a) installable silently when doing unattended install (preferably in windows_installer.bat file to hide username and password when doing unattended install):
windows_installer --silent --server 192.168.1.1 --user john --pass password
Currently I'm storing the values in the registry and changing the access rights so that only System can read them (Might need to add Administrator to that too).
I meant the Unattended installing part - it prints out every command to the screen, so in order to hide passwords etc., one has to use a .bat file instead of plain commands and arguments.
b) runs on Windows in the background, connects to the server using SSL (to secure username and password) when booting, and fetches the instructions, sends software installed etc.
I've not considered the need to use SSL at this stage. (And I'm not sure that I've configured MySQL to use that correctly yet either - but I will, one day.)
I agree that functionality first, then we add security.
This is how you configure complicated things - add one feature and see if it works, then add another and so on.
But this would be neat to have some security in the end, as probably some of us wouldn't want some smart students/users stealing our installer versions, operating system, which are protected by law etc. etc.
c) server part as a dameon (on Linux, as most of use run Samba I think): - configurable via https web interface
Time to confess - I've never done anything using https. My inclination would be to 'get it working' using http and then hope that someone else would be inclined to help me convert to https. (Although as I write this I realise that there's someone thinking 'but it's sooo easy! You just do <foo> and there it is.')
As long as it uses Apache as a http server (using which we would make changes to the configuration files), it's not a problem to add https.
Unless the daemon listens on its own port like Webmin does for example.
- report which software which client has installed (and what is to be installed)
I think I'm coming at it from the other (wrong?) way - the client finds out what it has and what it *should* have and then tries to make the lists the same. I like the idea of the server being able to do the same calculation and "predict" what the client should be doing, though.
It's not that hard, it can be done with WPKG even now.
WPKG keeps the track of the software installed on a given machine in C:\winnt\system32\wpkg.xml
After WPKG runs, it's possible to upload this file to the server with a name of a host that uploads this file.
- "install" button to install/uninstall/upgrade the missing software now
For users? Sounds attractive. I've been thinking about having a web interface which would allow users to select applications for which we have a site license or are freeware and allowing them to choose which of those packages are installed on their desktop. Or to remove packages they don't like. (I have one user who swears by virtual desktops. I have others who swear *at* virtual desktops...)
I was thinking of admin rather than the user.
If admin configures some new software, he could just compare the state "what's missing", press "Install" button, and immediately see the result if it installs or not - if software installs on system boot only, then the admin can wait a couple of days until he installs something.
We all know how hard it is to do some tasks on Windows silently (especially installing software - how much time did you waste on that?), so this would be a nice feature.
Users tend to be not familiar with software/hardware/computers etc., so everything should work flawlessly for them (the less telephone calls and emails the better).
But hey, why not give some of them some degree of independence (provided they can install only what we allow them).
- configure to install software on Winodws boot
I'd been thinking of installing software on the next boot always, but I can see that this would cause problems when, for example, a user has to reboot in the middle of work because Windows Update has just installed lots of stuff and only then remembers that he asked for <foo> to be installed on his machine at the next boot. And <foo> takes ages to install...
Windows Update can be configured not to reboot automatically, so can most of the software I think.
- configurable to install software from a password protected file server / ftp / http etc.
Don't immediately see how easy it would be to implement installations from ftp / http servers. Password protected samba servers would probably cover a high-enough percentage of uses for the time being, I hope.
Provided there is some kind of wget for Windows, it shouldn't be that hard.
I agree, ftp / http would be an extra feature developed later.
But I can imagine it very usable: a company has its branch offices in the whole country, two employees in each office, so it wouldn't pay to provide an extra file server for just two computers - I know such cases though :)
So if the office has a DSL line, it could be desirable to use a remote http / ftp server for software installations.
So far there is nothing like it I think, WPKG would be the closest to it (but very far from what I described, too) - so I decided to develop a web interface for it (should be available in a month or two).
Sounds good - my initial attempts with WPKG were disappointing. I tried to perform an AutoIt install, which persisted in hanging when run from
So were mine, but I found nothing better so far.
These XML entries are quite OK - it's relatively easy to make a web backend for it, which I think would attract far more people than when they had to rely only on editing text files.
I think that's a very sensible point. Maybe I should add the ability to store 'simple' {install/remove/upgrade/test} commands in a database, using batch files as a last resort. I think it's important to have batch files (or perl / JScript / VBScript scripts, perhaps) available because they allow us to perform conditional processing which would get rather difficult in an XML entry. Well, so I think, but I'm speaking from a position of ignorance... anyone care to enlighten me?
I didn't say that we can only edit XML files using a http backend :)
Editing bat files / other files should be as easy, provided they have some sensible, predictible format.
How do we determine what should be installed/removed etc.?
Make a query to the SQL server with the work stations MAC address.
I think it's far better to make these queries using the workstation name.
We use workstation names when doing unattended installs, same goes with WPKG, we generally recognize workstations by their netbios names.
How many MAC addresses can you remember and associate to a given workstation? :)
If someone wants to use the MAC, why not, same goes for IP, but IMHO using the workstation name should be on the first place; MAC or IP as an option (some would like to combine two or even all of them to provide some extra security, but most of people won't do it as it's not needed).
Now, in my case (and I might or might not be representative of others) I'd like that query to lookup which licences I (as sys admin) have allocated to that hardware address, and then tell me the directories containing the install/remove/test scripts.
If there is software that has a license attached to a MAC address, there should be an option to install software "on a given MAC", but I still think that the netbios name should be used primarily.
I can see that might not be relevant for other people, so perhaps this query should be stored somewhere it can be changed. Anyway, one generates a list of packages which the server thinks should be installed. The client has kept a list of all those packages which it has installed in the registry.
Maybe then dump it to a file, and copy to the server when installing is finished?
This way the server could know what warkstation has which software (as I've written somewhere earlier).
Ufff, these thread's mails are sooo long (which doesn't mean that they're boring) :))
Tomek
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ unattended-info mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/unattended-info
