At our last live webcast (you can sign up to join our free IT webcasts here), we discussed Custom Tools and shared some of our favorites. Below is a download for a favorite utility that allows you to remotely access the registry of a target computer you can import for use on your PDQ Inventory console. There are also report filters you can import in to PDQ Inventory for finding local admin accounts on your network. Please note that this utility is not supported by Admin Arsenal and it only works in English. This is a utility that Shane wrote years ago while he was annoyed (and probably drunk) at the lack of remote registry capabilities in Windows.
What are Custom Tools?
Using the Custom Tools feature allows you to create keyboard shortcuts to call your favorite tools and utilities. If you have a program/utility that can called from the Command Line (CLI) then you can integrate it with PDQ Inventory. You can set up these Custom Tools by going to File > Preferences > Custom Tools.
Remotely Access the Registry with a Custom Tool
A favorite utility allows you to open the registry on a target machine. In the webcast it was called “Remote Registry”.
After you unzip this file rename the two .exe.rename files to end in .exe. Use the StartReg64.exe if the console machine is running on a 64-bit OS. There is also a PNG showing the syntax for use in a Custom Tool.
PDQ Deploy 11 is here and includes some great new additions to its already powerful lineup of features. You can upgrade PDQ Deploy to version 11 by clicking the “A new version is available” notice in the status bar of your console. If the update link is not visible, go to File > Preferences > Auto Update Alerts; this will now alert you to all future versions available. You can also download the new release here; PDQ Deploy 11. Let’s dive into some of the new additions.
Drag and Drop to Change the Order of Steps in a Package
PDQ Deploy 11 makes it easy to change the order of steps in your package with drag and drop functionality. Let’s say you create a package with the Install Step as step number one.
However, what if you decide that it would be a good idea to send your users a message before the package begins to install? You now have the ability to simply drag and drop to change the step order. Now the Message Step is step number one. Use this drag and drop functionality to easily place your package steps in the desired order.
Removed the Default Install Step of a New Package
PDQ Deploy 11 gives you more control over your package creation. We understand that not all packages start with an install and so the default Install Step has been removed. On the PDQ Deploy Main Console window, click File > New Package. A new blank Package window opens with Package Properties selected allowing you to add a New Step. Now you have total control to choose the individual steps and the order of those steps in your package.
New Option in Install Step for Installation Requires Source
There are some installations that require a source path if additional features, modifications, or repairs need to be made locally by the end user. PDQ Deploy 11 now gives you the option to have these files saved on the target computer. (Pro or Enterprise mode required) This feature is only available on an Install Step and is used for applications that specifically require a local copy/path of the original installation files in order to perform post-deployment programmatic modifications.
Other Features and Fixes
There are other hidden gems in PDQ Deploy 11:
Variables can now be used in the email body of the Post Deployment Notification (Pro or Enterprise mode required).
Added a Report Summary to the attached report included in a Post Deployment Notification (Pro or Enterprise mode required).
The ability to open Elevated Command and PowerShell prompts from within the Help Menu.
Direct link to the Output Log in the Deployment Computer List and More Info window when encountering an error with a step.
URLs in Package Details and Package Descriptions are now hyperlinks.
Issues with sorting during a running deployment has been fixed.
Clarified the Logged On State when a user is logged on.
Other minor bugs and enhancements.
We’re excited about the great new additions to PDQ Deploy 11 and hope you enjoy the added flexibility these additions bring.
Ever have a website your users need to use a specific browser to access? Or perhaps you need a particular browser to be the default browser. Getting users directed to the correct browser can be done with a little set up using the Browser Router in PolicyPak.
First, you’ll need to make sure that you have the desired browser deployed to your target machines. PDQ Deploy makes deploying the correct browsers to your target machines a piece of cake.
If you expand PolicyPak you’ll see the Browser Router node. To start putting together your settings, create a new collection by right-clicking the blank area and clicking (surprise!) New Collection.
Now you’re ready to start defining policies and defaults for all your users.
Set a Default Browser
Setting a default browser is straightforward and simple. Right click and select “Add New Default Browser”. Choose your browser and you’re set!
Default Browser Exceptions; Routing Users to the Correct Browser
Having a default browser is great, but let’s say you have a site that only wants to work with a specific browser and it happens to be a browser other than the default browser. Simple, just click Add > New Policy. Then add in the URL, and select a browser. That site will now use the designated browser.
You can easily set up Wildcards with the Browser Router. In this example, let’s say you only want to use Chrome when visiting anything in Googleland. By using the *google* wildcard you can set Google Chrome as the default browser.
Need to Block a specific site? No problem. With the PolicyPak Browser Router you can easily define a blocked site and even display a pop up message to the user.
Local Intranet Browser
Many businesses have a local intranet security zone that requires the use of a specific browser for things such as time cards and other applications. Browser Router can easily make those accommodations. Just click “Internet Security Zone” then select “Local Intranet” from the dropdown menu and designate the appropriate browser.
The Browser Router in PolicyPak gives you total control of what browsers are used in your environment. You can now use the right browser for the right job. For a detailed walk through and to see the Browser Router in action, click on the video below.
The latest PDQ Inventory 10 is now available and it includes some highly requested features! PDQ Inventory can be upgraded to version 10 by clicking the “A new version is available” notice in the status bar of your console. You can also download the new release here; PDQ Inventory 10. Read on to discover all the new possibilities.
Hide Collections in the Collection Library
Do you love using the Collection Library, but would like to only see the collections that pertain to you and remove a lot of the clutter? Well, you are in luck, as this can now be accomplished in PDQ Inventory 10. Simply hide any collection within the collection library to customize your view. (Enterprise mode required). To hide collections, select the collection(s) in the console, right-click and check View > Hide Library Collection. Hiding a parent collection will always hide the child collections by default.
The Collection Library page itself will always display all hidden collections and the ability to display in the tree can be easily toggled on and off using View > Display Hidden Library Collections (or Preferences > Interface). Hidden collections are identifiable by their opaque icon and opaque text. For ease of identification, parent collections of hidden collection(s) are also displayed with an opaque icon, however, the text is not opaque.
Because of this powerful new feature, we will be able to bring even more library collections your way. Keep your eyes peeled!
Wake-on-LAN and PowerShell added to Remote Command
Didn’t think Remote Command could get any more powerful than it already is? Well, think again. In PDQ Inventory 10, we’ve now added the ability to initiate a distributed Wake-on-LAN and run PowerShell cmdlets directly from this tool (Pro or Enterprise mode required). To access Remote Command, select the computer(s) to which you wish to execute a remote command and select Tools > Remote Desktop (or Ctrl+Alt+R).
Other features and fixes
Included in this release are many other smaller, but just as tasty morsels:
-The Program, Publisher, and Version of the Hot Fix table can now be used in Collections and Reports.
-Firmware Revision column has been added to the Disk Drives page.
-Other minor bugs and enhancements.
We hope you enjoy this release as much as we enjoyed bringing it to you. As always, we welcome your feedback.
So let’s say you’ve got some specialty computers such as lab computers, sales computers or conference room computers. These computers have different users logging on at different times throughout the day. You’d like these specialty computers to eat just “some” user side policy settings enabling them to maintain the same user settings regardless of who logs on. Normally you’d have to use very complicated Group Policy loopback mode to force your computers to eat user side policy. The downside is that you’ll end up with way more settings than you need making it impossible to manage the experience. The answer? PolicyPak Admin Templates Manager. With PolicyPak Admin Templates Manager you’ll be able to gently force your computers to eat user side functions.
Force Computers To Eat User-Side Functions
From the PolicyPak console, go to “Standard Computers” and create a new GPO. Then simply create a name for your new GPO.
Now go to the Computer Configuration side to the PolicyPak node and click on Administrative Templates Manager. Click “Add New Policy”.
In the upper left of the New Admin Template Entry window, you’ll want to check the “User Policy” button. Now, under the Administrative Templates window, you’ll see several options that you can access. Let’s go to “Start Menu and Taskbar”. Once clicked, you’ll be presented with a list of available options. Let’s select “Remove Help menu from Start Menu”.
In the new window, click “enable” and you’re set.
Now, in this example, all users who logon to this machine will have the “Help Menu” removed from the Start Menu. You’ve successfully taken a user side function and delivered it to your specialty computers for all users using the PolicyPak Admin Templates Manager. To see each step in action, check out the video below.
It’s simple enough to get Mozilla Firefox remotely installed on your computers, but how do you keep users from changing settings and potentially leaving your network vulnerable? In this post we’ll first silently install Firefox on machines, and then enforce Firefox settings using group policy.
Silently Installing Firefox
Mozilla Firefox is one of the many deployment packages available in the Package Library. With a PDQ Deploy Enterprise licence you can import this ready-to-deploy package (which we recommend as the package has additional steps to uninstall past versions of Firefox and other steps that also help avoid installation errors). With the free version you can also create this package to quickly install Firefox.
Add the Firefox Setup exe in the Install File field in your install step
Add silent parameter -ms to the Parameters field.
Save and close, you’re ready to deploy. Simply highlight your newly created package in the left tree and click the Deploy button in the right corner. From there you’ll be able to deploy right away or schedule (Pro or higher) and select deployment targets.
Deploying AutoCAD may seem like a daunting task, however PDQ Deploy makes it’s easy to silently deploy AutoCAD. We’ve also included a step-by-step instruction video at the bottom of this page. Let’s dive in.
How to Silently Deploy AutoCAD
The first step is to grab your installation files. We recommend placing the installation files on an accessible file share location. Now navigate to the installation files on your file share location, and run “setup.exe”.
By running the setup.exe file, you will be given the option to install or create a deployment. We will choose to create a deployment using the AutoCAD deployment tool.
Now let’s configure our deployment. Give your deployment a name in the “Deployment configuration name” field. The “Administrative image path” field is where you will designate a location on a file share where you want the AutoCAD deployment files to be copied. The other fields on this screen provide additional options. Remember to check “Run installation in silent mode” under the “Installation Settings” section in order to silently deploy AutoCAD.
Next, you’ll need to accept the EULA and input your serial number or whatever method you use to license your AutoDesk products.
The next window will allow you to further customize the AutoCAD deployment. Once you’ve determined your deployment settings, click “Create”. Now AutoCAD will compile the prerequisites for installation and prepare everything that you selected for this deployment. This process may take several minutes, so be patient.
Once AutoCAD has finished creating the deployment, you may want to click “Add Updates” to check for any product updates that may be available. If there are updates available, the auto deployment tool will append them to the installation.
Navigate to the designated location on your file share where you copied your deployment files. You’ll notice there is a shortcut file with the name you created for your deployment. Right click and go to the properties of that shortcut file and copy the information in the target field.
Sending Out Your AutoCAD Deployment
It’s time to open up PDQ Deploy. Go to “New Package” and create a deployment name.
Next, click “New Step” and create a “Command” step. In the package properties window delete the default install step. Now paste the information that you previously copied from the shortcut properties into the command step field. If you see a “/Trial” within the string you can remove it.
This next step is very important. Right after “\Setup.exe \” you will insert a “/W /” (with a space after the W). It should look like this; “\Setup.exe /W /qb”. The “W” tells the deployment to run the command and then wait for the other sub-processes to finish before it returns. Without, you will likely get a 259 error code.
A couple of other items to take note of:
If you have spaces in your path you will need to put them in double quotes up to the “/I” Anything after that you do not need to use double quotes.
Notice the “/qb” . This means “Quiet Basic”. Under this setting if a user is logged on they may see status updates appearing on their screen. To enable a totally silent deployment, you may use a “/q”. DO NOT use a “/qn” as this will cause your deployment to hang. We recommend using “/qb” for a higher success rate.
Now go to the Conditions tab and change your OS to Windows 10, 8.1, and 7. You’ll also want to change the Architecture to 64-bit.
Under the “Options” tab, if you are deploying with the “/qb” previously mentioned, you’ll want to change the “Run As” field to “Deploy User (Interactive)”.
Next, since we are doing a command step, we need to enter success codes. For this deployment enter the codes; 0,1641,3010
That’s all you need to do to build the deployment. Now let’s choose our targets and silently deploy AutoCAD. You can choose your targets several ways, but for our example we’ve chosen two targets using PDQ Inventory. Once your targets have been selected, click “Deploy Now”.
Remember, this deployment could take anywhere from 5 to 30 minutes depending on the speed of your network, so be patient. Once the deployment has finished, you’ll see the AutoCAD desktop icon on your target computers. You could also verify a successful installation by using PDQ Inventory. Congratulations! You’ve silently deployed and installed AutoCAD. To view a step by step tutorial, click the video below.
We made some pretty big changes in PDQ Deploy 10. One change that may have caught a few PDQ Deploy users off guard is the need to add console users for access to the PDQ console instead of simply having local admin privileges. Adding console users is especially important for those using the command line interface to use PDQ Deploy.
Adding Console Users to PDQ Deploy
If you go to File > Preferences > Background Service, you will see which user processes all background tasks for PDQ Deploy. It is also in this window that you can add console users. Console users are Windows users that have access to the PDQ Deploy console.
After adding the computer name you’ll need to type the password for the background service user (not the user you are adding).
Alternatively, admins are added by logging in after starting PDQ Deploy. If the user opening PDQ Deploy is not a registered console user then they’ll see this message:
At this point, you have two options:
You need to add this user to the list of console users (using the method shown above).
In this window you (or the user) may enter the password for the Background Service (Quintana in our example). Once they’ve logged in at this screen, their machine is added to the list of console users.
Java’s quarterly release for July 19, 2016 (Java 8 update 101) contains fixes for security vulnerabilities. Admins are advised to apply this critical patch to systems as soon as possible to protect against potential attacks. Here’s a quick guide to silently install Java 8 and then manage Java settings for added security and control. Below is a video tutorial on these steps.
Silently Install Java 8
In PDQ Deploy you have a couple options to silently install Java 8. You can use the Package Library which has a Java 8 deployment package that is ready to import and silently install across your network. (PDQ Deploy trial users have access to up to three free package imports from the Package Library during their trial.) Alternatively, you can build your own package using the free version of PDQ Deploy.
Using the Package Library
We’re a little lot biased and do recommend using the Java 8 package available in the Package Library. This deployment package contains additional steps that ensure your deployment will be successful such as uninstalling past versions of Java and exiting programs that can cause deployments to fail.
Bonus, the work building the package is already done…so why not use what’s already there?
Import your package Navigate to the Package Library and select Java 8 Update 101 64 or 32-bit (depending on what machines you are deploying to). Click “Import” to begin downloading your package.
Send your deployment to target computers Your import can be found (by default) in the left tree under the Packages folder. Highlight the Java Package and click “Deploy”. From there you’ll be able to select target computers from AD, Spiceworks, or PDQ Inventory. Click deploy and you’re done!
Download the offline version of Java. Online versions are smaller in size and will not silently install successfully.
Extract the Java MSI. You will want the Java MSI over the EXE because MSIs have already defined silent parameters, which you must have for a successful deployment. If you don’t have silent parameters you could see error messages, have failed deployments or worse.
Now you’re ready to build your deployment package. Add the Java MSI to the Install File line, and be sure to select Include Entire Directory. Then you’ll want to add the following parameters on the parameters line to disable auto updates and machine reboots:
Double-click on your newly added Java pak to start managing. You’ll see several tabs of options for settings in Java. Here are a few suggested settings to look at:
Update Uncheck “Check for Updates Automatically”. Having this checked means you can decide when Java gets updated and can deploy patches on your terms and not leave it to Oracle (or your user) to decide.
Security Select “Very High” from the Security Level dropdown.
Exception Site List You can set MODE=REPLACE to override any site list settings or you can set MODE=MERGE to add site to possibly existing site lists.
With your settings you can (and probably should for utmost protection against users tampering with your settings) right click and select “Perform ACL Lockdown”.