Create Favorites for Internet Explorer 10 Using Group Policy

I know Windows 8 and Internet Explorer 10 have both been out for a while, but I also know a lot of administrators out there are trying to hold off as long as possible on deploying them into their environments.  I know I have been, because IE 10 breaks a number of older line-of-business applications that work fine in IE 6, 7, 8, and 9.  Of course, if these applications could be upgraded to a more recent version that supports IE 10, that would be great, but that's not always possible.  However, that doesn't mean you aren't testing Windows 8 and IE 10 in your test labs (even if that isjust some virtual machines and old clunky boxes you rescued from a junk pile).

One of the first, and most frustrating, things I noticed about IE 10 is that installing it takes away the "Internet Explorer Maintenance" section from the Group Policy Management Console (GPMC or gpmc.msc to those of us who've been around for a while).  This was particularly frustrating to me because I use this area to define Favorites for my users.

It took a little bit of time with Google and putting the pieces together, but I found how to work around this annoyance.  The answer is Group Policy Preferences (GPP).  The beauty of this solution is that it should work with any IE version, as long as the OS supports Group Policy Preferences.  That means you need XP SP2 or 2003 SP1 or newer and The KB943729 GPP Client Side Extensions (CSE) Update if applicable.  Windows 7, 8, 2008, 2008 R2, and 2012 do not require this update.  If you still have Windows 2000 workstations, this won't work there, as the GPP CSEs are not available there.  Now that you have your clients ready for this, let's get to the actual policy creation bit.

For this example, I'm going to create a new Group Policy Object (GPO) for testing, called "IE 10 Favorites," and link it to the root of my testing domain.  An illustrative image:

Now I'm going to right-click the GPO and select "Edit" so I can actually put some settings in there.  Expand the "User Configuration" node in the tree at the left, then expand "Preferences" and "Windows Settings" to see the areas to use.

If you want to create folders in the Favorites menu/pane, you'll need to use the "Folders" option that you see in the left pane of the Group Policy Editor.  Click it and you'll see the right pane of the window change to reflect that you're in the GPP Folders section.  Right-click in the white area there, point to "New," then select "Folder."  Since you want to create the folder within Favorites, enter the path as %FavoritesDir%\FolderName in the "Path" field.  In the example below, I used "%FavoritesDir%\Test Favorites" for the name.  I chose the "Create" actoion here, as it made more sense than "Update" would have, although both would have worked.  The promised example:

Click OK to save the setting.

Now to actually create the Favorites themselves.  This one gets a bit tedious and repetitive.  In the left pane of the Group Policy Editor, select "Shortcuts."  Right-click on the white area in the right pane, point to "New," and select "Shortcut."  I created two to illustrate how the folders work.  Set the Action to "Update" to fix the Favorite automatically in the event a user edits it.  Don't set the Name quite yet.  Set the Target Type to "URL" and the Location to "Explorer Favorites" first, otherwise the changes will wipe out whatever you've typed for the Name.  Now you can enter the Name.  For my first shortcut, I used "Google" for the name, then set the Target URL to "http://www.google.com/".  I didn't change any other options.  Click OK to save the shortcut configuration.

To create the favorite inside a folder, I created another shortcut here in the Group Policy Editor.  This time, though, I used "Test Favorites\Gmail" for the Name and "https://www.gmail.com/" for the Target URL.  Another illustration:

Once the GPO is created, wait for it to replicate to your other domain controllers (you do have more than one, don't you?  And yes, I'll forgive only one DC in a test lab!).  Replication should be complete within the Active Directory site within 15 minutes, or 5 minutes if you have only two DC's.  Now log onto a workstation as a user that the policy will apply to.  Verify that the favorites were created.  If they weren't, run "gpupdate /force" to force the workstation to reapply its Group Policy settings.

If you see something similar to this, you did it right.

Enjoy the torture of migrating your old settings to this new method, because it will definitely take you a while!

How to Image With Windows Deployment Services (WDS)

Windows Deployment Services (WDS) is a network-based imaging software developed by Microsoft. Windows Deployment Services is used to deploy Windows installation like Windows 7 over a network. Found in Server 2008 and later as well as an optional install in Server 2003 SP2, Windows Deployment Services images files that are in the Windows Imaging Format (WIM). This article will show you how to install a install image and capture an image for deployment over a network.

Steps

1. 
   1
   Install Windows Deployment Services (WDS) Role. In server manager, right click roles and select add role. The add role wizard should come up to the welcome screen, click next. Select Windows Deployment Services Role at the bottom of the list and click next. Accept defaults and click next. Click install.
2. 
   2
   Configure Windows Deployment Services Server. After the install, go to start menu, Administrative tools, click Windows Deployment Services. Right click on servers, select add server. Select local computer and click OK. Right click the server and click configure server. On the welcome screen click next. On this page you need to select a location to store the images, click next. Since the server is running DHCP, Select Do not listen to port 67 and Configure DHCP option to 60 to PXE Client" click next. Choose how you want the server to respond to clients. If you choose respond only to known client computers you will have to enter computers manually. Click next, then click finished.
3. 
   3
   Add Boot Image. When you clicked finished after you configured the server the Add image wizard should have come up. If not in the Windows Deployment Services window, click the plus sign next to servers and click the plus sign next to your server you added. Right Click on Install images and select Add Install Images. Select Create a new Image Group and rename the image group. Click browse to choose the Windows image (.WIM) file you wish to use and Click next. If there is more than one image in the .WIM file, on the next page you need to select the images you want and click next. Make sure everything is right on the summary page and click next. The image or images will install. When installation is completed, click finished.
4. 
   4
   Create Capture Image. Right click the boot image folder under your server on the Windows Deployment Services window, and select add boot image. Browse for the boot image (boot.WIM)file you wish and click Next. Give the boot image a name and a description, click next. Confirm and click next. After Installation, click finished. Right click the boot image and select "Create a Capture Boot Image", click next. Name and give the capture image a description, and select the boot image you installed, click next. When the image has been captured click finished.
5. 
   5
   Run Sysprep on Client PCs. Boot up the client. Click Start, Computer, local drive C:\. The file path is C:\Windows\system32\Sysprep. Open sysprep folder and run the sysprep application. Set the system clean up action to enter system Out-of-Box Experience (oobe), I recommend you set the shutdown option to shutdown, Check the Generalize box and click OK. Sysprep will run removing unique security IDs and other unique information.
6. 
   6
   Boot into the network. Boot the PC, enter the key combination to enter the boot menu before windows boots. The combination is displayed on the screen when the bios is loading, usually f12. If you need to see the combination again or missed the time to enter the command press Ctrl+Alt+Del to restart. When you boot into the boot menu, select boot into network. Select the capture image from the Windows Boot Manager to boot into the Windows Deployment Services Image capture Wizard.
7. 
   7
   Complete the Windows Deployment Wizard. Begin by selecting the volume to capture. If you are looking for the C: drive it has been changed because of sysprep, because C:\ holds the boot files. After selecting the volume to capture, name the image and give it a description, click next. Check the Upload image to Windows Deployment services server. You should be prompted to enter credentials. Next select the image name from the dropdown box. Now we need to mount a drive by holding shift+f10 to enter Command Prompt. In command Prompt type: net use *\\Servername\Folder. Example: net use *\\Hound\my images. The "*" means chose a drive letter not in use, "Hound" is my server name and "my images" is my folder to hold the image. After you type in the command hit enter. Exit command prompt. Select browse to locate the location you created in command prompt. Click next. Now the hard drive is copying to the server. You have captured an image.

Windows 7: Accidently ran SysPrep, need to restore Windows 7 desktop

Hi Ramon, welcome to the Seven Forums. 

Accidentally open the Sysprep dialog then also accidentally select the Generalize option which is disabled (not selected) by default, and then accidentally click OK to run Sysprep instead of clicking Cancel or simply closing the dialog. I do not know what to say .

But, seriously, nothing irreparable has happened. In fact the only thing that has happened is that the Generalize switch has removed all hardware related information and drivers as well as theme personalizations and customizations, replacing them with the same general non hardware specific drivers Windows uses when first time installed, and with Windows general theme. All your data is still there, as well as installed software, everything intact.

An OOBE (Out-Of-Box Experience) Mode also known as Welcome Mode is the first boot after Windows has been installed. OOBE boot assumes it is the first time ever your Windows PC has been booted up and that it has no user profiles, no computer name and so on. Although you run Sysprep on an existing system which causes an OOBE boot to be run and there in fact exists an user account (or several accounts), OOBE does not know this. 

Simply do what OOBE wants you to do, give it a computer name and a username. For computer name you can use the same name you had earlier if you want to but you can also pick a new name. 

For the username you cannot use any existing usernames. Using myself as an example: My Windows username is Kari. If I run sysprep which makes Windows to run an OOBE boot, Windows flags the user profile Kari as reserved and does not let me to use it on OOBE:

To work around this I simply create a dummy user here naming it Dummy, then when Windows finally shows the Welcome / Logon screen I select my old existing user account Kari to log in and first thing after entering the desktop, I go toControl Panel > Users and delete the user Dummy.

To put the above very short:

• Name your PC as you wish
• Use a temporary dummy user account naming it as you wish
• When on Welcome / Logon screen, select your old user account to log in
• Delete the temporary dummy user account

Notice that you also need to re-activate your Windows 7 so find your product key, and if you had enabled the built-in administrator account the Generalize switch has disabled it and you need to re-enable it if needed. 

When finally on your desktop you'll find that all software and personal data is there, intact. However, all your personalizations and customizations are gone (theme, colors, sound scheme), Windows is using the default theme and wallpaper instead so you need to set your customized theme, wallpaper, sounds etc. again.

You might need to reinstall a few drivers (for example chipset, video, audio, USB3), check Device Manager for possibly missing drivers as the Generalize switch you used with Sysprep removed everything hardware specific. Windows 7 is pretty good in finding correct drivers so usually there's no need or very little need to reinstall drivers. Also check optional Windows Updates to see if WU offers some driver updates.

For a useful way to use Sysprep with Generalize switch, see this tutorial: Windows 7 Installation - Transfer to a New Computer. At the end of the tutorial you'll find an info box telling exactly what sysprepping with the generalize switch does to your Windows.

Kari

Changing the Default Profile on Windows 7

It has become increasingly obvious to us in recent months that people are downloading and installing our User Profile Manager software just in order to use the “Set As Default Profile” feature on Windows 7. Presumably they are then uninstalling the software again afterwards…

The problem is that Windows 7 has greyed out the “Copy To…” feature in the “User Profiles” dialog box that admins have used for years to set up a default profile for users logging onto a Windows workstation.


Why Microsoft have done this is not altogether clear. Responses on the Microsoft’s support forums say things like “There were many issues with it in the prior OSes, even though those issues were not always apparent…” (Mmm… the old invisible problem problem) and that this is “due to the User Account Control (UAC) and other security settings of the user account…” - which doesn’t really ring true either. I suspect that the problem is more to do with the profile folder structure and its reliance on junction points which cannot simply be copied over. But whether this is the case or not, why didn’t Microsoft just fix it? The most likely answer to that is that they just didn’t think it was important enough to spend any time on – which betrays a certain disconnect between Microsoft and those tasked with installing Windows on company machines around the globe.

However, installing User Profile Manager just to set the default profile is like going to a movie just to eat the popcorn. So what we’ve done is to take the "set default profile" code out of User Profile Manager and put it is a small command line utility – DefProf – that you can download for free.

How does it work?
DefProf does not simply delete the old “Default” profile folder and copy over a profile that you specify. Instead it keeps the existing Default profile in place and empties it; this preserves the folder structure with all junctions points and folder security settings. DefProf then copies over the files and settings from another profile that you specify. Additionally, DefProf loads the registry for the specified profile and cleans it up so that any user specific settings (that we know about) are removed.

It is worth emphasizing here that DefProf uses the existing folder structure. This means that if you have already messed up the Default user profile folder, DefProf won't fix it.

Using DefProf
Using DefProf is very easy. Firstly you setup a profile to the way you want just like you always do. Say you create a ‘Setup’ account to do this, and Windows creates a C:\Users\Setup profile folder when you logon. When you’re done making the profile look the way you want, you open a Command Prompt as an Administrator and just type thefolder name:

c:\>Defprof setup

That’s it!

Feedback
We’ve done our testing, and DefProf seems to be working fine on Windows 7, 32 and 64-bit, and in a variety of languages. However, if you think we have missed anything please post a comment on theForum and we'll do our best to fix it.

You can download DefProf here.