20 November 2012

Internet Access for an application during MDT or SCCM build

You have an application that is installed during the build process of MDT or SCCM and it needs access to the internet to download additional files. There are some programs, such as Autodesk Revit, that you cannot download everything necessary to install it completely offline. The easiest way to grant temporary internet access is by running the installation with a different account that has access. The way you do this in MDT or SCCM is by using PSEXEC.exe. Here is how:

  1. Download and extract PSEXEC to a shared network location that can be accessed by the build
  2. In the application wizard, under Quiet install command, enter the application in the following manor: <UNC Path to PSEXEC folder>\PsExec.exe \\%COMPUTERNAME% /accepteula -u <domain>\<username> -p <password> <command line install>
  3. In the Working directory, enter the network location of where the application resides
That is all that is to it. By using PSEXEC, you are running the application under different credentials, thereby giving it access to the internet. 

Here is an example of what the Quiet install command might look like: 
\\shared-location\PSEXEC\PsExec.exe \\%COMPUTERNAME% /accepteula -u boston\buildaccount -p 123456 cscript.exe /b Install.vbs

NOTE: PSEXEC.EXE is a very touchy application that can be difficult to implement. The above listed is what has worked at the firm I work for. It will vary at most companies due to differences in network configurations. I do enjoy helping others, but an issue like this has to be resolved internally because it is a security matter within your own company.

0 comments:

Post a Comment