Infra

wget https://raw.githubusercontent.com/snipe/snipe-it/master/snipeit.sh

chmod 744 snipeit.sh

./snipeit.sh 2>&1 | tee -a /var/log/snipeit-install.log

Update Unifi AP using SSH

Update Unifi AP using SSH

Download the correct software from Ubiquiti.

Change the name from the downloaded file to fwupdate.bin

Open WinSCP and connect to the AP using SCP protocol.

Copy the fwupdate.bin file to /tmp folder.

Close WinSCP and open Putty. Connect to the AP using ssh.

Issue the command syswrapper.sh upgrade2 & after this your session will close automatic and the AP will start the upgrade.

MDT Cheat sheet

The unattend files you will need to capture an MDT image file.

HideShell=True –> Important if computer skips last steps

Rules

[Settings]
Priority=Default
Properties=MyCustomProperty

[Default]
OSInstall=Y
SkipBDDWelcome=YES
SkipCapture=YES
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerBackup=YES
SkipBitLocker=YES
_SMSTSOrgName=SNOR ICT Bezig met installeren Windows 10
SkipDomainMembership=YES
SkipFinalSummary=YES
SkipLocaleSelection=YES
SkipPackageDisplay=YES
SkipProductKey=YES
SkipSummary=YES
SkipTimeZone=YES
SkipUserData=YES
SkipComputerName=NO
TimeZoneName=Romance Standard Time

UILanguage=nl-NL
UserLocale=nl-BE
Systemlocale=nl-NL
KeyboardLocal=0813:00000813

SkipAppsOnUpgrade=YES
SkipFinalSummary=YES
FinishAction=REBOOT

WindowsUpgradeAdditionalOptions=/compat IgnoreWarning

JoinDomain=sint-norbertus.be
DomainAdmin=####
DomainAdminDomain=###
DomainAdminPassword=####

TaskSequenceID=INSTALL
SkipTaskSequence=YES

EventService=http://####:9800

HideShell=YES 

Bootstrap

[Settings]
Priority=Default

[Default]
UserID=####
UserDomain=#####.##
UserPassword=####

KeyboardLocalPE=0813:00000813

DeployRoot=\#####\#####$

SkipBDDWelcome=YES
SkipTimezone=YES

Task sequense
You can skip capture user / group state in every step, this way the install takes less long. Restore from domain in last step of postinstall is issued for problems when computer won’t end the installation.

Change MDT language to nl_BE

This has to be done between updating deployment img and after creating task sequence.

Open file
#deployment share#\Control\INSTALL\Unattend.xml

Change

<InputLocale>0409:00000409</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>

To

<InputLocale>0813:00000813</InputLocale>
<SystemLocale>nl-NL</SystemLocale>
<UILanguage>nl-NL</UILanguage>
<UserLocale>nl-BE</UserLocale>
Set homepage Chrome

Set homepage Chrome

You can’t set the default browser page from Google chrome with gpo’s. So here is a script that will set the default page from your Google Chrome browser.

#paths for chrome policy keys used in the scripts
$policyexists = Test-Path HKLM:\SOFTWARE\Policies\Google\Chrome
$policyexistshome = Test-Path HKLM:\SOFTWARE\Policies\Google\Chrome\RestoreOnStartupURLs
$regKeysetup = "HKLM:\SOFTWARE\Policies\Google\Chrome"
$regKeyhome = "HKLM:\SOFTWARE\Policies\Google\Chrome\RestoreOnStartupURLs"
$url = "https://sint-norbertus.be"

#setup policy dirs in registry if needed and set pwd manager
#else sets them to the correct values if they exist
if ($policyexists -eq $false){
New-Item -path HKLM:\SOFTWARE\Policies\Google
New-Item -path HKLM:\SOFTWARE\Policies\Google\Chrome
New-ItemProperty -path $regKeysetup -Name PasswordManagerEnabled -PropertyType DWord -Value 0
New-ItemProperty -path $regKeysetup -Name RestoreOnStartup -PropertyType Dword -Value 4
New-ItemProperty -path $regKeysetup -Name HomepageLocation -PropertyType String -Value $url
New-ItemProperty -path $regKeysetup -Name HomepageIsNewTabPage -PropertyType DWord -Value 0
}

Else {
Set-ItemProperty -Path $regKeysetup -Name PasswordManagerEnabled -Value 0
Set-ItemProperty -Path $regKeysetup -Name RestoreOnStartup -Value 4
Set-ItemProperty -Path $regKeysetup -Name HomepageLocation -Value $url
Set-ItemProperty -Path $regKeysetup -Name HomepageIsNewTabPage -Value 0
}

#This entry requires a subfolder in the registry
#For more then one page create another new-item and set-item line with the name -2 and the new url
if ($policyexistshome -eq $false){
New-Item -path HKLM:\SOFTWARE\Policies\Google\Chrome\RestoreOnStartupURLs
New-ItemProperty -path $regKeyhome -Name 1 -PropertyType String -Value $url
}
Else {
Set-ItemProperty -Path $regKeyhome -Name 1 -Value $url
}
Chocolatey

Chocolatey

Chocolatey is an online ‘community’ where software is made available like apt-get in Linux. This makes it easy to use in script an makes updating software easy. The use off this in combination whit an unattended install makes great partners.

Installing programs becomes as easy as choco install chrome.

We have a script that makes it possible to install programs thrue chocolatey without installing it. The script is a powershell script. The script is called like this powershell.exe -NoProfile -windowstyle hidden -ExecutionPolicy bypass "%ScriptRoot%\Chocolatey\Install.ps1" -verbose -Packages "googlechrome"

MDT Cheat sheet

MDT Cheat sheet

Normal boot unattended install files.

Bootstratp.txt
Unattende file for boot image, lighttouch.

[Settings]
Priority=Default

[Default]
UserID=Administrator
UserDomain=domain.local
UserPassword=password
Deployroot=\\SNOR-WDS-AM\WIN10$
KeyboardLocalPE=0813:00000813
SkipBDDWelcome=YES
SkipTimezone=YES

Rules
Unattende rules for install image.

[Settings]
Priority=Default
Properties=MyCustomProperty

[Default]
OSInstall=Y
SkipBDDWelcome=YES
SkipCapture=YES
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerBackup=YES
SkipBitLocker=YES
_SMSTSOrgName=Running%TaskSequenceID% on %model%
SkipDomainMembership=YES
SkipFinalSummary=YES
SkipLocalSelection=YES
SkipPackageDisplay=YES
SkipPorudctKey=YES
SkipSummary=YES
SkipTimeZone=YES
SkipUserData=YES
SkipComputerName=YES
TimeZoneName=Romance Standard Time
UILanguage=nl-NL
UserLocale=nl-BE
Systemlocale=nl-NL
KeyboardLocal=0813:00000813
SkipAppsOnUpgrade=YES
SkipFinalSummary=YES
FinishAction=REBOOT
WindowsUpgradeAdditionalOptions=/compat IgnoreWarning

JoinDomain=ourdomain.local
DomainAdmin=adminaccount
DomainAdminDomain=ourdomain
DomainAdminPassword=domainadminpassword

TaskSequenceID=WIN10LTSC
SkipTaskSequence=YES
TimeZoneName=Romance Standard Time
UILanguage=nl-NL
UserLocale=nl-BE
Systemlocale=nl-NL
KeyboardLocal=0813:00000813
SkipAppsOnUpgrade=YES
SkipFinalSummary=YES
FinishAction=REBOOT
WindowsUpgradeAdditionalOptions=/compat IgnoreWarning
JoinDomain=ourdomain.local
DomainAdmin=adminaccount
DomainAdminDomain=ourdomain DomainAdminPassword=domainadminpassword

TaskSequenceID=WIN10LTSC
SkipTaskSequence=YES