Extra admin account casuing issues
-
I have an local admin account called foguser as part of my image that I don’t actually remember creating. This account is in the local administrators group along with the normal windows Administrator account. My image deploys fine but if I attempt to delete this account or give it a password (currently it is blank) when I repackage and deploy sysprep fails out with an error in the specialize portion of my unattend.xml file. I really don’t want to be forced to upload my images with this extra admin account just to get it to work. It also brings up the issue where I can’t upload without this secondary account. Is there any way to get this to work by just leaving the normal Administrator account in my image?
Also when windows deploys it ends up logged in as the local Admin account which I would rather not have happen. At the end I would like it end up at the ALT-CTRL-DEL. The image changes its hostname and joins the domain with no problems.
Here is my current unattend.xml file:
<?xml version=“1.0” encoding=“utf-8”?>
<unattend xmlns=“urn:schemas-microsoft-com:unattend”>
<settings pass=“windowsPE”>
<component name=“Microsoft-Windows-International-Core-WinPE” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<SetupUILanguage>
<UILanguage>en-us</UILanguage>
</SetupUILanguage>
<InputLocale>en-us</InputLocale>
<SystemLocale>en-us</SystemLocale>
<UILanguage>en-us</UILanguage>
<UserLocale>en-us</UserLocale>
</component>
<component name=“Microsoft-Windows-Setup” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<DiskConfiguration>
<Disk wcm:action=“add”>
<CreatePartitions>
<CreatePartition wcm:action=“add”>
<Extend>true</Extend>
<Order>1</Order>
<Type>Primary</Type>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action=“add”>
<Active>true</Active>
<Format>NTFS</Format>
<Letter>C</Letter>
<Order>1</Order>
<PartitionID>1</PartitionID>
</ModifyPartition>
</ModifyPartitions>
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
</Disk>
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>1</PartitionID>
</InstallTo>
</OSImage>
</ImageInstall>
<UserData>
<ProductKey>
<Key>xxxxx-xxxxx-xxxxx-xxxxx-xxxxx</Key>
<WillShowUI>OnError</WillShowUI>
</ProductKey>
<AcceptEula>true</AcceptEula>
<FullName>fog</FullName>
<Organization>xxxxxxxx</Organization>
</UserData>
</component>
</settings>
<settings pass=“specialize”>
<component name=“Microsoft-Windows-Shell-Setup” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<AutoLogon>
<Password>
<Value>xxxxxxxxxxxxx</Value>
<PlainText>false</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>5</LogonCount>
<Username>administrator</Username>
</AutoLogon>
<WindowsFeatures>
<ShowWindowsMediaPlayer>false</ShowWindowsMediaPlayer>
<ShowWindowsMail>false</ShowWindowsMail>
<ShowMediaCenter>false</ShowMediaCenter>
<ShowInternetExplorer>true</ShowInternetExplorer>
</WindowsFeatures>
<TimeZone>Eastern Standard Time</TimeZone>
<CopyProfile>true</CopyProfile>
<ComputerName>*</ComputerName>
</component>
<component name=“Microsoft-Windows-Security-Licensing-SLC-UX” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<SkipAutoActivation>true</SkipAutoActivation>
</component>
<component name=“Security-Malware-Windows-Defender” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<DisableAntiSpyware>true</DisableAntiSpyware>
</component>
<component name=“Microsoft-Windows-Deployment” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<RunSynchronous>
<RunSynchronousCommand wcm:action=“add”>
<Order>1</Order>
<Path>net user administrator /active:yes</Path>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass=“oobeSystem”>
<component name=“Microsoft-Windows-International-Core” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<InputLocale>en-us</InputLocale>
<SystemLocale>en-us</SystemLocale>
<UILanguage>en-us</UILanguage>
<UserLocale>en-us</UserLocale>
</component>
<component name=“Microsoft-Windows-Shell-Setup” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<AutoLogon>
<Password>
<Value>xxxxxxxxxx</Value>
<PlainText>false</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>5</LogonCount>
<Username>administrator</Username>
</AutoLogon>
<RegisteredOrganization>xxxxxxxxx</RegisteredOrganization>
<RegisteredOwner>xxxxxxxxxxx</RegisteredOwner>
<FirstLogonCommands>
<SynchronousCommand wcm:action=“add”>
<CommandLine>cscript //b C:\windows\system32\slmgr.vbs /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx</CommandLine>
<Order>1</Order>
<RequiresUserInput>false</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action=“add”>
<Order>2</Order>
<RequiresUserInput>false</RequiresUserInput>
<CommandLine>cscript //b C:\windows\system32\slmgr.vbs /ato</CommandLine>
</SynchronousCommand>
</FirstLogonCommands>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<NetworkLocation>Work</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
</OOBE>
<UserAccounts>
<AdministratorPassword>
<Value>xxxxxxxxxxx=</Value>
<PlainText>false</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action=“add”>
<Password>
<Value>xxxxxxxxxx</Value>
<PlainText>false</PlainText>
</Password>
<Description>Local Administrator</Description>
<DisplayName>Administrator</DisplayName>
<Group>Administrators</Group>
<Name>Administrator</Name>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
</component>
</settings>
<settings pass=“generalize”>
<component name=“Microsoft-Windows-Security-SPP” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“[url]http://schemas.microsoft.com/WMIConfig/2002/State[/url]” xmlns:xsi=“[url]http://www.w3.org/2001/XMLSchema-instance[/url]”>
<SkipRearm>1</SkipRearm>
</component>
</settings>
<cpi:offlineImage cpi:source=“catalog://xxxxxxx/zsources/install_windows 7 professional.clg” xmlns:cpi=“urn:schemas-microsoft-com:cpi” />
</unattend> -
You can stop it creating the extra admin account by tricking it to create an administrator account called Administrator which it can’t do as it already exist by default. For example:-
<UserAccounts> <AdministratorPassword> <Value>Password</Value> <PlainText>true</PlainText> </AdministratorPassword> <LocalAccounts> <LocalAccount wcm:action="add"> <Password> <Value>Password</Value> <PlainText>true</PlainText> </Password> <Description>Local Administrator</Description> <DisplayName>Administrator</DisplayName> <Group>Administrators</Group> <Name>Administrator</Name> </LocalAccount> </LocalAccounts> </UserAccounts>
-
please use the CODE tags.