FirstLogonCommands in unattend.xml do not work

[palios]

Hello. I have created an unattend answer file to be used with a windows 10 image and I am experiencing an issue. I have placed a powershell command under the "FirstLogonCommands" but it is never run. Here is my answer file:

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
	<settings pass="oobeSystem">
		
		<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
			<InputLocale>en-US</InputLocale>
			<SystemLocale>en-US</SystemLocale>
			<UILanguage>en-US</UILanguage>
			<UILanguageFallback>en-US</UILanguageFallback>
			<UserLocale>en-US</UserLocale>
		</component>
		
		<component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
			<InputLocale>en-US</InputLocale>
			<SystemLocale>en-US</SystemLocale>
			<UILanguage>en-US</UILanguage>
			<UILanguageFallback>en-US</UILanguageFallback>
			<UserLocale>en-US</UserLocale>
		</component>
		
		<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
			<OOBE>
				<HideEULAPage>true</HideEULAPage>
				<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
				<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
				<ProtectYourPC>1</ProtectYourPC>
				<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
			</OOBE>
			<FirstLogonCommands>
				<SynchronousCommand wcm:action="add">
					<CommandLine>Powershell -Command "Set-ExecutionPolicy RemoteSigned -Force; $LanguageList = Get-WinUserLanguageList; $LanguageList.Add('el-GR'); Set-WinUserLanguageList $LanguageList -Force; tzutil /s 'GTB Standard Time'; set-culture en-GB; Powercfg /Change standby-timeout-ac 0; Powercfg /Change standby-timeout-dc 0;"</CommandLine>
					<Description>Add Greek language to input languages, Set time zone to UTC+02:00, Set region to en-GB (User Locale), Change Sleep settings to "Never"</Description>
					<Order>1</Order>
					<RequiresUserInput>false</RequiresUserInput>
				</SynchronousCommand>
			</FirstLogonCommands>
		</component>
		
		<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
			<OOBE>
				<HideEULAPage>true</HideEULAPage>
				<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
				<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
				<ProtectYourPC>1</ProtectYourPC>
				<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
			</OOBE>
			<FirstLogonCommands>
				<SynchronousCommand wcm:action="add">
					<CommandLine>Powershell -Command "Set-ExecutionPolicy RemoteSigned -Force; $LanguageList = Get-WinUserLanguageList; $LanguageList.Add('el-GR'); Set-WinUserLanguageList $LanguageList -Force; tzutil /s 'GTB Standard Time'; set-culture en-GB; Powercfg /Change standby-timeout-ac 0; Powercfg /Change standby-timeout-dc 0;"</CommandLine>
					<Description>Add Greek language to input languages, Set time zone to UTC+02:00, Set region to en-GB (User Locale), Change Sleep settings to "Never"</Description>
					<Order>1</Order>
					<RequiresUserInput>false</RequiresUserInput>
				</SynchronousCommand>
			</FirstLogonCommands>
		</component>
		
	</settings>
</unattend>

What bothers me is, that when I manually run that command after OOBE finishes, the command is executed perfectly.
I have also tried replacing that command with:

1. cmd.exe /c powershell -command "COMMANDS"
2. powershell .exe COMMANDS (without quotes)
3. %WINDIR%\System32\cmd.exe /c powershell -Command "COMMANDS"
4. %SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe COMMANDS (without quotes)

Nothing seems to work and I cannot understand why. All the other sections in the answer file are processed correctly without any issues. Also, I am trying to avoid creating a batch file that has the script inside, since I only want to use just one answer file to execute a simple powershell command.

Any help would be highly appreciated. Thanks.

[Tripredacus]

The unattend if not perfect, there have been times that certain characters in the XML cause a problem with the parser. Take a look at the generated unattend.xml in c:\windows\panther to see if your commands survived parsing.

First is to add into your ps command something like Write-EventLog. Because while you can see in the setupact.log in the UnattendGC folder whether or not the command is executed, you cannot see anything further. To see if the command is run at all, just have it write to event log. If that works then you know there is something wrong with your line item.

Second is to have a .cmd file in your Commandline and then inside of the .cmd you put in your powershell commands. Or alternatively, you can call powershell and have your commands in a .ps1 file.

A thing to remember as well is that the FirstLogonCommands in the xml has two conditions:
- it runs under the context of the user account that is the first to log into Windows after OOBE. If this account does not have sufficient priveledges, it may fail because messages will be suppressed or will appear in Session 0. (You can see indications that this happens in Windows on the regular because you can sometimes find an event with text like "tried to show the user a message but failed" or something like that (I can't remember exactly) where a dialog box is generated in a session other than the one the User runs in.
- it runs via the 32bit cmd.exe. This is usually only an issue when trying to write to specific parts of the registry, but could potentially cause issues beyond that I am not aware of.

[palios]

8 hours ago, Tripredacus said:

The unattend if not perfect, there have been times that certain characters in the XML cause a problem with the parser. Take a look at the generated unattend.xml in c:\windows\panther to see if your commands survived parsing.

First is to add into your ps command something like Write-EventLog. Because while you can see in the setupact.log in the UnattendGC folder whether or not the command is executed, you cannot see anything further. To see if the command is run at all, just have it write to event log. If that works then you know there is something wrong with your line item.

Second is to have a .cmd file in your Commandline and then inside of the .cmd you put in your powershell commands. Or alternatively, you can call powershell and have your commands in a .ps1 file.

A thing to remember as well is that the FirstLogonCommands in the xml has two conditions:
- it runs under the context of the user account that is the first to log into Windows after OOBE. If this account does not have sufficient priveledges, it may fail because messages will be suppressed or will appear in Session 0. (You can see indications that this happens in Windows on the regular because you can sometimes find an event with text like "tried to show the user a message but failed" or something like that (I can't remember exactly) where a dialog box is generated in a session other than the one the User runs in.
- it runs via the 32bit cmd.exe. This is usually only an issue when trying to write to specific parts of the registry, but could potentially cause issues beyond that I am not aware of.

Thank your for your thorough answer. I will try your suggestions and see if I can come up with a solution.