F
firewire10000
I have some custom scripts that I have written to customise Windows 10 such as removing bloatware and setting file explorer options via Registry Editor that I use to apply to all users and/or the system.
I have created a `autounattend.xml` Answer File with some simple parameters such as formatting the disk, creating partitions and selecting the version of Windows to install etc and then using the `reseal` parameter to log the computer into Audit Mode automatically after the initial installation and bypassing the OOBE screen.
My scripts have all been tested in Audit Mode (CTRL, SHIFT + F3 from the OOBE screen) and they work perfectly fine for any proceeding user that uses the system once it's in normal working order. Additionally, I use an `unattend.xml` file located in `$OEM$\$$\System32\Sysprep` within the installation media to finish the installation after I leave Sysprep and restart the computer. This sets up a new local administration account and password that logs automatically into the desktop. Essentially I have two unattend Answer Files split into two parts so I'm not actually sure if this is the correct way of doing it, but it seems to work well.
I would now like to automate the installation completely so that the scripts I currently manually run in Audit Mode execute without any user intervention. In Windows System Image Manager there is the `RunAsynchronousCommand` component found under `amd64_Microsoft-Windows-Deployment_10.0.19041.1_neutral` which can only be added to `Pass 6 auditUser`. Within the `$OEM$` folder on my installation media is the following directory structure `$1\Scripts`, and this contains various Batch and PowerShell scripts. I would like to point the path parameter of `RunAsynchronousCommand` to the Scripts folder the `$OEM$` folder creates but nothing ever seems to work.
Because I'm using two-part Answer Files, should I be placing `RunAsynchronousCommand` into my `autounattend.xml` or `unattend.xml` Answer File?
With everything all working, do I need to remove any of the `Reseal` properties from the Answer File?
Below are the contents of my two Answer Files located on my installation media:
**/autounattend.xml**
````
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EnableNetwork>false</EnableNetwork>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/NAME</Key>
<Value>Windows 10 Pro</Value>
</MetaData>
</InstallFrom>
<WillShowUI>Always</WillShowUI>
</OSImage>
</ImageInstall>
<UserData>
<ProductKey>
<WillShowUI>Always</WillShowUI>
<Key />
</ProductKey>
<AcceptEula>true</AcceptEula>
</UserData>
</component>
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SetupUILanguage>
<UILanguage>en-gb</UILanguage>
<WillShowUI>Always</WillShowUI>
</SetupUILanguage>
<InputLocale>en-gb</InputLocale>
<SystemLocale>en-gb</SystemLocale>
<UILanguageFallback>en-us</UILanguageFallback>
<UILanguage>en-gb</UILanguage>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Reseal>
<Mode>Audit</Mode>
</Reseal>
</component>
</settings>
<cpi
fflineImage cpi:source="" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>
````
**$OEM$/$$/System32/Sysprep/Unattend.xml**
````
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>cABhAHMAcwB3AG8AcgBkAFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>1</LogonCount>
<Username>LocalAdmin</Username>
</AutoLogon>
<UserAccounts>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>cABhAHMAcwB3AG8AcgBkAFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Name>LocalAdmin</Name>
<Group>Administrators</Group>
<DisplayName></DisplayName>
<Description>Local adminstrator stored on the system drive</Description>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<OOBE>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideEULAPage>true</HideEULAPage>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<ProtectYourPC>3</ProtectYourPC>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
</OOBE>
<BluetoothTaskbarIconEnabled>true</BluetoothTaskbarIconEnabled>
<DesktopOptimization>
<ShowWindowsStoreAppsOnTaskbar>false</ShowWindowsStoreAppsOnTaskbar>
<GoToDesktopOnSignIn>true</GoToDesktopOnSignIn>
</DesktopOptimization>
<StartTiles>
<PromoteOEMTiles>false</PromoteOEMTiles>
</StartTiles>
</component>
</settings>
<cpifflineImage cpi:source="" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>
````
Continue reading...
I have created a `autounattend.xml` Answer File with some simple parameters such as formatting the disk, creating partitions and selecting the version of Windows to install etc and then using the `reseal` parameter to log the computer into Audit Mode automatically after the initial installation and bypassing the OOBE screen.
My scripts have all been tested in Audit Mode (CTRL, SHIFT + F3 from the OOBE screen) and they work perfectly fine for any proceeding user that uses the system once it's in normal working order. Additionally, I use an `unattend.xml` file located in `$OEM$\$$\System32\Sysprep` within the installation media to finish the installation after I leave Sysprep and restart the computer. This sets up a new local administration account and password that logs automatically into the desktop. Essentially I have two unattend Answer Files split into two parts so I'm not actually sure if this is the correct way of doing it, but it seems to work well.
I would now like to automate the installation completely so that the scripts I currently manually run in Audit Mode execute without any user intervention. In Windows System Image Manager there is the `RunAsynchronousCommand` component found under `amd64_Microsoft-Windows-Deployment_10.0.19041.1_neutral` which can only be added to `Pass 6 auditUser`. Within the `$OEM$` folder on my installation media is the following directory structure `$1\Scripts`, and this contains various Batch and PowerShell scripts. I would like to point the path parameter of `RunAsynchronousCommand` to the Scripts folder the `$OEM$` folder creates but nothing ever seems to work.
Because I'm using two-part Answer Files, should I be placing `RunAsynchronousCommand` into my `autounattend.xml` or `unattend.xml` Answer File?
With everything all working, do I need to remove any of the `Reseal` properties from the Answer File?
Below are the contents of my two Answer Files located on my installation media:
**/autounattend.xml**
````
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EnableNetwork>false</EnableNetwork>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/NAME</Key>
<Value>Windows 10 Pro</Value>
</MetaData>
</InstallFrom>
<WillShowUI>Always</WillShowUI>
</OSImage>
</ImageInstall>
<UserData>
<ProductKey>
<WillShowUI>Always</WillShowUI>
<Key />
</ProductKey>
<AcceptEula>true</AcceptEula>
</UserData>
</component>
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SetupUILanguage>
<UILanguage>en-gb</UILanguage>
<WillShowUI>Always</WillShowUI>
</SetupUILanguage>
<InputLocale>en-gb</InputLocale>
<SystemLocale>en-gb</SystemLocale>
<UILanguageFallback>en-us</UILanguageFallback>
<UILanguage>en-gb</UILanguage>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Reseal>
<Mode>Audit</Mode>
</Reseal>
</component>
</settings>
<cpi
fflineImage cpi:source="" xmlns:cpi="urn:schemas-microsoft-com:cpi" /></unattend>
````
**$OEM$/$$/System32/Sysprep/Unattend.xml**
````
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>cABhAHMAcwB3AG8AcgBkAFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>1</LogonCount>
<Username>LocalAdmin</Username>
</AutoLogon>
<UserAccounts>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>cABhAHMAcwB3AG8AcgBkAFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Name>LocalAdmin</Name>
<Group>Administrators</Group>
<DisplayName></DisplayName>
<Description>Local adminstrator stored on the system drive</Description>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<OOBE>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideEULAPage>true</HideEULAPage>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<ProtectYourPC>3</ProtectYourPC>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
</OOBE>
<BluetoothTaskbarIconEnabled>true</BluetoothTaskbarIconEnabled>
<DesktopOptimization>
<ShowWindowsStoreAppsOnTaskbar>false</ShowWindowsStoreAppsOnTaskbar>
<GoToDesktopOnSignIn>true</GoToDesktopOnSignIn>
</DesktopOptimization>
<StartTiles>
<PromoteOEMTiles>false</PromoteOEMTiles>
</StartTiles>
</component>
</settings>
<cpi
fflineImage cpi:source="" xmlns:cpi="urn:schemas-microsoft-com:cpi" /></unattend>
````
Continue reading...