Remotely Access the Registry

Posted on Leave a commentPosted in PDQ Inventory, Reports

At our last live webcast (you can sign up to join our free IT webcasts here), we discussed Custom Tools and shared some of our favorites. Below is a download for a favorite utility that allows you to remotely access the registry of a target computer you can import for use on your PDQ Inventory console. There are also report filters you can import in to PDQ Inventory for finding local admin accounts on your network. Please note that this utility is not supported by Admin Arsenal and it only works in English. This is a utility that Shane wrote years ago while he was annoyed (and probably drunk) at the lack of remote registry capabilities in Windows.

Enjoy!

What are Custom Tools?

Using the Custom Tools feature allows you to create keyboard shortcuts to call your favorite tools and utilities. If you have a program/utility that can called from the Command Line (CLI) then you can integrate it with PDQ Inventory. You can set up these Custom Tools by going to File > Preferences > Custom Tools.

Remotely Access the Registry with a Custom Tool 

A favorite utility allows you to open the registry on a target machine. In the webcast it was called “Remote Registry”.
After you unzip this file rename the two .exe.rename files to end in .exe. Use the StartReg64.exe if the console machine is running on a 64-bit OS. There is also a PNG showing the syntax for use in a Custom Tool.

Using PDQ Inventory to Find Local Admins

There are three XML files in the download below to import into PDQ Inventory. In the webcast, Shane walked through each of these examples and how the filters are set up. Click here to jump to that portion of the webcast.

Click here to download the report filters.

 



 


PDQ Deploy 11

Posted on Leave a commentPosted in PDQ Deploy, Uncategorized

New Additions

PDQ Deploy 11 is here and includes some great new additions to its already powerful lineup of features. You can upgrade PDQ Deploy to version 11 by clicking the “A new version is available” notice in the status bar of your console. If the update link is not visible, go to File > Preferences > Auto Update Alerts; this will now alert you to all future versions available. You can also download the new release here; PDQ Deploy 11. Let’s dive into some of the new additions.

Drag and Drop to Change the Order of Steps in a Package

PDQ Deploy 11 makes it easy to change the order of steps in your package with drag and drop functionality. Let’s say you create a package with the Install Step as step number one.

new-drag-step-1

However, what if you decide that it would be a good idea to send your users a message before the package begins to install? You now have the ability to simply drag and drop to change the step order. Now the Message Step is step number one. Use this drag and drop functionality to easily place your package steps in the desired order.
new-drag-step-2

Removed the Default Install Step of a New Package

PDQ Deploy 11 gives you more control over your package creation. We understand that not all packages start with an install and so the default Install Step has been removed. On the PDQ Deploy Main Console window, click File > New Package. A new blank Package window opens with Package Properties selected allowing you to add a New Step. Now you have total control to choose the individual steps and the order of those steps in your package.

new-new-new-step

New Option in Install Step for Installation Requires Source

There are some installations that require a source path if additional features, modifications, or repairs need to be made locally by the end user. PDQ Deploy 11 now gives you the option to have these files saved on the target computer. (Pro or Enterprise mode required) This feature is only available on an Install Step and is used for applications that specifically require a local copy/path of the original installation files in order to perform post-deployment programmatic modifications.

installation-requires-source
Other Features and Fixes

There are other hidden gems in PDQ Deploy 11:

  • Variables can now be used in the email body of the Post Deployment Notification (Pro or Enterprise mode required).

email-variables

  • Added a Report Summary to the attached report included in a Post Deployment Notification (Pro or Enterprise mode required).

report-summary

  • The ability to open Elevated Command and PowerShell prompts from within the Help Menu.

commands

  • Direct link to the Output Log in the Deployment Computer List and More Info window when encountering an error with a step.
  • URLs in Package Details and Package Descriptions are now hyperlinks.
  • Issues with sorting during a running deployment has been fixed.
  • Clarified the Logged On State when a user is logged on.
  • Other minor bugs and enhancements.

We’re excited about the great new additions to PDQ Deploy 11  and hope you enjoy the added flexibility these additions bring.

Click to get the latest PDQ Deploy 11.


Managing Your Users’ Web Browser with Browser Router

Posted on Leave a commentPosted in Uncategorized

Ever have a website your users need to use a specific browser to access? Or perhaps you need a particular browser to be the default browser. Getting users directed to the correct browser can be done with a little set up using the Browser Router in PolicyPak.

First, you’ll need to make sure that you have the desired browser deployed to your target machines. PDQ Deploy makes deploying the correct browsers to your target machines a piece of cake.

Setting Up the Browser Router

First things first, you’ll need to create a new GPO. Right click on your newly created GPO and select edit to open your Group Policy Management Editor. If you have PolicyPak loaded, you’ll have the PolicyPak module loaded. Don’t have PolicyPak? Check it out here and get a free trial.

If you expand PolicyPak you’ll see the Browser Router node. To start putting together your settings, create a new collection by right-clicking the blank area and clicking (surprise!) New Collection.

add new collection browser router

Now you’re ready to start defining policies and defaults for all your users.

Set a Default Browser

Setting a default browser is straightforward and simple. Right click and select “Add New Default Browser”. Choose your browser and you’re set!

Select Browser

Default Browser Exceptions;  Routing Users to the Correct Browser

Having a default browser is great, but let’s say you have a site that only wants to work with a specific browser and it happens to be a browser other than the default browser. Simple, just click Add > New Policy. Then add in the URL,  and select a browser. That site will now use the designated browser.  

Specific site browser

 

Wild Cards

You can easily set up Wildcards with the Browser Router. In this example, let’s say you only want to use Chrome when visiting anything in Googleland. By using the *google* wildcard you can set Google Chrome as the default browser.

Wild Card

 

Blocking Sites

Need to Block a specific site? No problem. With the PolicyPak Browser Router you can easily define a blocked site and even display a pop up message to the user.

Block site

Local Intranet Browser

Many businesses have a local intranet security zone that requires the use of a specific browser for things such as time cards and other applications. Browser Router can easily make those accommodations. Just click “Internet Security Zone” then select “Local Intranet” from the dropdown menu and designate the appropriate browser.

Local Intranet

 

The Browser Router in PolicyPak gives you total control of what browsers are used in your environment. You can now use the right browser for the right job. For a detailed walk through and to see the Browser Router in action, click on the video below.

 

 


PDQ Inventory 10

Posted on 2 CommentsPosted in PDQ Inventory, PowerShell

New Features

The latest PDQ Inventory 10 is now available and it includes some highly requested features! PDQ Inventory can be upgraded to version 10 by clicking the “A new version is available” notice in the status bar of your console. You can also download the new release here; PDQ Inventory 10. Read on to discover all the new possibilities.

Hide Collections in the Collection Library

Do you love using the Collection Library, but would like to only see the collections that pertain to you and remove a lot of the clutter? Well, you are in luck, as this can now be accomplished in PDQ Inventory 10. Simply hide any collection within the collection library to customize your view. (Enterprise mode required). To hide collections, select the collection(s) in the console, right-click and check View > Hide Library Collection. Hiding a parent collection will always hide the child collections by default.

Context menu

 

The Collection Library page itself will always display all hidden collections and the ability to display in the tree can be easily toggled on and off using View > Display Hidden Library Collections (or Preferences > Interface). Hidden collections are identifiable by their opaque icon and opaque text. For ease of identification, parent collections of hidden collection(s) are also displayed with an opaque icon, however, the text is not opaque.

Display Hidden Collections

 

Because of this powerful new feature, we will be able to bring even more library collections your way. Keep your eyes peeled!

Wake-on-LAN and PowerShell added to Remote Command

Didn’t think Remote Command could get any more powerful than it already is? Well, think again. In PDQ Inventory 10, we’ve now added the ability to initiate a distributed Wake-on-LAN and run PowerShell cmdlets directly from this tool (Pro or Enterprise mode required). To access Remote Command, select the computer(s) to which you wish to execute a remote command and select Tools > Remote Desktop (or Ctrl+Alt+R).

Remote Command

Other features and fixes

Included in this release are many other smaller, but just as tasty morsels:

-The Program, Publisher, and Version of the Hot Fix table can now be used in Collections and Reports.

-Firmware Revision column has been added to the Disk Drives page.

-Other minor bugs and enhancements.

We hope you enjoy this release as much as we enjoyed bringing it to you. As always, we welcome your feedback.

Click to get the latest PDQ Inventory 10 release.

 




Set User-Side Group Policy With PolicyPak Admin Templates Manager

Posted on Leave a commentPosted in PDQ Deploy

So let’s say you’ve got some specialty computers such as lab computers, sales computers or conference room computers. These computers have different users logging on at different times throughout the day. You’d like these specialty computers to eat just “some” user side policy settings enabling them to maintain the same user settings regardless of who logs on. Normally you’d have to use very complicated Group Policy loopback mode to force your computers to eat user side policy. The downside is that you’ll end up with way more settings than you need making it impossible to manage the experience. The answer? PolicyPak Admin Templates Manager. With PolicyPak Admin Templates Manager you’ll be able to gently force your computers to eat user side functions.

Force Computers To Eat User-Side Functions

From the PolicyPak console, go to “Standard Computers” and create a new GPO. Then simply create a name for your new GPO.

Name GPO 1

Now go to the Computer Configuration side to the PolicyPak node and click on Administrative Templates Manager. Click “Add New Policy”.

GP Management editor

In the upper left of the New Admin Template Entry window, you’ll want to check the “User Policy” button. Now, under the Administrative Templates window, you’ll see several options that you can access. Let’s go to “Start Menu and Taskbar”.  Once clicked, you’ll be presented with a list of available options. Let’s select “Remove Help menu from Start Menu”.

User policy list

In the new window, click “enable” and you’re set. 

Enable

Now, in this example, all users who logon to this machine will have the “Help Menu” removed from the Start Menu. You’ve successfully taken a user side function and delivered it to your specialty computers for all users using the PolicyPak Admin Templates Manager. To see each step in action, check out the video below.




How to Enforce Firefox Settings

Posted on 2 CommentsPosted in Deployment Examples, PDQ Deploy

It’s simple enough to get Mozilla Firefox remotely installed on your computers, but how do you keep users from changing settings and potentially leaving your network vulnerable? In this post we’ll first silently install Firefox on machines, and then enforce Firefox settings using group policy.

Silently Installing Firefox

Mozilla Firefox is one of the many deployment packages available in the Package Library. With a PDQ Deploy Enterprise licence you can import this ready-to-deploy package (which we recommend as the package has additional steps to uninstall past versions of Firefox and other steps that also help avoid installation errors). With the free version you can also create this package to quickly install Firefox.

  1. Add the Firefox Setup exe in the Install File field in your install step
  2. Add silent parameter -ms to the Parameters field.
  3. Save and close, you’re ready to deploy. Simply highlight your newly created package in the left tree and click the Deploy button in the right corner. From there you’ll be able to deploy right away or schedule (Pro or higher) and select deployment targets. silently install firefox enforce settings


Enforce Firefox Settings

Watch this video to learn how to set up PolicyPak, the video will also show you where to find and how to add  “Paks” which you’ll need to help quickly manage hundreds of applications.

  1. First things first…in your Group Policy editor, add a new GPO. Right click and select edit.
  2. Now you’re ready to hit up the PolicyPak module. Click Application Settings Manager, right click and select the Mozilla Firefox pak. (The video link above will show you how to set up these paks.)
  3. Double-click on the Firefox application now listed to start editing you settings. As you make changes right click and select the lock down option you desire to enforce settings in Firefox. enforce firefox settings


How To Silently Deploy AutoCAD with PDQ Deploy

Posted on Leave a commentPosted in PDQ Deploy

Deploying AutoCAD may seem like a daunting task, however PDQ Deploy makes it’s easy to silently deploy AutoCAD.  We’ve also included a step-by-step instruction video at the bottom of this page. Let’s dive in.

How to Silently Deploy AutoCAD

The first step is to grab your installation files. We recommend placing the installation files on an accessible file share location. Now navigate to the installation files on your file share location, and run “setup.exe”. 


setup screen shot

By running the setup.exe file, you will be given the option to install or create a deployment. We will choose to create a deployment using the AutoCAD deployment tool.


Create Deployment

Now let’s configure our deployment. Give your deployment a name in the “Deployment configuration name” field. The “Administrative image path”  field is where you will designate a location on a file share where you want the AutoCAD deployment files to be copied. The other fields on this screen provide additional options. Remember to check “Run installation in silent mode” under the “Installation Settings” section in order to silently deploy AutoCAD.


Deployment config field

Next, you’ll need to accept the EULA and input your serial number or whatever method you use to license your AutoDesk products. 


ULA

The next window will allow you to further customize the AutoCAD deployment. Once you’ve determined your deployment settings, click “Create”. Now AutoCAD will compile the prerequisites for installation and prepare everything that you selected for this deployment. This process may take several minutes, so be patient.


AutoCAD config screen

Once AutoCAD has finished creating the deployment, you may want to click “Add Updates” to check for any product updates that may be available. If there are updates available, the auto deployment tool will append them to the installation.


Updates to AutoCAD

Navigate to the designated location on your file share where you copied your deployment files. You’ll notice there is a shortcut file with the name you created for your deployment. Right click and go to the properties of that shortcut file and copy the information in the target field. 

File Location

Properties

Sending Out Your AutoCAD Deployment

It’s time to open up PDQ Deploy. Go to “New Package” and create a deployment name.

Next, click “New Step” and create a “Command” step. In the package properties window delete the default install step.  Now paste the information that you previously copied from the shortcut properties into the command step field. If you see a “/Trial” within the string you can remove it.

Command step trial

This next step is very important. Right after “\Setup.exe \” you will insert a “/W /” (with a space after the W).  It should look like this; “\Setup.exe  /W /qb”. The “W” tells the deployment to run the command and then wait for the other sub-processes to finish before it returns. Without, you will likely get a 259 error code.

Command Step

A couple of other items to take note of:

  • If you have spaces in your path you will need to put them in double quotes up to the “/I” Anything after that you do not need to use double quotes.  
  • Notice the “/qb” . This means “Quiet Basic”. Under this setting if a user is logged on they may see status updates appearing on their screen. To enable a totally silent deployment, you may use a “/q”. DO NOT use a “/qn” as this will cause your deployment to hang. We recommend using “/qb” for a higher success rate.

Command Step 2

Now go to the Conditions tab and change your OS to Windows 10, 8.1, and 7. You’ll also want to change the Architecture to 64-bit.

OS Version

Under the “Options” tab,  if you are deploying with the “/qb” previously mentioned, you’ll want to change the “Run As” field to “Deploy User (Interactive)”.

Deploy user interactive

Next, since we are doing a command step, we need to enter success codes. For this deployment enter the codes; 0,1641,3010

Success codes

That’s all you need to do to build the deployment. Now let’s choose our targets and silently deploy AutoCAD. You can choose your targets several ways, but for our example we’ve chosen two targets using PDQ Inventory. Once your targets have been selected, click “Deploy Now”.  

Deploy Now

Remember, this deployment could take anywhere from 5  to 30 minutes depending on the speed of your network, so be patient. Once the deployment has finished, you’ll see the AutoCAD desktop icon on your target computers. You could also verify a successful installation by using PDQ Inventory. Congratulations! You’ve silently deployed and installed AutoCAD. To view a step by step tutorial, click the video below. 




Adding Console Users to PDQ Deploy

Posted on Leave a commentPosted in PDQ Deploy

We made some pretty big changes in PDQ Deploy 10. One change that may have caught a few PDQ Deploy users off guard is the need to add console users for access to the PDQ console instead of simply having local admin privileges. Adding console users is especially important for those using the command line interface to use PDQ Deploy.

Adding Console Users to PDQ Deploy

If you go to File > Preferences > Background Service, you will see which user processes all background tasks for PDQ Deploy. It is also in this window that you can add console users. Console users are Windows users that have access to the PDQ Deploy console.

adding console users

After adding the computer name you’ll need to type the password for the background service user (not the user you are adding)

Alternatively, admins are added by logging in after starting PDQ Deploy. If the user opening PDQ Deploy is not a registered console user then they’ll see this message:

logging in as console user

At this point, you have two options:

  1. You need to add this user to the list of console users (using the method shown above).
  2.  In this window you (or the user) may enter the password for the Background Service (Quintana in our example). Once they’ve logged in at this screen, their machine is added to the list of console users.



 


How to Manage Java Settings

Posted on Leave a commentPosted in Deployment Examples, PDQ Deploy

Java’s quarterly release for July 19, 2016 (Java 8 update 101) contains fixes for security vulnerabilities. Admins are advised to apply this critical patch to systems as soon as possible to protect against potential attacks. Here’s a quick guide to silently install Java 8 and then manage Java settings for added security and control. Below is a video tutorial on these steps.

Silently Install Java 8

In PDQ Deploy you have a couple options to silently install Java 8. You can use the Package Library which has a Java 8 deployment package that is ready to import and silently install across your network. (PDQ Deploy trial users have access to up to three free package imports from the Package Library during their trial.) Alternatively, you can build your own package using the free version of PDQ Deploy.

PDQ Deploy Package LibraryUsing the Package Library

We’re a little lot biased and do recommend using the Java 8 package available in the Package Library. This deployment package contains additional steps that ensure your deployment will be successful such as uninstalling past versions of Java and exiting programs that can cause deployments to fail.

Bonus, the work building the package is already done…so why not use what’s already there?

  1. Import your package Navigate to the Package Library and select Java 8 Update 101 64 or 32-bit (depending on what machines you are deploying to). Click “Import” to begin downloading your package.
  2. Send your deployment to target computers Your import can be found (by default) in the left tree under the Packages folder. Highlight the Java Package and click “Deploy”. From there you’ll be able to select target computers from AD, Spiceworks, or PDQ Inventory. Click deploy and you’re done!


Building Your Own Deployment Package

    1. Download the offline version of Java. Online versions are smaller in size and will not silently install successfully.
    2. Extract the Java MSI. You will want the Java MSI over the EXE because MSIs have already defined silent parameters, which you must have for a successful deployment. If you don’t have silent parameters you could see error messages, have failed deployments or worse.
    3. Now you’re ready to build your deployment package. Add the Java MSI to the Install File line, and be sure to select Include Entire Directory. Then you’ll want to add the following parameters on the parameters line to disable auto updates and machine reboots:
     JU=0 JAVAUPDATE=0 AUTOUPDATECHECK=0 RebootYesNo=No

Manage Java Settings

Now that you have that deployed…it’s time to manage Java settings.

  1. Create a new GPO for managing Java settings in your Group Policy editor.
  2. In your Group Policy Management Editor, right click and select the Oracle Java pak. (Refer to this video to learn how to set up PolicyPak and add your Java “pak”.
  3. Double-click on your newly added Java pak to start managing.Manage Java Settings You’ll see several tabs of options for settings in Java. Here are a few suggested settings to look at:
  • Update Uncheck “Check for Updates Automatically”. Having this checked means you can decide when Java gets updated and can deploy patches on your terms and not leave it to Oracle (or your user) to decide.
  • Security Select “Very High” from the Security Level dropdown.
  • Exception Site List You can set MODE=REPLACE to override any site list settings or you can set MODE=MERGE to add site to possibly existing site lists.

 

With your settings you can (and probably should for utmost protection against users tampering with your settings) right click and select “Perform ACL Lockdown”.