When does Setupcomplete.cmd run?
-
I let FOG handle computer renaming and joining to the domain. It works better than sysprep. When I tried sysprep, it would join it to the domain THEN rename the machine and screw it all to hell for me. Now that I have FOG setup to join computers to the domain, they image, reboot, get renamed, reboot, and join the domain and reboot. I then login and do the last few steps to get it ready for the end user before I freeze it (DeepFreeze).
-
Well, we let unattend.xml do everything except name the computer and join the domain. So, it goes like this:
Boot after image running mini setup
Human enters computer name from the label on computer
Once setup is complete, human logs in with local account that unattend.xml automatically creates and runs a Powershell script that:Sets a password for the local administrator account
Enables the local administrator account
Joins computer to the domain
Deletes the temporary local account that unattend.xml created
Deletes the Powershell script from the local driveYour method sounds interesting, though. So, how exactly does this flow?
Does Fog auto name the computer, then join it and you rename it or is there a pause in the process that allows you to name it? How does this interact with unattend.xml?Thanks for the tip. I’ll run some trials in my lab.
-
Steve, I can’t see why a human has to login and set the computer name when the FOG client can do that for you. Also Enabling the Default Administrator account and not creating the temporary account can be done via the xml file. In most cases we only use the setupcomplete.cmd to delete the xml file which exposes the local user passwords. Why not have it fully automated?
The order goes something like this:-
- Sysprep process starts on the imaged computer.
- unattend.xml is executed and customizations are done.
- setupcomplete.cmd is executed which deletes xml file from 2 locations, computer reboots.
- FoG Client checks in and compares computer name to the one in the database if different the client changes the name and reboots the machine.
- FOG Client checks in again and if the setting in the database is set to join the domain, the FOG clients joins the computer to the domain and reboots it.
-
OK, so how do I get Fog to set the host name after imaging? I see in the Service Configuration that Hostname Changer is enabled and it seems enabled in the global setting as well. Is there something else I need set to have this happen?
We normally don’t have the machines set to PXE boot first as it slows the boot process. But this has been enabled before as have the two options above and Fog has never named the computers for us.
Edit: The admin before me said they tried this but joining the computer to AD did not work so well. Is it possible for Fog to name the computer and not join it o AD?
-
Check the log file on the client for reason why the name is not being changed.
For AD join, you need to check the AD setting on the host menu. I suggest you read the section on AD integration in the wiki. For it to be secure you will need to modify the fog client to encrypt your service account password.
It does work well. We have over 3500 Desktops that have the client installed.
-
Log file? Windows log or does Fog keep it’s own? I did read the Wiki an AD and will test that as well. Thanks for the post.
-
[quote=“Steve Ropiak, post: 11749, member: 47”]Log file? Windows log or does Fog keep it’s own? I did read the Wiki an AD and will test that as well. Thanks for the post.[/quote]
Fog client log file
c:\fog.log
-
Hmm, we re-imaged most of the campus last summer and none that I’ve checked seem to have this file. Is it a server option that we should enable?
-
This file is created when the FOG service starts on the client computer. Do you have the FOG client installed on your image and is the service set to automatic? (should by default, when the client is installed).
If the client is not on the computers that would explain why the computer names are not renaming.
-
No, we don’t run the Fog service. i will be sure to include it in this year’s build so I can test. Does that come on the Fog server as a share or is it a separate download?
-
Steve, the whole thing works better if the FOG Client is on the computer. You need to get this working to make your life easier.
No reason why you should be visiting end user devices for manual intervention when you can automate the whole thing.
-
I don’t see the Fog windows client anywhere on my server. Does Radio Shack sell it?
-
-
Well, we did not have that share but I found it’s location by doing a find on the file system. Thanks!
-
I have to be honest, it never occurred to me when I gave you the unattend.xml screenshot that you were missing the fog client from your builds… Couple of pieces of advice that I’m sure everyone will agree with to make life simple…
-
Use the FOG client… definitely use it… honestly it makes things sooooo easy to control from the FOG server then…
-
When you do use it, dont change a damn thing on it, you can turn off any of the functions server side from individual computers at will so just leave everything switched on.
-
When it asks for your server’s name or IP… just leave it blank and on your DNS server set up an alias for ‘fogserver’ to point to the real server name… that way when you come to upgrade your FOG server in the future, you dont need to mess about updating that on all your images. You simply modify the cname.
-
-
Great tip! I did set that up this morning. Fog pre-dates me and I think the previous admin got it to work to just image and never explored some of it’s capabilities. Well, I prefer to use things for all they can do and it sounds like the Fog service will be a giant step forward for us.
-
[quote=“Steve Ropiak, post: 11276, member: 47”]If I run sysprep with an unattend.xml that does everything except name the computer (it prompts for that), when exactly does this script run? Is it after the mini setup is totally done? I’d like to populate this with my little powershell script that joins the domain, sets a password and activates the real administrator account, etc. Basically what I need to know if this is the last thing to execute. Thanks to all who reply.[/quote]
The stages for Windows deployment/installs can be found here:
[url]http://unattended.msfn.org/unattended.xp/[/url]
Not much has changed really in the timing of when things happen. As far as the last thing that runs, that is the RunOnceEx.cmd. It will launch anything under the system account. It still works for Vista, 7 and 8 as I’ve used it for remote users that are on dial up to send an all in one distribution with slip streamed patches and applications.
For bare metal maintain a list somewhere that a net command can fetch a name from (csv, txt), can’t find the script in the pile I have right now, but this should get you headed in the right direction. It still works for Vista and 7 incidentally. I haven’t tested it for 8 because the places I contract to are seriously looking at Ubuntu with WINE because…well, just look at 8. It’s pretty awful.
Otherwise, munge the vbscript as much as you like and it will be the LAST item on the RunOnceEx.cmd because it requires a reboot.
[SIZE=12px][FONT=Verdana][COLOR=#070f14]'Changing computer name for WNT/W2k/WXP with script:[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14]sNewName = “put new name here”[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14]Set oShell = CreateObject (“WSCript.shell”)[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14]sCCS = “HKLM\SYSTEM\CurrentControlSet”[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14]sTcpipParamsRegPath = sCCS & “Services\Tcpip\Parameters”[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14]sCompNameRegPath = sCCS & “Control\ComputerName”[/COLOR][/FONT][/SIZE][SIZE=12px][FONT=Verdana][COLOR=#070f14]With oShell[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14].RegDelete sTcpipParamsRegPath & “Hostname”[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14].RegDelete sTcpipParamsRegPath & “NV Hostname”[/COLOR][/FONT][/SIZE][SIZE=12px][FONT=Verdana][COLOR=#070f14].RegWrite sCompNameRegPath & “ComputerName\ComputerName”, sNewName[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14].RegWrite sCompNameRegPath & “ActiveComputerName\ComputerName”, sNewName[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14].RegWrite sTcpipParamsRegPath & “Hostname”, sNewName[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14].RegWrite sTcpipParamsRegPath & “NV Hostname”, sNewName[/COLOR][/FONT][/SIZE]
[SIZE=12px][FONT=Verdana][COLOR=#070f14]End With ’ oShell[/COLOR][/FONT][/SIZE][SIZE=12px][FONT=Verdana][COLOR=#070f14]MsgBox “Computer name changed, please reboot your computer”[/COLOR][/FONT][/SIZE]
If doing an in place migration of MS OS products:
What you should be asking is how do I backup meaningful data before wiping the box?
The OS and apps are one thing, but end users usually are more than a little annoyed when all their stuff is gone. Read up on USMT (User state migration tool), for FOG I would use USMT v2.0 or lower as the initialization of the deployment process. Either by command line or using the automatic UI agent.
USMT is a pile of scripts made by microsoft that go hunting for user generated stuff (docs, pics, music, video) and put it somewhere else (attached storage/USB/NAS). Later versions use the MS certificates and are very painful to get working properly without Active Directory and a file share structure/SCCM available to manage it. So word to the wise, don’t count on any version of USMT to work outside of SCCM 2007 or 2013, even then WITH SCCM it is very painful to setup.