running tcc as a service at bootime

[Frank]

Hi,

for many years we used "AUTOEXNT" to run a batch script with admin privs on our company pcs at bootime.
We used the script for many maintenance tasks, e.g.

• gathering informations from every pc
• distributing new files or sw-packages
• checking important settings and installations
• modifying computer settings, e.g. IP-address in case of changes in network infrastructure

etc.

Since Windows X64 "AUTOEXNT" is not working anymore.
Of course you can do many things with Group Policies,
but if find it bulky and not the right way to do some "little" maintenance tasks,
which are often individual to department/plant/location.

So I wanted back my good old "AUTOEXNT"!

And this is the way I realized it:

From a central admin pc I install SRVANY on the remote pcs and configure it to start TCC (in my case LE) as a service.
The service is set to "start= auto", starts at boottime and then terminates.
An admin can restart it anytime with "sc \\companypc12345 start ITService".

Requirements:

• you need a domain admin-account which is directly or indirectly member of the administrators group of the remote pcs
  ( e.g. member of "domain admins" or another group which is member of the administrators group of the remote pcs )
• I recommend a central server share (or DFS link to a central server share) to store the logfiles
  or respectively other output-files
• In my example I use the following tools to do the job:

sc.exe (windows internal)​

findstr.exe (windows internal)​

reg.exe (windows internal)​

uptime.exe (from an old windows resource kit)​

srvany.exe (from an old windows resource kit)​

psexec.exe (www.sysinternals.com)​

ServiceLogonRight.exe (http://www.dateiliste.com/en/free-s...ty-to-allow-a-user-to-logon-as-a-service.html)​

optional:​

baretail (can "tail" more than 1 file at a time, see http://www.baremetalsoft.com/baretail/)​

• prepare a server share (in a pinch it can also be a diretory on your local computer) with the following files/subdirs:

\\serverxx\!admin\ITService\bin\English.dll​

\\serverxx\!admin\ITService\bin\German.dll​

\\serverxx\!admin\ITService\bin\ITService.BTM​

\\serverxx\!admin\ITService\bin\SRVANY.EXE​

\\serverxx\!admin\ITService\bin\TCC.exe​

\\serverxx\!admin\ITService\bin\onig.dll​

\\serverxx\!admin\ITService\bin\remote-install.btm​

\\serverxx\!admin\ITService\bin\takecmd.dll​

\\serverxx\!admin\ITService\logs​

• prepare a btm which is executed everytime the service is started, e.g. "start.btm":

echo    ***** start: %_date, %_time: "%comspec" / %_cmdproc / %_cwd
path    %_cwd;%path
 
rem    call the central maintenance script
call      \\serverxx\!admin\ITService\bin\maintenance.btm >& itservice.log
 
rem    recommended: copy logfile to central share
copy    itservice.log \\serverxx\!admin\ITService\logs\%computername
 
rem    stop the service, because its not needed anymore until next boot
echo    ***** end  : %_date, %_time (stopping the service)
sc      stop itservice

• prepare a central maintenance script, e.g. \\serverxx\!admin\ITService\bin\maintenance.btm :

< put in here your maintenance tasks >​

• start a tcc window with sufficient rights to administer the remote pcs, e.g. "domain admin"

• cdd to the install directory and run the install script: "remote-install.btm companypc12345"
• Here is my "remote-install.btm":

@echo  off
rem    used external tools (put them into your path):
rem    sc.exe                windows internal
rem    findstr.exe        windows internal
rem    reg.exe                windows internal
rem    uptime.exe        from an old windows resource kit
rem    srvany.exe        from an old windows resource kit
rem    psexec.exe        www.sysinternals.com
rem    ServiceLogonRight.exe        http://www.dateiliste.com/en/free-software/15-command-line-utilities/412-servicelogonright-utility-to-allow-a-user-to-logon-as-a-service.html
rem    optional:
rem    baretal: can view more than 1 file at a time, see http://www.baremetalsoft.com/baretail/
 
setlocal
on      break cancel
path    \\osram.de\net-ber\!admin\bin;%path
 
gosub  checkpars
echo    %verbose
 
set    account=company_de\sys_netservice.ber
set    password=********
set    service=ITService
 
echo    *************************************************************************************
echo    you can interrupt with ctrl-c at any time!
echo    *************************************************************************************
echo.
 
iff    not defined pc then
 
        input /e please provide hostname : %%pc
        if      not defined pc (
                echo    no hostname ... quitting
                goto    end
                )
endiff
set    pc=\\%@replace[\,,%pc]
 
echo    *************************************************************************************
echo    checking if %pc is available
echo    *************************************************************************************
echo.
uptime  %pc && goto next
echo    %pc n/a ... quitting
goto    end
 
:next
echo    *************************************************************************************
echo    %pc is available
echo    *************************************************************************************
echo.
rem    check if service is already installed
set    isinstalled=false
sc      %pc qc %service |& findstr /i success
if      %? ne 0 goto getpf
 
set    isinstalled=true
echo    *************************************************************************************
echo    service %service is already installed on %pc
echo    *************************************************************************************
echo.
input  /k"yn" proceed anyway? %%response
if      %response eq n (
        echo quitting
        goto end
        )
 
:getpf
echo.
echo    *************************************************************************************
echo    get programfilesdir on remote machine ( for non-standard installations )
echo    *************************************************************************************
echo.
set    pfdir=%@trim[%@execstr[0,reg query %pc\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion /v "ProgramFilesDir (x86)" | findstr /i reg_sz]]
if      not defined pfdir (
        echo    *************************************************************************************
        echo    variable could not be retrieved ... quitting
        echo    *************************************************************************************
        echo.
        goto end
        )
rem    split string with the underscore from "reg_sz"
set    pfdir=%@word["_",1,%pfdir]
rem    all after 1st space
set    pfdir=%@word[1-99,%pfdir]
set    pfdir2=%@replace[:,$,%pfdir]
 
echo    *************************************************************************************
echo    we retrieved the following "programfilesdir(x86)":
echo    *************************************************************************************
echo.
pause  %pfdir / %pfdir2      ... continue with return
echo.
echo    *************************************************************************************
echo    trying to grant "logon as a service" to %account on %pc
echo    *************************************************************************************
echo.
psexec  %pc -c ServiceLogonRight.exe %account >& nul:
if      %? ne 0 (
        echo error: %? ... quitting
        goto end
        )
echo    *************************************************************************************
echo    successfully granted "logon as a service" to %account on %pc
echo    *************************************************************************************
echo.
input  /k"yn" can we start? %%response
if      %response eq n (
        echo quitting
        goto end
        )
:copy
echo    *************************************************************************************
echo    creating directory and copying files
echo    *************************************************************************************
echo.
if not isdir "%pc\%pfdir2"\%service md "%pc\%pfdir2"\%service
copy    /t *.* "%pc\%pfdir2"\%service
 
echo    *************************************************************************************
echo    ready to install the service
echo    *************************************************************************************
echo.
pause
 
echo.
if      %isinstalled eq true (
        echo trying to delete service %service
        sc  %pc stop  %service >& nul:
        delay 5
        sc  %pc delete %service
        delay 5
        )
sc      %pc create %service %=
        binpath=    "%pfdir\%service\srvany.exe" %=
        displayname= %service %=
        type=        own %=
        start=      demand %=
        obj=        %account %=
        password=    %password
 
reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service            /v Description  /t reg_sz /d "Osram IT Maintenance Service" /f
reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service\Parameters /v Application  /t reg_sz /d "%pfdir%\%service\TCC.EXE" /f
reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service\Parameters /v AppParameters /t reg_sz /d " /c %service.btm >& start.log" /f
reg    add %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service\Parameters /v AppDirectory  /t reg_sz /d "%pfdir%\%service" /f
 
echo    *************************************************************************************
reg    query %pc\HKLM\SYSTEM\CurrentControlSet\Services\%service /s
echo.
sc      %pc query %service
echo    *************************************************************************************
echo    service ist installiert
echo    *************************************************************************************
 
echo    start baretail?
? start baretail "%pc\%pfdir2\%service\start.log" "%pc\%pfdir2\%service\%service.log" n:\!admin\LOGS\ws\%@replace[\,,%pc]
echo    start the service?
? sc    %pc start %service
 
:end
endlocal
quit
 
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:checkpars
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
 
set    verbose=off
set    pc=
 
do      par = 1 to %#
        rem    echo %[%par]
        if      %[%par] eq /v          set verbose=on
        if      %@left[1,%[%par]] ne /  set pc=%[%par]
 
enddo
 
return

If all works fine, the service is installed and at the end you can launch a logfile-viewer, start the service and watch the resulting logfiles.
I'm not sure that all is consistent, because I ported it from my "real world" to this abstract version.
If there are mistakes, problems or questions: please let me know.

 

[vefatica]

I'm surprised that SRVANY works while AUTOEXNT doesn't. I have AUTOEXNT (interactive) working on Win7/32. It starts my mail server (Mercury/32, with an elaborate GUI) and then stops itself. I wrote an app to switch to the "services desktop" on demand. I suppose I could have AUTOEXNT start TCC, but instead, I wrote a "daemon" for the mail server which, when it sees an email with a certain subject line, starts TCC. It's pretty cool running TCC as "nt authority/system". Here's a pic of the mail server and TCC running on the services desktop:

ftp://lucky.syr.edu/MercOnSvcDesk.png

That's best viewed full-size ... scroll, it's two monitors.

 

[Frank]

Cool idea.
In my case I like to run tcc with its comprehensive capabilties at boottime; adios autoexnt.

 

[vefatica]

Cool idea.
In my case I like to run tcc with its comprehensive capabilties at boottime; adios autoexnt.

Actually, TCC does run at boot time but I don't leave it running. AUTOEXNT.BAT says

start g:\tc13\tcc.exe /c g:\tc13\startmercury.btm
net stop autoexnt

and STARTMERCURY.BTM says

delay 5
start l:\mercury\mercury.exe
do while not isapp ui0detect.exe
        delay 1
enddo
delay 3
net stop ui0detect

An alias starts TCC (on demand, as SYSTEM) on the services desktop in about two seconds.

v:\> alias xx
option //MailServer=localhost & sendmail "[email protected]" secret foobar

I actually had to register TCC for the SYSTEM user!

I don't understand why AUTOEXNT doesn't work, especially if SRVANY does work. How does it fail?

 

[Frank]

...
I actually had to register TCC for the SYSTEM user!

I don't understand why AUTOEXNT doesn't work, especially if SRVANY does work. How does it fail?

How did you " register TCC for the SYSTEM user"?

The thing with autoexnt is that at the point of first W7 rollouts we didn't get it to work. And I can't remember why.
I will try it on a test machine the next days.

 

[vefatica]

How did you " register TCC for the SYSTEM user"?

While it was running on the services desktop, as "nt authority/system", I did OPTION ... Register ... and entered my credentials. It's ultimately remembered in HKEY_USERS\S-1-5-18\Software\JP Software\ ... S-1-5-18 is "nt authority/system".

I don't know where S--1-5-18's profile is stored on disk. A guess would be ...\System32\config\system (or maybe SYSTEM has an NTUSER.DAT file hidden somewhere).

 

[vefatica]

I don't know where S--1-5-18's profile is stored on disk. A guess would be ...\System32\config\system (or maybe SYSTEM has an NTUSER.DAT file hidden somewhere).

I don't know how I missed that ... it's ...\system32\config\systemprofile\ntuser.dat.

 

[Frank]

...I don't understand why AUTOEXNT doesn't work, especially if SRVANY does work. How does it fail?

Finally I have to revise my statement, that autoexnt doensn't work with X64 anymore.
Apparently it is the way we tried to install it. All tasks are hidden in an EXE but I can't find the source anymore (quickly). Also there were several colleagues involved with it.
Now I'm happy to start TCC via SRVANY.