Windows Security: Patch Management Strategy

Recently, at work, I nominated myself to begin a “Windows Security” course for IT Professionals that I work with.  Being a former IT Pro, and now part of our security department as an Incident Responder, I thought I would create a course surrounding security.  So, i’m going to use my blog to layout my plans for this “Windows Security” course – which will hopefully be useful for others as well.

My first post is going to focus on “Patch Management”.  Many IT Pro’s, SysAdmins, etc. deploy assets (systems, applications, services, etc.) and join them to their domain, all while not being patched.  Having assets that are not fully patched is a major security risk for your organization.  Imagine, you have server that’s not fully patched you’ve deployed (or someone else) on a Friday afternoon and then you become busy because of another incident.  Monday comes along and your slammed again – once again you forget about this server for some period of time.  We’ve all seen this happen or know of someone who does this.

In this situation, your Patch Management strategy is of the utmost importance.  Having this server on your network is a major security risk, but not if you have a fully patched image.  Whether you are using a fat, thin, zero-touch imaging solution, you need to make sure that your images are up to date and ready to deploy.

Using Microsoft Deployment Toolkit or SCCM (System Center Configuration Manager), can solve this problem with little to no interaction needed.  I’m personally a fan of MDT (check out my walk-through) in an large, decentralized, environment.  Utilizing MDT for your servers is extremely easy and gives your “System Administrators” a flexible and reliable solution for the many configurations your environment demands.

You can also use SCCM, if your environment can justify the cost, to automate this process to a complete “Zero-Touch” solution.  My environment does not allow this because we are not a centralized IT department with a standard “image” across all departments.  Setting up SCCM is cumbersome unless you have full access to the SCCM “site server(s)”.  Never-the-less, SCCM is extremely powerful and can manage all systems (servers, workstations, etc.) in an automated way – but again, it’s pricey.

If you choose to solely use a “fat” image and decide to just use a WinPE disc or even Windows Deployment Servers (WDS), just make sure that you update your image every month or at-least quarterly – and do not, I repeat, do not, join it to your domain/network without it being fully patched.

Deploying Operating Systems is a fairly complicated affair, and we need to utilize the tools available to us – but don’t forget about our third party applications as well.  In my environment, most malware outbreaks are caused by either two types of incidents:

  • Third party products are out of date and malware droppers are taking advantage (either in advertising sites or plan malicious sites) of these exploits.
  • Phishing attempts

Maintaining our applications is also a crucial step that cannot be overlooked.  Again, you can utilize SCCM for this process (if you can justify it) or you can use additional third party products (Ninite, Secunia PSI, WSUS, etc.).  No matter what you use, you need to make sure that all of your systems are updated, and be able to report on this.

Having the ability to view your network/systems is a crucial part of a proper “Patch Management” strategy, so you need to have continual scanning on your network (with the ability to report on systems).  You can either use Nessus, SCCM, QualysGuard, etc., but no matter what, you need this data.  Again, utilize the tools you have – LEARN POWERSHELL!  PowerShell can give you crazy amounts of data – use it, love it, live it.

The last part of this discussion is about anti-virus/malware software.  Depending on the solution, your organization is using, you should be able to alert on infected systems.  If you’re using Microsoft ForeFront Endpoint Protection, then well you may not be able to (besides using PowerShell to gather the log files). It would be preferred if you have a anti-virus/malware solution that has an administrative console or the ability to run reports.

If you don’t have a A/V solution that has this capability, then you need to rely on your Windows Logs and parse them with either Splunk or LogStash or something similar.  Utilizing a system that can correlate this data for you is of immense help – especially if this repository is the same repository as your IDS/IPS logs, Windows Event Logs, etc.

Having the ability to fully patch a system before it is deployed is crucial in every environment.  One piece of malware (with a C2) can scan your entire network for a new server and then as soon as a “SysAdmin” logs in…… well, the game is over – time to rebuild.

Advertisements

MDT 2013: Pin Start menu & Task Bar Shortcuts through Task Sequence

Below is how we stopped modifying the Start Menu & Task Bar shortcuts on our Default Image (GOLD IMAGE) using MDT 2013 Task Sequence.  This applies to Windows 7 and I’m sure it could be modified to work with Windows 8.1.  Check it out below and let me know if you have any questions.

To do this, you are going to need the following scripts in a folder on your MDT 2013 Server.

Copy_To_Default_User_Startup.cmd

copy "\\mdtserver01\DeploymentShare$\Applications\Set_TaskBar_&_StartMenu_Shortcuts\RunDefaultUserStartupScripts.vbs" "C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" /Y
copy "\\mdtserver01\DeploymentShare$\Applications\Set_TaskBar_&_StartMenu_Shortcuts\SetTaskBar.vbs" "C:\Users\Public\Downloads" /Y
copy "\\mdtserver01\DeploymentShare$\Applications\Set_TaskBar_&_StartMenu_Shortcuts\PinStartMenuShortcuts.bat" "C:\Users\Public\Downloads" /Y
copy "\\mdtserver01\DeploymentShare$\Applications\Set_TaskBar_&_StartMenu_Shortcuts\PinItem.vbs" "C:\Users\Public\Downloads" /Y

RunDefaultUserStartupScript.vbs

'HideCMDWindow Script
CreateObject("Wscript.Shell").Run "C:\Users\Public\Downloads\SetTaskBar.vbs", 0, True
CreateObject("Wscript.Shell").Run "C:\Users\Public\Downloads\PinStartMenuShortcuts.bat", 0, true

SetTaskBar.vbs (I got this from somewhere online and modified it a bit, sorry I can’t give credit where credit is due)

Option Explicit

Const CSIDL_COMMON_PROGRAMS = &H17
Const CSIDL_PROGRAMS = &H2
Const CSIDL_STARTMENU = &HB

Dim objShell, objFSO
Dim objCurrentUserStartFolder
Dim strCurrentUserStartFolderPath
Dim objAllUsersProgramsFolder
Dim strAllUsersProgramsPath
Dim objFolder
Dim objFolderItem
Dim colVerbs
Dim objVerb

Set objShell = CreateObject("Shell.Application")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objCurrentUserStartFolder = objShell.NameSpace (CSIDL_STARTMENU)
strCurrentUserStartFolderPath = objCurrentUserStartFolder.Self.Path
Set objAllUsersProgramsFolder = objShell.NameSpace(CSIDL_COMMON_PROGRAMS)
strAllUsersProgramsPath = objAllUsersProgramsFolder.Self.Path

' - Remove pinned items -

'Internet Explorer
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Internet Explorer.lnk") Then
    Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs")
    Set objFolderItem = objFolder.ParseName("Internet Explorer.lnk")
    Set colVerbs = objFolderItem.Verbs
    For Each objVerb in colVerbs
        If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
    Next
End If

'Windows Explorer
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Accessories\Windows Explorer.lnk") Then
    Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs\Accessories")
    Set objFolderItem = objFolder.ParseName("Windows Explorer.lnk")
    Set colVerbs = objFolderItem.Verbs
    For Each objVerb in colVerbs
        If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
    Next
End If
'Windows Media Player
If objFSO.FileExists(strAllUsersProgramsPath & "\Windows Media Player.lnk") Then
    Set objFolder = objShell.Namespace(strAllUsersProgramsPath)
    Set objFolderItem = objFolder.ParseName("Windows Media Player.lnk")
    Set colVerbs = objFolderItem.Verbs
    For Each objVerb in colVerbs
        If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
    Next
End If

' - Pin to Taskbar -

'Google Chrome C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
If objFSO.FileExists(strAllUsersProgramsPath & "\Google Chrome\Google Chrome.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Google Chrome")
	Set objFolderItem = objFolder.ParseName("Google Chrome.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb in colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'Mozilla Firefox
If objFSO.FileExists(strAllUsersProgramsPath & "\Mozilla Firefox.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath)
	Set objFolderItem = objFolder.ParseName("Mozilla Firefox.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb in colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'Internet Explorer
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Internet Explorer.lnk") Then
    Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs")
    Set objFolderItem = objFolder.ParseName("Internet Explorer.lnk")
    Set colVerbs = objFolderItem.Verbs
    For Each objVerb in colVerbs
        If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
    Next
End If

'Microsoft Outlook 2013
If objFSO.FileExists(strAllUsersProgramsPath & "\Microsoft Office 2013\Outlook 2013.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Microsoft Office 2013")
	Set objFolderItem = objFolder.ParseName("Outlook 2013.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb in colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'Microsoft Word 2013
If objFSO.FileExists(strAllUsersProgramsPath & "\Microsoft Office 2013\Word 2013.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Microsoft Office 2013")
	Set objFolderItem = objFolder.ParseName("Word 2013.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb in colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'Microsoft Excel 2013
If objFSO.FileExists(strAllUsersProgramsPath & "\Microsoft Office 2013\Excel 2013.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Microsoft Office 2013")
	Set objFolderItem = objFolder.ParseName("Excel 2013.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb in colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'Microsoft PowerPoint 2013
If objFSO.FileExists(strAllUsersProgramsPath & "\Microsoft Office 2013\PowerPoint 2013.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Microsoft Office 2013")
	Set objFolderItem = objFolder.ParseName("PowerPoint 2013.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb in colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If



'Delete the script
DeleteSelf

Sub DeleteSelf()       
        
End Sub

PinStartMenuShortcuts.bat

cscript C:\Users\Public\Downloads\PinItem.vbs /item:"C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk"
cscript C:\Users\Public\Downloads\PinItem.vbs /item:"C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk"
cscript C:\Users\Public\Downloads\PinItem.vbs /item:"C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk"
cscript C:\Users\Public\Downloads\PinItem.vbs /item:"C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PowerPoint 2013.lnk"
cscript C:\Users\Public\Downloads\PinItem.vbs /item:"C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk"
cscript C:\Users\Public\Downloads\PinItem.vbs /item:"C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Publisher 2013.lnk"
cscript C:\Users\Public\Downloads\PinItem.vbs /item:"C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk"

PinItem.vbs (same with this one, I can’t remember where I found it but who ever they are, they are awesome!)

' Windows Script Host Sample Script
'
' ------------------------------------------------------------------------
'               Copyright (C) 2009 Microsoft Corporation
'
' You have a royalty-free right to use, modify, reproduce and distribute
' the Sample Application Files (and/or any modified version) in any way
' you find useful, provided that you agree that Microsoft and the author
' have no warranty, obligations or liability for any Sample Application Files.
' ------------------------------------------------------------------------

'********************************************************************
'*
'* File:           PinItem.vbs
'* Date:           03/04/2009
'* Version:        1.0.2
'*
'* Main Function:  VBScipt to pin an item to the Start Menu or Taskbar
'*
'* Usage:  cscript PinItem.vbs /item:<path to exe>
'*                 [/taskbar] [/?]
'*
'* Copyright (C) 2009 Microsoft Corporation
'*
'* Revisions:
'*
'* 1.0.0 - 04/03/2008 - Created.
'* 1.0.1 - 03/02/2009 - Used Replace in PinItem function to remove "&" 
'*                      from verb.
'* 1.0.2 - 03/04/2009 - Script name was PinToStartMenu.vbs.  Added 
'*                      /taskbar switch to pin items to taskbar on
'*                      Win7.
'*
'********************************************************************


'*****************************************************************************
'* Declare Variables
'*****************************************************************************

Option Explicit
'On Error Resume Next

Dim blnPinned
Dim blnTaskbar

Dim i
Dim intOpMode

Dim objWshShell
Dim objFSO
Dim objShell

Dim strPath
Dim strArguments
Dim strOptionsMessage

' Define constants
Const CONST_ERROR               = 0
Const CONST_WSCRIPT             = 1
Const CONST_CSCRIPT             = 2
Const CONST_SHOW_USAGE          = 3
Const CONST_PROCEED             = 4
Const CONST_STRING_NOT_FOUND    = -1
Const CONST_FOR_READING         = 1
Const CONST_FOR_WRITING         = 2
Const CONST_FOR_APPENDING       = 8
Const CONST_Success             = 0
Const CONST_Failure             = 1

Const TRISTATE_USE_DEFAULT      = -2
Const TRISTATE_TRUE             = -1  'Open the file as Unicode. 
Const TRISTATE_FALSE            = 0   'Open the file as ASCII. 

blnTaskbar = False

'*****************************************************************************
'* Create Objects
'*****************************************************************************

Set objWshShell = CreateObject("Wscript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("Shell.Application")


'********************************************************************
'* Check script host exe and parse command line
'********************************************************************

'Get the command line arguments
For i = 0 to Wscript.arguments.count - 1
    ReDim Preserve arrArguments(i)
    arrArguments(i) = Wscript.arguments.item(i)
Next

'Check whether the script is run using CScript
Select Case intChkProgram()
    Case CONST_CSCRIPT
        'Do Nothing
    Case CONST_WSCRIPT
        WScript.Echo "Please run this script using CScript." & vbCRLF & _
            "This can be achieved by" & vbCRLF & _
            "1. Using ""CScript MODIFYUSERS.vbs arguments"" for Windows 95/98 or" & VbCrLf & _
            "2. Changing the default Windows Scripting Host setting to CScript" & vbCRLF & _
            "    using ""CScript //H:CScript //S"" and running the script using" & vbCRLF & _
            "    ""MODIFYUSERS.vbs arguments"" for Windows NT."
        WScript.Quit
    Case Else
        WScript.Quit
End Select

'Parse the command line
Err.Clear()
intOpMode = intParseCmdLine(arrArguments, strPath, blnTaskbar, strOptionsMessage)

If Err.Number Then
    Wscript.Echo "Error 0X" & CStr(Hex(Err.Number)) & " occurred in parsing the command line."
    If Err.Description <> "" Then
        Wscript.Echo "Error description: " & Err.Description & "."
    End If
    'WScript.quit
End If

Select Case intOpMode
    Case CONST_SHOW_USAGE
        Call ShowUsage()
        WScript.quit
    Case CONST_PROCEED
        'Do nothing.
    Case CONST_ERROR
        WScript.quit
    Case Else
        Wscript.Echo "Error occurred in passing parameters."
End Select


'********************************************************************
'* Main Script
'********************************************************************

WScript.Echo strOptionsMessage

blnPinned = PinItem(strPath, blnTaskbar)
WScript.Echo "Item pinned: " & CStr(blnPinned)

If blnPinned Then
    WScript.Quit(0)
Else
    WScript.Quit(1)
End If


'********************************************************************
'*
'* Function intChkProgram()
'*
'* Purpose:  Determines which program is used to run this script.
'*
'* Input:    None
'*
'* Returns:  intChkProgram is set to one of CONST_ERROR, CONST_WSCRIPT,
'*           and CONST_CSCRIPT.
'*
'********************************************************************
Private Function intChkProgram()

    ON ERROR RESUME NEXT

    Dim i
    Dim j
    Dim strFullName
    Dim strCommand

    'strFullName should be something like C:\WINDOWS\COMMAND\CSCRIPT.EXE
    strFullName = WScript.FullName
    If Err.Number then
        Wscript.Echo "Error 0x" & CStr(Hex(Err.Number)) & " occurred."
        If Err.Description <> "" Then
            Wscript.Echo "Error description: " & Err.Description & "."
        End If
        intChkProgram =  CONST_ERROR
        Exit Function
    End If

    i = InStr(1, strFullName, ".exe", 1)
    If i = 0 Then
        intChkProgram =  CONST_ERROR
        Exit Function
    Else
        j = InStrRev(strFullName, "\", i, 1)
        If j = 0 Then
            intChkProgram =  CONST_ERROR
            Exit Function
        Else
            strCommand = Mid(strFullName, j+1, i-j-1)
            Select Case LCase(strCommand)
                Case "cscript"
                    intChkProgram = CONST_CSCRIPT
                Case "wscript"
                    intChkProgram = CONST_WSCRIPT
                Case Else       'should never happen
                    Wscript.Echo "An unexpected program is used to run this script."
                    Wscript.Echo "Only CScript.Exe or WScript.Exe can be used to run this script."
                    intChkProgram = CONST_ERROR
            End Select
        End If
    End If

End Function


'********************************************************************
'*
'* Function intParseCmdLine()
'*
'* Purpose:  Parses the command line.
'*
'* Input:    arrArguments              An array containing input from the command line
'*
'* Input:    strPath                   Path of exe to pin
'*           strOptionsMessage         String containing options selected
'*
'* Returns:  intParseCmdLine is set to one of CONST_ERROR, CONST_SHOW_USAGE,
'*           and CONST_PROCEED.
'*
'********************************************************************
Private Function intParseCmdLine(arrArguments, strPath, blnTaskbar, strOptionsMessage)

    ON ERROR RESUME NEXT

    Dim i
    Dim strFlag
    Dim strSwitchValue
    
    strFlag = arrArguments(0)
    Err.Clear()

    'Help is needed
    If (strFlag = "") OR (strFlag="help") OR (strFlag="/h") OR (strFlag="\h") OR (strFlag="-h") _
        OR (strFlag = "\?") OR (strFlag = "/?") OR (strFlag = "?") OR (strFlag="h") Then
        intParseCmdLine = CONST_SHOW_USAGE
        Exit Function
    End If

    strOptionsMessage = strOptionsMessage & ""  & VbCrLf
    strOptionsMessage = strOptionsMessage & WScript.ScriptName  & VbCrLf
    strOptionsMessage = strOptionsMessage & ""  & VbCrLf
    strOptionsMessage = strOptionsMessage & "Command Line Options:"  & vbCrLf
    strOptionsMessage = strOptionsMessage & "======================================="  & VbCrLf

    For i = 0 to UBound(arrArguments)
        strFlag = Left(arrArguments(i), InStr(1, arrArguments(i), ":")-1)
        If Err.Number Then            'An error occurs if there is no : in the string
            Err.Clear
            Select Case LCase(arrArguments(i))
                Case "/q"
                    blnQuiet = True
                    strOptionsMessage = strOptionsMessage & "Supress Console Output: " & blnQuiet & VbCrLf
                Case "/taskbar"
                    blnTaskbar = True
                    strOptionsMessage = strOptionsMessage & "Pin to Taskbar instead of Start Menu: " & blnTaskbar & VbCrLf
                Case Else
                    Wscript.Echo arrArguments(i) & " is not recognized as a valid input."
                    intParseCmdLine = CONST_ERROR
                    Exit Function
            End Select
        Else
            strSwitchValue = Right(arrArguments(i), Len(arrArguments(i))-(Len(strFlag)+1))
            Select Case LCase(strFlag)
                Case "/item"
                    strPath = strSwitchValue
                    strOptionsMessage = strOptionsMessage & "Item to pin to Start Menu or Taskbar: " & strPath & VbCrLf
                Case else
                    Wscript.Echo "Invalid flag " & strFlag & "."
                    Wscript.Echo "Please check the input and try again."
                    intParseCmdLine = CONST_ERROR
                    Exit Function
            End Select
        End If
    Next

    If (strPath = "") Then
        Wscript.Echo "The /item switch is required"
        Wscript.Echo "Please check the input and try again."
        intParseCmdLine = CONST_ERROR
        Exit Function
    End If

    intParseCmdLine = CONST_PROCEED

End Function


'********************************************************************
'*
'* Function PinItem()
'*
'* Purpose:  Pin item to the Start Menu.
'*
'* Input:          strlPath          Path of exe to pin
'*                 blnTaskbar        Pin item to Taskbar instead of Start Menu if true
'*
'* Dependencies:   objShell          Shell.Application object
'*                 objFSO            File System object
'*
'* Returns:        True if the shortcut is created, else false
'*
'********************************************************************
Function PinItem(strlPath, blnTaskbar)
    On Error Resume Next

    Dim colVerbs
    Dim itemverb
    
    Dim objFolder
    Dim objFolderItem

    Dim strFolder
    Dim strFile

    If objFSO.FileExists(strlPath) Then
        '***** Do nothing, folder exists
    Else
        '***** Folder does not exist
        PinItem = False
        WScript.Echo "File to pin does not exist."
        WScript.Echo "Please check the input and try again."
        Exit Function
    End If

    strFolder = objFSO.GetParentFolderName(strlPath)
    strFile = objFSO.GetFileName(strlPath)

    WScript.Echo "Folder: " & strFolder
    WScript.Echo "File: " & strFile

    Err.Clear
    Set objFolder = objShell.Namespace(strFolder)
    Set objFolderItem = objFolder.ParseName(strFile)

    ' ***** InvokeVerb for this does not work on Vista/WS2008
    'objFolderItem.InvokeVerb("P&in to Start Menu")

    ' ***** This code works on Vista/WS2008
    Set colVerbs = objFolderItem.Verbs

    If blnTaskbar Then
        For each itemverb in objFolderItem.verbs
            If Replace(itemverb.name, "&", "") = "Pin to Taskbar" Then itemverb.DoIt
        Next 
    Else
        For each itemverb in objFolderItem.verbs
            If Replace(itemverb.name, "&", "") = "Pin to Start Menu" Then itemverb.DoIt
        Next 
    End If

    If Err.Number = 0 Then
        PinItem = True
    Else
        PinItem = False
    End If
End Function


'********************************************************************
'*
'* Sub ShowUsage()
'*
'* Purpose:   Shows the correct usage to the user.
'*
'* Input:     None
'*
'* Output:    Help messages are displayed on screen.
'*
'********************************************************************
Sub ShowUsage()
    WScript.Echo "This script is used to Pin items to the Start Menu or Taskbar."
    WScript.Echo ""
    WScript.Echo "Usage: cscript " & WScript.ScriptName & " [options]"
    WScript.Echo ""
    WScript.Echo "Options:"
    WScript.Echo ""
    WScript.Echo " /item:<PathName>       Path of item to pin."
    WScript.Echo ""
    WScript.Echo " /taskbar               (Optional) Pin to Taskbar instead of Start Menu."
    WScript.Echo ""
    WScript.Echo " /?                     (Optional) Displays this help text."
    WScript.Echo ""
    WScript.Echo ""
    WScript.Echo ""
End Sub

 

MDT 2013:

On your MDT 2013 DeploymentShare$, add an application by right clicking the “Applications” node and selecting “New Application”

Image

In the new dialogue box, select “Application without source files or elsewhere on the network” radius button.

Image

Select Next and fill out the information as you would like it to appear (I choose to name my Application as “Set_TaskBar_&_StartMenu_Shortcuts” but it’s up to you.  If you use something else, then change the first script above accordingly)

Select Next, then in the Command Line field type “Copy_To_Default_User_Startup.cmd”

In the “Working directory” field, type: “.\Applications\Set_TaskBar_&_StartMenu_Shortcuts”

Image

Select Next, then Finish.

Now, right click your newly created application and select properties

Select the check box on the bottom left hand corner of the “General” tab that says “Hide this application in the Deployment Wizard”

Next, add all the scripts above to your %DeployRoot%\Applications\Set_TaskBar_&_StartMenu_Shortcuts folder.

After adding the scripts to this folder, go back to the Deployment Workbench and right click your Task Sequence for Windows 7 and select Properties

Under the State Restore section of the Task Sequence, add a “Custom Task” after your “Install Applications” item in the Task Sequence.

You can add the “Custom Task” in many different ways but I like to create a “New Group” after either my “Install Applications” or “Windows Update (Post-Application Installation)”:  Please see below:

Image

After creating the “New Group” you can name it anything but I choose to name mine as “Custom Task”.

Next, you need to add the application to your Task Sequence by selecting the “New Group” and clicking on Add->General->Install Application.

Configure your new Application as the screenshot

MDT2013_New_Application_5

Press Apply, then Ok.

When ever I make changes to my DeploymentShare I always update my Deployment Share for safe measures.  It’s also because I never want to forgot to do it when I really need too.

You should now have a new application that will set the Task Bar and your Start Menu Shortcuts without having to set them in your base image.

 

Enjoy!

p.s. I know there is probably a better way of organizing these scripts but in a pinch they worked and I haven’t gone back to look at other ways of doing it.

Questions about MDT 2012 Driver Setup

So I’ve had a lot of questions about my MDT 2012 Driver setup and hopefully this post will explain a little bit about it.  Let me know if you have any questions

Personally I have a folder on my server called _Source_Drivers.  I keep all my drivers here and import them into MDT but keep the original.  Here is what my file structure of this folder looks like.

MDT Source Drivers Structure

Once I have my structure setup I then begin to setup the structure on my MDT Deployment Share.  Here is how I currently have it setup as.

MDT Deployment Share Structure

I import the drivers into the specific folders by right clicking the folder in the Deployment Share and import drivers.  I select the folder for that model and import all but select copy the drivers.

Here is what one of the driver sub folders look like in my deployment share

MDT Driver Import Screenshot

 

Don’t forget to add your DriverGroup001 variable set with %make%\%model% right before the Inject Drivers sequence in your Deployment Task Sequence

https://msadministrator.wordpress.com/2012/12/21/mdt-2012-deployment-guide-step-by-step-9-of-11/

 

MDT 2012: Installing a Custom Dictionary in Office 2010

So, some might not need this but thought I would share anyways.  I have created my new MDT 2012 Deployment Share and want to add Microsoft Office 2010 as an application, but I also need to customize that deployment of Office 2010 when I’m deploying my new OS.  Here are the steps on how to do this, but also how to create a custom Office 2010 Install.

  1. Once you’ve setup everything for you OS, go to the Applications folder on your Deployment Share and right click>New Application
  2. Once there, put in the relavent information including where your resource CD is located.
  3. THen once you have done this, you will notice that there is an extra tab compared to other applications.  This is because Microsoft Deployment Toolkit recognizes that it’s Office 2010 and gives you a few more options.
  4. 50
  5. Click on the Office Products Tab and you should now see this screen:
  6. 51
  7. Now click on the Office Customization Tool
  8. You will be prompted with a warning box, please read and understand this.  Any Customizations you make are saved in a customization file and need to be moved to the appropriate folder within your Office 2010 source file.
  9. 52
  10. Then the Office Customization Tool dialog box shows up.  You can do ton’s of customizations but for this post it’s all about adding a Custom Dictionary to Office 2010.
  11. 54
  12. Once there select Add Files and go to where your .Dic file is at and make sure you select INSTALLLOCATION as the option.
  13. Then click on Add Registry Entires
  14. 55
  15. Add the Registry settings that you see in the image above
  16. Here is a more detailed view of what you should see when you select Add… in the bottom corner:
  17. 57
  18. Then select Remove Registry Entries, this is needed to remove any previous settings when Office 2010 Installs originally.
  19. 56
  20. That’s it, now save your MSP File in the appropriate location and you should be good to go.

MDT 2012 Deployment Guide: Step by Step (11 of 11)

Preparing WDS to enable PXE Boot (optional but very useful)

  1. Minimize the Deployment Workbench application
  2. Open “Windows Deployment Services” from Start/Admin Tools
  3. Expand Servers / CONFIG-DEPLOY.config.local and right-click on Boot Images and select Add Boot Image. If the boot image already exists, right click on it and select Replace Boot Image to replace it with a newer version

37

  1. Browse to the Deployment Share location (e.g. E:\DeploymentShares\Customername) and open the Boot folder
  2. Select the LiteTouchPE_x86.wim file and click Open

 38

  1. Click Next
  1. Enter an Image Name and Description

 39

  1. Click Next until the wizard completes.  Adding the image may take a couple of minutes.

 40

  1. Once completed, the image will be listed as shown below

 41