Third and Fourth Boots If the autologon process is used to optimize NP logons then it adds a third and fourth boot to the process.



Similar documents
Preparing a Windows 7 Gold Image for Unidesk

AddLocalUser AddLocalGroup AddLocalUserToLocalGroup AddDomainUserToLocalGroup AddDomainGroupToLocalGroup

Integration Guide: Using Unidesk 3.x with Citrix XenDesktop

Deployment Guide: Unidesk and Hyper- V

User guide. Business

ACTIVE DIRECTORY DEPLOYMENT

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

Deep Freeze Enterprise - Advanced Maintenance & Autologon

Add User to Administrators Group using SQL Lookup Table

Table of Contents. OpenDrive Drive 2. Installation 4 Standard Installation Unattended Installation

Running 4D Server as a Service on Windows

webkpi SaaS ETL Connector Installation & Configuration Guide

Inteset Secure Lockdown ver. 2.0

Pcounter for Windows

Windows Offline Files

Server & Workstation Installation of Client Profiles for Windows

ILTA HANDS ON Securing Windows 7

XMap 7 Administration Guide. Last updated on 12/13/2009

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7

Windows Administration Terminal Services, AD and the Windows Registry. INLS 576 Spring 2011 Tuesday, February 24, 2011

LAB: Enterprise Single Sign-On Services. Last Saved: 7/17/ :48:00 PM

Password Manager Windows Desktop Client

LANDPARK NETWORK IP Landpark, comprehensive IT Asset Tracking and ITIL Help Desk solutions October 2016

Back-up Server DOC-OEMSPP-S/2014-BUS-EN-10/12/13

Contents 1. Introduction 2. Security Considerations 3. Installation 4. Configuration 5. Uninstallation 6. Automated Bulk Enrollment 7.

Setting up FileMaker 10 Server

How to - Install EventTracker and Change Audit Agent

Using an Edline Gradebook. EGP Teacher Guide

User Manual Web DataLink for Sage Line 50. Version 1.0.1

Installation Guide - Client. Rev 1.5.0

Quick Start Guide. User Manual. 1 March 2012

Creating client-server setup with multiple clients

Server & Workstation Installation of Client Profiles for Windows (WAN Edition)

Nobeltec TZ: Microsoft SQL Server problems

How To Backup Your Computer With A Remote Drive Client On A Pc Or Macbook Or Macintosh (For Macintosh) On A Macbook (For Pc Or Ipa) On An Uniden (For Ipa Or Mac Macbook) On

PROJECTIONS SUITE. Database Setup Utility (and Prerequisites) Installation and General Instructions. v0.9 draft prepared by David Weinstein

Upgrading from MSDE to SQL Server 2005 Express Edition with Advanced Services SP2

NetSpective Logon Agent Guide for NetAuditor

NAS 253 Introduction to Backup Plan

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

Hosted Connecting Steps Client Installation Instructions

One step login. Solutions:

START YOUR INVENTORY WITH SCANFRE

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Learn how to create web enabled (browser) forms in InfoPath 2013 and publish them in SharePoint InfoPath 2013 Web Enabled (Browser) forms

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Stellar Phoenix Exchange Server Backup

Miami University RedHawk Cluster Connecting to the Cluster Using Windows

Volume AGKSOFT. Wayne Nucleus Back Office Software. Nucleus Guide

User Profile Manager 2.6

Deployment of Keepit for Windows

Windows Server Password Recovery Techniques Courtesy of Daniel Petri

Registry Tuner. Software Manual

DocAve Upgrade Guide. From Version 4.1 to 4.5

Driver Updater Manual

Embarcadero Performance Center 2.7 Installation Guide

PUBLIC Password Manager for SAP Single Sign-On Implementation Guide

Windows Boston. Group Policy Group Policy Basics. Published 2007 Clyde G. Johnson, MCSE, A+

Qsync Install Qsync utility Login the NAS The address is :8080 bfsteelinc.info:8080

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

InventoryControl for use with QuoteWerks Quick Start Guide

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

Setting Up the Device and Domain Administration

HELP DOCUMENTATION E-SSOM INSTALLATION GUIDE

User Manual. Copyright Rogev LTD

Blackbaud FundWare Installation and Update Guide VERSION 7.60, JULY 2010

Netwrix Auditor. Virtual Appliance Deployment Guide. Version: 8.0 8/1/2016

VMware Quick Start Guide

OneStop Reporting 3.7 Installation Guide. Updated:

Installing IDEA v8 Client Software on Citrix Server Environment

COMMONWEALTH OF PA OFFICE OF ADMINISTRATION. Human Resource Development Division. SAP LSO-AE Desk Guide 15 T H J A N U A R Y,

Qbox User Manual. Version 7.0

Remote Access: Internet Explorer

1. Scope of Service. 1.1 About Boxcryptor Classic

Changing Your Cameleon Server IP

How To Upgrade Your Microsoft SQL Server for Accounting CS Version

Windows 10 and Enterprise Mobility

New in this release: On-Demand Sync. Known Issues: Limitations: Previous version features:

Managing Windows Environments with Group Policy

Administration Guide. . All right reserved. For more information about Specops Gpupdate and other Specops products, visit

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Managing Windows Environments with Group Policy 50255D; 5 Days, Instructor-led

MS-50255: Managing, Maintaining, and Securing Your Networks Through Group Policy. Course Objectives. Required Exam(s) Price.

Using Microsoft Visual Studio API Reference

ProSystem fx Document

Setting up your new Live Server Account

ENABLE LOGON/LOGOFF AUDITING

Xythos on Demand Quick Start Guide For Xythos Drive

CS SoftDent Practice Management Software Installation Guide for Client/Server Configurations

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

Server Configuration and Deployment (part 1) Lotus Foundations Essentials

MailStore Outlook Add-in Deployment

Vodafone PC SMS (Software version 4.7.1) User Manual

How To Install Database Oasis On A Computer Or Computer (For Free)

Copyright 2011 DataNet Quality Systems. All rights reserved. Printed in U.S.A. WinSPC is a registered trademarks of DataNet Quality Systems.

These instructions were tested on OS X Earlier or later versions may have slight or major differences in how things work and appear.

Install Guide for Time Matters and Billing Matters 11.0

SmartSync Monitor Help

Out n About! for Outlook Electronic In/Out Status Board. Administrators Guide. Version 3.x

Transcription:

Unidesk Desktop Build and Scripting Documentation Guide This guide is intended to provide Unidesk customer and partners with an understanding of how Unidesk desktops are built and the scripting options included with the Unattended build process 4.7 and later. In the document we will provide an overview of the build process. For a much more detailed description of the build process please refer to the Unidesk Desktop Build Process Scripting4.7.doc. Version 4.7 and later includes the ability to easily integrate build, boot and logon scripts from within layers. See the appropriate sections below to learn more about this functionality. Desktop Build Process Summary Unidesk utilizes the standard Microsoft build process that starts with Windows mini-setup. During mini-setup the desktop goes through two phases of the unattended installation process, Specialize and OOBE. At the end OOBE process the windows setup calls a script called setupcomplete.cmd where the desktop is rearmed to provide the base image with a new Machine ID (CMID) that is unique, synchronized with a broker, and optimized using the optimizations.cmd which is defined by the Unidesk Optimization Script Builder. Following the rearm the machine will run several defined and optional scripts covering Windows Activation, GPO Updates, and NP desktop logon optimization. If KMS is used for the desktops, the desktops will be activated every boot to ensure that desktops are always remain activated. The basic steps during the build are: First boot (Specialize Pass mini-setup) Mini-setup is stated on the first boot after the desktop is BIC d in Unidesk. During this stage of setup services are started the first time, devices are installed, system settings are applied and the Administrator account is added. Second Boot (OOBE pass mini-setup) During the second boot shell setup, International Core Setup and Regional Settings are applied. Following the domain join setupcomplete.cmd is run. Setupcomplete.cmd performs runs the optimizations.cmd, runs a script that waits for View to sync security information if View is the broker, and rearms the desktop. Following the setupcomplete any startup GPO s are run for the first time. The unattend.xml Builder installs a Unidesk provided script called KMSSETUP.CMD as a startup script. This script is used during the build process and later during every desktop boot to handle many scripting functions including: 1. Waits for the Network to Come Up 2. Runs GPUpdate (optional) 3. Adds Windows Search(optional) 4. Activates Windows (during build) 5. Activates Office (optional one time only) 6. Adds NoReReg entries to default profile(optional one time only) 7. Remove Windows Store Icon (optional) 8. Adds Shutdown Scheduled Task (optional one time) 9. Runs Autologon (optional for NP desktop optimization) 10. Runs Scripts defined in layers via the UI 11. Activates Windows (every subsequent boot) Third and Fourth Boots If the autologon process is used to optimize NP logons then it adds a third and fourth boot to the process.

Setting Up the Gold Image or OS Layer If you are upgrading to version 4.7 see section below on how to migrate from pre 4.7 to 4.7 of the Unattend/Optimize process. If you are installing Unidesk into a new Gold Image just extract the Gold Image Tools zip into the c:\windows\setup\scripts folder. This should create a kmsdir folder that is used for most of the script files and a regfiles folder that stores reg files used to restore active setup tasks if that is ever necessary. The zip will also add many files to the scripts folder itself. Some of these are utilities and some scripts. They include: Utilities 1. Unattend32.exe and Unattend64.exe The utility used to create the unattend.xml file that acts as the answer file for the unattended windows setup. This utility will also create a set of special folders used to provide easy to include scripting from within layers. 2. Optimize32.exe and Optimize64.exe The utility used to create the optimizations.cmd script as well as several other optimizations that are normally included during the build process. 3. AppConfig32.exe and AppConfig64.exe The utility used to configure common application scripts including Office Activation, Office NoReReg, Group Policy Updates, and NP Desktop Optimizations. Most of these work by saving flag files into the scripts or kmsdir folders in conjunction with the KMSSETUP.CMD script. PowerShell Scripts 1. RunBuildScripts.ps1 2. RunSystemScripts.ps1 3. RunUserScripts.ps1 CMD Scripts 1. SetupComplete.cmd 2. ActivaetOffice.cmd 3. NoreReg.cmd Integrated Scripting Folders When you enable user logon script folders and system startup script folders using the Unattend Builder there are 5 folders created in the c:\windows\setup\scripts folder: during_build, system_runevery, system_runonce, user_runevery, and user_runonce. These folders allow for easy deployment of scripts to Unidesk desktops. Simply add a CMD file to one of these folders when creating a layer and the script will automatically be run at the defined time. The script files must be uniquely named otherwise one layer would mask another and the script from the lower priority layer would not run. During_build Scripts run during_build are launched by a PowerShell script called in the KMSSETUP.CMD file. The PowerShell script will enumerate all scripts in the during_build folder and run them under the SYSTEM security context. This runs after the Group Policy Update (if chosen). System_runevery and system_runonce Scripts added to the system_runevery and system_runonce folders will be run whenever a desktop is booted. The scripts are launched from the kmssetup.cmd script. They will also be run in the Local SYSTEM context. The commands are run using a powersehll script called runsystemscripts.ps1 RunSystemScripts.ps1 will first check the runmode of the desktop and if it is not 1 it will exit. This ensures it will never run on a gold image or Install Machine. It then enumerates and CMD files in the System_runevery and system_runonce folders and runs them if found. For the System_runonce scripts after the CMD script is run the script is renamed to *.alreadyrun.txt.

User_runevery and User_runonce Scripts added to the user_runevery and user_runonce folders will be run whenever a user logs on. In order to support this a local or domain logon script must be added pointing to c:\windows\setup\scripts\runuserscripts.ps1. They CMD files will run in the user s context. The script commands will not be visible to the user. RunUserScripts.ps1 will first check the runmode of the desktop and if it is not 1 it will exit. This ensures it will never run on a gold image or Install Machine. The script will then check the following reg key: HKCU:\Software\Unidesk\UserScripts\ If the key does not exist it is created. The script then enumerates any CMD files in the user_runevery then user_runonce folders and runs them if found. For the user_runonce scripts after the CMD script is run the script name is added to the registry key shown above as a separate registry key. This key is checked before running any of the run once scripts and if they key is already present the script is skipped. By using the registry to store this information we can ensure that each user will run the script only once. If the desktop is a NP desktop of course the script will run once per boot per user. Very Important for Windows 8.1 Desktops In Windows 8 Microsoft introduced a standard delay for logon scripts. The default delay is 5 minutes. This means that if you do not change the delay, logon scripts will not run until 5 minutes after logon. This is normally not desired. To change the logon delay modify the following policy in either your Domain policies or a local policy: Computer Configuration > Administrative Templates > System > Group Policy > Configure Logon Script Delay Upgrading From a Previous Version If you are upgrading from a previous version follow these instructions: 1. Add a version to your OS layer 2. Backup your existing scripts by copying the entire c:\windows\setup\scripts folder to a safe location ie network share 3. Delete everything in the scripts folder except the optimizations.cmd file. 4. Unblock the zip file in Windows by editing the properties of the zip 5. Extract the new version into the scripts folder 6. Run the Unattend Builder. This will load your existing unattend.xml file. If you want to use the new scripting functionality just click save. This will create several critical files and folders including the runato.cmd and setupcomplete.cmd and the new scripting folders. If you do not want to use the new scripting functionality uncheck the appropriate boxes. 7. Run the Optimizer as desired. Remember to load current settings after opening. 8. Run the AppSetup as desired 9. If you had any custom scripting add it using the new CMD folder feature either in the OS layer or in an Application layer appropriate for the script. Configuring Special Features This version of the Unattend/Optimzer/AppSetup utility has several integrated features. These features will be outlined here. CMD File Integration (Unattend XML Builder) As discussed above this feature is installed by the Unattend Builder and provides the ability to easily integrate build, boot and logon scripts added within layers. When using the Unattend Builder if you choose to include user logon scripts the utility will prompt you to run gpedit.msc because you must set up a policy to run the user logon script. The system will also open a text file for you to copy and

paste the path for the script c:\windows\setup\scripts\runuserscripts.ps1 into the policy at User Configuration-> Windows Settings->Scripts-> Logon Scripts->PowerShell Scripts. One thing important to keep in mind about this is that the scripts must be CMD files not PowerShell or bat files. To run PowerShell scripts call them from the CMD file. Remember to that if the scripts are run as user logon scripts the users must have access to whatever files you use in the scripting. When the user_runonce folder is created users are given modify rights to that folder so the scripts can be renamed in the users context. You must also ensure that they have read and or write access to other folders you might use in your scripts. Example An example of a script you might use the user logon scripting for is to configure putty with a set of server connections. After updating your OS layer with the new unattend/optimzer then add a putty layer. Create a putty folder in program files and add putty.exe to that. Then configure putty as desired. Go into regedit and export HKCU\SOFTWARE\SimonTatham to a file named putty.reg and store that in the c:\program files\putty folder with putty. Then add a cmd file into the c:\windows\setup\scripts\user_runonce folder that loads the reg file using the following cmdline: regedit /s "c:\program files\putty\putty.reg" Add a putty shortcut to the desktop or start menu if desired. Finalize the layer and try it. Of course there are many things you can do with this framework in place. Windows Search (Optimzer) Windows search has been problematic for Unidesk desktops. The issue is that several applications integrate in with Search. When these applications are layered they may during the layering process create search indexes. The indexes then conflict with each other when added in different layers. The best solution to this issue is to remove the Windows Search Feature from the OS layer and add it back to desktops when they build. This feature is configured in the Optimzer and enabled by default. When you save optimizations the feature will be removed from your OS layer. Then it will be added during the build process or for existing desktops it will be added the first time the desktop is booted after applying the new OS layer. For NP desktops you must build new desktops if adding this feature so that the Search feature can be added to the desktop during the build process. Of course search on NP desktops will never be too fast because indexes are deleted on every logout. Force GP Updates (AppConfig Utility) This will run GPUpdate during the build so that NP desktops have their policies updated prior to freezing their UEP volumes. Create Autologon User (AppConfig Utility) This feature is used to speed up NP desktop logins slightly. See the layering recipe for NP Desktop performance Optimization. Disable Reset on Logout (AppConfig Utility) This feature can be used in a situation where you do not want to reset NP desktops on logout because turnover of many desktops at one time would cause infrastructure issues or make it so not enough desktops are available to meet demand. The classic use case for this is a student lab in a classroom where 40 desktops are logged out of and logged in to basically at the same time. This setting is normally combined with the next settings Shutdown Desktops Nightly.. See the layering recipe for NP Desktop performance Optimization. Shutdown Desktops Nightly (AppConfig Utility) This features will add a scheduled task to shutdown the desktops randomly over a defined hour every night. This feature is usually used in conjunction with Disable Reset on Logout and provides a mechanism to reset the desktop once

a day. Be careful using this feature when the desktop is shut down the user is notified but the desktop reboot happens whether a user is logged on or not.. See the layering recipe for NP Desktop performance Optimization. Disable Active Setup Tasks (AppConfig Utility) This feature is also used to speed up NP desktop logon. Windows 7 includes a set of tasks that every user runs the first time they log on to a computer. On a persistent desktop these only run once so that only the first logon takes longer. On a NP desktop every logon is the first logon so they all take longer. Active setup tasks are not necessary they are mainly for obsolete software. Removing these entries can shorten logon considerably. However if a mandatory profile is used for NP desktops then this feature will not be required.. See the layering recipe for NP Desktop performance Optimization. Activate Office via KMS during desktop build (AppConfig Utility) Since Office is so often used by customers we added activation scripting to make it easier for customers to activate Office for NP desktops while they build. This feature will add flag files to the scripts folder that tell the ActivateOffice.cmd script what versions of office to activate. To use this feature add the flag file for each office layer in its own layer. SO when adding Office 2010 open the AppConfg utility and save the Office 2010 flag file. Then in the Visio layer include the Visio Flag file etc. If the Flag files are present when the machine is built that application will be included in KMS activation. Note this works for KMS activation only. Define NoReReg for Office (AppConfig Utility) When different versions of Office are installed on the same desktop it causes a battle over Office registration. This is one of the reasons Microsoft does not support mixing Office versions. By default if you have two separate versions of office applications installed whenever you switch from one to the other the Office Configuration Wizard will run. This is very annoying for users. A partial solution to this problem is to add NoReReg (No re Registration) keys to the default profile for the Office version used less frequently. The NoReReg registry keys tell that version of office not to re-register when that particular application is run. This feature allows you to select which major version of Office software you want to set NoReReg for and it creates a flag file to tell the NoReReg.cmd script to process that version. Note this will work both if added before desktop creation and after for NP desktops but it will run every boot if added after the initial build. This is still not a good solution because the registration will still happen once for both versions and on a NP desktop that means once per logon. The only good solution is to use a single version of Office as Microsoft Recommends. Windows 8.1 Specific Features (Optimizer) These three features are specific to Windows 8.1. These features can be used to increase logon performance of NP desktops when using Window s 8.1. Without dealing in some way with the windows store a NP logon under Windows 8 can be more than 6 minutes. Disable the App Readiness Service This will speed up logins considerably on Windows 8 desktops. Beware this will disable the Windows App Store Functionality in Windows 8. Remove bundled Windows Store Apps. This will speed up Non-Persistent desktop logins. Note: this is difficult to undue on a desktop once it is built. This is not necessary if Disable the App Readiness Service was selected. However if this option is used the Store is still enabled, only the standard Apps are removed. Disable the Store App If you want to disallow use of the Windows Store then choose this option. If users try to load the store they will receive an error saying that the administrator has disabled the store on this computer. This will also remove the Windows Store Icon from the Taskbar.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information