1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

running tcc as a service at bootime

Discussion in 'T&T - Miscellaneous' started by Frank, Aug 3, 2012.

  1. Frank

    Joined:
    Aug 2, 2011
    Messages:
    258
    Likes Received:
    4
    Hi,

    for many years we used "AUTOEXNT" to run a batch script with admin privs on our company pcs at bootime.
    We used the script for many maintenance tasks, e.g.
    • gathering informations from every pc
    • distributing new files or sw-packages
    • checking important settings and installations
    • modifying computer settings, e.g. IP-address in case of changes in network infrastructure
    etc.

    Since Windows X64 "AUTOEXNT" is not working anymore.
    Of course you can do many things with Group Policies,
    but if find it bulky and not the right way to do some "little" maintenance tasks,
    which are often individual to department/plant/location.

    So I wanted back my good old "AUTOEXNT"!

    And this is the way I realized it:

    From a central admin pc I install SRVANY on the remote pcs and configure it to start TCC (in my case LE) as a service.
    The service is set to "start= auto", starts at boottime and then terminates.
    An admin can restart it anytime with "sc \\companypc12345 start ITService".

    Requirements:
    • you need a domain admin-account which is directly or indirectly member of the administrators group of the remote pcs
      ( e.g. member of "domain admins" or another group which is member of the administrators group of the remote pcs )
    • I recommend a central server share (or DFS link to a central server share) to store the logfiles
      or respectively other output-files
    • In my example I use the following tools to do the job:
    sc.exe (windows internal)
    findstr.exe (windows internal)
    reg.exe (windows internal)
    uptime.exe (from an old windows resource kit)
    srvany.exe (from an old windows resource kit)
    psexec.exe (www.sysinternals.com)
    optional:
    baretail (can "tail" more than 1 file at a time, see http://www.baremetalsoft.com/baretail/)
    • prepare a server share (in a pinch it can also be a diretory on your local computer) with the following files/subdirs:
    \\serverxx\!admin\ITService\bin\English.dll
    \\serverxx\!admin\ITService\bin\German.dll
    \\serverxx\!admin\ITService\bin\ITService.BTM
    \\serverxx\!admin\ITService\bin\SRVANY.EXE
    \\serverxx\!admin\ITService\bin\TCC.exe
    \\serverxx\!admin\ITService\bin\onig.dll
    \\serverxx\!admin\ITService\bin\remote-install.btm
    \\serverxx\!admin\ITService\bin\takecmd.dll
    \\serverxx\!admin\ITService\logs
    • prepare a btm which is executed everytime the service is started, e.g. "start.btm":
    Code:
    echo    ***** start: %_date, %_time: "%comspec" / %_cmdproc / %_cwd
    path    %_cwd;%path
     
    rem    call the central maintenance script
    call      \\serverxx\!admin\ITService\bin\maintenance.btm >& itservice.log
     
    rem    recommended: copy logfile to central share
    copy    itservice.log \\serverxx\!admin\ITService\logs\%computername
     
    rem    stop the service, because its not needed anymore until next boot
    echo    ***** end  : %_date, %_time (stopping the service)
    sc      stop itservice
    
    • prepare a central maintenance script, e.g. \\serverxx\!admin\ITService\bin\maintenance.btm :
    < put in here your maintenance tasks >​
    • start a tcc window with sufficient rights to administer the remote pcs, e.g. "domain admin"
    • cdd to the install directory and run the install script: "remote-install.btm companypc12345"
    • Here is my "remote-install.btm":
    Code:
    @echo  off
    rem    used external tools (put them into your path):
    rem    sc.exe                windows internal
    rem    findstr.exe        windows internal
    rem    reg.exe                windows internal
    rem    uptime.exe        from an old windows resource kit
    rem    srvany.exe        from an old windows resource kit
    rem    psexec.exe        www.sysinternals.com
    rem    ServiceLogonRight.exe        http://www.dateiliste.com/en/free-software/15-command-line-utilities/412-servicelogonright-utility-to-allow-a-user-to-logon-as-a-service.html
    rem    optional:
    rem    baretal: can view more than 1 file at a time, see http://www.baremetalsoft.com/baretail/
     
    setlocal
    on      break cancel
    path    \\osram.de\net-ber\!admin\bin;%path
     
    gosub  checkpars
    echo    %verbose
     
    set    account=company_de\sys_netservice.ber
    set    password=********
    set    service=ITService
     
    echo    *************************************************************************************
    echo    you can interrupt with ctrl-c at any time!
    echo    *************************************************************************************
    echo.
     
    iff    not defined pc then
     
            input /e please provide hostname : %%pc
            if      not defined pc (
                    echo    no hostname ... quitting
                    goto    end
                    )
    endiff
    set    pc=\\%@replace[\,,%pc]
     
    echo    *************************************************************************************
    echo    checking if %pc is available
    echo    *************************************************************************************
    echo.
    uptime  %pc && goto next
    echo    %pc n/a ... quitting
    goto    end
     
    :next
    echo    *************************************************************************************
    echo    %pc is available
    echo    *************************************************************************************
    echo.
    rem    check if service is already installed
    set    isinstalled=false
    sc      %pc qc %service |& findstr /i success
    if      %? ne 0 goto getpf
     
    set    isinstalled=true
    echo    *************************************************************************************
    echo    service %service is already installed on %pc
    echo    *************************************************************************************
    echo.
    input  /k"yn" proceed anyway? %%response
    if      %response eq n (
            echo quitting
            goto end
            )
     
    :getpf
    echo.
    echo    *************************************************************************************
    echo    get programfilesdir on remote machine ( for non-standard installations )
    echo    *************************************************************************************
    echo.
    set    pfdir=%@trim[%@execstr[0,reg query %pc\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion /v "ProgramFilesDir (x86)" | findstr /i reg_sz]]
    if      not defined pfdir (
            echo    *************************************************************************************
            echo    variable could not be retrieved ... quitting
            echo    *************************************************************************************
            echo.
            goto end
            )
    rem    split string with the underscore from "reg_sz"
    set    pfdir=%@word["_",1,%pfdir]
    rem    all after 1st space
    set    pfdir=%@word[1-99,%pfdir]
    set    pfdir2=%@replace[:,$,%pfdir]
     
    echo    *************************************************************************************
    echo    we retrieved the following "programfilesdir(x86)":
    echo    *************************************************************************************
    echo.
    pause  %pfdir / %pfdir2      ... continue with return
    echo.
    echo    *************************************************************************************
    echo    trying to grant "logon as a service" to %account on %pc
    echo    *************************************************************************************
    echo.
    psexec  %pc -c ServiceLogonRight.exe %account >& nul:
    if      %? ne 0 (
            echo error: %? ... quitting
            goto end
            )
    echo    *************************************************************************************
    echo    successfully granted "logon as a service" to %account on %pc
    echo    *************************************************************************************
    echo.
    input  /k"yn" can we start? %%response
    if      %response eq n (
            echo quitting
            goto end
            )
    :copy
    echo    *************************************************************************************
    echo    creating directory and copying files
    echo    *************************************************************************************
    echo.
    if not isdir "%pc\%pfdir2"\%service md "%pc\%pfdir2"\%service
    copy    /t *.* "%pc\%pfdir2"\%service
     
    echo    *************************************************************************************
    echo    ready to install the service
    echo    *************************************************************************************
    echo.
    pause
     
    echo.
    if      %isinstalled eq true (
            echo trying to delete service %service
            sc  %pc stop  %service >& nul:
            delay 5
            sc  %pc delete %service
            delay 5
            )
    sc      %pc create %service %=
            binpath=    "%pfdir\%service\srvany.exe" %=
            displayname= %service %=
            type=        own %=
            start=      demand %=
            obj=        %account %=
            password=    %password
     
    reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service            /v Description  /t reg_sz /d "Osram IT Maintenance Service" /f
    reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service\Parameters /v Application  /t reg_sz /d "%pfdir%\%service\TCC.EXE" /f
    reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service\Parameters /v AppParameters /t reg_sz /d " /c %service.btm >& start.log" /f
    reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service\Parameters /v AppDirectory  /t reg_sz /d "%pfdir%\%service" /f
     
    echo    *************************************************************************************
    reg    query %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service /s
    echo.
    sc      %pc query %service
    echo    *************************************************************************************
    echo    service ist installiert
    echo    *************************************************************************************
     
    echo    start baretail?
    ? start baretail "%pc\%pfdir2\%service\start.log" "%pc\%pfdir2\%service\%service.log" n:\!admin\LOGS\ws\%@replace[\,,%pc]
    echo    start the service?
    ? sc    %pc start %service
     
    :end
    endlocal
    quit
     
    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    :checkpars
    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
     
    set    verbose=off
    set    pc=
     
    do      par = 1 to %#
            rem    echo %[%par]
            if      %[%par] eq /v          set verbose=on
            if      %@left[1,%[%par]] ne /  set pc=%[%par]
     
    enddo
     
    return
    
    If all works fine, the service is installed and at the end you can launch a logfile-viewer, start the service and watch the resulting logfiles.
    I'm not sure that all is consistent, because I ported it from my "real world" to this abstract version.
    If there are mistakes, problems or questions: please let me know.
     
  2. vefatica

    Joined:
    May 20, 2008
    Messages:
    7,934
    Likes Received:
    30
    I'm surprised that SRVANY works while AUTOEXNT doesn't. I have AUTOEXNT (interactive) working on Win7/32. It starts my mail server (Mercury/32, with an elaborate GUI) and then stops itself. I wrote an app to switch to the "services desktop" on demand. I suppose I could have AUTOEXNT start TCC, but instead, I wrote a "daemon" for the mail server which, when it sees an email with a certain subject line, starts TCC. It's pretty cool running TCC as "nt authority/system". Here's a pic of the mail server and TCC running on the services desktop:

    ftp://lucky.syr.edu/MercOnSvcDesk.png

    That's best viewed full-size ... scroll, it's two monitors.
     
  3. Frank

    Joined:
    Aug 2, 2011
    Messages:
    258
    Likes Received:
    4
    Cool idea.
    In my case I like to run tcc with its comprehensive capabilties at boottime; adios autoexnt.
     
  4. vefatica

    Joined:
    May 20, 2008
    Messages:
    7,934
    Likes Received:
    30
    Actually, TCC does run at boot time but I don't leave it running. AUTOEXNT.BAT says
    Code:
    start g:\tc13\tcc.exe /c g:\tc13\startmercury.btm
    net stop autoexnt
    and STARTMERCURY.BTM says
    Code:
    delay 5
    start l:\mercury\mercury.exe
    do while not isapp ui0detect.exe
            delay 1
    enddo
    delay 3
    net stop ui0detect
    An alias starts TCC (on demand, as SYSTEM) on the services desktop in about two seconds.
    Code:
    v:\> alias xx
    option //MailServer=localhost & sendmail "vefatica@vefatica.net" secret foobar
    I actually had to register TCC for the SYSTEM user!

    I don't understand why AUTOEXNT doesn't work, especially if SRVANY does work. How does it fail?
     
  5. Frank

    Joined:
    Aug 2, 2011
    Messages:
    258
    Likes Received:
    4
    How did you " register TCC for the SYSTEM user"?

    The thing with autoexnt is that at the point of first W7 rollouts we didn't get it to work. And I can't remember why.
    I will try it on a test machine the next days.
     
  6. vefatica

    Joined:
    May 20, 2008
    Messages:
    7,934
    Likes Received:
    30
    While it was running on the services desktop, as "nt authority/system", I did OPTION ... Register ... and entered my credentials. It's ultimately remembered in HKEY_USERS\S-1-5-18\Software\JP Software\ ... S-1-5-18 is "nt authority/system".

    I don't know where S--1-5-18's profile is stored on disk. A guess would be ...\System32\config\system (or maybe SYSTEM has an NTUSER.DAT file hidden somewhere).
     
  7. vefatica

    Joined:
    May 20, 2008
    Messages:
    7,934
    Likes Received:
    30
    I don't know how I missed that ... it's ...\system32\config\systemprofile\ntuser.dat.
     
  8. Frank

    Joined:
    Aug 2, 2011
    Messages:
    258
    Likes Received:
    4
    Finally I have to revise my statement, that autoexnt doensn't work with X64 anymore.
    Apparently it is the way we tried to install it. All tasks are hidden in an EXE but I can't find the source anymore (quickly). Also there were several colleagues involved with it.
    Now I'm happy to start TCC via SRVANY.
     

Share This Page