Coolsights2000 Posted September 3, 2004 Share Posted September 3, 2004 Hi All!As you all know when you install Windows XP Pro Corp At the end you have to pick a profile name.. Well from then on you might as well throw the real Default User profile out the window,, cause any changes that you make are really going into the profile that was created at the First logon stage.. HKCU yes I know the HKLM keys are common...It took me a few days to dig up the info on the internet and I have made it so it will put you on the default desk top.. then continue with the installations of your favorite programs... I was surpised it only took a few lines of Code..Follow the direction on this page for creating a userhttp://unattended.msfn.org/xp/autologon.htmChanges These lines to read Don't use a password net user "Default User" /addnet localgroup Administrators "Default User" /addnet accounts /maxpwage:unlimitedREGEDIT /S autologon.regEXITWindows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"DefaultUserName"="Default User""DefaultPassword"="""AutoAdminLogon"="1"When the system reboots it will give you a profile call Default User.DomainWe will use the runoneEX keys to Change the ProfileImagePath from the Default User.Domain to the real hidden Default user ....Here is how...In your runoneex.cmd put this at the beginningI would have loved to do this sooner But the keys are not there until you login to a profile,,, NOTEIf you notice if you never log into the admin profile you never see one in the file folder.. Same here you have to login at least oncecmdow @ /HID@echo offSET KEY=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceExREG ADD %KEY% /V TITLE /D "Preparing Default User Profile Stage 1" /fREG ADD %KEY%\000 /VE /D "Default User Swap" /fREG ADD %KEY%\000 /V 1 /D "%XPCD%\~SIDefaultuser\~SIDefaultuser.cmd" /fREG ADD %KEY%\000 /V 2 /D "%XPCD%\~SIDefaultuser\~SIDShutDownBlocker.cmd" /fYou can include you keys too cause when it reboots it will start with the next runonceex keysThe following are the files that it calls~SIDefaultuser.cmd cmdow @ /HID@echo offClsTITLE SID FinishECHO.ECHO SID Finish%XPCD%\~SIDefaultuser\Sid.vbsStart /wait shutdown.exe -r -f -t 60 -c "Windows XP will now restart in 1 minute And you will be on the Default User Profile"ECHO.ECHO Restarting the PC in 1 minute...EXIT~SIDShutDownBlocker.cmd <<<--- This pause the runonceex from going on to your keys until after it reboots..... It is hiddencmdow @ /HID@echo offClsTITLE SID Swap ShutDown Continue BlockerECHO.ECHO SID Swap ShutDown Continue BlockerECHO.ECHO This is a hidden PauseECHO For the ~SIDefaultuser.cmdECHO To finish the profile swapPauseEXITSid.vbsOn Error Resume NextDIM HKLMLOCstrComputer = "."Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")Set colItems = objWMIService.ExecQuery("Select * from Win32_Account",,48)For Each objItem in colItems If objItem.Name = "Default User" then HKLMLOC = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\" & objItem.SID & "\ProfileImagePath" Set WshShell = WScript.CreateObject("WScript.Shell") WshShell.RegWrite HKLMLOC,"%SystemDrive%\Documents and Settings\Default User","REG_EXPAND_SZ" END IFNextAlso if you installed NET Frame hide it along with the Admin somewhere in the GUI-mode setup meger this into the registerWindows Registry Editor Version 5.00;Disable ASPNET and Administrator User[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]"ASPNET"=dword:00000000"Administrator"=dword:00000000You are on your own as far as getting rid of the folder C:\Documents and Settings\Default User.DomainYou don't need it anymore trash it...What ever you do don't get rid of the plain folderC:\Documents and Settings\Default Usercause that is what you are using after the swap...Enjoy being on the default Desktop,,, Enjoy Mac!P.S. I never Ran Profiles in windows 98SE cause of the way the register works ,,I always kept it at one level with no profile folder. I don't see a way around that in XP yet.. Link to comment Share on other sites More sharing options...
evilvoice Posted September 3, 2004 Share Posted September 3, 2004 have a question about this...does this mean that HKCU keys entered here will work for any user created after? ie, the reason for running reg tweaks at cmdlines.txt is so that it gets put on default user so that when administrator is created, it will have the same tweaks...so now that we are on default user profile, any hkcu keys entered here will be put in say "John" if john is created 5 days after (default time...5 days...could be any amount of time) just trying to get a feeling for why we would want to do this. Link to comment Share on other sites More sharing options...
MHz Posted September 3, 2004 Share Posted September 3, 2004 If I understand this correctly. You are taking over the default profile and disabling all others. So, that means that any new users will inherit all your reg entries. No admin account if something goes wrong? No clean default user profile, so users cannot adjust to thier tastes.If true, cannot see any good in this practice.Why not just take over the admin account? Link to comment Share on other sites More sharing options...
Coolsights2000 Posted September 3, 2004 Author Share Posted September 3, 2004 LOL Let Me explain Cause the way the register works is confusing Once you see the light you will jump up and shout! I see the light...... B) This is for setting up the computer then you can span out and create users then all users will have the default users keys, Once you create a user they will be on there own and can configure there desktop how they like as long as what they are changing is in the HKCU keys,,, It make no matter about the HKLM cause they are shared and if I change something on my desktop that uses the HKLM then you will see it on yor desktop, and visa versa,, Only the HKCU sections goes with a users desktop...Yes to evilvoice that is why I want to stay on the default desktop and install everthing then branch out to extra users....... just like what you are trying to do in the cmdlines.txt is so that it gets put on default userALL ACCOUNTS COME FROM THE Hidden Default userWhen you create that admin profile at logon and install software then create a user they get nothing in the HKCU keys...Cause they get the HKCU keys from the Default user profile which has not been updated cause you where updating the admin HKCU not the default user account,,,And as far as Mhz question NO i'm not takong over the town and kicking you out... All the stuff that gets loaded go into the default user profile,,, Then branch outand as far as creating a fresh user if you have a problem just remember the ADMIN and the default user share the HKLM with all users so if the misshap is in the HKLM you get the mishap to .. So in reality there is no fresh clean admin or default user once people start using the register cause the HKLM is shared,,,If the mishap is in someonces HKCU then you may be able to save them by comparing the HKCU or just make them a new desktop.. It is confusing YES it is..You can take the restriction out to hide the admin account after you get done then create a admin account the hid it again. if you want,,, And no I didn't stop you from making more accounts,,, If you have never made a admin account you will not see one in the file folders anyway...So when you have a problem it is to late to thing about the admin account which is joke anyway if the mishap is in the HKLM........ I'm confused,,,This is a good tutorial on the basicshttp://www.winguides.com/article.php?id=1&guide=registryThis is the site that I started learning from the old timers on how it all worked It has gone to the dogs as far as the forum goes cause most of the old tiimers have left... The old timers new there stuff .....LOL Just think of the register like the CD players with the flat tray where you can lay 5 CD's on... OK now when you want to play a cd you hit the button till the CD you want starts to play..........if one CD get messed up you can just replace that one CD that is the HKCU and the HKLM is the whole player if it gets messed none of the CD's will play,,, No matter what you do.. The CD player BOX is the HKLM....Admin and the hidden default user clean desktop is a joke.... The admiin and the hidden default user takes up two of those CD spaces except there is a plastic cover over the Default user CD so you canNOT see it or touch it or replace it... I have removed the plastic cover over the default user CD... Darn where did that come from.. You say.. And that Admin Cd is not installed until you put the CD in the tray by default The HKCU keys for the admin are never created unless you log in to the desktop or profile at least once... JUST a blank stop label admin and there is no CD in the slot...And in reallity 2 of the 5 spots is used up one is label admin and no other CD will play in that spot and there is no CD in ther,, and one CD that will never play cause of the plastic cover..........HUM you say Do you see the light yet! Mac! Link to comment Share on other sites More sharing options...
evilvoice Posted September 3, 2004 Share Posted September 3, 2004 GOOD GOD!!!! Coolsights2000 you expect me to read ALL THAT? LOL...im just playing...good show...glad someone figured this out...personally, I think this is great, now im gonna have to figure out how I want to do this since im using xplode...Here is another question...if doing this the way you specified, is an administrator user created (not the group, the user)? I wonder because although Administrator is a great name, I would like to call it something else, and dont really wanna call it something else if Im gonna have Docs and Settings folder with Administrator folder inside... Link to comment Share on other sites More sharing options...
Anderz Posted September 3, 2004 Share Posted September 3, 2004 ****, this was a great guide. Thanks mate! Link to comment Share on other sites More sharing options...
evilvoice Posted September 3, 2004 Share Posted September 3, 2004 a couple of changes...maybe, maybe not...these are for Coolsights2000 to see if he thinks this will workin cmdlines.txt"usersetup.cmd"usersetup.cmd (this deletes ASPNET and other users not needed..deletes guest also...taken from raverod and benners)@echo offcmdow @ /HIDtitle Setup Accountsrenuser Guest Disablednet localgroup guests Disabled /deletenet user aspnet /deletenet user HelpAssistant /deletenet user SUPPORT_388945a0 /deleteclsnet user "Default User" /addnet localgroup Administrators "Default User" /addnet accounts /maxpwage:unlimitedREGEDIT /S autologon.regexitautologon.regWindows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"DefaultUserName"="Default User""DefaultPassword"="""AutoAdminLogon"="1";Disable Administrator User[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]"Administrator"=dword:00000000runonceex.cmdREG ADD %KEY%\000 /VE /D "Default User Swap" /fREG ADD %KEY%\000 /V 1 /D "%systemdrive%\Install\~SIDefaultuser\~SIDefaultuser.cmd" /fAll four of those go in $OEM$ folder------------------------------------------~SIDefaultuser.cmd (changed so runonceex does not continue)TITLE SIDFinishcmdow @ /HID@echo offClsECHO.ECHO SID Finish%systemdrive%\Install\Applications\~SIDefaultuser\Sid.vbsStart /wait shutdown.exe -r -f -t 60 -c "Windows XP will now restart in 1 minute And you will be on the Default User Profile"ECHO.ECHO Restarting the PC in 1 minute...pauseEXITsid.vbs stays the same and I think thats it...all sid files go in $OEM$\$1\Install\Applications\~SIDefaultuser (I use install\applications, but could be anything) Link to comment Share on other sites More sharing options...
Coolsights2000 Posted September 3, 2004 Author Share Posted September 3, 2004 OH my evilvoiceWhen you clean house you clean house...Great Idea! to add.........I saw those other hidden profiles but I didn't know if you could leagally get rid of them... If you can and we don't need them that is better,,, ????????????The profile folders are never created cause we never log in on them so they are gone any way... As far as the admin it is really a figment of your imaginations,,admin rights and the admin profile are to different things... Admin is really another user with all rights enabled.. .......it is created from the default user folders.. when you log into the admin profile.. JUST A FANCY word for BULLS**T the SID is reserved and hidden.......So that code in your ~SIDefaultuser.cmd stops it from continue, HUM will have to give it a go.. So long as it works like my hidden pause... Link to comment Share on other sites More sharing options...
evilvoice Posted September 3, 2004 Share Posted September 3, 2004 I updated the command, but yea...im not even sure you need all that...once you start the shutdown...a simple pause before you exit should stop runonceex from continuing... Link to comment Share on other sites More sharing options...
Coolsights2000 Posted September 3, 2004 Author Share Posted September 3, 2004 If you change these settingsAutoAdminLogon to 0where you block the adminAdministrator to 1then reboot you will see the default user and admin pop upenter the passwordthen you will see it is just another profile...for foldersC:\Documents and Settings\Administrator and look in the ProfileList in the register there is a SID entry for the adminS-1-5-21-1409082233-842925246-854245398-500 I think the 500 on the end means admin not sure yet,, and the other number may be different for you..You can change the admin password to zip here "" nothing...just go into the users and change the password... just watch cause if some one can see you admin profile and they are logged in as a adminstartor they can change the password withOUT having to know the old one...LOL My stepson triped when I showed him that..Mac!P.S. I still say admin just a fancy word for B.S.there is a admin profile and admin rights two different things... Link to comment Share on other sites More sharing options...
white_tiger Posted September 10, 2004 Share Posted September 10, 2004 hi Coolsights2000just asking about cmdlines.txtis this the correct way[COMMANDS]"RunOnceEx.cmd""usersetup.cmd"or just use one line[COMMANDS]"usersetup.cmd" Link to comment Share on other sites More sharing options...
Coolsights2000 Posted September 11, 2004 Author Share Posted September 11, 2004 all depends on the rest of your code..I have this [COMMANDS]"AllUsersTweaks.cmd" <<--- this one setups up some register stuff"useraccounts.cmd" <<--- this one calls autologon.reg also"RunOnceEx.cmd" <<-- this one start the whole ball at the first logon.. You have to get the loading of the first logon keys somewhereMy RunonceEX.cmd calls a file on the D:\ drive %XPCD%\~XPCDRunOnceEx.cmd that loads the real RunoncEX keysright now the %XPCD%\~XPCDRunOnceEx.cmd file is blank cause I'm playing but it will finally link to the RunOnceEx_999_DU.cmdonce I get done.. I'm daisy chaining right now so I can play.. I burned a CD-RW for the basic load and then I use the files from the d:\ drive to load runonexstuffI don't need to keep install windows cause that is done I just wipe the drive and put back the same windows basic then run the RunOnceEx_999_DU.cmdfor testing.... So you see it all depends on your codewhere and when and how you place and do something is up to you Just get the timing right... If you gave two different people that same plate of food would they both eat it the same... NO but it all does end up in the stomach....Mac! Link to comment Share on other sites More sharing options...
white_tiger Posted September 11, 2004 Share Posted September 11, 2004 GOOOOOODI did it with this[COMMANDS]"RunOnceEx.cmd""usersetup.cmd"and it works fine .. and there is couple of programs didn't get the reg keys like Nero and WinXP Managerany way it's good but there is a lettel problem you said we have at least logon once to create the profilein autologon.reg Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"DefaultUserName"="Default User""DefaultPassword"="""AutoAdminLogon"="1";Disable Administrator User[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]"Administrator"=dword:00000000we used "AutoAdminLogon"="1"to let the Default user logonafter I created a new user name I deleted the Default user then restart the windowsit wont start .. stops at the logon screenAutoAdminLogon didn't effects the new user name ?!! Link to comment Share on other sites More sharing options...
evilvoice Posted September 11, 2004 Share Posted September 11, 2004 you probably should not delete the default user profile until you logon as the new user... Link to comment Share on other sites More sharing options...
Coolsights2000 Posted September 11, 2004 Author Share Posted September 11, 2004 you missed some script somewhereyou don't make a new user.....I included the script below...it switch you to the hidden default user.....look it over..........did you delet the wrong default user....turn on the options to see all files included hidden one...did you delete the default userordefault user.domainname <<-- this ithe on that goes...Did you get your path right ?????????????????????the sytem has to reboot after you run the script then you can delete default user.domainname..the link in the register has to be switch to the hidden default user first .. requires a rebootDON"T MAKE ANY new users_SIDefaultuser.zip Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now