Uncategorized

Uncategorized

Sysprep, maintain activation and product key

Nizam Mohamed

Some good information here:

Resetting Windows Activation

When you install Windows with a single license product key, you have 30 days during which you must activate that installation of Windows.

There is no limit to the number of times that the Sysprep command can run on a computer. However, the clock for Windows Product Activation begins its countdown the first time Windows starts. You can use the sysprep /generalize command to reset Windows Product Activation a maximum of three times. After the third time that you run the sysprep /generalize command, the clock can no longer be reset.

When you run the sysprep /generalize command, the activation clock will automatically reset. You can bypass resetting the activation clock by using theSkipRearm setting in the Microsoft-Windows-Security-SPP component. This enables you to run the Sysprep command multiple times without resetting the activation clock. For more information about this setting, see the Unattended Windows Setup Reference (Unattend.chm).

Sysprep, maintain activation and product key.

Uncategorized

Desktop Boards — Keyboard prompts during boot process POST

Nizam MohamedComment on Desktop Boards — Keyboard prompts during boot process POST

Here’s this list for function keys during POST for Intel boards.

During the boot-up process, before the operating system loads, you can press certain Function keys and Control key combinations to launch different tasks.

Function key or Control key Purpose
F2 Accesses the BIOS Setup program.
F7 Initiates a BIOS update process where the update files are stored on a USB thumb drive. For instructions on this BIOS update method, seeInstructions for F7 BIOS Flash update.
F8 Opens the Windows* boot option menu which allows you to boot into safe mode, enable boot logging, perform restore tasks, and more.
F9 Launches the Remote PC Assist Wizard. This function is only available when the board supports Intel® Remote PC Assist Technology (Intel® RPAT).
F10 Accesses the boot menu and displays all bootable devices to select from.
F12 Allows you to boot to a network; generally used to install an operating system from an image on the network.
Control-I Opens the Intel® Rapid Storage Technology option ROM user interface.  This prompt is available on boards that are configured for and support RAID.
Control-M Opens the Marvell RAID option ROM user interface. This prompt is available on boards that are configured for and support Marvell RAID.
Control-P Opens the Intel® Management Engine (MEBx) Configuration user interface. This prompt is only available on certain boards that support the Intel® Management Engine.

Desktop Boards — Keyboard prompts during boot process POST.

Uncategorized

Windows could not complete the installation (after sysprep).

Nizam MohamedComment on Windows could not complete the installation (after sysprep).
This got me going again…
New Member
Join Date: Feb 2011
Posts: 1
Thanked: 0
      02-09-2011
Here’s what I did to solve it for myself (I had run sysprep /generalize /oobe to move my machine from an AMD to an Intel platform):
1) Get the command prompt with Shift-F10.
2) Run services.msc and turn anything that you disabled yourself to Automatic (use your head here, for example Nero’s NMIndexService can stay off), in case you’ve done services tweaking like I did.
3) Ensure the sptd service is disabled if you have it installed (used for virtual CD/ISO-mounting apps), you do this with regedit, it’ll be in HKLMSystemCurrentControlSetServices I believe.
4) Reboot
5) Command prompt again, cd to WindowsSystem32oobe and run msoobe
6) Create a new user and go through the steps.
After the OOBE part was done, I just got a black screen instead of going to desktop. Just sat there, so I powered off and rebooted. After reboot, it logged me into the new user I had created.
7) Log back into your old user, all should be fine now.
Hope this helps someone out there.
Reply With Quote

New Member
Join Date: Feb 2011
Posts: 1
Thanked: 0
      02-24-2011
Thanks Gypsy. I tweaked your post a bit and did the following:
After getting the command prompt:
I ran MMC > Add Remove Snap In > Computer Management > System Tools > Users to change my Administrator password to meet the requirements.
Then
Add Remove Snap In >Group Policy Object > Local Computer >Computer Configuration > Windows Settings>Security Settings>Local Policies>Security Option and changed “Accounts: Administrator Accounts status” to enabled. From there a restart and “bob’s your uncle”!
Uncategorized

How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003

Nizam MohamedComment on How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003

In Microsoft Windows 2000 and in Microsoft Windows Server 2003, as an administrator, you can customize desktops by using Folder Redirection. You can redirect the following folders by using Active Directory and Group Policy:

  • Application Data
  • Desktop
  • My Documents
  • My Documents/My Pictures
  • Start Menu

You can find more information about Folder Redirection by searching Windows Help for Folder Redirection.

When you redirect folders to a shared location on a network, users need both read and write access to this location so that the users can read the contents these folders. However, in some scenarios, you may not want to grant read access.

Create security-enhanced redirected folders

To make sure that only the user and the domain administrators have permissions to open a particular redirected folder, do the following:

  1. Select a central location in your environment where you would like to store Folder Redirection, and then share this folder. In this example, FLDREDIR is used.
  2. Set Share Permissions for the Everyone group to Full Control.
  3. Use the following settings for NTFS Permissions:
    • CREATOR OWNER – Full Control (Apply onto: Subfolders and Files Only)
    • System – Full Control (Apply onto: This Folder, Subfolders and Files)
    • Domain Admins – Full Control (Apply onto: This Folder, Subfolders and Files)
    • Everyone – Create Folder/Append Data (Apply onto: This Folder Only)
    • Everyone – List Folder/Read Data (Apply onto: This Folder Only)
    • Everyone – Read Attributes (Apply onto: This Folder Only)
    • Everyone – Traverse Folder/Execute File (Apply onto: This Folder Only)
  4. Configure Folder Redirection Policy as outlined in Windows Help. Use a path similar to\serverFLDREDIRusername to create a folder under the shared folder, FLDREDIR.

Because the Everyone group has the Create Folder/Append Data right, the group members have the proper permissions to create the folder; however, the members are not able to read the data afterwards. The Username group is the name of the user that was logged on when you created the folder. Because the folder is a child of the parent folder, it inherits the permissions that you assigned to FLDREDIR. Also, because the user is creating the folder, the user gains full control of the folder because of the Creator Owner Permission setting.
How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003.