I'm hoping someone can help.
I'm trying to use wsusoffline updates at the end of unattend script deploying windows 7. The goal is to be completely unattended with no keyboard input. Although I'm running into the issue of being prompted to run the "Recallstub.cmd" as its been copied from an unknown location.
I use the firstlogoncommands to execute the following.
- Code: Select all
@echo off
net use w: \\<server>\wsus /persistent:no
w:
cd client\cmd\
call doupdate.cmd /instielatest /autoreboot
With this script and the combination of this reg file.
- Code: Select all
cmd /c reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\winlogon" /v AutoLogonCount /t REG_DWORD /d 2 /f
The machine is able to log back in so that recallstub.cmd can be executed.
This is where my problem starts. I'm unable to remove the open file security prompt for "recallstub.cmd"
I've tried putting the following in the unattend.xml to no avail.
- Code: Select all
cmd /c reg add "HKCU\Environment" /V SEE_MASK_NOZONECHECKS /T REG_SZ /D 1 /F
cmd /c reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" /V SEE_MASK_NOZONECHECKS /T REG_SZ /D 1 /F
I've even tried to inject the no zone check into the "PrepareRecall.cmd" without success
- Code: Select all
%REG_PATH% ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v WSUSOfflineUpdate /t REG_SZ /d reg add "HKCU\Environment" /V SEE_MASK_NOZONECHECKS /T REG_SZ /D 1 /F && "%SystemRoot%\Temp\WOURecall\RecallStub.cmd" /f >nul 2>&1
Can anyone offer some advise on how to resolve this issue or perhaps another way to implement it.