Have a question on how to set the default printer for NEW users via powershell.
I have seen many posts about setting the default printer via the wmi method. This seems to work only for the currently logged in user that is running it. This will not work for other users that may have already logged in. I can set the default printer for user sid already in the profile list in the registry via HKU:\<SID>\Software\Microsoft\Windows NT\CurrentVersion\Windows key. I set the device string to the printer name and port, isMRUEstablished i set to 0 and legacydefaultprintermode i set to 1 to prevent windows from setting the last used printer as default. This seems to work for any users that have already logged on. Issue is i cant seem to find a way to set it system wide. If install the printer and set it up before the user gets the machine and logs in for the first time it wont be set for them. I have tried making the above mentioned registry changes to the .defualt user registry hive but when a new person logs into that machine they have something like webex document print set to the default or onenote printer or something else. Is there any other way to set via powershell so it will apply to a new user that logs on?
You have to load the hive from the default profile found in c:\users\default and called ntuser.dat.
After loading this hive make the reg setting as needed. Then unload the hive. Now anyone who logs in to the system for the first time will get those settings, whatever they are, by default. The .Default in the registry is what runs when the system is at login but not yet logged in so no effect for printer settings.
Related
I am currently working on a Kiosk for my company, the point for me is to create a powershell script that will create a user and directly assign it as a Kiosk user with Microsoft Edge Chromium. It works fine with the windows settings but thats not how we need to make it. But when I want to make the command with powershell
Set-AssignedAccess -AUMID "MSEdge" -UserSID "USERSID"
When i do it this way I get this error :
New-CimInstance : One or multiple parameter values passed to the method are not valid.
So I managed to get another AUMID which is : Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe!App
The command is a success after that but in the end when I connect to the Kiosk user it keeps on blinking loading blue screen and never pops out Microsoft Edge.
Does someone knows about this ?
Thank you.
Try using this AUMID Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge.
This works for Windows Versions below 21H2.
I cannot help you at this time with the version above 21H2.
Im hoping i could have a push in the right direction for an issue I'm having. Im not even sure it is possible.
Idea:
Id like to have a batch file that runs on logon to check the logon type that is shown in the event viewer.
The ultimate goal is to allow logon with a keyboard at the station - password entered > logon type checked from event viewer (logon type 2)> if logon type 2 check to see if a USB with a certain serial is connected> if yes allow >if no lock PC right away.
issues:
I have no idea and have not found a way to get the logon type from the event viewer, It will only have to check the newest record.
i have the file that checks for the serial and if not EQU locks PC. its the event viewer I'm not sure on.
Im looking for this in a batch file. or Powershell (if this can be run at logon, i have never used this before)
Thanks for any and all help!!
I want to set the language for one time once the user downloaded the app and started using it, for only first time. but not all the time he use the app. How can i do that?
like how we get select language options , while installing Microsoft products, etc
is this possible ?
you can control that when you application apears. Did you know about property lists?
You could use it. Or maybe you can create a file with Core data with name Configs. You need to check if field is blank and case yes, open a viewControllerChangeLanguange.After select save the data and start your application. Remember, everytime you start you will check your file. Case exists, set current language.Case not, invoke an interface to user select a language. All the controller could be made by just a file config.
In researching this scenario, all I could find was a suggestion that you contact Microstrategy, send them your metadata DB and ask them for the password.
This CAN'T be the only way.
Is there no way to simply reset the password in some fashion? Looking at the DSSMDUSRACCT table in the metadata DB, this appears to hold (at first glance anyway) a hashed/encrypted password, but I don't believe this is correct, as every entry for every account is the same in the PASSWD field.
Can someone suggest an alternative beyond sending a database to Microstrategy?
There isn't any alternative. We ended up in similar scenario and had Microstrategy reset the password. Password is not easily recoverable from Medadata since it is secured.
I'm not sure how many projects you have in your metadata or if you have access to another user that may have all privileges; but another option would be to create a new database, use MSTR configuration wizard to populate metadata tables, then duplicate the project across project sources into the new metadata that was just created. The Administrator user in this new metadata will have a blank password. If this is not an option then I recommend to open a support ticket (as others have suggested).
One of the things which one can try is to see any command manager script or system manager workflow. Every MicroStrategy environment may have atleast one of the above two things running in their environment. If you check the file, you may see the password for the administrator user. But in case if there is none of these being used then contacting MicroStrategy support would be the right thing to do.
Thanks,
Nikhil.
Benedict's right, there's no way they would keep passwords in plaintext in the metadata. You'll have to send it to them in a support ticket. It can take quite a few days, but they get the job done.
as soon as you get it reset use object manager, create a configuration object package for the administrator account and anytime you forget it, just redeploy the package to reset it.
You could try using the MicroStrategy Object Manager to copy the Administrator user from another project source/server to this environment.
This should do the trick if you have at least one other user with the right administrative privileges.
The other day I wanted to login to one of our applications. However, I forgot my username and password. I tried using the forgot password wizard but had no luck.
The steps I am about to walkthrough will work with most web applications with average logon security measures. It may not work with MicroStrategy, but should work if the input password is not externally verified.
So this is how I got access:
First I logged into my database manager -If you don't have access to
this... run a scan for 'password' on your server root. For Linux I
write sudo grep 'password' -roni or try: db_pass, dbpass,
database_password, etc as other search terms... The -roni will apply various filtering and
options to the search... aka line number, file name and etc. After
getting some results... find a likely file and open it to see if you
have your database details in there.
Login to your database manager. Find the table associated with your account. (This will usually have the name X_users If the password isn't hashed, just take it and login with it... if it is hashed... copy the hashed value to your clipboard.
Change the directory to your chosen applications root.
Run the scan with the search term 'password' or 'md5(' ...this will hopefully bring up a login controller file.
Edit the line within the function that takes your login input. Change the value 'md5($#####)' with '$#####', (aka removing the md5hashing of your input).
Reload the login page. Now, enter your username and hashed password copied from the database and login.
If done correctly you should now be logged into your web app.
Change the password of the account. Now go back to the login controller file and undo the chnages.
This might not be applicable with your app in question, but it's worth a shot! ....and if it isn't appropriate for your scenario... it could still be very helpful for someone else with a similar problem and different application. I just thought there's a small chance it may help someone who's locked out of one of their web applications. Rather than having to reinstall and lose data.
I'd be happy for you to improve on this or give some feedback.
I am looking for an inverse version of "RunOnceEx".
RunOnceEx does run some program, before the user's shell(desktop&taskbar) start. The login progress will not continue before the runonceex complete.
I want to do exact the same but on user logout.
When she/he logout, all running program shutdown, leaving shell(desktop&taskbar), then ""I wish my program will be execute this moment"", finally logout.
I think it is possible because the "mobsync.exe" is doing that. But I cannot find where and how to do it.
Warning, as said here, gpedit.msc will allow you to configure a logoff script for all users.
If you need that script only for one user, you need to declare it directly in the registry, both in HKCU and HKLM.
To run this only for the current user, you can use WMI to get an information when a shutdown/logout occurs.
Either you write a small C# (or any other language that can use WMI) application or vbs script to listen on the Win32_ComputerShutdownEvent WMI event.
An example C# app can be found here in this question: Get Log off event from system
found in the first result on google for me
To execute a program you can create a script to run it and use group policy to enforce it.
In Group Policy Editor navigate to User Configuration-->Windows Settings-->Scripts (Logon/Logoff)
more information here
If you want a running program to execute code on logoff, then you should hook the WM_QUERYENDSESSION message and look for an lParam value of ENDSESSION_LOGOFF (0x80000000).
It's important to test for this lParam value because the other ones indicate a "forced close" - i.e. your process may be killed before your code is even allowed to run. In fact, most shutdown/session-end messages are only intended to give you an opportunity to run last-minute cleanup code and aren't that safe to respond to with long-running actions; but this particular combination should be OK.
Note: I've never tried to actually run a separate process in response to the WM_QUERYENDSESSION message. It's possible that the window manager will disallow this, like it does during shutdown. Try it and see, I guess.
If you're in a .NET environment (you didn't specify), a quicker way is to add an event handler to the Microsoft.Win32.SystemEvents.SessionEnding event.
What you need is an implementation of GINA. You can run your custom commands in WlxIsLogoffOk function, which gets called when the user initiates a logoff
Once you create the proper GINA dll you can register it here: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\#GinaDLL
Here is an implementation which may fit your needs (it provides a Logoff registry key where you could specify your command):
http://wwwthep.physik.uni-mainz.de/~frink/newgina_pre09/readme.html
As VonC and TFD already mentioned, the Group Policy Editor is just another way to manipulate the registry.
Just make with gpedit the changes (in Userconfig - Windows Settings - Scripts) you like and afterwards take a look in the registry at [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\Scripts]
to find out how you can do that directly.
Also on my PC (hanging in a domain) is a hidden folder C:\WINDOWS\System32\GroupPolicy with subfolders for user and machine. Both having additional subfolders called Shutdown and Startup. Maybe you can also use these ones.
If you need something simple and working for a single (or any) user you can make a simple application in C++ or C# for example.
The simplest is having a C# in tray (by simply adding the tray component to the form) and register and event handler for the FormClosing event. It'd look like this:
private void Form1_FormClosing(object sender, FormClosingEventArgs e)
{
if (e.CloseReason != CloseReason.UserClosing)
{
// It's not the user closing the application,
// Let's do whatever you want here, for example starting a process
Process notePad = new Process();
notePad.StartInfo.FileName = "notepad.exe";
notePad.StartInfo.Arguments = "ProcessStart.cs";
notePad.Start();
}
}
So your application will be started with Windows or with the user. It'll wait (using a little bit of memory) and will do something when the system shuts down, or the user log off, etc (by checking "CloseReason" above).