Jump to content

Sysprep: User permissions afterwards

Thinkster
 Share

Recommended Posts

Thinkster

Thinkster

Posted
Posted

I'm faced with a possilbe dilema here in that during my Unattended XP Install in CMDLINES, I have a user account created named "deptuser" and I set Administrative privelages:

net user deptuser secretpw /add /active:yes /passwordchg:no /expires:never

net localgroup Administrators deptuser /add

net localgroup users deptuser /delete

Also, I have it modify winlogon with:

"DefaultUserName"="deptuser"

"DefaultPassword"="secretpw"

"AutoLogonCount"="1"

"AutoAdminLogon"="1"

After the Unattended install of XP, the very first time, it should autologon the above user and perform the post installation of software, reboot, autologon again with above user, perform cleanup & a few other tweaks, then run sysprep:

start /wait %systemdrive%\Sysprep\sysprep.exe -reseal -quiet -mini -reboot

my sysprep.inf contains the information needed to automatically join the domain. After sysprep runs mini-setup, I think the server takes over permissions for 'deptuser' and won't let me run my final customizations and downgrade local user account 'deptuser' from "Administrators" to "Users". These final customizations I'm trying to run from cmdlines.txt in C:\sysprep\i386\$oem$

Any suggestions or ideas?

Link to comment
Share on other sites

Thinkster

Thinkster

Posted
  • Author
Posted
I don't understand your plan here. Why would you do an unattended install, then sysprep it? Just seems like doing double steps.

Because I am using an OEM "Master Install" Product key for the unattended install, then after everything is installed and configured, I'm using sysprep to strip the master install product key as well as the generic Machine name, so that the machine will be properly named and key'd and joined on the domain. There may be another way to do this, but this is what I've come up with so far.. I'm open to suggestions though...

Link to comment
Share on other sites
Dustinwmew

Dustinwmew

Posted
Posted (edited)

So you don't want to be able to logon to the computer local as an admin?

Last time I worked at on a network setup. We got one computer setup the way we needed it, then sysprep it. We ghosted it onto all the computer in the network, then started the mini-setup.

We needed to be able to logon local. Some of our programs needed to be turned off to take their licenses.

Edited by Dustinwmew
Link to comment
Share on other sites
mls15000

mls15000

Posted
Posted
I don't understand your plan here. Why would you do an unattended install, then sysprep it? Just seems like doing double steps.

Because I am using an OEM "Master Install" Product key for the unattended install, then after everything is installed and configured, I'm using sysprep to strip the master install product key as well as the generic Machine name, so that the machine will be properly named and key'd and joined on the domain. There may be another way to do this, but this is what I've come up with so far.. I'm open to suggestions though...

Makes sense now. You could script the name change and joinin domain part. I'm not sure on the key part, but i'm sure there is a way to do it. Might save you some steps.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...