Copy Admin profile to Default user

[Joc]

Firstly sorry about my poor english...

Well, I have an idea and I dont know how can I solve it. I have tried to search a solution in this forum, found some goodies, but not the ONE. The problem:

After the last part, after the software installation I run the cleanup.cmd to clean unwanted things. When the Windows is ready, everything is OK. I would like to copy this profile to Default User, if it is possible. (unattended of course!) I have tried to copy the ntuser.dat but I cant. Any other solution? A program?

Joc

[cluberti]

You can't copy an ntuser.dat file that's in use, meaning if you're logged in as the administrator you can't copy the administrator's profile .

Create a new admin user, log in with that user, and THEN copy the profile to a network location. Now, you can simply call a script that copies the ntuser.dat file from the network location (or a location on your install CD) to the "%systemdrive%\Documents and Settings\Default User" folder automatically during the build.

[Joc]

I know this problem, but I am looking for a program which makes it automaticaly. I think if the System can make it (it can read this ntuser.dat), I can make it too.

Joc

You can't copy an ntuser.dat file that's in use, meaning if you're logged in as the administrator you can't copy the administrator's profile .

Create a new admin user, log in with that user, and THEN copy the profile to a network location. Now, you can simply call a script that copies the ntuser.dat file from the network location (or a location on your install CD) to the "%systemdrive%\Documents and Settings\Default User" folder automatically during the build.

[cluberti]

sure it can read it, but it can't copy it if it's open. The file is basically the HKCU key of the user's profile, and there are quite a few memory-mapped registry keys in that hive. Just because you can read some file doesn't mean you can copy it.

[BoardBabe]

Wish there were batch support for autoit

[BoaSoft]

Please? see worcing batch:

rem delete old Default User profile
RD /s /q "%systemdrive%\Profiles\Default User"

rem copy current user profile to default user profile
xcopy "%USERPROFILE%\*.*" "%systemdrive%\Profiles\Default User" /e /c /I /H /R /K /Y 
rem delete non-need some files 
del /f /q "%systemdrive%\Profiles\Default User\*.*" 
rem set default attributes
attrib +h "%systemdrive%\Profiles\Default User"

rem registry trick
rem no directly copy locked ntuser.dat file
rem use reg tools to save current user registry to file
reg save HKCU "%systemdrive%\Profiles\Default User\ntuser.dat"
rem set default attributes to hive file  
attrib +H +S "%systemdrive%\Profiles\Default User\ntuser.dat"

Note! please correct pach to profilefolders. My default (in unattendet file) profilefolders is "%systemdrive%\Profiles - non standart.

Sorri? mu english weri pour

[RogueSpear]

The following are bits and pieces of VBscripts I use with RunOnceEx to do this. You can implement them as you see fit.

Script 1:

Option Explicit
Dim ws, fs, wn, sysdrv, compname, colDrives, objDrive, strOEM
Set ws = WScript.CreateObject("WScript.Shell")
Set fs = CreateObject("Scripting.FileSystemObject")
Set wn=WScript.CreateObject("WScript.Network")
sysdrv = ws.ExpandEnvironmentStrings ("%SYSTEMDRIVE%")
compname = ws.ExpandEnvironmentStrings ("%COMPUTERNAME%")
Set colDrives = fs.Drives
For Each objDrive in colDrives
	If fs.FileExists(objDrive.DriveLetter & ":\WIN51") Then strOEM = objDrive.DriveLetter & ":\OEM"
Next

'** Subroutine; Set the RunOnceEx key with values
Sub SetROE
	Dim strKeyPath
	strKeyPath = "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\"
	ws.RegWrite strKeyPath & "TITLE", "System Optimization", "REG_SZ"
	ws.RegWrite strKeyPath & "080\", "Final Hard Disk Defragmentation", "REG_SZ"
	ws.RegWrite strKeyPath & "080\1", strOEM & "\080_FinalDefrag.vbs", "REG_SZ"
	ws.RegWrite strKeyPath & "090\", "Setting User Accounts", "REG_SZ"
	ws.RegWrite strKeyPath & "090\1", strOEM & "\090_ConfigAccounts.vbs", "REG_SZ"
End Sub

'** Subroutine; Create and configure a temp Administrator account
Sub TempAdmin
	Dim strComputer, strPath, objComp, objUser, objGroup
	strComputer=wn.ComputerName
	strPath=("WinNT://" & strComputer)
	Set objComp=GetObject(strPath)
	Set objUser=objComp.Create("user", "TempAdministrator")
	Set objGroup=objComp.GetObject("group","Administrators")
	objUser.SetPassword "password"
	objUser.FullName=""
	objUser.SetInfo
	objGroup.Add objUser.AdsPath
End Sub

'** Subroutine; Set AutoLogin for the next reboot
Sub SetAutoLogin
	Dim strKeyPath
	strKeyPath = "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"
	ws.RegWrite strKeyPath & "AutoAdminLogon", "1", "REG_SZ"
	ws.RegWrite strKeyPath & "AutoLogonCount", "1", "REG_SZ"
	ws.RegWrite strKeyPath & "DefaultPassword", "password", "REG_SZ"
	ws.RegWrite strKeyPath & "DefaultUserName", "TempAdministrator", "REG_SZ"
End Sub

'** Run Tasks
SetROE
TempAdmin
SetAutoLogin
ws.Run("""%PROGRAMFILES%\Utilities\ntregopt.exe"" silent /noprogresswindow /reboot"),0, False

What this script does is create a temporary Administrator user (TempAdministrator) and set the auto logon information for that newly created admin user. It also sets the RunOnceEx settings for the next boot. You must reboot in order to copy the ntuser.dat file of the currently logged in user. I happen to use NTRegOpt, a registry optimizer for initiating the reboot.

Here is the next script 090_ConfigAccounts.vbs, which is set for RunOnceEx in the script above:

Option Explicit
On Error Resume Next
Dim ws, fs, wn, objReg, sysdrv, strComputer, strPath, objComp, colDrives, objDrive, strOEM
Set ws = WScript.CreateObject("WScript.Shell")
Set fs = CreateObject("Scripting.FileSystemObject")
Set wn = WScript.CreateObject("WScript.Network")
Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv")
sysdrv = ws.ExpandEnvironmentStrings ("%SYSTEMDRIVE%")
strComputer = wn.ComputerName
strPath = ("WinNT://" & strComputer)
Set objComp = GetObject(strPath)
Set colDrives = fs.Drives
For Each objDrive in colDrives
	If fs.FileExists(objDrive.DriveLetter & ":\WIN51") Then strOEM = objDrive.DriveLetter & ":\OEM"
Next

'** Subroutine; Process the built-in Administrator account
Sub ProcessAdmin
	Dim objUser1, objUser2, objGroup1, objGroup2, flag
	Set objUser1=objComp.GetObject("user","Administrator")
	Set objGroup1=objComp.GetObject("group","Debugger Users")
	Set objGroup2=objComp.GetObject("group","Guests")
	objGroup1.Remove objUser1.AdsPath
	objGroup2.Add objUser1.AdsPath
	objUser1.SetPassword "password1"
	Set objUser2=objComp.MoveHere(objUser1.ADsPath,"Jerry")
	objUser2.Description=""
	objUser2.SetInfo
	If objUser2.AccountDisabled="False" Then flag=objUser2.Get("UserFlags")+2
	objUser2.Put "UserFlags", flag
	objUser2.SetInfo
End Sub

'** Subroutine; Process the built-in Guest account
Sub ProcessGuest
	Dim objUser1, objUser2
	Set objUser1=objComp.GetObject("user","Guest")
	objUser1.SetPassword "password2"
	Set objUser2=objComp.MoveHere(objUser1.AdsPath,"Kramer")
	objUser2.Description=""
	objUser2.SetInfo
End Sub

'** Subroutine; Create and configure a fake Administrator account
Sub FakeAdmin
	Dim objUser, objGroup, flag
	Set objUser=objComp.Create("user", "Administrator")
	Set objGroup=objComp.GetObject("group","Guests")
	objUser.SetPassword "password4"
	objUser.Description="Built-in account for administering the computer/domain"
	objUser.FullName=""
	objUser.SetInfo
	objGroup.Add objUser.AdsPath
	If objUser.AccountDisabled="False" Then flag=objUser.Get("UserFlags")+2
	objUser.Put "UserFlags", flag
	objUser.SetInfo
End Sub

'** Run Tasks
ProcessAdmin
ProcessGuest
FakeAdmin
fs.CopyFile (sysdrv & "\Documents and Settings\Administrator\ntuser.dat"), (sysdrv & "\Documents and Settings\Default User\ntuser.dat"),True
If fs.FolderExists(sysdrv & "\Documents and Settings\Administrator") Then fs.DeleteFolder(sysdrv & "\Documents and Settings\Administrator"), True
objComp.Delete "user", "Administrator"
objComp.Delete "user", "ASPNET"
objComp.Delete "user", "HelpAssistant"
objComp.Delete "user", "SUPPORT_388945a0"
objComp.Delete "user", "TempAdministrator"
If fs.FileExists(strOEM & "\090_NameSettings.hta") Then ws.Run (strOEM & "\090_NameSettings.hta"),1,True
WScript.Sleep(2000)
ws.Run("""%PROGRAMFILES%\Utilities\ntregopt.exe"" silent /noprogresswindow /reboot"),0, False

This script does a little management of the builtin accounts for better security. Of interest to this thread is towards the bottom of the script, where the ntuser.dat file is copied over to the Default User profile. Also note that at this point the computer is logged in under the credentials of TempAdministrator, but you can still delete the user account from the computer prior to rebooting. Right at the end, I run an hypertext application that I made (my very first one) that brings up a dialog for the user to specify the name of the computer, the name and password for an Administrative user and the name and password for a Restricted user. I'll include it in case anyone wants to check it out and use it.

090_NameSettings.7z

[Joc]

BoaSoft

Really simply solution, thank you!!!

Joc

Please? see worcing batch:

.

.

.

Sorri? mu english weri pour

--------------------------------------------------------------------------

[u]ROGUESPEAR:[/u]

This is the advanced solution! Can you publish the full version of scripts? I am really interested!

Joc

The following are bits and pieces of VBscripts I use with RunOnceEx to do this. You can implement them as you see fit.

.

.

.

This script does a little management of the builtin accounts for better security. Of interest to this thread is towards the bottom of the script, where the ntuser.dat file is copied over to the Default User profile. Also note that at this point the computer is logged in under the credentials of TempAdministrator, but you can still delete the user account from the computer prior to rebooting. Right at the end, I run an hypertext application that I made (my very first one) that brings up a dialog for the user to specify the name of the computer, the name and password for an Administrative user and the name and password for a Restricted user. I'll include it in case anyone wants to check it out and use it.

Edited January 8, 2006 by Joc

[RogueSpear]

Check out my RIS guide for the full scripts. Link is in my sig.

[RogueSpear]

reg save HKCU "%systemdrive%\Profiles\Default User\ntuser.dat"
rem set default attributes to hive file  
attrib +H +S "%systemdrive%\Profiles\Default User\ntuser.dat"

Not sure how I missed this little nugget the first time around, but thanks a million! I never would have thought about doing this on my own. Going to test it out from VBscript in the next couple days. Excellet work. Thread bookmarked.

[Joc]

And it worked perfectly!!! Thanks again, nice and fast solve. I insterted into my XP.

Joc

reg save HKCU "%systemdrive%\Profiles\Default User\ntuser.dat"
rem set default attributes to hive file  
attrib +H +S "%systemdrive%\Profiles\Default User\ntuser.dat"

Not sure how I missed this little nugget the first time around, but thanks a million! I never would have thought about doing this on my own. Going to test it out from VBscript in the next couple days. Excellet work. Thread bookmarked.

[sektor1952]

If you were sysprepping a machine, sysprep automatically copies the administrator profile as the default user profile.

[RogueSpear]

I gave up on sysprep years ago. Just way too many issues in my opinion. Especially when you can have a totally clean install.

[artinusa]

I keep getting error line 71 expected statement..help please

I also had error line 77 end sub expected

[cluberti]

Those line numbers don't match up to the HTA posted at all (line 71 is an end of script statement, </script>, and line 77 is an input element in the body. You might want to re-download the .7z again.