Gwain Posted July 7, 2010 Share Posted July 7, 2010 I came on as a systems admin during the XP days. All of the scripts were pretty much written for me and all I had to do was push them out. Times change and so do OSs. With the introduction of Windows Vista and now Windows 7 a lot of the AutoIT scripts I have will not work due to the need for an interactive login (basically someone has to be logged in).This may not be the best or prettiest way of doing things, but as someone who was tired of sneaker-net I'm implementing it. If you have a better solution please let me know. Also, this article assumes that you have an admin console capable of pushing and executing files (i.e. Symantec Ghost Console, Faronix Deep Freeze Console, Microsoft SCCM, etc.).This solution consists of 4 files:ALL FILES MUST BE SENT TO THE CLIENT PRIOR TO EXECUTION1. Setup.bat2. Launcher.xml3. AutoIT.exe installer file4. Cleanup.batSetup.batThis file edits the registry to temporarily allow a local admin logon, disables the UAC, creates a scheduled task (Launcher.xml is needed for this), and then restarts the machine for auto-logon.cls @echo off reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultUserName /t REG_SZ /d "localadminname" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "localadminpass" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d "1" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d "0" /f schtasks -create -xml (location of Launcher.xml) -TN "Launcher shutdown -r -t 01Launcher.xmlI went through the Task Scheduler GUI in Win 7 and created a template for my task and then exported it. Basically you want it to call your AutoIT.exe file upon logon of your local admin. I couldn't get this to work with my domain account so that's why I'm using the local admin.Once you've exported the XML file open it to edit it. If you want to be able to send this to multiple machines regardless of their DNS name you need to look for two lines.1. In the Registration Info, look for the "Author" line and remove anything before your local admins name For example DNSname\localadminname remove the "DNSname\"2. In the Principal Info, look for the "UserID" line and do the same as step one.Now your scheduled task xml is ready.AutoIT.exeThis is on you to create. Using AutoIT make your install script. I recommend testing and retesting this to make sure it works properly. One of my programs uses a Java applet to display install options and the first time the installer is called it wouldn't recognize keystrokes. The answer for me was to call the installer, exit it, and then call it again.I also had an issue where the setup.exe being called resided on a locked down server. The "Runas" command became a friend of mine.The end of this .exe should call the Cleanup.bat.Cleanup.batThis file undoes the registry entries made to enable auto-logon, re-enables the UAC, deletes the scheduled task "Launcher," and deletes the leftover files setup.bat, Launcher.xml, and your AutoIT.exe. It cannot clean its self but I have begun leaving it hidden somewhere on my clients machine so I can call it later.cls @echo off reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultUserName /t REG_SZ /d "" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d "0" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d "1" /f del /Q (location of setup.bat) del /Q (location of Launcher.xml) del /Q (location of AutoIT.exe) schtasks -delete -xml (location of Launcher.xml) -TN "Launcher shutdown -r -t 01Like I said it's not the most elegant way of doing things but it works. Be aware that during installation the process is logged into the local admin account, and locking the machine will break the whole installation. If you have a novel/better way of doing some of this please post. If you're a beginner at this or an old pro that hit the wall with Vista/7 I hope this helps.-Gwain Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now