Middlebury

Advanced PC Config Topics

NOTE: This page contains information that is only useful to Helpdesk / ITS faculty and staff.

Printing & Printers : creating a script to install a network printer for all users

  • Command: cmd
  • Arguments: /c RUNDLL32 PRINTUI.DLL,PrintUIEntry /ga /n\\papercut\LIB105 & net stop "Print Spooler" & net start "Print Spooler"


LabStats Topics

Adding a new lab in LabStats

Just follow the links in the admin interface. Don't forget to:

  • Set the permissions (Administrators => Edit group permissions) to allow public users to view the lab (if that is desired).
  • Add a lab map (if that is desired)


Adding a new lab map in LabStats

  • Login to the admin interface
  • Labstats uses "lab" configurations as the basic building block. To create a lab map, you first need to have a lab configuration for the particular computer lab. If there is no configuration for the particular computer lab, go into "Labs", add the new Lab. If the computers for this lab are already deployed with the lab stats client, they will appear in the Labs menu under "Unassigned" computers. Reassign them to the new Lab.
  • Go into the LabMaps section. Add a new map, choose the lab configuration. Drag the computers to arrange them. There are also some custom icons for doors, printers, scanners - use those if you'd like.
  • Finally, remember to assign permissions to the user called "Public User". Click on "Administrators", click on "Edit Group Permissions", click on "Public User", near the bottom of the page find the new lab, select it and place checkmarks next to "View Lab Map" and anything else you want the public to see.


Symantec Ghost Topics

( Note : Ghost has been discontinued - but information is still useful )
Using the Ghost Boot Wizard to create a bootable USB flash disk

A bootable USB flash disk with Ghost can be used to:

  • deploy the ghost console
  • deploy a ghost image from the network to a local disk
  • deploy a ghost image from one local disk to another
  1. Insert the USB flash disk (BACKUP ALL DATA FROM IT AS IT WILL BE ERASED!)
  2. Start the Ghost boot wizard from the Ghost console (or from c:\Program Files\Symantec\Ghost\Ghost Boot Wizard.exe)
  3. Select "Standard Ghost Boot Package" if you don't need network access.
    1. Next.
    2. If the drive you will be imaging TO is a USB drive, pick the USB option. Same with the SCSI
    3. Click next until you get to the "Destination Drive" section.
  4. Select "Network Boot Package" if you DO need network access.
    1. Next.
    2. Pick "Multicard Template"
    3. Select ALL the cards (see the section below on adding a new card).
    4. Click next until you get to the "Destination Drive" section.
  5. Select "Format Disk" and click Next. When it finishes, click "Finish".


Using the Ghost Boot Wizard to create an image of the ghost console partition

The ghost console partition is used to image a machine over the network. Any computer booted from the ghost console partition can be controlled by the Ghost server and an image can be pushed onto it. This is how we image labs.

To create a ghost image of the ghost console partition:

  1. Start the Ghost boot wizard from the Ghost server console (or from c:\Program Files\Symantec\Ghost\Ghost Boot Wizard.exe)
  2. Select "Ghost Console Partition"
  3. Next.
  4. Pick "Multicard Template" and select ALL the cards. If your network card is not in the Multicard template, you will need add it manually. See the section below on adding a driver for a new card. Once you add the driver for a new card manually, you cannot include it in the Multicard Template. You will need to create a separate ghost console image, just for computers with that new network card. When you add the driver for the new card, the driver will appear on the main screen of the ghost boot wizard. The procedure for creating a console image with the new driver is the same, instead of selecting the Multicard template, select the new driver.
  5. Click next until you get to the "Ghost Image Details" section. Here, click browse and choose where the ghost image should be saved. You can also enter a description for the ghost image.
  6. Click Next and then click "Finish" when finished.

This way, the Ghost Boot Wizard creates an uncompressed Ghost console image. This works fine, except it's a little slow when deploying the image. To speed it up, deploy the image to a computer or a flash drive, don't reboot. Then use Ghost again to create an image from the computer or the flash drive that you just ghosted. Choose to compress the new image. You can replace your previous console image with the new, compressed one, as it will be faster to deploy.


What to do if my network card is NOT in the multicard template You will need a separate ghost console image for this situation.

  1. Follow the procedure outlined here: Adding_More_Network_Card_Drivers - this will allow you to add drivers for your network card.
  2. Then follow Using_the_Ghost_Boot_Wizard_to_create_an_image_of_the_ghost_console_partition, insted of choosing "Multicard Template", choose the network card driver you added in step 1.


Combining a bootable USB flash disk with the ghost console image Using the procedures above you create two things:

  • A bootable USB stick with ghost on it
  • A ghost image to be deployed

You can actually copy the ghost console image to the USB flash disk. You can put it anywhere, but for this example it should be in the folder called "ghost" on the USB flash disk:

Contents of USB Flash Disk:
IBMBIO.COM
IBMDOS.COM
AUTOEXEC.BAT
COMMAND.COM
CONFIG.SYS
GHOST <-- Ghost console partition image goes here
MOUSE.COM
NET
MOUSE.INI

Now you can boot from the USB flash disk, and when ghost loads you can go: Local => Disk => From Image and then select your ghost console partition image.

Adding More Network Card Drivers

  • Note: If you're having trouble finding the right Intel driver, visit http://support.dell.com and obtain the driver from there - Dell's drivers include dos drivers and are easy to extract. They not necessarily up to date, though.



Modifying the Multicard Template

NOTE : this does not work in the latest version of Symantec Ghost (the one we have). Workaround: create a ghost console image for each computer that's absent from the multicard template. Put each ghost console image on a bootable USB flash drive, as outlined in: Combining_a_bootable_USB_flash_disk_with_the_ghost_console_image.


Advanced Image Creation with Symantec Ghost

Skipping Certain Files: You can create a "skipfile" to "skip" (or exclude) certain files while creating the image. This is useful for decreasing the size of the image and making it more portable. For example it can be used to exclude the hibernation file or the page file. E.g.

skipfile should contain the following text:

[ghost exclusion list]
*\pagefile.sys
*\hiberfile.sys
[end of list]

Then run ghost.exe with the flag -skip=@skipfile. *

This can also be used to allow KeyAccess (the KeyServer client) to be installed on the image. For details, see www.sassafras.com/hrl/6.1/clone.html


Large Scale Software Deployment, Account and Settings Management

Change the security or file system permissions on a file or a folder using a script

%windir%\system32\cacls.exe "C:\Program Files\MINITAB 14 Student" /T /E /C /G Everyone:R
%windir%\system32\cacls.exe "C:\Program Files\MINITAB 14 Student" /T /E /C /G Everyone:W
%windir%\system32\cacls.exe "C:\Program Files\MINITAB 14 Student" /T /E /C /G Everyone:C
  • Notes: run cacls /? to get information on the syntax.
  • Please remember to OMIT the slash at the end of a folder name:
    Good: "C:\Program Files\MINITAB 14 Student"
    BAD!!!!: "C:\Program Files\MINITAB 14 Student\"  (note slash before " -- remove the slash)


Associate an extension or file type with a program using a script

assoc .dg5=deltagraph
ftype deltagraph="C:\Program Files\DeltaGraph 5\dg5.exe" "%1"
  • Notes: Commands need to be run as an admin. Changes are immediate. This doesn't give a fancy icon to the file type.

Copy Office 2007 Quick Access Toolbar Settings to Default User

Office 2007 (e.g. Word 2007) stores the quick access toolbar settings in "C:\Documents and Settings\%username%\Local Settings\Application Data\Microsoft\Office" in files that end with ".qat". If you use the "copy to default user" technique, anything under "Local Settings" does NOT get copied over. If you really want to control the quick access toolbar settings you will have to create this folder: "C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Office" folder and manually copy over any "qat" files from your template user account.


Install and Config Lab Software

See: Install and Config Lab Software

Change the desktop wallpaper with a script

REG ADD "HKCU\Control Panel\Desktop" /V Wallpaper /T REG_SZ /F /D "%SystemRoot%\energybliss.bmp"

followed by

%SystemRoot%\System32\RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters


Get a list of globally installed printers

rundll32 PRINTUI.DLL,PrintUIEntry /ge

Delete a globally installed printer

RUNDLL32 PRINTUI.DLL,PrintUIEntry /gd /n\\papercut\BIH117

Install a printer globally with a script

RUNDLL32 PRINTUI.DLL,PrintUIEntry /ga /n\\papercut\BIH117
net stop "Print Spooler"
net start "Print Spooler"

Set a printer as default with a script

RUNDLL32 PRINTUI.DLL,PrintUIEntry /y /n "\\papercut\BIH117"

To set the printer as default globally (for all users) you will need to put this in a bat file and place that bat file in Docs&Settings\All Users\Start Menu\Programs\Startup

Two Installed Versions of PowerPoint, Word or Excel, set one as default

Click on Start => Run => Enter

"C:\Program Files\Microsoft Office\OfficeXX\ZZZ.EXE" /regserver

Where XX is a number (11 for Office 2003, 12 for Office 2007) and ZZZ.EXE is the name of the executable for word, excel or ppt (WINWORD.EXE or EXCEL.EXE or POWERPNT.EXE). E.g. set PowerPoint 2003 as the default powerpoint:

"c:\program files\Microsoft Office\OFFICE11\POWERPNT.EXE" /regserver


Performing Silent Software Installations

These are referred to as silent, unattended or network installation / deployment.

  • Any application installer in MSI format can be installed silently, provided that the manufacturer didn't make the installer extremely complex (e.g. LabVIEW) :
MSIEXEC.EXE /I "path and filename of MSI" /QB- /LWAMOE c:\temp\install.log ALLUSERS=1

More detail here: http://www.appdeploy.com/articles/commandline.asp



Add domain users or groups to the local Administrator group

net localgroup Administrators "MIDD\GROUPNAME" /add


Add or change a system variable permanently
For XP and earlier you need the XP SP2 Support Tools from microsoft. http://www.microsoft.com/downloads/details.aspx?FamilyID=49ae8576-9bb9-4126-9761-ba8011fabf38&displaylang=en - part of these tools is the command line utility setx

setx path "%PATH%;c:\blast-install\bin"
setx DATA "c:\blast-install\data"
setx BLASTDB "c:\blast-install\db"


Computer is slow right after login

Start => Run => cmd

Paste: start /wait Rundll32.exe advapi32.dll,ProcessIdleTasks

Add a Windows Firewall exception with a script

netsh firewall set allowedprogram "C:\Program Files\RealVNC\VNC4\winvnc4.exe" "VNC-LabManager" enable

Building a kiosk configuration - disabling various explorer, taskbar and start menu items

See http://www.pctools.com/guides/registry/id/42/

Update and sync date and time using a script

REM Update time
w32tm /config /manualpeerlist:time.middlebury.edu
w32tm /config /update
net stop w32time
net start w32time
w32tm /resync


Active Directory Domain and Group Policy Notes

Troubleshooting Group Policy

  • You can use gpresult to see what policices were applied. gpedit /z gives very verbose info.
  • User|machine policies stored in regedit: HKCU|HKLM\Software\Policies -- the history of applied per-user group policies is in HKCU|HKLM\Software\Microsoft\Windows\CurrentVersion\GroupPolicy\History
  • Per-user policies supposedly applied upon login and every 90mins. Per-machine policies on bootup.
  • I had one instance where two different GPOs were modifying the same setting. Judging by the inheritance tab, one of them should've trumped the other, but neither was getting applied.
  • Per-machine settings trump per-user settings (per-user settings may not get applied).
  • To immediately apply group policies (or refresh group policies) on the client (first two for Windows 2000, maybe XP+?, last one works with XP+, maybe 2k?):
    SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE
    SECEDIT /REFRESHPOLICY USER_POLICY /ENFORCE
    gpupdate /force
  • Replication between the domain controllers occurs every 15-30 minutes, so keep that in mind when testing new settings (after updating a GPO it may take a bit for the machines checking for updates to get the updated GPO).

Creating a local user on a Windows computer that's joined to a domain

See: Creating a local user on a Windows computer that's joined to a domain

Troubleshooting Sysprep

Sysprep Log Files

Sysprep logs Windows setup actions in different directories, depending on the configuration pass. Because the generalize pass deletes certain Windows Setup log files, Sysprep logs generalize actions outside the standard Windows Setup log files. The following table shows the different log file locations that are used by Sysprep.

Item Log Path

generalize

%WINDIR%\System32\Sysprep\Panther

specialize

%WINDIR%\Panther\

Unattended Windows setup actions

%WINDIR%\Panther\Unattendgc

Troubleshooting NetDom

Netdom.exe creates a log file at %windir%\Debug\netsetup.log

- Computer should not be already bound to domain

- Time must be accurate


Script to change (or reset) the machine account password (for a client machine bound to AD)

(requires nltest from the Windows XP resource kit)

nltest /SC_CHANGE_PWD:middlebury.edu

Distributing Specific Applications on a Large Scale

QuickTime

  • QuickTime is an msi, so pushing it or packaging it is OK.
  • Occasionaly the MIME settings break (broken quicktime icon with a question mark in Firefox or Internet Explorer; empty file types and MIME types in QuickTime Control Panel). The only solution I've found is to uninstall QuickTime, then reinstall it. If user accounts created from default user exibit this behaviour, you will need to create an admin account (e.g. "testadmin"), login to it, uninstall/reinstall quicktime, log out, log into another admin account, copy the fixed account (e.g. "testadmin") to default profile.


Misc

Add a message at the login screen of a Windows computer:
See http://www.tech-recipes.com/rx/255/windows-xp-change-the-logon-message/

Get a list of installed applications using a script
wmic /output:c:\AppList.htm product get name,version

Deleting an OEM Partition or Symantec Ghost Console partition using diskpart An OEM partition (such as a recovery partition, a diagnostic partition or a Symantec Ghost Console partition) cannot be deleted from Control Panel => Adminstrative Tools => Computer Management => Disk Management. You can, however, delete such a partition using the command line "diskpart". Procedure:

Start => Run => cmd => OK Type the commands below. Replace # with the number of the disk or partition that you find using the "list" command.

diskpart
list
select disk #
list
select partition #
delete partition override
exit
Powered by MediaWiki