Mark Minasi's Tech Forum
Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
BtilEntrails

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 26
Reply with quote  #1 
Looking to automate and mimic the following steps;

If you do a taskkill /f /im explorer.exe the device is left with the following situation.

The user desktop goes blank and no desktop icons or taskbar is being displayed. To recover a machine from this state, our Help Desk will open Windows Task Manager and then click on Files > New Task (Run...) and this will open the Create New Task dialog box. Then the Help Desk staff will type in Explorer.exe and then Enter.

This will bring back the desktop and the task bar.


Some background on what is happening and the need:
When this is seen by our Help Desk, is when doing an uninstall from Software Center / SCCM. The vendor uninstall is executed while the user is logged in, but with the SCCM Elevated Admin account, which is the System Account for Windows. When the Help Desk clicks on the uninstall from Software Center, most everything closes leaving just the SCCM / Software Center interface.

Since Software Center stays open, we are hoping to advertise from Software Center another application / utility that can be ran with the current logged in user credentials (which is supported in SCCM) or runas level of "asInvoker".

When we attempt to script the above actions, when Explorer.exe is executed, it opens an Explorer Windows only, and does not recover the desktop and taskbar.

Anyone have knowledge on how to script Explorer.exe to open and have the desktop and task bar appear over just a folder to open?

Thanks in advance.

__________________
Deep Thoughts by Jack Handey - "It takes a big man to cry, but it takes a bigger man to laugh at that man."
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 376
Reply with quote  #2 
Hi,

I wouldn't go this route, or advise anybody to do so. What I would try instead is,

  • modify vendor uninstall to leave out killing explorer.exe (by adding an MST or something)
  • if that is not possible, *mimic* the vendor uninstall instead of executing it, again, leaving out killing explorer.
  • have the uninstal action log off the user as the last task (and display a warning in the software center that the uninstall will have that effect)
  • package the uninstall separately fron the install and have the service desk advertise the uninstall *if no user is logged on*

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
BtilEntrails

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 26
Reply with quote  #3 
Sorry for the long reply:

The battle has been painful, but we are working to take away local admin from users and the uninstaller is already one that has been automated and typically a reboot after uninstall would be the normal best practice. Typical MSI install / uninstall would be that in use files or services would be removed through a reboot.

Reboots are out of the questions as this is medical hardware, so when I say "uninstall" it is actually a VB script already being used (not the typical MSIEXE /x) in this case. Everything a typical MSI /X uninstall would do, this script is doing a complete cleanup for the files and folders, remove shortcuts and delete registry keys. But, for this applications, it is one that has a DLL in use and it is hooked into Explorer.exe as a right click component or feature. So Explorer has to be killed, then the service is stopped and then the service can be unregistered and removed and the DLL and the folder it resides within, it then can be deleted.

When the uninstall is done while a user is local admin and ran with their credentials (Not the NT AUTHORITY\System), then Explorer is killed to allow the running DLL / Service to unhook so the file and folder gets removed at uninstall. Once the uninstall is done, then the vendor uninstall launches Explorer and the desktop comes back because the user is the logged in user account being used. This is a script already and moving this into SCCM introduces the problem we are trying to come up with a work around.

The uninstall works from SCCM as well, but because SCCM uses the System account and Windows does not allow the NT AUTHORITY\System account to open Explorer or mimic the user account to recover the desktop / taskbar (which is a good things to keep the OS secure).

What the vendor is doing works if the user is a local admin, but we are taking local admin away. Plus we want to support this app from SCCM / Software Center and not be a manual process per every device as it use to be until we moved it into SCCM and started to see this issue.

Using Software Center is needed, deployments or pushes from SCCM are not perfect and the users call the Help Desk. The Help Desk are to install the newer version of the app that was missed during the deployments / pushes, of which at install for the newer version, the uninstall for the older version needs to happen first to avoid issues. The uninstall leaves the Software Center interface open, but all else is closed. Since SCCM is open and we can advertise to allow a script to be used and that it will run in the user context and not NT AUTHORITY\System, we are hoping to automate a utility that will allow the Help Desk to use and have Explorer.exe startup and not have to open Task Manager and do all those steps from my first post.

The biggest complaint is they cannot even restart the device because the taskbar is missing as well.

We first gave them a reboot that can be done from Software Center, but that became an issue and complaint. So that is how it ended up with needing to recover the desktop by opening Explorer. [rolleyes]

Since the user would be clicking on the button in the Software Center interface and the user context would be that of the logged in user and not the NT AUTHORITY\System account, not sure why Explorer is not opening correctly and recovering the desktop / taskbar.

__________________
Deep Thoughts by Jack Handey - "It takes a big man to cry, but it takes a bigger man to laugh at that man."
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.