Deploying an Unattended (silent) Client Installer with PsExec

Awareness Technologies > InterGuard Support
Note: This guide for silent deployment of the InterGuard software is only applicable for orders which meet a minimum license purchase requirement and a silent executable installer will be provided in that circumstance. 
 
If you have any questions about eligibility for a silent installer for your account please contact your Sales Representative at sales@awarenesstechnologies.com. The installer which is downloaded from inside your account is the interactive installer and will not work with the below instructions.
 
PsExec is a command line interface tool only. We recommend using NetDeploy instead of PsExec which we will provide you with the silent installer and it has a graphical user interface. PsExec should be used as a last resort in cases where deployment cannot be completed with NetDeploy in your environment. The NetDeploy guide is found here
 
 
Deploying an Unattended (silent) Client Installer with PsExec

Some things to note before you use PsExec:
• The target (remote) computer(s) have to be on the same network as the source computer
being used to deploy.
• You will need to have a username and password that has administrative abilities at the
target computer.
• PsExec can deploy to computers running Windows XP or higher. PsExec typically will
not work on XP Home edition.
• You will need to download PsExec to the source computer (you do not need to download
anything to the target computer).
 

Using PsExec to deploy the client installer:

1. Extracted the download Ps package, copy the PsExec executable onto your executable
path (for example c:\windows):
You do not need to extract any of the other PsTools. PsExec requires that you enter
commands manually with the command prompt. We recommend placing the PsExec
executable in your system folder, as it simplifies using PsExec in the command prompt.

2. Place a copy of the unattended installer that was provided by Awareness Technologies to
a location on the source computer that you will easily recall. For simplicity, we
recommend copying it to “c:\”, but it is entirely up to you. When saving your unattended
installer, do not change the filename. Changing the filename will cause the installer to
fail when you run it.

3. Run the PsExec commands:
You will need to open up a command prompt. You can do this by clicking the Start
menu and typing cmd in the search field. On XP computers you will need to click the
Run option first then enter in cmd. PsExec will require some elements in your commands
in order to locate the computer, copy the installer file, and then run it on the target
computer. You will be entering these commands via the command prompt. Here is an
example of a command entry we use when deploying with PsExec.

PsExec \\[target computer name] -c [location and name of installer file]

You can enter as many computer names as you would like, they just have to be separated
by a comma. The "-c” switch is required; it copies the exe to the remote computer. It is
removed after the exe has run. In the last portion you must enter the path for the installer
file that resides on the source computer (the one you are deploying from). So, in the
example below we are deploying to two remote computers "bobscomputer" and
"amyscomputer"; the installer is named “ats@9999999,0@Silent.exe“ and resides in "c:\"
on the source computer.

PsExec \\bobscomputer,amyscomputer -c c:\ats@9999999,0@Silent.exe

If you need to deploy to a large number of computers, you can create a txt file list of the
desired target computers. The txt file simply needs to have each computer name
separated by a carriage return. If you are using a txt file list of computer names the
command will look like this:

PsExec @[text file name and location] -c [location and name of installer file]

If my txt file was named “deploymentlist.txt” and was located in “c:\sonar\”, and the
installer is named “ats@9999999,0@Silent.exe“ residing in "c:\", the command would
look something like this:

PsExec @c:\sonar\deploymentlist.txt -c c:\ats@9999999,0@Silent.exe

We recommend that you compose the command in a notepad or a similar document
before running it. When you are ready to deploy, open up the command prompt and
simply copy and paste the command from your notepad.

4. PsExec and Windows user accounts:
To run the unattended installer, you will need to use credentials that have administrative
abilities at the target computer. By default, PsExec uses the credentials you are currently
using at the source computer. If your target computers are part of a domain and you are
using credentials that are domain admin or part of the admin group on the target
computer, you typically do not need to take any additional action. If this is not the case,
and you need to use a different set of credentials, you can accomplish this with PsExec.
The -u switch for PsExec will allow you to enter a different username, and when PsExec
runs it will prompt you for the associated password as it connects to the target computer.
Here’s an example of a command using the –u switch:

PsExec \\[computer name] –u [username] -c c:\[name of installer file]

if the username with admin credentials at the target computer named “bobscomputer” is
“bobadmin”, and the other elements are the same as our first example, the command
would look like this:

PsExec \\bobscomputer -u bobadmin -c c:\ats@9999999,0@Silent.exe

After running the command, PsExec will prompt you for the password for bobadmin. If
the credentials you would like to use are domain credentials, be sure to include the
domain when entering the username; [domainname]\[username].
 
For example:

PsExec \\bobscomputer -u bobsdomain\bobadmin -c c:\ats@9999999,0@Silent.exe

5. PsExec and Windows 7 or Vista targets that have User Access Control (UAC) enabled:
When User Access Control is enabled on target computers running Windows 7 or Vista
you will need to include an additional switch in your PsExec command. Otherwise
PsExec may fail to run the installer because User Access Control requires that the
installer run with elevated privileges. The –h switch will instruct Windows to run the
installer with elevated privileges. Using the same scenario in step 4, your command for
targets that have User Access Control enabled would look like this:

PsExec \\bobscomputer -u bobadmin -hc c:\ats@9999999,0@Silent.exe

6. Completion:
When PsExec successfully deploys the installer it will return a message stating ‘error
code 0’. It may take a while for the installer to complete, so do not be alarmed if you
don’t see the confirmation message right away. Shortly after you will see the computer
name show up in the download/license mgmt. section of your account. That’s it, you’re
done.

Troubleshooting:
If PsExec returns a message stating ‘error code 1’ or if you do not see the computer name show
up in the download/license mgmt. section of your account right away, this usually indicates that
the software installed but didn’t complete registration with your account. This isn’t a problem,
as the installer is designed to attempt registration again. Some things that would cause this are:
 
• The target computer is on and online, but no Windows users are logged in. In which case
registration will be completed the next time someone logs into the computer
 
• The target computer can’t connect to the internet even though you are able to connect to
it through your network. An example would be if your firewall was set to block all
outbound traffic from your network. Since the installer will attempt registration again,
the next time the computer can access the internet, it will register automatically.
 
• The user is very busy or consuming a large portion of the bandwidth available to the
target computer. Like above, the unattended installer will continue trying to register. In
some extreme cases, the unattended installer will have failed so many times that it will
wait a long time to try again. Rebooting the computer will start the process fresh, and it
will attempt registration shortly after a user logs into windows. If you do not already
have a method to reboot a computer remotely, you can do this with PsExec.
 
Here’s an example of how you can do this for ‘bobscomputer’:
PsExec \\bobscomputer shutdown –r –t 0
Just keep in mind that this will not display any confirmation to the user that the computer
is rebooting, so if someone is using the computer when you send the reboot command,
they will be kicked off and loose any work in progress.
 
• If the target computer is running Windows 7 or Vista, try using the –h switch in your
PsExec command, see step 5.
 
• The following Windows elements need to be place on the target computers for PsExec to
function. In most cases these items are already in place, however if you are having
problems using PsExec you’ll want to confirm that they are in place:
o The ‘Workstation’ service needs to be running.
o The ‘Server’ service needs to be running.
o The Admin$ share needs to be available.
o File and Printer Sharing needs to be activated (however there is no need to
actually share anything)
o Ports 445 and 139 must be open on the target computer.
 
For more information on PsExec please refer to the documentation at:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx