Search A-Z index Help
University of Cambridge Home Physics Dept Home Mike Roses' Home Page TCM Group Home

My favourite Windows reg hacks for managing client windoes computer

reg hacks done using regedt32, testing, then regexlorer to generate the reg hacking files

All for samba running a windows domain to manage users and computers, but how do we reboot the computers to get the startup script to work?

Windows Machine hacks - run by script on startup

Define the startup script (on samba server, e.g. windows_startup.bat in NETLOGON share) for windows computers

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Startup\0]
"FileSysPath"="C:\\WINDOWS\\System32\\GroupPolicy\\Machine"
"GPO-ID"="LocalGPO"
"GPOName"="Local Group Policy"
"SOM-ID"="Local"
"DisplayName"="Local Group Policy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Startup\0\0]
"ExecTime"=hex(11):00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"Parameters"=""
"Script"="\\\\SERVER_COMPUTER\\netlogon\\scripts\\windows_startup.bat"

The Registry Settings

Windows Automatic updates on 

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"RescheduleWaitTimeEnabled"=dword:00000001
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:00000004
"AUOptions"=dword:00000004
"NoAutoUpdate"=dword:00000000
"RescheduleWaitTime"=dword:00000014

disable Windows XP tour 

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\Tour]
"RunCount"=dword:00000000

DNS search list of suffixes 

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient]
"SearchList"="domain.com,domain.ac.uk,ac.uk"

Remove Logon Banner 

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LegalNoticeText"=-
"LegalNoticeCaption"=-

Windows Time Client (NTP) 

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient]
"ResolvePeerBackoffMaxTimes"=dword:00000007
"ResolvePeerBackoffMinutes"=dword:0000000F
"SpecialPollInterval"=dword:00000E10
"CrossSiteSyncFlags"=dword:00000002
"Enabled"=dword:00000001
"EventLogFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\W32time\Parameters]
"Type"="NTP"
"NtpServer"="ntp-servername.domain.ac.uk"
The script (e.g. windwos_startup.bat) is something like: 
regedit /s \\$SERVER\netlogon\scripts\windows_machine_reg_hacks\dns_search_list_suffixes.reg

regedit /s \\$SERVER\netlogon\scripts\windows_machine_reg_hacks\remove_logon_banner.reg

regedit /s \\$SERVER\netlogon\scripts\windows_machine_reg_hacks\auto_updates.reg

regedit /s \\$SERVER\netlogon\scripts\windows_machine_reg_hacks\windows_time_client.reg

regedit /s \\$SERVER\netlogon\scripts\windows_machine_reg_hacks\disable_xp_tour.reg

regedit /s \\$SERVER\netlogon\scripts\windows_machine_reg_hacks\firewall_adjustments.reg

Windows User hacks - run by windows logon script

Delete internet explorer cache on logout 

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]
"Persistent"=dword:00000000

Desktop Cleanup Wizard Off 

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\CleanupWiz]
"NoRun"=dword:00000001

Folder Redirection. network paths (\\server\profiles\userID\folder) are done as HEX stuff - easiest is to type in paths with regedt32 and use reg explorer to generate .reg files 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Personal"=hex(2):Hex stuff
"AppData"=hex(2):Hex stuff
"My Pictures"=hex(2):Hex stuff

Internet Explorer Autoconfig Proxy (if using a webcache) 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"AutoConfigURL"="http://domain/your_prox_config.pac"
"ProxyServer"=-
"ProxyOverride"=-
"ProxyEnable"=dword:00000000

Enabling the user registry settings script

Run a reg script (e.g. startup_script.reg) on each client computer: 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Startup\0]
"FileSysPath"="C:\\WINDOWS\\System32\\GroupPolicy\\Machine"
"GPO-ID"="LocalGPO"
"GPOName"="Local Group Policy"
"SOM-ID"="Local"
"DisplayName"="Local Group Policy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Startup\0\0]
"ExecTime"=hex(11):00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"Parameters"=""
"Script"="\\\\$SERVER.$DOMAIN\\netlogon\\scripts\\windows_startup.bat"

© 2003 Theory of Condensed Matter Group and BSS
Information provided by mr349 at the domain you should be able to guess.
Privacy policy