Friday, December 16, 2011

Troubleshooting Litetouch on USB

Here's a list of things that should be checked if problems are encountered building a USB key for Litetouch.

1) Copy over the proper files.  At a minimum, the Control, Scripts and Tools folders must be copied to the Deploy folder. The Deploy\Boot folder only requires the wim that is being booted from.  In my case, LiteTouchPE_x64.wim.

2) Make sure the bcd file is the way it needs to be.  Use a command like bcdedit /store e:\boot\bcd /enum to check.  This works for listing both LiteTouch and BartPE on the menu with a default to LiteTouch.

Windows Boot Manager
--------------------
identifier              {bootmgr}
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
displayorder            {default}
                        {ntldr}
toolsdisplayorder       {memdiag}
timeout                 30
displaybootmenu         Yes

Windows Boot Loader
-------------------
identifier              {default}
device                  ramdisk=[boot]\Deploy\Boot\LiteTouchPE_x64.wim,{7619dcc8-fafe-11d9-b411-000476eba25f}
path                    \windows\system32\boot\winload.exe
description             Litetouch Boot [MEDIA002] (x64)
locale                  en-US
inherit                 {bootloadersettings}
osdevice                ramdisk=[boot]\Deploy\Boot\LiteTouchPE_x64.wim,{7619dcc8-fafe-11d9-b411-000476eba25f}
systemroot              \windows
detecthal               Yes
winpe                   Yes
ems                     Yes

Windows Legacy OS Loader
------------------------
identifier              {ntldr}
device                  boot
path                    \setupldr.bin
description             BartPE

3) If changes are made to the deployment share that could affect boot (see earlier post) then the changes must be propogated to the USB key.  Usually,  LiteTouchPE_x64.wim should be refreshed as well as bootstrap.ini and customsettings.ini.

4) Also consider that missing drivers can cause strange errors.  A missing network driver may be obvious, but a missing disk driver may just cause an unable to find disk drive error.

Thursday, December 15, 2011

Not writing to SLShare

Figured out why my logs would not copy to the server, they didn't have permission.  I had to give Everyone or Authenticated Users Read/Write permission on the logs$ share on my linked deployment share server but did not have to on the primary server.

Friday, December 9, 2011

When to update deployment share?

The following is a good guide.

- New or modified mass storage and network drivers that need to be injected into the boot image.
- Changes to the boot image settings (e.g. adding fonts, changing the RAMdisk size)
- Changes to the bootstrap.ini file
- Changes to any of the files in an "extra" folder

http://social.technet.microsoft.com/Forums/is/mdt/thread/a09ae1a4-f144-4a85-86bd-cdef02cab7e1

Thursday, December 8, 2011

UAC and task scheduler

I am trying to do a simple task. Delete profiles using group policy.

1) Tried using Delete user profiles older than a specified number of days on system restart. Did not work.

2) Had a vbs script to cleanout profiles which worked wonderfully with my previous image. Imported it into group policy, no errors on running task and log showed no errors. The profiles were deleted (did not show up in the user profiles) but the folders were not.

Why?  UAC was interfering and did not return an error. Fixed it by checking off Run with highest privileges in the task, equivilent to using elevated command prompt.

Read the note regarding S4U in the link below.  Also need to grant batch access to the user.

http://technet.microsoft.com/en-us/library/cc722152.aspx

Wednesday, November 30, 2011

Apply group policy with a power plan

I've been try to move some settings away from my Windows 7 image and into group policy.  Also using the balanced power plan, which puts the computer to sleep after 30 min.

Here are some of the issues I have run into:

1) Group policy doesn't update consistently.  The default is every 90 minutes with a random offset of 30 minutes. Combined with the computer going to sleep in 30 min, the settings don't update predictably. It might be fine if the computer is in regular use, but if it isn't...

2) Trying to use Delete user profiles older than a specified number of days on system restart. Need to schedule a restart so that the profiles will delete.

3) GP is a little picky with scheduled tasks.  I tried to schedule a reboot at 6am and couldn't use the same task as in my previous images. Difference is that the password must be stored, even for a reboot.

4) Deploying printers using Deploy Printers in Computer Configuration seems to work ok. Setting the default using the Preference works too.  Except I need to set a different default for certain machines in the same lab.  Using a vbs or batch script doesn't work at all.  I have to go back to using a batch script to install printers.

5) Sleeping the computer means it needs to be woken up. WOL is so yesterday and unreliable.  In Windows 7, the computer can be woken up using a TCP SYN packet. So RDP or anything the queries the computer over the network should do the trick. Problem is the first packet wakes the computer. Then a wait for it to wake up. So if touching multiple PCs now I need a script (net view \\computername) and nbtstat to double check to wake before I run what I need to do.

Friday, November 25, 2011

Windows 7 not activating via KMS

So I have an interesting problem.  I build my images using a machine that is not on the domain for MDT.  Problem with this is that when sysprep finishes it leaves the machine unactivated.  When it is joined to the domain, activation is not a problem. I've found a couple ways around it.

1) Use slmgr -skms to set the KMS server and slmgr -ato to activate.  I will probably have to script this in MDT somewhere.

2) Add a DNS suffix search list that corresponds to the domain.

http://technet.microsoft.com/en-us/library/ff793406.aspx

Neither is particularily appealing as it means an extra step.  I think it should be automatic as it is when the machine is joined to the domain.

Thursday, November 10, 2011

Power management in Windows 7

I did not realize this... but Windows 7 seems to have moved beyond WOL.  I just discovered that W7 can wake to TCP SYN and a couple of other protocols... No longer do we have to rely on Magic Packet.  At least if the computer is in sleep mode.

http://technet.microsoft.com/en-us/library/ee617165%28WS.10%29.aspx

Friday, October 14, 2011

Multibooting BartPE and Litetouch PE

Woohoo!  I 've figured out how to PXE boot either BartPE or Litetouch from a menu.  Tried it via syslinux and grub4dos but neither worked. Here are the details.

Prepare the USB media
1) Use rmpartusb to format the drive.  It can be found here
3) Run “rmpartusb list” to figure out which drive number is the USB key.
4) Run “rmpartusb drive=<drive number> winpe ntfs volume=WINPE”

or use diskpart:

Using Diskpart
Open a command prompt:

1) diskpart
2) list disk
3) select disk 7 (or whatever disk your media is)
4) clean
5) create partition primary
6) select partition 1
7) active
8) format quick fs=NTFS
9) assign
10) exit

Copy Files
These are the details if you need to go back to the deploymentshare$ to retrieve the files.  I had initially built special media for this but it takes a lot of space.  Will script this at some point for JIT builds. I am only using the x64 version of Litetouch.

• Copy the contents of deploymentshare$\Boot\x64 to the root of the USB stick
• Copy deploymentshare$\scripts\autorun.inf to the root of the USB stick
• Copy the following to the Deploy folder in the root of the USB stick

o Control
o Out-of-Box Drivers
o Scripts
o Servicing
o Tools
o USMT

• Create empty folders in the root called: $OEM$, Applications, Backup, Capture, Operating Systems, and Packages (Don't really know if these are needed at all)

I haven’t quite figured out which files are needed and why, but initially it looks like the following can be deleted:

• Backup\Automatic
• Servicing\x86
• Tools\x86
• USMT\x86

Add BartPE
This is using SDI media.  It can also be done with the original BartPE files. Copy ntdetect.com, setupldr.bin and bartpe.sdi to the root of the USB media. Setupldr.bin needs to be from W2K3 SP1.

Modify the BCD Store
Use bcdedit to modify the bcd file. The file of the same name in Deploy\Boot\x64\EFI\microsoft\boot does not seem to be required.

Show current entries
Bcdedit /store E:\boot\bcd /enum

Making the x64 image load by default
Bcdedit /store E:\boot\bcd /default {identifier}

Delete entry (for the x86 load if present)
Bcdedit /store E:\boot\bcd /delete {identifier}

To add the BartPE entries, do the following:
bcdedit /store E:\boot\BCD /create {ntldr} /d BartPE
bcdedit /store E:\boot\BCD /set {ntldr} device boot
bcdedit /store E:\boot\BCD /set {ntldr} path setupldr.bin
bcdedit /store E:\boot\BCD /displayorder {ntldr} /addlast
bcdedit /store E:\boot\BCD /set {bootmgr} displaybootmenu yes

Refer to http://www.911cd.net/forums//index.php?showtopic=20167

Tuesday, October 11, 2011

Windows 7 - Screen res and sysprep

I was capturing a MDT install and noticed that the screen resolution was defaulting to a low value. Like 1024x768. Turns out that there was a setting in OOBEstystem\Display that set it to 1024x768. Removed it and will see how it goes with the next capture.

Monday, August 22, 2011

Sysprep - Fatal error occurred while trying to sysprep the machine

Well, it has finally caught up to me. Failed to set skiprearm=1 and now I have a machine that I can't sysprep.

Using a combination of info from

http://www.blogsolute.com/reset-rearm-windows-7-indefinitely-crack-unlimited-forever/6379/
http://blogen.creed-tech.net/miscellaneous/sysprep-your-windows-os-for-more-then-3-times/

I managed to get it to a point where it would sysprep. But then it died a horrible death. As I think I forgot to set the admin password back to something known. (Because Windows had locked out the account earlier).  So I got the sysprep could not process the specialize phase and an infinite reboot loop. :-(

But if I had set the admin password I think things might have worked.  Back to rebuilding the image. :-(

Also try setting the cleanup to 2 and generalize state to 7.

Wednesday, August 17, 2011

AutoDesk bloat

AutoDesk products can leave up to 150MB of data in your user profile.  Can delete the following in the users profile when prepping a template for profile copy:

\appdata\local\AutoDesk
\appdata\roaming\AutoDesk
\MyDocuments\<any Autodesk product folder>

Wednesday, August 10, 2011

Installing Visio 2007 Pro

Discovered that it needs be installed from disc media.  So CD or DVD.  Tried copying it to the hard drive and got “Setup cannot find Office.en-us\pss10r.chm. Browse to a valid installation source, and then click ok”.

Wednesday, July 27, 2011

Troubleshooting MDT 2010

Just starting to work with MDT.  A few issues of note.

1) If the logon information is not correct for the deployment share, you won't get an error. When booting from media, none of the task sequences will show up.

2) When creating media, ISOs are good for CDs/PXE booting and WIMS for WDS.  If you are using a USB key, the media needs to be created seperately by right clicking the media folder.  Doesn't not seem to work copying the folders from the boot folder. Also need to format the key properly. If you are not using x86, don't create the media.  Saves disk space and a little time.

When creating media for a USB key, note that task sequences are not copied over from deploymentshare\control.  (Point #8 is related). This causes various isses including:

- Unfinished task sequence. MININT and _SMSTaskSequence folders left on hard drive
- A link to wscript C:\MININT\Scripts\litetouch.wsf in the Start Menu
- An error upon startup that will ask for the USB media with WinPE on it
- If you do not delete the two above folders and reboot WinPE in an effort to reimage, you will get an endless reboot loop

The solution is, when updating the USB media, copy the entire contents of Control to Deploy\Control on the key.

3) The reference machine should not have an entry in the database. 

4) It seems that not one set of settings for the custom.ini and bootstrap.ini will work for both a capture & deployment.  May have to switch settings between the two.

5) Watch out for syntax errors.  I made one with an extra bracket in CustomSettings.ini and it failed to capture.

6) When importing the image, need to add the setup files. After selecting Custom image file in the Import Operating System Wizard, you need to select Copy Windows Vista, Windows Server 2008, or later setup files from the specific path, and then point to a folder/DVD where you have the Windows 7 installation files. If you don't do this, you may see no end to hangs or other problems when WinPE boots, etc.

7)  If the host machine for MDT is in a domain, make sure it is in an OU with minimal group policy.  I used a normal lab machine for testing and Litetouch was unable to connect to the server due to group policy only allowing admin users to connect.

8) After capturing/deploying a machine a few times, WinPE does a continuous reboot loop. The solution is to reformat the hard drive or reload a different OS.  It seems to check the hd before running the task sequences. http://web2.minasi.com/forum/topic.asp?TOPIC_ID=36827#179751. Or, if you can boot via an alternate media such as BartPE and remove the _SMSTaskSequence and MININT folders from the hard drive.  On occasion, you may also find "C:\Windows\system32\wscript.exe" "C:\MININT\Scripts\LiteTouch.wsf" in the startup folder.  You may want to delete as well.  MS does not clean up after itself.

See http://social.technet.microsoft.com/Forums/en/w7itproinstall/thread/3f5cc1a7-1adb-4f4c-a018-7b85c1dc810c

9) WinPE boots, Microsoft Deployment Wizard runs. Hangs after that at the Microsoft Solution Accelerators screen. No task sequence screen to be found. The solution is buired in X:\minint\smsosd\osdlogs\bdd.log. The error was "Unable to connect to \\localhost\DeploymentShare$". This refers to the inability to connect to the SQL Server.  It looks like I need to change the logon account to one that has permissions. For now, I used the customsettings.ini and bootstrap.ini that I had before I installed the SQL server.

10) WinPE boots, Microsoft Deployment Wizard runs.  Gets to the "Welcome to Windows Deployment Wizard" screen.  After the deployment share and authentication is entered, nothing happens.  The X:\minint\smsosd\osdlogs\bdd.log indicated that it was trying to connect to the SQL Server localhost.  Fixed it by changing the SQL server in customsettings.ini to the correct server.  There is still a lag of what seems like a minutes before the task sequences show up.

Wednesday, July 20, 2011

Pays to check your bandwidth

I was trying to do my first MDT capture of a reference image, and wondered why after an hour it was still not done... My NIC on the deployment share machine had autoed to 10 MB. Once I set it to 100 Full it was done in a matter of minutes.

Friday, July 15, 2011

Slipstreaming XP Pro with SP3

Ever wonder why you can't slipstream an XP SP3 in Windows 7?

http://support.microsoft.com/kb/950722

Monday, June 27, 2011

How to Build WinPE

Prepare the USB stick

Open a command prompt:
diskpart
list disk
select disk 7
clean
create partition primary
select partition 1
active
format quick fs=NTFS
assign
exit

1) Build the media using the Deployment Workbench.
2) Browse the deployment share, Advanced Configuration, right click on media.  Accept the defaults for everything.
3) Select the rules tab and add at the end of the default selection, _SMSTSORGNAME=org identifier.
4) Click on Edit Bootstrap.ini and add the same line.
5) Browse using Windows Explorer to the folder containing the media files. Copy the ISO file to the root of the USB key. Copy the contents of the Content folder to the root of the USB key.
6) You can refer to this link for more clarification.

Tuesday, June 21, 2011

Downloader-bcs

Just found this on my work computer while trying to solve the popup isse. Malware Bytes didn't find it, but MacAfee 8.8 Enterprise with AntiSpyware did.  I'm suprised McAfee found anything.

Popup video in Firefox

I have this video window that links to video.ca.msn.com that pops up every once in a while when I am browsing in Firefox. It only started yesterday and it is very annoying.  With the help of a colleague, finally figured out what it was.

It’s Windows Live Messenger.  There is advertising on the bottom. Whenever it turns to video, it pops a window out.  My main messenger window is on my 2nd monitor, but the popup shows up in my primary monitor, only when I am viewing Firefox.  Probably a bug in Microsoft’s programming.  Close the main Window and it goes away.

I used #2 from the following page to fix it.

http://www.techmixer.com/remove-ads-from-windows-live-messenger/

Friday, June 10, 2011

TightVNC slow on Windows 7

When using TightVNC on Windows 7, I find that the screen refresh can be a little slow.  To remedy, in your client, use 8 bit color. Also choose high speed mode if you are on a LAN.

http://steph.reconfigure.ca/pc/speed-up-tightvnc-on-windows-7/

Tuesday, June 7, 2011

Quicktime Problems

Having an issue with Quicktime where it will not work for a standard user unless an Administrative user has used the plugin first. Deleting HKCU\Software\Apple Computer, Inc.\QuickTime\LocalUserPreferences should help

http://www.404techsupport.com/2009/04/29/a-quick-fix-for-a-quicktime-problem/

One can also put the following in a login script.

reg delete  "HKCU\Software\Apple Computer, Inc.\QuickTime\LocalUserPreferences" /f

Wednesday, June 1, 2011

Windows 7 Temporary Profile - Part 2

I discovered that both of my local admin accounts' profiles had the machine name appended on the end.  The original profile folder still existed with just the apps folder.  To fix, I did the following:

1) Logon to another account with local admin priveleges.
2) Remove the orginal users folder, should be empty.
3) Remove the target users folder's machine name extension.
4) In regedit, go to HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
5) Find the SID that contains the old user's profile path.   Remove the users folder's machine name extension.
6) Close all apps, reboot and login as the target user.

The user profile should now be back in the correct folder.  This isn't a case of folder corruption as it is Windows deciding that it didn't like the orginal folder.

Tuesday, May 17, 2011

BartPE - missing plugin causes WMI not to work

I know that this is so old school, but in recompiling BartPE, I had disabled the XPE v1.0.4 plug for MMC by accident.  This causes amongst other things, the serial number not to be picked up.  As it still works fine when booted into Windows.

Friday, May 6, 2011

The smallest things trip me up...

I had to brush the cobwebs off an old XP image that I built on an Optiplex 960 in AHCI mode last year.  The lab got upgraded to 980s and I need a temporary image until I can go W7.  So I loaded it, it sysprepped and it hung on "Applying computer settings...".  The secret was, after loading the image in BartPE, copy the new Sysprep/Declone program with the updated drivers.  And switch to ATA mode as AHCI on the 980s doesn't seem to work properly unless it is a from scratch XP install.

Wednesday, May 4, 2011

BartPE and booting off a new generation of USB key

I've had to upgrade my ways of booting BartPE every time a new USB key comes out.  This time, a Patriot Xporter 64GB.  We still use the 32 GB version but find that it doesn't boot on Optiplex 980s. But this one does.

My old methods of formatting didn't work. Pe2usb errors, ufdprep doesn't recoginize abover 32 GB. So I used rmpartusb which comes as part of the "Bootable USB-Drive Utility" as made by someone for use with BartPE. There is a certain offset that must be written to the bootsector to allow ntldr to be be found.

The magic line is: rmpartusb drive=x xp ntfs volume=BartPE

http://www.911cd.net/forums//index.php?showtopic=21702


Monday, April 25, 2011

Removing unecessary files in XP

http://kv5r.com/articles/win/cleanwin.asp

http://www.marcofolio.net/tips/tips_to_shrink_the_windows_directory_to_create_space.html

c:\windows\driver cache\i386 and sysprep

I sually have no problems with my XP sysprep.  Now it is asking for files like pciide.sys, isapnp.sys and pci.sys.  The problem is, I like to cleanup my installs.  I deleted the contents of the c:\windows\driver cache\i386 folder.  Which contained driver.cab and sp3.cab.  So if you ever have to sysprep a machine, don't delete these files!

I copied them from another install and now it works perfectly.

Tuesday, April 12, 2011

Optiplex 980 finally syspreps...

For the longest time I have been trying to get my 980 to sysprep and declone nicely with Windows 7.  I suspect it has something to do with the SATA mode.  And the suspicion that there is a hardware problem with the machine itself...

http://social.technet.microsoft.com/Forums/en-US/w7itproinstall/thread/6074f6ba-6eeb-4315-a253-054862999d91

Thursday, April 7, 2011

Optiplex 960 sooo slow

I have an Optiplex 960 that I use on occasion, being off most of the time.  When I've been needing to use it, it has been really slow.  Slow, like taking 15-30 seconds to respond to keyboard or mouse.  Even when it is not connected to the Internet.  I've loaded many different images on it. No dice.  Then I looked at the BIOS.  A03.  The latest is A11.  Wouldn't you know, all it needed was a BIOS upgrade.

Also fixed the "Windows could not complete the installation. To install Windows on this computer, restart the installation" error from Sysprep.  Now only if the same would happen with my 980...

Monday, March 28, 2011

Attacked by hackers

Watch out for failed logins for administrator on your computer.  2-3 times every second, coming from file://ntscan/.  The IP in this case was  69.167.189.5, originating from New York, USA. Apprently it is attacking the RDP port.

Solution: rename the Administrator account. Get a firewall. But I'm sure it causes a ton of network traffic.

http://www.webhostingtalk.com/archive/index.php/t-945341.html

Winzip

I'm glad I don't use Winzip, but in case you do... There is a serious bug which erases removable drives before creating the zip file.  You might want to update to the latest version.

http://www.winzip.com/rel_notes_wz.htm

Sunday, March 27, 2011

Windows 7 language and Word 2007

I couldn't figure out why my keyboard keeps on displaying French letters.  For example, whenI type ', I get an e with an accent. It's because I chose English - Canada as the language setting in Windows.  Installed English - US instead and it works fine.

Friday, March 18, 2011

Needle in a haystack = stupid coding error

I've been driven crazy for days over why my proprietary Declone and Sysprep refuses to work on an Optiplex 980.  Works perfectly on a 960, 755 and GX520.  There is a piece of perl code that is used in the declone script to match the MAC address of the computer to one in a text file.  It goes like this.

if( $line =~ /00-*/ )  {

Where "00" is the first two digits of the MAC address.  Guess what?  They make NIC cards with addresses starting with the rest of the hex numbers.  I had to change it to:

if( $line =~ /\d\d-*/ )  {

Of course, higher up all I got was a Sysprep error.  Other parts of the program picked up the computer name correctly. Many hours wasted looking in the wrong places.

Windows 7 can shrink partitions

This is a nifty feature.  I still remember the days of Partition Magic where you needed to boot outside the OS on disk to be able to change the size of the primary boot partition.  Windows 7 allows you to do it while booted into the OS.  If there is space I assume that it will extend partitions as well

Monday, March 14, 2011

Windows 7 - profile corrupted

Imagine the horror when you reboot your computer, logon and get a profile that is wiped of all your settings. The error is "Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off."  I have seen this lots in the lab but never really worried about it.  Until it happened to me.  Thank goodness the first method mentioned in the link below worked.

http://support.microsoft.com/kb/947215

Friday, March 11, 2011

Facebook malware

I recently posted this on my status. It's not the first time I have come across this.  It appeared on a friend's profile, someone who does not normally post this type of content.  I was suspicous.  Too bad I can't find anything from authoritative sources on the web referencing this type of malware.

There is Facebook malware or scam going around. A link such as "Look what happens when FATHER catches DAUGHTER on her WEBCAM!" on your friend's profile and is liked by them. Don't click on it! Tell your friend to remove it from their profile. If you click on it, it will post itself on your profile without asking. It also has a lot of spammy content that could infect your computer.

Thursday, March 10, 2011

More code for creating shortcuts on the desktop

Here's another way of doing it.  I'm not sure I like this method as I am an old geezer and hang onto the computer name, pre-Windows 2000 instead of the common name. Which means that it does not identify users if they are not named properly.

But it really doesn't solve my biggest problem... the fact that the members of the Admin group reside in two different domains.

Option Explicit
Dim net, currentUser, objGroup, objUser, strdistinguishedName, arrDnComponents, userNameComponent, strDesktopFolder, objShell, objShortCut
Set net = CreateObject("Wscript.Network")
currentUser = net.UserName
'Bind to the group
Set objGroup = GetObject("ldap://CN=Admins,ou=foo,dc=foo,dc=bar,dc=com")
'Iterate through the user objects in the group
For Each objUser In objGroup.Members
 'Get the users distinguishedName
 strdistinguishedName = objUser.distinguishedName
 'Split users distinguishedName by ','
 arrDnComponents = Split(objUser.distinguishedName, ",")
 'Split the actual user name
 userNameComponent = Split(arrDnComponents(0), "=")
 ' Check to see if the user is in the group

If userNameComponent(1) = currentUser then
 wscript.echo "This user is a member of the group. Creating shortcuts..."
 call CreateShortcut("c:\windows\scripts\admin\TightVNC","TightVNC")
 call CreateShortcut("%SystemRoot%\system32\gpmc.msc","Group Policy Management Console")
 call CreateShortcut("%SystemRoot%\system32\dsa.msc","Active Directory Users and Computers")
Else
 wscript.echo "Processing user..." & userNameComponent(1)
End If
Next
' *****************************************************
'This function creates a shortcut on the user's desktop.
Function CreateShortcut(targetPath,shortcutName)
 set objShell = WScript.CreateObject( "WScript.Shell" )
 strDesktopFolder = objShell.SpecialFolders("Desktop")
 Set objShortCut = objShell.CreateShortcut(strDesktopFolder & "\" & shortcutName & ".lnk")
 objShortCut.TargetPath = targetPath
 objShortCut.Save
End Function
' *****************************************************
' Clean up
set objShell = Nothing
set net = Nothing

Tuesday, March 1, 2011

Creating shortcuts on desktop


I needed some code to create shortcuts for admin users only on logon.

Sourced from here:

http://daniel.streefkerkonline.com/vbscript-check-if-current-user-is-a-member-of-a-certain-group/

and tweaked it a bit.  The guy writes clean looking code.

' ******************************************
'Error Handling
On Error Resume Next
set objShell = WScript.CreateObject( "WScript.Shell" )

'Calls the isMember function with the specified group to see if the current user
' is a member of that group.
' If member, then create a shortcut to TightVNC, GMPC & ADUC on the desktop
If isMember("My_Admins") Then
    call CreateShortcut("c:\windows\scripts\admin\TightVNC","TightVNC")
    call CreateShortcut("%SystemRoot%\system32\gpmc.msc","Group Policy Management Console")
    call CreateShortcut("%SystemRoot%\system32\dsa.msc","Active Directory Users and Computers")
    Else
    ' wscript.echo "The user is not a member of the group"
End If

' ******************************************
'This function checks to see if the passed group name contains the current
' user as a member. Returns True or False
Function IsMember(groupName)
    If IsEmpty(groupListD) then
        Set groupListD = CreateObject("Scripting.Dictionary")
        groupListD.CompareMode = TextCompare
        ADSPath = EnvString("userdomain") & "/" & EnvString("username")
        Set userPath = GetObject("WinNT://" & ADSPath & ",user")
        For Each listGroup in userPath.Groups
            groupListD.Add listGroup.Name, "-"
        Next
    End if
    IsMember = CBool(groupListD.Exists(groupName))
End Function
' ******************************************
'This function returns a particular environment variable's value.
' for example, if you use EnvString("username"), it would return
' the value of %username%.
Function EnvString(variable)
    variable = "%" & variable & "%"
    EnvString = objShell.ExpandEnvironmentStrings(variable)
End Function
' ******************************************
'This function creates a shortcut on the user's desktop.
Function CreateShortcut(targetPath,shortcutName)
    strDesktopFolder = objShell.SpecialFolders("Desktop")
    Set objShortCut = objShell.CreateShortcut(strDesktopFolder & "\" & shortcutName & ".lnk")
    objShortCut.TargetPath = targetPath
    objShortCut.Save
End Function
' ******************************************
' Clean up
Set objShell = Nothing

Tuesday, February 22, 2011

Utility to copy over Default profile in Windows 7

Finally... What I have been looking for.

It's called Defprof and its free!

http://www.forensit.com/support-downloads.html

Friday, February 11, 2011

Microsoft Updates

What is it with the Microsoft patch cycle this week.  KB2393802 is causing my personal notebook to BSOD as well as some work computers. KB2467023 has broken our VM clients.  Argh.

Wednesday, February 9, 2011

Active ports does not work in Windows 7

But this does.

Open Task Manager and on the Performance tab there is a button that launches “Resource Monitor”. Once open, go to the Network tab and under “TCP Connections” you can view a list of processes and ports – both sortable.

Friday, January 21, 2011

Group policy preferences for Windows 7 and Server 2008 sp2

It has been documented that the GPPs for Windows 7 will not work unless you are running Server 2008 RC2. I am running Server 2008 SP2. I have seen through my testing that this is probably the case.  It is very inconsistent.  I'm trying to schedule a task on a Win 7 client.  Only once did it ever show up in the Task Scheduler.  Then it failed for other reasons.  Every other attempt it has not shown up on the Task Scheduler.  When I run gpresult, is usually indicated that the GPO was sucessfully applied. But not always.  Sometimes I get a Failure (Error Code: 0x80041316).

Tuesday, January 18, 2011

Group policy results on client

gpresult /h gpreport.html

Rather useful if for some reason, it doesn't work from gpmc.msc.

Deleting profiles in Windows 7

I've been searching high and low for a script that does this.  This one did the trick nicely, with a little modification.

http://www.theshonkproject.com/index.php?option=com_content&task=view&id=50&Itemid=31

I added this mod instead of using "If flgAllowExecute then objFSO.DeleteFolder(objSubfolder.Path), DeleteReadOnly", as it returns a permission denied error.  From what I read, perhaps the file handles are not released when the file is deleted.

http://www.webmasterkb.com/Uwe/Forum.aspx/vbscript/12936/Permission-denied-Code-800A0046

If flgAllowExecute then DeleteProfileFolder(objSubfolder.Path)

Sub DeleteProfileFolder(SomeFolderPath)
 Dim strFolder, objShell, objWMIService, objFolders, rtnFolder, rtnCode
 Const WindowStyle = 0
 Const WaitOnReturn = True
 strFolder = SomeFolderPath
 Set objShell = WScript.CreateObject("WScript.Shell")
 objShell.Run "CMD /c RMDIR /s /q " & strFolder, WindowStyle, WaitOnReturn
 Set objShell = Nothing
End Sub

It ain't pretty but it works.

Thursday, January 13, 2011

Sort email by conversation in Outlook

I really don't like Outlook.  Way too complicated, especially if you get a lot of email, of which most of it can be ignored.  This is a good tip for organizing your folders.

http://blogs.office.com/b/microsoft-outlook/archive/2007/10/05/ultimate-inbox-merging-inbox-and-sent-items-folders.aspx

Thursday, January 6, 2011

Problems with sysprep & copyprofile - Windows 7x64

For some reason, Sysprep errors in the specialize pass when it tries to copy the profile.  Corrupts the entire load and have to reimage.  The following from http://www.ms-windows.info/Help/vista-sysprep-error-copyprofile-tag-3835.aspx seemed to fix it for a few people.

pjpvt said:

I found an answer in another forum that worked for me.  Here's the quote:
I don't know if anyone cares anymore, but I just had this exact problem. The issue turned out to be some bogus profile information in the registry at HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList . I had a couple of keys in there that didn't belong. I think someone had deleted a profile from the c:\users folder without removing the registry piece.

In any case, after I deleted the keys that didn't match what was in the c:\users folder, I no longer had the issue.