Month: November 2012
ACT 5.6 Log Processing Error 1017
Recently came across a situation where my ACT 5.6 server suddenly ceased processing log files and the directory had filled up with .cab files. As I had previously learned, the first quick thing to check is that the log processing [Windows] service is started. In this case it was started, but the .cab files were stuck. In turning to the event logs, I there was a warning message for ACT-LPS code 1017 with message “listener.exe verification for directory \\server\share fails”.
As it turns out, the fix was simple. Somehow ACT had accidentally become configured to just use the \\ServerName\ and it did not have the logs directory. By resetting it to include the correct path, the service began processing all the logs again!
Standalone Imaging Solution
I’ve been in a situation a couple of times where a client was going to use a third-party vendor to image hardware offsite, but didn’t have Microsoft deployment tools (WAIK, WDS, MDT, SCCM, etc.) for deploying the standard WIM image that was created. To work with this scenario, I developed an unattended answer file with WSIM that can be used to sysprep a computer for an image where the disk can be cloned. This sysprep file essentially does the following items below. Many of the items may seem “unnecessary”, but they are necessary in order to automate the majority of the deployment.
Sysprep.xml Features
- enables the local admin account
- removes the “copy profile” functionality
- removes the “Get Windows Live” shortcuts
- sets the time zone to MST
- enables RDP
- disables firewall notifications
- disables the domain firewall
- disables Windows Defender
- disables IE accelerators
- disables the IE first run wizard
- enables IE compatibility mode
- disables IE suggested sites
- sets Windows to skip auto activation
- disables system restore
- sets the local language to English
- sets the registered owner/org
- sets Windows to automatically login as Administrator one time
- sets the screen resolution to 1024×768
- sets the first logon command to execute a script in C:\CompanyName
- Hides the Windows EULA Hides the wireless network setup wizard
- sets the default network location to “Work”
- sets the recommended level of protection for Windows Update
- creates taskbar links to Outlook and Word
Next, the overall process looks like such:
- Automate driver installation using HP SoftPaqs and script to copy the files into C:\CompanyName\ModelName\
- Optionally, automate and script BIOS updates
- Create script named “ImageConfigTasks.vbs” (code below) to do the following items (this will run post sysprep). Script should be copied into C:\CompanyName. You can use the attached script as a starting point.
- Prompt for PC name
- Detect PC model and install drivers (do this next to ensure the NIC driver gets installed for the domain join)
- Join to domain and OU
- Install SCCM client
- Install SCEP client
- Restart Window
- Create sysprep.xml file with x64 bits which essentially allows the PC to auto logon into Windows with the admin account and launches ImageConfigTasks. You can use the attached sample as guidance, but do not actually use this file as it was compiled for the x86 components and you need it for x64.
- Create a “build” task sequence which installs Windows, software, security updates, copy of the drivers into the CompanyName folder, copy of the ImageConfigTasks script, copy the sysprep.xml file
- Run the task sequence on a VM
- After completion, login to Windows and run %SYS32%\sysprep\sysprep.exe /generalize /oobe /shutdown /unattend:C:\CompanyName\sysprep.xml
- This will sysprep the PC’s disk for cloning. Do not power on the PC once its shutdown!
- Optionally, you can creatively automate this process so that you do not need to actually login to the PC
- Once the PC with the cloned disk has been delivered onsite, power on the PC. Windows will go through mini-setup to install generic devices. Then Windows will auto logon to run the script and complete the setup process.
Download the ImageConfigTasks script here!!
Run on physical hardware
To build-out this custom solution for the vendor, do the following.
- Complete and “certify” the newly captured image (note: this is still in progress as of 12:15 PM today, but is looking good to complete successfully).
- Use the deployment task to install this image AND the hardware drivers AND any other software/configurations that did not make it into the image. You may also want to change the task sequence to NOT join to the domain for this model so that it does not receive [junky] group policies.
- Once that task sequence is done, login to Windows as the local admin account.
- Ensure the two script files live in C:\CompanyName
- Run %SYS32%\sysprep\sysprep.exe /generalize /oobe /shutdown /unattend:C:\CompanyName\sysprep.xml
- DO NOT TURN THE COMPUTER ON. Remove the hard drive and give to vendor. Once a cloned PC is onsite and connected to the network, only then should the PC be turned on. A prompt for the computer name will appear and then the custom script will execute.
While you’re in the process of testing/development, you can of course turn it on to validate the scripts execute, drivers are installed, etc.
VBScript to Delete HKCU values or keys
Based upon my VBScript to create HKCU registry keys and/or values, I’ve created a script that does the opposite of deleting keys and/or values. This code was also updated to locate the default user profile path for Windows 7 (and newer).
'==========================================================================
' Author: Nick Moseley, https://t3chn1ck.wordpress.com
' Comments: This script will parse all User profiles on the computer, load their HKCU hive,
' then set the appropriate registry keys.
' History: ' 1.0 (04/07/2009) - Initial script
' 1.1 (06/03/2009) - Added example for setting dword values based on MyITForum question
' 1.2 (06/05/2009) - Added additional comments to identify the section where to define the values to be set
' 1.3 (09/23/2010) - Corrected comment typos
' 2.0 (11/12/2012) - Changed base script to DELETE specified keys/values
'==========================================================================
Option Explicit
Const ForAppending = 8
Const HKLM = &H80000002
' ************************************************
' Configure the following values to define the HKCU keys to be deleted
' ************************************************
Const sUserKey = "\Software\SampleKey"
Const sUserKeyValueName = "SampleValueName"
' ************************************************
Dim oReg, oFSO, oFile, oUserSubkey, aUserProfiles, oShell
Dim sProfileLCase, sRegExe, sRegLoad, sRegUnload, sHiveName, sSubPath, sProfile, sValueName, sKeyPathUserProfiles, sValue, ReturnVal
Set oReg = GetObject("winmgmts:\\.\root\default:StdRegProv")
Set oShell = CreateObject ("WScript.Shell")
Set oFSO = CreateObject ("Scripting.FileSystemObject")
' Begin configuration of existing user profiles
sValueName = "ProfileImagePath"
sKeyPathUserProfiles = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"
sRegExe = "C:\Windows\system32\reg.exe"
oReg.EnumKey HKLM, sKeyPathUserProfiles, aUserProfiles
' Parse all user keys
For Each oUserSubkey In aUserProfiles
sSubPath = sKeyPathUserProfiles & "\" & oUserSubkey
oReg.GetExpandedStringValue HKLM,sSubPath,sValueName,sValue
sProfile = Split(sValue, "\")
sProfileLCase = LCase(sProfile(2))
If sProfileLCase = "system32" Then
' Do nothing
ElseIf sProfileLCase = "localservice" Then
' Do nothing
ElseIf sProfileLCase = "networkservice" Then
' Do nothing
ElseIf sProfileLCase = "serviceprofiles" Then
' Do nothing
Else
sHiveName = "TempHive_" & sProfileLCase
' Load user's profile hive into a temp location
sRegLoad = " LOAD HKLM\" & sHiveName & " """ & sValue & "\ntuser.dat"""
oShell.Run sRegExe & sRegLoad, 0, True
' Call subroutine to change registry key
SetConfigUserHive (sHiveName)
' Unload user's profile hive
sRegUnload = " UNLOAD HKLM\" & sHiveName
oShell.Run sRegExe & sRegUnload, 0, True
End If
Next
' Default User Profile sHiveName = "TempHive_DefaultUser"
sRegLoad = " LOAD HKLM\" & sHiveName & " ""C:\Users\Default\ntuser.dat"""
oShell.Run sRegExe & sRegLoad, 0, True
SetConfigUserHive (sHiveName)
sRegUnload = " UNLOAD HKLM\" & sHiveName
oShell.Run sRegExe & sRegUnload, 0, True
' End script
WScript.Quit ()
Sub SetConfigUserHive (sTempHive)
Dim sTempHiveKeyPath
' Path of registry keys
sTempHiveKeyPath = sTempHive & sUserKey
'wscript.echo "sHiveName = " & sTempHiveKeyPath
' Delete value
ReturnVal = oReg.DeleteValue(HKLM, sTempHiveKeyPath & "\", sUserKeyValueName)
' Delete key
ReturnVal = oReg.DeleteKey(HKLM, sTempHiveKeyPath & "\", sUserKey)
End Sub
Website for associating WUA with MS updates
If you’re having problems with detecting updates for Microsoft Office, there is a good chance that the Windows Update Agent (WUA) is not associated with “Microsoft Update”. One way to fix this on a per-computer basis is to use a MS website which will do this for you. It is http://update.microsoft.com/microsoftupdate/v6.
Automating the Windows 8 Startup Background Image
*** Update 11/26/12 – KB2770917 now provides administrators with the ability to modify the default background as well, without needing to perform the below steps within WinPE ***
Automated deployment and configuration of Windows 8 is much like that in Windows 7. I can easily see many organization not caring for the default Windows 8 background startup image and wanting to replace it with one of their own. In a TechNet posting, one person had gone through a series of painful scripts to take ownership of a folder, propagate the permissions, etc. While this could still accomplish the task, many of the steps seem unnecessary. The easiest method that I found to change the default image was to replace the initial file while the ConfigMgr 2012 imaging process was still within WinPE. In this way, the files are not locked by any permissions.
To do this:
- Create or find the image that you desire to use. Save it as a .png file type.
- Create a script to execute the below command to replace the image. (Side note: if you want to retain the old image, then add an extra entry into your script to rename the img100.png file)
if exist C:\Windows\Web\Screen\img100.png xcopy “%~dp0MyCustomStartupBG.png” C:\Windows\Web\Screen\img100.png /Y - Execute the script in a task sequence with a Run Command Line step. Place this immediately after the Apply Operating System step!
- At completion of your task sequence is your custom startup background image!
Creating Windows 8 Start Tiles with WSIM
Automated deployment and configuration of Windows 8 is much like that in Windows 7. The Windows System Image Manager (WSIM) can be used to create an unattend.xml file for use in a ConfigMgr 2012 task sequence. Keep in mind that deployment of Windows 8 is limited to MDT 2012 and/or ConfigMgr 2012. To get the version of WSIM that supports Windows 8, you’ll need to download/install the Windows Assessment and Deployment Kit v8.
Windows 8 has the new “Start Tiles” which replaces the old Start Menu that dates back 18 years with Windows 95. One thing that you may need to do as part of your automated deployment is create new Start Tiles. In the WSIM, add into the “Specialize” pass, item Microsoft-Windows-Shell-Setup >> Start Tiles >> Square Tiles >> SquareOrDesktop Tile1 (then Tile2, 3, 4, etc.). In the below example, I have added a tile for Microsoft Word 2013.
There are a few things to note when configuring these values:
- The path must be hard-coded, you cannot use environment variables such as %ProgramData% instead of C:\ProgramData
- Your drive letter must be correct. If MDT ‘accidentally’ assigns the drive letter to E:\ then this will not work (see point #1)
- You must point to a link (.lnk) file. Trying to use the executable name (such as WINWORD.exe) does not work
t3chn1ck 