Advanced ADM Templates

I'm trying to develop a Windows deployment image that is intended to replace one that was poorly implemented and difficult to maintain. When we upgraded from Windows 2000 to XP our IT department had to manually recreate everyone's profile which they refuse to do again. We now need to find a solution to enforce settings and policies without altering the user's profile. Using Group Policies to enforce rules and settings would be preferable, however by default they are simply are not flexable enough.

For example: I would like to enforce a new background color so the desktop icon rectangles will properly blend with with new wallpaper however, the original color is retained within the user's roaming profile, and upon login this setting is ignored.

I noticed that in the registry when a user logs in, it creates temporary keys in HKEY_USERS that store the settings I want to alter: (e.g.: HKU\S-1-5-21-583907252-1993962763-1801674531-5838\Software\Classes\CLSID\{024CFC5C-4391-4EDD-86BA-5316B041A1D1}\InprocServer32\: "C:\Program Files\Moon Software\Shell Tools\FolderBackgroundShellExt.dll")

So essentially, I'm looking for a solution to access these S-1-5-xx-xxx... keys for each user that logs in but since these are generated upon login scripts cannot be hardcoded.

Note: I found PolicyMaker, after scouring google (microsoft bought them and are no longer distributing it for XP) that allows you to create your own policies but this to required that all registry paths be hardcoded.
troubledFishAsked:
Who is Participating?
 
QEDehConnect With a Mentor Commented:
the easiest way but i know your going to say no because there is a cost involved but you will have to have a windows 2008 server and at least xp pro or vista client machines.
this is because there are brand new GPO settings in 2008 that let you do lots of cool stuff.
your one would be that you can set regestry entries not only for individual users but also locked down to certain type of machines. e.g you can set a reg change for 1 user that changes when they move machines. it is extremly adaptable to your environment
you may of noticed an update come through for xp + vista called something like client side extensions.
that is what controls the new GPO settings.
if your really serious about making your life easier and your tech guys don't mess around with random utilities just put a bit of investment into 2008 and xp/vista and your life will be much much better and the time you save rather than messing with these utilities will be worth it
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.