Solved

Sysprep Vista ~ How to delete sysprep.xml file upon sysprep completion

Posted on 2007-04-09
6
1,318 Views
Last Modified: 2008-01-09
I am working to setup a Vista VPC template.  I need the template to AutoJoin the domain (still trying to get this to work).  The sysprep setting responsible for doing this requires that credentials with the proper rights be added to the sysprep xml file.  This was fine in the old version because once sysprep completed the file was deleted so i never had to worry about users finding the file and discovering the account with elevated rights.  But in Vista the file is not deleted and these credetials exist in clear text.  Anyone know of a way around this?
Thanks
0
Comment
Question by:mentok74
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 18877572
How about kicking off a script in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce that deletes the sysprep file?
0
 

Author Comment

by:mentok74
ID: 18878154
Sounds like that would meet my needs but i don't know much about scripting, what would something like that look like?  Any suggested resources for researching such a solution?  Thanks for the reply.
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 18878337
Sure...just put the following in a file:
---------------------------------------
del C:\windows\sysprep\* /q
---------------------------------------
Save the file as cleanup.cmd.  Make you have a copy of the sysprep files before you run this command.  Go into regedit and drill to the location given above.  If you had the script say in C:\temp, you would make a new key (name can be anything) and make a new string value of "C:\temp\cleanup.cmd"  Now sysprep the machine.  On the very first login, it should delete the sysprep files and should only run once.  

Let me know if that works for you.
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 22

Accepted Solution

by:
Adam Leinss earned 500 total points
ID: 18878345
Sorry, I thought I editted that, it should be "del C:\windows\SYSTEM32\sysprep* /q"
0
 

Author Comment

by:mentok74
ID: 18909028
Hey Aleinss,
I finally got around to trying your solution and it worked!!!  I have little to no experience with scripts so i really appreciate you taking the time to outline it for me.  A million thanks!!!
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 18909049
No problem.  From my reading, it appears that Microsoft assumes you will be using KMS for activation, therefore the product key security is less of an issue and thus they do not delete the sysprep directory/file anymore.  In your case, it's the credentials embedded within the sysprep file which is also a security concern.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi All Just a quick one for everybody. I was recently looking into setting the default User Account Picture for all my vista clients within the network but on closer inspection the group policy setting only allows you to set the default pictur…
There are many reasons a PC runs slower than when it was new, ranging from malicious software intended to mess things up to simple general Windows use.  Your PC performance may slowly degrade over time without you noticing but when you buy a PC from…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question