Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cannot run EXPLORER.EXE from Domain accounts after sysprep

Posted on 2014-02-26
7
Medium Priority
?
1,120 Views
Last Modified: 2014-07-16
I am using MDT 2013 & WDS on Server 2012 to deploy Windows7 x64. If I run the Sysprep and Capture task sequence and then deploy the image all domain accounts on the system get the following error when ever EXPLORER.EXE is invoked.

"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

If I skip the capture and just join it to the domain it works fine. I thought that maybe it had something to do with the Default Profile but existing and newly created local accounts do not exhibit this issue.

Our profiles are redirected to the network. I thought maybe that was an issue but we have an older image built and deployed from MDT 2010 on Server 2K8. Deploying the older image from this server works fine deploying that same image from the 2012 server does not.

The only relevant difference I can see is WinPE. The other server runs an older version. The 2012 server is running the MDT 2013 WinPE (Win8).

My next step is to remove the domain join sequence to see if it makes a difference. After that I will figure out how to build an older version of PE for deployment.

Antivirus is not included in the image.

One other oddity is that I have the big red X through the NIC in the tray but the network is fine.

This is so odd.

Any help is greatly appreciated!
0
Comment
Question by:MarkMelanson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 39891566
just to double check if the source computer (where the image was captured) was in the domain before capturing the image? It should NOT be in the domain. Every new build using or based on the image should join in the domain individually.
0
 

Author Comment

by:MarkMelanson
ID: 39891596
No. It was never in the domain.

Sorry I failed to mention that.
0
 
LVL 37

Expert Comment

by:bbao
ID: 39891624
thanks for the clarification.

one more thing. were the image's OS and applications installed and configured using the SAME user account with ADMIN priviligies?
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:MarkMelanson
ID: 39891833
Yes. All the installs are automated and run during the task sequence.
0
 

Author Comment

by:MarkMelanson
ID: 39894766
I am going to re-create the task sequence from scratch.
0
 

Accepted Solution

by:
MarkMelanson earned 0 total points
ID: 40191077
It is a profile issue. I had to delete the older .DAT files. I think USRCLASS.DAT was the culprit.
0
 

Author Closing Comment

by:MarkMelanson
ID: 40198828
The script below resolved the issue:

@echo off
PUSHD %~DP0
CLS
echo.
echo Deleting NTUSER Junk in Default Profile...
DEL /ah /f C:\users\Default\*.log*
DEL /ah /f C:\users\Default\NTUSER.DAT{*
echo Deleting APPDATA Junk in Default Profile...
del /AH /F C:\Users\default\AppData\Local\Microsoft\Windows\USRCLASS.dat.*
del /AH /F C:\Users\default\AppData\Local\Microsoft\Windows\USRCLASS.dat{*
popd
echo.
echo Done
1

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring Remote Assistance for use with SCCM
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question