Is there a way to deploy entire package if computer goes offline during deployment?
I've got a VPN client deployment upgrade I'm looking to do but for users on the VPN there's a catch 22 since they're connected to the VPN to receive the package, but will require closing the VPN during that deployment.
I'm wondering if there's a way for the PDQ deployment package to carry out the steps after closing the VPN locally on the computer after it's run?
0
Comments
There's nothing built-in that will do that. One workaround is to create a package that creates a scheduled task on the target.
Yes there is a way. I had to update Pulse secure and I was in same boat as you. This is what I did, I created a schedule task that looks for event ID when Pulse Secure logs off. The schedule task fires and run a powershell scrips that updates pulse. I first tested the schedule task on my laptop and exported it as XML. These are the steps on my PDQ Deploy package
Step 1, copy all the files needed to updated Pulse secure including powershell script that updates pulse, removes schedule task and reboots the computer so it loads the config file. I copied the entire folder to c:\windows\adminarsenal folder
Step 2 Installs the schedule task using the exported XML file.
Just wait for your user base to log off and it will fire. Please let me know if you want more specific steps and happy to share.
Kdave,
Please share. this would help me out
Daniel
Sure happy to share my deploy job. Are you trying to upgrade Pulse secure?
yes. we are upgrading our windows based mobile workforce to 9.1r13
The way job works is, while the laptop is online, it will copy folder containing all files needed to perform the upgrade. I copied folder to (C:\Windows\AdminArsenal\pulse_upgrade)
I have following files in that folder:
Pulse_securex64.msi
Pulse secure config file if you are using a config file that will add the vpn destination
XML file that will be used to create task schedule to start the upgrade . The task schedule looks for event Id 302. You can check this by logging off pulse secure and look for event ID in logs. When it detects this even ID, it will launch a bat file that runs powershell script.
Powershell script has code to run the upgrade, remove task schedule, restart pulse service. (you may want to reboot the laptop because I found restart service doesn't load the config file)
msiexec -i C:\Windows\AdminArsenal\pulse_upgrade\PulseSecure.x64.msi BRANDINGFILE="C:\Windows\AdminArsenal\pulse_upgrade\PulseWin.PulseBranding" CONFIGFILE="C:\Windows\AdminArsenal\pulse_upgrade\<name of configfile>" ALLUSERS=1 /quiet /norestart /log output.log
Stop-Process -ProcessName Pulse -force
start-process -filepath "C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe"
Unregister-ScheduledTask -TaskName "<name of schedule task>" -confirm:$false
Bat file that will call powershell script within the task schedule. The file file contains following code:
powershell -command "& {set-executionpolicy unrestricted -force; C:\Windows\AdminArsenal\pulse_upgrade\<name of your powershell script>.ps1}"
So step 1 will be copy the folder locally to laptop when it's on line
Step 2 is to add task schedule. So it's a powershell step that does the following: Register-ScheduledTask -Xml (Get-Content “C:\Windows\AdminArsenal\pulse_upgrade\<name of task schedule.xml” | out-string) -TaskName "<name of task schedule"
I tested this on my laptop when I had to run upgrade. As soon as I logged off vpn, the job ran. I did add reboot step in my powershell.
Let me know if you have any questions.