Well since this is the third attempt to post this message I am going to just link the actual code. The following code can be run in a vbs or wsh file to shutdown and restart a Windows machine. I have not built this up to attaché to large numbers of machines but here is the basic code to do it. This will run from any windows machine and connect to any of the Window NT series of OS's. Just change the "machine of your choice" to either an IP address in double quotes or the NetBios name of a computer on the network that you have administrative rights to and access to RPC services. I.E. TCP 135 and some random high ports.
Sean
Here is the link to the web site where this is located.
http://www.warnocksolutions.com/share/Share/Seans%20Programs/Management%
20Application/Server/test shutdown.vbs
-----Original Message-----
From: Zachary Mutrux [mailto:zmutrux (at) compumentor (dot) org [email concealed]]
Sent: Thursday, October 16, 2003 9:43 AM
To: Focus-MS
Subject: automating reboot (was RE: RPC Scan Issues)
I create a reboot script using psshutdown.exe from Sysinternals.
http://www.sysinternals.com/ntw2k/freeware/pstools.shtml
It looks something like this:
psshutdown -f -r -m "In order to apply a security patch, this computer will
reboot in five minutes. --zm" -t 300 \\workstation1
psshutdown -f -r -m "In order to apply a security patch, this computer will
reboot in five minutes. --zm" -t 300 \\workstation2
psshutdown -f -r -m "In order to apply a security patch, this computer will
reboot in five minutes. --zm" -t 300 \\workstation3
...
I usually create these scripts manually, following these steps:
1) Open Active Directory Users and Computers.
2) Select the hosts to be rebooted, and export to a tab-delimited text file
3) Open the text file in Excel, delete columns other than hostname
4) Paste or type in the options above for one host
5) Drag to copy the options down the column for all hosts
6) Save the file as text
7) Rename to "reboot_desktops.bat"
At the same time, I create a variation of the script to abort the reboot,
just in case I ever accidentally run the reboot script. It is the same as
the reboot script, but uses the abort option.
...
psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
\\workstation1
psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
\\workstation2
psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
\\workstation3
...
Then I save this batch file as "abort_reboot.bat"
Once I have the reboot script I save it in C:\batch and schedule it as a
scheduled task to run late at night, but at a time that it will not
interfere with backups or antivirus updates or other regularly scheduled
maintenance. Before scheduling the reboot, I warn users to log off when they
leave for the day, but to leave their computers running. That way there is
less of a chance that someone will lose an unsaved document they left open
on the desktop.
Can anyone offer suggested improvements for this process?
Zac
> -----Original Message-----
> From: c_brauckmiller (at) LEK (dot) COM [email concealed] [mailto:c_brauckmiller (at) LEK (dot) COM [email concealed]]
> Sent: Wednesday, October 15, 2003 9:45 AM
> To: Cosentino, Guilherme V.
> Cc: 'focus-ms (at) securityfocus (dot) com [email concealed]'
> Subject: RE: RPC Scan Issues
>
>
>
>
> Does anyone know of any tool that can automatically reboot every
> machine in a
> given IP range at a given timne?
>
> One could just tell the software to reboot all client PCs in the
> DHCP scope.
>
> We ran into this exact problem when we pushed MS03-026 and
> MS03-039 via login
> script.
>
> Thanks
>
> Craig Brauckmiller
------------------------------------------------------------------------
---
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
------------------------------------------------------------------------
---
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Sean
Here is the link to the web site where this is located.
http://www.warnocksolutions.com/share/Share/Seans%20Programs/Management%
20Application/Server/test shutdown.vbs
-----Original Message-----
From: Zachary Mutrux [mailto:zmutrux (at) compumentor (dot) org [email concealed]]
Sent: Thursday, October 16, 2003 9:43 AM
To: Focus-MS
Subject: automating reboot (was RE: RPC Scan Issues)
I create a reboot script using psshutdown.exe from Sysinternals.
http://www.sysinternals.com/ntw2k/freeware/pstools.shtml
It looks something like this:
psshutdown -f -r -m "In order to apply a security patch, this computer will
reboot in five minutes. --zm" -t 300 \\workstation1
psshutdown -f -r -m "In order to apply a security patch, this computer will
reboot in five minutes. --zm" -t 300 \\workstation2
psshutdown -f -r -m "In order to apply a security patch, this computer will
reboot in five minutes. --zm" -t 300 \\workstation3
...
I usually create these scripts manually, following these steps:
1) Open Active Directory Users and Computers.
2) Select the hosts to be rebooted, and export to a tab-delimited text file
3) Open the text file in Excel, delete columns other than hostname
4) Paste or type in the options above for one host
5) Drag to copy the options down the column for all hosts
6) Save the file as text
7) Rename to "reboot_desktops.bat"
At the same time, I create a variation of the script to abort the reboot,
just in case I ever accidentally run the reboot script. It is the same as
the reboot script, but uses the abort option.
...
psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
\\workstation1
psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
\\workstation2
psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
\\workstation3
...
Then I save this batch file as "abort_reboot.bat"
Once I have the reboot script I save it in C:\batch and schedule it as a
scheduled task to run late at night, but at a time that it will not
interfere with backups or antivirus updates or other regularly scheduled
maintenance. Before scheduling the reboot, I warn users to log off when they
leave for the day, but to leave their computers running. That way there is
less of a chance that someone will lose an unsaved document they left open
on the desktop.
Can anyone offer suggested improvements for this process?
Zac
> -----Original Message-----
> From: c_brauckmiller (at) LEK (dot) COM [email concealed] [mailto:c_brauckmiller (at) LEK (dot) COM [email concealed]]
> Sent: Wednesday, October 15, 2003 9:45 AM
> To: Cosentino, Guilherme V.
> Cc: 'focus-ms (at) securityfocus (dot) com [email concealed]'
> Subject: RE: RPC Scan Issues
>
>
>
>
> Does anyone know of any tool that can automatically reboot every
> machine in a
> given IP range at a given timne?
>
> One could just tell the software to reboot all client PCs in the
> DHCP scope.
>
> We ran into this exact problem when we pushed MS03-026 and
> MS03-039 via login
> script.
>
> Thanks
>
> Craig Brauckmiller
------------------------------------------------------------------------
---
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
------------------------------------------------------------------------
---
[ reply ]