Distributing Custom Modifications to 4000 Windows Boxen? 70
kenp2002 asks: "I recently tried to disable my Sleep Key on a Dell GX150. I found several ways to do this manually, but now I have to find a way to script a solution to do this on over 4000 machines! I tried keyboard re-mapping both through tools (which didn't see any ACPI keys) and through Microsoft's documentation (the old HKLM\Keyboard Layout change). Does anyone know of a solution on how to either remap or disable the Sleep key through a script or a really good internet resource where I can find information on issues like this? Keyboard filter drivers are not an option unless it can auto-install itself."
"I am on several Linux mailing lists but have never found a good NT mailing list where I can ask such questions from other admins.
I am stumped and Appdeploy wasn't much help, either.
I must prevent users from putting the machine into suspend and amazingly Microsoft will prevent a user, through administrative policy, from turning the machine off, but not suspending it! Any suggestions would greatly reduce my stress level and earn my eternal gratitude. "
Easy (Score:5, Funny)
Software to 4000+ boxes... easy, just install Outlook, a few choice lines of script.. well, it works for a load of viruses anyway! ;-)
The easy way (Score:4, Funny)
Re:The easy way (Score:2)
Re:The easy way (Score:2, Funny)
GHOST? (Score:1)
-kevin
Re:GHOST? (Score:3, Informative)
On a more positive note, if you have 4000 machines and you don't have ghost GET IT, you NEED IT! You'll save 1000's of hours building machices. I personally loaded 100 machince from no OS-to ready to put on the floor (each with a unique hostname and static-ip address) in about 1 hour.
Re:GHOST? (Score:1)
Re:GHOST? (Score:1)
On a ghost note... Norton Enterprise Ghost 7.x has the ability to remotly install applications. If you have Ghost Enterprise, you can make a img that only contains the changes that need to be made to the system. Again, with this you need to have all the machices setup with the Console service. Ghost is a wonderful package.
The other things you could use are the MS BackOffice suite, which is a bear to setup but, doesn't always require you to touch a machine to deploy settings. (By Your sig you pretty experienced in this area but)... I hope you didn't disable your administrative shares (I.E. C$, REG$ and the other ones), if you did, its going to take a lot more work then you want to upgrade your boxes. I have seen other programs that have the ability to apply registry settings, and modify files on the computers, some that need services some that don't. Which can all be done manually or while logged in as the domain administrator.
Could you explain more completely? (Score:2)
Re:GHOST? (Score:1)
Re:GHOST? (Score:1)
Re:GHOST? (Score:2)
Re:GHOST? (Score:2)
Slashdot pricelist (Score:1, Funny)
Re:Slashdot pricelist (Score:2)
In a domain? (Score:5, Informative)
1: Use a pro duct called "Advanced Registry Tracer" [search for it, you'll find it] to see the registry change made when you modify it from the Power options > Advanced control panel applet (granted you're using 2000 or XP). On a side note, ART is a kickass tool. There are many handy little uses for it.
2: If you are in a domain, simply assign a startup script. Execute a batchfile which updates the registry via a
Re:In a domain? (Score:2)
sysinternals (Score:2)
Dell OpenManage (Score:3, Informative)
Re:Dell OpenManage (Score:1)
More info would help (Score:4, Informative)
If these are 2000/XP boxes, do you have WMI enabled? If so you could connect to each box through a script and change the appropriate registry setting. You can also use WMI if you have explicitly installed it on NT. If you have 4000 Windows boxes you should definitely already be using WMI.
Do you have a common company-wide home page set for these users? Do they use IE4 or higher? If yes to both, you could put an ActiveX control on that home page and have it make the changes you need. Since your company home page is on the network behind the firewall it will be in the "local intranet" security zone and the user won't be queried when the ActiveX is installed.
Re:More info would help (Score:1)
I doubt that the program will recognize the key though. Only a few keyboards have a Sleep key.
Re:I agree with this post! (Score:1)
Go to altavista and translate BOXEN from german to english, and see what you get.
It's not a new made-up english word. It's just from a different language. Deal.
Re:Spelling alert! (Score:1)
Re:Spelling alert! (Score:1)
Where have you been? It's pretty commonplace in techie circles.
* (NOT Anglo-Norman as has been said. Normans were french, saxons were german. As french is a romantic language (from romans, not kissy kissy), it uses S for plurals, but those silly german use "en"
** And before you start ragging me about how germans weren't around, or germans were here not there, or that is austria not germany, etc..., german means related. look it up. English is the only language that calls that country anything close to "germany", which just means related people. Austria, Germany, Denmark, they're all german/germaine.
So concludes this lesson
Get Enterprise Management Software (Score:2)
If you are running 4,000 pc's w/o a domain, quit.
Re:Get Enterprise Management Software (Score:1)
Re:Get Enterprise Management Software (Score:2)
With AutoIt [hiddensoft.com] , of course.
In all fairness, MS actually has pretty powerful scripting built in through Windows Script Host [microsoft.com]. You can pretty much do anything with WSH that you can do in front of the PC, and a few more that you can't do in front of the PC. It's just a huge gaping security hole, and not as easy as shell scripting (IMO). But any good Windows admin should know about it and how to use it.
This is easy...... (Score:2)
2. What level of Access do the users have, admin, poor shumck user?
3. Do you have SMS Installer available to you(its a programing environment for writing install scripts)?
4. Do you have Winbatch available to you? (you will need either 3 or 4 not both)
5. Do you have the Resource kit for whatever os they are running?
You just need a script that removes the key written in one of the two installers above. To deploy it you need to know what level of access the users have...if they all generally have admin(unfortunately most companies are that stupid to give all the users this level of access to thier own machines) then you can deploy the script in the logon. Otherwise, Group policies could be used, or SMS. That failing grab a copy of Darkside its a utility for alllowing you as a n admin to removely excute things on someone elses machine. PSexec could also be used for this as well.
Re:This is easy...... (Score:1)
Re:umm Dell? (Score:1)
Good NT/2k/XP mailing list (Score:3, Informative)
Re:Good NT/2k/XP mailing list (Score:1)
rsh (Score:2)
unix solved this a long time ago with nfs or rsh
lost of people do rshd and I suspect that you could get a sshd for win32 as well
oh and name your box's well (-;
regards
john jones
Re:rsh (Score:2, Informative)
for i in `net view \\domain` ; { psexec.exe \\$i \\fileserver\share\regscript.reg ; }
something like that
-earl
Re:rsh (Score:1)
Don't use rsh (Score:2)
Addendum (Score:2, Informative)
i don't mean to be rude... (Score:2, Flamebait)
second, microsoft is extremly hostile to a large portion of the free software world - like the part that provides most of two gui's, the main compiler basic utilities across at least 4 free os's (one of which ms is extremely hostile to). so *WHY* in gods name do you think that people who make those systems their hobby or their livelihood shood actually spend time answering nt questions.
my attitude is, if you have a problem with a microsoft product call them or call a consultant. if you get poor support, well then maybe you should bring up that lack of support with your boss?
Re:i don't mean to be rude... (Score:1)
Yes, he should get support from MS or Dell. I agree completely. But I'm willing to bet a good portion of slashdot users interact with MS products everyday. I'm even willing to bet that of those users who do interact with MS products, many are Sys Admins. Now you can flame me all you want, but I think the question is valid, and aimed at the Sys Admin crowd of slashdot, not the I hate MS/Linux Rules/All your Base Belong to Us crowd on slashdot. Shouldn't we help provide an answer, not stick our noses in the air? I find this hipocritical(sic). Afterall, when I posted previously about wanting tech support for products (opensource or otherwise), everyone screamed and flamed that I should rely on documentation and the "community" for help. Now someone needs help, and because he uses NT, you're too good to help him out. I think that sucks.
Go ahead mod me down, but you know it's true.
Re:i don't mean to be rude... (Score:1)
Re:i don't mean to be rude... (Score:2)
Best laugh I've had all week.
Rude or not, his best chance of getting a useable answer is from a distinctly anti-Microsoft discussion site. Think about it. Gives a pretty good idea of what Microsoft's support is really worth.
4000 boxes? (Score:2)
Unless, of course, you do have some but it's Microsoft's SMS (which is worse than nothing at all).
But even if you don't have anything that fancy, hasn't anyone in your company ever heard of a login script?!?
Re:4000 boxes? (Score:1)
Re:4000 boxes? (Score:2)
If they're non-networked, then you've answered your own question. You manually schlump around to each individiual machine, and you make the changes. Unless you're looking for somebody to design a Lego robot to do that....?
Assuming that you've an install image that you use to create new machines, you can also throw the changes in there.
But as soon as you say 'non networked' then you quite obviously need to sneakernet it.
More info? (Score:1)
You don't say what the manual ways are. I suspect that you are doing it with the Dell keyboard utility that Dell places on the desktop. This utility is more than likely making a registry change or has an ini file where it keeps the settings. You need to find out which and locate the change.
Once you have located the change it is a simple matter to push it out to the other machines. First, there are management applications that you should look at. With 4000 machines to manage you should definitely be running a management application. Microsoft sells SMS which is somewhere between OK and weak. Novell sells ZenWorks for Desktops(yes it runs on NT/2000 too), which is outstanding for this kind of thing. Both of these products will allow you to easily scan the system to find the changes that the Dell utility is making. Both management systems will allow you to image these changes and then automatically push them out to the clients.
If you are not already using some such managent system, it would take a fair amount of time to install and deploy them and I get the impression that you need instant gratification. To do this, you must manually locate the changes that the Dell utility is making, either in the registry or the ini file. Once you've found them you can run a small batch file/login scipt at login to automatically copy the configuration changes to your client machines. I do this all the time in small environments that do not have management systems.
In any case, you really need to look at a management system when you are running 4000 machines. What's going to happen when Microsoft tells you that you must upgrade to the new M$ Office XP 2004? Under the licensing scheme that goes into effect 7-31-2002 they could do just that at any time. Are you going to manually install 4000 copies?
Re:More info? (Score:1)
Re:More info? (Score:2)
...
>You don't say what the manual ways are. I suspect that you are doing it with the Dell keyboard utility that Dell places on the desktop. This utility is more than likely making a registry change or has an ini file where it keeps the settings. You need to find out which and locate the change.
>Once you have located the change it is a simple matter to push it out to the other machines. First, there are management applications that you should look at. With 4000 machines to manage you should definitely be running a management application. Microsoft sells SMS which is somewhere between OK and weak. Novell sells ZenWorks for Desktops(yes it runs on NT/2000 too), which is outstanding for this kind of thing. Both of these products will allow you to easily scan the system to find the changes that the Dell utility is making. Both management systems will allow you to image these changes and then automatically push them out to the clients.
...
and then kenp2002 said:
> Correct on al counts but distribution is no problem I have access to Tivoli for managment. But I was seeking help on how to remap the sleep key (or a good mailing list) as I could not get it to work through the registry or most keyboard tools. I wasn't looking for how to distribute it. I should have made it clearer. You hve plenty of good ideas. Also these machines are Kisok machines, no workstation apps at all, just in house stuff.
(both below 2 so I'm quoting to make them seen)
I'll repeat FreeLinux's comment - do you have a manual way to remap it? I have personal experience with Novell's ZENWorks - it includes a utility called SnapShot that can, as FreeLinux said, find the changes made by another app quite easily. You can view the changes thus discovered and push them out through the management tool of your choice. I would hope that Tivoli has a tool like SnapShot. If it doesn't, then how are you packaging apps for distribution?
And again as FreeLinux said - ZENWorks will run just fine on NT/2K without any Netware in sight. The latest version (4, now in beta) will even run without Client32.
I should charge you for this. (Score:2)
These buttons, certainly the sleep button, rely on a psuedo service called MMKEYBD.EXE. While MMKEYBD.EXE is running, pressing the sleep key will put NT/2000 into sleep mode. To prevent this from happening you simply disable the service.
To disable the service open regedit and delete the following key value: HKey_Local_MAchine\Software\Microsoft\Windows\Cur
SZ Multimedia Keyboard
The next time the PC is started, MMKEYBD.EXE will not run and the sleep key will be dead. NOw, if you also need the other programmable keys to work, you still have a problem as I believe that they will also be dead when this service is stopped.
As for good mailing lists...... I've never seen one.
Mod Parent Up (Score:1)
Basically this guy saved me some typing.
Take an MCSE class and they'll tell you how to do this...
Re:Mod Parent Up (Score:1)
nt login script (Score:1)
Re:nt login script (Score:1)
Easy way (Score:2)
Keyboard remapping (Score:1)
Wake On LAN? (Score:1)
If that wasn't the reason u wanted them on, then just enable wake on lan any way, and ping them every 5 min =)
I should charge you for this. (Score:2)
These buttons, certainly the sleep button, rely on a psuedo service called MMKEYBD.EXE. While MMKEYBD.EXE is running, pressing the sleep key will put NT/2000 into sleep mode. To prevent this from happening you simply disable the service.
To disable the service open regedit and delete the following key value: HKey_Local_MAchine\Software\Microsoft\Windows\Cur
SZ Multimedia Keyboard
The next time the PC is started, MMKEYBD.EXE will not run and the sleep key will be dead. NOw, if you also need the other programmable keys to work, you still have a problem as I believe that they will also be dead when this service is stopped.