This tip was submitted to the SearchWin2000.com tip exchange by member Vladimir Tankhimovich. Please let other users know how useful it is by rating it below.
I have a mixed Windows environment -- NT domain, NT/2000/XP clients, so I have to create custom policy templates to deploy features missing in NT such as Automatic Windows Updates or Windows Firewall settings.
Save the script below as a text file with .ADM extension, put the file on your PDC and run poledit.exe on it. In Options, add the new file to the list of templates, then create a new or open currently used policy. You will see the new entries under "Default Computer." Using this technique, you can add your own registry entries to deploy throughout domain.
--------------------------------------------------------
Automatic Windows Updates Settings:
--------------------------------------------------------
CLASS MACHINE
CATEGORY !!SUS
POLICY !!ServerAddress
KEYNAME "SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate"
PART !!ServerAddress EDITTEXT
VALUENAME "WUServer"
DEFAULT !!WUServer
MAXLEN 255
END PART
PART !!StatusServer EDITTEXT
VALUENAME "WUStatusServer"
DEFAULT !!WUStatusServer
MAXLEN 255
END PART
END POLICY
POLICY !!ClientSettings
KEYNAME "SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"
PART !!NoAutoRebootWithLoggedOnUsers CHECKBOX
VALUENAME NoAutoRebootWithLoggedOnUsers
VALUEON NUMERIC 1
VALUEOFF NUMERIC 0
END PART
PART !!NoAutoUpdate CHECKBOX
VALUENAME NoAutoUpdate
VALUEON NUMERIC 0
VALUEOFF NUMERIC 1
END PART
PART !!AUOptions CHECKBOX
VALUENAME AUOptions
VALUEON NUMERIC 4
VALUEOFF NUMERIC 3
END PART
PART !!UseWUServer CHECKBOX
VALUENAME UseWUServer
VALUEON NUMERIC 1
VALUEOFF NUMERIC 0
END PART
PART !!ScheduledInstallDay CHECKBOX
VALUENAME ScheduledInstallDay
VALUEON NUMERIC 0
VALUEOFF NUMERIC 1
END PART
PART !!ScheduledInstallTime DROPDOWNLIST
VALUENAME ScheduledInstallTime
ITEMLIST
NAME !!12am VALUE NUMERIC 0
NAME !!1am VALUE NUMERIC 1
NAME !!2am VALUE NUMERIC 2
NAME !!3am VALUE NUMERIC 3
NAME !!4am VALUE NUMERIC 4
NAME !!5am VALUE NUMERIC 5
NAME !!6am VALUE NUMERIC 6
NAME !!7am VALUE NUMERIC 7
NAME !!8am VALUE NUMERIC 8
NAME !!9am VALUE NUMERIC 9
NAME !!10am VALUE NUMERIC 10
NAME !!11am VALUE NUMERIC 11
NAME !!12pm VALUE NUMERIC 12
NAME !!1pm VALUE NUMERIC 13
NAME !!2pm VALUE NUMERIC 14
NAME !!3pm VALUE NUMERIC 15
NAME !!4pm VALUE NUMERIC 16
NAME !!5pm VALUE NUMERIC 17
NAME !!6pm VALUE NUMERIC 18
NAME !!7pm VALUE NUMERIC 19
NAME !!8pm VALUE NUMERIC 20
NAME !!9pm VALUE NUMERIC 21
NAME !!10pm VALUE NUMERIC 22
NAME !!11pm VALUE NUMERIC 23
END ITEMLIST
END PART
PART !!RescheduleWaitTime CHECKBOX
VALUENAME RescheduleWaitTime
VALUEON NUMERIC 1
VALUEOFF NUMERIC 5
END PART
END POLICY
POLICY !!AutoUpdateService
KEYNAME "SYSTEM\CurrentControlSet\Services\wuauserv"
PART !!AutoUpdateService2 CHECKBOX
VALUENAME Start
VALUEON NUMERIC 2
VALUEOFF NUMERIC 4
END PART
END POLICY
POLICY !!BITS
KEYNAME "SYSTEM\CurrentControlSet\Services\BITS"
PART !!BITS2 CHECKBOX
VALUENAME Start
VALUEON NUMERIC 2
VALUEOFF NUMERIC 4
END PART
END POLICY
END CATEGORY
[strings]
SUS="Software Update Service Settings"
ServerAddress="Windows Update Server"
ClientSettings="Client Settings"
WUServer="http://sus.trackdata.com"
WUStatusServer="http://sus.trackdata.com"
StatusServer="Windows Update Status Server"
NoAutoRebootWithLoggedOnUsers="No reboot when user logged on"
NoAutoUpdate="Enable Automatic Updates"
AUOptions="Automatically download and schedule installation of updates"
UseWUServer="Use local SUS Server"
ScheduledInstallDay="Schedule installation for every day"
ScheduledInstallTime="Installation Time"
RescheduleWaitTime="Start missed install 1 minute after AutoUpdate service starts"
BITS="BITS"
BITS2="Set BITS service to Automatic"
AutoUpdateService="Auto Update Service"
AutoUpdateService2="Set Auto Update Service to Automatic"
12am="AM 12"
1am="AM 01"
2am="AM 02"
3am="AM 03"
4am="AM 04"
5am="AM 05"
6am="AM 06"
7am="AM 07"
8am="AM 08"
9am="AM 09"
10am="AM 10"
11am="AM 11"
12pm="PM 12"
1pm="PM 01"
2pm="PM 02"
3pm="PM 03"
4pm="PM 04"
5pm="PM 05"
6pm="PM 06"
7pm="PM 07"
8pm="PM 08"
9pm="PM 09"
10pm="PM 10"
11pm="PM 11"
---------------------------------------------------------------
Disable/Enable Windows Firewall:
---------------------------------------------------------------
CLASS MACHINE
CATEGORY !!XPSP2Firewall
POLICY !!DomainProfile
KEYNAME "SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile"
PART !!DisableFirewall CHECKBOX
VALUENAME EnableFirewall
VALUEON NUMERIC 0
VALUEOFF NUMERIC 1
END PART
END POLICY
POLICY !!StandardProfile
KEYNAME "SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile"
PART !!DisableFirewall CHECKBOX
VALUENAME EnableFirewall
VALUEON NUMERIC 0
VALUEOFF NUMERIC 1
END PART
END POLICY
END CATEGORY
[strings]
XPSP2Firewall="Windows XP Firewall"
DomainProfile="Domain Profile"
StandardProfile="Standard Profile"
DisableFirewall="Disable Firewall"
This was first published in January 2005
Join the conversationComment
Share
Comments
Results
Contribute to the conversation