The purpose of this document is to go over the Best Practices and Expectations when Distributing Batch File Packages in Ivanti Endpoint Manager.
Things to Consider before Starting
- Simplify packages; they more commonly result in a success and are easier to troubleshoot.
- Allow Ivanti EPM to handle downloads of any additional files required rather than attempting to do so in the batch.
- Batch files are run under Local System by default, which can often cause problems when attempting to access network shares.
- The Ivanti Endpoint Manager Console will likely not be able to differentiate between a failure to download or install if both are being done by the batch file.
- Ensure that the batch file and any accompanying files exist in the same directory on the network share.
- Ivanti Endpoint Manager will in turn download all necessary files to the same location in the workstation SDMCache.
- This allows the batch files to address all files locally.
- Distributed batch files should end in Exit /b %errorlevel%
- SDCLIENT.EXE will acknowledge the last return code sent by the batch file. Ending it with this line will ensure SDCLIENT acknowledges the final error level generated from the batch.
- Consider what permissions will be needed in order to run the batch file.
- Batch files are run under Local System by default. This may not produce sufficient privileges depending on what the batch is intended to do.
- Distribution packages can be configured to run under Local System, Current user's account, or a Specified User.
- For more information on creating Batch Files, please reference this Community Document.
Creating the Package Share
The batch file and all included files should be in the same network location. This will result in Ivanti EPM downloading all files to the same location on the workstation within the SDMCACHE.
The files should exist on a Preferred Server - this still needs to be the case even if the files are on the core. For more information on configuring Preferred Servers, please reference this Community Document.
The example in this Doc will run a batch file creates a directory called "Chrome" on the root of C:, moves a file called "Chrome.txt" to that directory and then install Google Chrome.
Note how the Batch file calls everything locally. This will ensure the highest level of success.
Creating a Batch File Distribution Package
In the Ivanti Endpoint Manager Console, click Tools> Distribution> Distribution Packages. Highlight My Packages and select New> Windows> Batch File.
In the Batch File Properties window, fill out the Primary File space. The primary file, in this case, will be the batch file.
Now select Additional Files and include the other files the batch will be calling. The additional files, in this case, will be the Chrome MSI and the Chrome Text File.
Note: the primary file cannot be added to the additional files section. An error will be displayed if this is attempted.
Click Save.
Deploying the Batch File
Right-click the newly created Distribution Package and click Create scheduled task(s)... A new task will be created in the scheduled tasks tool.
Download behavior should be verified before running the task on workstations. Right-click the newly created task and select Properties.
Click Task Settings and verify that "Download Options" is configured for Download and execute.
Note: The selection made here will trump the download options selected within the Agent Settings tool for Distribution and Patch. For information, please reference this Community Document.
Drag and drop the applicable workstations from the Network View into the task. Right-click the task select Start Now> All.
After a few moments, the files will begin downloading to the C:\Program Files (x86)\LANDesk\LDClient\sdmcache directory. Note how the files are written in the same directory path as they were copied:
