Recently, I needed to install Firefox-3.5.3 on multiple workstations in an Active Directory domain. Rather than create MSI packages and assign the application with Group Policy, I used Psexec and batch scripts to push it out. Here’s how:
If you don’t have Psexec installed, you can download it from Microsoft here: http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx
Next, download the installer you want to use. In this example, we’ll use Firefox. Make a share on your server that all users can read, and place the installer inside the share.
So now, we’ve got \SERVERNAMESHARENAMEFirefoxInstaller.exe
Next, you need a few files to make this happen:
1. UpdateClients.bat
2. hostnames.txt
3. SoftwareInstaller.bat
All of these files need to be in the same directory, and you must have administrative privileges on the workstation you wish to update.
Basically, the UpdateClients.bat file enumerates the hostnames.txt, and passes the hostnames of the workstations/servers found in it to the SoftwareInstaller.bat file. Here are the contents of the files:

1. UpdateClients.bat


for /f "tokens=*" %%a in (hostnames.txt) do SoftwareInstaller.bat %%a


2. hostnames.txt (one hostname per line)


hostname1
hostname2
hostname3


3. SoftwareInstaller.bat


SET SERVERNAME=replacewithservername
SET SHARENAME=replacewithsharename
echo "checking for Installers directory on the target..."
if not exist \%1C$installers mkdir \%1C$installers
if not exist \%1C$installersfirefox353 mkdir \%1C$installersfirefox353
echo "copying Firefox install to install directory..."
xcopy "\$SERVERNAME$SHARENAMEFirefoxInstaller.exe" "\%1C$installersfirefox353" /e /y
echo "Installing Firefox..."
psexec.exe \%1 "c:installersfirefox353Firefox353.exe" -ms
echo "Firefox Done."


Now, fill the hostnames.txt with your hostnames, and double-click UpdateClients.bat.

Lately, I’ve been ripping out and replacing antivirus software in the Enterprise. Funny thing is, most of these types of software do not have a remote uninstall utility. Being the famously lazy admin I am, I had no interest in logging into each workstation, and manually removing it.

Instead, I used psexec. It’s just one command in an awesome toolset written by Mark Russinovich called Pstools. So, I saved the following as a batch file, and executed it against all domain workstations. Here’s the contents of the symantec_removal.bat file:


REM save this as c:symantec_removal.bat
@reg add HKLMSOFTWAREIntelLANDeskVirusProtect6CurrentVersionAdministratorOnlySecurity /v UseVPUninstallPassword /t REG_DWORD /d 0 /f
@reg add HKLMSOFTWAREIntelLANDeskVirusProtect6CurrentVersionAdministratorOnlySecurity /v LockUnloadServices /t REG_DWORD /d 0 /f
msiexec /norestart /qn /x{46B63F23-2B4A-4525-A827-688026BE5E40}


Then, just install pstools into your PATH, and open a command prompt on the server, and do this:

psexec \* -c c:symantec_removal.bat

You’ll notice that the msiexec command has a GUID, so if your version of Symantec is different than mine, you’ll need the correct GUID for your version. This can be found here:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Just look through the GUIDs located here until you find your version of Symantec. Then, just replace {46B63F23-2B4A-4525-A827-688026BE5E40} with the GUID found in your registry.

BTW – The first 2 lines in that batch file are for removing the uninstaller password from symantec antivirus. If you don’t use an uninstall password, you can remove them.