Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Import-Module $env:SyncroModule -DisableNameChecking -ErrorAction Stop
- <#
- Syncro TASK - Restart Windows if updates are pending.ps1
- v1.1 2024-09-13 by David Sirrine @ CNS https://cnsroanoke.com
- FUNCTION.
- Syncro script to check for pending Windows updates using platform variable,
- notify all logged in users, log the reason for the reboot to activity feed
- of the Asset, then reboot the system after 60 seconds.
- PURPOSE.
- Broadcast messages can only be used when scripts are RunAs "Logged In User",
- but not all users have permissions to run the "shutdown" command.
- PREREQUISITES.
- Relies on Syncro's platform variable {{asset_pending_reboot}} ;
- Fails without this variable.
- USAGE.
- Run scheduled or realtime in Syncro. No parameters needed in this version.
- PROPOSED REVISIONS.
- 1. integrate more extensive reboot checks to supplement platform variable,
- e.g. https://github.com/adbertram/Random-PowerShell-Work/blob/master/Random%20Stuff/Test-PendingReboot.ps1
- 2. allow users to "snooze" the reboot a set amount of time and/or a certain number of times.
- 3. add option to schedule outside of "office hours".
- #>
- #source of function: https://www.reddit.com/r/syncro/comments/kyqt91/broadcast_message_when_running_script_as_system/
- function MessageAsSystem ([string]$Title,[string]$Message,[int]$sDelay = 15) {
- $when = (Get-Date).AddSeconds($sDelay)
- $argument = "--broadcast-message `"$Message`" --broadcast-title `"$Title`""
- # find logged-in users via running explorer.exe processes
- $explorerProcesses = Get-CimInstance -ClassName Win32_Process -Filter "Name='explorer.exe'" -ErrorAction SilentlyContinue
- $dUN = @($explorerProcesses | ForEach-Object { Invoke-CimMethod -InputObject $_ -MethodName GetOwner })
- if ($dUN.Count -ne 0) {
- # de-duplicate users in case of multiple explorer.exe processes
- $LoggedInUsers = $dUN | Select-Object -Property Domain, User -Unique
- # create scheduled task to notify each user
- Foreach ($cUN in $LoggedInUsers) {
- $username = ($cUN.Domain)+"\"+($cUN.User)
- $thisuser = $cUN.User
- Write-Host " Scheduling task to notify user $username"
- Register-ScheduledTask -TaskName "BroadcastMessage-$thisuser" -User $username -InputObject (
- (
- New-ScheduledTask -Action (
- New-ScheduledTaskAction -Execute "$env:ProgramFiles\RepairTech\Syncro\Syncro.App.Runner.exe" -Argument $argument
- ) -Trigger (
- New-ScheduledTaskTrigger -Once -At ($when.TimeOfDay.ToString("hh\:mm\:ss")) # As a "TimeOfDay" to get 24Hr format
- ) -Settings (
- New-ScheduledTaskSettingsSet -DeleteExpiredTaskAfter 00:00:05 # Delete five seconds after trigger expires
- ) -Principal (
- New-ScheduledTaskPrincipal -UserId $username
- )
- ) | %{ $_.Triggers[0].EndBoundary = $when.AddMinutes(5).ToString('s') ; $_ } # Run through a pipe to set the end boundary of the trigger
- )
- }
- #wait for notification tasks to run
- Start-Sleep -Seconds ($sDelay)
- } else {
- Write-Host " Interactive user(s) not detected; skipping broadcast message"
- }
- }
- if ($RebootPending -eq "true") {
- Write-Host "Reboot Pending"
- #messages for broadcast and logging
- $title = "Updates Notification"
- $user_message = "Your system needs to reboot to install important updates. Windows will restart in one (1) minute."
- $system_message = "Rebooting Windows via script for pending updates"
- Write-Host "Notifying any logged in users of reboot"
- MessageAsSystem -Message $user_message -Title $title -ErrorAction SilentlyContinue
- Write-Host "Logging an item on the Assets's Activity feed"
- Log-Activity -Message $system_message -EventName $title -ErrorAction SilentlyContinue
- Write-Host "Rebooting in 60 seconds"
- shutdown /g /f /t 60
- } elseif ($RebootPending -eq "false") {
- Write-Host "No reboot required"
- } else {
- Write-Host "Reboot status was not found; check for platform variable in script configuration."
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
