Monthly Archives: April 2013

You are browsing the site archives by month.

Show Workstation Name in Computer Icon and Start Menu (BAT)

Purpose: Show the Workstation name on Desktop and Start Menu (natively)

The case everyone is familiar with (more or less) is the case of getting a customer to tell the support personnel their computer name. This can be done with multiple different ways (tag the computer with stickers, link username and computer name in your management tool, or create something that helps the user to tell it). The way I’m going to demonstrate is suited for some cases: create something that helps the user to tell it. In this case it is going to be by renaming the “Computer” icon on the public desktop and forcing it to be shown there. This will also then rename the Start Menu “Computer”.

Requirements: SetACL.exe (http://helgeklein.com/setacl/) / included in the download
Usage: start “Configure” /wait IT_OSD_BAT_ShowWorkstationNameInMyComputer.bat
Debugging: The script must be ran as NT AUTHORITY/SYSTEM (ie. the installing force of SCCM).
Configuration: No need.
Continue Reading

Enable Remote Desktop from Command-line (BAT)

Purpose: Enable Remote Desktop on Workstations from Command-line

To gain access to the unsuspecting victims.. er.. customers, you can use the magnificent built-in tool of RDP! This even allows you to do your work hidden so the customer will not actually see what you are doing, how neat is that? (Well of course this is not neat in a situation where the customer wants to show you something but lets not go into that.) To enable RDP on a remote workstation, you can use the following registry change. Like many configuration options, this can be implemented through various ways. This script can be added to SCCM as an application and use the registry change as Detection Method. This way – if the setting is already as we want – SCCM will not do anything on the workstation.

Usage: start “Configure” /wait IT_OSD_BAT_EnableRemoteDesktop.bat

Continue Reading

Enable Remote Registry Service (BAT)

Purpose: Start the Remote Registry service during system startup

In corporate environments, administrative users and support personnel might need to be able to access the remote workstation registry. In these scenarios, the work can be done without disturbing the customer and then just informing the customer that the fix has been made. Unless this is set in the workstation image, you need to enable this afterwards. Luckily it can be done easily through SCCM application deployment. There are plenty alternative ways to do this (GPO, Login script, OS image, Packages, etc.). This method is just as straightforward as any of them and allows you to track its progress through the environment using the built-in tools of SCCM.

Usage: start “Configure” /wait IT_OSD_BAT_EnableRemoteDesktop.bat
Debugging: Occurs during next login. Should you need faster, start it instantly as well.
This can be done by running the following command: sc.exe start RemoteRegistry. The extra registry key is just for SCCM to be used as an application anchor (detection method).

Continue Reading

Move a Computer to an Active Directory Organizational Unit (VBS)

Purpose: During a SCCM 2012 Computer Deployment, troubleshoot your AD permissions

Ok – before you start with all the “Hey dude, there is a built-in action to do this!” -talks, hear me out first. Remember all those SCCM Task Sequence changes you made? And then tried the Task Sequence out by installing an operating system? You noticed that you had problems getting a computer to move to the correct Active Directory (AD) Organisational Unit (OU)? Made some troubleshooting changes and then tried again? Here is where this script will come in handy! You do not need to run through the Task Sequence just to see if your computer will now actually move to the correct OU (because this can take an hour, right?). You could do a new Task Sequence, with only one action, just to test if your workstation moves around AD  – but lets not stress that delicate System Center product with this. Most of the time problems with handling workstations in AD through SCCM are about permissions.

Usage: cscript.exe IT_OSD_VBS_MoveComputerADOU.vbs (no parameters exist)
Debugging: You can uncomment the msgbox rows, to see what values you are receiving.
Configuration: You need to change the AD OU location to suit your own environment.

Continue Reading

Join a Computer to an Active Directory Security Group (VBS)

Purpose: During a SCCM 2012 Computer Deployment, join the current computer to an AD SG

So you have been given a task to automate installations, welcome. More importantly,  there are several (… OK, one is enough) actions that occur to the desktop if it would be a member of an Active Directory (AD) Security Group (SG).  There is no automatic GUI to do this in System Center 2012 Configuration Manager (even SCCM 2012 SP1 wont save you on this one). Therefore you must script it. My example is straightforward. First you must know the LDAP of the SG you want the computer to join.  If you are new to this, in this case LDAP is a fancy word for “AD PATH”.  An example of AD PATH to a SG:

Continue Reading

Create a Folder from an Environmental Variable (VBS)

Purpose: Create a folder, which name is received from an environmental variable.

You might need to create a folder (deliver a file, get the string, etc.) based on a custom environmental variable.  In my scenario, I had an installation done differently across the domain. The only way to deliver a file to the installation directory was to either check which folder exists in the workstation (and hope you found all the permutations) or use the environmental variable (that was same in each workstation). I chose the environmental variable. In this example, a usually existing environmental variable %WINDIR% (the location of the windows installation) is used.

Usage: cscript.exe IT_APP_VBS_CreateFolderFromEnvironmentalVariable (no parameters exist)

Configuration: You need to change the folder location and environmental variable to match.

Continue Reading