Category Archives: Administration


New Module: Creating an RDP file password with PowerShell

Windows_PowerShell_iconHere’s something that is surprisingly tricky to automate in this day and age. Creating a password and storing it in an RDP file. I’m not here to debate the security “knock ons” of doing this, it’s not in my interest and if I’m asked to do something despite advice against it, I do it!

But as always I figured I’d share this feature in case anyone else needs it.

So RDP files encrypt a password in a very specific way and details online are cagey.This is something I set about doing myself and I’m happy to annouce I’ve included it in the following Free Powershell module for your use!

Continue reading

Another handy little tool, Move On Boot.

red_copyUpon receiving a new dll from a support provider recently, I could not replace the existing file, as the file was in use by the system. A restart to safemode also wielded the same result. Dang!

I wanted to use the PendingFileRenameOperations registry key to instruct windows to copy a file during the boot process.

The issue with this key and behavior is that in order to tell windows to delete a file, the next line to the source file must be blank… if you manually try to add a blank line to regedit you receive the following error!


I needed an application to move a file during the boot process of windows before the service or handle held the file I wanted to replace open. I decided to write a new tool called MoveOnBoot.exe.

MoveOnBoot leverages the PendingFileRenameOperations registry key and the MoveFileEx Api to move the file on boot simply and easily.

Move on boot does the following:

  1. Adds the copy jobs to the PendingFileRename key you specify.
  2. Copies the new file into the target directory with an  _newer file extension.
  3. Optional: instructs windows to copy the current file to a _old extension
  4. instructs windows to replace the target file with the _Newer file.


How to use it:

Simply select the source and destination files as below:


Optionally choose to backup the target file during the operation with the check box above.

Once you have added all the files you need to replace, you can check the queue by going to file > view pending operations:


And that’s it! restart the device and let windows do the hard work.

Optionally, if you chose to backup the file as part of the operation, you will find an _old file in the target directory as below:

after reboot



Stand alone Binary.

Source code.

Support information:

  • Requires Administrator privileges.
  • Requires .net framework 2.0 or greater.


Using powershell as a replacement for the Change Logon command in Remote Desktop Services.

Still on my PowerShell buzz for the week, this is post 2 of 3 on some Remote Desktop Services / XenApp Powershell goodness!

This is one I’ve been meaning to post for quite some time, but other things got in the way. Mainly me forgetting how to use most of the powershell native methods due to having my head stuck in .net the last few weeks… Moving on…

While trying to find a method to check the status of logon’s to a Remote Desktop server via PowerShell, I didn’t have much luck. Either people are string scraping the output of the command using select-string or going to the registry and checking the raw Value with get-itemproperty. I wasn’t happy with either approach so I dug down into WMI and found the following.

From what I’ve found, the settings for enable, disable and the two drain modes are stored under the namespace rootcimv2terminalservices. Under the class Win32_terminalservicesetting.

There are two properties we are interested in here:

  • logons (0 = enabled, 1 = disabled*)
  • SessionBrokerDrainMode (0 = Disabled, 1 = DrainUntilRestart, 2 = Drain)

*why oh why 1 is disabled is beyond me, but I digress.

The order of priority is enabled / disabled first, before the drain options are referenced.

So what does this tell us? Well, a change logon /query is simply performing the following simple checks:

Change Logon /query

[sourcecode language=”powershell”]
gwmi win32_terminalservicesetting -N "rootcimv2terminalservices" | %{
if ($_.logons -eq 1){
Else {
switch ($_.sessionbrokerdrainmode)
0 {"Enabled"}
1 {"DrainUntilRestart"}
2 {"Drain"}
default {"something’s not right here!"}

Ok that’s great and all, we’ve now replicated change logon /enable, but how do we set these values?

Easy! Using the native PowerShell $_.put() method, we can push values back in.

Below you will find each “Change Logon” option in server 2008 R2 and the corresponding WMI property.

Change logon /Enable

[sourcecode language=”Powershell”]
$temp = (gwmi win32_terminalservicesetting -N "rootcimv2terminalservices")

Change Logon /Disable

[sourcecode language=”Powershell”]
$temp = (gwmi win32_terminalservicesetting -N "rootcimv2terminalservices")

Change Logon /Drain

[sourcecode language=”Powershell”]
$temp = (gwmi win32_terminalservicesetting -N "rootcimv2terminalservices")

Change Logon /DrainUntilRestart

[sourcecode language=”Powershell”]
$temp = (gwmi win32_terminalservicesetting -N "rootcimv2terminalservices")

And that’s it! now if you want to wrap this up in a function be my guest, or if you would like me to do so just drop me a line.

Adding Windows Media Player Codec’s to Windows Thin PC.

By default when you install windows thin pc, you get access to windows media player without codec’s. If you are using Windows Thin PC for Citrix products these codecs are vital for correct HDX Mediastream redirection.Below you will find a few quick and dirty steps to include the necessary codec’s in your Windows Thin PC image:


Acquiring the Codec’s:


1: Head over to the microsoft download site and download the Windows Embedded Standard 7 Service Pack 1 Tookit (part’s 1 to 8)
2: Once fully downloaded, run the Standard 7 SP1 Toolkit.part01.exe and extract the contents to a folder (e.g. c:toolkit)
3: Once fully extracted, browse to C:toolkitStandard 7 SP1 ToolkitDSPackagesFeaturePack (where the extract folder was c:toolkit).
4: In this folder, you will find the codec’s stored in folders beginning with “x86~winemb-premiumcodecs

5: Make a new folder in your c: drive called codecs, and copy the contents of the above folders into this new folder. The folder should appear as below:


6: Once we have the codec’s we can now integrate them using two methods, we can add them to a current machine, or add them to an installer image. Both Method’s are included below:


Online Method:


1: From a Windows Thin PC, run the following command from an administrative command prompt:

Dism.exe /Online /Add-Package /PackagePath:C:codecs /NoRestart


Integrating the Codec’s into an image:


1: Extract your ISO copy of the Windows Thin PC to c:windows_thin_pc

2: create a new folder to mount the image to, called c:mnt

3: Run the following command from an administrative command prompt:

Dism.exe /Mount-Wim /WimFile:C:Windows_Thin_PCsourcesinstall.wim /index:1 /MountDir:c:Mnt
Dism /Image:c:Mnt /Add-Package /PackagePath:c:codecs
Dism.exe /Unmount-Wim /MountDir:c:Mnt /commit

4: Once this completes, add your image back to Microsoft WDS, or write it to a usb key or DVD.


Note: if the command prompt reports DISM.exe is unavailable, grab a copy of the Microsoft WAIK.

Error (TakeOwnerAndDeleteKey) generated when creating a mandatory profile

Just a quick post, but I recently came across the below error while generating a mandatory profile and went about investing some time with Microsoft.

Before I go further, do you know how the correct procedure to create a mandatory profile in server 2008 R2? Are you sure? Because this hidden / badly documented article tucked away on Technet was news to me!

Now that that’s out of the way, after running the sysprep command and restarting you may receive the following error in the setupact.txt file and wonder, like me if this is something to be worried about.

2011-08-19 14:05:22, Info [Shell Unattend] CopyProfileDirectory from C:UsersAdministrator succeeded.
2011-08-19 14:05:22, Error [Shell Unattend] TakeOwnerAndDeleteKey failed (0x80070002)
2011-08-19 14:05:22, Info [Shell Unattend] CopyProfile succeeded

Fear not, having spoken to Microsoft (ref:111082230465165) this error can occur if the profile is deleted before the process has caught up, resulting in this strange, but harmless error. Your user profile is still a model template to be used as you see fit.


For a really good write up on how to create a mandatory profile in server 2008 R2 / Windows 7 head over to by @KBaggerman.