none
HideShell during non-OS Deployment RRS feed

  • Question

  •  I require HideShell to run in a Task Sequence that does not deploy an OS, it just initiates a reboot, installs a few applications, produces some logs and reboots again. This is a highly sensitive environment and no user interaction is allowed during the TS. Does anyone know of any way to use HideShell in this context, so not during an OS Deployment?

    Thanks

    Thursday, March 21, 2019 9:34 AM

Answers

  • Yes.

    Make sure your customsettings.ini has HIDESHELL=YES in the default section or you can specify that in the task sequence directly.

    As you can see in the picture above I also have a step that runs a script to set the "autologon". In my case I wrote a powershell script to set the needed registry settings

    $RegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
    $AdminPass = 'PASSWORDHERE'
    Set-ItemProperty $RegPath "AutoAdminLogon" -Value "1" -type String
    Set-ItemProperty $RegPath "AutoLogonCount" -Value "999" -type String
    Set-ItemProperty $RegPath "DefaultPassword" -Value $AdminPass -type String
    Set-ItemProperty $RegPath "DefaultUsername" -Value "Administrator" -type String
    Set-ItemProperty $RegPath "DefaultDomainName" -Value "." -type String
    
    Then add a RESTART step to your task sequence so that it will reboot, autologon as administrator but the shell will be hidden.


    Daniel Vega

    • Marked as answer by lukaswo76 Monday, March 25, 2019 9:20 AM
    Thursday, March 21, 2019 1:40 PM
  • The HideShell variable does not work, no matter if I configure it in customsettings or as a variable.

    This is a brand new lab with MDT8456 and ADK 1809. I am using OS ISOs from my Visual Studio Subscription.

    Just to clarify, I am starting the Task Sequence by accessing the share and executing litetouch.vbs.

    Edit: I was testing with Windows Server 2016, made a test run with Windows 10, same effect, doesnt work. Checked with Windows 7 and it works.

    I am using a "Custom Task Sequence" and I also tried

    https://blogs.technet.microsoft.com/mniehaus/2015/08/23/windows-10-mdt-2013-update-1-and-hideshell/

    But does the Custom TS use the unattend at all?

    Edit2: Seems solved! I added the registry keys Michael mentioned in his blog in a batch file and now it works! Seems like the Custom TS doesnt use unattend or I overlooked something.


    • Edited by lukaswo76 Friday, March 22, 2019 11:50 AM
    • Marked as answer by lukaswo76 Monday, March 25, 2019 9:20 AM
    Friday, March 22, 2019 10:54 AM

All replies

  • Yes.

    Make sure your customsettings.ini has HIDESHELL=YES in the default section or you can specify that in the task sequence directly.

    As you can see in the picture above I also have a step that runs a script to set the "autologon". In my case I wrote a powershell script to set the needed registry settings

    $RegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
    $AdminPass = 'PASSWORDHERE'
    Set-ItemProperty $RegPath "AutoAdminLogon" -Value "1" -type String
    Set-ItemProperty $RegPath "AutoLogonCount" -Value "999" -type String
    Set-ItemProperty $RegPath "DefaultPassword" -Value $AdminPass -type String
    Set-ItemProperty $RegPath "DefaultUsername" -Value "Administrator" -type String
    Set-ItemProperty $RegPath "DefaultDomainName" -Value "." -type String
    
    Then add a RESTART step to your task sequence so that it will reboot, autologon as administrator but the shell will be hidden.


    Daniel Vega

    • Marked as answer by lukaswo76 Monday, March 25, 2019 9:20 AM
    Thursday, March 21, 2019 1:40 PM
  • Thank You Dan!

    Will give it a go :)

    Friday, March 22, 2019 7:24 AM
  • The HideShell variable does not work, no matter if I configure it in customsettings or as a variable.

    This is a brand new lab with MDT8456 and ADK 1809. I am using OS ISOs from my Visual Studio Subscription.

    Just to clarify, I am starting the Task Sequence by accessing the share and executing litetouch.vbs.

    Edit: I was testing with Windows Server 2016, made a test run with Windows 10, same effect, doesnt work. Checked with Windows 7 and it works.

    I am using a "Custom Task Sequence" and I also tried

    https://blogs.technet.microsoft.com/mniehaus/2015/08/23/windows-10-mdt-2013-update-1-and-hideshell/

    But does the Custom TS use the unattend at all?

    Edit2: Seems solved! I added the registry keys Michael mentioned in his blog in a batch file and now it works! Seems like the Custom TS doesnt use unattend or I overlooked something.


    • Edited by lukaswo76 Friday, March 22, 2019 11:50 AM
    • Marked as answer by lukaswo76 Monday, March 25, 2019 9:20 AM
    Friday, March 22, 2019 10:54 AM
  • I completely forgot about that part because I implemented it back when that post came out...in 2015...and leave my systems configured that way. A custom TS or post OS TS won't use unattend, but if those registry changes are made (you can script that) or have been previously made, the the Hide Shell will work as expected.

    Daniel Vega

    Friday, March 22, 2019 1:10 PM