Jump to content

Executing MSI installer from Network Location


Greg Candido

Recommended Posts

I created a script to install an MSI installer.  However is I point to a Mapped Drive such as Z:\Working Directory\Installer.MSI it does not execute.

If I execute the script from the C:\Temp\Installer.MSI it installs successfully.  I've even tried using a UNC Path \\SERVERNAMER\Working Directory\Installer.MSI and it does not execute.

Why is this?  Does Pulseway not have permission to see the network share?  Is there an area when creating the task that I need to enter network credentials.  I don't see this.


Please advise what I am doing wrong or overlooking

 

Greg

Link to comment
Share on other sites

  • 2 weeks later...
  • 1 month later...

@Greg Candido

It's possible to run Pulseway with User Impersonation, and by doing so you should be able to access network resources because it's essentially running as a user instead of system.

 

I did the following in our setup: 

  • Create an account for the Pulseway service in active directory.
  • Give the new account share permissions and file permissions on the directory where the MSI-file resides.
  • Open Pulseway Manager on one of the clients.
  • Open Settings -> Runtime and check the "Enable Powershell User Impersonation".
  • Enter the credentials created in the first step above, including the domain.
  • Apply the settings and exit the Pulseway Manager.
  • Open registry editor on the same client and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\MMSOFT Design\PC Monitor
  • Copy the data of each of the following keys for later use:
    • PowerShellUserImpersonation
    • PowerShellUserImpersonationDomain
    • PowerShellUserImpersonationPassword
    • PowerShellUserImpersonationPasswordCtrl
    • PowerShellUserImpersonationUsername
  • Open the group policy manager on a domain controller and create a new group policy object.
  • Expand Computer Configuration -> Preferences -> Windows Settings > Registry and create the following keys:
    • PowerShellUserImpersonation
      • Action: Update
      • Hive: HKEY_LOCAL_MACHINE
      • Key path: SOFTWARE\MMSOFT Design\PC Monitor
      • Value name: PowerShellUserImpersonation
      • Value type: REG_SZ
      • Value data: 1
    • PowerShellUserImpersonationDomain
      • Action: Update
      • Hive: HKEY_LOCAL_MACHINE
      • Key path: SOFTWARE\MMSOFT Design\PC Monitor
      • Value name: PowerShellUserImpersonationDomain
      • Value type: REG_SZ
      • Value data: %the domain name copied from previous steps%
    • PowerShellUserImpersonationPassword
      • Action: Update
      • Hive: HKEY_LOCAL_MACHINE
      • Key path: SOFTWARE\MMSOFT Design\PC Monitor
      • Value name: PowerShellUserImpersonationPassword
      • Value type: REG_SZ
      • Value data: %the password data copied from previous steps%
    • PowerShellUserImpersonationPasswordCtrl
      • Action: Update
      • Hive: HKEY_LOCAL_MACHINE
      • Key path: SOFTWARE\MMSOFT Design\PC Monitor
      • Value name: PowerShellUserImpersonationPasswordCtrl
      • Value type: REG_SZ
      • Value data: %the password ctrl data copied from previous steps%
    • PowerShellUserImpersonationUsername
      • Action: Update
      • Hive: HKEY_LOCAL_MACHINE
      • Key path: SOFTWARE\MMSOFT Design\PC Monitor
      • Value name: PowerShellUserImpersonationUsername
      • Value type: REG_SZ
      • Value data: %the username data copied from previous steps%
  • Link the newly created GPO to an OU with one or more test-clients and verify that the user impersonation is working, and then enable it on all the clients in the domain where you want to enable the functionality.
Edited by AC_Martin_J
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...