Posted by
NSA/DOD/USAR/USAP/AEXP
5 years agoNOTE: You need to be on PDQ Deploy 3.1 release 3 (v3.1.3.0) or above to import these.
EDIT: Thanks very much for whoever gifted gold, much appreciated!
This is v17.0 (v16.0, v15.0, v14.0, v13.4, v13.0, v12.0, v11.0, v10.0, v9.0, v8.0, v7.0, v6.0, v5.0, v4.0, v3.0, v2.0, v1.0) of our PDQ installers and includes all the installers from the previous package with old versions removed. Thanks again to /u/AdminArsenal for a great piece of software. If you can, I recommend purchasing the Pro license to support them since it's not too pricey and works well.
All packages:
- work with the free version of PDQ Deploy
- install silently
- don't place desktop or quicklaunch shortcuts
- disable all auto-update, phone-home, and stat-collection features I can find
Instructions:
- Install BT Syncv1.3.105 or above if you haven't already.
Alternate direct downloads - provided ONLY for this release:
- Plug one of these secret keys into BT Sync to pull down the applicable repository:
- BTRSRPF7Y3VWFRBG64VUDGP7WIIVNTR4Q(Installer Packages, about 1.50 GB)
- BMHHALGV7WLNSAPIPYDP5DU3NDNSM5XNC(WSUS Offline updates, about 9.34 GB)
- Wait for it to download, sometimes it will take a few minutes to start syncing.
- Import the .XML files from the
job files
directory into PDQ deploy (It should look roughly like this after you've imported them). - Copy all files from the
repository
directory to wherever your repository is. - All jobs reference PDQ's
$(Repository)
variable, so as long as you've set that in preferences you're golden.
In every release I sign
checksums.txt
with my PGP key (0x82A211A2, included) which you can use to verify package integrity if you desire.Finally, if you find a bug or glitch, PM me or post it here. Quite a few people have contributed bug fixes and patches and it's helped tremendously, so thanks to everyone who's chipped in.
Installer list: (updates marked)
- 7-Zip v9.20 (x86)
- 7-Zip v9.20 (x64)
- Adobe Flash Player v13.0.0.214 (Firefox) - updated
- Adobe Flash Player v13.0.0.214 (IE / ActiveX) - updated
- Adobe Reader X v10.1.9
- Adobe Reader XI v11.0.07 - updated
- Adobe Shockwave v12.1.1.151 (full) - updated
- CDBurnerXP v4.5.3.4746 (x64) - updated
- CDBurnerXP v4.5.3.4746 (x86) - updated
- CutePDF v3.0 (PDF printer)
- Google Chrome Enterprise v34.0.1847.131 - updated
- Google Earth v7.1.2.2041
- Java Development Kit 6 Update 45 (x64)
- Java Development Kit 6 Update 45 (x86)
- Java Development Kit 7 Update 55 (x64)
- Java Development Kit 7 Update 55 (x86)
- Java Development Kit 8 Update 5 (x64) ! new - now with Web Security Level forced to MEDIUM (thanks to /u/matt314159 for this contribution)
- Java Development Kit 8 Update 5 (x86) ! new - now with Web Security Level forced to MEDIUM (thanks to /u/matt314159 for this contribution)
- Java Runtime 6 update 45 (x64)
- Java Runtime 6 update 45 (x86)
- Java Runtime 6 update 75 (x86) ! new; official Sun binary with back-ported security fixes; not widely disseminated
- Java Runtime 7 update 55 (x64) - updated
- Java Runtime 7 update 55 (x86) - updated
- Java Runtime 8 update 5 (x64) ! new
- Java Runtime 8 update 5 (x86) ! new
- KTS KypM Telnet/SSH Server v1.19c (x86)
- Microsoft Silverlight v5.1.30214.0 (x86)
- Microsoft Silverlight v5.1.30214.0 (x64)
- Mozilla Firefox v29.0.1 - updated
- Mozilla Thunderbird v24.5.0 (customized; read notes) - updated
- Notepad++ v6.6.2 - updated
- Pale Moon v24.5.0 (x86) - updated
- Spark v2.6.3
- TightVNC v2.7.10 (x64)
- TightVNC v2.7.10 (x86)
- UltraVNC v1.1.9.6 (x86)
- WinSCP v5.5.3
Utilities:
- Clean Up All Printers (purge all printers from target)
- Clean Up Orphaned Printers (remove non-existent printers from the Spooler)
- Disable IPv6 on all NICs
- Empty All Recycle Bins v1.0 (force all recycle bins to empty on target)
- Enable Remote Desktop
- Install PKI Certificates
- Orbital Cached Profile Nuker v3.1bdeletes cached logons from the target older than a specified number of days
- Reboot (force target reboot in 15 seconds)
- Remove Adobe Flash Player v1.0c (removes all versions)
- Remove Java Runtime v1.6.1 (removes versions 3-8)
- Temp File Cleanup v2.9b (clean out Temp file cache on target)
Microsoft Offline Updates: optional, installs Microsoft patches current to release date
- Windows 8.1 & Server 2012 R2 (x64)
- Windows 7 & Server 2008 R2 (x64)
- Windows Server 2003 (x86)
- Windows XP (x86) ! as of 2014-04-08 Windows XP is officially End-of-Life and will be removed in a couple releases from now.
- Office 2007/2010
Package Notes:
- Read the job notes in PDQ for each package, they explain what it does. Basically, if there is a .bat file with a job, it makes some customizations (or the program needed help to install silently). You can edit the batch files to see what they do, but most of them just delete 'All Users' desktop icons and stuff like that.
changelog.txt
has version and release history information. - Thunderbird:
- Our customized Thunderbird uses a global config file which is stored on a network share. This lets us change Thunderbird settings en masse if we need to. By default the clients are configured to check for updates to the config every 120 minutes.
- You can disable this behavior, change the location of the global config, OR change the update frequency by tweaking the file
thunderbird-custom-settings.js
. - A copy of the global config file Thunderbird looks for is in all the 'Thunderbird (customized)' directories and is called
thunderbird-global-settings.js
- If you don't want any customizations, just edit the .bat file that it runs and comment out all the lines except for the line that installs Thunderbird.
- Java:
- JRE8 and JDK8 are now included, and Java Web Security level has been forced to MEDIUM (default in all prior versions of the JRE). Thanks to /u/matt314159 for this fix.
Cheers
café/cerveza: 12F3E6XSU32YYpuMcsZqEMcFm7xbL65qr4
Pdq Deploy Cost
69 comments
Permalink
Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.
Sign up Find file Copy path
Cannot retrieve contributors at this time
:: Purpose: Installs a package |
:: Requirements: Run this script with a network admin account |
:: Author: reddit.com/user/vocatus ( [email protected] ) // PGP key: 0x07d1490f82a211a2 |
:: Version: 1.0.6-TRON * Port over task to delete PPAPI Notifier from PDQ Deploy Pack project. Thanks to github:rfg76 |
:: 1.0.5-TRON * Script now supports standalone execution (for example if you just want to update all versions of Flash on the machine) |
:: * Improve existing Flash installation detection; add granular tests per version. Thanks to /u/nubduck |
:: * Catch additional Flash Updater scheduled task that gets installed |
:: 1.0.4-TRON * Loopify browser process kill section |
:: 1.0.3-TRON + Add installer for Chrome version of Flash (PPAPI) |
:: 1.0.2-TRON * Make version-agnostic. Now just drop the latest Flash installers, named appropriately, in the same directory as this script |
:: 1.0.1-TRON * Make architecture-agnostic, now will detect correct system architecture and install relevant package |
:: * Replace all hard-coded system paths with relevant variables for better portability |
:: 1.0.0-TRON + Initial build for Tron, modified from PDQ Deploy pack installer version |
:: Remove many items not necessary for Tron |
:: Script inherits log parameters when called by Tron |
@echooff |
::::::::::::::::::::: |
:: PREP AND CHECKS :: |
::::::::::::::::::::: |
setSCRIPT_VERSION=1.0.6-TRON |
setSCRIPT_UPDATED=2018-03-30 |
:: Get in the Flash directory |
pushd %~dp0 |
:: Check for standalone vs. Tron execution and build the environment if running in standalone mode |
if /i '%LOGFILE%''' ( |
:: Load the settings file |
call ...functionstron_settings.bat |
:: Initialize the runtime environment |
call ...functionsinitialize_environment.bat |
) |
:: Flash installation flags |
setFLAGS=ALLUSERS=1 /q /norestart |
:: Preload detection variables |
setFLASH_ACTIVEX_DETECTED=no |
setFLASH_CHROME_DETECTED=no |
setFLASH_FIREFOX_DETECTED=no |
:::::::::::::::::: |
:: INSTALLATION :: |
:::::::::::::::::: |
:: Attempt to kill any running instances first |
for%%i in (firefox,palemoon,iexplore,chrome,chrome64,opera) do ( |
taskkill /f /im %%i.exe /t >>'%LOGPATH%%LOGFILE%'2>NUL |
wmic process where name='%%i.exe'call terminate >>'%LOGPATH%%LOGFILE%'2>NUL |
) |
:: Detect each browser-specific installation |
:: 'Active_x' = Internet Explorer version |
ifexist'%windir%SysWOW64macromedflash*ActiveX.exe'setFLASH_ACTIVEX_DETECTED=yes |
ifexist'%windir%System32macromedflash*ActiveX.exe'setFLASH_ACTIVEX_DETECTED=yes |
:: 'PPAPI/Pepper' = Chrome version |
ifexist'%windir%SysWOW64macromedflash*pepper.exe'setFLASH_CHROME_DETECTED=yes |
ifexist'%windir%System32macromedflash*pepper.exe'setFLASH_CHROME_DETECTED=yes |
:: 'NPAPI/Plugin' = Firefox/plugin version |
ifexist'%windir%SysWOW64macromedflash*plugin.exe'setFLASH_FIREFOX_DETECTED=yes |
ifexist'%windir%System32macromedflash*plugin.exe'setFLASH_FIREFOX_DETECTED=yes |
:: Perform removal and fresh installation of those existing versions |
if%FLASH_ACTIVEX_DETECTED%yes ( |
wmic product where'name like 'Adobe Flash Player%%ActiveX'' uninstall /nointeractive >>'%LOGPATH%%LOGFILE%'2>NUL |
msiexec /i 'install_flash_player_32_active_x.msi'%FLAGS% |
) |
if%FLASH_CHROME_DETECTED%yes ( |
wmic product where'name like 'Adobe Flash Player%%PPAPI'' uninstall /nointeractive >>'%LOGPATH%%LOGFILE%'2>NUL |
msiexec /i 'install_flash_player_32_ppapi.msi'%FLAGS% |
) |
if%FLASH_FIREFOX_DETECTED%yes ( |
wmic product where'name like 'Adobe Flash Player%%Plugin'' uninstall /nointeractive >>'%LOGPATH%%LOGFILE%'2>NUL |
wmic product where'name like 'Adobe Flash Player%%NPAPI'' uninstall /nointeractive >>'%LOGPATH%%LOGFILE%'2>NUL |
msiexec /i 'install_flash_player_32_plugin.msi'%FLAGS% |
) |
:: Delete the Adobe Acrobat Update Service |
net stop AdobeARMservice >>'%LOGPATH%%LOGFILE%'2>NUL |
sc delete AdobeARMservice >>'%LOGPATH%%LOGFILE%'2>NUL |
:: Delete the Adobe Acrobat Update Service (older version) |
net stop armsvc >>'%LOGPATH%%LOGFILE%'2>NUL |
sc delete armsvc >>'%LOGPATH%%LOGFILE%'2>NUL |
:: Delete the Adobe Flash Player Update Service |
net stop AdobeFlashPlayerUpdateSvc >>'%LOGPATH%%LOGFILE%'2>NUL |
sc delete AdobeFlashPlayerUpdateSvc >>'%LOGPATH%%LOGFILE%'2>NUL |
:: Delete scheduled tasks Adobe installs against our wishes |
del /F /Q '%SystemDrive%WindowstasksAdobe Acrobat Update*'>>'%LOGPATH%%LOGFILE%'2>NUL |
del /F /Q '%SystemDrive%WindowstasksAdobe Flash Player Update*'>>'%LOGPATH%%LOGFILE%'2>NUL |
del /F /Q '%SystemDrive%Windowssystem32tasksAdobe Acrobat Update*'>>'%LOGPATH%%LOGFILE%'2>NUL |
del /F /Q '%SystemDrive%Windowssystem32tasksAdobe Flash Player Update*'>>'%LOGPATH%%LOGFILE%'2>NUL |
del /F /Q '%SystemDrive%Windowssystem32tasksAdobe Flash Player * Notifier'>>'%LOGPATH%%LOGFILE%'2>NUL |
schtasks.exe /tn 'Adobe Flash Player Updater' /delete /f >>'%LOGPATH%%LOGFILE%'2>NUL |
schtasks.exe /tn 'Adobe Flash Player NPAPI Notifier' /delete /f >>'%LOGPATH%%LOGFILE%'2>NUL |
:: Delete the annoying Acrobat tray icon |
ifexist'%ProgramFiles(x86)%AdobeAcrobat 7.0Distillracrotray.exe' ( |
taskkill /im 'acrotray.exe'>>'%LOGPATH%%LOGFILE%'2>NUL |
del /f /q '%ProgramFiles(x86)%AdobeAcrobat 7.0Distillracrotray.exe'>>'%LOGPATH%%LOGFILE%'2>NUL |
) |
popd |
:: Return exit code to SCCM/PDQ Deploy/Tron/etc |
exit /B %EXIT_CODE% |
Copy lines Copy permalink
Why would you want to run Chrome as a virtual application?
If you're using Citrix XenApp, it can be useful to provide Chrome to your users for several reasons:
- Testing of new or older Chrome versions, add-ons, security settings and other variables
- Access to sites which work best on a particular version or with a specific add-on
- Access to a restricted network with internal sites that are off-limits to user workstations
- Ability to benefit from Chrome features like bookmark, add-on or setting synchronization
- Obtaining and installing the correct version of Chrome
The consumer version of Chrome won't work well in a centrally managed virtual environment, since it tries to install in the local 'AppData' folder on a per-user basis. You will need the enterprise version of Chrome which will install in the local Program Files folder instead:
Access the Chrome for Business page for administrators. (Figure A)
Taskkill Command
Figure A
Click 'Download Chrome MSI.' The following box will appear. (Figure B)
Figure B
You can uncheck 'Set Google Chrome as my default browser' if you like, and then click 'Accept and Install.' You will be provided the option to save the GoogleChromeStandaloneEnterprise.msi file to your hard drive or a network share. Choose the appropriate location then save the file.
At your XenApp server, locate the GoogleChromeStandaloneEnterprise.msi file. Double-click it and choose 'Run.' It will conduct a silent install, then Chrome will appear under c:program filesGoogleChromeApplication on a 32-bit server or c:program files (x86)GoogleChromeApplication on a 64-bit machine.
Publishing the Chrome application
Launch either the Delivery Services Console or Citrix AppCenter (depending on your XenApp version; the first is for 6.0 and the second for 6.5) on your XenApp server. In the example, (Figure C) I'm running a Citrix XenApp 6.5 server.
Figure C
Right click 'Applications' and choose 'Publish Application' (You could also locate the application in a subfolder if applicable). (Figure D)
Gps antenna mcx for garmin streetpilot 2620 2650 2660 2720 adapter instructions. 2000, Shadow Tracker? Optional Connectors:1 MCX plug straight default2 MCX Jack straight3 MCX plug right angle4 MCX Jack right angleOptional Length:(cable RG174)1. Premier;Billionton: CF Global Positioning System;Brunton: Atlas GPS, Atlas MNS GPS;Emtac: BTGPS II Trine Receiver, CRUX II GPSJAQ, GPS Antenna GP18-1, S3-BTGPS GPS, Socket BT GPS, Transplant CF Premium GPS Compact flash GPS Card;Falcom: Active GPS antenna FAL-ANT-3-MCX, Bluetooth GPS Receiver Navi-XT, GSM GPRS GPS & 32 Bit RISC core with eCos? 3 meter default3 contact us for other lenghtGPS antenna with MCX Plug compatibility:Alan: GPS Map500;Altina: Bluetooth GPS GBT708, Compact Flash GPS Receiver-GCF508;ATTI: Shadow Tracker J2, Shadow Tracker?
Figure D
Click Next. (Figure E)
Figure E
Enter the display name (e.g. 'Google Chrome') and the Application description if desired, and then click Next. (Figure F)
Figure F
You will want to set Chrome as a published application accessed from a server. It's also possible to publish it to a server desktop and/or stream it to a client, but this method is the easiest and most direct for many scenarios. Leave the defaults above and click Next. (Figure G)
Figure G
Avoid the pothole
Now here's where I help you avoid a serious pothole. There is a known issue with Chrome in Citrix which involves performance/response problems that can inhibit the browser. The application must be configured to start with some specific switches to alleviate this problem.
Home depot water fountains. If your XenApp server is 32-bit, enter the following string in the Command line:
If your XenApp server is 64-bit, enter the following string in the Command line:
Note: those quotation marks are essential for this to work properly so make sure they are included!
The '—allow-no-sandbox-job' switch allows Chrome to run in a low privilege sandbox. The 'List of Chromium Command Line Switches' specifically states this 'enables the sandboxed processes to run without a job object assigned to them. This flag is required to allow Chrome to run in RemoteApps or Citrix. This flag can reduce the security of the sandboxed processes and allow them to do certain API calls like shut down Windows or access the clipboard. Also we lose the chance to kill some processes until the outer job that owns them finishes.'
This setting could represent a security concern, so it's important to evaluate whether you want this in a production network with Internet access where malware might be a factor. I would advise caution and the employing additional measures if possible, such as restricting the URLs to which users can connect and making sure they have limited rights on the server (which should be the case by default). If this app runs on a segregated internal network the risk is lower.
The 'disable-gpu' switch turns off GPU hardware acceleration to help ensure Chrome works smoothly in the Citrix environment. If users experience issues with this published version of Chrome you may also try adding '—disable-accelerated-compositing' to the end of the 'Command line' string.
To get more advanced, you could use a string similar to the following to add extra options such as the URL to launch at startup and where to store user data:
For instance, if you wanted to launch prodserver.company.com when Chrome starts and you have a network share called fileserverprofiles$ with individual profiles stored there by user name you would type in:
(the '%USERNAME%' variable will work for any user with a profile folder located in this path; it should be substituted for the actual user name since you want this to apply to multiple individuals)
Set the working directory to either C:Program FilesGoogleChromeApplication or C:Program Files (x86)GoogleChromeApplication depending on whether you have a 32-bit or 64-bit server – in this case the quotation marks should NOT be included since they will not be accepted by the program. (Figure H)
Click Next.
Figure H
You'll need to specify which XenApp server(s) to run Chrome on. Pick the appropriate server(s) or worker groups (if applicable), but make sure to install the Chrome for Business application on all relevant systems.
Click Next when ready to proceed. (Figure I)
Figure I
Specify the users you want to permit (or allow anonymous users if anyone should be able to access the program) and click Next. (Figure J)
Figure J
Depending on your Citrix environment, you may want to publish the application to a certain Client application folder, add it to the Start menu or place a shortcut on the desktop. These options are your call.
Click Next. You will come to the final screen, as shown in Figure K.
Figure K
If you want to disable the application initially you can do so (though I personally prefer to publish apps when I'm ready to use them). The 'Configure advanced application settings now' option will allow you to set access controls/filters, file types to associate with Chrome, application limits, client options such as audio and encryption, and application appearance.
Once you click 'Finish' you're ready to test Chrome!
Testing the published application Fire up your local browser and access your XenApp URL. (Figure L)
Figure L
Proceed to log in and you should see the new Chrome icon. (Figure M)
Figure M
Open the 'Google Chrome' icon and the application will open via your local Citrix Receiver executable (most Citrix environments will prompt you to install this if it is not present, but you can also get it here). (Figure N)
Figure N
In the above example I used my own sample start page and configured Chrome to start at 'prodserver.company.com,' which does not exist in my environment.
Some factors to consider
The examples above are based on Chrome 29; Chrome 24 is the minimum version which should be used in this endeavor.
Proxy settings, where applicable, should be based on the server defaults for Internet Explorer, but users may have to customize some other settings upon launching Chrome for the first time, such as whether to make it the default browser. If user profiles are being stored across multiple Citrix sessions they should only have to configure new settings once.
User data is stored on the XenApp server under 'C:Users[username]AppDataLocalGoogleChromeUser Data' - if you remove this profile (or user profiles aren't kept) then the user's Chrome settings will have to be configured every time they use the application.
If your XenApp server is part of an Active Directory domain you can follow the guidelines in my article 'Set up the Chrome for Business browser in your organization using Group Policies' to configure Chrome for your users. If it is not on a domain or is excluded from group policy use for security purposes, you can reference another article I wrote on the topic titled 'Set up the Chrome for Business browser in your organization using a Master Preferences file.' If your Citrix users will be logging into Google Apps with this published Chrome browser, 'Set up the Chrome for Business browser using the Google Apps Admin Console' might be worth a read.
The necessary Chrome switches outlined above may not be necessary as further releases of Chrome are developed. As always, test whenever possible and keep abreast of updates involving Chrome and Citrix.
Can I close or kill all running Internet Explorer instances on Windows XP SP3 from the command line?
Peter Mortensen8,47516 gold badges61 silver badges85 bronze badges
RadekRadek1,45917 gold badges44 silver badges72 bronze badges
1 Answer
you can make a bat file killie.bat with that line in it. or just run that command above.
barlopbarlop15.9k25 gold badges91 silver badges153 bronze badges