0

For the Reset function, I go to Settings > Updates and Security > Recovery > Reset this PC. So this is a choice that I make, and on that basis I want to choose for that system to run a script after the Reset - and we know that should be possible as we can create completely customised Windows installation ISOs that install apps and Features in a clean state, so can someone tell me how to do a quite simple things - to just get Windows to run a PowerShell script after that Reset?

Actually, I only want to run a couple of lines:

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

i.e. This will enable RDP and allow me to connect remotely and continue the configuration without having to plug in a monitor and keyboard and mouse all just to run the above two commands. As per title, this is a non-Domain scenario so accessing the system as Domain Admin is not possible (and really a Domain should not be necessary, these are my systems on my local network).

The other reason that should make all of the above completely possible is that performing a Reset is not an absolute reset as it retains user information (my main user is still there with the password intact), so just enabling RDP would make everything possible post-Reset.

For reference, nothing in the following have helped me to achieve this goal so far: Run a powershell script on a remote system with elevated permissions to enable remoting https://interfacett.com/blogs/how-to-remotely-enable-and-disable-rdp-remote-desktop

YorSubs
  • 3,194
  • 7
  • 37
  • 60
  • Is [Run a script at startup only once and without logon](https://social.technet.microsoft.com/Forums/en-US/504a5a81-2c9c-45ed-8989-54417b3fc3a9/run-a-script-at-startup-only-once-and-without-logon?forum=winservergen) of help? – Luuk Dec 06 '20 at 10:27
  • I think it is *part* of an answer yes (this would be what I would want to happen) but not on the central problem of how to get that information injected into Windows such that, on the completion of the Reset operation, that script will be run. – YorSubs Dec 06 '20 at 10:35
  • I think the reset will only be completed after a restart of the OS (But that's just my opinion). So, running something directly at startup (once) seems valid. – Luuk Dec 06 '20 at 10:38
  • I am almost certain that this cannot solve the problem because the restart of the OS to perform the Reset would wipe this information (so the script cannot run, as the information initiating that script-run has been wiped by the Reset process). It would have to be a different method that tells Windows to perform this action after the Reset (and I've actually tried some methods along these lines, but none worked as the information was wiped during the Reset). – YorSubs Dec 06 '20 at 10:40
  • Ok, i dont have time (or resources) to try, but you can always do a second restart after the reset – Luuk Dec 06 '20 at 10:48
  • 1
    And that's the point Luuk - to do that, I would have to physically go to the computer, plug in a monitor and keyboard and mouse and then manually initiate running the script (I run these computers headless in the basement) ... in which case, I might as well just enable RDP manually since I've had to do all of that! I need to inject this "run a script" thing into the system such that the Reset will do that thing *after* the reboot). It's very much of general usefulness, i.e. "get Windows to do stuff after Reset" so I'm hoping that there is an answer. – YorSubs Dec 06 '20 at 10:50
  • Just to clarify, in case anyone reads this and thinks that a "Reset" is just "restarting the computer", the Windows 10 "Reset" function is very different - it uses the (I think) "SysWOW64" folder under system32 to flush the entire system back to a default state (the newest versions of Reset even allow downloading a pristine ISO from online, presumably to get around deep-rooted malware on a system). Injecting something into the Reset state should be possible as customisation like this has always been possible, but I've not found out how. – YorSubs Dec 06 '20 at 11:19
  • 1
    No, not the "SysWOW64", but the 'recovery partition' (it is described [here](https://www.diskinternals.com/partition-recovery/recovery-partition-and-how-to-delete-it/#:~:text=A%20recovery%20partition%20is%20a,only%20Help%20in%20Disk%20Management.) ). The SysWoW64 is explained here: [What’s the Difference Between the “System32” and “SysWOW64” Folders in Windows](https://www.howtogeek.com/326509/whats-the-difference-between-the-system32-and-syswow64-folders-in-windows/) – Luuk Dec 06 '20 at 13:56

1 Answers1

1

The easiest way to do this is to download PStools from Microsoft and use psexec to give yourself remote access:

psexec \\machinename reg add hklm\system\currentcontrolset\control\terminal server /f /v fDenyTSConnections /t REG_DWORD /d 0

psexec \\machinename netsh firewall set service remoteadmin enable
psexec \\machinename netsh firewall set service remotedesktop enable

psexec will let you supply credentials with -u and -p

Scepticalist
  • 3,737
  • 1
  • 13
  • 30