Post-Setup does not work, due to elevated rights

[Pufi1961]

ntlite post setup does not work. The script is not executed due to the UAC, since the installation can only be carried out with elevated rights. What do I have to set to run the script? if I run the script with elevated rights, the installation of all software packages works. There is no error in the script.

Thanks

pufi1961

 

[Kasual]

There is a checkbox option called OEM SetupComplete in the toolbar's Unattended page, check it.

 

[Pufi1961]

Thanks, If I activate the checkbox then the script will runs with elevated rights?

 

[Kasual]

The script already runs with elevated rights but sometimes isn't called, that's why activating the checkbox will run SetupComplete.cmd.

Also you can use oobe.cmd but it runs at earlier stage and some programs and commands will not run if depends on some services.

 

[Pufi1961]

Thank you for your quick response. Now the installation works. The error was true that I did not activate the checkbox and therefore Setupcomplet.cmd was not executed, even though it was present.

lg

 

[SomeTechGuy]

The script already runs with elevated rights but sometimes isn't called, that's why activating the checkbox will run SetupComplete.cmd.

Also you can use oobe.cmd but it runs at earlier stage and some programs and commands will not run if depends on some services.

I am curious about your command line for running the script in elevated status? Please share

 

[crypticus]

I am curious about your command line for running the script in elevated status? Please share

he didnt said anything about that. he said IT IS ALREADY ELEVATED BY DEFAULT. by microsoft.

 

[SomeTechGuy]

he didnt said anything about that. he said IT IS ALREADY ELEVATED BY DEFAULT. by microsoft.

Elevation depends on user acct:. "%WINDIR%\Setup\Scripts\SetupComplete.cmd: This script runs immediately after the user sees the desktop. This setting is disabled when using OEM product keys. It runs with local system permission. "
Souce: https://docs.microsoft.com/en-us/wi.../desktop/add-a-custom-script-to-windows-setup

So he must of been using a user acct with admin privileges.

 

[Kasual]

Elevation depends on user acct:. "%WINDIR%\Setup\Scripts\SetupComplete.cmd: This script runs immediately after the user sees the desktop. This setting is disabled when using OEM product keys. It runs with local system permission. "
Souce: https://docs.microsoft.com/en-us/wi.../desktop/add-a-custom-script-to-windows-setup

So he must of been using a user acct with admin privileges.

I'm doing nothing that I haven't share before, Specialize runs on first boot from the drive, you can add basic commands there when TI is needed and SYSTEM account is 'on duty', Administrator account runs at some point, don't know when because I haven't investigated but Administrator account is deleted and removed it's traces. The admin folder account is found in \Users when the image is mounted.

The link contains:

• %WINDIR%\Setup\Scripts\SetupComplete.cmd: This script runs immediately after the user sees the desktop. This setting is disabled when using OEM product keys. It runs with local system permission.

If Setupcomplete run after first logon by default, then setupcomplete runs before first logon when using this option:

The script already runs with elevated rights but sometimes isn't called, that's why activating the checkbox will run SetupComplete.cmd.

Also you can use oobe.cmd but it runs at earlier stage and some programs and commands will not run if depends on some services.

The script runs before first logon, at least in Win 7 and earlier versions.

The script doesn't run after seeing the desktop but I didn't paid attention to Win 10 and I gues it runs on logon.

 

[azajali43]

In Post-Setup section of NTLite, Click on arrow below Add placed at top-left area of program. And then select the "Add Command". You will appear a new row in the main area of the program. In the column "Item", You can type the name of the executable that you wish to run.

 

[TT9tWhD$q]

for importing Wlan profiles I leverage

forfiles /P %SystemDrive%\wlan /M *.xml /C "cmd /q /c netsh wlan add profile @path"

but that imports the profiles for all users due to netsh defaulting to user=all but instead I would prefer user=current, e.g.

forfiles /P %SystemDrive%\wlan /M *.xml /C "cmd /q /c netsh wlan add profile user=current @path"

With the latter option set however the WLan profiles are not available when the user's (local admin account) desktop shows. It seems that code is run under the SYSTEM account even with having the SetupComplete checkbox set/activated. Is there a way to run the code instead after the user is logged in (desktop shows)?

Similar importing a local security policy does not seem to pan out either.

secedit /import /db %windir%\security\database\secedit.sdb /cfg %SystemDrive%\secpol\ba.inf