Thursday, November 7, 2013

Removing Built-in Store Applications from Windows 8.1

Customizing the Windows 8.1 Start Screen
Removing Built-in Applications from Windows 8.1

This procedure only works when you are building your Reference Golden Image.  The appx are removed and will not be installed for all new users who login in.
If you want to remove all of the built-in applications then you can use the following simple PowerShell commands:

Get-AppXProvisionedPackage -online | Remove-AppxProvisionedPackage –online
Get-AppXPackage | Remove-AppxPackage
Once the apps are removed and the start screen is configured the way you want see my post on Exporting the layout and importing using powershell here.
http://www.syswow64.co.uk/2013/11/customize-windows-81-start-screen.html

Wednesday, November 6, 2013

Customize the Windows 8.1 Start Screen during MDT task sequence Enterprise deployment

Customize the Windows 8.1 Start Screen during MDT task sequence Enterprise deployment


For enterprises, Windows 8.1 delivers the control around the Start Screen that should have been there in Windows 8.0, there’s still no programmatic way to pin or unpin shortcuts from the Start Screen.

Windows 8.1 introduces a Group Policy method for distributing a Start Screen layout, but that’s a policy – i.e. it’s enforced that approach only makes sense in specific cases (e.g. schools, kiosks etc.). Note that Start Screen control is only available in Windows 8.1 Enterprise and Windows RT 8.1

Microsoft have an article available on TechNet that describes a number of ways that you can configure the default Start Screen experience that will work for Windows 8/8.1, Window Server 2012 and Windows Server 2012 R2, but the choices are:
1.Create a reference image and use the CopyProfile setting in unattend.xml to customise the default profile including the Start Screen
2.Use the StartTiles setting in unattend.xml to specify a list of tiles to add to the Start Screen
3.Use SysPrep to generate AppsFolderLayout.bin and then copy that to the default profile

I suggest you use the Powershell cmdlets that provides a way of getting your custom Start Screen layout into the default profile. These works for all edition of Windows 8.1.

This approach is really about customising the default Start Screen experience (i.e. first logon). If you want control of the Start Screen (users receive the same screen every session) you will need Windows 8.1 Enterprise or Windows Server 2012 R2. You can use this method to customise a reference image, an unattended deployment.

High level overview:
1.Deploy and/or log onto a machine that has the applications that you want to pin to the Start Screen
2.Customise that Start Screen to your heart’s content
3.Export the Start Screen configuration with Export-StartLayout
4.Import the Start Screen configuration with Import-StartLayout

To Export the Start Screen layout in binary format, (Import-StartLayout won’t import XML files) see Export-StartLayout command below:

Export-StartLayout -As BIN -Path CustomStartScreenLayout.bin -Verbose

The documentation for Import-StartLayout indicates that this cmdlet only works against offline images (mounted with ImageX); however the cmdlet can be run against the current Windows installation which is ideal for MDT task sequence deployment. The following command will import the customisation into the default profile of the local system. This will need to be run from an elevated command prompt.

Import-StartLayout -LayoutPath .\Basic.bin -MountPath c:\

Wednesday, October 23, 2013

MDT 2012 and Windows 8.1 deployment

MDT 2012 and Windows 8.1 deployment

Troubleshooting

So when you attempt to create a Catlog file for Windows 8.1 it fails with the following message "Windows SIM was unable to generate a catalog. For troubleshooting assistance, see the topic: 'Windows System Image Manager Technical Reference' in the Windows ADK User's Guide."

The log that pops up starts with:

This application requires version 6.2.9200.16384 of the Windows ADK.
Install this version to correct the problem
Windows SIM was unable to generate a catalog. For troubleshooting assistance, see the topic: 'Windows System Image Manager Technical Reference' in the Windows ADK User's Guide.

Even though version 6.2.9200.16384 of the Windows ADK is installed when you attempt to Generate a Catalog File the issue is there is a new version of ADK version 6.3.9600.16411 located here http://www.microsoft.com/en-gb/download/details.aspx?id=39982

Once you have updated ADK you will need to update MDT to 2013 here http://www.microsoft.com/en-us/download/details.aspx?id=40796

The above will also be the root cause of a Failure deployment summary as below:
FAILURE (5627)
Failed to run the action; Install Operating System.
Unknown Error (Error: 000015FB; Source: Unknown)

A useful command to run from an Administrator command prompt is "dism /cleanup-wim". This will remove any stale mount points that could be causing a conflict.

Friday, October 18, 2013

Java 7 update 45 Enterprise deployment

Java 7 update 45 Enterprise deployment

1. Download the latest version of Java from the Windows Offline download page from the following URL http://www.java.com/en/download/manual.jsp
2. From a Administrator command prompt launch the jre-7u45-windows-i586.exe and wait until the initial 'Welcome to Java' screen appears but do NOT press the 'Install' button.

3. At this stage Java will have expanded the installation files to C:\Users\Administrator\AppData\LocalLow\Sun\Java\jre1.7.0_45 > Copy this folder and contents to C:\temp\jre1.7.0_45
There will be two files: jre1.7.0_45.msi and data1.cab
(NOTE: it will be in the LocalLow directory of the user account used to run the command prompt, this example used a local admin account 'Administrator')

4. Use Orca to create an MST file which we can use to transform the MSI for enterprise deployment. Orca is part of the 'Microsoft Windows SDK' can be downloaded here http://www.microsoft.com/en-us/download/details.aspx?id=3138 (useful link here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa370557(v=vs.85).aspx)

4.1 Right click the jre1.7.0_45.msi and select 'Edit with Orca'
4.2 Within Orca Click the 'Transform' dropdown and select 'New Transform'
4.3 At this stage you are not making changing to the original MSI but a Transform file (MST)

5. Select the 'Properties' table on the left and amend the property values as described below on the right
- AUTOUPDATECHECK = 0
- IEXPLORER = 1
- JAVAUPDATE = 0
- JU = 0
- RebootYesNo = No

6. Still within the properties table on the left, click any row on the right.
6.1 Click the Table drop down, and select 'Add Row', using the following Property's and values add the following 4 rows.

Property: REBOOT
Value: R
-------------
Property: SYSTRAY
Value:0
------------
Property: WEB_JAVA
Value: 1
-------------
Property: WEB_JAVA_SECURITY_LEVEL
Value: H
------------

7. Click the 'Transform' dropdown and select 'Generate Transform' and save as 'jre1.7.0_45.mst' in the same directory as the MSI.

8. The original MSI and the newly create MST file can be called with the following syntax
msiexec /i jre1.7.0_45.msi TRANSFORMS=jre1.7.0_45.mst /l*v C:\Windows\Contoso\Logs\Java_7_Update_45.log /qn /norestart

9. When Java is run to upgrade a previous version, the upgrade code detects previous versions and it will be removed prior to deployment.  This process fails when either the /qn switch is used and you reinstall the same version or when Java is currently being used in Internet Explorer.  Both senarios result in a successfull exit code however, the installation has failed and cannot be reinstalled silently, or Loud without a error pop up refering to a missing 'installer.dll.'
9.1 To address both these issues the following two scripts will be of assistance.  One if used at the begining will alway remove the current version before reinstalling.  The second will recover the system to avoid the 'Installer.dll' error.
10. The main feature of the script below to avoid this 'failed state' is the fact that current/previous version is uninstalled
strMSIUni = "msiexec /x {26A24AE4-039D-4CA4-87B4-2F83217045FF} /qn /norestart "
The script below will check to see if IEXPLROER.EXE is running and depending on the whether this is true or not display the SMSNotify.exe wrapper.  If it is not running SMSNotify will not be displayed and the MSI will use only silent switches.

'********************************************************************
'*
'* Author:       syswow64.co.uk
'*
'* Module Name:  sms-notify-Java.vbs
'*
'* Abstract:     Wrapper script for handling non zero exit codes on SMSNotify
'*
'* Exit codes:   0 - Install successful
'*               10 - Install successful (delayed)
'*               NB. All other codes are the MSIEXEC.EXE exit codes
'*
'* Changelog:   18/10/2013 - Java 7 update 45
'*              Check to see if a user is logged on first           
'*
'********************************************************************
On Error Resume Next
Dim oShell, objWMIService
strComputer = "."
'--check to see if IE is running and records it PID
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * From Win32_Process")
For Each objItem in colItems
    If InStr(objItem.CommandLine, "iexplore.exe") Then
       intProcessID = objItem.ProcessID
    End If
Next
Set colMonitoredProcesses = objWMIService.ExecNotificationQuery _
    ("Select * From __InstanceDeletionEvent Within 1 Where TargetInstance ISA 'Win32_Process'")
'--
Set oShell = WScript.CreateObject("WScript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
strComputerName = oShell.ExpandEnvironmentStrings("%COMPUTERNAME%")
strCurrentDir = Replace(WScript.ScriptFullName, WScript.ScriptName, "")
if intProcessID = "" then
 'Wscript.Echo "PId blank."
 RunInstall(True)
 'i = 1
 'wscript.quit
else
iReturn = oShell.Run(Chr(34) & strCurrentDir & "SMSNotify.exe" & Chr(34), 1, false)
  Do Until i = 1
   Set objLatestProcess = colMonitoredProcesses.NextEvent
   If objLatestProcess.TargetInstance.ProcessID = intProcessID Then
    Set colProcessList = objWMIService.ExecQuery("SELECT * FROM Win32_Process WHERE Name = 'SMSNotify.exe'")
    For Each objProcess in colProcessList
    objProcess.TContosoinate()
    Next 
   i = 1
   End If
  Loop
'Wscript.echo "Loop ended"
RunInstall(false)
End If

Sub RunInstall(blnQuiet)
 strCMD = oShell.ExpandEnvironmentStrings("%COMSPEC%") & " /c "
 strMSI = "msiexec.exe /i " & Chr(34) & strCurrentDir & "jre1.7.0_45.msi" & Chr(34) & " "
 strMSIUni = "msiexec /x {26A24AE4-039D-4CA4-87B4-2F83217045FF} /qn /norestart "
 strTransform = "TRANSFORMS=" & Chr(34) & strCurrentDir & "jre1.7.0_45-ie-sc.Mst" & Chr(34) & " "
 strLogging =  "/lv* " & Chr(34) & "%WINDIR%\Contoso\Logs\jre1.7.0_45.log" & Chr(34) & " "
 strLoggingUni = "/lv* " & Chr(34) & "%WINDIR%\Contoso\Logs\jre1.7.0_40_Uninstall.log" & Chr(34) & " "
 strRestart = "/norestart "
 strCommand = strCMD & strMsi & strTransform & strLogging & strRestart
 'strCommandUni = strCMD & strMsiUni & strLoggingUni & strRestart
intMSIReturn = oShell.Run(strMSIUni, 0 , True)
 If blnQuiet = True Then
'wscript.echo "True"
  intMSIReturn = oShell.Run(strCommand & "/qn", 0, True)
 Else
  intMSIReturn = oShell.Run(strCommand & "/qn+", 0, True)
 End If
 WScript.Quit intMSIReturn
End Sub



<#'********************************************************************
#'*
?# Powershell script
'* Author: syswow64.co.uk
'* Module Name: Test-Path-installer.dll.ps1
'*
'* Abstract: error pop up refering to a missing 'installer.dll.'  installer.dll should be present in the same directory as the ps1 script.
'* SCCM command line: powershell.exe -ExecutionPolicy Bypass -file "./Test-Path-Installer.dll.ps1"
'*
'*
'* Changelog: 18/10/2013 - Test-Path-installer.dll.ps1
'* Check to see if a file and folder exist.  If they dont they will be created/copied.
'*
'********************************************************************#>

$source =  ".\installer.dll"
$destinationfolder = "C:\Program Files\Java\jre7\bin"
$destination = "C:\Program Files\Java\jre7\bin\installer.dll"
$TestPathfile = Test-Path $destination
$TestPathfolder = Test-Path $destinationfolder
IF (!$TestPathfolder) {New-Item $destinationfolder -Type Directory}
IF (!$TestPathfile) {Copy-Item $source $destination -Verbose}


Latitude 10 Ste2 Enterprise Deployment with MDT 2012 and USB Media

Latitude 10 Ste2 Enterprise Deployment with MDT 2012 and USB Media

 
The Latitude 10 uses a Unified Extensible Firmware Interface (UEFI). UEFI is meant to replace the Basic Input/Output System (BIOS) firmware interface. The Latitude 10 does not have legacy support, so as a result SCCM 2007, MDT 2010, WinPE 3.0, and WDS (2008) infrastructure is not supported.

To deploy a Windows 8 image without 2012 infrastructure the use of a standalone MDT 2012 deployment share to create USB stick media is neccessary.

The finished media does not contain any sensitive credentials or product keys. The administrator is prompted for credentials to connect to the MDT database; it is here the Task Sequence is able to find/generate its computer name and join to the correct OU in AD.

Post SCCM collections will target these Latitude tablets and activate Office and Windows respectively.
 
Step A: Boot mode: UEFI Options1. Connect an Ethernet cable, USB keyboard, mouse and the USB media created to the cradle.
2. Slot the tablet on the cradle and power on using the top right button.
3 Press F12 until the UEFI Boot options appear and select the UEFI USB drive.
Step B: Installation Wizard1. The Litetouch wizard will automatically launch at which point the customsettings.ini and bootstrap.ini files are read.
2. Click begin to start the deployment
3. Shortly after clicking 'begin' you will be prompted for your WA.USERNAME credentials. Without valid input the Task Sequence will not proceed.
4. The build will take approx 25 minutes to complete. Once the post installation task have completed the system is rebooted. Only once the tablet waits at the login screen has the build finished.
5. If any errors occur during the build they will be logged in the BDD.log file and a RED summary screen is produced at the end. Otherwise the system reboots ready for the first user.
The steps below detail how the Deployment share, Task Sequence and media are created.

Step 1 - Create a deployment share
1.Within MDT, Deployment Workbench, right-click Deployment Shares and select New Deployment Share. Use the following settings for the New Deployment Share Wizard.
a.Deployment share path: C:\MDTProduction
b.Share name: MDTProduction
c.Deployment share description: MDT Production
d.Options:

Step 2 - Import the Windows 8 operating system
1.Using the Deployment Workbench, expand the MDT Production node, and select the Operating Systems node.
2. Right-click on the Operating Systems node, and select Import Operating System. Use the following settings for the Import Operating System Wizard.
a.Full set of source files D:\Setup\Windows 8 Enterprise x86
b.Destination directory name: Windows 8 Enterprise x86
3.After adding the operating system, change the Operating System name to Windows 8 Enterprise x86.
Step 3 - Import the drivers Download the Dell Cab file for the Latitude 10 STe2 from here and expand to C:\temp\ST2E-win8-A04-N86KN
1.Using the Deployment Workbench, in the MDT Production node, select the Out-Of-Box Drivers node, and create a folder named Windows 8 x86. Then, in the Windows 8 x86 folder, create a subfolder named 'Latitude10-Auto'.
2. Right-click the 'Latitude10-Auto' folder and select Import Drivers, use the following settings for the Import Driver wizard:
a.Driver source directory: C:\temp\ST2E-win8-A04-N86KN
3. .Using the Deployment Workbench, in the MDT Production node, select the Out-Of-Box Drivers node, and create a named 'Latitude10-Forced.
2. Right-click the 'Latitude10-Forced' folder and select Import Drivers, use the following settings for the Import Driver wizard:
a.The following drivers must be imported/copied in to this folder.
Name Manufacturer Version
AuthenTec BiometricDevice oem44.inf 4.0.0.89 AuthenTec 4.0.0.89
Broadcom Net bcmdhd63.inf 5.93.97.113 Broadcom 5.93.97.113
Broadcom Sensor oem6.inf 19.14.6362.4 Broadcom 19.14.6362.4
Broadcom System bcmfn2.inf 5.93.97.113 Broadcom 5.93.97.113
Broadcom System oem5.inf 19.14.6362.4 Broadcom 19.14.6362.4
Broadcom System oem50.inf 12.0.0.6100 Broadcom 12.0.0.6100
Intel Corporation System oem55.inf 6.2.9200.26576 Intel Corporation 6.2.9200.26576


Intel Corporation System oem57.inf 6.2.9200.26576 Intel Corporation 6.2.9200.26576



Intel Corporation System oem64.inf 6.2.9200.33472 Intel Corporation 6.2.9200.33472
Intel Corporation System oem65.inf 6.2.9200.33472 Intel Corporation 6.2.9200.33472
Intel Corporation System oem66.inf 6.2.9200.33472 Intel Corporation 6.2.9200.33472
Intel MEDIA oem61.inf 6.2.9200.33148 Intel 6.2.9200.33148
Microsoft HIDClass hidi2c.inf 6.2.9200.16461 Microsoft 6.2.9200.16461
Microsoft HIDClass msgpiowin32.inf 6.2.9200.16497 Microsoft 6.2.9200.16497
Microsoft SDHost sdbus.inf 6.2.9200.16548 Microsoft 6.2.9200.16548
Microsoft SecurityDevices tpm.inf 6.2.9200.16548 Microsoft 6.2.9200.16548
REALTEK MEDIA oem62.inf 6.2.9200.3067 REALTEK 6.2.9200.3067
Step 4 - Add the application 1.Using the Deployment Workbench, in the MDT Production node, select the Applications node.
2.Right-click the Applications node, and select New Application, Use the following settings for the New Application Wizard.
Microsoft Office Professional Plus
a.Application with source files
b.Application name: Microsoft Office Professional Plus
c.Version: 2013
d.Source Directory: Example C:Temp\Setup\Microsoft Office Professional Plus 2013
e.Specify the name of the directory that should be created: Microsoft Office Professional Plus 2013
f.Command Line: Setup.exe
g.Working directory: .\Applications\Microsoft Office Professional Plus 2013
-------------------
Dell Wireless Drivers
a.Application with source files
b.Application name: Dell Wireless Drivers
c.Version: 2013
d.Source Directory: Example C:Temp\Setup\Dell Wireless Drivers
e.Specify the name of the directory that should be created: Dell Wireless Drivers
f.Command Line: setup.exe /S /v/qb!
g.Working directory: .\Applications\Dell Wireless Drivers
-----------------------
SEP 12.1.3
a.Application with source files
b.Application name: SEP
c.Version: 12.1.3
d.Source Directory: Example C:Temp\Setup\SEP 12.1.3
e.Specify the name of the directory that should be created: SEP 12.1.3
f.Command Line: msiexec /i sep.msi /qn /l*v "C:\Windows\Contoso\Logs\Symantec_EndpointProtection_12.1.3001.165.log" IDCENABLE=0
g.Working directory: .\Applications\SEP 12.1.3
-----------------------
Microsoft Configuration Manager Client 2007 4.00.6487.2000
a.Application with source files
b.Application name: Microsoft Configuration Manager Client
c.Version: 2007 4.00.6487.2000
d.Source Directory: Example C:Temp\Setup\Microsoft Configuration Manager Client
e.Specify the name of the directory that should be created: Microsoft Configuration Manager Client 2007 4.00.6487.2000
f.Command Line: ccmsetup.exe
g.Working directory: .\Applications\Microsoft Configuration Manager Client 2007 4.00.6487.2000

Step 5 - Create Selection Profile1. Using the Deployment Workbench, in the MDT Production deployment share, right click the Advanced Configuration/Selection Profile node, and select 'New Selection profile'.
2. Under the General Settings input:
i.Selection Profile name: Latitude10-Auto
ii.Folder: All Applications
iii. Operating Systems: Windows 8 Enterprise x86
iii. Out-of-Box drivers: 'Latitude10-Auto' and 'Latitude10-Forced'
iiii.All Task Sequences
---
3. Using the Deployment Workbench, in the MDT Production deployment share, right click the Advanced Configuration/Selection Profile node, and select 'New Selection profile'.
4. Under the General Settings input:
i.Selection Profile name: Latitude10-Forced
ii. Out-of-Box drivers: 'Latitude10-Forced'

Step 6 - Create a task sequence
1.Using the Deployment Workbench, in the MDT Production deployment share, select the Task Sequences node.
2.Right-click on the Task Sequences node, and select New Task Sequence. Use the following settings for the New Task Sequence Wizard.
a.Task sequence ID: W8-X86-001
b.Task sequence name: Windows 8 Enterprise x86
c.Task sequence comments: Production Deployment
d.Template: Standard Client Task Sequence
e.Select OS: Windows 8 Enterprise x86
f.Do not specify a product key at this time
g.FullName: Contoso
h.Organization: Contoso
i.Internet Explorer home page: about:blank
j.Do not specify an Administrator password at this time and complete the wizard.
3. Double click Task sequence ID: W8-X86-001, and select the Task Sequence tab.
4. Within the 'Preinstall' node after 'Enable Bitlocker (offline) add two general tasks.
i. Inject Drivers: Selection Profile: Latitude-Auto
ii. Install Only matching drivers from selection profile
iii.Inject Drivers: Selection Profile: Latitude-force
iiii.Install all drivers from the selection profile.

Step 7 - Configure the deployment share settings
1.The Bootstrap.ini file has the following content
[Settings]
Priority=Default
[Default]
SkipBDDWelcome=YES
KeyboardLocale=en-US

2.The CustomSettings.ini file has the following content (controlling the MDT deployment wizard behavior and other deployment settings):
[Settings]
Priority= Default
Properties=MyCustomProperty
[Default]
_SMSTSOrgName=Windows 8
UserDomain=ops
OSInstall=YES
SkipAdminPassword=YES
AdminPassword=password
SkipApplications=YES
SkipAppsOnUpgrade=YES
SkipBDDWelcome=YES
SkipBitLocker=YES
SkipCapture=YES
SkipComputerName=YES
SkipComputerBackup=YES
SkipUserData=YES
UserDataLocation=NONE
ComputerBackupLocation=NONE
SkipDeploymentType=NO
DeploymentType=NEWCOMPUTER
SkipDomainMembership=YES
JoinDomain=ops.Contoso55.com
SkipProductKey=YES
SkipTaskSequence=YES
TaskSequenceID=W8-X86-001
SkipPackageDisplay=YES
SkipSummary=NO
SkipFinalSummary=YES
FinishAction=REBOOT
SkipTimeZone=YES
SkipLocaleSelection=YES
KeyboardLocale=en-US
UserLocale=en-US
UILanguage=en-US
BitsPerPel=32
VRefresh=60
XResolution=1
YResolution=1
3.Right-click the MDT Production Deployment Share and select Properties.
4.In the Windows PE tab, in the Platform dropdown list, make sure x86 is selected.
5.In the General sub tab, configure the following settings:
a.In the Lite Touch Boot Image Settings area.
i.image description: MDT Production x86
ii.Clear the Generate a Lite Touch bootable ISO image check box
b.In the Windows PE Customizations area, set the Scratch space size to 256.
6.Click OK.
7.Right click the deployment share and select 'Update Deployment Share'
#----------------------------------------------------------------------------------------------------#
Requires 2012 infrastructure
Step 8 - Add the MDT 2012 Update 1 boot image to WDS 2012
1.In the WDS Console, expand DC01.com, right-click Boot Images and select Add Boot Image
2.Browse to the D:\MDTProduction\Boot\LiteTouchPE_x86.wim file and add the image with the default settings.

Step 9 - Deploy the Windows 8 Image
1.
Start your Latitude 10 Tablet, press F12 for PXE boot, and complete the Deployment Wizard using the below settings:
a.Password: P@ssw0rd
b.Select a task sequence to execute on this computer: Windows 8 Enterprise x86
c.Computer Name: LeaveDefault
#------------------------------------------------------------------------------------------------------------#
Step 8: Create Windows 8 Full source files USB media.
1.Within MDT 2012 update 1 Expand 'Advanced Configuration' and right click 'Media' and select 'New Media'.
2. On the General Settings page specify the following details:
i. Media Path: c:\temp\Latitude10Media
ii. Comments: Windows 8 Enterprise x86
iii. Selection Profile: Latitude10-auto
3. Right click 'MEDIA001' and click Properties'. Use the following settings.
i.Untick 'Generate x64 boot image
ii. Untick 'Generate a lite Touch bootable ISO Image'
iii. On the rules tab, copy the Customsettings.ini and Bootstrap.ini settings from STEP 6.
iii. Scratch space size: 256
4. Click Ok, Then Right click 'MEDIA001' and click 'Update Media Content'
Step 9: Deploy the Windows 8 Image.
Set up your USB flash drive. Important note that UEFI cannot read NTFS so it needs to be FAT formatted:
UEFI firmware interface requires 2012 infrastructure or a FAT32 formatted USB stick to boot from. The batch file below will list all available disks and prompt for the correct disk number to format into Fat32.
#USE WITH CAUTION#
@echo off
:loop
echo list disk|diskpart|find "Online"
set "disk=."
set /p "disk=Pick disk number above to destroy/reformat: "
echo.
echo list disk|diskpart|find "Disk %disk%"
if errorlevel 1 (
echo Invalid drive selection!
pause
goto :loop
) else (
pause>con
echo select Disk %disk%
echo clean
echo create partition primary
echo select partition=1
echo active
echo format fs=fat32 Label="Win8ISO" quick
echo assign
echo exit
)| Diskpart​
for /f %%D in ('wmic volume get DriveLetter^, Label ^| find "WIN8ISO"') do set usb=%%D
echo %usb%
robocopy c:\temp\Latitude10Media\Content %usb% /e /copy:DAT /r:1 /w:1
1.Once the USB stick has been formatted correctly, RoboCopy the Media files created in STEP 7 on to the root of the stick. The command below assumes the media directory specified was 'c:\temp\Latitude10Media' and the USB stick has been assigned the letter G:.
robocopy c:\temp\Latitude10Media\Content g:\ /e /copy:DAT /r:1 /w:1
Step A: Boot mode: UEFI Options
1. Connect an Ethernet cable, USB keyboard, mouse and the USB media created to the cradle.
2. Slot the tablet on the cradle and power on using the top right button.
3 Press F12 until the UEFI Boot options appear and select the UEFI USB drive.
Step B: Installation Wizard1. The Litetouch wizard will automatically launch at which point the customsettings.ini and bootstrap.ini files are read.
2. Click begin to start the deployment
3. Shortly after clicking 'begin' you will be prompted for your WA.USERNAME credentials. Without valid input the Task Sequence will not proceed.
4. The build will take approx 25 minutes to complete. Once the post installation task have completed the system is rebooted. Only once the tablet waits at the login screen has the build finished.
5. If any errors occur during the build they will be logged in the BDD.log file and a RED summary screen is produced at the end. Otherwise the system reboots ready for the first user.
Step 10: Capture a reference Windows 8 WIM
NOTE: A Reference Windows 8 wim should be captured with all available update.
1. Windows 8 Enterprise should now be deployed using the source media created in STEP 7
2.Install all available updates.
3. The addition of Hotfix 'Windows8-RT-KB2756872-x86.msu' must be installed to address a device driver/hardware issue.
4.Once the reference image has beenupdated run 'Sysprep with generalize (shutdown)'
i.Reference: C:\Windows\System32\sysprep\sysprep.exe.
5. Restart the tablet into WinPE. This can be achieved by loading the USB media detailed in STEP 8. Once the wizard begins press F8 to bring up a command prompt (DO NOT DEPLOY THE TASK SEQUENCE).
The following command will capture the syspreped Windows 8 image (located C:\) to the root of the USB stick (Assumed G:\).
Dism /Capture-Image /ImageFile:G:\Windows8.wim /CaptureDir:C:\ /Name:"Windows 8 Enterprise"
NOTE: FAT32 is limited to a maximum of 4GB files. Currently a standard image with updates will total 3.8GB without the compression switch. Until 2012 infrastructure is implemented the image should not contained any other preinstalled applications.
Step 11: Import the Captured Windows 8 operating system
1.Using the Deployment Workbench, expand the MDT Production node, and select the Operating Systems node.
2. Right-click on the Operating Systems node, and select Import Operating System. Use the following settings for the Import Operating System Wizard.
a.Custom image file: G:\Windows8.wim (destination drive used in STEP 9)
b.Destination directory name: Windows 8 Enterprise x86 -Captured

3.After adding the operating system, change the Operating System name to Windows 8 Enterprise x86- Captured
Step 12 - Update task sequence
1.Using the Deployment Workbench, in the MDT Production deployment share, select the Task Sequences node.
2. Double click Task sequence ID: W8-X86-001, and select the Task Sequence tab.
3. Within the 'Initialization' node before 'Gather local Only' add two general tasks.
i. Set Task Sequence Variable: UserID
ii. No Value
ii. Set Task Sequence Variable: UserPassword
iii.No Value
4. Within the 'Initialization' node After 'Gather local Only' create a Group called 'Set Computer Name'.
5. Create command beneath group called 'CMD MDTDatabase.ini' with the following command
i. cscript x:\deploy\scripts\ZTIGather.wsf /inifile:x:\deploy\control\MDTDatabase.ini
6. Create a group called 'Get Computer Name' with the following options defined.
i. If none of the condtions are true > Task sequence variable ContosoComputerName exists
7. Create Run Command Line called ''WS: Get Computer Name' with the following options
i Continue on error
ii. cscript.exe "x:\deploy\scripts\ZTI_ExecuteWebService.wsf" /wsIniFile:x:\deploy\control\WebServiceSettings.ini /wsSection:GetComputerNameByUUID /wsProperty:ContosoComputerName /wsOverwrite:False
8. Create a group called 'Generate New Name' with the following options defined
i. If none of the condtions are true > Task sequence variable ContosoComputerName exists
9. Create Run Command Line called 'WS: Generate Computer Name' with the following options
i. cscript.exe "x:\deploy\scripts\ZTI_ExecuteWebService.wsf" /wsIniFile:x:\deploy\control\WebServiceSettings.ini /wsSection:GenerateComputerName /wsProperty:ContosoComputerName /wsOverwrite:True
10. Create a group called 'Check Computer OU'
11. Create Run Command Line called 'WS: Get Parent OU' with the following options defined
i. cscript.exe "x:\deploy\scripts\ZTI_ExecuteWebService.wsf" /wsIniFile:x:\deploy\control\WebServiceSettings.ini /wsSection:GetComputerOU /wsProperty:ADObjectOU /wsOverwrite:True
12. Beneath this group add 'Set Task Sequence Variable'
i. Task Sequence Variable: MACHINEOBJECTOU
ii. Value: %ADObjectOU%
iii. If all conditions are true >
Task sequence variable AdObjectOU not equals %MACHINEOBJECTOU%
Task sequence variable AdObjectOU exists

Monday, August 12, 2013

PowerShell Find specific text within a string, with a list of partial file names. $_.split

Recently i was looking for a way to select all the text between two brackets and ignore everything else in the string.  This was necessary as i had a list of partial file name and i wanted a way of matching my list with a directory listing.

The use of '$_.split' command achieved this very nicely.


How to i select specific text in a string?


$text='this is an (apple). it is red'
#The variable $text contains the word 'apple' between two opposite brackets.

$text|%{$_.split('(')[1]}|%{$_.split(')')[0]}
# $text is piped into a foreach loop spliting the string, removing everything before the first bracket (. It is then piped into a second foreach loop removing everything after the second bracket ).
                                  
apple # On screen the returned result is apple. This is useful if you are looking for partial file names, or a specific string within a string.


What does "%" mean in powershell syntax ?

The percentage sign '%' is used as an alias for 'ForEach-Object':

PS > get-alias -definition foreach-object

CommandType Name Definition
----------- ---- ----------
Alias % ForEach-Object
Alias foreach ForEach-Object

Wednesday, May 22, 2013

Java 7 update 21 (1.7.0_21) Enterprise Repackaged Security Medium Deployment with SCCM

-------------------------------------------------------------------------------------------------
Java 7 update 45 Enterprise deployment complete walk through
http://www.syswow64.co.uk/2013/10/java-7-update-45-enterprise-deployment.html
--------------------------------------------------------------------------------------------------

The issue on many blogs and articles is around creating the 'deployment.config' and 'deployment.properties' files for an enterprise deployment.  In my case i wanted to set the security level to 'Medium', but everytime I open the Java control panel it was set to the default HIGH setting.


Solution

1 Create the following directory path 'C:\Windows\sun\java\deployment'
2 Create a file called 'deployment.config' in this directory and open with Notepad.
Copy the two line below

####################
deployment.system.config = file\:\\C\:\\WINDOWS\\Sun\\Java\\Deployment\\deployment.properties
deployment.system.config.mandatory = true
####################

3 Create a file called 'deployment.properties' in this directory and open with Notepad.
Copy the four line below (# deployment.security.level.locked optional)

######################
deployment.security.level=MEDIUM
deployment.browser.path=C:\Program Files\Internet Explorer\IEXPLORE.EXE
deployment.version=7.21
#deployment.security.level.locked
###########################
(without path and version, level will be ignored)

4 Delete C:\Users\%Username%\AppData\LocalLow\Sun

5 Delete: HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft\DeploymentProperties

6 Open Java from Control Panel.  You will find the security is now set to MEDIUM. If the lock was imposed, the user will not be able to adjust this setting as it will be greyed out.

Tuesday, April 30, 2013

SQL Reporting Services SCCM DCM

This article is dedicated to providing working examples for DCM (Desired Configuration Managment) reports, using reporting services 2008.


1. This report displays three statenames for the baseline called BL - WK DCM.  A count of Conpliance state populates the third column.

SELECT     CIProp.DisplayName AS 'DCM Baseline Name', SNames.StateName, COUNT(CCS.ComplianceState) AS 'Compliance State Count'
FROM         dbo.v_BaselineTargetedComputers AS BTC INNER JOIN
                      dbo.v_ConfigurationItems AS CI ON CI.CI_ID = BTC.CI_ID INNER JOIN
                      dbo.v_CICurrentComplianceStatus AS CCS ON CCS.CI_ID = CI.CI_ID AND CCS.ResourceID = BTC.ResourceID INNER JOIN
                      dbo.v_LocalizedCIProperties_SiteLoc AS CIProp ON CIProp.CI_ID = CI.CI_ID INNER JOIN
                      dbo.v_StateNames AS SNames ON CCS.ComplianceState = SNames.StateID
WHERE     (CIProp.DisplayName = 'BL - WK DCM') AND (SNames.TopicType = 401)
GROUP BY CIProp.DisplayName, CCS.ComplianceState, SNames.StateName


 
 
 
 
2. This report displays Computer name with corresponding last logged on username, for machines with non compliant status for specific baseline.
SELECT     TOP (100) PERCENT SYS.Name0 AS 'Computer Name', SNames.StateName AS 'Compliance State',
                      CCS.LastComplianceMessageTime AS 'Last Compliance Evaluation', SYS.User_Name0 AS 'User Name', OS.Caption0 AS 'Operating System',
                      OS.InstallDate0 AS 'Install Date', STATUS.LastHWScan AS 'Last HW Scan', COMP.Model0 AS 'Model', CIProp.DisplayName,
                      CI.CIVersion AS 'Baseline Content Version'
FROM         dbo.v_BaselineTargetedComputers AS BTC INNER JOIN
                      dbo.v_R_System AS SYS ON SYS.ResourceID = BTC.ResourceID INNER JOIN
                      dbo.v_GS_COMPUTER_SYSTEM AS COMP ON COMP.ResourceID = BTC.ResourceID INNER JOIN
                      dbo.v_GS_OPERATING_SYSTEM AS OS ON OS.ResourceID = SYS.ResourceID INNER JOIN
                      dbo.v_ConfigurationItems AS CI ON CI.CI_ID = BTC.CI_ID INNER JOIN
                      dbo.v_CICurrentComplianceStatus AS CCS ON CCS.CI_ID = CI.CI_ID AND CCS.ResourceID = BTC.ResourceID INNER JOIN
                      dbo.v_LocalizedCIProperties_SiteLoc AS CIProp ON CIProp.CI_ID = CI.CI_ID INNER JOIN
                      dbo.v_StateNames AS SNames ON CCS.ComplianceState = SNames.StateID LEFT OUTER JOIN
                      dbo.v_GS_WORKSTATION_STATUS AS STATUS ON STATUS.ResourceID = SYS.ResourceID LEFT OUTER JOIN
                      dbo.v_R_User AS USR ON USR.User_Name0 = SYS.User_Name0
WHERE     (CIProp.DisplayName = 'BL - WK DCM') AND (SNames.TopicType = 401) AND (SNames.StateName <> 'Compliant')
ORDER BY 'Compliance State'


NOTE: Change WHERE for compliant machines
WHERE     (CIProp.DisplayName = 'BL -WK DCM') AND (SNames.TopicType = 401) AND (SNames.StateName <> 'Non-Compliant') AND
                      (SNames.StateName <> 'error')


This

SELECT DISTINCT
                      TOP (100) PERCENT SYS.Name0, ccs.LastComplianceMessageTime, ccs.ComplianceStateName, dbo.v_LocalizedCIProperties_SiteLoc.DisplayName,
                      SYS.User_Name0,
                      CASE WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0 LIKE '%Europe%' THEN 'EMEA' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0
                       LIKE '%Asia Pacific%' THEN 'APAC' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0 LIKE '%Brazil%' THEN 'LAC' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0
                       LIKE '%Hispanic LAC%' THEN 'LAC' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0 LIKE '%Canada%' THEN 'NA' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0
                       LIKE '%Northern%' THEN 'NA' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0 LIKE '%Southern%' THEN 'NA' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0
                       LIKE '%Western%' THEN 'NA' WHEN dbo.v_RA_System_SystemOUName.System_OU_Name0 LIKE '%Americas%' THEN 'Americas' ELSE 'MISC' END AS
                       RegionOUCodeGrouped, dbo.v_GS_OPERATING_SYSTEM.Caption0, dbo.v_GS_OPERATING_SYSTEM.InstallDate0,
                      dbo.v_GS_COMPUTER_SYSTEM.Model0
FROM         dbo.v_CICurrentComplianceStatus AS ccs INNER JOIN
                      dbo.v_R_System AS SYS ON ccs.ResourceID = SYS.ResourceID INNER JOIN
                      dbo.v_LocalizedCIProperties_SiteLoc ON ccs.CI_ID = dbo.v_LocalizedCIProperties_SiteLoc.CI_ID INNER JOIN
                      dbo.v_RA_System_SystemOUName ON SYS.ResourceID = dbo.v_RA_System_SystemOUName.ResourceID INNER JOIN
                      dbo.v_GS_OPERATING_SYSTEM ON SYS.ResourceID = dbo.v_GS_OPERATING_SYSTEM.ResourceID INNER JOIN
                      dbo.v_GS_COMPUTER_SYSTEM ON SYS.ResourceID = dbo.v_GS_COMPUTER_SYSTEM.ResourceID
WHERE     (dbo.v_LocalizedCIProperties_SiteLoc.DisplayName LIKE 'CI%') AND (ccs.ComplianceStateName = 'Compliant') AND
                      (dbo.v_RA_System_SystemOUName.System_OU_Name0 <> 'OPS.Domain.COM/AMERICAS')
ORDER BY dbo.v_LocalizedCIProperties_SiteLoc.DisplayName


 


Tuesday, April 23, 2013

Error A Previous version of Nightwatchman has been detected on your machine. You must remove Nightwatchman before continuing with the install

 

"Error A Previous version of Nightwatchman has been detected on your machine.  You must remove Nightwatchman before continuing with the install"


 


The uninstaller via command line or Programs and Features would result in the above error message.

It was discovered that the MST file previously used to configure the MSI had been copied from from an earlier version 5, and had included references to the previous product ID.

By deleting the Transforms record the uninstallation was able to complete.


[HKEY_CLASSES_ROOT\Installer\Products\E5A3EA51A6783284B9EDA9396E6A772C]

"ProductName"="1E Agent"

"PackageCode"="7D32A2D932D351543AA64E478D052BFD"

"Version"=dword:06000064

"Transforms"=C:\WINDOWS\Installer\{15AE3A5E-876A-4823-9BDE-9A93E6A677C2}\Custom1EAgent.mst

Wednesday, February 27, 2013

DCM Script Detect SQL Edition SKUNAME


The script below will check if you have a version of SQLServer insalled and Echo the Edition Skuname and process Architecture.  This is particulary useful if you deem SQL Server on workstations to be a non-compliant trigger.  Now you can validate whether the echoed line is not allowed i.e SQL Server Enterprise


On Error Resume Next
' First try SQL Server 2008/2008 R2:
Set objWMIService = GetObject("WINMGMTS:\\.\root\Microsoft\SqlServer\ComputerManagement10")
If Err.Number <> 0 Then
    ' Next, try SQL Server 2005:
    Set objWMIService = GetObject("WINMGMTS:\\.\root\Microsoft\SqlServer\ComputerManagement")
    If Err.Number <> 0 Then
        ' Next, try SQL Server 2012:
        Set objWMIService = GetObject("WINMGMTS:\\.\root\Microsoft\SqlServer\ComputerManagement11")
    End If
End If

Set colItems = objWMIService.ExecQuery( _
    "select * from SqlServiceAdvancedProperty where SQLServiceType = 1 AND PropertyName = 'SKUNAME'")
For Each objItem in colItems
    Wscript.Echo  objItem.PropertyStrValue
Next


Tuesday, February 26, 2013

Trimble Yuma2 Lan9500 PXE boot Usb to Ethernet Adapter

Trimble Yuma2 Lan9500 PXE boot Usb to Ethernet Adapter

For Latitude 10 or Trimble Yuma2 PXE booting you will need an adapter with a Lan9500 chipset.  Dell offer the following adapter but it does not work and is only Lan7500

Manufacturer Part# 49W1V
Dell Part# 331-9318

http://search.dell.com/results.aspx?s=gen&c=us&l=en&cs=&k=331-9318&cat=all&x=11&y=4

Wednesday, February 13, 2013

Google Earth Pro Repackaged for SCCM with license key

Tags: install google earth pro with license key

Google Earth Pro can be downloaded here http://www.google.com/earth/download/gep/agree.html

Select Version 7.0 and un-tick “allow Google Earth to install Recommended Updates Automatically”.  Most Enterprise software is highly controlled and making sure versions are consistent and understood is essential.

 

GoogleEarthProWin.exe can be installed silently with the following switch.

GoogleEarthProWin.exe /S /v/qn /V"/qn ALLUSERS=1"

 

Or you can extract the exe to get at the MSI using a tool like 7zip.  The switch here is: msiexec /i "Google Earth Pro.msi" /qn

 

The issue that most SCCM Admins face is how to deploy Google Earth Pro with the license details included in the package.

 

In my example I will use InstallShield to create an MST file to transform the MSI file.

 

Once you have installed GEP you will be prompted for the username and password credentials.  Input them, and click “Auto login”.

 (Please be careful when modifying the registry, i accept no responsibility)

Open Regedit and navigate to top level path representing your current user hive. i.e HKEY_Users\S-1-5-21-########

 

Right Click:  Software/Google/Google Earth Pro and export reg key ( i.e. C:\temp\gep\gep.reg)

Change the key path to HKLM and remove all entries except for, as below:

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Google Earth Pro]

"AData"=hex:

"HideUserData"=dword:00000001

"Passport"="Insert Password"

"Username"="Insert Username"

"DisableDeactivation"=dword:00000001

 

This is all that is required to for any user to open Google Earth Pro without being prompted for credentials.

Now open Installshield and create a new MST project.

Click on System Configuration\Registry\

Right click on HKLM and select Import Reg file… Select the Reg created above.

Save the project to make the MST file (GoogleEarthPro7.0.mst)

Now using the MSI extracted earlier you can transform the MSI with the following command line.

 

msiexec /i "Google Earth Pro.msi" TRANSFORMS=GoogleEarthPro7.0.mst /l*v C:\temp\Logs\GoogleEarthPro7.0.log /qn

Wednesday, January 9, 2013

SCCM DCM Symantec Backup Exec.Cloud

The intention this article is to provide an overview of DCM within SCCM and more importantly for some, the ability to create a baseline for Symantec Backup Exec.Cloud and generate a KPI.

The DCM node within SCCM is made up of two parts Configuration Baselines and Configuration Items. 

Right click on Configuration Items > New > Application configuration Item
  1. Identification: Provide a name and categor
  2. Detection Method: Select Use custom script (VBScript)
Option Explicit
                If(IsNWMInstalled()) Then
                WScript.Echo("SymantexCloudBackup")
                End If
                Function IsNWMInstalled()
                Dim objWMIService
                Dim Query
                Dim NWMInstalled
                Set objWMIService = GetObject("winmgmts:root/cimv2")
                Query = "SELECT * FROM Win32_Product WHERE IdentifyingNumber = '{735EF746-77A8-44E8-821F-4C77F038AA90}'"
                Set NWMInstalled = objWMIService.ExecQuery(Query)
                IsNWMInstalled = (NWMInstalled.Count > 0)
                Set objWMIService = Nothing
                Set NWMInstalled = Nothing
                End Function
3. Objects: Assembly, File/folder, registry key

4. Settings: WQL Query, Registry



5. Applicability: Select “All Windows platforms”.
6. Click next and Close on the following screens. Summary, Progress, Confirmation.
At this stage you have successfully created your Configuration item.  Next you will need to attach it to a Baseline.
Right click on Configuration Baselines > New Configuration Baselines
1. Identification: Provide a name
2. Set Configuration Baseline Rule: Select Application and General
a. Choose Configuration items: select the name that corresponds to the Configuration item we just created.  Click OK
3. Click Next and Close on Summary, Progress, and Confirmation.
4. Right click the baseline and click “View XML definition”
a. Make a note of the ScopeID near the top of the file.  The first instance of LogicalName will follow a string starting="Baseline_#######".  This is needed later in the post.
At this stage your Baseline has been created and should be assigned to a collection.  This simply means the baseline will look at the collection of computers and report whether the machines are compliant.
Going back to SCCM it is possible to create two sub-collections that will populate with compliant and non-compliant systems.  This way a program could be advertised to non-compliant systems to force them to be compliant.  A report can be generated on the back of this populated collection for KPI.

1. Create a collection called “Symantec” and two sub collections for “Compliant” and “non- compliant”
Right click the baseline and select “Assign to a collection”
1. Choose Baseline: the baseline will already be present as you right clicked it.
2. Choose collection: Browse to the Symantec collection, a group of machines you wish to run the baseline against.
3. Set Schedule: Simple schedule, Run every 1 days
4. Click Next and Close for Summary Progress and Confirmation.
If you connect to one of the client computers and open the Configuration Manager item within the control panel you will see the advertised baseline as well as the State “Compliant” “Non-Compliant” on the Configuration tab.

With the baseline run we can now look to the two sub collections and the query statement.
1. Right click on the collection “Complaint” and go to properties.
2. Select the membership tab and the generate a new SQL query.
3. Query Rule Statement:
a. Provide a name
b. Limit the collection to “Symantec” (the root collection)
c. Click on ‘Edit Query Statement’ and the Criteria tab
d. Add the following criteria 
i. The value “ScopeID” can be easily confirmed from the baseline XML file previously discussed.
4. Add another criteria item 

At this stage the "compliant" sub collection will only look at the “Symantec" root collection of computers for the baseline ScopeID defined; The compliance state must equal 1 (or compliant)
in order for the collection to populate.
The second sub collection "non-compliant" use the same logic as above but with a compliance state of 4 (or non-compliant).

Tuesday, January 8, 2013

Wordpress to Blogger migration; Publish to personal domain name 1and1

How to migrate from Wordpress to Blogger and to publish your blogspot.com address to your personal domain name - e.g. publishing www.syswow64.blogspot.com at www.syswow64.co.uk

NOTE: Work in progress
  1. Log in to blogger, select your Blog
  2. Select Settings > Basic > Publishing
  3. Click Advanced settings and enter your personal domain name and hit save.

  4.  
    • You will receive an error message since you do not have proven ownership of the domain
  5. If you have your domain name registered with 1and1.co.uk (basic account) you will not be able to follow the instructions as the CNAME is too long (more than 32 characters).
  6. I suggest you change your NameServer to point at byethost.com. You will not only be able to take full control of long CNAMES but you will be able to add 5 domains and share 1000MB for free.
1and1 nameserver instructions:

  1. Login to 1and1 and go to the "Domain Overview"
  2. Select the domain name and edit the DNS settings to point to byethost.com.





















Byethost Setup instructions:
  1. Register a free account with Byethost.com
(More to follow)

Thursday, January 3, 2013

Script Windows 7 Library

Question: What is the best way to script the creation of a Window 7 Library item within Explorer?

Answer:

Set oShell = CreateObject( "WScript.Shell" )
userp=oShell.ExpandEnvironmentStrings("%userprofile%")
strFolder = "" & userp & "\Documents\SymantecCloudBackup"
set objFSO = createobject("Scripting.FileSystemObject")

if objFSO.FolderExists(strFolder) = False then
 objFSO.CreateFolder strFolder

else

end if
WScript.Sleep 3000
set objShell = wscript.createObject("wscript.shell")
shlib1 = "cmd.exe /C C:\ProgramData\1E\NomadBranch\LDC0032F_Cache\shlib create %userprofile%\AppData\Roaming\Microsoft\Windows\Libraries\SymantecCloudBackup.library-ms"
shlib2 = "cmd.exe /C C:\ProgramData\1E\NomadBranch\LDC0032F_Cache\shlib add %userprofile%\AppData\Roaming\Microsoft\Windows\Libraries\SymantecCloudBackup.library-ms " & strFolder & ""
objShell.Run shlib1
objShell.Run shlib2

Script Windows 7 Library

Question: What is the best way to script the creation of a Window 7 Library item within Explorer?

Answer:

Set oShell = CreateObject( "WScript.Shell" )
userp=oShell.ExpandEnvironmentStrings("%userprofile%")
strFolder = "" & userp & "\Documents\SymantecCloudBackup"
set objFSO = createobject("Scripting.FileSystemObject")

if objFSO.FolderExists(strFolder) = False then
 objFSO.CreateFolder strFolder

else

end if
WScript.Sleep 3000
set objShell = wscript.createObject("wscript.shell")
shlib1 = "cmd.exe /C C:\ProgramData\1E\NomadBranch\LDC0032F_Cache\shlib create %userprofile%\AppData\Roaming\Microsoft\Windows\Libraries\SymantecCloudBackup.library-ms"
shlib2 = "cmd.exe /C C:\ProgramData\1E\NomadBranch\LDC0032F_Cache\shlib add %userprofile%\AppData\Roaming\Microsoft\Windows\Libraries\SymantecCloudBackup.library-ms " & strFolder & ""
objShell.Run shlib1
objShell.Run shlib2