I am writing an automation the deployes several machines and installs several programs on them.
One of the steps a user would do manually is logging off and on to a windows computer as part of an installation process.
Can someone please point me to relevant links so i can understand how to simulate a logging in process into windows without a gui?
I mean i need to make the machine think someone logged in to it and i am using only powershell.
launching mstsc does not do the trick because i cant overcome the request for certificate (I need an automatic process but i did not find a way to silence the certificate warning)
I searched for a couple of days and could not find what I was looking for.
Thank you for your help!
It's just an idea. Perhaps you can first make the image of the machines with automatic logon , install the software and finally remove the automatic logon ?
This link has details about Automatic Logon
http://support.microsoft.com/kb/315231
Related
We have the following problem. We want to be able to install software without UAC and then later on switch the user and have UAC enabled. With the help of BrekIT (brekit.com) we then automate an installation process with UAC enabled.
In order to be able to be flexible we need to have a solution where we can toggle between UAC on and off without user interaction. It's executed in a secured test area so we don't need to worry about possible security risks.
Also worth to note. We use a vSphere Server with many vm's for testing. Perhaps with vmware there might be an alternate easier solution.
Thank you very much!
Julian
The short answer is that this is not possible. Imagine the security implications: All malware has to do is temporarily disable UAC, install the payload, and enable it again. Sorry.
Before I start, another post for something similar to this request for help is located at Running a process at the Windows 7 Welcome Screen, but the responses were not quite what I believe I am looking for, and the post is over a year old so I thought it best to start a new thread for my needs.
In Windows 7 Ultimate, I am trying to create a script or task scheduler event that will run a Windows "rundll32.exe" process with arguments at the logon, lock, and switch user screens (basically any screen that is waiting for user to log into the machine).
I have tried using the startup script controls in group policy editor as well as creating a task scheduler event, but so far I am unable to get the process to display on the logon screens.
The command line I am using does work while logged into any account at any user level via the "Run.." dialog as well as via CMD prompt, and is only creating a popup that already exists in the Windows OEM Environment.
The hardest part is this: My friend just bought a new laptop. The new laptop came with this specific feature already enabled, but I have no idea what is making it happen and do not have access to the computer to check out gpedit.msc and task scheduler for possible solutions.
There are two reasons why I need this info: 1) I want the feature to work on my own laptop, and 2) my friend would like help disabling it on his as he doesn't like it.
I have been all over Google, posted at Microsoft Answers, and also posted on the laptop manufacturer's user forums. I have found very few pages that refer to the same question as I have, but none have answers that work, and since I have seen and know that this is possible, I am compelled to continue looking.
The laptop that this is currently working on was purchased with a fresh install of Win 7 Ultimate and no manufacturer bloatware/additional software added, so we know that the feature was made to happen by whomever it was that installed the OS and configured it for sale. Therefore I am certain it is just a matter of the right task or script in Windows itself before I see the results I need and then know how to direct my friend to disable his via phone.
The specific call is "rundll32.exe van.dll,RunVAN". In task scheduler I have set this to run as "SYSTEM" and set the triggers for startup, workstation lock, and local disconnect. I have tried using full path to rundll32.exe as well as the bare command. In gpedit startup scripts I have tried full path and bare command. Neither of which for either case is making this popup show on the logon screens.
Any and all help and/or advice on this would be greatly appreciated by both myself and my friend.
dynamic display of images for the credential provider
I'm trying to run only the browser in the system - locking access to everything else. Only the supervisor can resume the normal functioning of the system after giving a password.
This kind of activity is usually done by virus. Disabling the registry for Task manager etc. Does anyone know of any source available that does this? I might be able to pull it off in Windows XP. But have anyone tried this in Windows 7 ?
The aim is to to emulate the Chrome OS on Windows. Only the browser. Nothing else.
Sounds like you're after Kiosk Mode. Knowing that, a little searching gives a guide to what to do.
AFAIK, What you are attempting is NOT natively possible on windows.
You best bet would be to write a program that runs in the background and monitors for any processes apart from the browser being launched.
It should immediately terminate the "unauthorised" processes as soon as they are created.
Also using the group-policy manager restrict access to the task-manager to prevent the user from stopping this process.
Contact me if U require help in writing the above program
2.6Kilohertz#gmail.com
GOOD LUCK!!
I am working on some Automation Project where one needs to perform some action related to display resolution.Change the Display resolution , Lock the Desktop and then Unlock Desktop again to check that resolution remained same.
I am able to perform LockWorkstation but unable to have any thing for Unlock Workstation.
Can any body help me regarding unlocking Display with help of C# and in Win 7 ?
I heard of GINA dll which can help ,but I dont know anything about it.Can this be used for Win7 and .NET 3.5?
Thanks
_Prat.
I don't think that doing this is technically feasible. GINAs were deprecated after XP and the new way to provide custom authentication in Vista/Win7 is to use the ICredentialProvider
interface. Even if you get this working you'll still have to somehow send the the secure attention sequence, i.e. ctrl-alt-delete, to initiate the logon. Sending ctrl-alt-delete programmatically is itself something that is difficult to do and not really supported.
This sounds like a lot of work for some automation and probably won't have much ROI. Can you test this by logging the user off completely and then logging back in? If so, then you could set your test machine to auto-logon the user. When you log-off it will shut down the session and then promptly log the user back in and you could check if the resolution is what you expect.
The title says it. I'm looking for a way to determine exactly which file/registry key this executable is attempting to access. I have attempted to use Windows auditing capabilities and Process Monitor to determine where the failure is happening but, this failure does not produce audit failure events or show as access denial in Process Monitor.
Of course, If someone has experienced this and can provide a solution to resolve the error directly that would be almost as nice.
Background:
I am using moveuser.exe which is part of the Windows Server 2003 Resource Kit Tools to convert the security of local user profiles on a number Windows XP workstations.
Symptom:
Occasionally, moveuser.exe will fail to convert the security of a profile with the error "Error: 5 access denied". I have not been able to determine any commonality among the failing accounts or the computers they reside upon. A given computer may have host 6 profiles, 5 of which convert without issue and 1 which produces the error.
There are a few factors that I'm as sure as I can be about:
-The account I'm using to run moveuser.exe with has full Administrator rights to the local machine and the domain to which the profile security is being converted.
-The failure is not related to file permissions within the profile directory (the entire directory can be moved, renamed, deleted, or successfully converted via a workaround).
I've developed a reliable workaround for these cases but, it is fairly involved and I would much rather understand the root cause of this error and correct it pre-emptively.
My workaround (glad to share it, left out for brevity) seems to indicate that the failure is related to HKEY_LOCAL_MACHINE \ SOFTWARE\ Microsoft\ Windows NT \ CurrentVersion \ ProfileList registry keys but, I cannot determine exactly how/why.
Did you try to use the "regini" command line tool to grab registry permissions for the administrator account?
Use FileMon and RegMon (now Microsoft, formerly SysInternals, still free) to monitor what exactly is being accessed, how, and what rights/access are being requested.
I don't have a URL handy, but a Google search should be able to hook you up with these tools.
A couple items I would try. First, could it be that the user was logged in and the computer hasn't been rebooted. Microsoft has a product called UPHClent which helps in unloading unneeded user hives.
Next thing I wanted to know, is if you try rebooting before running the moveuser executable. This Conversation seems to indicate this would help with this kind of error.
Two days after posting this I got to the bottom of the problem. It turned out, just as Rob Haupt suggested to be related to a stuck user hive. The program I was running, moveuser, was reading the Refcount key found under HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ ProfileList\ <SID>\ and ending immediately.
Setting Refcount to 0 solved the problem immediately
Pushing out UPHClean to all the target machines pre-emptively has all but elimated the problem and we were able to successfully convert profiles on several hundred machines over the last week.
An important note about UPHClean:
I'd tried installing it previously but, it didn't appear to help. I was too impatient, the UPHClean ReadMe revealed that the service just takes time to do its job.