/build/static/layout/Breadcrumb_cap_w.png
03/14/2019 82 views

Earlier in the year, we started seeing Windows 7 Enterprise KMS clients start reporting as Non-Genuine. This seems to be due to a bad Microsoft patch. The workaround is to reactivate the machines, either by using slmgr.vbs /rearm or a more thorough script if that doesn't do the trick. What I'm trying to do is create a K1000 script that will work in the background, without popping up command prompt or powershell Windows, identify if the machine needs to be reactivated, and if so, run the script.

I've found a batch file that does the activation, however, it does pop up a command prompt window. Also, it runs indiscriminately, as I don't know of a way in cmd.exe to test for the status of activation.

Instead, I found some Powershell code that is able to detect the status. So I created a script that runs that code, and if it is non-genuine, will run the activation script.

The script works well when run manually. But I'm having trouble getting it to run via K1000 script.


This is what I have in Scripting:

Attached the files activationcheckandfix.ps1, elevate.vbs, elevate.cmd   (from https://docs.microsoft.com/en-us/previous-versions/technet-magazine/cc162321(v=msdn.10))

Set “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System!ConsentPromptBehaviorAdmin” to “0”.
Launch “$(KACE_DEPENDENCY_DIR)\elevate.cmd” with params “powershell.exe -WindowStyle Hidden -executionpolicy bypass -file .\activationcheckandfix.ps1”.
Set “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System!ConsentPromptBehaviorAdmin” to “5”.


What is happening now is that a Window still pops up, but it doesn't do the job. Also, the output messages from the script do not get sent back to K1000.

If I change the 2nd line to just run powershell directly without elevate.cmd, it also pops up a Powershell window, and it does report output back to K1000, but the commands aren't executed properly as it's not elevated.

Here's my script:      

function Get-ActivationStatus {
[CmdletBinding()]
    param(
        [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
        [string]$DNSHostName = $Env:COMPUTERNAME
    )
    process {
        try {
            $wpa = Get-WmiObject SoftwareLicensingProduct -ComputerName $DNSHostName `
            -Filter "ApplicationID = '55c92734-d682-4d71-983e-d6ec3f16059f'" `
            -Property LicenseStatus -ErrorAction Stop
        } catch {
            $status = New-Object ComponentModel.Win32Exception ($_.Exception.ErrorCode)
            $wpa = $null    
        }
        $out = New-Object psobject -Property @{
            ComputerName = $DNSHostName;
            Status = [string]::Empty;
        }
        if ($wpa) {
            :outer foreach($item in $wpa) {
                switch ($item.LicenseStatus) {
                    0 {$out.Status = "Unlicensed"}
                    1 {$out.Status = "Licensed"; break outer}
                    2 {$out.Status = "Out-Of-Box Grace Period"; break outer}
                    3 {$out.Status = "Out-Of-Tolerance Grace Period"; break outer}
                    4 {$out.Status = "Non-Genuine Grace Period"; break outer}
                    5 {$out.Status = "Notification"; break outer}
                    6 {$out.Status = "Extended Grace"; break outer}
                    default {$out.Status = "Unknown value"}
                }
            }
        } else {$out.Status = $status.Message}
        $out
    }
}



# 1st check

$activation = (Get-ActivationStatus)
echo "`n"
echo $activation
echo "`n"

if ( $activation -match "Unlicensed" -OR $activation -match "Non-Genuine Grace Period" -OR $activation -match "Notification" -OR $activation -match "Grace" ) 
    {
    echo "Windows needs to be activated"
    echo "`n"
    # start-process -Wait -WindowStyle hidden .\elevate64.exe .\kmsfix.bat
    # Fix KMS Activation error - Windows 7 Enterprise
    # Refer to https://support.microsoft.com/en-au/help/4487266/activation-failures-and-not-genuine-notifications-on-vl-win-7-kms-clie
    # Run with elevated rights!

    # Uninstall KB971033

    echo "`n"
    echo "Uninstalling KB971033"
    wusa /uninstall /kb:971033 /quiet /norestart

    # Alternate Uninstall method if needed - Harmless error if already uninstalled by previous method
    # dism /online /Remove-Package /PackageName:Microsoft-Windows-Security-WindowsActivationTechnologies-Package~31bf3856ad364e35~amd64~~7.1.7600.16395

    # Reactivate Windows

    echo "`n"
    echo "Reactivating Windows 7 Enterprise"
    echo "`n"

    net stop sppuinotify
    sc.exe config sppuinotify start= disabled
    net stop sppsvc
    del "C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0" -force
    del "C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0" -force
    del "C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat" -force
    del "C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\cache\cache.dat" -force
    net start sppsvc
    cscript c:\windows\system32\slmgr.vbs /ipk 33PXH-7Y6KF-2VJC9-XBBR8-HVTHH
    cscript c:\windows\system32\slmgr.vbs /ato
    sc.exe config sppuinotify start= demand

    echo "`n"
    echo "Done! Please Reboot the PC"
    }
    
    
    
    
    
 # 2nd check
 
 $activation = (Get-ActivationStatus)
 
 if ( $activation -notmatch "Licensed") 
    {
    echo "Windows needs to be activated and the kms fix did not solve the issue."
    echo "`n"
    exit 1
    }
 
 if ( $activation -match "Licensed")
    {
    echo "Windows is activated"
    echo "`n"
    exit 0
    }
 
0 Comments   [ + ] Show comments

Comments


All Answers

0

run a kscript with these two lines

program = cmd.exe

parameters = /c cscript %SystemRoot%\System32\slmgr.vbs -IPK "proper kms key for your version"

program = cmd.exe

parameters = /c  cscript %SystemRoot%\System32\slmgr.vbs -ATO

KMS keys for win 7


Answered 03/14/2019 by: SMal.tmcc
Red Belt

0

Here is the correct script to run directly from Microsoft (make sure to Run as Admin):


@echo off

wusa /uninstall /kb:971033 /quiet /norestart

dism /online /Remove-Package /PackageName:Microsoft-Windows-Security-WindowsActivationTechnologies-Package~31bf3856ad364e35~amd64~~7.1.7600.16395

net stop sppuinotify

sc config sppuinotify start= disabled

net stop sppsvc

del %windir%\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 /ah

del %windir%\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 /ah

del %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

del %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\cache\cache.dat

net start sppsvc

cscript c:\windows\system32\slmgr.vbs /ipk FJ82H-XT6CR-J8D7P-XQJJ2-GPDD4

cscript c:\windows\system32\slmgr.vbs /ato

sc config sppuinotify start= demand


Answered 03/14/2019 by: kennedyro
Yellow Belt