Sometimes the auto-update process can fail for an agent and when it does, it gets stuck at the older version as newer versions are released. This worklet seeks out those older agents and attempts to upgrade them. If the agent is very old or not functioning properly, this worklet may not work. I’ve only been able to test on systems going back to v1.0.25, but I’m betting it can get older ones upgraded as long as the agent is functional.
If you’re unsure of the status of your agent versions, you can run this agent health report which will give you all of the agent versions on your devices along with some other information on them you might find handy:
Based on a query by @d.mccleskey that support would have to run for customers, I’ve adapted it so that customers can run it for themselves. This query is useful for customers to review their Automox patching configurations and review agent communication/health.
$apiKey = 'YOUR_API_KEY' - in your console, go to Settings->API and select the API key. Note that the API key is per admin user, so you and another admin in your console will have different API keys.
$orgID = 'YOUR_ORG_ID' - put in you…
Note: In testing I’ve seen devices that can appear as “Pending Update” for up to 15 minutes. Please allow time for the device to appear back in a “Ready” state.
Evaluation:
<#
.SYNOPSIS
Upgrades agents to the latest version if they somehow didn't auto-upgrade on their own
OS Support: Windows 7 / Server 2008 R2 and above
Powershell: 2.0 and above
Run Type: Evaluation
.DESCRIPTION
This worklet is designed to look for agents that weren't able to auto-update to the latest version and attempts to update them.
If an older version of the agent is found making it non-compliant, the evaluation script will close with an
exit code of '1' to trigger remediation.
.REQUIREMENTS
$currVer needs to be set to the latest version in the format "1.0.xx". The version can be identified in the name of the install file.
.NOTES
Author: twiese
Date: June 23, 2021
#>
$currVer = "1.0.31"
$product = Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Where-Object { $_.DisplayName -EQ "Automox Agent" }
If ($product.DisplayVersion -lt $currVer) {
Exit 1
}
else
{
Exit 0
}
Remediation:
<#
.SYNOPSIS
Upgrades agents to the latest version if they somehow didn't auto-upgrade on their own
OS Support: Windows 7 / Server 2008 R2 and above
Powershell: 2.0 and above
Run Type: Remediation
.DESCRIPTION
This worklet is designed to look for agents that weren't able to auto-update to the latest version and attempts to update them.
If an older version of the agent is found, this remediation script will update the agent to the latest version which
is specified at the beginning of this script.
.REQUIREMENTS
$installMSI needs to be set to the name of the installer file uploaded to the worklet.
$accessKey needs to be set to the organization's access key
Automox install file needs to be uploaded to the worklet
.NOTES
Author: twiese
Date: June 23, 2021
#>
############### Set variables ################
#
# Make equal to agent file uploaded to worklet
$installMSI = "Automox_Installer-1.0.31.msi"
#
# Set organization access key
$accessKey = 'ORG_ACCESS_KEY'
#
##############################################
# Set install location and arguments for installer
$installPath = "$env:windir\Temp"
$arguments = "/I $installPath\$installMSI ACCESSKEY=$accessKey /qn /norestart"
# Copy the file attached to worklet to the system
Copy-Item $installMSI -destination $installPath
# Creates scheduled task to run as SYSTEM and deletes task when done
$taskName = "AX Agent Upgrade"
$runAsaccount = "SYSTEM"
$ShedService = New-Object -comobject 'Schedule.Service'
$ShedService.Connect()
$task = $ShedService.NewTask(0)
$task.RegistrationInfo.Description = $taskName
$task.Settings.Enabled = $true
$task.Settings.AllowDemandStart = $true
$task.Settings.DisallowStartIfOnBatteries = $false
$task.Principal.RunLevel = 1
$trigger = $task.triggers.Create(7)
$trigger.Enabled = $true
$action = $Task.Actions.Create(0)
$action.Path = "msiexec.exe"
$action.Arguments = $arguments
$taskFolder = $ShedService.GetFolder("\")
Write-Output "Initializing Install... "
$taskFolder.RegisterTaskDefinition($taskName, $task , 6, "$runAsaccount", $null, 4) | Out-Null
# Check status until task has completed
DO
{
(Get-ScheduledTask -TaskName $taskName).State | Out-Null
}
Until ((Get-ScheduledTask -TaskName $taskName).State -eq "Ready")
# Cleanup by deleting task and install file
Unregister-ScheduledTask $taskName -Confirm:$false
Remove-Item "$installPath\$installMSI"
Write-Output "Upgrade Process Completed"