• Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About hydroeon

Profile Information

  • OS
    Windows 7 x64
  1. For example when using Adobe software and clicking "save as" explorer pops up for the location and it saves normally. Other software does not do this; you choose where to save the files within the applications own interface and it doesn't work. Advanced installer for example saves the file ok (again using the explorer-type-method) but when running the compiler it gets no write permissions unless the share is open in explorer
  2. After a couple of very late nights I have tracked down the following bug (which I hope isn't really a bug): On a default Win7x64SP1 MSDN install with all relevant credentials permanently installed for the \\fileserver-name-and-IP, all shares are accessible with full control in EXPLORER. However, all applications that don't use explorer are not able to write any files to any share **UNTIL** that share is open in explorer i.e. open that share in explorer, leave the window open, and NOW all programs can access it! YES I thought it was just some parameter in Win7 security policy but after hours of trying nothing so far has worked To replicate this bug you just need some software that doesn't utilise explorer for file copying. If this can't be corrected by some setting on the win7 machine (don't see how the server could have anything to do with this since this behaviour is observed on 2003R2SP2 also!) then it's a bug and surely I'm not the only one who's come across it. I really hope that somebody here knows how to fix this
  3. That's the problem I'm on about. It's easy to beef up the security and sort out the credentials so that network shares are easily accessible YES....BUT something in windows prevents software packages receiving the same authority as a user clicking in explorer. I'm just under the impression now that it's a bug in windows and there is also a lot of inconsistencies in security features. None of these machines have people using them (they are render servers) and I'm just at a stage where I don't care who's bug it is..I just want it to work...like it would work by using linux for example. Incidentally, software can access all resources if I set up an AD with a domain...which is a PITA for render servers with no users as they often have to be reconfigured. The only workaround so far is to automout network shares with a batch file; this works (at a high security level) but there are too many drives to mount and I shouldn't have to think of so many workarounds. AHA! I can even say this: NO software would be able to write to any of those shares when the software does not call windows explorer for its file copying! i.e. if you click save as etc. it would work...if the app tries to run in the background it wouldn't... it's either some settings or a bug
  4. Greetings fellow MSFN-ers! I seek to find the knowledge of how one could COMPLETELY eliminate folder sharing/network security features. What I need to do is to have one 08R2 server let ANYONE access its shared folders with FULL control WITHOUT entering ANY passwords at ANY stage. Now, the reason I can't be flexible on the above is because some applications I use are refused write access even when all security settings are properly configured. This is probably due to the software not being able to handle/pass down appropriate details but it's currently irrelevant as I just want to strip the server of ALL security to see if it's even possible. By the way when I first learnt to configure the server to share securely I had to deal with something like 6 bugs in windows 7/08R2 SP1 so I'm not sure if the above is even possible in reality. For example, if the group policy is stripped of all security and everyone permissions are applied to shared folders then although anyone could fully access the folders PROVIDED they enter a fake i.e. ANY logon details at the prompt that pops up! NO this is not a 'feature', it's a bug because I've turned off all of the password prompt things anyway; they just keep doing it. A password prompt is enough to stop an app writing some files. Current settings: Firewall disabled Anonymous settings sorted (enabled in several places) Turned off various authentication processes in group policy UAC disabled everywhere Using native Administrator account on all machines Password prompt off (still does it though Any ideas?
  5. *SOLVED* Well sort of, it'll have to do: In three steps: 1: mountvol X: /D (this will dismount any device on "X:") 2: net use X: \\server_name\driveorfolder PASSWORD /USER:%COMPUTERNAME%\Administrator /PERSISTENT:YES (This will mount the drive/folder to X:) 3: %SYSTEMROOT%\explorer.exe X:\ (open the new mapped drive, this for some reason was needed to make it all work properly after reboot) 4: taskkill /f /im explorer.exe and then explorer.exe (Restart Explorer before rebooting) PS - Obviosuly network credentials must be installed for all this to work without entering passwords afterwards i.e. REM Permanently store network credentials: cmdkey /add: /user:Administrator /pass:PASSWORD cmdkey /add:SERVERNAME /user:Administrator /pass:PASSWORD
  6. Greetings! I've the following issue: When Windows is installed and OOBE batch file is ran the network drives are not all mapped because the drive letter is often already occupied by some useless dummy card reader (i.e. it's not actually used). The various solutions provided by M$ all have serious holes since I either have to know the drive number or it doesn't work in cmd. IDEALLY, I would like to simply enter the mapped drives in cmd and let windows dismount and change assigned letters of other devices automatically (er, not going to happen). THEREFORE, I'm trying to find a way to simply dismount all assigned letters to devices or drives (apart from C: obviously) so that the mapped drives would all be available. And then upon restart, hopefully the dismounted devices would find their new home There must be SOMETHING that would accomplish the above in a batch script?
  7. Greetings everyone I'm currently in the process of creating an unattended Win7 image which includes Office 2010 SP1 which is installed in the OOBE section. Basically I place the OFFICE 2010 SP1 folder in $OEM$ which gets copied over to the C driver and then I call the setup.bat inside that folder from the autounattend.xml. Everything works well (apart from taking twice as long to install!! ). However, the size of the installation grew by over 4GB!!! by simply adding office 2010 SP1. Obviously something is dodgy so here I am investigating So far I've tracked the following: 1) Program Files folder weighing in at 884MB!! (go me I'm so clever ) 2) MSOCache - 685MB Now, I've got this feeling that for some reason the original $OEM$ folder files are also backup up somewhere which is about 1.1GB but I couldn't find anything on this. I also don't understand where the other files are (over 1GB of them). Oh and about that MSOCache - If I delete that nonsense, will it ask me for the CD if I try to install a built in Excel addon for example? (Assuming I've installed all features in the default installation) I'm sensing that there are several GB which could be saved here Hopefully somebody here can help
  8. Thanks everyone for your input! I'm still stuck as certain things are just not working at the moment for whatever reason. The points I'd like to clarify are as follows: 1) The boot.wim is what's actually important when it comes to booting with drivers since install.wim happens after and may not include any drivers for the purpose of simply installing the OS? 2) The boot.wim MUST include ONLY 32 bit drivers EVEN if the OS to be installed is 64 bit? (So you always need to have x86 and x64 drivers for things to work properly?) I think point 2 may be the reason things are not working so well on this side
  9. Greetings everyone!! I'm trying to figure out if it's possible to install Windows 7 x64 SP1 unattended from a USB 3 drive. I've tested the drive and it's actual read speed fluctuates around 200MBps when connected to USB 3 so I'm rather keen on finding a workaround. Is this even possible at the moment? I mean obviously if M$ integrated the drivers in WinPE then it should be possible but I've yet to hear anyone actually do this. Any ideas?
  10. YES!!!!! AWESOME!!! it worked first time!!!! Still interested in a reg/batch way of doing this too but at least I can now do it in one unattended way! Thank you everyone for your help! Now..... only sound and gadgets are left before deployment.... should probably start a new post though (just need to install some OOBE gadgets from cmd and disable startup audio sound and set the default windows sounds to "no sounds".
  11. If DisableSR does indeed work properly then this is exciting news. M$ DisableSR compatibility matrix? - My link And also: <DisableSR>1</DisableSR> - "This limits the ongoing usefulness of System Restore on the computer." - My link So I'm guessing that while it won't actually delete anything it'll disable it from ALL drives (and not set it to manual)? What service is it though!? I mean why isn't there a setting within windows without going through the GUI? Any help greatly appreciated! PS - Where do I need to place the "<DisableSR>1</DisableSR>" ? In the OOBE or Deployment!?
  12. I've not tried that but according to M$ it's not compatible with Windows 7 x64. Also, it states that "This limits the ongoing usefulness of System Restore on the computer." - implying that the files won't actually be deleted nor is the system restore would be disabled completely. Thanks for the input though. Am I the only one who thinks system restore is an utter waste of space!? (I backup frequently and can restore entire systems from SSDs in about 4 min ~40GB uncompressed, I've only tried to use it once years ago when I didn't know much about backup and the thing never worked anyway )
  13. Greetings fellow MSFN-ers!!! After many hours of searching; I'm stuck! I seek to properly disable system restore i.e. delete any relevant files and fully disable system restore only (not by shadow copy workarounds etc) on first boot through OOBE. Obviously, a reg entry, batch command or whatnot is preferred to launching that system restore settings window in the above scenario. However, the issue is that ALL of the 'solutions' I've found simply don't work e.g. there is no such thing as a system restore service, a reg entry under policies (WinNT section) etc and yet the service (whatever it actually is) is certainly live and kicking! I would like to refrain from modifying the .wim file to achieve this and am hoping that there is a real working solution for this issue. If this is a secret service to disable and you know how to do it then tell me; I won't tell anyone else!