When I run the command through CMD it works fine
but through the psExce action in the final builder it fails with an error:
ERROR : Failed to read from temporary output buffer : Input past end of file
ERROR : Failed to delete temporary file : Permission denied
Do you know why it's happens?
Thanks.
Hi Hila,
The PsExec action does some unusual things when it’s output is redirected, so we actually redirect output to a temporary file in your temporary items directory. The file is automatically cleaned up when the action finishes execution.
We actually use the TEMP environment variable to find the temporary items directory. Can you verify that yours is pointing to a valid directory? If you have defined a FinalBuilder variable called TEMP, this will interfere with the operation of the action.
Regards,
Angus
Angus,
I am getting this same error.
In my case I just upgraded from a previous version of FB 5 to the latest (it ran flawlessly before).
Mine is executed over an iteration of servers and it runs OK on some of the servers, and then fails on others- it seems rather intermittent.
I can confirm this was the value of the TEMP variable the last time I ran the package:
C:\DOCUME~1\OWEN~1.MAN\LOCALS~1\Temp\1
.. and this is the directory (it does exist):
C:\Documents and Settings\owen.manske\Local Settings\Temp\1
I appreciate ANY help (and quick) this is causing my deployments to fail.
Owen
Hi Owen,
Thanks for the post, sorry to hear you’re having problems. Judging from the screenshot you sent, this looks like it’s probably a permissions issue on some of the servers. Some things to check:
- Is FinalBuilder running as the same user on all of the servers?
- Does that user have the same permissions on all of the servers?
- Does the user have sufficient permissions to access and modify the contents of that folder on all of the servers (verify on the Security tab of the folder Properties)?
- Does the issue go away if you roll back to the previous FB 5 version (also, what version were you using before you upgraded?)
Regards.
Angus
Thanks for quick the response Angus,
- Is FinalBuilder running as the same user on all of the servers?
FinalBuilder only runs on one of our servers. It calls PSEXEC which executes batch files on target servers. The user account used when calling PSEXEC is is different depending on the class of the target server. However the FinalBuilder project is running under my account- I am a domain Admin.
- Does that user have the same permissions on all of the servers?
I am not sure this question is relevant given my answer above
- Does the user have sufficient permissions to access and modify the contents of that folder on all of the servers (verify on the Security tab of the folder Properties)?
If you are referring to the user who is running the project- then yes- I am a domain admin
- Does the issue go away if you roll back to the previous FB 5 version (also, what version were you using before you upgraded?)
This is the kicker- YES it does. In fact this is what I had to do last night because we have 60+ servers now in our PROD environment and I can no longer do it manually on every server. I needed to do a hotfix last night and the new version failed to launch PSEXEC on every target server. I rolled back to the only version of 5 I had ever previously downloaded: 5.0.0.130, and it ran fine after that.
One other thing to note is that I noticed that after I upgraded from v4 to v5, that the password no longer showed up in the clear in the log of the PSEXEC step (in version 5.0.0.130 it shows up as *PASSWORD*)- and that is GREAT. However when I upgraded to the latest version of FB5, not only am I experiencing the permissions problem, but it also reverted to displaying the password in the clear, in the log of the PSEXEC step. My guess is that is a related issue. (only a guess though)
I really appreciate if you can help me out. I am OK for now having rolled back to an earlier version, but I would like to stay current.
If you need any more info from me- please let me know.
Owen
PS: the version of PSEXEC getting launched on the target servers is 1.72.0.0. The version that is triggered from the FB server is also 1.72.0.0
PPS: One last thing (this is really a side issue but it relates to PSEXEC). Is there any way you guys could modify variables so that we can specify that we want a variable masked in the watch list? What I mean is that I use a variable to store a password that the user executing the deployment project must type in. As I said- in the version of 5 I am currently using, the password shows up in the PSEXEC log, but it is masked with *PASSWORD*. However, if I set a watch for my password variable (even after the package has finished executing) - the password shows up plain as day.
Hi Owen,
Sorry, I somehow misunderstood your original post as meaning that you were running FinalBuilder across multiple servers to run PsExec.
I'll look into this today or tomorrow and get back to you ASAP.
Regards,
Angus
Hi Owen,
In the latest version of FinalBuilder we added the -accepteula option to all of the actions, and this option is enabled by default. If you’re using PsExec 1.72 then it doesn’t actually support this option (it was added by Microsoft when they bought Sysinternals.)
The reason we have it is that if you run a (recent) pstool without the option, and it hasn’t been run before, then it hangs trying to display the EULA dialog.
During testing I noticed that older versions of PsExec choke on this option. Your alternatives would be to disable it on each PsExec action, or to upgrade to the latest PsTools.
This is actually the only change in the PsTools actions between the two versions of FinalBuilder you are using.
I’m also seeing passwords omitted from the log in the current version.
I still haven’t managed to reproduce your issue, but hopefully this information will help you work it out.
Regards,
Angus
Thanks Angus.
When I first started troubleshooting the problems- I saw the new 'Accept EULA' option right away (and that it was checked on by default). Let me more carefully explain my problems (I had forgotten about some this before so I apoogize- but I have reviewed the logs to verify)
My FIRST problem was that the PSEXEC action in my project would execute succesfully, return a success code of 0, but then cause the action fail. This was when I first noticed that the password was showing up in clear text in the log. My workaround for this was to check the ignore errors box on this action (which was fine since it really did execute on the target server).
My SECOND problem was that on another iteration (PSEXEC call to a different server within the same project using a different password) I was getting the error: "unknown user or bad password." In this case it was helpful to see my password in clear text in the log because I could see for sure that I had typed in correctly. To attempt to fix this- I unchecked the 'Accept EULA' option.
After I did that is when I started getting the following errors (THIRD problem):
ERROR : Failed to read from temporary output buffer : Input past end of file
ERROR : Failed to delete temporary file : Permission denied
This one has me puzzled- because like I said- it worked fine on some of the target servers- even with the EULA checked.
After thoroughly reviewing my logs I think these things are true:
1. I think the 'unknown user or bad password' error was caused by the special characters ('^' and '#'). On *some* of the PSEXEC calls to servers where I had a password with non-special characters AND the accept EULA option checked- the PSEXEC call worked (there are actually two different PSEXEC calls to some servers- some of them worked, some of them gave me the FIRST problem listed above)
2. Unchecking the 'Accept EULA' option causes the following 2 errors:
ERROR : Failed to read from temporary output buffer : Input past end of file
ERROR : Failed to delete temporary file : Permission denied
I've attached 2 files with output from PSEXEC.
Let me know if you need anything else (I know this is confusing).
And please remember- this project works perfectly in the older version of FB 5 (in fact I am running our production deployment right now)
Owen
Hi Owen,
Thanks for sending these issues. I’ll try and deal with things one at a time.
1) The fail-on-return-code-zero thing could be a change (or a bug) in the way the action is configured. On the “Program” tab there is an option which says “Exit code must be less than or equal to”. Does that reflect the failure? It’s possible this option didn’t upgrade properly from the older version of FinalBuilder.
2) The -accepteula option should definitely be off if you’re still using the older version of PsTools - it’s not supported, and it seems to break PsExec in strange ways.
3) It’s possible the characters in the password is causing a problem. I’ll run some tests here now. If the passwords contain % or $( then you’ll need to escape these as well, as they are FinalBuilder variable indicators.
4) The password-in-cleartext may be because you’re using a variable to store the password value. I’ll investigate this as well.
5) The main cause for “ERROR: Failed to read…” that I can think of is probably because psexec failed to start for some reason, which may be related to the previous errors as you suggested.
I’ll investigate some more and post again. Thanks again for your patience with this.
Regards,
Angus
Hi Owen,
I've managed to reproduce the password-characters bug. I think that was the same reason the password wasn't being hidden, as well. We should have a test build with a fix for that, ASAP.
I'll also improve some of the error handling with the output file.
Finally, could you please upgrade to the latest version of PsExec? You'll need to run it once from Explorer on your local machine in order to accept the EULA (if you're using the old build without this option in the action.)
Regards,
Angus
Thanks again Angus,
I will gladly upgrade to the latest version of PSEXEC, but I have a question- does it need to be the one on my CM (FinalBuilder) server and/or the ones on my target servers (of the PSEXEC call)?
I also discovered that some of my target servers have an even older version of PSEXEC in %system32% which is higher up the path than the version I have in my build_tools folder. That might be what is gettting called on some of the target servers. (The version is 1.55.0.0)
Owen
Hi Owen,
You should definitely delete any old files from your servers, this may be what is causing the problems. PsExec should be capable of deploying the service automatically via the admin share, and deleting it when it is done - you don’t need it on the target servers at all.
- Angus