Webcast: Automating your own packages - Transcript

Thu, 2/25 • Total time 32:15

SPEAKERS

Lex, JJ, Jake, Jordan, Kelly

Jordan  00:00 ---  Everybody is Jordan with PDQ.com. Today, we're gonna try to use PowerShell to make packages that we can put in the library, you can still automate, so you can still follow through with your set and forget it. This is something that me and Lex did in a webcast long enough ago that we could stand side by side and do the webcasts. So again, to recap, that part of it, where before we did updating the variables and the schedules, and we're going to add in then actually downloading the packages and updating everything's completely hands off. So I guess the first part we're going to go over is creating the package that will update without you having to do anything with it. And we'll open up a remote Angie here. And what we're looking at here is the install file, you see we have a couple of variables, we're using the repository, which is open up our settings here, this is just the setting here where all of your if you're using the package library, it's where it's going to download too. And then lose my window that I had open. There we go. And then just the name of the folder that is going to be within. So if it was like say Adobe Acrobat, it would be Adobe then Acrobat, where if it's just m remote, and g is just that one folder name. And then

JJ  01:12 ---   I hate to do this during the show, but can you resize and center that? 

Jordan  01:15 ---  Oh, absolutely. I thought I thought it was centered. Is that not going?

Jordan  01:15 ---  Oh, absolutely. I thought I thought it was centered. Is that not going? Are we getting different results for the end users and we're seeing on our side. 

JJ  01:21 ---  Are we getting different results for the end users and we're seeing on our side. I guess my definition of tight tighter center is not the same as yours anymore.

Jordan  01:35 ---  All right, well, I'm not sure exactly we're aiming for that one. So I'm just gonna continue

Lex  01:42 ---  just ignore  keep going.

Jordan  01:43 ---  All right, there we go. The next one is a variable that we are creating here, we're just going to be the version name for the release. So if we come in here and do variables, see if that's that's better there you can see we just have the current version that we have for whichever product we're looking at. And so the ultimate goal is as long as we have the variable name and the install files the same that we update the variable is going to point to the new install file and it should be able to kick off the package with the latest install without you having to have any hands on for that one. Same thing for Acrobat but just to kind of show it live we'll build one for Discord. Give it a name. I don't normally do this. I'm on my A game right now guys in the name of Discord, because that's what I'm installing. Right so install step we're  selecting the variables to just the system that we're talking about repository. backslash Discord. 

JJ  02:45 ---   How about now? Now? Can you see that it's out of?

Jordan  02:49 ---  I can't.

JJ  02:53 ---  Okay, all right.

Jordan  02:58 ---  All right, then we're going to go to the customer. And we're going to point to the variable that we created. And then I'm going to go look at my old one because I've lost my train of thought here. Anything else? And then just the name of the install file? Which I believe discord was an executable. My window goes here.

Lex  03:15 ---  I think we tested this yesterday after you get that variable in their catch it kit the Oh, well. Let's just go look it up 

Jordan  03:22 ---  the three dots.

JJ  03:25 ---  I'm sorry, I threw off your groove. 

Jordan  03:27 ---  No, we'll be okay. And yeah, so if you do the three dots and just point to the existing install file, it's gonna keep all your variables in there and update for you. on that one. This is an executable, I'm going to take a wild guess and say it's dash S. I definitely didn't research that before we started. All right. And so now with this one should be the sound is over discord will push out the machines. And now we got to work. I guess the next part is collection. So you can see which machines have it if you want to target the schedule for that one coming here, same thing, we got Acrobat, and that was definitely not centered. And it's just coming in here. It's just the application name. And the version is not lower than with the variable that we created. One important part that I missed out is that it is critical on inventory and deploying the variables are case sensitive. So however you put it on one, it's got to be the exact same another copy paste over over typing that out. It's just I can't work around that one. It's just case sensitive matters. In this case, 

Lex  04:28 ---  you know, I love the copy paste. I noticed you copied the Google Chrome

Jordan  04:33 ---  or did I not change something?

Lex  04:36 ---  description.

Jordan  04:38 ---  What makes this worse is it wasn't even working smarter because I use Chrome which has a three part and a four part variable making it more complex instead of using a simple one would be a direct, direct situation. So apparently, we're going to copy these ones. You want to remove the old description because you're just gonna look ridiculous on the internet. Go through and get those And then once again to kind of showcase that we will copy this one and try to do discord now minimize that so I can get down to some blank space here discord and same thing we're going to go in there we're going to update just the variables itself make it so it's no longer named Acrobat too in fact when we change it to discord I'm radical that way and this one the name equals look at that in the title actually have the version not lower than we don't want that for just the main one we just want the name equals Discord. Alright and then done the sub ones where we have latest and old we're going to put once again Discord, I'm assuming that's the name if you're actually using this for Discord. You might want to scan your environment and make sure it is not like Discord Inc or something along those lines. And then this one we do want it to be version not lower than and we're going to point to the different custom variable for discord the zero dot zero dot I'm going to say 308

Lex  06:06 ---   minor suggestion man, might want to call that instead of Acrobat latest Acrobat old discord

Jordan  06:13 ---   is a good idea to keep everything up to date. So if you are going to copy make sure you change everything. There we go. discord, and then last thing is the variables and this one we're doing version lower than not the not lower then. And now we have a collection for each one of those. We did it guys. We did it with no no descriptions. Alright, the next part of automating is a schedule. I mean, you go on into kickoff to install without you looking at it, I did pre build these. And this time, I didn't remove discourse, but you have to make some changes. But this one is just whatever time you want. We'll say what I do a week, every Tuesday, not every other, not the second Tuesday, like it's past Tuesday, we're just gonna try it every Tuesday, apparently at 5pm. We are pointing to discord old, nice that copied over, save me some time. And we're gonna copy over the package that we built. And with the schedules, the ID really matters for when it comes to updating, because after it does install, we have the checkmark or the checkbox for right here, stop deploying once it succeeds that way, once it's installed, it's not gonna keep on trying to install it. But then there's a target history. And every time it's successful, it's in there. Which means even if we update the package itself, that's not going to run because it's going to consider exceeds us if we have to clear that out. To do that. We're gonna do that at the end here. And it requires the ID that is listed right there with my perfect circles, not the band, that the drawing. Alright, I guess the best way to show this is to go into the PowerShell. The first takeaway from when I found this out, I don't have one that's just going to kind of go in and find whatever software you want, because we have to tie it to the latest version, which is different for each site. You also have your Git or this one in case FTP or just like a regular HTML query. So for each software you want to do, these are the kinds of stuff that help you get started. But you're gonna have to go in and customize it to fit the needs to be able to update based on the variable. The top two and this one's for Acrobat, which I suppose we should start off by saying for Acrobat, this is only for updating Acrobat, not the initial install, they have a licensed distribution agreement where if you're sending it across your network to internet, you have to agree with them, then send out the install. This is just saying you already have that you have distributed out then when it comes time to patch, we're going to automate the patching instead of keeping that manual. I can't I can't help you with the initial install. That's something where you have to work out their agreement with Adobe on that one.

Lex  09:03 ---  Was that like a disclaimer,

Jordan  09:05 ---  that was a disclaimer, that's I don't want people to think that I'm bypassing their legal-ese on this one this one is supplementing once you have followed the procedure. And so the first thing we're doing, we're grabbing the locations of the database. If I'm being totally honest, I'm only using the Inventory database on this one, I just included the deploy in case you wanted to use deploy instead, it's not really going to matter. I just have both been there. And then we're doing a query based on the Inventory database for the name of the variable that we created. And this is where the case sensitivity is. Case sensitivity really matters if you have a capitalized and that one it has to be capitalized here. And the last one is regarding the repository. This is where all your install files are saved and then we're adding Adobe Acrobat there. Just run those to get those built out real quick as the next part As we went, I went to the FTP site and I'm looking at Adobe Acrobat, 2017. And I statically put in that address there, because that's where I'm at. It's where each one's different, you can have it, you can put it as a parameter up top, where you can change without ever going in script, I just didn't get to that point. But since each one's going to be different, you are going to have to point it to the software you're going to want to install. So we're just gonna create that variable real quick. And then we're doing a FTP, web request and creating the next one, this one is basically just starting the connection. All right, and then right here, you can see you have the web request methods where we're doing FTP, because we're an FTP site, and I'm doing lists directory details, which grabs the title, as well as, like, there's some permissions in there. And when it was created, there is a way to do it with just list directory that I thought of waiter, I will kind of go into the finer details on that one, but we're gonna grab the details that includes the date on this one, just so we can make sure we're grabbing the latest version. And we're gonna get our response here. And the next three lines here, hope those keep going. Okay, let me start the download of this one, in just a few minutes. And that takes a while, it's a perfect time to take them. Alright, so if we come in here to the FTP reader, we just built and reread it to the end. To the end, you can see here for reasons that I cannot possibly fathom the last entry, instead of having the year puts 12 colon 12 in there, which, if you were, I don't know, using regex to separate based on the date format that is standard, that's gonna, it's gonna throw in a little bit of an issue. So what we're doing have to actually go re-grab, those real quick Sorry, I went to the end of the stream, I killed my close my connection, we're good to come in here, we're going to build an array, and we're going to go into each line from the read line, and we're going to apply this regex I don't think I need to explain that it's just right there. That goes in, it's gonna grab the date, and the name of the file itself, which is the update version. It's gonna, for each line, if it's not the end of the stream, which we're looking for right here, we're gonna split it based on that registry. And what we had to add because the date is wrong. And that last one is if it is greater than four characters, just manually change it to 2020. This is where the issue comes in, I don't know if the bottom one is always going to be where the years are wrong, or if it's just this one case. So if it's the years wrong, that it comes out is going to set it to 2020 instead of 2021, which is going to cause some problems, which is why I have a different method, I thought of which I'll kind of go over in just a bit here.

JJ  12:52 ---  2020 is still causing problems and its wake

Jordan  12:55 ---  it's still still getting us Oh, man after in my entire while loop there. And this is going to go through at the end, it's going to build the object of the date where it's going to combine the month and day with the year and then also the name of the folder, add it to our array. And we're going to sort it by last modified and grab the last one. And then this is where let's see if we run that when you can see the vert it does have the version in there. But it's not the same format you're going to see when you browse. It is going to be two digits dot three digits dot five digits, which is where we run that line there for the new version, and we have that's what the actual version is. And then the last step, we're comparing the version we pulled from our system that variable versus the new version. And if they're not the same, since we're grabbing the latest one in the FTP we're gonna go ahead and download it but it's a lot of the same thing is the request we're building the install string and run that last bit here. And that's going to take while it downloads. Did we have any questions?

Kelly  14:09 ---  Hey, Jordan, with the discord collection example instead of defining the name again, would it be better to drill down from the parent or define everything separately? Thanks, Darrell s.

Jordan  14:22 ---  Well, there's two options for the discord one, you can either drill down from the parent, we don't usually do that in our example collections. Or another option is to have two variables. One is like Discord name and the other one is the discord verb. And then you could just put the variable in there and then anything that updates that should update as well. It's probably the way I should have done it instead of hard coding. You think for someone that's a big fan of PowerShell I would avoid hard coding the way that I do in here.

Jordan  14:48 ---  Alright,

JJ  14:49 ---   So fun.

Jordan  14:51 ---  It's so much faster initially.

JJ  14:55 ---  'til go back and go like what was I doing there?

Jordan  15:00 ---  Go back to the end that you're going to be sad about it. Alright, so it's still downloading, I guess. Well, we do have another question 

Kelly  15:09 ---  Jordan is there a way to set PDQ variables from the command line? David R

Jordan  15:16 ---  There absolutely is, that's actually going to be the last step that we do on this one, which, so I got kind [???] the whole process. But then at the very end, we do showcase how you can update the variables. That will do it based on if there is a new install. Well, that's still going, it's 145 megabytes. So as we can see, there we go, it's done. As you can see, if we went into the repository, we rebuilt it the Adobe Acrobat, we have the old version that has the install file, and it builds the new version, with the new version variable, which is that's it's very critical that the name of this folder is the correct name, because that's what's going to update your variable. And then there we have the same install file. In this case, it's an MSP. So the silent parameters are, will be in there by default when you add it. And then the archive, which is if you want to keep the old ones, it just kind of a bad update, maybe not a bad idea to instead of throwing away the old ones, keep them there, just in case and clear that out occasionally. And that's just a quick way to do it for I guess, not quick, best way to do it for Adobe, where it's gonna go through, they don't give you directly the version in there. But we kind of built it as we went to get the proper final version for that collection. The next one, is when we were going to do this one's the HTTP version. This starts the exact same, we're grabbing the, that's not underlined at all, we're grabbing the database locations, building the variable and grabbing the repository and naming the install file. I didn't have to do that with Adobe, because the name that you downloaded was right in there, this one, I just built the string at the end. The major changes on this one, there's a lot of similar where I grabbed this address for was I went to discord site and hovered over there download latest and it gives you that URL went in there and grabbed that I run the rest of these better to be safe than sorry. And as you can see here, we are grabbing a net HTTP web request over a FTP. And it's worth noting that where I have listed details on FTP, HTTP has connect to get head, make, column, and post things like that. We just need the header, we're using this to actually grab the variable itself, not the variable, the install version, which we can see if I come in here and grab the response. type that one out. You can see here there is a response UI that contains the zero dot zero dot 309, which is the latest version. So if you can't find that version, somewhere within the download file, then you can automatically automate the download and manually create the folder and then automate the variables. But there's still the middle part that has to be automatic, or manual. But if you can find the variable, then you're good to go with just having everything be automated. And for that one, we're just gonna go and we're grabbing the response, you are a local Plath and splitting it by the forward slash, which looks like this here. So what we have now is the latest version. And then it's the same thing where it's basically if the versions are different, you could put logic in there to say, This version is bigger than the other version. But I figure what we're downloading the latest, if the versions are different, it's a pretty safe bet, depends on how far you want to go with that one. And if it works, we're creating the new folder. I was right where it needed to be. Discord, you can see we have just 0308 run this last bit. This one's actually going to go quite a bit faster. Thank you smaller installs. But the first thing it does come in, crease the folder with the latest version. And the install file shows up right there. Alright, and then the last one we're going to showcase is if it is in GitHub, we're using this mremoteNG version of it. The top is the same, the same parameters we're grabbing and all the other ones, those are pretty static. As far as the URL goes, it's pretty similar. It's always gonna go to API GitHub repos. And then you just have to know the name of the repo from that point on and run that one. It's just another thing where there's no default, go out and find it. I just went and found the specific one and built it. And then this one, instead of doing the opening web requests of the dotnet, we're just doing the invoke web request command and converting that from a JSON file because that is the result you get. And you want to see what the version for that one is. It's 176 dot 22 4615. Right here, where I'm grabbing the latest, that's the latest official release. But if you want to do something in the beta, you just come in and you'd remove the latest part. And then outside of that JSON, the convert-from, we're going to want to put zero just to grab the first one, that's going to be the latest version. So if we run those two,

Lex  20:27 ---  so Jordan, there's a lot of footwork with this wasn't there

Jordan  20:30 ---  That's Unfortunately, there's not a way I can just say, Hey, this is going to go in and find it, you have to go in and find out exactly how to download it and customize the script where it grabs the variable. But you can see with the changes I put in there, where if I typed it correctly, it's grabbing the latest, which is the beta not the final release. We're gonna go back into the latest because I don't like change. I don't trust myself to type or correct either. So we'll just do it the old way with the undo. And then it's the same thing: compare versions, if it's there, create the folder and download it. Right, and I guess was that we have any other questions that have come in?

Kelly  21:12 ---  Hey, Jordan, is the PDQ Deploy repository cleanup tool smart enough to use the variable names and accurately pick up old installers? Thanks, Dave.

Jordan  21:24 ---  So the cleanup tool is basically we'll find installers that aren't tied to a package. So if it is a stellar package erstellen solar is not being used, it'll find that even if it's an older installer, if it's tied to a package somewhere it won't find it. All right, that one didn't look like that one updated for me, let's see what I built here. Did I keep it I never updated my variables. So I just installed that to Discord. And that's why you run the variable ones. Here, we're going to delete that. And then just run the script as a whole.

Lex  22:09 ---  While that's running, the other thing about the cleanup tool, it's a good idea if you're building custom packages to put a custom folder, and then you can exclude that folder. And anything that you're working on won't actually be shown up or deleted from that, you know, repository cleanup tool.

Jordan  22:30 ---  Okay. And that's fantastic advice. Definitely, if you run the cleanup tool, and you delete something that's not active yet, you're going to be grumpy. Alright, so that's kind of a quick nap keeps getting too quick, it's not quick, that's the way that you can go through the different versions to find the software you want. So if there's a particular package you want to do, you just require some research. But the examples I have in there, which should be on our bonus content, will help you get started or down the path, we just have to customize it just to make sure you do absolutely grab the latest version. It needs that for this last script that we're about to run the auto update variables, which apparently this was written by me. Alright, so this one, same thing at the top, we're just creating a blank array, you can tell this is an older script, because instead of building it like a list array, it's much faster. I just did it this way, the repository and the database location. And we're going to come into and we're going to build objects for each package that you have, in our case, we have mremote Acrobat and discord, maybe I should actually underline instead of pointing at them. Alright, and with each one of those, you have to have a couple of things like the name of the variable, which case sensitivity does matter. The schedule ID that we talked about earlier, that is going to be clearing out and the path to the install file. And so we have created three here, it's the mremoteng, Acrobat and Discord. And then we're just going to put that all into the array that we built up at top at the time, maybe I should actually run those to build them. Otherwise, I just look ridiculous. Alright, and then the way this script is going to work is going to go in and it's going to do a count of the folders within the file you're specifying. So repository Discord, and if there's three folders, it knows that there's a new version in there, because you have the archive, you have your old version, you have the one that just downloaded. So it's going to go in, there's gonna grab whichever one's older, move it into the archive, and then it will go through and update the variables based on the name of the folder that's in there, which is how the version is going to update in the variables and it should update everything in there. And the last thing is going to come into the schedule, and it's going to go in there. It's going to clear out the entire history of the schedule you listed in there so it will run on the next update. So we'll just run when we start to get some information here. It is uploading variables, it's gonna say twice, once for Deploy once for Inventory. So if we go to deploy, you can see the packages are still showing that they have the install file because it has the updated one. And the variables are absolutely updated. And if we go to the repository, you can see that it deleted the old one or not deleted, moves it down to the archive, and you have the new version there. So the way this will work altogether, you want the PowerShell script to build to run independently on the task scheduler Anyway, you want to kick those off, that will go through and it will check to see if there's a newer version, if there is it will download it and start off the process. And then you want the next one that clears up and updates the variables to run sometime after depending on how long you saw the Adobe one that was 140 mb and didn't go particularly fast, make sure you have plenty of leeway. Run that one, update your variables, get all the packages up to date and the schedule is clear. The next time that schedule kicks off is going to update the latest version for software that's not in the package library. Do we have any other questions?

Kelly  26:07 ---  So I hope I've translated this one correctly, we had to rewrite it. And I don't think English is the first language. So here we go. Hi, how can we build windows 10 build version upgrade packages? Sometimes patches are not compatible with specific Windows Windows builds while pushing packages? How do we identify such computers?

Jordan  26:29 ---  I'm not sure that one is talking about the full feature updates that we don't offer in the package library. Or is that

Kelly  26:37 ---  that's what I'm not sure

Jordan  26:40 ---  if that's the case. There's some notes out there on how to build these packages, we don't have it in the package library because those updates usually take long enough that the package shows as failed before it's completed because it doesn't check back in on one of the reboots. So it's one where it does work. But it doesn't always work in a way that it can report back successfully on your machine. So it's there a lot of trial and error on that one and you're probably not going to get the reporting you're hoping for but you might be able to make that work. Okay.

Kelly  27:16 ---  Can you remind me how to select a group of computers in inventory, then paste those into a deployment. I saw it once on here but since forgotten how to do it. Thanks, Ian M.

Jordan  27:27 ---  Just go grab these ones here. Come in here we'll say we're installing Discord, deploy once, just putting the window Ctrl V will paste right in there. That also works for you. I believe drag and drop your tests test that one we're gonna move Daffy Duck over Nope, I was wrong on that one. That's for adding them to target lists. Other than that, you can point in to collections within the package itself, which might be a little bit better. But yeah, just Ctrl C Ctrl. v. copy pasting new copy right over for you. Okay,

Kelly  28:07 ---  somewhat off topic. But mostly just because I'm curious. When I run deploy and inventory in client mode on my laptop over a VPN connection, I get a lot of fan noise and CPU usage. When running deployments or scans is most of the work done by the client, I would have expected the server inside the LAN to do most of the work. Sincerely, Alexander and who looks remarkably similar to Gavin Rossdale from the band BUSH

Jordan  28:35 ---  well played  Alexander N. Um, so for that one. I mean, the actual work of the deployments can be done on the machine you're deploying to, the only place that I can think of where you're going to see that kind of information is where it's downloading the install file. So if you're on the client, or wherever the repository is, it might be, I think, you can change it to push or pull, where push will put it onto the client, which will then push it out with the install where pull will have the client do the pulling down. So where you probably wouldn't see that same results. Other than that, I can't think of anything,

Lex  29:09 ---  if he's in central server mode, okay, any work that you're doing, like your laptops, pointing at the server across your VPN, all that work is truly taking place on the server. So your laptop spinning up the fan and stuff? I don't know about that. But when you are in central server mode, that server that you're connecting to is doing the work.

Jordan  29:31 ---  Yes. Oh, so I guess we're not 100% on why that would be spinning up like that. All right.

Kelly  29:39 ---   One last question, kind of a different topic. But can we also access the database to get the status of a deployment, it would be great to get the status of a deployment after triggering from the CLI sincerely yacine D.

Jordan  29:54 ---  I don't know off the top of my head but we can open up the command line there and see what we have. So We're looking for a current deployment. I don't know if we have anything like that in their database, you can start a schedule from there. But as far as status, I'm not seeing that. The only way I could think through that would be SQL query, which would have to run while it was actually installing. I don't know if that would be wise or feasible. But as far as from the command line, we don't have anything like that to see the current one.

Jake  30:28 ---   I lied. There's actually one more question. All right.

Kelly  30:31 ---  The hits just keep on coming, everybody. Is there a way to Auto Deploy packages to a collection when new computers join the collection? Thanks, Troy mm.

Jordan  30:42 ---  Um, so I guess we deploy packages too quickly, I guess the first time is added to the collection. Um, one thing I can think of, it'd be like an aggressive schedule where you have it checked, to not deploy once it's been successful. So the point in the collection, the schedule would kick off, and it would only include those machines that don't have those software installed yet from the schedule. And then you can make the schedule as aggressive as you need to be and it's only gonna run against those that haven't had it. I don't know. Do you have a better version than Alex?

Lex  31:14 ---  I know, I do it the same way. I just. Yeah, I do the same way. I just try to make you look. Yeah. Yeah, what Jordan said, 

Jordan  31:24 ---  Okay. Hey, I got one. All right. Thanks, everyone, for tuning in. I just remember the scripts themselves, they're not going to work by default, you have to do research for the software you're trying to install and customize. Make sure you grab the version and that does have to be the name of the folder that you're putting it in. With that you can basically make even packages not in our library completely hands free for PDQ.com. I'm Jordan.

Kelly  31:47 ---  Thanks for joining our webcast today. Congratulations, Alexander's, and Troy M. The winners of PDQ swag, send us your info at webcast@gmail.com. Thanks again for joining us and we will see you back here next week.