This is a ticket I’d just submitted to Kaseya regarding what I believed to be a deficiency in their recently-updated STEP commands (part of their Agent Procedures engine):
This will take some doing to follow along, so if you're in need of a cup of coffee, I'd advise getting it now :-)
There, now that you have your coffee...
I very much appreciate the new commands... particularly "Execute Shell Command - Get Results to Variable" step type; however, I think it's broken. Allow me to back up my assertion...
BIG HONKING DISCLAIMER
Yes, I know that Kaseya Support does not debug/diagnose/bless/curse/vex any sort of custom scripting... but I believe I'm going to point out a flaw in the "scripts-we-plebians-can't-see-that-make-up-the-STEP-commands-in-Agent-Procedures" scripts that ultimately needs fixed. In other words, my script is fine... it's the inbuilt function calling my script that's broken. Bear with me while I explain...
A client of ours has software called Faronics Deep Freeze installed on "lab" machines--essentialy disposable machines that were designed for guest use as an amenity at a chain of apartment complexes. Deep Freeze (hereafter referred to as DF) is designed to "trick" Windows into thinking that configuration changes have been written to disk, even though they haven't been. If a machine is "FROZEN," then any changes made to that machine's configuration while the machine was online are lost at the next reboot. If a machine is "THAWED," however... then any changes you make become part of the machine's configuration until such time that the machine is "FROZEN" again.
Our Kaseya Agent versions are behind. Our patching can't run on schedule (the machines revert back to and old configuration every night, and patching runs every week on Thursday mornings... so, for a fleeting moment all day Thursday, the machines are up to date... and after the Thursday night reboot, the machine reverts back to a 6-month-old configuration). Anti-virus must update every day. And finally, as a direct result of the agent version being out-of-date, LiveConnect crashes IE after the first minute of use. Sad panda.
Sooooo... I was charged with figuring out how to fix this problem.
After much scripting and research, I came up with the script below:
As you can see, the script:
1) Stores the Agent Working Directory path as #AWD#
2) Writes a BOOTTHAWED.bat to #AWD#\BOOTTHAWED.bat
3) Impersonates the user "cwps" which is a preloaded Administrator account on all PCs
4) Runs the "Execute Shell Command - Get Results To Variable" step on #AWD#\BOOTTHAWED.bat
5) Deletes the #AWD#\BOOTTHAWED.bat file
6) Writes the #global:cmdresults# to the procedure log
Now, what is the BOOTTHAWED.bat file, you might ask... I'm glad you asked!
**FULL DISCLOSURE**: I know you guys are _not at all_ responsible for custom scripting. And I don't expect you to debug this .bat file... or the script that calls it! It all works just fine... it's the way that the .bat file is executed (via the "Execute Shell Command - Get Results to Variable" function) that's the problem. Feel free to skip it if you don't speak BAT.
[BEGIN BAT FILE]
if exist %WINDIR%\System32\DFC.exe goto 32bit
if exist %WINDIR%\SysWOW64\DFC.exe goto 64bit echo "Deep Freeze does not exist on this machine"
goto EOF :32bit
%WINDIR%\System32\DFC.exe TheDeepFreezePassword /BOOTTHAWED
goto CheckERRORLEVEL :64bit
%WINDIR%\SysWOW64\DFC.exe TheDeepFreezePassword /BOOTTHAWED
goto CheckERRORLEVEL :CheckERRORLEVEL
if "%ERRORLEVEL%" == "0" goto 0
if "%ERRORLEVEL%" == "1" goto 1
if "%ERRORLEVEL%" == "2" goto 2
if "%ERRORLEVEL%" == "3" goto 3
if "%ERRORLEVEL%" == "4" goto 4
if "%ERRORLEVEL%" == "5" goto 5
echo "The ERRORLEVEL is not in the range of 0-5"
goto EOF :0
echo "SUCCESS or Boolean FALSE, for commands returning a boolean result"
goto :EOF :1
echo "Boolean TRUE"
goto :EOF :2
echo "ERROR - User does not have administrator rights"
goto :EOF :3
echo "Error - DFC command not valid on this installation"
goto :EOF :4
echo "ERROR - Invalid command"
goto :EOF :5
echo "ERROR - Internal error executing command"
goto :EOF :EOF
[END BAT FILE]
So, to recap, I'm calling this fancy .BAT file which captures my %ERRORLEVEL% and echos the end result to the %STDOUT%.
That %STDOUT% should, in turn, be captured by the #global:cmdresults# variable... but it's not... and here's where it all breaks down.
I think you have a / in your "Execute Shell command - Get Results to Variable" built-in script where you should really have a \, which causes the step (and, ultimately, the whole script) to fail. Here's the screenshot:
If I get what I think you're doing, the "Execute Shell command - Get Results to Variable" script does the following:
%ShellCommandToExecute% > %AgentWorkingDirectory%/commandresults.txt 2>%1
...when it really should be doing:
%ShellCommandToExecute% > %AgentWorkingDirectory%\commandresults.txt 2>%1
That, in turn, would reuturn whatever I'd echoed to %STDOUT% to the #global:cmdresults# variable and I'd know what was going on.
...but at present, I think that / is my stumbling block.
Am I right? Did you mean to say \ instead of / in the "Execute Shell command - Get Results to Variable" script?
I hope they get back to me :-)