Skip to main content
Andrew Healey

Installing Java via Script and Group Policy

·4 mins
Technology Group-Policy Java Jre Vbscript

Due to some software requirements, there was a need to get JRE 1.5.0_09 rolled out across our enterprise. The requirements were pretty straight forward:

  • Only install on client operating systems (Windows 2000, Windows XP, Windows Vista and Windows 7)
  • Detect the versions of Java installed. If 1.5.0_09 is installed, exit.  If 1.5.0_08 or less was installed, install this version.  If it has a newer version, do nothing.

The best way of determining the Java versions is to look in %program files%.  On 64-bit machines, this is “C:program files (x86)Java”.  On 32-bit, this is “C:program filesJava”.  The script accounts for this.

I wanted to post this because several of the functions used are very useful.  The share hosting the jre runtime needs to have wide open read-only access so the Local System account can access share (Domain Computers).  This script can then be applied to machine accounts in group policy as a startup script.  If you want to test this, just comment out line 111.

'======================================================
' VBScript Source File
' NAME: Java Runtime Environment Installation
' AUTHOR: Andrew J Healey
' DATE  : 2010.07.15
' COMMENT: This script will install the jre references based on processor, existing 
' 				   installations, and operating system.  This script is to be run at startup
'				   under the Local System account. No user interaction is required for 
'				   this script to work properly.
'======================================================

Option Explicit

If isClientOperatingSystem = False Then wscript.quit

Dim jreVerMajor, jreVerMinor
Dim strCommand, strPathToInstall, strInstallFile, strArguments

'============== BEGIN CONFIGURATION SECTION =================
jreVerMajor = "jre1.5.0_" 'As string
jreVerMinor = 9 'As Integer for <> operations
strPathToInstall = "\servernameSoftwareJava" 'Point to share \servernamesharefolder
strInstallFile = "jre-1_5_0_09-windows-i586-p.exe"
strArguments = "/s /v /qn ADDLOCAL=jrecore,extra IEXPLORER=1 REBOOT=Suppress JAVAUPDATE=0 SYSTRAY=0 WEBSTARTICON=0"
strCommand = strPathToInstall & strInstallFile & " " & strArguments
'============== END CONFIGURATION SECTION =================

If checkForJRE(jreVerMajor, jreVerMinor) = False Then
	Call InstallJava(strCommand)
End If

Private Function checkForJRE(ByVal jreVerMajor, ByVal jreVerMinor)
	Dim jrePath
	Dim blnMajorFound : blnMajorFound = False
	Dim blnMinorFound : blnMinorFound = False
	
	If is32bit Then
		jrePath = "C:Program FilesJava"
	Else
		jrePath = "C:Program Files (x86)Java"
	End If
	
	On Error Resume Next
		Dim objFSO : Set objFSO = CreateObject("Scripting.FileSystemObject")
		Dim objFolder : Set objFolder = objFSO.GetFolder(jrePath)
		Dim colSubfolders : Set colSubfolders = objFolder.Subfolders
		Dim objSubfolder
		
		For Each objSubfolder in colSubfolders
			If Left(objSubfolder.Name,Len(jreVerMajor)) = jreVerMajor Then
				blnMajorFound = True
				If CInt(Right(objSubfolder.Name,2)) >= jreVerMinor Then
					blnMinorFound = True
				End If
			End If
		Next
		
		If Err.Number <> 0 Then
			chechForJRE = True
			Exit Function
		End If
		
		If blnMajorFound = False And blnMinorFound = False Then
			checkForJRE = False
		Else
			checkForJRE = True
		End If
	On Error GoTo 0
	
	Set objSubfolder = Nothing
	Set colSubfolders = Nothing
	Set objFolder = Nothing
	Set objFSO = Nothing
	jrePath = Empty
	blnMajorFound = Null
	blnMinorFound = Null
	jreVerMajor = Empty
	jreVerMinor = Empty
End Function 

Private Function is32bit()
	'Get processor architecture; do not use remotely
	const HKEY_LOCAL_MACHINE = &H80000002
	Dim oReg,strKeyPath,strValueName
	Dim strValue
	On Error Resume Next
		Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\.rootdefault:StdRegProv")

		strKeyPath = "SYSTEMCurrentControlSetControlSession ManagerEnvironment"
		strValueName = "PROCESSOR_ARCHITECTURE"
		oReg.GetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue

		If Err.Number <> 0 or strValue = "x86" Then
			is32bit = True
		Else
			is32bit = False
		End If
		Err.Clear
	On Error GoTo 0
	
	Set oReg = Nothing
	strKeyPath = Empty
	strValueName = Empty
End Function 

Private Function InstallJava(ByVal strCommand)
	On Error Resume Next
		Dim objWshShell, intRC

		Set objWshShell = WScript.CreateObject("WScript.Shell")
		intRC = objWshShell.Run(strCommand, 0, True)

		If intRC <> 0 Or Err.Number <> 0 Then
			InstallJava = "Failed"
		Else
			InstallJava = "Success"
		End If
	On Error GoTo 0
	Set objWshShell = Nothing
	intRC = Empty
End Function 

Private Function isClientOperatingSystem()
	Dim objWMIService, objItem, colItems
	Dim strOS

	On Error Resume Next
		' WMI Connection to the object in the CIM namespace
		Set objWMIService = GetObject("winmgmts:\.rootcimv2")

		' WMI Query to the Win32_OperatingSystem
		Set colItems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")

		' For Each... In Loop (Next at the very end)
		For Each objItem in colItems
			strOS = objItem.Caption
		Next
		
		If InStr(strOS,"Windows 7") <> 0 Or InStr(strOS,"XP") <> 0 Or InStr(strOS,"2000 Professional") <> 0 Or InStr(strOS,"Vista") <> 0 Then
			isClientOperatingSystem = True
		Else
			isClientOperatingSystem = False
		End If
		
		If Err.Number <> 0 Then isClientOperatingSystem = False
		
		strOS = Empty
		Set objItem = Nothing
		Set colItems = Nothing
		Set objWMIService = Nothing
	On Error GoTo 0
End Function

Related

Part 1: Blocking Bad Hosts - Finding Them, Easily

·5 mins
Technology Event-Log Tutorial Vbscript Windows
While troubleshooting some issues on an OWA Front-End server, I went over to the security log to see if the authentication attempts were getting past this box. The problem I found was the log was so full of failed logon attempts it was difficult to filter out what I was looking for. In a twelve hour period, there were thousands of 529 events in the security log. Now, I know this is nothing new, but I found a few patterns. I manually exported the log to a CSV, parsed out all the source ip addresses and opened it up in Excel. What I found was that 98.7% of failed logon attempts were made by just four different ip addresses. (I recommend using MaxMind’s GeoIP Address Locator for help in determining where the source addresses are located.)

Logon Script: Move Local PST Files To Network Share

·6 mins
Technology Logon-Script Outlook Pst Vbscript
So, my buddy (and former co-worker) called me yesterday for some help with a script he put together. His script checked the local profile in Outlook for any PST files that were stored locally. If it found any, it would them move them to the users home space. We tried and tried to get the script to work properly but it never seemed to work 100%. Being that he is a good friend and this would be useful at work, I decided to take the work he had put in and get the thing working.

vbScript - List All Members Of Sensitive Groups: Schema, Enterprise and Domain Admins

·4 mins
Technology Vbscript Windows
Update 2011.06.21: I found a missing line in this script keeping it from running. I fixed that in the code below. I also added a downloadable zip file with the script to help with the formatting issues caused when copying and pasting directly from the site. Update 2009.04.16: At the request of a commenter, I added a couple lines to the script that will dump the output to a text file in the root of the C: drive. I also corrected a couple errors in the script.