I would like to run Skype for Business in Kiosk mode, therefore I use the same script as he does, but mine doesn't work.
I replaced the following lines:
$Cashier_SID = Get-UsernameSID("bbwallonepeop")
$ShellLauncherClass.SetCustomShell($Cashier_SID, "C:\Program Files (x86)\Microsoft Office\Office16\lync.exe", ($null), ($null), $restart_shell)
but it doesn't start Skype, it doesn't work with any other app either.
When I run the script, the only thing I see when I log on is a black screen, then I can use ctrl+alt+del to start the Taskmanager, then open the explorer and find the powershell exe to run a disabling script.
So there is something happening, the explorer.exe isn't starting anymore (not even for admins, even though it should start for admins) but Skype isn't starting :/
Any ideas? Here the full script:
$COMPUTER = "localhost"
$NAMESPACE = "root\standardcimv2\embedded"
# Create a handle to the class instance so we can call the static methods.
$ShellLauncherClass = [wmiclass]"\\$COMPUTER\${NAMESPACE}:WESL_UserSetting"
# This well-known security identifier (SID) corresponds to the BUILTIN\Administrators group.
$Admins_SID = "S-1-5-32-544"
# Create a function to retrieve the SID for a user account on a machine.
function Get-UsernameSID($AccountName) {
$NTUserObject = New-Object System.Security.Principal.NTAccount($AccountName)
$NTUserSID = $NTUserObject.Translate([System.Security.Principal.SecurityIdentifier])
return $NTUserSID.Value
}
# Get the SID for a user account named "Cashier". Rename "Cashier" to an existing account on your system to test this script.
$Cashier_SID = Get-UsernameSID("bbwallonepeop")
# Define actions to take when the shell program exits.
$restart_shell = 0
$restart_device = 1
$shutdown_device = 2
# Examples. You can change these examples to use the program that you want to use as the shell.
# This example sets the command prompt as the default shell, and restarts the device if the command prompt is closed.
$ShellLauncherClass.SetDefaultShell("cmd.exe", $restart_device)
# Display the default shell to verify that it was added correctly.
$DefaultShellObject = $ShellLauncherClass.GetDefaultShell()
"`nDefault Shell is set to " + $DefaultShellObject.Shell + " and the default action is set to " + $DefaultShellObject.defaultaction
# Set lync/Skype for busniess as the shell for "Cashier", and restart the machine if it is closed.
$ShellLauncherClass.SetCustomShell($Cashier_SID, "C:\Program Files (x86)\Microsoft Office\Office16\lync.exe", ($null), ($null), $restart_shell)
# Set Explorer as the shell for administrators.
$ShellLauncherClass.SetCustomShell($Admins_SID, "explorer.exe")
# View all the custom shells defined.
"`nCurrent settings for custom shells:"
Get-WmiObject -namespace $NAMESPACE -computer $COMPUTER -class WESL_UserSetting | Select Sid, Shell, DefaultAction
# Enable Shell Launcher
$ShellLauncherClass.SetEnabled($TRUE)
$IsShellLauncherEnabled = $ShellLauncherClass.IsEnabled()
"`nEnabled is set to " + $IsShellLauncherEnabled.Enabled
# Remove the new custom shells.
#$ShellLauncherClass.RemoveCustomShell($Admins_SID)
#$ShellLauncherClass.RemoveCustomShell($Cashier_SID)
# Disable Shell Launcher
#$ShellLauncherClass.SetEnabled($FALSE)
#$IsShellLauncherEnabled = $ShellLauncherClass.IsEnabled()
"`nEnabled is set to " + $IsShellLauncherEnabled.Enabled
Related
I am new to power shell and I am trying to create a script that would create new users in Active Directory. Currently I am having trouble setting the Remote Desktop Services tab of the User. My code is below.
#Set Remote Control Settings Permissions
#I recieved Server is not operational error. https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/fail-to-configure-server-using-server-manager I think Invoke Set may not be the command I should use.
$userpath = dsquery user -samid $username
$userpat = "LDAP://$userpath"
$userp = [ADSI]$userpat
$userp.InvokeSet("EnableRemoteControl",2)
$userp.setinfo()
#Remote Desktop Services User profile profile path set to "\\documentsf\profiles\$username" THIS IS MESSING UP ERROR OCCURRS WITH INVOKE SET SAYING NOT SPECIFIED
$userp.InvokeSet("terminalservicesprofilepath","\\documentsf\profiles\$username")
$userp.setinfo()
The remote control permissions are a little strange and work best with the ADSI method, which you're close to already. dsquery actually returns a string with quotes inside it, so you'll either need to strip those quotes first or use a different method - I prefer Get-ADUser:
$LdapUser = "LDAP://" + (Get-ADUser $username).distinguishedName
$User = [ADSI]$LdapUser
$User.InvokeSet("EnableRemoteControl",2)
$User.setinfo()
And to set the remote desktop services profile path for a user:
$User.invokeset("terminalservicesprofilepath","\\Server\Share\$username")
$User.SetInfo()
I have two different users, my regular user and my admin user. Both have profiles setup for PowerShell. I log into my workstation ONLY as my regular user. My issue is that when running PowerShell as my regular user, I can type "menu" at the prompt from any folder and it will run the Menu.ps1 script from the scripts folder. When I try running PowerShell as my admin user, I get "The Term 'menu' is not a blah blah blah". The only way I can run it is if I change the the PSDrive named scripts: and dot source execute from there.
The only difference that I can find is that my regular user has access to a windows mapped drive z: (its in the Path environment variable also), while my admin user does not. I was hoping that I would just need to add scripts:
to the environment variable but that didn't help either.
Any assistance is appreciated.
Thank You Jeff Zeitlin.
I added this to my Admin users profile, works perfectly.
$ScriptsPath = "\\Server\Share\Scripts"
$ScriptsDrive = "Z:"
$Network = New-Object -ComObject "Wscript.Network"
$Network.MapNetworkDrive("$($ScriptsDrive)","$($ScriptsPath)")
$strPath=$env:path
if (!($strPath.ToUpper().Contains($ScriptsDrive))) {
$env:path += ";" + $ScriptsDrive + "\"
}
My question is if it is possible to obtain the Domain Name of a computer in a Enterprise environment and use it as computer name in a MDT deployment.
I am aware that MDT has an option for setting the computer name here: Right cklick on Deployment Share - Rules
I would love to use the variable $CNAME (Computer Name) which I can successfully obtain using the follwing powershell commands as a variable for “OSDComputerName=“ in the deploymentshare settings.
This ps script gets me the right name:
1 Get IP
$IP=((ipconfig | findstr [0-9].\.)[0]).Split()[-1]
2 Do NSLOOKUP of IP
$Lookup=NSLOOKUP $IP
3 Adjust output with regular expressions and -replace modifiers to only contain the real computername without DNS suffix
$regex=$Lookup -match "(^.*\bName\b\:?\s*\b)[\w\d\s\-]*"
$replace1=$regex -replace "Name: "
$CNAME=$replace1 -replace "*DNSSUFFIX*"
Is this possible? Otherwise, can I use the PowerShell Script in any way to rename the computer after the deployment has finished? E.g. which command can I use to use the variable $CNAME as new computer name?
The following Script will use the IP Adress to query your DNS and get the name of the Computer in your Domain and pass it back to MDT as OSDComputerName
This works in an environment where the computers are named like name.xx.yournamespace.de
Add an nslookup.exe from a Windows ISO to your WinPE Boot Image (mount WinPE WIM with DISM and copy nslookup.exe into System32)
Adjust your customsettings.ini Rules, add:
UserExit=Setname.vbs
OSDComputerName=#SetName("%IPAddress%")#
Add a UserExit Script to your Deploymentshare Scripts-Folder, name it Setname.vbs
Function UserExit(sType, sWhen, sDetail, bSkip)
UserExit = Success
End Function
Function SetName(sIP)
Dim rName
Set objShell = createobject("wscript.shell")
strParams = "%comspec% /c nslookup " & sIP & ""
Set objExecObj = objShell.exec(strParams)
Do While Not objExecObj.StdOut.AtEndOfStream
strText = objExecObj.StdOut.Readline()
If instr(strText, "dns-9") Then
strServer = trim(replace(strText,"(null):",""))
Elseif instr (strText, "xx.yournamespace.de") Then
strhost = trim(replace(strText,"(null)",""))
End if
Loop
rName = replace(strhost, ".xx.yournamespace.de", "")
SetName = rName
End Function
Adjust replacements to your Network. SetName will be passed back to MDT.
Hopefully this helps someone!
I'm just a junior programmer, just started with programming and because my work requests me to create some handy powershell scripts I was wondering if you can help me with a particular one.
We have a lot of customers with a lot of servers. When they are newly installed I do check them and after that we do regular maintenance. Because each customer has several servers with different roles I want to have the "Computer" icon on my desktop.
I can do that by clicking start -> rightclick Computer -> Enable "Show on Desktop"
Furtheron I want to have this Computer icon renamed to the hostname (because the hostname tells me it's role in the domain)
Now my goal is to create a powershell script that creates this computer icon with hostname for all the server in the domain.
I've tried to search my way to the usual search engines and came up with this:
1) Locate with regedit [HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} rename LocalizedString to LocalizedString.Old
2) Now switch to Regedit32 Create a new VALUE type Expand_SZ name it LocalizedString On XP and Windows 2000 with SP3 replace LocalizedString with %Username% at %Computername%
Which isn't suitable because we use W2K8R2SP1 servers.
After that I ended up with this script:
$ComputerName = "Localhost"
$Hive = "CurrentUser"
$Key = "Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel"
$MyComputer = "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"
$UserFiles = "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"
$Kind = [Microsoft.Win32.RegistryValueKind]
$RegHive = [Microsoft.Win32.RegistryHive]$hive
$RegKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($RegHive,$ComputerName)
$MyComputerValue = ($RegKey.OpenSubKey($Key)).GetValue($MyComputer)
$UserFilesValue = ($RegKey.OpenSubKey($Key)).GetValue($UserFiles)
if ($MyComputerValue -eq $null -or $MyComputerValue -eq 0)
{
$Computer = $regKey.OpenSubKey($RootKey,$true)
$Computer.SetValue($MyComputer, 1,$Kind::DWord)
}
if ($UserFilesValue -eq $null -or $UserFilesValue -eq 0)
{
$User = $regKey.OpenSubKey($RootKey,$true)
$User.SetValue($UserFiles, 1,$Kind::DWord)
}
This doesn't seem to be doing anything at all.
I know this registry key is used for the computer on desktop:
“{20D04FE0-3AEA-1069-A2D8-08002B30309D}”=dword:00000000
Continued search...
So I found this:
To show the ‘My Computer’ icon on the desk"text-decoration:underline;">
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
Name = {20D04FE0-3AEA-1069-A2D8-08002B30309D}
Type =REG_DWORD
Value = 0
To change the ‘My Computer’ icon to computer or user name:
[HKCR\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}]
Name = LocalizedString
Type = REG_EXPAND_SZ
Data value = %computername% or any combination you like – eg %username% %computername%
However the second part keeps giving me an error and even if i can get it to work, i want to run the script onces and all servers in domain should be having this update.
Thanks for helping out.
Best regards,
Nick
Changing HKCR\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\LocalizedString is still suitable on Server 2008 R2, but you need to take ownership of the key and grant administrators full access to it first.
I have a script that I deploy using LANDesk and in the script it calls a powershell script to add a shortcut to a network folder on the user's desktop. LANDesk logs in to run the script with a local machine account but I don't want the shortcut to be put on that desktop but of the desktop of the user that is currently logged in. Is there a way to do this in powershell?
Here is my code for adding the shortcut if you run the script as the logged in user (can't run as the user themselves because they don't have admin rights)
$wshshell = new-object -comobject WScript.Shell
$Ink = $wshshell.CreateShortcut("$home\Desktop\PI_Users.lnk")
$Ink.TargetPath = "\\htntfs04\PI_Users"
$Ink.Save()
Thanks in advance for help.
If you're using LANDesk, and you're using a package to distribute the script, you can choose between executing the script as LocalSystem which is the default, or as the Current user's account.
Just open the properties of the package, go to Accounts and choose "Current user's account". The task will fail if there's no user logged in to the machine.
But, if I understand correctly, the problem is that the user is not allowed to create a link on its own desktop? If so, this solution won't work and the task would fail anyway!
Another approach I often use would be to execute a script that loops through all the local profiles and creates a link on the desktop of each user. If it's okay for you to use a WSH script instead of a powershell script, you could use something like this:
Const HKEY_LOCAL_MACHINE = &H80000002
Set objRegistry = GetObject("winmgmts:\\.\root\default:StdRegProv")
Set ws = CreateObject("Wscript.Shell")
strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"
objRegistry.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubkeys
For Each objSubkey In arrSubkeys
strValueName = "ProfileImagePath"
strSubPath = strKeyPath & "\" & objSubkey
objRegistry.GetExpandedStringValue HKEY_LOCAL_MACHINE, strSubPath, strValueName, strProfile
If Left(strProfile, Len(ws.ExpandEnvironmentStrings("%windir%"))) <> ws.ExpandEnvironmentStrings("%windir%") Then
Set objShtCut = ws.CreateShortcut(strProfile & "\Desktop\PI_Users.lnk")
objShtCut.TargetPath = "\\htntfs04\PI_Users"
objShtCut.Save
Set objShtCut = Nothing
End If
Next
Can't you use [Environment]::GetFolderPath("Desktop") to get the desktop's path for current user?