Frustrating Image Problem

[kingsc]

You are asking for a world of hurt by trying to manually mess with the default user hive. The only way to properly do what you want is through a scripted installation, setting the registry at T-12.

The default user hive contains unique placeholders for SIDS, and other registry setting that get populated when a new user logs on. It also contains registry ACL's that won't transfer to another account properly if you use a hive from another user.

This is why good administrators don't deploy XP with images.

If this is possible, I'd love to know how. I looked over the deployment guide and ref.chm to try and find some parameters that even lets me do something like this. Please enlighten me. Thanks.

[kingsc]

Also found another procedure, tried doing a dumb compy of everything in the test user folder to the default folder. This didn't work either... created a new profile and even when viewing from a different profile it shows that profile's stuff as "My Docs, pics, etc."

[kingsc]

You could have a logon script that's run first time they logon to make the file.

Something like this would work

@echo off
echo [DeleteOnCopy] >"%userprofile%\My Documents\desktop.ini"
echo Owner=%username% >>"%userprofile%\My Documents\desktop.ini"
echo Personalized=5 >>"%userprofile%\My Documents\desktop.ini"
echo PersonalizedName=My Documents >>"%userprofile%\My Documents\desktop.ini"
attrib +h +s "%userprofile%\My Documents\desktop.ini"

and then change the default user profile HKCU\%username%\Software\Microsoft\Windows\CurrentVirsion\RunOnce

and put a key in there to run the batch script

Well, after correcting the code a bit it executed properly, however I couldn't figure out how to get it to run in a runonce from the default user profile.... if .DEFAULT 'is' in fact the default? I created a key under HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion called RunOnce since it wasn't there, only run was but it didn't work...

EDIT - Just noticed that .DEFAULT does not appear to be the default profile... I think? If I browse through that hive, the desktop wallpaper doesn't match what it should be ..... GRRRRRRRRrrRRRrr

Edited March 30, 2009 by kingsc

[cluberti]

EDIT - Just noticed that .DEFAULT does not appear to be the default profile... I think? If I browse through that hive, the desktop wallpaper doesn't match what it should be ..... GRRRRRRRRrrRRRrr

.DEFAULT is the system profile (the one you see at CTRL+ALT+DEL. It's not the "Default User" profile.

[os2fan2]

The default user is last used by setup in the second-last boot, and the ntuser.dat file here reflects this. It is not the default profile.

The default profile, as by hku\.default is the file %systemroot%\system32\config\default.

[kingsc]

The default user is last used by setup in the second-last boot, and the ntuser.dat file here reflects this. It is not the default profile.

The default profile, as by hku\.default is the file %systemroot%\system32\config\default.

So could anyone tell me how to edit this and re-import it into the registry?

Or could anyone tell me what parameters in the ntuser.dat file that I can supposedly edit to fix this? I can't find anything readable that partains to my issue.

EDIT - Asked 3 of my instructors last night, no answer found.

Edited March 31, 2009 by kingsc

[Noise]

Seriously Kingsc, I'm not trying to be a jerk here - you are going about this the wrong way. Direct editing of the default user hive is a BAD THING. You may hack it enough to get it where you think it will work, but later on you will find you have a very buggy Windows installation. Things like certificate stores and network authentication will break, all kinds of bad things happen - they just may not happen right away. When you join a domain the default registry hive will be in the NETLOGON share.

The default user registry hive is probably one of the most complex things in windows, it's not as simple as you may think. If you don't do a scripted installation then you should research group policies and create custom ADM files. Or make a logon script that simply loads HKCU entries when people logon. But directly messing around with the ntuser.dat file IS NOT the way to do what you want.

[kingsc]

Seriously Kingsc, I'm not trying to be a jerk here - you are going about this the wrong way. Direct editing of the default user hive is a BAD THING. You may hack it enough to get it where you think it will work, but later on you will find you have a very buggy Windows installation. Things like certificate stores and network authentication will break, all kinds of bad things happen - they just may not happen right away. When you join a domain the default registry hive will be in the NETLOGON share.

The default user registry hive is probably one of the most complex things in windows, it's not as simple as you may think. If you don't do a scripted installation then you should research group policies and create custom ADM files. Or make a logon script that simply loads HKCU entries when people logon. But directly messing around with the ntuser.dat file IS NOT the way to do what you want.

Alright, I hear you, let me recap however.

I've been using this image, for over 6 months, in a company environment, that's accessing SQL servers, SharePoint, accounting systems, file servers, exchange... and absolutely NO issues.

The only issue is one that I can only see myself, or by another admin. It doesn't do any harm to the system. It's not 'that' big of a deal. I fear however, if I go to the next step of my image, where I create two seperate partitions, it may become an issue. I can't believe this is 'that' hard to fix. I also can't believe that no one can fix it or that Microsoft hasn't pulled this procedure off their system, maybe they don't even know it breaks their OS?

All I need to know, if there are any computer scientists out there, or programmers, or whatever... is where in the registry is the naming, or mirroring or whatever the proper term is, of new accounts from the default user account. I'm beginning to wonder if it's actually in ntsuer.dat. But it has to be, if what causes it is copying your reference profile to your default.

PLEASE someone, try it yourself inside a VM if you have one.

1. Follow the instructions provided in Microsoft's KB319974. Name your profile TESTUSER.

2. Create a new profile, then log into it.

3. Log out of it, and then log into any profile EXCEPT the new one that was created using your modified default user account.

4. Navigate to c:\documents and settings\<new profile from modified default user>\

You will see instead of <new profile from modified default user>'s Documents, TESTUSER's documents. I'm about willing to buy a gift card for anyone who can fix this!!!

[kingsc]

You could have a logon script that's run first time they logon to make the file.

Something like this would work

@echo off
echo [DeleteOnCopy] >"%userprofile%\My Documents\desktop.ini"
echo Owner=%username% >>"%userprofile%\My Documents\desktop.ini"
echo Personalized=5 >>"%userprofile%\My Documents\desktop.ini"
echo PersonalizedName=My Documents >>"%userprofile%\My Documents\desktop.ini"
attrib +h +s "%userprofile%\My Documents\desktop.ini"

and then change the default user profile HKCU\%username%\Software\Microsoft\Windows\CurrentVirsion\RunOnce

and put a key in there to run the batch script

Dude..... Problem SOLVED. Thank you SOOOOOOOOOOOOOOO much. My lack of knowledge made it harder to understand what you were telling me to do.. but once I figured it out, works perfectly! THANK YOU!! Just to show you the things I had to change:

1. Code is perfect but you need a attrib -h -s line before you start appending the echos.

2. You load the default user ntuser.dat file, browse to HKU\defuser(what I named it during load)\software\microsoft\windows\current version\RunOnce(Created, not there normally).

3. create string value point to the batch file. The batch file I placed in the root of the default user profile.

4. UNLOAD THE HIVE. I kept forgetting to do this. ;p

4. Jump for joy.

Again Ninja, thank you!

EDIT - LOL... darnit that just fixes the my docs folder... still gotta fix the my pics, etc..... DARNIT!

Edited April 2, 2009 by kingsc

[kingsc]

Fixed those too, based on your previous code.

attrib -h -s "%userprofile%\My Documents\desktop.ini"
echo [DeleteOnCopy] >"%userprofile%\My Documents\desktop.ini"
echo Owner=%username% >>"%userprofile%\My Documents\desktop.ini"
echo Personalized=5 >>"%userprofile%\My Documents\desktop.ini"
echo PersonalizedName=My Documents >>"%userprofile%\My Documents\desktop.ini"
attrib +h +s "%userprofile%\My Documents\desktop.ini"

attrib -h -s "%userprofile%\My Documents\My Music\desktop.ini"
echo [DeleteOnCopy] >"%userprofile%\My Documents\My Music\desktop.ini"
echo Owner=%username% >>"%userprofile%\My Documents\My Music\desktop.ini"
echo Personalized=13 >>"%userprofile%\My Documents\My Music\desktop.ini"
echo PersonalizedName=My Music >>"%userprofile%\My Documents\My Music\desktop.ini"
echo [.ShellClassInfo] >>"%userprofile%\My Documents\My Music\desktop.ini"
echo InfoTip=@Shell32.dll,-12689 >>"%userprofile%\My Documents\My Music\desktop.ini"
echo IconFile=%SystemRoot%\system32\SHELL32.dll >>"%userprofile%\My Documents\My Music\desktop.ini"
echo IconIndex=-237 >>"%userprofile%\My Documents\My Music\desktop.ini"
attrib +h +s "%userprofile%\My Documents\My Music\desktop.ini"

attrib -h -s "%userprofile%\My Documents\My Pictures\desktop.ini"
echo [DeleteOnCopy] >"%userprofile%\My Documents\My Pictures\desktop.ini"
echo Owner=%username% >>"%userprofile%\My Documents\My Pictures\desktop.ini"
echo Personalized=39 >>"%userprofile%\My Documents\My Pictures\desktop.ini"
echo PersonalizedName=My Pictures >>"%userprofile%\My Documents\My Pictures\desktop.ini"
echo [.ShellClassInfo] >>"%userprofile%\My Documents\My Pictures\desktop.ini"
echo InfoTip=@Shell32.dll,-12688 >>"%userprofile%\My Documents\My Pictures\desktop.ini"
echo IconFile=%SystemRoot%\system32\mydocs.dll >>"%userprofile%\My Documents\My Pictures\desktop.ini"
echo IconIndex=-101 >>"%userprofile%\My Documents\My Pictures\desktop.ini"
attrib +h +s "%userprofile%\My Documents\My Pictures\desktop.ini"
pause