Latest Event Updates
In a corporate environment, distributing software can frequently be tricky. One thing that can cause the most headaches is when there are registry changes that need to be made within the HKCU hive of any or even every user. For example, Apple designed QuickTime to allow every user to decide whether or not to enable automatic updates. So this value is set in HKCU\Software\Apple Computer, Inc.\QuickTime\LocalUserPreferences\. But in a controlled environment, you really don’t want the users doing their own thing. So the package needs to be designed in such a way that edits the aforementioned registry key.
With SMS/SCCM, one could always build a script to make the change and configure the Program to run every time a user logs on. I used to do it this way, but grew tired of constantly needing to monitor that the advertisement is successful and there are not alot of failures…so I became my own thinktank to figure out a new process. What I realized is that I could use the existing WinXP registry tool (reg.exe) to make all the changes I need.
The process kind of looks like this: once there is no user logged into Windows, I run a script that
- Parses HKLM for every user profile
- Loads the discovered user’s registry hive
- Makes the HKCU change
- Unloads the user’s registry hive
- Moves onto the next profile
This even modifies the Default User’s profile so that anyone who logs onto the computer for the first time will already have this setting! Rinse. Repeat. Done.
NOTE: If you’re looking for a sample script to delete a registry key or value, see https://t3chn1ck.wordpress.com/2012/11/12/vbscript-to-delete-hkcu-values-or-keys/
'========================================================================== ' Author: Nick Moseley, https://t3chn1ck.wordpress.com ' Comments: This script will parse all User profiles on the computer, load their HKCU hive, ' then set the appropriate registry keys. ' History: ' 1.0 (04/07/2009) - Initial script ' 1.1 (06/03/2009) - Added example for setting dword values based on MyITForum question ' 1.2 (06/05/2009) - Added additional comments to identify the section where to define the values to be set ' 1.3 (09/23/2010) - Corrected comment typos '========================================================================== Option Explicit Const ForAppending = 8 Const HKLM = &H80000002 ' ************************************************ ' Configure the following values to define the HKCU keys to be set ' ************************************************ Const sStringUserKey = "\Software\SampleKey" Const sStringUserKeyValueName = "SampleValueName" Const sStringUserKeyValue = "SampleValue" Const sDwordUserKey = "\Software\SampleKey" Const sDwordUserKeyValueName = "SampleValueName" Const sDwordUserKeyValue = "SampleValue" ' ************************************************ Dim oReg, oFSO, oFile, oUserSubkey, aUserProfiles, oShell Dim sProfileLCase, sRegExe, sRegLoad, sRegUnload, sHiveName, sSubPath, sProfile, sValueName, sKeyPathUserProfiles, sValue, ReturnVal Set oReg = GetObject("winmgmts:\\.\root\default:StdRegProv") Set oShell = CreateObject ("WScript.Shell") Set oFSO = CreateObject ("Scripting.FileSystemObject") ' Begin configuration of existing user profiles sValueName = "ProfileImagePath" sKeyPathUserProfiles = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" sRegExe = "C:\Windows\system32\reg.exe" oReg.EnumKey HKLM, sKeyPathUserProfiles, aUserProfiles For Each oUserSubkey In aUserProfiles sSubPath = sKeyPathUserProfiles & "\" & oUserSubkey oReg.GetExpandedStringValue HKLM,sSubPath,sValueName,sValue sProfile = Split(sValue, "\") sProfileLCase = LCase(sProfile(2)) If sProfileLCase = "system32" Then ' Do nothing ElseIf sProfileLCase = "localservice" Then ' Do nothing ElseIf sProfileLCase = "networkservice" Then ' Do nothing ElseIf sProfileLCase = "serviceprofiles" Then ' Do nothing Else sHiveName = "TempHive_" & sProfileLCase ' Load user's profile hive into a temp location sRegLoad = " LOAD HKLM\" & sHiveName & " """ & sValue & "\ntuser.dat""" oShell.Run sRegExe & sRegLoad, 0, True ' Call subroutine to change registry key SetConfigUserHive (sHiveName) ' Unload user's profile hive sRegUnload = " UNLOAD HKLM\" & sHiveName oShell.Run sRegExe & sRegUnload, 0, True End If Next ' Default User Profile sHiveName = "TempHive_DefaultUser" sRegLoad = " LOAD HKLM\" & sHiveName & " ""C:\Documents and Settings\Default User\ntuser.dat""" oShell.Run sRegExe & sRegLoad, 0, True SetConfigUserHive (sHiveName) sRegUnload = " UNLOAD HKLM\" & sHiveName oShell.Run sRegExe & sRegUnload, 0, True WScript.Quit () Sub SetConfigUserHive (sTempHive) Dim sTempHiveStringKeyPath, sTempHiveDwordKeyPath ' Path of registry keys sTempHiveStringKeyPath = sTempHive & sStringUserKey sTempHiveDwordKeyPath = sTempHive & sDwordUserKey ' Create String registry key if the value doesn't already exist If oReg.GetStringValue(HKLM, sTempHiveStringKeyPath & "\", sStringUserKeyValueName) <> 0 Then ReturnVal = oReg.CreateKey(HKLM, sTempHiveStringKeyPath) End If ' Create Dword registry key if the value doesn't already exist If oReg.GetDwordValue(HKLM, sTempHiveDwordKeyPath & "\", sDwordUserKeyValueName) <> 0 Then ReturnVal = oReg.CreateKey(HKLM, sTempHiveDwordKeyPath) End If ' Create String value ReturnVal = oReg.SetStringValue(HKLM, sTempHiveStringKeyPath & "\", sStringUserKeyValueName, sStringUserKeyValue) ' Create Dword value ReturnVal = oReg.SetDwordValue(HKLM, sTempHiveDwordKeyPath & "\", sDwordUserKeyValueName, sDwordUserKeyValue) End Sub
This was an issue that I came across from our recent upgrade from SMS 2003 to SCCM 2007. While we were still using SMS, some systems had been cloned/p2v’d from a production system to a virtual then renamed. It wasn’t caught at the time, but it appears SMS may have been unable to automatically give the cloned SMS clients a new GUID. When we migrated to SCCM, these clients were fighting over which of them was the real and live system in SCCM, such that some client records would suddenly disapper from the console…then if they’re client was fixed, a different client record would disappear.
However, simply uninstalling/reinstalling the SCCM client was not resolving the issue. After some digging around, I found a couple of utilities to help rip out the SCCM client and force a new GUID to be assigned. I brought these utilities together and created a simple executable to coordinate the process. This was created with the old, but very reliable, SMS Installer, the code below is for that, but can easily be rebuilt as a vbscript.
If you have any questions about this process, feel free to leave me a comment and I can respond!
- On your computer, download and install the SMS 2003 Toolkit v2
- In the directory containing your SCCM client install, create a subdirectory (such as “SOURCE”)
- From the Toolkit directory, copy ccmdelcert.exe and tranguid.exe to the newly created subdirectory in previous step
- In the SCCM client install directory, create an executable or script that does the following in order
- Execute ccmdelcert.exe (wait for process termination)
- Delete the file %WINDIR%\SMSCFG.ini
- Execute ccmsetup.exe /uninstall (wait for process termination)
- Delete directory %WINDIR%\system32\ccm\
- Delete registry key HKLM\SOFTWARE\Microsoft\CCMSetup
- Delete registry key HKLM\SOFTWARE\Microsoft\SMS
- Execute ccmsetup.exe (wait for process termination)
Below is the ‘code’ for the SMS Installer executable that I built to facilitate this.
Document Type: IPF item: Global Version=6.0 Title English=Duplicate SCCM GUID Repair Flags=00000100 Languages=0 0 65 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 LanguagesList=English Default Language=2 Copy Default=1 Japanese Font Size=9 Start Gradient=0 0 255 End Gradient=0 0 0 Windows Flags=00000100000000010010110000011000 Message Font=MS Sans Serif Font Size=8 Disk Filename=SETUP Patch Flags=0000000000000001 Patch Threshold=85 Patch Memory=4000 FTP Cluster Size=20 end item: Check Disk Space end item: Set Variable Variable=ROOT Value=C: end item: Get Environment Variable Variable=WINDIR Environment=WINDIR end item: Execute Program Pathname=%INST%\SOURCE\ccmdelcert.exe Flags=00000010 end item: Delete File Pathname=%WINDIR%\SMSCFG.ini end item: Execute Program Pathname=%INST%\CCMSETUP.exe Command Line=/uninstall Flags=00000010 end item: Insert Line into Text File Pathname=%WINDIR%\system32\ccm\temp.txt New Text=TEMP Line Number=0 Flags=00010000 end item: Delete File Pathname=%WINDIR%\system32\ccm\temp.txt Flags=00001100 end item: Insert Line into Text File Pathname=%WINDIR%\system32\ccmsetup\temp.txt New Text=TEMP Line Number=0 Flags=00010000 end item: Delete File Pathname=%WINDIR%\system32\ccmsetup\temp.txt Flags=00001100 end item: Edit Registry Total Keys=1 Key=SOFTWARE\Microsoft\CCMSetup Root=130 end item: Edit Registry Total Keys=1 Key=SOFTWARE\Microsoft\SMS Root=130 end item: Execute Program Pathname=%INST%\CCMSETUP.exe Flags=00000010 end
When creating a Program for a Package, there are essentially two Environment options for how the Program run – with the user’s rights, or with administrative rights. Using administrative rights will cause the program to run the command line under system context (svchost).
I recently needed to test an install (when running under system context and when running from the SCCM server) as I was unable to visually see the behavior first hand (e.g. errors). To do this type of testing, follow these simple instructions.
- Log in to Windows with an account that has admin privileges
- Launch cmd.exe
- Enter “time” and get the value.
- Enter “at time+1min /i cmd” – this will open another command prompt at that time
For example, if the time is 14:18, the value time+1min will be 14:19
- Once the next command prompt opens, you’ll notice that process listed in the title bar is “svchost.exe”
- Enter “net use z: \\servername\share”
- Enter credentials that have access to the share, such as your own
- Then change to new driver letter and then to the directory. From there you can launch whatever .exe, .msi, script, etc, that you need visually see.
I used this process to confirm that executables and .msi files were being blocked with an Open File – Security Warning when running from a server share.
I was recently tasked with automating a disk cleanup and defrag for the XP workstations in our environment. Simple enough of a task using the built-in disk cleanup and defrag. But I thought I’d share some details of how I automated them…
Grasping how to peforming an unattended cleanup can be tricky. The first thing to understand is that selecting the various caches (Internet files, temporary files, trash, etc etc) is controlled through a “sageset”. You can think of a sageset as the configuration number which inidicates what diskclean should remove. So one could have a sageset which cleans up only trash, another sageset which cleans up trash and internet files, another sageset which cleans up all items except memory dump files, etc etc.
This sageset are DWORD values in HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\ in each subkey. For example, I want to cleanup only Internet Cache Files and assign sageset 99 to it. Within subkey “Internet Cache Files” I create the DWORD value name StateFlags0099 and give it the value 2. Then to cleanup this item, I simply run cleanmgr.exe /sagerun:99 – That’s it! To add more items to the sageset, all one needs do is add that StateFlags0000 (where the zeos are the sageset number created).
Make sense? For more information, see Q315246
Not too much doin’ here. I simply trigger defrag.exe c: -f
A neat thing about defrag is that you can first have it analyze the disk to see its fragmentation stats. Since I log SCCM installs/operations for workstations into a custom log file, I thought it would good to capture this analysis in the log file. Below is the vbscript code that I used to facilitate this…
Dim oFSO, oShell, oLogFile Const cForAppending = 8 Set oFSO = CreateObject("Scripting.FileSystemObject") Set oShell = CreateObject("WScript.Shell") Set oLogFile = oFSO.OpenTextFile ("C:\CustomLog.txt", cForAppending, True) Set oExecRun = oShell.Exec ("C:\Windows\system32\defrag.exe c: -a") ' Reads through the output of the analysis until it comes to Analysis Report... ' Then it writes the next line read into the log file Do While Not oExecRun.StdOut.AtEndOfStream If oExecRun.StdOut.ReadLine = "Analysis Report " Then 'extra spaces after report are critical! oLogFile.WriteLine " => Defrag Analysis Report:" & oExecRun.StdOut.ReadLine End If Loop oLogFile.Close
Need a good way to virtualize your test machines for testing SCCM deployments? Use the FREE VMWare Server!
Here is my quick guideline for getting started.
- Get yourself some beefy hardware. I’m using an HP Workstation xw6600T (Intel Xeon 2.33 GHz, 12 GB memory, and 320 GB SCSI disk).
- Get an eSATA external hard drive configured for RAID 0 and that has eSATA and/or FireWire connections (such as http://www.wdc.com/en/products/products.asp?driveid=410). Use this to run the bulk of your VMs on.
- Install your OS. I’m using Windows Server 2008 Standard x64.
Note: you’ll need to install an x64 OS if you have more than 3 GB of memory.
<< Update 4/15/11 – Do not use VMWare Server 2 – Win7 VMs will BSOD frequently. Instead, consider using SCVMM >>
- Download VMWare Server 2.
- Install VMWare Server. During the install, it is very important to change the default ports to 80 (for HTTP) and 443 (for HTTPS). This will save you from a headache in the long run.
- Download and install the VMWare vCenter Converter for converting your physical test machines to virtual machines.
Upon completion you will have a ready to use virtual environment; all you need do is convert your physical machines, launch the Server web interface, and add the new VM. Additional information on VMWare Server, for both install and operation, can be found on the VMWare website in the VMWare Server User’s Guide. The other cool thing is that you can remotely access the console for another computer on your network by going to http://systemname/ui
I have long wanted to begin blogging my IT experiences with SMS 2003 and SCCM 2007. With the frequent busyness of work, I kept putting it off….all the while I have had many things that I’ve wanted to share so that I can remember for the future.