1

Good day!

I've created an autounattend.xml file with settings to skip OOBE, create user profile and running PowerShell script during first logon. First two worked fine except running the script. I've read many topics regarding this question, unfortunately none of them had working answer for me.

Here is an example of autounattend.xml:

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
  <settings pass="offlineServicing" />
  <settings pass="windowsPE">
    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
      <SetupUILanguage>
        <UILanguage>en-US</UILanguage>
      </SetupUILanguage>
      <InputLocale>0409:00000409</InputLocale>
      <SystemLocale>en-US</SystemLocale>
      <UILanguage>en-US</UILanguage>
      <UserLocale>en-US</UserLocale>
    </component>
  </settings>
  <settings pass="generalize" />
  <settings pass="specialize" />
  <settings pass="auditSystem" />
  <settings pass="auditUser" />
  <settings pass="oobeSystem">
    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
      <InputLocale>0409:00000409</InputLocale>
      <SystemLocale>en-US</SystemLocale>
      <UILanguage>en-US</UILanguage>
      <UserLocale>en-US</UserLocale>
    </component>
    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
      <UserAccounts>
        <LocalAccounts>
          <LocalAccount wcm:action="add">
            <Name>Admin</Name>
            <Group>Administrators</Group>
            <Password>
              <Value>mypassword</Value>
              <PlainText>true</PlainText>
            </Password>
          </LocalAccount>
        </LocalAccounts>
      </UserAccounts>
      <OOBE>
        <HideEULAPage>true</HideEULAPage>
        <ProtectYourPC>3</ProtectYourPC>
        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
        <NetworkLocation>Work</NetworkLocation>
      </OOBE>
      <FirstLogonCommands>
        <SynchronousCommand wcm:action="add">
          <CommandLine>FOR %i IN (C D E F G H I J K L N M) DO IF EXIST %i:\setup.ps1 Powershell -executionpolicy ByPass %i:\setup.ps1</CommandLine>
          <Description>Setup</Description>
          <Order>1</Order>
          <RequiresUserInput>false</RequiresUserInput>
        </SynchronousCommand>
      </FirstLogonCommands>
    </component>
  </settings>
</unattend>

Would you please help me to figure that out?

Thank you!

===Updated===

The script is very simple. The contents of script:

For debug purposes i added strings with output to txt file in desktop and in C drive.

$machineName = (Get-WmiObject Win32_bios).SerialNumber
Rename-Computer $machineName
"Hello World!" | Out-File "C:\delete_me.txt"
"Hello World!" | Out-File "$($home)\Desktop\delete_me.txt"

That means that it does not work for normal and admin rights. Additionally setupact.log tries to run the script first and then creates the user. Can it be the issue?

2023-03-09 23:36:39, Info                         [Shell Unattend] Running 'oobeSystem' pass
2023-03-09 23:36:39, Info                         [Shell Unattend] LogonCommands: Set command 'FOR %i IN (C D E F G H I J K L N M) DO IF EXIST %i:\setup.ps1 Powershell -executionpolicy ByPass %i:\setup.ps1' 
2023-03-09 23:36:39, Info                         [Shell Unattend] UserAccounts: created account 'User'
2023-03-09 23:36:39, Info                         [Shell Unattend] UserAccounts: added 'User2' to group 'Users'
2023-03-09 23:36:39, Info                         [Shell Unattend] UserAccounts: Password set for 'User' 
2023-03-09 23:36:39, Info                         [Shell Unattend] UserAccounts: added 'User2' to group 'Administrators'
2023-03-09 23:36:39, Info                         [Shell Unattend] Exiting 'oobeSystem' pass with status 0x00000000
Alex
  • 41

2 Answers2

0

To begin troubleshooting this, you need more context about what is going wrong. You can get a detailed error log from

%WINDIR%\Panther\UnattendGC\SetupAct.log

Once you have the contents of this file, update your post, and we can offer more assistance.

Update:

So it appears you are trying to do administrator actions inside LogonCommands; this isn't ideal because this will run in the user context and most likely won't be elevated even if the user is an admin.

I recommend, given your use-case to set a hostname dynamically, that you instead use RunSynchronousCommand in the specialize pass as this way, it will run as the system.

https://learn.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-deployment-runsynchronous-runsynchronouscommand

Additionally, you can run the PowerShell command inline instead of using an external file you need to search for. See the below example.

<RunSynchronousCommand wcm:action="add">
    <Description>Rename computer using PowerShell</Description>
    <Order>1</Order>
    <CommandLine>powershell -ExecutionPolicy Bypass -Command "& {(Get-WmiObject Win32_bios).SerialNumber | Rename-Computer}"</CommandLine>
    <RequiresUserInput>false</RequiresUserInput>
</RunSynchronousCommand>
Greg
  • 21
  • 2
0

Thank you for pointing me to the documentation!

I was able to run script with following config: (still wanted to use the script file, not command because i added additional code)

 <settings pass="specialize">
    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
      <RunSynchronous>
          <RunSynchronousCommand wcm:action="add">
              <Description>Setup</Description>
              <Order>1</Order>
              <Path>cmd /c FOR %i IN (C D E F G H I J K L N M) DO IF EXIST %i:\setup.ps1 Powershell -executionpolicy ByPass %i:\setup.ps1</Path>
              <WillReboot>Never</WillReboot>
          </RunSynchronousCommand>
      </RunSynchronous>
    </component>
  </settings>
Alex
  • 41