Cortana/Windows Search breaks in default profile
-
in my research i found, that cortana/windows search breaks if you make any customization to the start menu - test my theory build another image but leave start menu as default. making all other custom changes + unattend.xml or whatever you used on your image that has broken cortana/windows search
-
@Lee-Rowlett I think you are somewhat correct there. In all my testing I found that it relates to when a user first logs in it installs all the metro apps for that user including cortana. And when you do a profile copy in the system advanced settings control panel it ends up copying some of those installed apps to the default profile which causes the installation of metro apps on a new profile to fail, but there’s no error because the installs think they succeed since the files are already there.
At least I think that has some to do with it. My new script system seems to work flawlessly and it is much easier than my old way of having to change the registry everytime and such.I would still test your theory for you, just for funzies, but I don’t actually use an unattend.xml. I don’t like sysprep. It breaks my default profile sometimes, and I’ve seen it break other things and it forces you to go back to oobe which messes with my computer naming system. I’ve kinda found it to not be necessary. Yes it resets some security id’s for activation this and that but if you are using windows enterprise volume licensing, that doesn’t cause any problems. In windows 7 I figured out the registry key to change and then just re-inputting the windows key and reactivating gave it a new sid. Windows 8 and 10 just work without issue without doing that. As for drivers, I make my images on a vm so they’re already hardware independent and I use the terminal tool devcon (included in the windows wdk 8.1, I just copy the devcon.exe over to my image vm after installing the wdk on my workstation) to uninstall all the devices in the device manager before rebooting with
devcon -r remove *
It goes through the uninstalling of devices much much faster than sysprep does too.So thank you sir for your help, but I think I got it figured out.
-
This is a bit of a related topic on Win 10 profile customization - in the past we used the copy profile option in the sysprep unattend file combined with a VBS script to add/remove apps pinned to the taskbar. This script no longer works in Win 10.
What are you guys doing in terms of the taskbar? I see you mention the IE stuff in appdata, but I don’t believe that covers everything (like the Win Store icon for instance).
-
@MRCUR The IE stuff in appdata is where the shortcut files that are pinned to taskbar go, but to get it to work fully you need the ntuser.dat files. The script I posted copies that file from your customized profile into the default profile but only that file. Give my batch script a try. If you’re using sysprep, some customizations might disappear so you could run the script before sysprep then put the resulting C:\Users\Default in a network share somewhere then copy it back over after sysprep or after imaging.
Does that help at all?
-
@Arrowhead-IT certainly a nice clean approach… glad you got it figured out! and thanks for sharing with the community… i’m sure it’ll become useful as people start to move over to win10.
-
@Arrowhead-IT I’ll give your script a try. I think the issue for me is that with our current solution, we can adjust what’s pinned on the taskbar by updating the login script and copying it to machines. With the default profile, that isn’t the case. It’s once and done for the user.
-
@MRCUR I see what you’re saying. It would be less work to not have to manually pin some icons to the taskbar and then run the script.
Granted I have my default base image with my default profile on a esxi vm, so for me it is pretty easy to do. I suppose it could be possible to edit the ntuser.dat file manually to add in shortcuts. I’ll look into that, because it would certainly be easier. -
@MRCUR Well I think it is possible to edit it directly, but it is not easy.
Let’s say you run my script and have a working default profile and you saved the folder somewhere.
Now let’s copy the whole profile folder to the local computer, in the C:\ root for example(just to be safe not editing the original right away)
Now open up regedit.exe as an administrator and highlight ‘HKEY_USERS’
File → Load Hive
Open up
“C:\Default\NTUSER.DAT”
name the hive test, or something like that.You can now edit the default profile registry .dat settings to your heart’s content. Problem is, it’s the registry…
So the second half of task bar pins is in that hive under
HKEY_USERS\test\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Taskband
But that key is all binary and Dwords.
Granted, you could just customize some pins on any user and export that key from
HKEY_USERS\userSID\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Taskband
And then import or copy paste the values into the hive you’re editing and that would work.
Then just highlight the test hive and do file→unload hive and all the settings should be saved in the .dat file.I saw some vbs scripts in various forums that claimed to automate the pinning but I didn’t try any of them. But I’ll post some links in case they help you do it the way you want to.
Here’s where I came up with most of this
http://smallbusiness.chron.com/modify-ntuserdat-56096.html - editing ntuser.dat
https://social.technet.microsoft.com/Forums/windows/en-US/73eb1c0a-fc78-4ae7-ba6d-356d9a9a5328/solved-how-to-pin-to-start-menutask-bar-for-default-user?forum=w7itproinstall - possible script solution
http://blogs.technet.com/b/deploymentguys/archive/2008/06/06/useful-script-number-5-adjusting-the-default-user-registry-hive.aspx - editing ntuser.dat some more
http://blogs.technet.com/b/deploymentguys/archive/2009/04/08/pin-items-to-the-start-menu-or-windows-7-taskbar-via-script.aspx - other script possibilityHope that helps in some way. Sorry that I didn’t find an easy answer for you.
-
@Arrowhead-IT Thanks, I’ll certainly take a look at all of those. I really wish MS would just include some PS cmdlets to do this. It would be so simple to have a logic script to do exactly what we wanted then.
-
So one caveat to my method with using devcon from the windows wdk (https://msdn.microsoft.com/en-us/windows/hardware/dn913721.aspx)
is that when you remove all the devices it removes and doesn’t reinstall on restart a couple system devices that are required to make remote desktop work.
So in other words you can’t rdp/windows remote desktop into an imaged computer. I had found this rather annoying and finally figured out exactly which devices are required and scripted how to fix it. yay!This is also helpful to anyone that perhaps is having trouble with remote desktop when it is otherwise configured correctly.
So the devices that you could install manually as legacy devices are…
- NDIS Virtual Network Adapter Enumerator
- UMBus Root Bus Enumerator (adds UMBus Enumerators on restart that are also needed)
- Remote Desktop Device Redirector Bus
Luckily the inf files for all of these are still in the driverstore. And the devcon.exe tool can be used to install them quickly from the command line. 0_1453504913836_devcon.exe - 64 bit version from wdk 8.1 - put this in your C:\Windows\System32 for the following script to work. You can also download and install the wdk from the above link and find it in C:\Program Files (x86)\Windows Kits\10 somewhere, a tools folder of some sort as I recall. I tested it with the 8.1 version but just discovered there is a windows 10 version as I was writing this.
Anywho, scripty script
@ECHO off REM Script for fixing remote desktop after uninstalling all devices call :main :main call :funcHead "Welcome to the remote desktop fix!" call :setVars call :addDriver "NDIS Virtual Network Adapter Enumerator" "%drivers%\ndisvirtualbus.inf_amd64_c420021ea374b6f3\ndisvirtualbus.inf" ROOT\NdisVirtualBus call :addDriver "UMBus Root Bus Enumerator" "%drivers%\umbus.inf_amd64_b5911c04e2dae8d2\umbus.inf" root\umbus.inf call :addDriverAndRestart "Remote Desktop Device Redirector Bus" "%drivers%\rdpbus.inf_amd64_e1a9f2699d349149\rdpbus.inf" ROOT\RDPBUS EXIT /B :setVars set drivers=C:\Windows\System32\DriverStore\FileRepository EXIT /B :addDriver echo. installing %~1... Devcon install %~2 %~3 echo. done! EXIT /B :addDriverAndRestart echo. installing %~1 and restarting computer... Devcon -r install %~2 %~3 echo. done! REM just in case -r doesn't reboot... Devcon reboot & exit EXIT /B :dots REM just echoing dots in a Function instead of copy pasting them so that it's consistent echo ...................................................................... EXIT /B :funcHead REM A simple function for displaying a consistent header at the start of functions call :dots echo. %~1 call :dots EXIT /B
run that as a batch script, it will restart your computer and it will fix remote desktop if you break it by manually uninstalling devices
I had been having trouble with this problem for months and just fixed it and figured it related enough to everything else here so I shared it
-
@Arrowhead-IT said in Cortana/Windows Search breaks in default profile:
So I finally figured this out.
In windows 10, Instead of using the copy to method in user profiles you gotta be a little trickier.Customize the profile you want then login to a different admin account.
Now copy the only the appdata folders you need such as
roaming/mozilla for firefox customizations
local/Google for chrome customizations
local/Microsoft/Windows/Default Layouts
and
local/Microsoft/Tile Data Layer
for start menu pins
roaming/microsoft/internet explorer for task bar pinsAnd then once that’s all done, leaving the default profile as it was otherwise there’s one other thing to do to get the task bar settings and desktop background type settings to work. Which is all in the NTuser.dat type files. Just run this command in an administrator cmd
XCOPY C:\Users\CustomUser\ntuser* C:\Users\Default /H
It will ask if you want to overwrite, you do.
And then it works, a completely customized default profile without breaking any of the windows 10 metro apps.
I’m about to dig into this myself, and follow these instructions. To be clear, we are copying the necessary items from the configured account’s app data to the default profile, or are you somehow deploying these files to all accounts?
-
@Wayne-Workman I have since updated this script.
I don’t have a way to dynamically update all users. It essentially copies the neccesarry app data folders that won’t break cortana/start
to the default profile and then copies that default profile to a network share for deploying via a fog snapin with another script that takes arguements of the name of the profile you make.Here let me just take out my credentials and share name and post a copies of my current create and apply windows 10 profile scripts…
p.s. I recently discovered that profiles made on 64 bit windows won’t work on 32 bit windows. So you have to create separate versions from 32 bit and 64 bit windows installs if you have different archs in your environment.
-
@Arrowhead-IT Much appreciated!
-
some quick notes. You do need to put your username and password in plain text for shares, unless you have shares that give everyone access. If anyone knows of a way to encrypt that, I’d love to hear it. I know it can be done with openssl in linux bash scripts but I am yet to find the equivalent for a batch script. But hey bash will come to windows 10 soon.
This script hasn’t been tested for windows 7 or 8 profiles. It does detect the windows version because I was preparing to add that kind of functionality but since I am ending up moving completely to windows 10, I never put the work into it
The create profile script prompts you for the name of the user profile you customized and asks you for what department/profile you are making it for.
The Apply simply takes one arguement of the profile name. So you can upload just the one script to fog and make a bunch of snapins with different args for each profile you have to deploy.
Also note that I have some extra app data folders for custom settings of specific programs we use. I left them in there as examples.
Bath script to create Deployable Default Profile
::----------------------------------------------------------------------------- :: Script Name: Create-Deployable-Default-Profile :: Original Author: jfullmer :: Created Date: 2016-02-18 16:39:23 :: Last Updated Date: 2016-04-12 17:09:35 :: Update Author: jfullmer :: Version: 3.8 ::----------------------------------------------------------------------------- @ECHO OFF REM @ECHO off to not output the commands being run to the console REM This script copies a Customized windows 10 profile to the default profile so that REM all new profiles are created with the same settings SET pwd=%~dp0 call :main del C:\Create-Deployable-Default-Profile.bat & exit :main REM main Function that just calls the other Functions call :copySelf call :funcHead "Welcome to the Windows Default Profile Creator Script!" call :setVars call :funcHead "Copying Customized Profile From %custom% to %default% ..." call :AppData call :CustomSettings call :CopyToNetwork call :funcHead "Done creating custom default profile! & echo.Goodbye" EXIT /B :copySelf rem In some instances running this from a share doesn't work, so copy itself and start the copied version to run local IF NOT %pwd%==C:\ ( echo. Copying self to C drive net use \\path\to\share /USER:domain\user password XCOPY \\path\to\share\Create-Deployable-Default-Profile.bat C:\ /H /Y rem Make sure it's being run as an admin net session >nul 2>&1 if %errorLevel% == 0 ( echo opening copied version. start C:\Create-Deployable-Default-Profile.bat exit ) else ( echo This needs to be run as admin, try again please. @pause exit ) ) EXIT /B :setVars REM Function to set script variables REM c stands for Custom, d stands for default. cUser should be the name of the user you Customized REM These variables just point to the user folders and the local and roaming appdata folders that REM store all the settings for a user profile call :funcHead "Setting directory variables..." rem set cUser=adl echo. Don't run this script from the user you're copying! set /p cUser="What is the username of the profile you customized? -> " set custom=C:\Users\%cUser% set default=C:\Users\Default set cPF=C:\Users\%cUser%\AppData\ProgramFiles set dPF=C:\Users\Default\AppData\ProgramFiles set cLocal=C:\Users\%cUser%\AppData\Local set dLocal=C:\Users\Default\AppData\Local set cRoam=C:\Users\%cUser%\AppData\Roaming set dRoam=C:\Users\Default\AppData\Roaming rem The script will create windows version and department folders set profiles=\\path\to\share\with\profiles net use %profiles% /USER:domain\user password call :OSversion call :setDept call :dots EXIT /B :setDept rem Function to set department via prompt. echo. What department/group is this profile for? (no spaces) echo. The Current Choices are... (A different entry will create a new folder) rem list profiles dir /b %profiles%\%winVer% set /P dept="Enter The Dept Here -> " set share=%profiles%\%winVer%\%dept% if NOT EXIST %share% mkdir %share% if NOT EXIST %share%\logs mkdir %share%\logs set logs=%share%\logs EXIT /B :OSversion :: Function to get current OS version echo. Getting OS... FOR /F "tokens=4-5 delims=. " %%i in ('ver') do set os=%%i.%%j if "%os%" == "5.1" set winVer=WinXP if "%os%" == "5.2" set winVer=WinXP if "%os%" == "6.1" set winVer=Win7 if "%os%" == "6.2" set winVer=Win8 if "%os%" == "6.3" set winVer=Win8.1 if "%os%" == "10.0" set winVer=Win10 EXIT /B :copyDir REM Function inputs - 1 = display of what is copying 2 = source folder 3 = destination folder REM This Function simply displays what you're copying and copies it. Did a Function to have less REM copy paste of command line options and have cleaner code. REM Note that when calling the Function all passed parameters should be encased in double quotes REM otherwise ROBOCOPY won't read the directories as seperate REM ROBOCOPY or robust copy, is a tool for copying directories or files in windows command line REM The syntax is ROBOCOPY sourceFolder DestFolder options REM the options used make it so a mirrored version of the source and its subdirectories are copied REM to the destination with 64 threads (64 files at once) overwriting existin files retrying any failed files REM only once after 1 second of waiting and all without any verbose output REM /S - subdirectories /MIR - mirror /MT:64 - multithreaded copy with 64 threads, i.e. 64 files at a time instead of 1. REM /LOG - output to logfile instead of console, ROBOCOPY /? says this provides better performance in multithreaded mode REM /IS - include same files i.e. overwrite existing /R:1 retry on error once (default is 1 million) REM W:1 - wait one second between retry on error (default is 30 seconds) REM the /N* are all to decrease output for automation. Since they go to a log file you can take them out if you want ( I did take them out) REM /NP - no progress /NS - don't log file sizes /NC - don't log file classes /NFL - don't log file names /NDL - don't log directory names REM /NJH - no job header /NJS - no job summary echo. Copying %~1... ROBOCOPY "%~2" "%~3" /S /MIR /MT:128 /LOG:"%logs%\%~1.log" /IS /R:1 /W:1 /ZB echo. Done Copying %~1 EXIT /B :AppData REM Function to copy all Customizations settings that are stored in files in the AppData folder call :funcHead "Copying Customizations From AppData..." REM directories used in all versions of windows call :copyDir "Desktop" "%custom%\Desktop" "%default%\Desktop" call :copyDir "Firefox Customizations" "%cRoam%\Mozilla" "%dRoam%\Mozilla" call :copyDir "Google Chrome Customizations" "%cLocal%\Google" "%dLocal%\Google" call :copyDir "Task Bar Pin Shortcuts" "%cRoam%\Microsoft\Internet Explorer" "%dRoam%\Microsoft\Internet Explorer" call :copyDir "Saleslogix" "%cRoam%\Saleslogix" "%dRoam%\Saleslogix" call :copyDir "Sage Software" "%cRoam%\Sage Software" "%dRoam%\Sage Software" call :copyDir "Saleslogix" "%cLocal%\Saleslogix" "%dLocal%\Saleslogix" call :copyDir "Sage Software" "%cLocal%\Sage Software" "%dLocal%\Sage Software" rem IF %dept%==IT ( rem call :copyDir "Terminals" "%cLocal%\Robert_Chartier" "%dLocal%\Robert_Chartier" rem call :copyDir "VMware Vsphere" "%cLocal%\VMware" "%dLocal%\VMware" rem call :copyDir "VMware Vsphere" "%cRoam%\VMware" "%dRoam%\VMware" rem call :copyDir "Camtasia" "%cRoam%\TechSmith" "%dRoam%\TechSmith" rem call :copyDir "Camtasia" "%cLocal%\TechSmith" "%dLocal%\TechSmith" rem call :copyDir "slack" "%cLocal%\slack" "%dLocal%\slack" rem call :copyDir "ProgramFiles" %cPF% %dPF% rem ) call :copyDir "VLC settings" "%cRoam%\vlc" "%dRoam%\vlc" call :copyDir "FaxFinder settings" "%cRoam%\FaxFinder Client Software" "%dRoam%\FaxFinder Client Software" REM The remaining dirs are specific to Windows 10 REM Note: A starup script will be required on first login to copy the favorites for Microsoft edge to the Packages directory in the newly created User REM That logon script would only need to be one line like so... REM ROBOCOPY "%localAppData%\MicrosoftEdge\User" "%localAppData%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User" /S /MIR /MT:64 /LOG:C:\logs\edgeBookmarks.txt /IS /R:1 /W:1 rem call :copyDir "Microsoft Edge Customizations" "%cLocal%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User" "%dLocal%\MicrosoftEdge\User" call :copyDir "Start Menu Tiles Part 1 of 3" "%cLocal%\TileDataLayer" "%dLocal%\TileDataLayer" call :copyDir "Start Menu Tiles Part 2 of 3" "%cRoam%\Microsoft\Windows\Start Menu" "%dRoam%\Microsoft\Windows\Start Menu" call :copyDir "Start Menu Tiles Part 3 of 3" "%cLocal%\Microsoft\Windows\Shell" "%dLocal%\Microsoft\Windows\Shell" echo. Done Copying AppData Folders... call :dots EXIT /B :CustomSettings REM This Function copies the ntuser.dat and related system files that store things like task bar pin order, REM mapped network drives, taskbar toolbars, explorer settings, desktop background settings, etc. REM It uses xcopy to copy all files that start with ntuser via * wildcard and uses the options... REM \H - copy hidden system files /Y - overwrite existsing files without prompt call :funcHead "Copying custom settings (i.e. task bar pins and toolbars, desktop background, etc.) from ntuser .dat system files..." XCOPY %custom%\ntuser* %default%\ /H /Y > %logs%\ntuserFiles.log echo. Done Copying Custom Settings call :dots EXIT /B :CopyToNetwork REM This copies the newly created profile to the network share call :funcHead "Copying profile to network!" ROBOCOPY %default% %share%\Default /S /MIR /R:1 /W:1 /MT:128 /ZB /XJ XCOPY %default%\ntuser* %share%\Default\ /H /Y > %logs%\ntuserFilesRemote.log net use %share% /delete EXIT /B :dots REM just echoing dots in a Function instead of copy pasting them so that it's consistent echo ...................................................................... EXIT /B :funcHead REM A simple function for displaying a consistent header at the start of functions call :dots echo. %~1 call :dots EXIT /B
Batch script/snapin to Apply Default Profile
::----------------------------------------------------------------------------- :: Script Name: Apply-Default-Profile-args :: Original Author: jfullmer :: Created Date: 2016-02-18 16:39:27 :: Last Updated Date: 2016-05-11 16:29:08 :: Update Author: jfullmer :: Version: 2.7 ::----------------------------------------------------------------------------- @ECHO OFF REM @ECHO off to not output the commands being run to the console REM Requires args passed of department rem if department is Touchscreen autologon is enabled and fog will reboot after applying the profile set dept=%1 call :OSversion call :main exit :main REM main Function that just calls the other Functions call :funcHead "Welcome to the Windows 10 Default Profile Copy Script!" call :setVars call :CopyFromNetwork call :funcHead "Done creating custom default profile! & echo.Goodbye" EXIT /B :setVars REM Function to set script variables REM c stands for Custom, d stands for default. cUser should be the name of the user you Customized REM These variables just point to the user folders and the local and roaming appdata folders that REM store all the settings for a user profile call :funcHead "Setting directory variables..." set cUser=adl set custom=C:\Users\%cUser% set default=C:\Users\Default set cLocal=C:\Users\%cUser%\AppData\Local set dLocal=C:\Users\Default\AppData\Local set cRoam=C:\Users\%cUser%\AppData\Roaming set dRoam=C:\Users\Default\AppData\Roaming set share=\\path\to\share\%winVer%\%dept% net use %share% /USER:domain\user password call :dots EXIT /B :OSversion :: Function to get current OS version echo. Getting OS... FOR /F "tokens=4-5 delims=. " %%i in ('ver') do set os=%%i.%%j if "%os%" == "5.1" set winVer=WinXP if "%os%" == "5.2" set winVer=WinXP if "%os%" == "6.1" set winVer=Win7 if "%os%" == "6.2" set winVer=Win8 if "%os%" == "6.3" set winVer=Win8.1 if "%os%" == "10.0" set winVer=Win10 EXIT /B :CopyFromNetwork REM This copies the newly created profile to the network share call :funcHead "Copying profile From network!" echo. Delete and recreate default profile folder so there aren't remnants of other profiles... rmdir %default% /S /Q mkdir %default% ROBOCOPY %share%\Default %default% /S /MIR /R:1 /W:1 /MT:128 /ZB /LOG:C:\defaultProfileApplied-%dept%.log XCOPY %share%\Default\ntuser* %default%\ /H /Y > C:\defaultProfile-ntuser-%dept%.log net use %share% /delete EXIT /B :dots REM just echoing dots in a Function instead of copy pasting them so that it's consistent echo ...................................................................... EXIT /B :funcHead REM A simple function for displaying a consistent header at the start of functions call :dots echo. %~1 call :dots EXIT /B
-
@Arrowhead-IT That is a sick setup, good job man! I’m not as skilled with batch scripting as you are, clearly.
I’ll be using this tomorrow.
-
Hi,
i don’t use that tricky registry tweaks for making a profile to default.
Ever tried STRG + SHIFT + F3 in Express Settings to enter Audit mode?
Then do your changes and fire a sysprep:sysprep /oobe /generalize /shutdown /unattend:c:\pathtoanswerfile\unattend.xml
Make sure your unattend.xml has the copyprofile option enabled!!!
Now take your image.If you ever need to make changes restore to vm again let it boot and goto audit mode again: sysprep /audit /reboot
I have that parts scripted for my self and can give you that stuff if you need.
Never try to uninstall staged appx apps or you break sysprep, also don’t use O&O Shutup or Stuff like that this also breaks sysprep.
Regards X23
-
@x23piracy Yes I am aware of the copy profile option and that is a great method for a default profile if you only need one default profile for the image.
The end result of solving this problem was a snapin that deploys a profile to any existing windows 10 computer so that all profiles created after the profile is deployed use the customized default profile. So you can have one base image that can have any number of custom profiles added to it.
It doesn’t require the registry tweaks or anything like that. Just plain and simple copies the files that contain the settings that will create your customized profile when a new profile is created.So you could use this method to have one image with all your programs installed and use profiles to give access to only the programs needed to different departments.
Or you could document what programs have shortcuts in each profile for each department and use fog groups to deploy the programs needed and then the profile provisioning style.
I’m sure there are other methods to do this. For example there are some group policies that can be used. This is just my solution to the problem of customizing local profiles without breaking the profiles and while still allowing users to customize the profiles themselves.
-
@Arrowhead-IT I’ve been trying to use the scripts you posted - lots of things going wrong.
I sorted a permissions issue on the intended share first, but I’m still getting a lot of access denied errors… Suppose I need to dig deeper, run the script as elevated.
My intention is to re-write this thing to be more simple. It’s highly complex I feel, and really overkill.
-
@Wayne-Workman I do have a tendency to do that, complicating things and adding some overkill. You do need to run it as elevated because I think doing anything to the hidden C:\Users\Default folder requires elevation.
The access denied errors are usually solved by copying the script to the C drive to run locally, which is why it copies itself to the C drive to run locally. Windows command prompt and network unc paths don’t always get along. The copySelf function was my solution.
-
@Arrowhead-IT Got this working, Now I understand the beauty of these two scripts design.