/build/static/layout/Breadcrumb_cap_w.png

Blog Posts tagged with OS Provisioning

Ask a question

How TO: Track Windows and Office Product Keys

I’ve been getting a lot of request for this in my trainings, so here it is. 
At the end of this post, you will have all the tools you need to track your Windows product keys and Microsoft office product keys. 
They way this works is we find the keys using nirsoft's keyfinder program. 
Next a VBS writes the keys to the registry. 
Finally we tie it all together with custom inventory rules. 

Requirements:Product Finder (now form Nirsfot) 
Here is the link to the portable version
http://www.nirsoft.net/utils/produkey.zip 

First thing we need to do is copy this VBS code into notepad and save it as keys.vbs 

Option Explicit

Dim objFSO			
Dim objTextFile
Dim winKey 
Dim officeKey
Dim strFile
Dim arrKeys
Dim i

Const ForReading = 1
Const winCDLine = "Windows"
Const officeCDLine = "Microsoft Office"
Const noViso = "Visio"
Const officeKeyReg = "offKey"
Const winKeyReg = "winKey"


Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile _
    ("keys.csv", ForReading)

'Read the file into the array
strFile = objTextFile.ReadAll
arrKeys = Split(strFile, vbCrLf)

For i = LBound(arrKeys) To UBound(arrKeys)
	'try to find the windows product key
	If(instr(arrkeys(i),winCDLine))Then
		winKey = getKey(arrKeys(i))
		writeReg winKey,winKeyReg	
	End If
	'try to find the office product key
	If(InStr(arrKeys(i),noViso)) Then
	
	ElseIf(InStr(arrKeys(i),officeCDLine)) Then
		officeKey = getKey(arrKeys(i))
		writeReg officeKey,officeKeyReg
	End If
Next

Function getKey(strKeyLine)
Dim temper
Const KeyLoc = 2
Const ProdLoc = 0

temper = Split(strkeyLine,",")
getKey = temper(prodloc) & "_" & temper(KeyLoc)

End function


Sub writeReg(strValue,StrValueName)

Dim strComputer
Dim oReg
Dim wshShell

Const HKEY_LOCAL_MACHINE = &H80000002
Const strKeyPath = "SOFTWARE\TVG"
Const strKeyPath64 = "SOFTWARE\Wow6432Node\TVG"
Const is64Key = "SOFTWARE\Wow6432Node"

strComputer = "."

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _ 
    strComputer & "\root\default:StdRegProv")
Set WshShell = WScript.CreateObject("WScript.Shell")

'check for 64 bit
If(OS64()) Then
	oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath64
	oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath64,strValueName,strValue
Else
	oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
	oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
End If

End Sub

Function OS64()
Dim objOS
Dim colItems
Dim objItem
Dim strComputer

strComputer = "."
Set objOS = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
Set colItems = objOS.ExecQuery("SELECT OSArchitecture FROM Win32_OperatingSystem")

'this should fail on 32 bit XP
On error resume next
For Each objItem In colItems
	If(IsNull(objItem.OSArchitecture)) Then 
		OS64 = False
	ElseIf(InStr(objItem.OSArchitecture,"64") > 0) Then
		OS64 = True
	Else 
		OS64 = False
	End If
Next
On Error Goto 0

If(Err <> 0) Then 
	OS64 = False
End if
End Function
 
Next thing we need to do is go to the scripting module and a new script. 
For script type select Online Shell Script. 
Choose a label, select windows as the operating system and set the script to run as local system. 
Next upload produkey.cfg, produkey.exe (both found in the nirsoft folder, make sure you unzip) and keys.vbs as dependencies. 
For the script text enter the following 2 lines. 
ProduKey.exe /windowskeys 1 /officekeys 1 /iekeys 0 /sqlkeys 0 /exchangekeys 0 /extractedition 1 /scomma keys.csv
cscript.exe keys.vbs


Last thing we need to do is change the script name from script.sh to script.bat (just below the script text). 

Now that we have the keys in the registry we can start creating the custom inventory rules. 
Go to the software module and add a new item. 
Call the first one “Windows Product Key” 
Select all your windows operating systems for supported OSs. 
Finally here is the syntax for the custom inventory rule: 
RegistryValueReturn(HKEY_LOCAL_MACHINE\SOFTWARE\TVG,winKey,TEXT)

Go ahead and save the software. 
Next add another item but this time call it "Microsoft Office Key" 
Highlight all the windows OSs again. 
Here is the syntax for the second piece of software. 
RegistryValueReturn(HKEY_LOCAL_MACHINE\SOFTWARE\TVG,offKey,TEXT)


At this point you could also create additional software records, for example one for each office key. 
That way depending on the key you would have a unique software title. This way you could use the KBOXs built in asset management module and do licence compliance. 

Below are two reports that you can use to see what machines have what keys installed. 
Office report: 
SELECT M.NAME,
       SUBSTRING_INDEX(MCI.STR_FIELD_VALUE,'_',1) AS OFFICE_VERSION,
       SUBSTRING_INDEX(MCI.STR_FIELD_VALUE,'_',-1) AS PRODUCT_KEY
FROM   SOFTWARE S,
       MACHINE_CUSTOM_INVENTORY MCI,
       MACHINE M
WHERE  MCI.SOFTWARE_ID = S.ID 
       AND M.ID = MCI.ID
       AND S.DISPLAY_NAME = 'Microsoft Office Key'
ORDER  BY OFFICE_VERSION,
          PRODUCT_KEY


Windows report: 
SELECT M.NAME,
       SUBSTRING_INDEX(MCI.STR_FIELD_VALUE,'_',1) AS WINDOWS_VERSION,
       SUBSTRING_INDEX(MCI.STR_FIELD_VALUE,'_',-1) AS PRODUCT_KEY
FROM   SOFTWARE S,
       MACHINE_CUSTOM_INVENTORY MCI,
       MACHINE M 
WHERE  MCI.SOFTWARE_ID = S.ID 
       AND M.ID = MCI.ID 
       AND S.DISPLAY_NAME = 'Windows Product Key'
ORDER  BY WINDOWS_VERSION,
          PRODUCT_KEY


I hope this is useful. 
Thanks to vacuna for helping me put this together. 
View comments (11)

KACE: Trouble-Shooting K1000 Agent Provisioning for Windows 7 and Windows 8

1. Find out what network profile / location you are currently using, Home, Work, Public, or Domain (Control Panel -> Network and Sharing Center):


 
2. Open “Change sharing options for different network profiles” (Control Panel à Network and Sharing Center -> Change advanced sharing settings): 

 

3. Click the down arrow for the profile / location you are currently on: 


 

4. Go to “Network discovery”, “File and printer sharing”, & “Public folder sharing” options and select ‘Turn On…’ for all 3 then click “Save changes”.
5. Go to the Windows (start) button and enter “GPEdit.msc” in the “Search programs and files” box.
6. Select the following trees: Computer Configuration -> Windows Settings à Security Settings -> Local Policies à Security Options. Then find “User Account Control: Run all administrators in Admin Approval Mode”. 


 

7. Double click this option and set it to “Disabled”: 


 
8. You MUST reboot the system at this time! Then try to provision the KACE agent again. If it fails please let us know of any errors that come up.

Be the first to comment

Creating a Windows 7 sysprep image without having to install any drivers with post install tasks

With a windows 7 syspreped image I can found a method that has not failed yet.  I have only 2 admin images, one 32bit and one 64bit and one base 32bit academic image.  I discovered by placing any missing drivers I have to install post sysprep back on my master machine in the windows\inf structure that model computer will then find the driver by itself next time.

Under windows\inf I created on subdirectory called tmccdrivers and then created subdirectories for each model.  I put only the drivers I had post install in here to keep it's size down.  Under most of the models I have audio, video.  then some I need mei heci tpm.  I even have 10 models of laptops this works for.   currently my images suppport 18 pc/laptop models from gateway, dell, hp and lenovo.

When we get a new model staff deploy's a image to it.  They find the missing drivers and place them on a share named imagedrivers by model\type directories.  I have a midlevel task that copies this directory structure to c:\windows\inf\tmccdrivers.  They deploy the image again to that model and the drivers are found without me having to create a new master immediatly.  When I update the master (usually monthly) I move the drivers from the share to the master to save copy time during imaging.

Once I did have to copy the drivers for a video card from the temp folder vs the install folder, something to do with compressed files if I remember.

Because our master is hardware independant I now base all my images on software/licensing and they work in any classroom even if all the machines are not the same model.

View comments (7)

Windows 7 Master Image process for college classrooms start to finish

At TMCC we maintain one master set (32 and 64bit) for admin and one set for academics.  I will cover our process for the academic side.  We maintain one master computer for admin and acad in the image lab that have two HDD's.  the first drive is a 120gig and is the main OS drive, the second is a 2TB drive used to backup the main drive.  All our images come from these 2 systems.  I update or install all software to these, use windows image backup to create a copy on the second HDD prior to sysprep so my masters are only sysprep'd once.  I restore the master from the windows image so the master has never been sysprep'd.  To backup this way (control panel, backup and restore, create a system image).  Windows always creates a directory named windowsimagebackup.  I maintain different versions on this drive by renaming this directory to something like windowsimagebackup-060612allsites.  When needed you just rename the one you need back to windowsimagebackup and the restore process finds it automatically.  To restore I boot to a windows disk, do a repair and restore from backup.  The master will restore and reboot, be back in the domain ready to do the next updates.

I have a local user name installer and a domain account named installer, will make sense later.  I use the domain account to make all my changes to, we have all 3 browsers installed set to certain home pages and lots of software (50 programs for standard Fall 2012).  I configure everything I want all users to get with the domain installer account then during sysprep this get copied to default.  Place my drivers for all models on the master http://www.itninja.com/blog/view/creating-a-windows-7-sysprep-image-without-having-to-install-any-drivers-at-post-install-tasks.  Turn off any updaters and make other tweaks in the programs as requested by teaching staff.

Prior to sysprep I clean up the installers profile to get it a small a possible. make a backup.  delete all unecessary profiles and profile directories.  With the profile directories I copy default to default.old and create a new folder named default, and delete all other profile folders execpt for the user you are using, all users and public.

I already have the kace1000 client installed and the machine has a SUS id so I clear those in a batch file that calls sysprep after running some registry merges.   I also create a unique software entry that will show in the kace1000 under software inventory so we can easily track what version of the image is on a machine.

I delete these keys prior to sysprep

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\kace]

"InstallId"=-

"MachineId"=-

Create these keys

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TMCC IMAGE INFO] "Comments"="Installed office and updated"

"Contact"="SMal"

"DisplayVersion"="Acad32F12 All Sites 061812"

"HelpTelephone"="57800"

"Publisher"="WIM file acf12allst"

"DisplayName"="TMCC Acad Image"

"Readme"="The Display Version is the K2000 image name"

It nexts runs "sysprep /generalize /oobe /shutdown /unattend:acadfall12cpnname.xml" and then I capture.

Use WAIK to create and validate your xml, less problems.

The system will login as local installer the first time (in sysprep, then post I join the domain, delete local installer, reboot and login as domain installer 2 more times to allow me to get printers and gpo's up to date prior to installing Faronics deepfreeze.

 does not to show correctly, but you can email me and I will send you a copy of my xml file had to replace the <> with {}

{?xml version="1.0" encoding="utf-8"?}

{unattend xmlns="urn:schemas-microsoft-com:unattend"}

    {settings pass="specialize"}

          {component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"}

            {CopyProfile}true{/CopyProfile}

            {ShowWindowsLive}false{/ShowWindowsLive}

            {TimeZone}Pacific Standard Time{/TimeZone}

            {ProductKey}33PXH-7Y6KF-2VJC9-XBBR8-HVTHH{/ProductKey}

            {TaskbarLinks}

                {Link0}%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk{/Link0}

                {Link1}%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk{/Link1}

            {/TaskbarLinks}

            {WindowsFeatures}

                {ShowInternetExplorer}true{/ShowInternetExplorer}

                {ShowMediaCenter}true{/ShowMediaCenter}

                {ShowWindowsMediaPlayer}true{/ShowWindowsMediaPlayer}

            {/WindowsFeatures}

        {/component}

        {component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"}

            {DisableFirstRunWizard}true{/DisableFirstRunWizard}

            {DisableWelcomePage}true{/DisableWelcomePage}

        {/component}

        {component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"}

            {Identification}

                {JoinWorkgroup}tmccacad.tmcc.e{/JoinWorkgroup}

            {/Identification}

        {/component}

    {/settings}

    {settings pass="oobeSystem"}

        {component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"}

            {InputLocale}en-us{/InputLocale}

            {SystemLocale}en-us{/SystemLocale}

            {UILanguage}en-us{/UILanguage}

            {UserLocale}en-us{/UserLocale}

        {/component}

        {component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"}

            {OOBE}

                {HideEULAPage}true{/HideEULAPage}

                {NetworkLocation}Work{/NetworkLocation}

                {ProtectYourPC}3{/ProtectYourPC}

            {/OOBE}

            {UserAccounts}

                {LocalAccounts}

                    {LocalAccount wcm:action="add"}

                        {Password}

                            {PlainText}false{/PlainText}

                            {Value}Password8AcgBkAA=={/Value}

                        {/Password}

                        {DisplayName}F12Master{/DisplayName}

                        {Name}F12Master{/Name}

                        {Group}Administrators{/Group}

                    {/LocalAccount}

                {/LocalAccounts}

                {AdministratorPassword}

                    {PlainText}false{/PlainText}

                    {Value}Password8AcgBkAA=={/Value}

                {/AdministratorPassword}

            {/UserAccounts}

            {RegisteredOrganization}tmcc{/RegisteredOrganization}

            {RegisteredOwner}staff{/RegisteredOwner}

            {AutoLogon}

                {Password}

                    {Value}Password8AcgBkAA=={/Value}

                    {PlainText}false{/PlainText}

                {/Password}

                {Enabled}true{/Enabled}

                {LogonCount}1{/LogonCount}

                {Username}installer{/Username}

            {/AutoLogon}

        {/component}

    {/settings}

    {settings pass="generalize"}

        {component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"}

            {OEMInformation}

                {HelpCustomized}true{/HelpCustomized}

                {Manufacturer}TMCC Helpdesk{/Manufacturer}

                {SupportHours}8 - 5{/SupportHours}

                {SupportPhone}673-7800{/SupportPhone}

                {SupportURL}http://www.tmcc.edu/ito/contact/{/SupportURL}

                {Model}Compuiter Support{/Model}

            {/OEMInformation}

        {/component}

    {/settings}

    {cpi:offlineImage cpi:source="catalog:c:/w7image/install_windows 7 enterprise.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi" /}

{/unattend}

 

I have two deployments.  one keeps the computer name the other prompts for a name post sysprep prior to joining the domain.

the only difference is the two extra tasks pre and mid to collect and apply computer name.

\

I have my post down to one task for acad and one for admin. I need a second for admin laptops that sets the KMS w7 and of2012 keys from kms to mak so they can go off campus.

Here is the acad post task script.

(added set time because out of box machines were always off, and they would not join domain due to time difference)

net start w32time

%SystemRoot%\system32\w32tm /config /update /manualpeerlist:ntp.tmcc.edu /syncfromflags:manual

start /wait net user administrator /active:yes

start /wait net localgroup administrators f12master /add

Start /wait net user administrator XXXXXX

start /wait cscript.exe -b c:\windows\w2d\join_domain.vbs tmccacad.tmcc.edu installer XXXXXX

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1  /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoLogonCount /t REG_DWORD /d 2  /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d tmccacad  /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d installer  /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d XXXXXX /f

start /wait reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Enviroment" /v LSFORCEHOST /d ms-vdf.tmccacad.tmcc.edu  /f

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v Userinit /d "C:\Windows\system32\KUsrInit.exe," /f

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.log1 /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.log2 /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.blf /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\*.regtrans-ms /f /q /a:hs

del C:\Users\Default\AppData\Local\Microsoft\Windows\Explorer\*.* /f /q

del c:\users\default\downloads\*.* /f /q /s

start /wait cscript %SystemRoot%\System32\slmgr.vbs -ATO

start /wait cscript "c:\program files\microsoft office\office14\ospp.vbs" /act

"c:\program files\dell\cctk\x86\cctk.exe" bootorder --sequence=hdd.1,hdd.2,embnic,usbdev,cdrom --valsetuppwd=XXXXXX

start /wait reg.exe add "HKLM\SYSTEM\CurrentControlSet\services\Tcpip6\Parameters" /v DisabledComponents /t REG_DWORD /d 4294967295 /f

net user installer /delete

cmd /c md "%allusersprofile%\Dell\KACE" & cmd /c move /y "%systemdrive%\KACE\k2000_deployment_info.conf" "%allusersprofile%\Dell\KACE\k2000_deployment_info.conf"

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v kclean /d "c:\kcleanup.exe"

 

View comments (3)

How to create a bootable usb to deploy WIM images

To make a portable WIM imager with no kace support

1: create a bootable kace usb drive with the K2000 boot environment. (use a usb device large enough to also hold the wim's)

2: take the boot.wim file from the .\files\sources directory and put that in a directory that also has the file imagex on your computer

3: create a temp dir below that dir.

so put boot.wim and imagex in a dir c:\modifier create c:\modifier\temp

4: open a command window and go to the folder, enter this command "imagex /mountrw boot.wim 1 c:\modifier\temp"

5: go to .\temp\windows\system32 copy imagex here.

6: edit startnet.cmd and delete everything in it and replace with "cmd".(no quotes)

If you want to automate any of the process's just place them in the startnet.cmd also.

If you want to be able to do diskparts and mbr resets add the needed files to system32

some of things I added to system 32 were batch files to diskpart, format and mbr reset

I created a dpart.bat - diskpart /s wipe_partition.conf

I created a wipe_partition.conf

select disk 0

clean

create partition primary

select partition 1

active

assign

exit

If you go to \\ikbox\peinst login as admin or .\admin (use share pw) and look in preinstall, applications, scripts, etc you can harvest the format and mbr commands.

Once you have all the extra's you need, the next thing is to repackage the wim file.

7: imagex /commit c:\modifier\temp

8: imagex /unmount c:\modifier\temp

replace the boot.wim on the USB drive, create any imaging dir and batch files you want on the drive.  Put your wim(s) on this drive. (found on 2000 at \\ikbox\petemp\imagestore)

Boot target machine, it will winpe boot for you and open a command window, run your uploaded batches from either the system dir or root of usb drive. 

Use imagex commands to deploy the image.

http://technet.microsoft.com/en-us/library/cc749447(v=ws.10).aspx

http://technet.microsoft.com/en-us/library/cc507842.aspx

View comments (10)
Showing 1 - 5 of 9 results

Top Contributors

Talk About Troubleshooting