How to get KACE to run a batch file that calls upon a windows command script to run

I am to block IE 11 from being downloaded as many of our applications only work with IE9.  MS has a command script it has published to do this.  It needs to run with an elevated CMD.  I have created a batch file that calls upon the MS command script and adds the registry file that blocks IE 11 and it works within itself.  Now I need to figure out a way to push that Batch file down to the rest of the users.  Bellow is my batch file followed by the MS command script.  Any help would be awesome.


My Batch file:

@echo off

cd "C:\ProgramData\Dell\KACE\kbots_cache\packages\kbots\111"  ---(where the IE11_blocker.cmd file can be found)

ie11_blocker.cmd /b



The MS command script:

@echo off

Echo Copyright (C) Microsoft Corporation.  All rights reserved.
Echo. set ProductName=Internet Explorer 11
set REGBlockKey=HKLM\SOFTWARE\Microsoft\Internet Explorer\Setup\11.0
set REGBlockValue=DoNotAllowIE11 set RemoteMachine=%1 if ""=="%1" goto Usage
if "/?"=="%1" goto Usage
if /I "/H"=="%1" goto Usage
if /I "/B"=="%1" goto LocalMachine
if /I "/U"=="%1" goto LocalMachine
set RemoteMachineName=%1
set Action=%2 :Parse
if /I "/B" == "%Action%" goto Block
if /I "/U" == "%Action%" goto UnBlock
goto Usage :Block
Echo Blocking deployment of %ProductName% on %RemoteMachineName%
REG ADD "\\%RemoteMachine%\%REGBlockKey%" /v %REGBlockValue% /t REG_DWORD /d 1 /f
goto End :UnBlock
Echo Unblocking deployment of %ProductName% on %RemoteMachineName%
REG DELETE "\\%RemoteMachine%\%REGBlockKey%" /v %REGBlockValue% /f
goto End :LocalMachine
echo LOCAL!
set Action=%1
set RemoteMachine=.
set RemoteMachineName=the local machine
goto Parse :Usage
Echo This tool can be used to remotely block or unblock the delivery of
Echo %ProductName% via Automatic Updates.
Echo ------------------------------------------------------------
Echo Usage:
Echo %0 [machine name] [/B] [/U] [/H]
REM [machine name] [/B|U|H]
Echo B = Block %ProductName% deployment
Echo U = Allow %ProductName% deployment
Echo H = Help
Echo To block or unblock installation on the local machine use
Echo period ("." with no quotes) as the machine name
Echo Examples:
Echo %0 mymachine /B (blocks delivery on machine "mymachine")
Echo %0 /U (unblocks delivery on the local machine)
Echo ------------------------------------------------------------
Echo. :End

2 Comments   [ + ] Show comments
  • Would it be simpler to just create the registry edit and push that change down? - AFCUjstrick 7 years ago
  • we have that in place now, but for whatever reason even though the the command script adds the same registry key we are doing manually it does not prevent IE11 from being updated through windows update. However once the command script is run it does block the install of IE 11. We have since moved on and are just pushing this from the .adm file and just adding it to our GPO. However just for future knowledge it would be great if anyone has any ideas, on how to get this to push from Kace. - jgolden 7 years ago

Answers (2)

Posted by: SMal.tmcc 7 years ago
Red Belt

Create a kscript and dump the command file.

  • you may also have to push "reg add hlkm64\...." for 64 bit machines if it does not take with the 32 bit reg call - SMal.tmcc 7 years ago
Posted by: jgolden 7 years ago
Senior White Belt
Smal we have pushed both regedits through Kace without running this command script. Though they appear to create the same registry file, IE 11 is still able to download and install. It is only after running the command script does it prevent IE 11 from being installed

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ