?
Solved

Advanced ADM Templates

Posted on 2008-06-10
1
Medium Priority
?
392 Views
Last Modified: 2013-12-12
I'm trying to develop a Windows deployment image that is intended to replace one that was poorly implemented and difficult to maintain. When we upgraded from Windows 2000 to XP our IT department had to manually recreate everyone's profile which they refuse to do again. We now need to find a solution to enforce settings and policies without altering the user's profile. Using Group Policies to enforce rules and settings would be preferable, however by default they are simply are not flexable enough.

For example: I would like to enforce a new background color so the desktop icon rectangles will properly blend with with new wallpaper however, the original color is retained within the user's roaming profile, and upon login this setting is ignored.

I noticed that in the registry when a user logs in, it creates temporary keys in HKEY_USERS that store the settings I want to alter: (e.g.: HKU\S-1-5-21-583907252-1993962763-1801674531-5838\Software\Classes\CLSID\{024CFC5C-4391-4EDD-86BA-5316B041A1D1}\InprocServer32\: "C:\Program Files\Moon Software\Shell Tools\FolderBackgroundShellExt.dll")

So essentially, I'm looking for a solution to access these S-1-5-xx-xxx... keys for each user that logs in but since these are generated upon login scripts cannot be hardcoded.

Note: I found PolicyMaker, after scouring google (microsoft bought them and are no longer distributing it for XP) that allows you to create your own policies but this to required that all registry paths be hardcoded.
0
Comment
Question by:troubledFish
1 Comment
 
LVL 2

Accepted Solution

by:
QEDeh earned 2000 total points
ID: 21760902
the easiest way but i know your going to say no because there is a cost involved but you will have to have a windows 2008 server and at least xp pro or vista client machines.
this is because there are brand new GPO settings in 2008 that let you do lots of cool stuff.
your one would be that you can set regestry entries not only for individual users but also locked down to certain type of machines. e.g you can set a reg change for 1 user that changes when they move machines. it is extremly adaptable to your environment
you may of noticed an update come through for xp + vista called something like client side extensions.
that is what controls the new GPO settings.
if your really serious about making your life easier and your tech guys don't mess around with random utilities just put a bit of investment into 2008 and xp/vista and your life will be much much better and the time you save rather than messing with these utilities will be worth it
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
Most folks would know the basics of how Dropbox works, so that’s not the purpose of this article. Security is what it’s all about, so here I’ll share how I choose to secure my Dropbox Account and the Data it contains.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question