Bitlocker .tpm file

This text can be used to create a recoveryfile for TPM. Recovery password is in most cases backuped to Active directory.

The password hash is what you should change.

Save it as “filname.tpm”.

<?xml version="1.0" encoding="UTF-8"?>
<!--
File for TPM recovery.
-->
<tpmOwnerData version="1.0" softwareAuthor="Microsoft Windows [Version 6.1.7600]" creationDate="" creationUser="domain\user" machineName="MachineName">
<tpmInfo manufacturerId="1229346816"/>
<ownerAuth>PasswordHash</ownerAuth>
</tpmOwnerData>

July 20th, 2010 in Misc | No Comments

List ComObjects Powershell.

Dir registry::HKEY_CLASSES_ROOT\CLSID -include ProgID -recurse | Foreach-Object { $_.GetValue("")}
June 24th, 2010 in Misc | No Comments

Adobe FTP

ftp://ftp.adobe.com/pub/adobe/

FTP for Adobe Software.

June 20th, 2010 in Misc | No Comments

Start a advertised program from a “link”.

I have created a little program for starting advertised programs with a link on the desktop or the start menu.

HowTo use it:

Create a Registry key with two string values. Like this:

HKCU:\Software\ravnda.net\RunApp\0\

ProgramID = “InstallAdobe”
PackageID = “C01002d”

You then create a link to runapp.exe with the parameter “0″.

NB:

You can call the registry key under RunApp what you want. This is used for the link.

Download:
Setup.msi

June 13th, 2010 in ConfigMgr 2007 | 1 Comment

Run Program from VBS!

The code for the VBS on the MSDN site was wrong.

Here is the working code:

———————————————————————–

Call RunProgram (“ProgramID”,”PackageID”)

Sub RunProgram(programId, packageId)
On Error Resume Next
Dim oUIResource
Dim oPrograms
Dim oProgram

Set oUIResource = CreateObject (“UIResource.UIResourceMgr”)
If oUIResource Is Nothing Then
wscript.echo “Could not create Resource Object – quitting”
Exit Sub
End If
if oUIResource.IsMandatoryProgramPending = 1 Then
Wscript.Echo “Mandatory program pending. Try again later.”
Set oUIResource=Nothing
Exit Sub
End If
Set oProgram = oUIResource.GetProgram(programId,packageId)
if oProgram is Nothing Then
WScript.Echo “Couldn’t get the program”
Set oUIResource=Nothing
Exit Sub
End If
Wscript.Echo “Running program: ” & oProgram.FullName
oUIResource.ExecuteProgram programId, packageID, true
Set oProgram=Nothing
Set oUIResource=Nothing
End Sub
—————————————————————
The ProgramID is the name of the program that should run (ie: the name you give to the program in the package). You can easily get it by running that query in SQL Manager on your database: select * from pkgprograms where pkgID = ‘nn’ where nn is your PackageID.

The script is now running fine on my side and Microsoft will correct the script posted on the MSDN website as soon as they can.

From:

http://social.technet.microsoft.com/Forums/en/configmgrswdist/thread/e30694ec-cceb-40d2-a370-1dd2aed87a92

Good To Know: http://msdn.microsoft.com/en-us/library/cc143667.aspx

June 5th, 2010 in ConfigMgr 2007 | No Comments

ConfigMgr 2007 – Task Sequence, Join Domain

When adding a machine to a domain, with ConfigMgr 2007 there can be a problem to assign them to the default “Computer” OU.
If you want the computer to be in “Computer” OU, you should leave the field blank.

May 26th, 2010 in ConfigMgr 2007 | No Comments

ConfigMgr 2007 – WinPe with PXE

It’s important that you distribute both x86 and x64-bit versions of WinPe to PXE share. For all new computers are x64, and need files from that.
And as a good practise I would recommend to only use x86 WinPe to distribute 32- and 64-bit Operating System.

May 18th, 2010 in ConfigMgr 2007 | No Comments

PowerShell: Download file from internet

Download file from internet:

$client = new-object System.Net.WebClient
$client.DownloadFile( $url, $path )

May 11th, 2010 in Scripts | No Comments

Check if KMS is set in DNS

nslookup -type=all _vlmcs._tcp

May 11th, 2010 in Misc | No Comments

Windows 7 Bitlocker with Command Line

Create Bitlocker Partition:
- If the machine allready has a partition with 100 -300 mb, this command will not be necessary.

Bdehdcfg.exe -target default -quiet

Turn on the TPM:
- Enable the TPM Chip on the machine.

manage-bde.exe -tpm -turnon

- Takes OwnerShip of the TPM and sets the password to what you want.

manage-bde.exe -tpm -takeownersip “Password”

Turn on Bitlocker:
- This command line will enable Bitlocker, and set the recovery password to “123456-123456-123456-123456-123456-123456-123456-123456″. Keep it safe for this command will not take backup of the key. It will also set the PIN code to 1234. The PIN code will be used every time the machine starts.

manage-bde –on C: -RecoveryPassword 123456-123456-123456-123456-123456-123456-123456-123456 -TPMandPIN 1234

NB: To enable the TPM with PIN you have to change a POLICY in GPO (AD), Local
GPO or with a registry file(Easy fix if you enable Bitlocker with SCCM).

GPO (AD and Local Computer Policy):
Computer Configuration -> Administrative Templates -> Windows Components -> BitLocker Drive Encryption -> Operating System Drives ->  Reguire additional authentication at startup = Enable
Registry:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE]
“UseAdvancedStartup”=dword:00000001
“EnableBDEWithNoTPM”=dword:00000001
“UseTPM”=dword:00000002
“USETPMPIN”=dword:00000002
“UseTPMKey”=dword:00000002
“UseTPMKeyPIN”=dword:00000002

May 10th, 2010 in Windows 7 | No Comments
←Older