Thursday, August 4, 2022

Find GPO's applied to a computer if the gpresult /r and rsop.msc failed to load due to permission

How to see the group policies applied to a computer if the gpresult /r and rsop.msc failed to load due to domain permission

Run the command prompt as administrator

Enter gpresult /Scope Computer /v

This will show all the GPO policies applied to the computer in detail.

 or Enter gpresult /r /scope:computer

Wednesday, August 18, 2021

Use office deployment tool to install Office365 on MDT Image

 Download the Office deployment tool from Microsoft

Extract the file to your local machine.

The extracted folder will look like below

Depending on the version, edit the .xml file or create a copy of the .xml file. I have made a copy of the .xml file and named it configurationx64.xml.

I have changed the <Display Level> from None to All to see the installation progress and select the Channel option to “Current.”

Read about the update channel using the below link

After updating the Configuratonx64.xml, I created a batch file called Install.bat and enter the below details

You can run the install.bat to install office 365 directly on the image. If you are installing directly on the image, make sure you don’t open any office application until you capture the image.

The other option is to download the office365 file and install it as an application.  

To download the office file, I have created a batch file called download.bat and enter the below details

Run command prompt as administrator and run the batch file. 

You will be able to see a new folder called office getting created under the office folder.

You can copy the file to the MDT server and create an application or copy the entire office folder to any machine and install it using the install.bat command. Since you have already downloaded files, the installation will be quick. 

Friday, January 29, 2021

Remove Windows 10 Built-In Apps when creating MDT Image

Before you run the script it is good to understand what is AppxPackage and AppxProvisioned Package

AppX packages – Applications installed with the operating system

AppX provisioned packages – Applications installed for each new user to a windows image.

The two commands which are used in the scripts are 

1) Remove-AppxProvisionedPackage 

2) Remove-AppxPackage

The Remove-AppxProvisionedPackage cmdlet removes app packages (.appx) from a Windows image. App packages will not be installed when new user accounts are created. Packages will not be removed from existing user accounts. To remove app packages (.appx) that are not provisioned or to remove a package for a particular user only, use Remove-AppxPackage instead.

In MDT, When we create a windows image, we make the changes in Audit Mode, which is the administrator account but when new user login for the first time after the deployment the user profile get copied from the Default Profile (Hidden by default).

Remove-Appx-ProvisionedPackage removes the packages from Default Profile so the new users will not see those packages when they log in.

Each windows version comes with a different list of Application. It's better to run the below commands and get the list.

Get-AppxProvisionedPackage -online | select DisplayName

Get-AppxPackage | select Name

Once you get the list and decide what you want to remove, you can add it to the $AppList and the script will remove the Apps from the image.

Create a powershell script by copying the below and run it on the MDT image

$AppsList = "Microsoft.BingWeather",

























ForEach ($App in $AppsList)


$Packages = Get-AppxPackage | Where-Object {$_.Name -eq $App}

if ($Packages -ne $null)


"Removing Appx Package: $App"

foreach ($Package in $Packages) { Remove-AppxPackage -package $Package.PackageFullName }


else { "Unable to find package: $App" }

$ProvisionedPackage = Get-AppxProvisionedPackage -online | Where-Object {$_.displayName -eq $App}

if ($ProvisionedPackage -ne $null)


"Removing Appx Provisioned Package: $App"

remove-AppxProvisionedPackage -online -packagename $ProvisionedPackage.PackageName


else { "Unable to find provisioned package: $App" }


Tuesday, January 12, 2021

Mapped Share Drive not showing all the files available for the User

In this case, User has got Finance Drive (F:\) Mapped on his computer and when he opens the F: Drive he can only see one folder

If you UNC to the Finance drive \\servername\sharedFolder\ User can see more than 100 folders available to him.

The permission was right, tried deleting the Drive using 'net use' command, and logged off and logged back.

The Drive Mapped fine but still showing only one folder.

When I right-click and select properties of F: Drive it was showing the File System as CSC-CACHE

I have Created a DWORD(32Bit) FormatDatabase under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Parametersset its value to 1

Restart the computer, and it will clear the MAP Drive Cache, and you will be able to see all the folder in the Mapped Drive

Thursday, December 24, 2020

"Driver PNP watchdog" after windows update on an MDT image (Windows10 20H2)

Error "Driver PNP watchdog" after windows update on an MDT image (Windows10 20H2)

I am using VMware to build and capture the image. The solution is to remove all the snapshot before updating windows. Once the upgrade finishes and restarts, you can create snapshots, and it will not cause BSOD when you restart the machine.

Friday, July 10, 2020

Create AD Account in Bulk Using PowerShell

There are quite a few articles on the internet how to use PowerShell to create a Bulk AD Accounts but what I found is they are not covering how to add or change certain attributes. I have created this script with the help of some awesome guys on the internet.


# Import active directory module for running AD cmdlets
Import-Module ActiveDirectory
#Store the data from ADUsers.csv in the $ADUsers variable

$ADUsers = Import-csv C:\Users\senju\Desktop\ADUser\bulk_users1.csv

#Loop through each row containing user details in the CSV file 
foreach ($User in $ADUsers)
#Read user data from each field in each row and assign the data to a variable as below

$Username = $User.username
$Password = $User.password
$Firstname = $User.firstname
$Lastname = $User.lastname
$OU = $User.ou # Right click on the existing account, goto attribute editor and doubleclick distinguishedName and copy everything after CN
       $email      = $
      $Password   = $User.Password
      $Description = $User.Description
      $MailNickName =$User.MailNickName
      $HideAddress =$User.HideAddress
      $Proxyaddresses =$User.Proxyaddresses
#Check to see if the user already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
#User does not exist then proceed to create the new user account

#Account will be created in the OU provided by the $OU variable read from the CSV file
     New-ADUser `
            -SamAccountName $Username `
            -UserPrincipalName "$Username@labo.local" `
            -Name "$Firstname $Lastname" `
            -GivenName $Firstname `
            -Surname $Lastname `
            -Enabled $True `
            -DisplayName "$Firstname $Lastname" `
            -Path $OU `
            -EmailAddress $email `
            -Description $Description `
            -AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $False -PasswordNeverExpires $True
Set-ADUser -Id $UserName -Add @{
                MailNickName =$MailNickName

Set-ADUser -Id $UserName -Add @{
                msExchHideFromAddressLists =$HideAddress

      Set-ADUser -Identity $UserName -add @{

Set-ADUser -Identity $Username -Enabled $True


Remember to change the below items

1) Location of the CSV File
   $ADUsers = Import-csv C:\Users\senju\Desktop\ADUser\bulk_users1.csv

2) UPN 
   UserPrincipalName "$Username@labo.local (Should be your Domain)

3) Format of the excel sheet as shown below

Sunday, June 21, 2020

MDT Sysprep and Capture Fails - WinMain:The sysprep dialog box returned FALSE

In my case, the Sysprep shows running during the task sequence, but the machine restarts immediately. Upon restart, the TS fails with the below error

I have checked the setupact.log, but everything looks alright except the below line.

WinMain:The sysprep dialog box returned FALSE

So I have checked the setuperr.log and only found the below lines

Error      [0x0f0043] SYSPRP WinMain:The sysprep dialog box returned FALSE
Error         [0x0f0043] SYSPRP WinMain:The sysprep dialog box returned FALSE
Error      [0x0f0043] SYSPRP WinMain:The sysprep dialog box returned FALSE

Most of the time, Sysprep fails due to one or more windows I always run the below command before the capture.

Get-AppxPackage -allusers | where-object {$ –notlike "*calc*"} | where-object {$ –notlike "*photo*"} | Remove-AppxPackage

The capture was still failing. I have double-checked by running the below command and made sure that the windows apps are removed. (Note: I haven’t removed any .net framework apps)

Run Get-AppxPackage -AllUser | Where PublisherId -eq 8wekyb3d8bbwe | Format-List -Property PackageFullName,PackageUserInformation

Below is what I did to fix my issue with Sysprep.

        Made sure Windows is up to date by running windows update.

      Updated Java to the latest version

     Checked the registry Sysprep registry keys (In My case CleanupState DWord was missing)

Set to value: 2

HKEY_LOCAL_MACHINE\SYSTEM\Setup\Status\SysprepStatus\GeneralizationState\Set to value: 7
Set to value: 1 

     Delete the Sysprep Panther folder (C:\windows\system32\sysprep\panther)

        Restarted the machine and after the restart, the Sysprep ran successfully in Task Sequence.

Find GPO's applied to a computer if the gpresult /r and rsop.msc failed to load due to permission

How to see the group policies applied to a computer if the gpresult /r and rsop.msc failed to load due to domain permission Run the command ...