hdbrandon06 Posted August 31, 2013 Share Posted August 31, 2013 Hi all,I'm attempting to install Server 2012 on a "headless" HP mediasmart home server via bootable USB flash drive.I'm testing my .ISO in a VM to make sure it works.With my autounattended.xml file, the OS installs perfectly without user interaction.Hower, my First LogonCommands are not working properly.Since this is headless....IE no video, I'll need to access the server via RDP when it's installed.I'm trying to enable RDP, but its not working.Though, I've sucessfully enabled RDP (in the VM) by running the same registry adds that I have in the .xml file.I've also tried using the full path to CMD> C:\Windows\System32\cmd.exe /c ....etcAny thoughts?Thanks in advancesautounattend.xml Link to comment Share on other sites More sharing options...
MrJinje Posted August 31, 2013 Share Posted August 31, 2013 (edited) Can you try running them from the setupcomplete.cmd stage instead of first logon stage. Easier to use setupcomplete.cmd for 'system' or machine-wide settings and keep the first logon scripts for 'per user' settings.http://technet.microsoft.com/en-us/library/hh825167.aspxThe reason why is that"Commands in the Setupcomplete.cmd file are executed with local system privilege." while your 'first logon' commands run with your users token (which may or may not be elevated).http://technet.microsoft.com/en-us/library/cc766314%28v=ws.10%29.aspx Edited August 31, 2013 by MrJinje Link to comment Share on other sites More sharing options...
hdbrandon06 Posted August 31, 2013 Author Share Posted August 31, 2013 Sounds good,But is the setupcomplete.cmd script in the Server2012 ISO somewhere?I'm seeing that it's called from C:\Windows\Setup\Scripts\SetupComplete.cmdExtracting the files now do to a search. Link to comment Share on other sites More sharing options...
hdbrandon06 Posted August 31, 2013 Author Share Posted August 31, 2013 MrJinje,I've been trying to figure out the process of SetupComplete.cmd.Is there a specific place I put the file in the .ISO image where it gets copied to C:\Windows\Setup\Scripts\SetupComplete.cmd?Or do I use FirstLogonCommands to mak the directory, and copy the file...from say a network share? Link to comment Share on other sites More sharing options...
MrJinje Posted September 1, 2013 Share Posted September 1, 2013 I add the $OEM$ folder structure inside the 'sources' folder on the DVD or USB. That way it gets copied to the correct location during install.http://www.msfn.org/board/topic/151863-oem-folders/http://technet.microsoft.com/en-us/library/cc766228%28WS.10%29.aspxDVDRoot\Sources\$OEM$\$$\Setup\Scripts Link to comment Share on other sites More sharing options...
MrJinje Posted September 29, 2013 Share Posted September 29, 2013 (edited) Here is how I ended up creating my first logon command via my unattend.xml. I still do the HKLM stuff via the setupcomplete.cmd, but for HKCU, this is the only way to go.Note that to open powershell and retain synchronicity from FirstLogonCommands, I used "cmd /c start /wait". <FirstLogonCommands> <SynchronousCommand wcm:action="add"> <CommandLine>cmd /c start /wait C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\Setup\Scripts\FirstLogon.ps1</CommandLine> <Description>First Logon</Description> <Order>1</Order> </SynchronousCommand> </FirstLogonCommands>You can probably throw in some other powershell options as well, like -sta orcmd /c start /wait C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -nologo -noninteractive -WindowStyle Hidden -command "& {C:\Windows\Setup\Scripts\FirstLogon.ps1}" Edited September 29, 2013 by MrJinje Link to comment Share on other sites More sharing options...
maxXPsoft Posted October 6, 2013 Share Posted October 6, 2013 MrJinjeWhen windows first Installs the ExecutionPolicy is RestrictedI don't know how you are getting around that during an Unattend?I've been playing with something like this from a cmd promptpowershell -command "Set-ExecutionPolicy RemoteSigned"powershell -command "Get-ExecutionPolicy"RemoteSigned Link to comment Share on other sites More sharing options...
MrJinje Posted October 7, 2013 Share Posted October 7, 2013 (edited) Actually, I use a .reg from SetupComplete.cmd, but same effect.regedit /s %~dp0Set-ExecutionPolicy.regstart /wait %SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe %~dp0Kicker.ps1Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="RemoteSigned"and have this inside the kicker.ps1 which is running under 'local system' privilege because it is called from SetupComplete.cmd.Set-ItemProperty -Path "registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0Set-ItemProperty -Path "registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name "fSingleSessionPerUser" -Value 0 I've been playing with something like this from a cmd prompt powershell -command "Set-ExecutionPolicy RemoteSigned"@max, if it doesn't work, throw a 'start /wait' around it as powershell takes a second to load and we need to wait before calling the next line. Maybe that was why I went with the .reg cause it processed it quicker. (or reg.exe)start /wait powershell -command "Set-ExecutionPolicy RemoteSigned" Edited October 7, 2013 by MrJinje Link to comment Share on other sites More sharing options...
maxXPsoft Posted October 7, 2013 Share Posted October 7, 2013 (edited) Looks like Microsoft-Windows-TerminalServices-LocalSessionManager fDenyTSConnections only applies to ServerBut those 2 settings are set to a 1 in Windows 7 and 8.1 Edited October 7, 2013 by maxXPsoft Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now