This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Manual Update Via Command Line/Script

Hello,

I have searched both the web and these forums for a way to kick off a manual update for Sophos Endpoint Security and Control 9.5 via a script or the command line.  I can right click on the Sophos tray icon and choose 'Update now' just fine, but need a script or command line to be able to manually force an update on a machine remotely.  Is there a way to do that?


Thanks

:12573


This thread was automatically locked due to age.
Parents
  • No problems. It was quite late at night when I put that together.  In the light of day I've just thought, that checking if the uptime is greater than 5 minutes doesn't really help.  As a machine that hasn't been rebooted would also match this condition.  In some ways you want the opposite.  I.e. if the uptime is less than 5 days for example.

    Which I guess would make the conditional line:

    if datediff ("d ", GetLastBoot(), Date() & " " & Time() ) < 5 then

    To be honest, if you role out a similar script as a startup script in AD, you wouldn't even need to test the uptime, you could just set the registry key to 0, optionally call updatenow and you're done as you know the machine has just started.

    E.g.

    'Script to set the updatestatus to 0 and call update now, could be set as a startup script
    
    const HKEY_LOCAL_MACHINE = &H80000002
    
    dim strKeyPath, intRestartRequired
    
    intRestartRequired = 0 ' set 0 to clear reboot, set to 1 to mark as reboot required.
    
    if Is64() then
    	strKeyPath = "SOFTWARE\Wow6432Node\Sophos\AutoUpdate\UpdateStatus"
    else
    	strKeyPath = "SOFTWARE\Sophos\AutoUpdate\UpdateStatus"
    end if
    
    SetKey()	
    CallUpdate()	
    
    '-------------------------------------------------------------------------------
    'Functions
    '-------------------------------------------------------------------------------
    Function Is64()
        
    	on error resume next
        
    	dim objWMIService, objColSettings, strDesc, objProcessor
    	
    	Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
    	Set objColSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_Processor") 
    	
       	For Each objProcessor In objColSettings 
    		strDesc = objProcessor.AddressWidth 
    	Next 
    	
        if strDesc = "32" then
            Is64 = false
        end if
        if strDesc = "64" then
            Is64 = true
        end if
    	
        Set objWMIService = nothing
    	set objColSettings = nothing
    	
    End Function
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function SetKey()
    
    	dim objReg
    	
    	set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    	objReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPath, "RebootRequired", intRestartRequired
    
    	set objReg = nothing
    
    End Function
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function CallUpdate()
      
      dim objALC
      
      set objALC = CreateObject("ActiveLinkClient.ClientUpdate.1")
      objALC.UpdateNow 1,1
     
    End Function 
    '-------------------------------------------------------------------------------

    Jak

    :20953
Reply
  • No problems. It was quite late at night when I put that together.  In the light of day I've just thought, that checking if the uptime is greater than 5 minutes doesn't really help.  As a machine that hasn't been rebooted would also match this condition.  In some ways you want the opposite.  I.e. if the uptime is less than 5 days for example.

    Which I guess would make the conditional line:

    if datediff ("d ", GetLastBoot(), Date() & " " & Time() ) < 5 then

    To be honest, if you role out a similar script as a startup script in AD, you wouldn't even need to test the uptime, you could just set the registry key to 0, optionally call updatenow and you're done as you know the machine has just started.

    E.g.

    'Script to set the updatestatus to 0 and call update now, could be set as a startup script
    
    const HKEY_LOCAL_MACHINE = &H80000002
    
    dim strKeyPath, intRestartRequired
    
    intRestartRequired = 0 ' set 0 to clear reboot, set to 1 to mark as reboot required.
    
    if Is64() then
    	strKeyPath = "SOFTWARE\Wow6432Node\Sophos\AutoUpdate\UpdateStatus"
    else
    	strKeyPath = "SOFTWARE\Sophos\AutoUpdate\UpdateStatus"
    end if
    
    SetKey()	
    CallUpdate()	
    
    '-------------------------------------------------------------------------------
    'Functions
    '-------------------------------------------------------------------------------
    Function Is64()
        
    	on error resume next
        
    	dim objWMIService, objColSettings, strDesc, objProcessor
    	
    	Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
    	Set objColSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_Processor") 
    	
       	For Each objProcessor In objColSettings 
    		strDesc = objProcessor.AddressWidth 
    	Next 
    	
        if strDesc = "32" then
            Is64 = false
        end if
        if strDesc = "64" then
            Is64 = true
        end if
    	
        Set objWMIService = nothing
    	set objColSettings = nothing
    	
    End Function
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function SetKey()
    
    	dim objReg
    	
    	set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    	objReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPath, "RebootRequired", intRestartRequired
    
    	set objReg = nothing
    
    End Function
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function CallUpdate()
      
      dim objALC
      
      set objALC = CreateObject("ActiveLinkClient.ClientUpdate.1")
      objALC.UpdateNow 1,1
     
    End Function 
    '-------------------------------------------------------------------------------

    Jak

    :20953
Children
No Data