05 March, 2012

Deploying & Updating UltraVNC with Active Directory




UltraVNC is a “must have” tool for “Help Desk” IT stuff. Without this tool, I will have to get up from my chair to go and see a non-critical message that appears on user’s system. Just to press “Enter” for the user. With a VNC application well setup, I could connect to the any user’s screen from my desk with the help of 2-3 clicks. I will explain you how you can setup VNC servers/clients in your enterprise so you can be lazier and be more efficient from your desk.
There is more than 1 way to accomplish this task. I’ll use a method where an “Active Directory” is a requirement. Please read this entire article before preceding your deployment.
Minimum requirements;
-          Active Directory Infrastructure
-          Newest UltraVNC software (Download from HERE)
-          Text Editor Software (I use Notepad++ but Notepad or any other text editor will do the job)
-          Ideally another workstation to test your deployment. It can be a virtual machine.
-          Preconfigured “VNC” configuration file.

1-    Download the UltraVNC software
2-    Put the setup file into a shared folder where all your Workstations have read access. By default, any share without further modification will be enough.
3-    From a text editor program, we will create a batch (.bat) file that will take care of the installation and updates. Keep in mind that the batch file will have only the instructions in order to install UltraVNC silently. So before you go ahead and copy/paste the code here, let’s try to understand what this batch file will do for us.
·         Instructions for a silent install
·         Right after the install, you need to restart the computer or manually start the uvnc service.
·         Check if UltraVNC is already installed & if it’s installed, verify that it’s your deployment. This will be a “Startup script” so each time a user starts their computer, this script will run. If you don’t put any instructions to verify the installation, the setup will run every time a user restarts his/her computer. As verification of an installed application requires advanced programming knowledge, I will cheat in order to accomplish this task easily.
·         Ideally, we can copy a preconfigured configuration file on computers that will setup all the needed settings for your organization.
·         Finally, the script will delete the “Start Menu” folder for UltraVNC because you don’t want your users to see the program easily and change your settings.

So the batch should look like this example;

@echo off
If exist "%ProgramFiles%\UltraVNC\10961.txt" (
Goto END
) else (
Goto SETUP )
:SETUP
"%programfiles%\UltraVNC\unins000.exe" /verysilent /norestart
"\\SharedFolder\UltraVNC_1.0.9.6.2_Setup.exe" /verysilent
"%programfiles%\UltraVNC\winvnc.exe" –install
copy "\\SharedFolder\ultravnc.ini" "%programfiles%\UltraVNC\ultravnc.ini" /y
copy "\\SharedFolder\10961.txt" "%programfiles%\UltraVNC\10961.txt" /y
rmdir /s /q "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC"
:END
exit
 You should modify the batch file to make it work in your infrastructure. Consider changing the “ShareFolder” path and filenames. Now, let’s see line by line what this batch file does for us.


Line 1
If exist "%ProgramFiles%\UltraVNC\10961.txt" (
Goto END
) else (
Goto SETUP )


Line 1 (Explanation)
Check if there is a text file called “10961.txt”. This is what I have decided as the numbers indicates the version of the UltraVNC installed on the workstation. By default, this file is not created by UltraVNC setup. So, this line makes sure that the deployment has never occurred on the machines that don’t have this text file. If the text file is there, than do not continue to run the script. Because if the file is there, that means the script has already ran on this machine and the UltraVNC should be installed. If the script doesn’t find the text file in the program files of the UltraVNC folder, than the scripts continue to run.

Line 2
:SETUP
"%programfiles%\UltraVNC\unins000.exe" /verysilent /norestart

Line 2 (Explanation)
This line will uninstall any existing UltraVNC silently and without a restart prompt.


Line 3
"\\SharedFolder\UltraVNC_1.0.9.6.2_Setup.exe" /verysilent
Line 3 (Explanation)
This command runs the setup with “verysilent”. “verysilent” is for a silent (no user interaction) experience.

_____________________________________________________________________


Line 4
"%programfiles%\UltraVNC\winvnc.exe" –install


Line 4 Explanation
This command starts the “winvnc” service. If you don’t add this command, the computer needs another restart in order to start this service which is required for you to be able to connect to VNC.

_____________________________________________________________________
Line 5
copy "\\SharedFolder\ultravnc.ini" "%programfiles%\UltraVNC\ultravnc.ini" /y


Line 5 (Explanation)
This command copies the preconfigured configuration file. In order to create this file, use a test machine to manually install UltraVNC. After the setup, restart your machine and configure all the settings you want from “%programfiles%\UltraVNC\uvncsettings.exe”. Once you are done and happy with your settings, you will find “ultravnc.ini” file in the same “%programfiles%\UltraVNC\” folder. You can copy this file into your shared folder in order to deploy it with your script. /Y switch is for bypass the copy confirmation. It’s mandatory if you want to keep the “silent install” idea.

_____________________________________________________________________
Line 6
copy "\\SharedFolder\10961.txt" "%programfiles%\UltraVNC\10961.txt" /y


Line 6 (Explanation)
This command does the cheating. It copies a text file called “10961.txt” from my shared folder to the installation path. The file contains no data in it. It’s used just to verify if my script has already run on the workstations or not. Next time that I need to update the software, it will be easier for me to deploy the newest version. Let’s say the newest version will be 1.0.9.7.0, and then I’ll change my script to check if “10970.txt” is present at the setup folder of each computer or not instead of “10961.txt” for the version 1.0.9.6.1.

_____________________________________________________________________
Line 7
rmdir /s /q "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC"
:END
exit


Line 7 (Explanation)
Finally, this command will delete the “Start Menu” folder for Windows 7 users. So the users won’t see the UltraVNC application as they don’t need to know what you are using to connect to their computer.

_____________________________________________________________________

Now, once you have completed all these tasks. It’s now time to test and apply the script in “Active Directory” so the computers can start receiving your update.
I am using “Group Policy” in order to deploy my script but if you have any other tools, you can use them. Like “Microsoft System Center” products or “Dell Kace”.
-          

  •       Open your “Group Policy Management” console and browse to the “Organizational Unit” that has all your workstations that you want to deploy UltraVNC. In my case, it’s called “Workstations”. 
  •           Right click on this “OU” and choose “Create a GPO in this domain, and link it here”.
  •           Give a name to your GPO. “UVNC Deployment”
  •           Right click on the newly created GPO and choose “Edit”
  •           On the left pane, under “Computer Configuration\Policies\Windows Settins\” click on “Scripts (Startup/Shutdown)
  •           On the right pane, double click on the “Startup”. This will bring up the “Startup Properties” window.
  •           Click on “Add” button and then “Browse” You should copy your script into this folder which is located somewhere on your “Domain Controller” “SysVol” folder.
  •           Once the script is copied on the “SysVol” folder, choose the script to apply.
Now that everything is in place, choose a computer which is in the same “OU” that the script applies and restart the computer. UltraVNC is supposed to be installed on the Workstation with all your settings ready to use. Use these procedures at your own risk. 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.