reg.exe DELETE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing /f
start “” C:\Windows\System32\mstsc.exe
Reference: https://technet.microsoft.com/en-us/library/cc758805%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
Lab Core | The Lab of MrNetTek
A blog about IT, technical solutions, and code.
reg.exe DELETE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing /f
start “” C:\Windows\System32\mstsc.exe
Reference: https://technet.microsoft.com/en-us/library/cc758805%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
rem The Microsoft Scrubber
microsoftscrubber.vbs Groove
rem Delete the start menu icon
del /q “C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk”
rem Delete the registry key
reg DELETE “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GrooveRetail – en-us” /f
This is the silent install for the Google Drive Plugin
msiexec.exe /i “%CurDir%\driveforoffice.msi” /qn /norestart
Reference: https://support.google.com/drive/answer/2374989?hl=en
I created this to install Visual Superscript using LANDesk.
This was compiled using EXEScript.
@echo on
title Visual Superscript
Set CurDir=%CD%
taskkill /f /im Alchemy.exe
taskkill /f /im VisSuper.exe
rem extract source files – I used WinRAR to pack files
cls
Echo Installing Visual Superscript…
“%CurDir%\extract.exe”
rem install Visual Script
cls
Echo Installing Visual Superscript…
“%CurDir%\setup.exe” /s /v”/qn”
c:\windows\system32\msiexec.exe /i “%CurDir%\Visual SuperScript Educational.msi” /qn /norestart
rem add firewall exception
c:\windows\system32\netsh.exe firewall add allowedprogram “C:\Visual SuperScript\APP\ALCHEMY\Alchemy.exe” “Alchemy” ENABLE
rem copy main shortcut to desktop
copy /y “%CurDir%\Visual Superscript Educational.lnk” “C:\Users\Public\Desktop\”
rem add start menu icons – I used WinRAR self-extract here
“%CurDir%\StartMenu.exe”
rem session cleanup
del /q “%CurDir%\SETUP\auto_01.ini”
del /q “%CurDir%\SETUP\autoptn.ini”
del /q “%CurDir%\SETUP\autorun.exe”
del /q “%CurDir%\SETUP\back.bmp”
del /q “%CurDir%\SETUP\change.wav”
del /q “%CurDir%\SETUP\click.wav”
del /q “%CurDir%\SETUP\exit.wav”
del /q “%CurDir%\SETUP\over.wav”
del /q “%CurDir%\SETUP\start.wav”
del /q “%CurDir%\SETUP\vb40032.dll”
del /q “%CurDir%\0x0409.ini”
del /q “%CurDir%\3of9.ttf”
del /q “%CurDir%\autorun.inf”
del /q “%CurDir%\Data1.cab”
del /q “%CurDir%\dynazip.exe”
del /q “%CurDir%\extract.exe”
del /q “%CurDir%\faxhook.exe”
del /q “%CurDir%\faxviewer.exe”
del /q “%CurDir%\hhupd.exe”
del /q “%CurDir%\institutional-upda9005.exe”
del /q “%CurDir%\instmsia.exe”
del /q “%CurDir%\instmsiw.exe”
del /q “%CurDir%\progbar.exe”
del /q “%CurDir%\setup.exe”
del /q “%CurDir%\setup.ini”
del /q “%CurDir%\vfp7run.exe”
del /q “%CurDir%\vfp8run.exe”
del /q “%CurDir%\Visual SuperScript Educational.msi”
del /q “%CurDir%\StartMenu.exe”
del /q “%CurDir%\Visual Superscript Educational.lnk”
if exist “%CurDir%\SETUP\” rd /q /s “%CurDir%\SETUP\”
if exist “%CurDir%\SETUP\” rd /q “%CurDir%\SETUP\”
exit /b 0
Reference: http://www.daaenterprises.com/site/vss.htm
I created this—to work with a custom boot.wim—to automatically boot to WinPE and run a set of commands. Those commands were to erase the contents of the hard drive; to be used to remotely wipe machines.
You will need to modify a boot.wim and add any code for formatting in the startnet.cmd. The boot.wim will be delivered as part of your package, or already exist on a hidden drive partition (best option for speed). Basically, you’re telling the computer to change the boot menu and point to your modified boot.wim, force a reboot, boot to WinPE, and then execute the list of commands in the startnet.cmd.
Deployed using desktop management software (tested in LANDesk and SCCM)
deploy.cmd
@echo off color 0a title Administrative Boot Loader setlocal :: USE THE FOLLOWING SET OF COMMANDS TO CREATE A RAMDISKOPTIONS :: OBJECT IN THE BCD STORE. THE STRING "{RAMDISKOPTIONS}" IS THE :: WELL-KNOWN NAME FOR THE OBJECT'S GUID. :: SET LOCAL STORE set bcdstore=C:\boot\bcd :: RAMDISK OPTION \\%computername%\c$\windows\system32\bcdedit.exe /create {ramdiskoptions} /d "Retire Utility" \\%computername%\c$\windows\system32\bcdedit.exe /set {ramdiskoptions} ramdisksdidevice partition=c: \\%computername%\c$\windows\system32\bcdedit.exe /set {ramdiskoptions} ramdisksdipath \boot\boot.sdi :: CREATE A NEW BOOT ENTRY FOR RETIRE UTILITY bcdedit.exe -create /d "Retire Utility" /application OSLOADER for /f "tokens=3" %%A in ('\\%computername%\c$\windows\system32\bcdedit.exe -create /d "Retire Utility" /application OSLOADER') do set guid1=%%A echo The GUID is %guid1% :: SET WHERE THE LOCAL RETIRE BOOT.WIM IS LOCATED \\%computername%\c$\windows\system32\bcdedit.exe /set %guid1% device ramdisk=[C:]\boot\retire\boot.wim,{ramdiskoptions} \\%computername%\c$\windows\system32\bcdedit.exe /set %guid1% path \windows\system32\boot\winload.exe \\%computername%\c$\windows\system32\bcdedit.exe /set %guid1% osdevice ramdisk=[C:]\boot\retire\boot.wim,{ramdiskoptions} :: CREATE A BOOT ENTRY FOR WINDOWS \\%computername%\c$\windows\system32\bcdedit.exe /set %guid1% systemroot \Windows \\%computername%\c$\windows\system32\bcdedit.exe /set %guid1% winpe yes \\%computername%\c$\windows\system32\bcdedit.exe /set %guid1% detecthal yes \\%computername%\c$\windows\system32\bcdedit.exe /displayorder %guid1% /addlast :: THIS SETS BOOT TO BE DEFAULT \\%computername%\c$\windows\system32\bcdedit.exe /default %guid1% :: SETS TIME TO 1 SECOND \\%computername%\c$\windows\system32\bcdedit.exe /timeout 1 endlocal :: EXIT WITH SUCCESS shutdown /r /f /t 0 exit /b 0
Next
Once WinPE loads, startnet.cmd launches. In that file, I diskpart the machine with government standard formatting.
Notes
If this is a BitLocked drive, you could blow away the TPM BIOS settings. Erase those settings using the deploy.cmd script. I would add that portion to the beginning of the script. So the very first thing that happens—before the reboot—is the data on the drive becomes permanently inaccessible, online or offline.
I created this to install AlertLogic from LANDesk. This will run in the ‘System’ account.
@echo on
set CurDir=%CD%
set ThisVer=2.1.1.0
REM CREATE EVENT LOG
\\%computername%\c$\windows\system32\EVENTCREATE.exe /T INFORMATION /L Application /ID 777 /d “Alert Logic %ThisVer% package installation STARTED by LANDesk”
REM INSTALL ALERTLOGIC
rem stop service
\\%computername%\c$\windows\system32\sc.exe stop “al_agent”
\\%computername%\c$\windows\system32\ping.exe -n 10 127.0.0.1>nul
rem install msi – use CurDir or a static [UNC] path to your msi
\\%computername%\c$\windows\system32\msiexec.exe /i “%CurDir%\al_agent.msi” prov_only=host
rem YOUR KEY GOES HERE
prov_key=b5ffb33f532d8263e3c55ad5336108b6dfdd21433356803677 /qn /norestart REBOOT=ReallySuppress
rem config service as automatic
\\%computername%\c$\windows\system32\sc.exe config al_agent start= auto
rem start service
\\%computername%\c$\windows\system32\sc.exe start “al_agent”
rem found in service config
rem “C:\Program Files (x86)\AlertLogic\agent\al-agent.exe” -d
REM STAMP REGISTRY
\\%computername%\c$\windows\system32\REG.exe ADD “HKEY_LOCAL_MACHINE\SOFTWARE\MYSOFTWARE\AlertLogic\%ThisVer%” /v InstallDate /d “%date% %time%” /t REG_SZ /f
\\%computername%\c$\windows\system32\REG.exe ADD “HKEY_LOCAL_MACHINE\SOFTWARE\MYSOFTWARE\AlertLogic\%ThisVer%” /v InstalledBy /d “LANDesk” /t REG_SZ /f
REM CREATE EVENT LOG
\\%computername%\c$\windows\system32\EVENTCREATE.exe /T INFORMATION /L Application /ID 777 /d “Alert Logic %ThisVer% package COMPLETED SUCCESSFULLY!”
exit /b 0
Reference: https://www.alertlogic.com/
Create your own elevation tool. This is to be compiled.
;#include <MsgBoxConstants.au3> ;RUN AS WITH WAIT Elevate() Func Elevate() Local $strUserName = “administrator” Local $strPassword = “mypassword” Local $strDirectory = “C:\Windows\” Local $strFiletoRun = “notepad.exe” ;RunAsWait ( “username”, “domain”, “password”, logon_flag, “program” [, “workingdir” [, show_flag [, opt_flag]]] ) RunAsWait($strUserName, @ComputerName, $strPassword, 0, $strDirectory & $strFiletoRun) ;MsgBox($MB_SYSTEMMODAL, “Title”, “Message”, 5) EndFunc ;OTHER INF ; THIS IS HOW PROFILE/LOGON FLAG IS HANDLED ; $RUN_LOGON_NOPROFILE (0) – Interactive logon with no profile. ; $RUN_LOGON_PROFILE (1) – Interactive logon with profile. ; $RUN_LOGON_NETWORK (2) – Network credentials only. ; $RUN_LOGON_INHERIT (4) – Inherit the calling process’s environment instead of the user’s environment. ;EXAMPLE ; ; Fill in the username and password appropriate for your system. ; Local $sUserName = “administrator” ; Local $sPassword = “mypassword” ; ;Run a command prompt as the other user. ; RunAsWait($sUserName, @ComputerName, $sPassword, 0, “delprof.exe /Q /I /P /D:1”, “”) ; RunAsWait($sUserName, @ComputerName, $sPassword, 0, “ccleaner.exe /auto”, “”) ; RunAsWait($sUserName, @ComputerName, $sPassword, 0, “JkDefragCmd.exe”, “”) ;ANOTHER EXAMPLE ;RUN AS – NO WAIT, OR WAIT A SPECIFIED TIME ;Example() ;Func Example() ; ; Change the username and password to the appropriate values for your system. ; Local $sUserName = “Username” ; Local $sPassword = “Password” ; ; Run Notepad with the window maximized. Notepad is run under the user previously specified. ; Local $iPID = RunAs($sUserName, @ComputerName, $sPassword, $RUN_LOGON_NOPROFILE, “notepad.exe”, “”, @SW_SHOWMAXIMIZED) ; ; Wait 10 seconds for the Notepad window to appear. ; WinWait(“[CLASS:Notepad]”, “”, 10) ; ; Wait for 2 seconds. ; Sleep(2000) ; ; Close the Notepad process using the PID returned by RunAs. ; ProcessClose($iPID) ;EndFunc ;FULL PARAMETERS ; ‘username’ The username to log on with. ; ‘domain’ The domain to authenticate against. ; ‘password’ The password for the user. ; ‘logon_flag’ ; $RUN_LOGON_NOPROFILE (0) – Interactive logon with no profile. ; $RUN_LOGON_PROFILE (1) – Interactive logon with profile. ; $RUN_LOGON_NETWORK (2) – Network credentials only. ; $RUN_LOGON_INHERIT (4) – Inherit the calling process’s environment instead of the user’s environment. ; ‘program’ The full path of the program (EXE, BAT, COM, or PIF) to run (see remarks). ; ‘workingdir’ [optional] The working directory. If not specified, then the value of @SystemDir will be used. This is not the path to the program. ; ‘show_flag’ [optional] The “show” flag of the executed program: ; @SW_HIDE = Hidden window (or Default keyword) ; @SW_MINIMIZE = Minimized window ; @SW_MAXIMIZE = Maximized window ; ‘opt_flag’ [optional] Controls various options related to how the parent and child process interact. ; $RUN_CREATE_NEW_CONSOLE (0x10000) = The child console process should be created with its own window instead of using the parent’s window. This flag is only useful when the parent is compiled as a Console application.
Using this VBScript, you can generate a report on many of the user attributes in Active Directory.
'SET OU HERE strOU = "OU=Users,DC=YourDomain,DC=com" Set objConnection = CreateObject("ADODB.Connection") objConnection.Open "Provider=ADsDSOObject;" Set objCommand = CreateObject("ADODB.Command") objCommand.ActiveConnection = objConnection objCommand.Properties("Page Size") = 1000'if you have problems, change this to 500 Set objShell = CreateObject("WScript.Shell") Set objSysInfo = CreateObject("ADSystemInfo") objCommand.CommandText = "<LDAP://" & strOU & ">;" & "(&(objectclass=user)(objectcategory=person));" & _ "adspath,distinguishedname,sAMAccountName;subtree" Set objRecordSet = objCommand.Execute <span style="color: #ff0000;">''''if you receive the error: "A referral was returned from the server", try adding LDAP://<em>DomainControllerName</em>/</span> Do Until objRecordSet.EOF strParse = replace(objRecordSet.Fields("adspath").Value, "LDAP://", "") Set objUser = GetObject("LDAP://" & strParse) 'Testing area 'WScript.Echo objUser.displayName 'WScript.Echo objUser.sAMAccountName 'Create output you want in a CSV strOutput = objUser.displayName & "," & objUser.sAMAccountName & "," & objUser.description 'Output single user info to CSV objShell.Run "%comspec% /c echo " & strOutput & ">>Report.csv",0,true 'Move to next record in AD objRecordSet.MoveNext Loop 'Pop up message when done msgbox " Report is done!" 'Clear Session objRecordSet.Close Set objRecordSet = Nothing Set objCommand = Nothing objConnection.Close Set objConnection = Nothing <strong>Some things you can report on:</strong> WScript.Echo "First name: " & objUser.givenName 'WScript.Echo "First name: " & objUser.FirstName WScript.Echo "Initials: " & objUser.initials WScript.Echo "Last name: " & objUser.sn 'WScript.Echo "Last name: " & objUser.LastName WScript.Echo "Display name: " & objUser.displayName 'WScript.Echo "Display name: " & objUser.FullName WScript.Echo "Description: " & objUser.description WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName WScript.Echo "Telephone number: " & objUser.telephoneNumber WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone WScript.Echo "Email: " & objUser.mail ' WScript.Echo "Email: " & objUser.EmailAddress WScript.Echo "Web page: " & objUser.wWWHomePage WScript.Echo "Other Web pages: " & objUser.url WScript.Echo "" WScript.Echo "ADDRESS" WScript.Echo "Street: " & objUser.streetAddress WScript.Echo "P.O. Box: " & objUser.postOfficeBox WScript.Echo "City: " & objUser.l WScript.Echo "State/province: " & objUser.st WScript.Echo "Zip/Postal Code: " & objUser.postalCode WScript.Echo "Country/region: " & objUser.countryCode 'WScript.Echo "Country/region: " & objUser.c '(ISO 4217) WScript.Echo "" WScript.Echo "ACCOUNT" WScript.Echo "User logon name: " & objUser.userPrincipalName WScript.Echo "pre-Windows 2000 logon name: " & objUser.sAMAccountName WScript.Echo "AccountDisabled: " & objUser.AccountDisabled ' WScript.Echo "Account Control #: " & objUser.userAccountControl WScript.Echo "Logon Hours: " & objUser.logonHours WScript.Echo "Logon On To (Logon Workstations): " & objUser.userWorkstations ' WScript.Echo "User must change password at next logon: " & objUser.pwdLastSet WScript.Echo "User cannot change password: " & objUser.userAccountControl WScript.Echo "Password never expires: " & objUser.userAccountControl WScript.Echo "Store password using reversible encryption: " & objUser.userAccountControl ' WScript.Echo "Account expires end of (date): " & objUser.accountExpires WScript.Echo "" WScript.Echo "PROFILE" WScript.Echo "Profile path: " & objUser.profilePath ' WScript.Echo "Profile path: " & objUser.Profile WScript.Echo "Logon script: " & objUser.scriptPath WScript.Echo "Home folder, local path: " & objUser.homeDirectory WScript.Echo "Home folder, Connect, Drive: " & objUser.homeDrive WScript.Echo "Home folder, Connect, To:: " & objUser.homeDirectory WScript.Echo "" WScript.Echo "TELEPHONE" WScript.Echo "Home: " & objUser.homePhone WScript.Echo "Other Home phone numbers: " & objUser.otherHomePhone WScript.Echo "Pager: " & objUser.pager WScript.Echo "Other Pager numbers: " & objUser.otherPager WScript.Echo "Mobile: " & objUser.mobile WScript.Echo "Other Mobile numbers: " & objUser.otherMobile WScript.Echo "Fax: " & objUser.facsimileTelephoneNumber WScript.Echo "Other Fax numbers: " & objUser.otherFacsimileTelephoneNumber WScript.Echo "IP phone: " & objUser.ipPhone WScript.Echo "Other IP phone numbers: " & objUser.otherIpPhone WScript.Echo "Notes: " & objUser.info WScript.Echo "" WScript.Echo "ORGANIZATION" WScript.Echo "Title: " & objUser.title WScript.Echo "Department: " & objUser.department WScript.Echo "Company: " & objUser.company WScript.Echo "Manager: " & objUser.manager
@Echo off
set COUNT=1
:WHILE
if %COUNT% lss 5 (
echo OUTPUT is %COUNT%
pause
set /a COUNT+=1
goto :WHILE
)
Notes
Reference: http://ss64.com/nt/set.html
Method 1 – Uninstall only
Acquire OffScrub_O15msi.vbs from Microsoft
Create a simple batch file or VBScript
Pass the “Groove” app to scrip. Example: OffScrub_O15msi.vbs Groove
Note, if you want the Microsoft VBS to be silent, change CMD /K to CMD /C and ,1 to ,0 (inside their script)
Method 2
The Commands
Install
Setup.exe /configure OneDrive_Install.xml
Uninstall
Setup.exe /configure OneDrive_Uninstall.xml
The XML Files
Install.xml
<Configuration> <Add SourcePath="" OfficeClientEdition="32" > <Product ID="GrooveRetail"> <Language ID="en-us" /> </Product> </Add> <!-- <Updates Enabled="FALSE" /> --> <!-- <Display Level="None" AcceptEULA="TRUE" /> --> <!-- <Logging Level="Standard" Path="%temp%" /> --> <!-- <Property Name="AUTOACTIVATE" Value="1" /> --> </Configuration>
Uninstall.xml contents
<Configuration> <Remove> <Product ID="GrooveRetail" > <Language ID="en-us" /> </Product> </Remove> <Display Level="None" AcceptEULA="TRUE" /> </Configuration>