none
Run once command after Sysprep RRS feed

  • Question

  • I'm testing Windows 7 with Sysprep and I'm having trouble duplicating some logic my XP machines follow. After sysprep runs, I want to call a batch file that's stored on the network when the local admin first logs in. I've included my autounattend.xml file below, but first I want to mention that my test machine needs OOB NIC drivers and I've got that sorted out (I think).

    <?xml version="1.0" encoding="utf-8"?>
    <unattend xmlns="urn:schemas-microsoft-com:unattend">
      <settings pass="windowsPE">
       <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
         <DriverPaths>
          <PathAndCredentials wcm:keyValue="1" wcm:action="add">
            <Path>c:\d</Path> 
          </PathAndCredentials>
         </DriverPaths>
       </component>
      </settings>
      <settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <WindowsFeatures>
            <ShowWindowsMail>false</ShowWindowsMail>
          </WindowsFeatures>
          <ComputerName>*</ComputerName>
          <CopyProfile>true</CopyProfile>
          <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>
          <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
          <ProductKey></ProductKey>
          <ShowWindowsLive>false</ShowWindowsLive>
          <TimeZone>Mountain Standard Time</TimeZone>
        </component>
        <component name="Security-Malware-Windows-Defender" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <DisableAntiSpyware>true</DisableAntiSpyware>
        </component>
        <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <RunSynchronous>
            <RunSynchronousCommand wcm:action="add">
              <Order>1</Order>
              <Path>net user administrator /active:yes</Path>
            </RunSynchronousCommand>
          </RunSynchronous>
        </component>
        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <SkipAutoActivation>true</SkipAutoActivation>
        </component>
      </settings>
      <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <InputLocale>en-us</InputLocale>
          <SystemLocale>en-us</SystemLocale>
          <UILanguage>en-us</UILanguage>
          <UserLocale>en-us</UserLocale>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <FirstLogonCommands>
    		<SynchronousCommand wcm:action="add">
              <CommandLine>call \\server\share\file.bat</CommandLine>
              <Order>1</Order>
              <RequiresUserInput>false</RequiresUserInput>
            </SynchronousCommand>
    	  </FirstLogonCommands>
          <OOBE>
            <HideEULAPage>true</HideEULAPage>
            <NetworkLocation>Work</NetworkLocation>
            <ProtectYourPC>1</ProtectYourPC>
          </OOBE>
          <UserAccounts>
            <AdministratorPassword>
              <Value>someStuff</Value>
              <PlainText>false</PlainText>
            </AdministratorPassword>
          </UserAccounts>
        </component>
      </settings>
      <cpi:offlineImage cpi:source="catalog:d:/sources/install_windows 7 professional.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
    </unattend>
    
    

    Also, how do I keep Windows from asking me to create a local user?

    Thanks.

    Tuesday, March 29, 2011 4:00 PM

Answers

  • Run the following command from a command line interface and tell me what your results are. Change the \\myserver... to your file share directory

     

    net use z: \\myserver\files /user:XXX\UserName /password:BLANK /persistent:NO
    

    • Marked as answer by Sabrina Shen Friday, April 22, 2011 1:54 AM
    Wednesday, April 13, 2011 2:59 PM
  • My apologies. There was a SPACE between "/user:" and "XXX\UserName" ... Remove that space and try to map to the share.
    • Marked as answer by Sabrina Shen Friday, April 22, 2011 1:54 AM
    Wednesday, April 13, 2011 3:01 PM

All replies

  • Since you've assigned to run the file.bat at OOBE, you need to specify what account privileges are allowed to run file.bat. I would do the following...

     

    - Create another batch file (map.bat) to map the network drive using the syntax below.

     

    Code Example (map.bat): 

    net use z: \\myserver\files /user: XXX\UserName /password:BLANK /persistent:NO

    or prompt for password:

    net use z: \\myserver\files /user: XXX\UserName /persistent:NO

     


    • Edited by _JoeG Tuesday, March 29, 2011 8:13 PM Error
    Tuesday, March 29, 2011 8:11 PM
  • The share where my batch file lives has NTFS permissions of Everyone:Read. Shouldn't that negate the need to enter credentials? Maybe I can move the command. The batch file checks the IP address and sets the time zone, then launches an .hta file which let's us specify the machine's OU and computer name, then join it to the domain. Is there better place to put the batch file?

    Thanks.

    Tuesday, March 29, 2011 8:57 PM
  • The account being used in OOBE should be the SYSTEM account I believe. That is why I would recommend mapping to the share location and assigning a NTFS users as the proper credentials.
    Tuesday, March 29, 2011 9:05 PM
  • I see what you're saying, but doesn't XP's sysprep process also use the SYSTEM account? Here's what part of my XP sysprep.inf file:

    [GuiRunOnce] Command0="cmd /c CALL \\server\share\file.bat"
    Wednesday, March 30, 2011 2:35 PM
  • Yes, you're correct. Keep in mind though... I don't know what commands you are calling in this file.bat, but in XP the commands that are carried out during setup are configured by a specific user account (i.e. Administrator). Based on the answer file you posted above, I don't see you logging in under administrator (i.e. AutoLogon as Admin = True) to perform the /call command.

     

    Therefore you need to assign the proper credentials in Windows 7 to be able to perform that task as a privileged user.  

     

     

    NOTE:
    FirstLogonCommands will execute only when an account with Administrator priviledges logs onto the computer for the first time... (http://bit.ly/fzOtv4)

    Wednesday, March 30, 2011 2:51 PM
  • That looks like what I need. I should be able to replace the <RunSynchronous> with <FirstLogonCommands>, right?
    Wednesday, March 30, 2011 5:00 PM
  • According to your answer file, that's the way you have it... Already set to <FirstLogonCommands>
    Wednesday, March 30, 2011 5:02 PM
  • Hehe, I was looking at the wrong section. I realized something today, there are no credentials for this share, it isn't a Windows server. The share is on a NAS that is accessible from WinPE without credentials. Shouldn't it also work at first login then too?
    Thursday, March 31, 2011 3:59 PM
  • Not sure... Just use my recommendations listed above and test to see if it works... It should.

     

    Thursday, March 31, 2011 4:02 PM
  • I've uploaded an updated .xml file (find it here), setupact.log (find it here), and local batch file (find it here).

    Here are the problems:
    1. I'm prompted to create a local users, which I don't want to do
    2. The Administrator account, while created, does not log in automatically. Instead, I get an error that says, "The user name or password is incorrect" when the machine reboots after sysprep
    3. The local script (which should do some echoing and map a drive) does not run
    It appears that parts of the answer file are being successfully processed because the IE homepage is set as described in the answer file.
    Friday, April 1, 2011 4:42 PM
  • I've uploaded an updated .xml file (find it here), setupact.log (find it here), and local batch file (find it here).

    Here are the problems:
    1. I'm prompted to create a local users, which I don't want to do
    2. The Administrator account, while created, does not log in automatically. Instead, I get an error that says, "The user name or password is incorrect" when the machine reboots after sysprep
    3. The local script (which should do some echoing and map a drive) does not run
    It appears that parts of the answer file are being successfully processed because the IE homepage is set as described in the answer file.

    EMAILmeATwhtguru_atGMAILdot...com

    Email these files.

    Friday, April 1, 2011 4:45 PM
  • Done and done. I assume I was supposed to remove the underscore from your address.
    Friday, April 1, 2011 7:29 PM
  • Yes, you are correct. :) 
    Friday, April 1, 2011 7:29 PM
  • Did you get my e-mail?
    Monday, April 4, 2011 9:00 PM
  • Yes. I did. I am trying to investigate where your issue is occurring. 

    Monday, April 4, 2011 9:27 PM
  • Hi,

     

    Is the issue resolved? If you have any questions or concerns, please feel free to let me know. 

      

    Regards,

     

    Sabrina

     

    TechNet Subscriber Support in forum.

     

    If you have any feedback on our support, please contact tngfb@microsoft.com

     

     


    This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, April 8, 2011 8:01 AM
  • I am still looking at the log files. 

     

    I do notice that the echo commands are not input correctly. At my earliest convenience, I will update and post the details here. 

    Friday, April 8, 2011 4:05 PM
  • Still having issues.
    Tuesday, April 12, 2011 2:27 PM
  • I have just replied back to you via email with the files I want you to use...

     

    • The XML looks fine.
    • firstLogin.txt now contains the following: 

     

     

    @ECHO OFF
    
    echo hi > c:\test.txt
    
    echo hi2 > c:\admin\test2.txt
    
    call /wait NETUSE.bat
    

     

     

    • NETUSE.txt (change ext to .bat) has the following lines of code for calling from firstLogin.txt:

     

    @ECHO OFF
    
    ECHO *****Mapping Z drive to XXX File Share ****
    
    net use z: \\myserver\files /user: XXX\UserName /password:BLANK /persistent:NO
    
    z:
    
    test.bat
    

     

    Tuesday, April 12, 2011 2:45 PM
  • Okay, here's what I've got.

    1. firstLogin.bat ran and echoed to c:\test.txt (I removed the other echo)
    2. netuse.bat didn't run. I added an echo from netuse.bat to c:\test.txt and it the message isn't in the text file
    3. I was prompted to create a local user account
    4. I entered the encrypted local admin password into the .xml, I got a "wrong password" message (but was able to log in with the password
    Tuesday, April 12, 2011 4:18 PM
  • Run the following command from a command line interface and tell me what your results are. Change the \\myserver... to your file share directory

     

    net use z: \\myserver\files /user:XXX\UserName /password:BLANK /persistent:NO
    

    • Marked as answer by Sabrina Shen Friday, April 22, 2011 1:54 AM
    Wednesday, April 13, 2011 2:59 PM
  • My apologies. There was a SPACE between "/user:" and "XXX\UserName" ... Remove that space and try to map to the share.
    • Marked as answer by Sabrina Shen Friday, April 22, 2011 1:54 AM
    Wednesday, April 13, 2011 3:01 PM
  • Hi, 

      

    Does the information which JoeG provided help?

     

    If you have any questions or concerns, please feel free to let me know. I am happy to be of further assistance.  :)

     

    Regards,

     

    Sabrina

     

    TechNet Subscriber Support in forum.

     

    If you have any feedback on our support, please contact tngfb@microsoft.com


    This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Tuesday, April 19, 2011 7:02 AM