Restrict access to Command Prompt in Vista PE
Posted 02 June 2009 - 08:32 PM
The problem is as follows. We are currently getting things ready to switch over from booting to DOS to reimage machines to booting to WinPE so that we can use various scripts afterward to assist in things like the naming of machines automatically. Things are working fine, but since we have over a hundred machines in the public we need to figure out a way to keep them secure from public tampering while the image software (Symantec Ghost) and the scripts afterward are running. Having the prompt up could be troublesome for us and we are looking for solutions. As I said I've already found a number of dead ends, but as it could always be my error, I'm happy to hear anything I've already tried.
Posted 03 June 2009 - 06:19 AM
I mean, someone from the IT department physically walks to the interested PC, boots on it WinPE and starts the imaging or re-imaging, and then walks away leaving the PC unattended?
And after a good coffee comes back and finishes the work?
So you have to "protect the machine" in this lag of time?
Or the procedure is different?
Posted 03 June 2009 - 12:36 PM
Posted 03 June 2009 - 01:58 PM
Posted 03 June 2009 - 03:39 PM
That's it in a nutshell, except we don't have to come back and finish anything up, our scripts do that for us. After the imaging is done which we can monitor from a VC that connects to a computer, all we need to do is call over to where the computer was imaging and make sure that everything went through okay. So, we need to make sure users can't do anything during the process of imaging and scripting while it is still in PE.
So, there is a one way "call" at the physical location of the machine at the beginning and after that everything is done in Remote?
(which would rule out using something like Transparent Screen Lock, which if I remember correctly needs a user password being typed physically on the local machine)
And you cannnot "take control" from remote, disable keyboard/mouse and start the PE run from remote?
I have not a handy pre-made solution up my sleeve right now , but I'll have a look at the problem and let you know if I find something suitable.
P.S.: How good are you at programming (or have some willing programmer at hand )?
This could be an idea:
Posted 03 June 2009 - 04:28 PM
... we need to figure out a way to keep them secure from public tampering while the image software (Symantec Ghost) and the scripts afterward are running.
Must it be VistaPE ? - in BartPE this is trivial
Posted 03 June 2009 - 09:03 PM
As a note to Sanbarrow, I would consider switching, but the imaging software we are using is Symantec's GSS, which to an extent supports VistaPE booting. My bosses would prefer that we stay with what is supported... so unfortunately without spending enough time to convince them I would be unable to put it into practice.
Posted 03 June 2009 - 09:18 PM
Locking the keyboard should fulfill exactly what we need, let me take a look into this and code something up and see if it works. Thanks a bunch.
You are welcome.
Please note that what you want to do is probably the thing detailed here:
(linked to in the comments on the previously given article)
Cannot say if this works in PE 2.x too:
This one does:
though the need of .NET is simply appalling!
Other implementations (needing NOT such a large runtime):
(how old are your users? )
The "pro" version:
though Shareware, should be affordable.
Posted 03 June 2009 - 10:44 PM
As a note to Sanbarrow, I would consider switching, but the imaging software we are using is Symantec's GSS, which to an extent supports VistaPE booting.
Oops - I thought you were using ghost32
Posted 04 June 2009 - 04:02 PM
Posted 04 June 2009 - 05:10 PM
Just to follow up, using the idea of disabling the keyboard, I found some registry files that I can turn on and of with scripts to do what I want. It seems to be working fairly well for me. Thanks for all the help.
It would be nice if you could publish the Registry entries or give a link to where you found them.
The solution to your problem may help another user in the future.
Posted 25 August 2009 - 12:03 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users