This is somthing I have to do a lot, unfortunatley due to the delegated access to the active directory in the UK we don't have direct access to Group Policy so we do a lot of things with logon scripts. It's often the case we may need to make registry tweaks or similar, for this I use AutoIT scripts as it's easy to run script with alternate credentials. The only other issue with Windows 7 is UAC for this will need to be disabled if you want to avoid the user being prompted to run the script.
http://www.autoitscript.com/site/autoit/
If Not IsAdmin() Then
If $CMDLINE[0] = 0 Or $CMDLINE[1] <> "Restart" Then
If Not RunAs("user","domain","password",1,"""" & @ScriptFullPath & """ Restart",@ScriptDir)
Then Exit 1
Exit 0
Else
Exit 1
EndIf
EndIf
This code will restart the script with the credentials you provide. I usually put the code I don't want executed as the elevated user within another if statement.
If $CMDLINE[0] = 0 Or $CMDLINE[1] <> "Restart" Then
code here
Endif
Friday 29 June 2012
Monday 25 June 2012
MDT2012 Customsettings.ini with seperate X86 and X64 Rules
We have decided to start deploying x64 Windows 7 Images into our enviroment, because of when the system was originally setup the time frame and purpose didn't allow for or require the need for x64 systems. So the rule set was only ever considering x86 installs.
The current rule set allow for different settings and madatory applications based on machine type, eg laptop/vm/desktop or server.
[Settings]
Priority=TaskSequenceID, Default, ByLaptopType, ByDesktopType, ByVMType
[Default]
;SkipBDDWelcome=YES
SkipLocaleSelection=YES
OSInstall=Y
SkipAppsOnUpgrade=YES
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
OSDComputerName=UKW0
_SMSTSORGNAME=UK IT Deployments
SkipBitLocker=YES
KeyboardLocale=en-GB
InputLocale=en-GB
UserLocale=en-GB
UILanguage=en-US
SkipTimeZone=YES
TimeZoneName=GMT Standard Time
ApplyGPOPack=NO
WsusServer=http://ukwsus:80
DriverGroup001=Generic
DriverGroup002=%Make%\%Model%
DriverSelectionProfile=Nothing
FinishAction=REBOOT
EventService=http://UKDEPLOY:9800
[APPINSTALL]
SkipCapture=NO
ComputerBackupLocation=AUTO
[ByVMType]
Subsection=VM-%IsVM%
[VM-True]
[ByLaptopType]
Subsection=Laptop-%IsLaptop%
[Laptop-True]
[ByDesktopType]
Subsection=Desktop-%IsDesktop%
[Desktop-True]
SkipDomainMembership=Yes
DomainAdmin=User with rights to create workstation objects
DomainAdminPassword=*********
MachineObjectOU=OU=Desktops,OU=Workstations,OU=United Kingdom,OU=Countries,OU=DOMAIN.COM,DC=DSV,DC=COM
JoinDomain=DOMAIN.COM
;Snow
MandatoryApplications001={2d5721df-7cad-4b5c-befd-4e7b14d0a3fc}
;Lemms
MandatoryApplications002={a7ad878d-1d12-462b-b7e0-34e0deea076a}
;Forefront
MandatoryApplications003={f35a0b74-bbb5-4fa2-85cf-07ae7c53b78c}
[ByServerType]
Subsection=Desktop-%IsServer%
[Server-True]
To add Architecture support there are a couple of things to bare in mind the %Architecture% looks at WinPE architecture of the Processor or Task Sequence you are trying to deploy. So you will need to have both x86 and x64 litetouch boot images avalible, if you boot from the x86 litetouch it will always use the x86 rules.
Architecture enabled Customsettings:
[Settings]
Priority=Default,TaskSequenceID, ByLaptopType, ByDesktopType,ByVMType
[Default]
;SkipBDDWelcome=YES
SkipLocaleSelection=YES
OSInstall=Y
SkipAppsOnUpgrade=YES
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
OSDComputerName=UKW0
_SMSTSORGNAME=UK IT Deployments
SkipBitLocker=YES
KeyboardLocale=en-GB
InputLocale=en-GB
UserLocale=en-GB
UILanguage=en-US
SkipTimeZone=YES
TimeZoneName=GMT Standard Time
ApplyGPOPack=NO
WsusServer=http://ukwsus:80
DriverGroup001=Generic
DriverGroup002=%Make%\%Model%
DriverSelectionProfile=Nothing
FinishAction=REBOOT
EventService=http://UKDEPLOY:9800
KeyboardLocalePE=0809:00000809
KeyboardLocale=0809:00000809
[APPINSTALL]
SkipCapture=NO
ComputerBackupLocation=AUTO
[ByVMType]
Subsection=VM-%IsVM%-%Architecture%
[VM-True-X86]
[VM-True-X64]
[ByLaptopType]
Subsection=Laptop-%IsLaptop%-%Architecture%
[Laptop-True-X86]
[Laptop-True-X64]
[ByDesktopType]
Subsection=Desktop-%IsDesktop%-%Architecture%
[Desktop-True-X86]
SkipDomainMembership=Yes
DomainAdmin=User with rights to create workstation objects
DomainAdminPassword=*********
MachineObjectOU=OU=X86,OU=Desktops,OU=Workstations,OU=United Kingdom,OU=Countries,OU=DOMAIN.COM,DC=DSV,DC=COM
JoinDomain=DOMAIN.COM
;Snow
MandatoryApplications001={2d5721df-7cad-4b5c-befd-4e7b14d0a3fc}
;Lemss
MandatoryApplications002={a7ad878d-1d12-462b-b7e0-34e0deea076a}
;Forefront
MandatoryApplications003={f35a0b74-bbb5-4fa2-85cf-07ae7c53b78c}
[Desktop-True-x64]
SkipDomainMembership=Yes
DomainAdmin=User with rights to create workstation objects
DomainAdminPassword=*********
MachineObjectOU=OU=X64,OU=Desktops,OU=Workstations,OU=United Kingdom,OU=Countries,OU=DOMAIN.COM,DC=DSV,DC=COM
JoinDomain=DOMAIN.COM
;Snow
MandatoryApplications001={2d5721df-7cad-4b5c-befd-4e7b14d0a3fc}
[ByServerType]
Subsection=Desktop-%IsServer%
[Server-True]
The current rule set allow for different settings and madatory applications based on machine type, eg laptop/vm/desktop or server.
[Settings]
Priority=TaskSequenceID, Default, ByLaptopType, ByDesktopType, ByVMType
[Default]
;SkipBDDWelcome=YES
SkipLocaleSelection=YES
OSInstall=Y
SkipAppsOnUpgrade=YES
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
OSDComputerName=UKW0
_SMSTSORGNAME=UK IT Deployments
SkipBitLocker=YES
KeyboardLocale=en-GB
InputLocale=en-GB
UserLocale=en-GB
UILanguage=en-US
SkipTimeZone=YES
TimeZoneName=GMT Standard Time
ApplyGPOPack=NO
WsusServer=http://ukwsus:80
DriverGroup001=Generic
DriverGroup002=%Make%\%Model%
DriverSelectionProfile=Nothing
FinishAction=REBOOT
EventService=http://UKDEPLOY:9800
[APPINSTALL]
SkipCapture=NO
ComputerBackupLocation=AUTO
[ByVMType]
Subsection=VM-%IsVM%
[VM-True]
[ByLaptopType]
Subsection=Laptop-%IsLaptop%
[Laptop-True]
[ByDesktopType]
Subsection=Desktop-%IsDesktop%
[Desktop-True]
SkipDomainMembership=Yes
DomainAdmin=User with rights to create workstation objects
DomainAdminPassword=*********
MachineObjectOU=OU=Desktops,OU=Workstations,OU=United Kingdom,OU=Countries,OU=DOMAIN.COM,DC=DSV,DC=COM
JoinDomain=DOMAIN.COM
;Snow
MandatoryApplications001={2d5721df-7cad-4b5c-befd-4e7b14d0a3fc}
;Lemms
MandatoryApplications002={a7ad878d-1d12-462b-b7e0-34e0deea076a}
;Forefront
MandatoryApplications003={f35a0b74-bbb5-4fa2-85cf-07ae7c53b78c}
[ByServerType]
Subsection=Desktop-%IsServer%
[Server-True]
To add Architecture support there are a couple of things to bare in mind the %Architecture% looks at WinPE architecture of the Processor or Task Sequence you are trying to deploy. So you will need to have both x86 and x64 litetouch boot images avalible, if you boot from the x86 litetouch it will always use the x86 rules.
Architecture enabled Customsettings:
[Settings]
Priority=Default,TaskSequenceID, ByLaptopType, ByDesktopType,ByVMType
[Default]
;SkipBDDWelcome=YES
SkipLocaleSelection=YES
OSInstall=Y
SkipAppsOnUpgrade=YES
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
OSDComputerName=UKW0
_SMSTSORGNAME=UK IT Deployments
SkipBitLocker=YES
KeyboardLocale=en-GB
InputLocale=en-GB
UserLocale=en-GB
UILanguage=en-US
SkipTimeZone=YES
TimeZoneName=GMT Standard Time
ApplyGPOPack=NO
WsusServer=http://ukwsus:80
DriverGroup001=Generic
DriverGroup002=%Make%\%Model%
DriverSelectionProfile=Nothing
FinishAction=REBOOT
EventService=http://UKDEPLOY:9800
KeyboardLocalePE=0809:00000809
KeyboardLocale=0809:00000809
[APPINSTALL]
SkipCapture=NO
ComputerBackupLocation=AUTO
[ByVMType]
Subsection=VM-%IsVM%-%Architecture%
[VM-True-X86]
[VM-True-X64]
[ByLaptopType]
Subsection=Laptop-%IsLaptop%-%Architecture%
[Laptop-True-X86]
[Laptop-True-X64]
[ByDesktopType]
Subsection=Desktop-%IsDesktop%-%Architecture%
[Desktop-True-X86]
SkipDomainMembership=Yes
DomainAdmin=User with rights to create workstation objects
DomainAdminPassword=*********
MachineObjectOU=OU=X86,OU=Desktops,OU=Workstations,OU=United Kingdom,OU=Countries,OU=DOMAIN.COM,DC=DSV,DC=COM
JoinDomain=DOMAIN.COM
;Snow
MandatoryApplications001={2d5721df-7cad-4b5c-befd-4e7b14d0a3fc}
;Lemss
MandatoryApplications002={a7ad878d-1d12-462b-b7e0-34e0deea076a}
;Forefront
MandatoryApplications003={f35a0b74-bbb5-4fa2-85cf-07ae7c53b78c}
[Desktop-True-x64]
SkipDomainMembership=Yes
DomainAdmin=User with rights to create workstation objects
DomainAdminPassword=*********
MachineObjectOU=OU=X64,OU=Desktops,OU=Workstations,OU=United Kingdom,OU=Countries,OU=DOMAIN.COM,DC=DSV,DC=COM
JoinDomain=DOMAIN.COM
;Snow
MandatoryApplications001={2d5721df-7cad-4b5c-befd-4e7b14d0a3fc}
[ByServerType]
Subsection=Desktop-%IsServer%
[Server-True]
Thursday 26 January 2012
Blog Purpose
I have created this blog in order to compile all the tips, tricks, settings and programs I use in my day to day admin tasks.
We often have no budget, so where possible we use bodges, in house scripts, scripts borrowed from the internet and open source solutions to get our everyday tasks done as simply as possible.
There are a lot of solutions out there where the only cost is your time.
We often have no budget, so where possible we use bodges, in house scripts, scripts borrowed from the internet and open source solutions to get our everyday tasks done as simply as possible.
There are a lot of solutions out there where the only cost is your time.
Subscribe to:
Posts (Atom)