Solved

Advanced ADM Templates

Posted on 2008-06-10
1
381 Views
Last Modified: 2013-12-12
I'm trying to develop a Windows deployment image that is intended to replace one that was poorly implemented and difficult to maintain. When we upgraded from Windows 2000 to XP our IT department had to manually recreate everyone's profile which they refuse to do again. We now need to find a solution to enforce settings and policies without altering the user's profile. Using Group Policies to enforce rules and settings would be preferable, however by default they are simply are not flexable enough.

For example: I would like to enforce a new background color so the desktop icon rectangles will properly blend with with new wallpaper however, the original color is retained within the user's roaming profile, and upon login this setting is ignored.

I noticed that in the registry when a user logs in, it creates temporary keys in HKEY_USERS that store the settings I want to alter: (e.g.: HKU\S-1-5-21-583907252-1993962763-1801674531-5838\Software\Classes\CLSID\{024CFC5C-4391-4EDD-86BA-5316B041A1D1}\InprocServer32\: "C:\Program Files\Moon Software\Shell Tools\FolderBackgroundShellExt.dll")

So essentially, I'm looking for a solution to access these S-1-5-xx-xxx... keys for each user that logs in but since these are generated upon login scripts cannot be hardcoded.

Note: I found PolicyMaker, after scouring google (microsoft bought them and are no longer distributing it for XP) that allows you to create your own policies but this to required that all registry paths be hardcoded.
0
Comment
Question by:troubledFish
1 Comment
 
LVL 2

Accepted Solution

by:
QEDeh earned 500 total points
ID: 21760902
the easiest way but i know your going to say no because there is a cost involved but you will have to have a windows 2008 server and at least xp pro or vista client machines.
this is because there are brand new GPO settings in 2008 that let you do lots of cool stuff.
your one would be that you can set regestry entries not only for individual users but also locked down to certain type of machines. e.g you can set a reg change for 1 user that changes when they move machines. it is extremly adaptable to your environment
you may of noticed an update come through for xp + vista called something like client side extensions.
that is what controls the new GPO settings.
if your really serious about making your life easier and your tech guys don't mess around with random utilities just put a bit of investment into 2008 and xp/vista and your life will be much much better and the time you save rather than messing with these utilities will be worth it
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Let’s list some of the technologies that enable smooth teleworking. 
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now