Give us a call at 262.299.4606 to discuss how FastTrack can help your organization or email us here

FastTrack admin

Compiling your script into an exe file

FastTrack Automation Studio can in Scripting Mode by a single mouse-click compile your script and optional binary files into a single self-contained executable file that does not require FastTrack Scripting Host (the run-time) to execute.

Just open any script and hit the toolbar icon to save your script as an exe file, as demonstrated in the movie below. FastTrack Automation Studio can also compile your script and optional binary files into MSI files. Please refer to the this page for more information.
Download FastTrack Automation Studio

Compiling scripts into exe files

Department of Commerce Booking Kpmg Aspen Dental Hamilton Beach Toyota Disney Kawasaki Goodyear Maersk NOAA

Pros and cons of exe files

A FastTrack script can be executed directly, if fsh.exe is present. It can also be compiled into a stand-alone exe file, as shown above. The only drawback of saving as an exe file is that the original script must be kept as the source code for future editing, because the original script can never be retrieved from the exe file. If you are considering compiling your script into an exe file only to protect your content, you should be aware that you get the same level of protection simply by encrypting your script.

But there are many scenarios where a single exe file is the best choice. An exe file can run on any computer without including an FSH.Exe and FSH.Lic file and can simply be served on a network drive, usb stick, CD, DVD, from an intranet or internet server or zipped in an email. It is extremely flexible and you have certainty that the recipient cannot in any way alter the content or see the original script, including any credentials that might be embedded into the script. You also have the option of packing additional files into your exe files (see next section). Exe file compilation would therefore be relevant in at least these scenarios:
  • You are a consultant writing scripts for customers and don't want them to have the original scripts or you want to be make sure there are no alterations to the scripts.
  • You have little or no control over executing computers.
  • Executing computers are not accessible for servicing and you need to give someone a secure script over the internet, by mail or similar.
  • You have installation scripts in a relatively public location and you want to ensure the users do not copy the installation files or credentials.
  • Your scripts are in a relatively public area, such as an education center, and you have concerns that external users may copy your license key.
  • Other administrators also have your private key and you want to make sure no one else can edit your scripts.
Note that producing an exe file or using the original script makes no difference to the licensing requirements. Any compiled exe file will be compiled with license information of the creator and licensing rules are the same.

Executable projects

You will have two options for creating an exe file from the "Create Exe File" menu:
  • Save Script As Exe File (F10): This compiles your open script into a single executable file (see movie at the top).
  • Advanced Exe File Compilation (F11): This compiles your open script and embeds other files in your script directory structure into a single executable file. Compiling a script and additional files into one exe file is referred to on this page as an executable project. You can also use the advanced exe file compilation to set properties on the output exe file without embedding other files. This is explained further down this page.
Compiling an exe

An executable project is basically the same as a script compiled into an exe file, except that it also includes other files. This means that you can repackage a whole directory structure and include your own custom script into one single self-extracting exe file. The files will be unpacked to the executing users' temporary directory and the script that was the base of the project is executed after unpacking as the "boot" script. You can then for example create a company specific repackage of a whole software installation if you wish, including your custom script, into a single exe file without compromising credentials and other sensible information in your script.

To setup a project to repackage, follow these steps:
  • Create a project folder
  • Create a script file in the root of the structure that will be the boot script
  • Include all other files for the project in the project folder or subfolders
  • Open the boot script and hit the "Advanced Exe File Compilation" button (or press F11)
In the movie below, the scenario is this:
  • The network administrator wants to create a pool of common applications where users can self-service to get some software installed, without consulting the IT department.
  • Any one installation must be one executable file to avoid users copying the installation files.
  • Executing users are not administrators.
  • The process must be completely automatic without requiring user interaction, except asking to install or not.
  • There is a local administrator account on all computers that have the same password known only to the network administrator.
  • Executing users must not be able to get the credentials of the local administrator account executing the installation.
In the example below, a single 90mb exe file is produced that will install Adobe Reader using a custom administrator account.



Exe file properties

The movie above was recorded using version 6.3. If you are using version 8.2 or newer, exe files have properties that show the name of the creator and the project creation screen is a wizard. A generated exe file on could look like this on Windows 8, when showing the properties of the file:

Exe file properties

You can overrule all these properties. When you select the "Advanced Exe File Compilation" option, you can overrule the default information, as shown below. If you need to set the information for the "Save Script As Exe File" option (no additional files), you must use the "Advanced Exe File Compilation" menu item instead and uncheck the "Include additional files from my project folder inside the exe file" checkbox to exclude additional files. This will in effect be the same as the "Save Script As Exe File", except that you now have the option to set the exe file properties.

Setting exe file properties


Command line compilation

It is possible to compile scripts from command line. A tool called Build.Exe is located in the installation directory of FastTrack Automation Studio, which can be called to compile script files into exe files without using the script editor. The syntax is:
Build.Exe /Quiet /ScriptFile <Input Script File> /ExeFile <Output Exe File>
If the /Quiet switch is specified, the successful conversion message will not be shown. In case of an error, an error message will always be displayed. You can call "Build.exe /?" to get a full list of command-line switches.

Protecting content

This section and the next section are extracts from the Software Deployment page describing how to package a script and installation files into one single exe file that can be placed in a public location for computers that is not accessible for servicing. Please refer to that page for more details on creating installation scripts.

Creating a single exe file based on a script and installation files has a number of advantages over all other possible alternatives for these types of machines: The users cannot get a copy of the installation files, the users do not have to be administrators and credentials can be safely included in scripts.

If an exe file is put in a public location, we need to protect it from abuse. We could achieve this by simply asking for a password that only internal users know. If we inserted this at the top of the script before getting to the script lines that actually perform the installation:

If Not [InputPassword Enter installation password]=Sesame Then

  ShowErrorMessage The password is incorrect.

  Exit

End If

Then the user will see this, when running the exe file:


If the user did not enter "Sesame" in this case, then the user gets an error and the exe file exits.



Getting permissions and privileged

If the offline users are local administrators, we can continue to the actual installation script lines that execute the installation. If the local user may be under User Account Control, we might need to elevate the user to be able to actually execute the installation. To handle this, we simply need to insert one script line before we start the installation:

ElevateUser

Please refer to the User Account Control page for more information on the ElevateUser command.

If the user is not local administrator, but we know the name and password of a local administrator account that is not under User Account Control, we can simply change the executing user before doing anything that requires administrative privileges:

ChangeUser LocalInstallUser,6orateocIkCmGChbGYLg0w==

What is important to understand is that all this will be compiled into a single executable file and the executing user will have no chance of getting any information from inside the script. The output exe file can be put in a public location and the url and start password can be handed out.

Digitally signing your exe files

If you plan to deliver your exe files over a public infrastructure, as suggested above, you might want to digitally sign your executable file. You can use Microsoft Authenticode to sign your output exe file the same way that you can sign any other exe file. FastTrack Software cannot warrant the content of your scripts and therefore generated exe files are not digitally signed. You can however purchase your own digital signature from for example VeriSign and sign your generated exe file with the Microsoft tool Signtool:
SignTool.exe sign /f <YourPrimaryKey>.pfx /p <YourPassword> /t <VerificationUrl> <YourExeFile>
Please refer to the official signtool page for more information on digitally signing exe files with signtool.
Outlook Signature Generation

Outlook Signatures

Build mass-deployable Outlook signatures using a Word-like designer. More
Graphical Logon Scripts

Codeless Logon Scripts

Build graphical logon scripts with your own logo by pure point and click. More
IP Printing

Kill your print servers

Print to IP printers directly. More
Software Deploy

Software Deploy and Inventory

Push software without a management server and inventory to the cloud. More
Zero Touch Thin PC

Tired of Desktop Authority?

Same features - less complexity. More
FastTrack Automation Studio Video
Download FastTrack Automation Studio
Laptop Backups

Lockdown Local Admins

Revoke local admins rights and have users request ad-hoc access under full audit. More


Rating: 5 out of 5

"Use this as a replacement for VBScript and PowerShell"

"It's easy to include attractive GUI elements in FastTrack scripts, beyond the basic dialog boxes and text input that VBScript offers ... Another powerful feature is the ability to distribute scripts as Windows Installer (.msi) or standard .exe files. Although interesting in its own right, this ability results in a much more intriguing capability: to repackage -- or wrap -- software installers as .msi files without using snapshots. If you've ever created an .msi installer file from before-and-after system snapshots, for use with a software distribution system such as Group Policy or System Center Configuration Manager (SCCM), then you know how hit-and-miss the results can be."

Read full review


Rating: 8 out of 10

"Faster than the rest"

"We found the FastTrack syntax to be more transparent and easier to learn than Microsoft's PowerShell – the editor in particular provided good support in this regard. Scripting mode offers a large number of options from the command set through to simple output of graphical elements, which cannot be achieved at all with PowerShell or other solutions or only with a significantly greater level of effort."

"Anyone wanting to tackle the many hurdles in everyday admin and especially anyone for whom logon scripts and client automation is a priority will benefit from the variety of functions offered by FastTrack."

Review in English      Review in German
Department of Commerce Booking Kpmg Aspen Dental Hamilton Beach Toyota Disney Kawasaki Goodyear Maersk NOAA

Kill your local admin accounts! Let users request access by request under full audit. Check this page for more info.