Cortana/Windows Search breaks in default profile

JJ Fullmer

So I am working on a new windows 10 image and I’m making my default profile.
My method involves making a new profile with a name like “loading” (Because the name of the copied profile pops up briefly while a new user logs in the first time) and then customizing a profile to my heart’s content. Customizing things like desktop background, taskbar pins, adding a start menu toolbar with an organized programs menu. Making a customized start menu pin layout and various other things like bookmarks in browsers and such.

Once customized I go to regedit and navigate to hklm/software/microsoft/windowsNT/currentVersion/ProfileList
Then I edit the value of the default profile path to the path of the customized user.
Then I sign out and sign into an administrator account
Then I go to win+x then Y to get to the system properties and click the advanced settings button on the left.
I go to user profiles and select the default profile and hit “copy to”
I make sure “everyone” is permitted to use and then copy it to the C:\Users\Default.
Then I put the registry value of default profile path back to its default.
Then I copy a careful selection of files from the appdata/local folder of the customized profile to C:\Users\Default\AppData\Local
I haven’t fully documented what does and doesn’t break things in there, but it takes great care. But if I don’t do that I lose things like win+x or right clicking the start menu.

This method is actually easier than it sounds and I have had more success with it than with sysprep. Plus you can just copy your working default profile folder to a network drive to fix things later. This has worked for windows 7 and 8 and almost for 10.

Here’s the problem now.
On the original profile I copy from the cortana/start menu search is all configured and works as it should. But any new profile I make the search button/cortana button just does nothing. If you start typing with the start menu up, nothing. It is still possible to search if you open the search application from the shortcut here “C:\ProgramData\Microsoft\Windows\Start Menu\Programs” but nothing else brings up the search in the easy way that it should.

I’m still trying a few things and I’m sorry if that is more information than you needed. But I figured there was a chance to someone else out there is having this problem or maybe has been successful with a different method of making default profiles.

Please and thank you

Wayne Workman

I don’t see how this is a fog issue…

but I create a default profile too. But I don’t do it per machine.
I create a default profile and stick it in a secured SMB/UAC shared folder - and I have startup scripts that copy down the profile to a host locally, and then make necessary registry & permissions edits and install the default profile.

I have a scheme I use to push a new default profile anytime I want to every machine in the building. It’s totally custom - but I’d be willing to share my documentation on it.

JJ Fullmer

@Wayne-Workman
Well it’s not technically a fog issue, but it is an imaging issue and I figured that my fellow image making peers might have some thoughts. I would love to see your documentation on that process

Wayne Workman

@Arrowhead-IT

Here’s the startup script.

the directory that you see the output being redirected to is a read/write folder for everyone where I can review results of the default profile deployment and update. It’s a share folder located at \\mb1\logs$\Startup_Script\<filename>

The script looks for a file locally (in this version) called %SystemDrive%\DefaultProfile\Default\Aug_24_2015.txt which on most systems is just C:\DefaultProfile\Default\Aug_24_2015.txt

If that file exists, then nothing is done.

If it doesn’t exist, it goes through the steps of obliterating the last deployed default profile and copying down the new one and setting permissions.

In group policy, this is set as a startup script and it’s a computer-based policy.

echo %date%_%time% >> "\\mb1\logs$\Startup_script\%computername%.txt"
REM
REM Above line just records the date for the log entries placed below it.
REM
REM
REM
IF EXIST "%SystemDrive%\DefaultProfile\Default\Aug_24_2015.txt" (
REM
REM Above command checks to see if a specific file exists.
REM The file is %SystemDrive%\DefaultProfile\Default\Aug_24_2015.txt
REM
REM If the file exists, Do nothing.
REM
) ELSE (
REM
REM
REM IF the file does not exist, do this stuff. 
REM
net use /delete z: >> \\mb1\logs$\Startup_script\%computername%.txt
net use /delete y: >> \\mb1\logs$\Startup_script\%computername%.txt
net use /delete h: >> \\mb1\logs$\Startup_script\%computername%.txt
REM
REM Above commands are used to delete any existing map drives. 
REM The output gets appended to a log so we can see what's happening.
REM
REM
REM
set username=mb\serviceaccount
set password=MyAwesomePasswordWentHere
REM
REM the above lines set the username and password for accessing the share, using a account with read-only perms.
REM
net use z: \\10.2.1.5\Software$ %password% /user:%username% >> \\mb1\logs$\Startup_script\%computername%.txt
REM
REM Above command mounts a maped folder to z:, using MB's service account and password.
REM 
REM
REM
rmdir %SystemDrive%\DefaultProfile /s /q >> \\mb1\logs$\Startup_script\%computername%.txt
REM
REM Above command recursively removes a directory.
REM
mkdir %SystemDrive%\DefaultProfile >> \\mb1\logs$\Startup_script\%computername%.txt
mkdir %SystemDrive%\DefaultProfile\Default >> \\mb1\logs$\Startup_script\%computername%.txt
REM
REM Above commands makes some folders.
REM
REM Below command may contain a 2 for testing only.
REM
xcopy "z:\DefaultProfile\*.*" "C:\DefaultProfile\Default" /y /d /e /c /i /f /h /k /v /s >> \\mb1\logs$\Startup_script\%computername%.txt
REM
REM Above command recursively copies everything from "defaultprofile" on the server to the local folders.
REM
icacls "%SystemDrive%\DefaultProfile\Default" /T /C /grant "everyone:(OI)(CI)F" >> \\mb1\logs$\Startup_script\%computername%.txt
REM
REM Above command sets permissions on the newly created folders and files to EVERYONE, so that it can be used as a default profile.
REM
net use /delete z: >> \\mb1\logs$\Startup_script\%computername%.txt
REM
REM Delete the mapdrive used.
REM
)

In the same group policy, I have a registry edit set:

This is the cutoff key path: SOFTWARE\MICROSOFT\WINDOWS NT\CurrentVersion\ProfileList

here is the settings tab of the policy with everything expanded.

I use a tool called “Evil Finger Enabler” to enable the greyed out “copy profile” button after I have my default profile setup the way I want using a local and normal account.

It enables this button in Windows 7:

If anything isn’t clear, just point it out and ask about it.

JJ Fullmer

So I finally figured this out.
In windows 10, Instead of using the copy to method in user profiles you gotta be a little trickier.

Customize the profile you want then login to a different admin account.
Now copy the only the appdata folders you need such as
roaming/mozilla for firefox customizations
local/Google for chrome customizations
local/Microsoft/Windows/Default Layouts
and
local/Microsoft/Tile Data Layer
for start menu pins
roaming/microsoft/internet explorer for task bar pins

And then once that’s all done, leaving the default profile as it was otherwise there’s one other thing to do to get the task bar settings and desktop background type settings to work. Which is all in the NTuser.dat type files. Just run this command in an administrator cmd

XCOPY C:\Users\CustomUser\ntuser* C:\Users\Default /H

It will ask if you want to overwrite, you do.

And then it works, a completely customized default profile without breaking any of the windows 10 metro apps.

JJ Fullmer

I made a script for this new windows 10 default profile business.
Windows 7 and 8 are slightly different and I will post script that work for them with this new method once I make them.

Copy paste this into your favorite text editor and save as a .bat file
or just download it here…
0_1452880295325_Create Default Profile Win 10.bat

You need to make one change
change the cUser (customized User) variable on line 29 to the name of the user you customized

Note - Run this script from a different admin account, like the built in administrator, if you try to run it from the customized profile it will likely throw errors of files being in use

Note - REM is a comment in a batch script, it doesn’t seem to turn comment colored in the forum, it does in sublime text though.

@ECHO OFF
	REM @ECHO off to not output the commands being run to the console
	REM This script copies a Customized windows 10 profile to the default profile so that
	REM all new profiles are created with the same settings

call :main
exit

:main
	REM main Function that just calls the other Functions

	call :funcHead "Welcome to the Windows 10 Default Profile Creator Script!"
	call :setVars
	call :funcHead "Copying Customized Profile From %custom% to %default% ..."
	call :AppData
	call :CustomSettings
	call :funcHead "Done creating custom default profile! & echo.Goodbye"	
	EXIT /B

:setVars
	REM Function to set script variables

	REM c stands for Custom, d stands for default. cUser should be the name of the user you Customized
	REM These variables just point to the user folders and the local and roaming appdata folders that 
	REM store all the settings for a user profile

	call :funcHead "Setting directory variables..."
	
	set cUser=adl
	set custom="C:\Users\%cUser%"
	set default="C:\Users\Default"
	set cLocal="C:\Users\%cUser%\AppData\Local"
	set dLocal="C:\Users\Default\AppData\Local"
	set cRoam="C:\Users\%cUser%\AppData\Roaming"
	set dRoam="C:\Users\Default\AppData\Roaming"
	
	call :dots
	EXIT /B

:copyDir
	REM Function inputs - 1 = display of what is copying 2 = source folder 3 = destination folder 
	
	REM This Function simply displays what you're copying and copies it. Did a Function to have less
	REM copy paste of command line options and have cleaner code.
	REM Note that when calling the Function all passed parameters should be encased in double quotes
	REM otherwise ROBOCOPY won't read the directories as seperate
	
	REM ROBOCOPY or robust copy, is a tool for copying directories or files in windows command line
	REM The syntax is ROBOCOPY sourceFolder DestFolder options
	REM the options used make it so a mirrored version of the source and its subdirectories are copied
	REM to the destination with 64 threads (64 files at once) overwriting existin files retrying any failed files 
	REM only once after 1 second of waiting and all without any verbose output
	
	REM /S - subdirectories /MIR - mirror /MT:64 - multithreaded copy with 64 threads, i.e. 64 files at a time instead of 1. 
	REM /LOG - output to logfile instead of console, ROBOCOPY /? says this provides better performance in multithreaded mode
	REM /IS - include same files i.e. overwrite existing /R:1 retry on error once (default is 1 million) 
	REM W:1 - wait one second between retry on error (default is 30 seconds) 
	REM the /N* are all to decrease output for automation. Since they go to a log file you can take them out if you want
	REM /NP - no progress /NS - don't log file sizes /NC - don't log file classes /NFL - don't log file names /NDL - don't log directory names
	REM /NJH - no job header /NJS - no job summary

	echo. Copying %~1...
	ROBOCOPY "%~2" "%~3" /S /MIR /MT:64 /LOG:C:\defaultProfile.txt /IS /R:1 /W:1 /NP /NJH /NJS /NS /NC /NFL /NDL
	echo. Done Copying %~1
	EXIT /B

:AppData
	REM Function to copy all Customizations settings that are stored in files in the AppData folder
	
	call :funcHead "Copying Customizations From AppData..."
	
	REM directories used in all versions of windows
	call :copyDir "Firefox Customizations" "%cRoam%\Mozilla" "%dRoam%\Mozilla"
	call :copyDir "Google Chrome Customizations" "%cLocal%\Google" "%dLocal%\Google"
	call :copyDir "Task Bar Pin Shortcuts" "%cRoam%\Microsoft\Internet Explorer" "%dRoam%\Microsoft\Internet Explorer"
	
	REM The remaining dirs are specific to Windows 10 
	REM Note: A starup script will be required on first login to copy the favorites for Microsoft edge to the Packages directory in the newly created User
	REM That logon script would only need to be one line like so...
	REM ROBOCOPY "%localAppData%\MicrosoftEdge\User" "%localAppData%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User" /S /MIR /MT:64 /LOG:C:\logs\edgeBookmarks.txt /IS /R:1 /W:1 
	
	call :copyDir "Microsoft Edge Customizations" "%cLocal%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User" "%dLocal%\MicrosoftEdge\User"
	call :copyDir "Start Menu Tiles Part 1 of 3" "%cLocal%\TileDataLayer" "%dLocal%\TileDataLayer"
	call :copyDir "Start Menu Tiles Part 2 of 3" "%cRoam%\Microsoft\Windows\Start Menu" "%dRoam%\Microsoft\Windows\Start Menu"
	call :copyDir "Start Menu Tiles Part 3 of 3" "%cLocal%\Microsoft\Windows\Shell" "%dLocal%\Microsoft\Windows\Shell"
	
	echo. Done Copying AppData Folders...
	call :dots
	EXIT /B

:CustomSettings
	REM This Function copies the ntuser.dat and related system files that store things like task bar pin order, 
	REM mapped network drives, taskbar toolbars, explorer settings, desktop background settings, etc.
	REM It uses xcopy to copy all files that start with ntuser via * wildcard and uses the options...
	REM \H - copy hidden system files /Y - overwrite existsing files without prompt 

	call :funcHead "Copying custom settings (i.e. task bar pins and toolbars, desktop background, etc.) from ntuser .dat system files..."
	
	XCOPY %custom%\ntuser* %default%\ /H /Y

	echo. Done Copying Custom Settings
	call :dots
	EXIT /B

:dots
	REM just echoing dots in a Function instead of copy pasting them so that it's consistent
	echo ......................................................................
	EXIT /B

:funcHead
	REM A simple function for displaying a consistent header at the start of functions
	call :dots
	echo. %~1
	call :dots
	EXIT /B

Wayne Workman

@Arrowhead-IT Robocopy ??

Can we get some comments in that script?

JJ Fullmer

@Wayne-Workman Oh my goodness I didn’t put any comments. I have all my scripts in a git repo so most the comments are in commits. I will indeed edit the post and add some comments. And I also realized that it would need to be slightly different for windows 7 and 8 and I have use for at least the windows 8 one, so I’ll make that script and post it here too.

JJ Fullmer

@Wayne-Workman There ya go, detailed comments galore. Also thank you for your script.
You could probably just change the variables for the default profile locations in my script to the network drive and utilize your same system.
I also back up my default profile folder to a network drive after I run this script.

Lee Rowlett

in my research i found, that cortana/windows search breaks if you make any customization to the start menu - test my theory build another image but leave start menu as default. making all other custom changes + unattend.xml or whatever you used on your image that has broken cortana/windows search

JJ Fullmer

@Lee-Rowlett I think you are somewhat correct there. In all my testing I found that it relates to when a user first logs in it installs all the metro apps for that user including cortana. And when you do a profile copy in the system advanced settings control panel it ends up copying some of those installed apps to the default profile which causes the installation of metro apps on a new profile to fail, but there’s no error because the installs think they succeed since the files are already there.
At least I think that has some to do with it. My new script system seems to work flawlessly and it is much easier than my old way of having to change the registry everytime and such.

I would still test your theory for you, just for funzies, but I don’t actually use an unattend.xml. I don’t like sysprep. It breaks my default profile sometimes, and I’ve seen it break other things and it forces you to go back to oobe which messes with my computer naming system. I’ve kinda found it to not be necessary. Yes it resets some security id’s for activation this and that but if you are using windows enterprise volume licensing, that doesn’t cause any problems. In windows 7 I figured out the registry key to change and then just re-inputting the windows key and reactivating gave it a new sid. Windows 8 and 10 just work without issue without doing that. As for drivers, I make my images on a vm so they’re already hardware independent and I use the terminal tool devcon (included in the windows wdk 8.1, I just copy the devcon.exe over to my image vm after installing the wdk on my workstation) to uninstall all the devices in the device manager before rebooting with devcon -r remove *
It goes through the uninstalling of devices much much faster than sysprep does too.

So thank you sir for your help, but I think I got it figured out.

MRCUR

This is a bit of a related topic on Win 10 profile customization - in the past we used the copy profile option in the sysprep unattend file combined with a VBS script to add/remove apps pinned to the taskbar. This script no longer works in Win 10.

What are you guys doing in terms of the taskbar? I see you mention the IE stuff in appdata, but I don’t believe that covers everything (like the Win Store icon for instance).

JJ Fullmer

@MRCUR The IE stuff in appdata is where the shortcut files that are pinned to taskbar go, but to get it to work fully you need the ntuser.dat files. The script I posted copies that file from your customized profile into the default profile but only that file. Give my batch script a try. If you’re using sysprep, some customizations might disappear so you could run the script before sysprep then put the resulting C:\Users\Default in a network share somewhere then copy it back over after sysprep or after imaging.

Does that help at all?

Lee Rowlett

@Arrowhead-IT certainly a nice clean approach… glad you got it figured out! and thanks for sharing with the community… i’m sure it’ll become useful as people start to move over to win10.

MRCUR

@Arrowhead-IT I’ll give your script a try. I think the issue for me is that with our current solution, we can adjust what’s pinned on the taskbar by updating the login script and copying it to machines. With the default profile, that isn’t the case. It’s once and done for the user.

JJ Fullmer

@MRCUR I see what you’re saying. It would be less work to not have to manually pin some icons to the taskbar and then run the script.
Granted I have my default base image with my default profile on a esxi vm, so for me it is pretty easy to do. I suppose it could be possible to edit the ntuser.dat file manually to add in shortcuts. I’ll look into that, because it would certainly be easier.

JJ Fullmer

@MRCUR Well I think it is possible to edit it directly, but it is not easy.
Let’s say you run my script and have a working default profile and you saved the folder somewhere.
Now let’s copy the whole profile folder to the local computer, in the C:\ root for example(just to be safe not editing the original right away)
Now open up regedit.exe as an administrator and highlight ‘HKEY_USERS’
File → Load Hive
Open up
“C:\Default\NTUSER.DAT”
name the hive test, or something like that.

You can now edit the default profile registry .dat settings to your heart’s content. Problem is, it’s the registry…
So the second half of task bar pins is in that hive under
HKEY_USERS\test\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Taskband
But that key is all binary and Dwords.
Granted, you could just customize some pins on any user and export that key from
HKEY_USERS\userSID\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Taskband
And then import or copy paste the values into the hive you’re editing and that would work.
Then just highlight the test hive and do file→unload hive and all the settings should be saved in the .dat file.

I saw some vbs scripts in various forums that claimed to automate the pinning but I didn’t try any of them. But I’ll post some links in case they help you do it the way you want to.

Here’s where I came up with most of this
http://smallbusiness.chron.com/modify-ntuserdat-56096.html - editing ntuser.dat
https://social.technet.microsoft.com/Forums/windows/en-US/73eb1c0a-fc78-4ae7-ba6d-356d9a9a5328/solved-how-to-pin-to-start-menutask-bar-for-default-user?forum=w7itproinstall - possible script solution
http://blogs.technet.com/b/deploymentguys/archive/2008/06/06/useful-script-number-5-adjusting-the-default-user-registry-hive.aspx - editing ntuser.dat some more
http://blogs.technet.com/b/deploymentguys/archive/2009/04/08/pin-items-to-the-start-menu-or-windows-7-taskbar-via-script.aspx - other script possibility

Hope that helps in some way. Sorry that I didn’t find an easy answer for you.

MRCUR

@Arrowhead-IT Thanks, I’ll certainly take a look at all of those. I really wish MS would just include some PS cmdlets to do this. It would be so simple to have a logic script to do exactly what we wanted then.

JJ Fullmer

So one caveat to my method with using devcon from the windows wdk (https://msdn.microsoft.com/en-us/windows/hardware/dn913721.aspx)
is that when you remove all the devices it removes and doesn’t reinstall on restart a couple system devices that are required to make remote desktop work.
So in other words you can’t rdp/windows remote desktop into an imaged computer. I had found this rather annoying and finally figured out exactly which devices are required and scripted how to fix it. yay!

This is also helpful to anyone that perhaps is having trouble with remote desktop when it is otherwise configured correctly.

So the devices that you could install manually as legacy devices are…

• NDIS Virtual Network Adapter Enumerator
• UMBus Root Bus Enumerator (adds UMBus Enumerators on restart that are also needed)
• Remote Desktop Device Redirector Bus

Luckily the inf files for all of these are still in the driverstore. And the devcon.exe tool can be used to install them quickly from the command line. 0_1453504913836_devcon.exe - 64 bit version from wdk 8.1 - put this in your C:\Windows\System32 for the following script to work. You can also download and install the wdk from the above link and find it in C:\Program Files (x86)\Windows Kits\10 somewhere, a tools folder of some sort as I recall. I tested it with the 8.1 version but just discovered there is a windows 10 version as I was writing this.

Anywho, scripty script

@ECHO off
	REM Script for fixing remote desktop after uninstalling all devices

	call :main

:main
	call :funcHead "Welcome to the remote desktop fix!"
	call :setVars
	call :addDriver "NDIS Virtual Network Adapter Enumerator" "%drivers%\ndisvirtualbus.inf_amd64_c420021ea374b6f3\ndisvirtualbus.inf" ROOT\NdisVirtualBus
	call :addDriver "UMBus Root Bus Enumerator" "%drivers%\umbus.inf_amd64_b5911c04e2dae8d2\umbus.inf" root\umbus.inf
	call :addDriverAndRestart "Remote Desktop Device Redirector Bus" "%drivers%\rdpbus.inf_amd64_e1a9f2699d349149\rdpbus.inf" ROOT\RDPBUS

	EXIT /B

:setVars
	set drivers=C:\Windows\System32\DriverStore\FileRepository

	EXIT /B

:addDriver
	echo. installing %~1...	
	Devcon install %~2 %~3
	echo. done!
	EXIT /B

:addDriverAndRestart
	echo. installing %~1 and restarting computer...	
	Devcon -r install %~2 %~3
	echo. done!
	REM just in case -r doesn't reboot...
	Devcon reboot & exit
	EXIT /B

:dots
	REM just echoing dots in a Function instead of copy pasting them so that it's consistent
	echo ......................................................................
	EXIT /B

:funcHead
	REM A simple function for displaying a consistent header at the start of functions
	call :dots
	echo. %~1
	call :dots
	EXIT /B

run that as a batch script, it will restart your computer and it will fix remote desktop if you break it by manually uninstalling devices

I had been having trouble with this problem for months and just fixed it and figured it related enough to everything else here so I shared it

Wayne Workman

@Arrowhead-IT said in Cortana/Windows Search breaks in default profile:

So I finally figured this out.
In windows 10, Instead of using the copy to method in user profiles you gotta be a little trickier.

Customize the profile you want then login to a different admin account.
Now copy the only the appdata folders you need such as
roaming/mozilla for firefox customizations
local/Google for chrome customizations
local/Microsoft/Windows/Default Layouts
and
local/Microsoft/Tile Data Layer
for start menu pins
roaming/microsoft/internet explorer for task bar pins

And then once that’s all done, leaving the default profile as it was otherwise there’s one other thing to do to get the task bar settings and desktop background type settings to work. Which is all in the NTuser.dat type files. Just run this command in an administrator cmd

XCOPY C:\Users\CustomUser\ntuser* C:\Users\Default /H

It will ask if you want to overwrite, you do.

And then it works, a completely customized default profile without breaking any of the windows 10 metro apps.

I’m about to dig into this myself, and follow these instructions. To be clear, we are copying the necessary items from the configured account’s app data to the default profile, or are you somehow deploying these files to all accounts?