Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VB script needed: Load the (win7) default profile & add a RunOnce entry for sccm 2012 TS OSD

Posted on 2014-04-04
14
Medium Priority
?
561 Views
Last Modified: 2015-05-25
VB script needed: Load the (win7) default profile & add a RunOnce entry.

Eventually to be used in as task sequence in SCCM 2012 R2 OS-Deployment-if that make any difference in permissions or impersonations, etc.

I have sampled several people's scripts for IE settings, wallpaper, etc. but after editing them down for just what I need, I just can't get any of them to work (errors) when I test them in a command window.  

Don't know much about VB scripting...so instead of posting the different scripts I've tried:

Does anyone have a down and dirty VB script for:
-Loading the default profile's registry hive;
-writing a NEW string value (REG_SZ) entry in the RunOnce key; &
-unloading the hive?
0
Comment
Question by:cencal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 2
  • +1
14 Comments
 
LVL 65

Assisted Solution

by:RobSampson
RobSampson earned 1000 total points
ID: 39979481
Hi, this VBScript would load the DEFAULT hive on Windows 7.

Set oShell = CreateObject("WScript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
If LoadHive("DEFAULT") = True Then
	RegKey = "HKEY_USERS\DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce"
	RegVal = "cmd.exe"
	DoRegChange RegKey, RegVal
	UnloadHive "DEFAULT"
End If

Sub DoRegChange(RegKey, RegVal)
      WScript.Sleep 1000
      oShell.RegWrite RegKey, RegVal
End Sub

Function LoadHive(strUsername)
      If objFSO.FileExists("C:\Users\" & strUsername & "\NTUser.Dat") Then
            oShell.Run "cmd /c Reg load " & "HKU\" & strUsername & " " & """C:\Users\" & strUsername & "\NTUser.Dat""", 0, True
            LoadHive = True
      Else
            LoadHive = False
      End If
End Function

Sub UnloadHive(KeyPath)
      oShell.Run "cmd /c Reg unload " & "HKU\" & KeyPath, 0, True
End Sub

Open in new window


One question though....isn't the HKEY_USERS\.DEFAULT key always loaded, and the one you could modify without having to load any hives?

Also, bare in mind this would only affect new users logging on.  Any existing users would not receive the same keys and values.

Regards,

Rob.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39979482
No need for vbscript, you can use reg.exe.

Mount HKEY_USERS hive and add the entry, then unmount.
0
 
LVL 18

Expert Comment

by:Mike T
ID: 39980341
Hi,

Can you step back a bit and explain what exactly it is you want to achieve. It may well be you don't need any script. All I'm getting here is you want inject a run-once key in the default user profile which suggests you want new users to run a task once the first time they logon to a machine.

There is a known issue with OSD vs Run-once mind, which is explained and solved here:
http://myitforum.com/myitforumwp/2011/11/09/osd-and-runonce/

Note as Jason says "task-sequences run as System" so hacking the default user profile is unlikely to work during OSD.

Mike
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:cencal
ID: 39984481
Rob,
".default" is not the same as the 'default' user.  and ".default" does not have a RunOnce key.

So I actually need to load the actual default user profile.....we can temporarily call it whatever we want like 'tempdefault' or something.

Then (A) create a new string value (REG-SZ) and (B) name it something like 'RunCmdFile'....then (C) give it a value ...... which will be a path to the *.cmd file on a network share...for testing we can have it just point to "c:\temp\test.cmd"

Also, a few things about your script:
(1) when I run it without any edits, I get:
   line:      16
   Char:      7
   Error:      Object requred: 'objFSO'
   Code:      800A01A8
(2) Since this is Windows 7...shouldn't line 17 read """C:\users instead of """C:\Documents and Settings?
(3)  See Mike's comment with a concern about a task sequence in SCCM 2012r2 running in the SYSTEM account....would we need to impersonate something like the local administrator?  
strComputer
strComputer = "."
then some line about impersonating???  Sorry, probably not wording this correctly.
0
 

Author Comment

by:cencal
ID: 39984487
Netman66,
I need this to be done when the image is being placed on the PC....too much word to do it manually on each PC....even if I exported a *.reg file it would be too much work with all the PCs in my company.
Thanks for the reply though.
0
 

Author Comment

by:cencal
ID: 39984506
Mike,
Without going into the long explanation, there are a lot of things that I need to happen the first time the user logs onto the PC...and they need to happen transparently to the user.  Attempting to do these all with VBscripts, group policy, etc. just ran us into too many errors...so we decided to go simple for now and figure out the advanced stuff later....like we had a VBscript to create shortcuts to certain network and local folders....sometimes it would create the shortcut but the shortcut thought it was a file shortcut and not a folder shortcut, so didn't work......just once example of many issues.
Also, we are rolling out Win7 ASAP and we don't have time to go back and redo the default profile in the image...will do that later.

Next, I too am concerned about the SCCMr2 OSD task sequence (as opposed to MDT) running the task as "SYSTEM" but had not gotten that far...could not get one to completely work from the command line yet.
I'm wondering if there is some way to impersonate the "local administrator" on the "local machine"?

Any thoughts?
0
 
LVL 65

Assisted Solution

by:RobSampson
RobSampson earned 1000 total points
ID: 39984638
>> a few things about your script

You are correct, I have fixed a couple of things in  original posted script.
1) Added an objFSO declaration and set it to the FileSystemObject
2) Changed "Documents and Settings" to "Users"...I had modified an XP version of the script
3) I wouldn't think you need to impersonate any accounts.  The local SYSTEM has full rights to the local system, and still has a profile, so loading, writing, and unloading reg keys shouldn't be a problem.

With that code, you should be able to load any NTUser.dat that you need.

Regards,

Rob.
0
 

Author Comment

by:cencal
ID: 39984646
To All:
this *.cmd works (though I have not tested it in the task sequence yet).
What I'm looking for is a VB script that does the same thing...with any impersonations it may need.

@ECHO OFF
REM Load the default profile hive
SET HKEY=HKU\TempDefault
REG LOAD %HKEY% %SystemDrive%\Users\Default\NTUSER.DAT

REM Add a RunOnce Key
REG ADD "%HKEY%\Software\Microsoft\Windows\CurrentVersion\RunOnce" /v RunCmdFile /t REG_SZ /d c:\temp\test.cmd /f


REM Unload the default profile hive
REG UNLOAD %HKEY%
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 39984652
>> The local SYSTEM has full rights to the local system, and still has a profile, so loading, writing, and unloading reg keys shouldn't be a problem.

That is, unless you need to read files from a network location on which computer accounts do not have read rights....if you must do that, then add Domain Computers to the rights of the folders they need to read.

Rob.
0
 
LVL 65

Assisted Solution

by:RobSampson
RobSampson earned 1000 total points
ID: 39984656
To add that value using my script, you can change lines 4 and 5 to this
	RegKey = "HKEY_USERS\DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\RunCmdFile"
	RegVal = "c:\temp\test.cmd /f"

Open in new window


Regards,

Rob.
0
 

Author Comment

by:cencal
ID: 39984663
Thanks Rob....I'll try the edited script....your first reply today came seconds before I pressed the submit on my 'To All' comment.
Lets cross our fingers.
0
 
LVL 18

Expert Comment

by:Mike T
ID: 39984860
Hi,

On a previous project they used sysprepto add a GUIrunonce as below

[GuiRunOnce]
    Command0="c:\yourpath\script.vbs"

This gets around the system context as it runs sysprep as system and puts any script in the registry renounce key. The important thing here is that the TS can do whatever it needs and reboot as needed and the runonce will not trigger. It will only kick in when the TS ends and removes the custom GINA (the progress bar).

In the script I think we set autologon as admin once and then we copied a custom NTuser.dat overwriting the default user and rebooted. It was an XP build that they were too scared to change, but that's another story!

Mike
0
 

Accepted Solution

by:
cencal earned 0 total points
ID: 40787552
As I ran out of time, I just ended up creating a package that ran the *.cmd similar to above but with network shares instead of local shares and put it in a task sequence.
Thanks for all your help and comments.......When I get around to fixing this they will be a big help.
0
 

Author Closing Comment

by:cencal
ID: 40794682
Accepted my solution only because I ran out of time to fully test out the others....but eventually, their comments will lead to the VB solution while mine just used chewing gum to fix it until I learn more.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
Over the years I have built up my own little library of code snippets that I refer to when programming or writing a script.  Many of these have come from the web or adaptations from snippets I find on the Web.  Periodically I add to them when I come…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question