[SOLVED] Problem with waptdeploy on some PCs due to wapt
Published: July 3, 2018 - 2:42 PM
Hello,
I'm deploying the WAPT agent using waptdeploy, with both a logon script and a GPO.
It works perfectly for most PCs, but for about ten (out of approximately 80) it fails to install.
I should clarify that the GPO is indeed a computer GPO (therefore with admin rights) and that the logon script uses an AutoIt script which also grants it local administrator rights (this worked perfectly with WAPT 1.3 and therefore here for the vast majority with WAPT 1.5).
Here's the error: (I've replaced my domain with xxxx)
-----------------------------------------------------------------------------------------------
WAPT required version: force
Wapt agent path: C:\Windows\TEMP\waptagent.exe
Wget new waptagent from https://wapt2.xxxx.local/wapt/waptagent.exe
Trying to reach https://wapt2.xxxx.local/wapt/waptagent.exe...
Reachable, downloading...
Done.
Cleanup...
An unhandled exception occurred at $00416608:
EFOpenError: Unable to open file "C:\Windows\TEMP\waptagent.exe"
$00416608
$004164B0
$00440216
$004047C9
-----------------------------------------------------------------------------------------------
The logon script (as admin)
\\Server\NETLOGON\waptdeploy.exe --hash=my_hash --minversion=1.5.1.23 --wait=15 --waptsetupurl=https://wapt2.xxxx.local/wapt/waptagent.exe
-----------------------------------------------------------------------------------------------
After quite a bit of research, I noticed that if I enter the address as http and not as https for wapturl, it works.
And this corresponds to the error: Unable to open file "C:\Windows\TEMP\waptagent.exe".
Waptdeploy apparently couldn't download Waptagent from the Wapt server via HTTPS.
I suspect a certificate is missing on some PCs, but I haven't deployed any specific certificates. Should I do this (via GPO?) and if so, which certificate and where? And why does it work on most PCs but not some?
This problem is very disruptive, and I'd rather not stay with HTTP because it might not work in a future version of Wapt (and I'm not sure it will work on all PCs via HTTP; I'm testing...).
Thanks.
I'm deploying the WAPT agent using waptdeploy, with both a logon script and a GPO.
It works perfectly for most PCs, but for about ten (out of approximately 80) it fails to install.
I should clarify that the GPO is indeed a computer GPO (therefore with admin rights) and that the logon script uses an AutoIt script which also grants it local administrator rights (this worked perfectly with WAPT 1.3 and therefore here for the vast majority with WAPT 1.5).
Here's the error: (I've replaced my domain with xxxx)
-----------------------------------------------------------------------------------------------
WAPT required version: force
Wapt agent path: C:\Windows\TEMP\waptagent.exe
Wget new waptagent from https://wapt2.xxxx.local/wapt/waptagent.exe
Trying to reach https://wapt2.xxxx.local/wapt/waptagent.exe...
Reachable, downloading...
Done.
Cleanup...
An unhandled exception occurred at $00416608:
EFOpenError: Unable to open file "C:\Windows\TEMP\waptagent.exe"
$00416608
$004164B0
$00440216
$004047C9
-----------------------------------------------------------------------------------------------
The logon script (as admin)
\\Server\NETLOGON\waptdeploy.exe --hash=my_hash --minversion=1.5.1.23 --wait=15 --waptsetupurl=https://wapt2.xxxx.local/wapt/waptagent.exe
-----------------------------------------------------------------------------------------------
After quite a bit of research, I noticed that if I enter the address as http and not as https for wapturl, it works.
And this corresponds to the error: Unable to open file "C:\Windows\TEMP\waptagent.exe".
Waptdeploy apparently couldn't download Waptagent from the Wapt server via HTTPS.
I suspect a certificate is missing on some PCs, but I haven't deployed any specific certificates. Should I do this (via GPO?) and if so, which certificate and where? And why does it work on most PCs but not some?
This problem is very disruptive, and I'd rather not stay with HTTP because it might not work in a future version of Wapt (and I'm not sure it will work on all PCs via HTTP; I'm testing...).
Thanks.