OOBE Challenges #2: A Better Solution

I had previously written about OOBE challenges here, and the solution I found was somewhat of a workaround.

Some of my customers are satisfied with these scheduled tasks, but I’ve received comments on the blog and on Twitter that this flow is not very reliable.

I started thinking about a better way to execute the process in the OOBE phase during OSD. For testing purposes, I created a simple batch file in the C:\Windows\Setup\Scripts folder, where SetupComplete.cmd is also located. And guess what? It was executed before the (real) OOBE phase began, without using any scheduled task or ServiceUI.exe.

Note: for me, the real OOBE phase is where the region and keyboard settings have to be selected.

Below, you can find a simple way to trigger your tasks after OS installation and after the specialize phase. Once you understand the solution, everything becomes simple and easy. 😉

Write-Host -ForegroundColor Green "Downloading and creating script for OOBE phase"
Invoke-RestMethod https://raw.githubusercontent.com/AkosBakos/OSDCloud/main/Set-KeyboardLanguage.ps1 | Out-File -FilePath 'C:\Windows\Setup\scripts\keyboard.ps1' -Encoding ascii -Force
Invoke-RestMethod https://raw.githubusercontent.com/AkosBakos/OSDCloud/main/Install-EmbeddedProductKey.ps1 | Out-File -FilePath 'C:\Windows\Setup\scripts\productkey.ps1' -Encoding ascii -Force
Invoke-RestMethod https://check-autopilotprereq.osdcloud.ch | Out-File -FilePath 'C:\Windows\Setup\scripts\autopilotprereq.ps1' -Encoding ascii -Force
Invoke-RestMethod https://start-autopilotoobe.osdcloud.ch | Out-File -FilePath 'C:\Windows\Setup\scripts\autopilotoobe.ps1' -Encoding ascii -Force


$OOBECMD = @'
@echo off
# Execute OOBE Tasks
start /wait powershell.exe -NoL -ExecutionPolicy Bypass -F C:\Windows\Setup\Scripts\keyboard.ps1
start /wait powershell.exe -NoL -ExecutionPolicy Bypass -F C:\Windows\Setup\Scripts\productkey.ps1
start /wait powershell.exe -NoL -ExecutionPolicy Bypass -F C:\Windows\Setup\Scripts\autopilotprereq.ps1
start /wait powershell.exe -NoL -ExecutionPolicy Bypass -F C:\Windows\Setup\Scripts\autopilotoobe.ps1

# Below a PS session for debug and testing in system context, # when not needed 
# start /wait powershell.exe -NoL -ExecutionPolicy Bypass

exit 
'@
$OOBECMD | Out-File -FilePath 'C:\Windows\Setup\scripts\oobe.cmd' -Encoding ascii -Force

After using this method, don’t forget to cleanup this C:\Windows\Setup\scripts folder like this:

Remove-Item C:\Windows\Setup\Scripts\*.* -Exclude *.TAG -Force | Out-Null

I hope you are disabling shift + F10 during the OSD phase with this simply file: C:\Windows\Setup\Scripts\DisableCMDRequest.TAG. More details please find Michael’s great blog post.

Bonus: please note, if you are working and executing scripts in the OOBE phase, the process will automatically create a new user, defaultuser0. The scripts run in this user’s context.

After the OSD finishes, this account should be removed. You can find a remediation script in my GitHub repo. KUDOS to Ermanno Goletto for the cleanup function.

Please leave a comment about how easy or easier this method is compared to creating two scheduled tasks.

Leave a Reply

Your email address will not be published. Required fields are marked *