Skip to main content

I have been working on a script that will set DCU to download, install and verify no matter  what the current setting is.

 

In the update settings, a few behaviors are observed:

  • Notify: Deletes AutomationMode if present
  • Download updates: Creates AutomationMode with a value of ScanDownloadNotify
  • Download and install updates: Creates AutomationMode with a value of ScanDownloadApplyNotify

Location of the key:

  • HKLM:\SOFTWARE\DELL\UpdateService\Clients\CommandUpdate\Preferences\Settings\Schedule\AutomationMode

The remediation code works perfect in Visual Studio Code. However, the evaluation code will only show the write-output and not push to the remediation code. Could someone shine some light on this?

 

 

Evaluation Code

$regPath = 'HKLM:\SOFTWARE\DELL\UpdateService\Clients\CommandUpdate\Preferences\Settings\Schedule'
$automationMode = $null

Try {
    $automationMode = Get-ItemPropertyValue -Path $regPath -Name "AutomationMode"
} 
Catch { 
    Write-Output "Error retrieving AutomationMode property: $_"
}

Finally {
    if ($automationMode -eq 'ScanDownloadApplyNotify') {
        Write-Output 'The value of AutomationMode is currently ScanDownloadApplyNotify. No action taken.'
		Exit 0
    } 
    elseif ($automationMode -eq 'ScanDownloadNotify') {
        Write-Output 'The value of AutomationMode is currently ScanDownloadNotify. Setting to ScanDownloadApplyNotify.'
        Exit 1
    } 
    elseif ($automationMode -eq $null) {
        Write-Output 'The key does not exist, adding value.'
        Exit 1
    }
}

 

Remediation Code

$regPath = 'HKLM:\SOFTWARE\DELL\UpdateService\Clients\CommandUpdate\Preferences\Settings\Schedule'
$automationMode = $null

Try {
    $automationMode = Get-ItemPropertyValue -Path $regPath -Name "AutomationMode"
} 
Catch { 
    Write-Output "Error retrieving AutomationMode property: $_"
}

Finally {
    if ($automationMode -eq 'ScanDownloadApplyNotify') {
        Write-Output 'The value of AutomationMode is currently ScanDownloadApplyNotify. No action taken.'
    } 
    elseif ($automationMode -eq 'ScanDownloadNotify') {
        Write-Output 'The value of AutomationMode is currently ScanDownloadNotify. Setting to ScanDownloadApplyNotify.'
        Set-ItemProperty -Path $regPath -Name "AutomationMode" -Value 'ScanDownloadApplyNotify'
    } 
    elseif ($automationMode -eq $null) {
        Write-Output 'The key does not exist, adding value.'
        New-ItemProperty -Path $regPath -Name "AutomationMode" -Value 'ScanDownloadApplyNotify' -PropertyType String
    }
}

 

@Slapcodes I’ve not tried to configure DCU via registry changes. I’ve relied on the DCU to apply configuration changes. 

 

Another way is exporting settings, then reviewing those to make a determination. 

 

Reference Guide: https://dl.dell.com/content/manual17524146-dell-command-update-version-5-x-reference-guide.pdf

 

# Evaluation

# Find dcu-cli
$x86 = 'C:\Program Files (x86)\Dell\CommandUpdate\dcu-cli.exe'
$x64 = 'C:\Program Files\Dell\CommandUpdate\dcu-cli.exe'
IF((Test-Path $x86) -eq $true){$dcucli = $x86}
IF((Test-Path $x64) -eq $true){$dcucli = $x64}

# Collect configuration
$results = & $dcucli /configure -exportSettings="C:\ProgramData\dell\UpdateService\Temp\"
exml]$settings = Get-Content C:\ProgramData\dell\UpdateService\Temp\DellCommandUpdateSettings.xml
$General = ($settings.Configuration.Group.Group | Where-Object name -eq 'General').Property
$Schedule = ($settings.Configuration.Group.Group | Where-Object name -eq 'Schedule').Property

# Check Schedule and Automation Mode
$ScheduleMode = ($Schedule | where name -eq ScheduleMode).Value
$AutomationMode = ($Schedule | where name -eq AutomationMode).Value

IF($AutomationMode -ne 'ScanDownloadApplyNotify' -and $ScheduleMode -ne 'Auto'){
    Exit 1
}

 

# Remediation

# Find dcu-cli
$x86 = 'C:\Program Files (x86)\Dell\CommandUpdate\dcu-cli.exe'
$x64 = 'C:\Program Files\Dell\CommandUpdate\dcu-cli.exe'
IF((Test-Path $x86) -eq $true){$dcucli = $x86}
IF((Test-Path $x64) -eq $true){$dcucli = $x64}

# Collect configuration
$results = & $dcucli /configure -exportSettings="C:\ProgramData\dell\UpdateService\Temp\"
Txml]$settings = Get-Content C:\ProgramData\dell\UpdateService\Temp\DellCommandUpdateSettings.xml
$General = ($settings.Configuration.Group.Group | Where-Object name -eq 'General').Property
$Schedule = ($settings.Configuration.Group.Group | Where-Object name -eq 'Schedule').Property

# Check Schedule and Automation Mode
$ScheduleMode = ($Schedule | where name -eq ScheduleMode).Value
$AutomationMode = ($Schedule | where name -eq AutomationMode).Value

IF($AutomationMode -ne 'ScanDownloadApplyNotify' -and $ScheduleMode -ne 'Auto'){
    # Configure Dell Command Update
    $Arguments = 'scheduleManual',
                    'lockSettings=enable',
                    'userConsent=disable',
                    'autoSuspendBitLocker=enable',
                    'scheduleAuto',
                    'scheduleAction=DownloadInstallAndNotify'
    foreach ($Arg in $Arguments){
        $results = & $dcucli /configure -$Arg
        Start-Sleep -Seconds 5
    }
}

 

@jack.smith Testing this script. Seems DellCommandUpdateSettings.xml does not exist in the location in the script. Did you manually import this to your machines? I have checked all over the UpdateService directory and I cannot find any config files. It may be possible that this was for an older version of DCU and these settings were moved to the registry. Any thoughts?

 

This is after I run the remediation code in Visual Studio Code in admin.

Get-Content : Cannot find path 'C:\ProgramData\dell\UpdateService\Temp\DellCommandUpdateSettings.xml' because it does not exist.
At line:10 char:18
+ ... $settings = Get-Content C:\ProgramData\dell\UpdateService\Temp\DellCo ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\ProgramData\...ateSettings.xml:String) tGet-Content], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetContentCommand

@Slapcodes 

The worklet is using dcu_cli.exe to create the settings file by exporting the current settings. Need to figure out what dcu_cli.exe is doing or not doing and why. 

 

Made two changes and edited the code above that should help:

  • Added validation the settings file exists
  • dcu_cli.exe output should now be directed to the Activity Log

@jack.smith 

Completely forgot to check the evaluation code. This works Great! Thank you kindly.

Reply


Terms & ConditionsCookie settings