript.exe //T:120 //NoLogo scripts\\check_updates.vbs
Then, it calls the check_updates.vbs script.
The local account on the Windows Server is the administrator one. We have changed nscp service's properties so that this service is called with another account, created especially for monitoring.
So, when we call the check_updates.vbs script directly on the Windows server (i.e locally), everything goes well, the script is working perfectly. But if we call it remotely, on the Nagios server, we have a simple (but deadly) error that says Permission denied.
That is why we are focusing on giving enough permissions to the monitoring-user.
After searching more and more and trying everything we could, I must say we're kinda lost right now.
The last solution I tried was to add these lines at the beginning of the script, to give the monitoring-user enough permissions to execute the script properly:
Set WshShell = WScript.CreateObject("WScript.Shell")
If WScript.Arguments.length = 0 Then
Set ObjShell = CreateObject("Shell.Application")
ObjShell.ShellExecute "wscript.exe", """" & _
WScript.ScriptFullName & """" &_
" RunAsAdministrator", , "runas", 1
End if
(I found this here)
When I use this, locally I get an [error notice*] but the script is working anyway. However, when I call the script remotely, I just have a timeout after 120s.
More info: UAC is disabled on the Windows server, and the monitoring-user has full access control on the NSclient++\scripts folder. Using the nscp service with the admin account is not the solution we are seeking for this matter.
So, am I missing something here ? Do you have any idea about this ?
Thanks for the help ! :)
[*error notice]: Invalid arguments, check help with cscript.exe check_available_updates.vbs -h
If UAC is off then it's not a UAC permission error therefore don't worry about runas.
It's also unlikely to be a file permissions problem (all admins are equal unless someone made it different).
What is likely is the different environments. You have an assumption that is true for the interactive user only. You need to log what is happening in your script (see wshshell.LogEvent(intType, strMessage [,strTarget])). If your script has
on error remove next
remove it.
Mapped drives are a problem. As are environmental variables and special folders.
Try using Runas command line command with various options (eg /env) to see if you can duplicate the behaviour.
Also run
cmd /c set > c:\set.log
and compare the output from the two ways of running it (ie with your client and direct).
Thanks for your answer Tony, I've tried your suggestions, but eventually we ended up getting around the problem.
Despite we gave the monitoring-user all permissions needed to execute this script, it was not working. So here's what we've done:
We created a bat file which contains the command-line to call check_update.vbs and to write its output into a new file:
cscript.exe //T:120 //NoLogo "C:\Program Files\NSClient++\scripts\check_updates.vbs" > "C:\Program Files\NSClient++\check_update.log"
Then, we've created a scheduled task (using the TaskScheduler) which calls the bat file every day to check for new updates.
To have the correct output in Nagios, we created another vbscript which only has to read the check_update.log file and return the appropriate value to Nagios:
Const ForReading = 1
Const rOK = 0
Const rWarning = 1
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("C:\Program Files\NSClient++\check_update.log", ForReading)
FirstChar = objFile.Read(1)
Content = objFile.ReadAll
If FirstChar = "O" Then
Wscript.Echo FirstChar + Content
Wscript.Quit(rOK)
Else
WScript.Echo FirstChar + Content
End If
Wscript.Quit(rWarning)
This vbscript is really basic, since it only reads the first letter of the file to decide which value to return. Indeed, if there are no updates available, the message will always be "OK - No patches missing".
So, by calling the bat file using the SchedulerTask, we get around the fact that the monitoring-user has not enough permissions to execute the script.
Related
We have an old Windows Server 2003 r2 which is doing nothing but using the task scheduler and a VBS file to check and rename some regularly re-occurring data files. It is setup to run every hour using my credentials. If I "run" it while I'm logged on the task runs and completes correctly. When no one is logged on the task runs but completes with an 0x1 code, ie it failed.
I have checked the event logs and see nothing which I can identify as an error or failure. We believe that it was running successfully until about 6-8 months ago (yes, it was one of those set it up and forget it things and we have not been regularly checking it).
=================Additional Information===============
I ran assoc .vbs and got this output: .vbs=VBSFile
I'm not sure how to determine the user environment variables?
For the task I have tried both the vbs file and also a bat file containing the reference to the vbs file. Both run when I'm logged and both fail to complete successfully when I'm not.
Here is the vbs script:
Dim fso, file, recentDate, recentFile, theFile, myfolder, mypath
set fso = CreateObject("Scripting.FileSystemObject")
set recentFile = Nothing
mypath = "D:\TheFTP\Main\Camera\lobby"
set myfolder = fso.GetFolder(mypath)
For Each file in myfolder.Files
If (recentFile is Nothing) Then
set recentFile = file
ElseIf (file.DateLastModified > recentFile.DateLastModified) Then
set recentFile = file
End If
Next
fso.CopyFile mypath& "\" & recentFile.name, "D:\TheFTP\main\camera\cam3.jpg"
set recentFile = nothing
set fso = nothing
Here is the last bat file where I have piped the output to a file:
C:\windows\system32\cscript.exe c:\CopyWebCamFile.vbs > c:\debug.txt
Debug.txt output when I'm not logged on shows an error, see below, which is not there when I run it and am logged on:
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
CScript Error: Initialization of the Windows Script Host failed. (The system cannot find the file specified.
=====================================================
More information, I added several Wscript.Echo statements to my script, before the first line, after the FOR loop and before the "copyFile" command. When I'm logged on I see all of the output in C:\debug.txt. When NOT logged on I see the same above error message, ie no Wscript.Echo output. This would see to indicate that it can not find my vbs file when I'm not logged on.
===========================
Still no happiness here. I moved and modified the .bat file to also output the contents of the script file:
type H:\Task_Stuff\CopyWebCamFileTest.vbs > H:\Task_Stuff\debug2.txt
C:\windows\system32\cscript.exe H:\Task_Stuff\CopyWebCamFileTest.vbs > H:\Task_Stuff\debug.txt
As before I get output to both .txt files when it runs while I'm logged on and nothing in debug2.txt and the usual messages in debug.txt when I'm not.
I'll fiddle with the antivirus settings, but I need to ask about that first. We are using Symantec SEP.
How can I check on the user environment variables?
====================
Maybe this will clarify my problem or suggest a solution??
Can you offer any ideas...RDK
First off we would like to thank LeeHarvey1 for his time and suggestions as we searched for the cause of this issue. In the end it was one of his suggestions that fixed the problem, but we still have no idea what caused it.
A reboot of the system cleared up all of the issues surrounding the task scheduler and running VB Scripts! We had considered his early suggestion, but discounted it as this server had only been up for a little over 3 months. Not excessive in our experience. However, when all else failed we elected to do that and "voila" it fixed the issue. We wish we knew what caused it but are now just happy we can move on to other things.
Thanks again LeeHarvey1....
we have this vbs script we use to update certain documents with SyncToy.
This is the script as it is currently written:
'--------------------------------------------------
Set oShell = CreateObject("WScript.Shell")
sFilePath = chr(34) & "C:\Program Files\SyncToy 2.1\SyncToyCmd.exe" &
chr(34) & "-R"
iRC = oShell.Run(sFilePath, 0, True)
' Return with the same errorlevel as the batch file had
Wscript.Quit iRC
'---------------------------------------------------
I didn't write this script, and I have very little experience with scripting.
I have a task set up in task scheduler that runs this script anytime the device connects to a network. The script should run SyncToy and then synchronize the folder pair that is set up. I have tried running the script through command prompt with the cscript command but nothing happens as far as I can tell. At least the folders aren't syncing.
The script is running on a Windows 10 pro tablet
I have verified that the task is indeed running when it is supposed to. I'm just not sure if it is an issue with the way the script is written or if the task settings need to be changed. Is there anything wrong with the script as far as you can tell?
I was unsure whether to post this here or over in serverfault. If this doesn't belong here please move the question over to serverfault
Update: I've verified that this isn't a problem with the script. This problem apparently arose only after the update from SyncToy 2.0 to 2.1.
Thanks Guys.
There is a error with the sFilePath lines.
First, I don't know if this was originaly on a single line but it should (or add "_" before changing line).
Then, this (...)& >"-R" would not work. The ">" symbole is outside the quotes and generate a error.
If you want to execute this command: "C:\Program Files\SyncToy 2.1\SyncToyCmd.exe" -R,
this is the way to do this:
sFilePath = chr(34) & "C:\Program Files\SyncToy 2.1\SyncToyCmd.exe" & chr(34) & " -R"
You can also add msgbox sFilePath to show a popup with the value of sFilePath.
To test/run the script, you just need to double-click on it.
I am trying to build a VBScript to automatically run some .exe files. The problem is that the script and the .exe files are on a flashdrive, so it needs to find the current drive letter by itself. I can do it on a batch file using %~d0, but I like some of the functions of VBScript better, especially the ability to send keystrokes. Anyways, I found a whole list of VBScript commands, but I am no expert and I need help with the syntax. So far I have it set to open the task manager and press some keys to have it select the "performance tab" of the task manager:
Dim Act :Set Act = CreateObject("Wscript.Shell")
Act.Run("taskmgr.exe")
Success = Act.AppActivate("taskmgr")
Wscript.Sleep 250
Act.SendKeys "{TAB 5}" :WScript.Sleep 500
Act.SendKeys "{RIGHT 3}" :WScript.Sleep 500
I'd like to know what command I need to use to tell the script to use the drive letter where the script was executed from (USB drive).
Use the .ScriptFullName property to get the full file spec of the running script and apply .GetParentFolderName for the folder's path or .GetDriveName for just the drive letter.
>> Set oFS = CreateObject("Scripting.FileSystemObject")
>> s = WScript.ScriptFullName
>> WScript.Echo oFS.GetParentFolderName(s), oFS.GetDriveName(s)
>>
M:\bin M:
cf. here
I am having a heck of a time getting some syntax correct here.
I have a small VB Script which prompts for credentials and then uses those credentials to run another vb script:
set objShell = WScript.CreateObject("WScript.Shell")
strAdminName = inputBox("What is your username (Domain\Username)")
objShell.Run "runas /user:" & strAdminName & " ""Wscript.exe \\xxx.xx.xxx\dfs\Tumw-IS\Juniper Tools and Utilities\Juniper Removal Tools\delete_folders.vbs"" "
When I run the script everything works, except it can't find the script I am calling. I get an error stating "There is no file extension in "\xxx.xx.xxx\dfs\tumw-is\Juniper"
Obviously the problem is in the fact that there are spaces in the file location and also that I am using a DFS link. When I run this and target a VBS file with no spaces in the location it works fine.
I just can't get the syntax down to handle the DFS link or the spaces in the name. I assume it's pretty straightforward, but I just can't get it to work.
Any ideas?
Thanks
-John
Try this:
objShell.Run "runas /user:" & strAdminName & " ""Wscript.exe \""\\xxx.xx.xxx\dfs\Tumw-IS\Juniper Tools and Utilities\Juniper Removal Tools\delete_folders.vbs\"""""
I am pretty new to all this VBS stuff because basically all I need to do is to make one simple VBS script, which I have possibly written, however, my problem is that it gives me 800A0035 or 800A004C error when I execute it for the first time on a particular PC, as soon as I execute it for the second time, it runs just OK and does what it is supposed to do. Incidentally, on my own computer it works OK even on the first execution.
I know that the errors have something to do with the wrong paths but I have checked my script several times and I am 100% positive that they are correct.
Here is the script:
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.MoveFile "rar.bat" , "rarp.bat"
'HideBat.vbs
CreateObject("Wscript.Shell").Run "rarp.bat", 0, True
What the script is supposed to do is to rename the rar.bat file to rarp.bat and run that batch file (rarp.bat) without popping up the command prompt. What the batch file does is not relevant, I guess, but anyway, it just runs WinRAR.
The rar.bat file and the VBS script are in the same folder, that's why I have used relative paths in the script. I cannot use absolute paths because I need to run the script on several computers.
I have read somewhere on the internet that by default VBS script first looks for the files in C:\Windows\System32 when relative paths are used. I have even tried using absolute paths in the script but it didn't work either. Here is how I need them to look like: %systemdrive%\users\%username%\appdata\roaming\rar.bat but this simply didn't work in the VBS script.
I really think that what I need is really a simple script but apparently it's pretty hard to get it working properly. I will be very grateful to those who help me.
Thank you a lot in advance.
Regards.
The only way your script - at least the part published - can give an error is by not finding the source file for renaming, you should have added full script and error message to be sure.
I suppose this is caused by a security setting on your pc that are more forgiving than on the rest of the pc's, eg UAC ? On the other pc's, try to put the files in a map like c:\test and then run it again after checking that the file rar.bat does exist in the same map. Do you have the same credentials (admin) on the other pc's ?
If you just want to run the bat file hidden, why the renaming ?
how do you download the bat ? and how then is invoked the script ? could be a timing issue that the second time is no longer a problem. In that case check in your script if the file is allready there and do a sleep in a loop while it doesn't
If you want to use the absolute path you could try this
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set WshShell = CreateObject("WScript.Shell")
Set WshSysEnv = WshShell.Environment("PROCESS")
path = WshSysEnv("USERPROFILE") & "\appdata\roaming\rar.bat"
wscript.echo path
objFSO.MoveFile path , "rarp.bat"
CreateObject("Wscript.Shell").Run "rarp.bat", 1, True