Has anyone else worked with deep freeze or had success deploying it with post install tasks? I have been trying to come up with a  plan for deployment and was hoping to do the following:

  • Install via post task in the unthawed state
  • Freeze as my last task

Any best practices when deploying with the K2000? Is this something I should just deploy always at the end of the post install tasks?
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Community Chosen Answer

4
Piece of cake, been doing this for years.  Even helped them with info for this KKE on that

http://stage.kace.com/mx/support/training/kke/archive?id=37AC3F66-AD51-4F8D-8372-EBA9ED5AA59F

The secret is to set a command line password when you compile your DF installs.

These are for x64 calls, for x86 use c:\windows\system32\...

CgUUkA.jpeg
ACpI1W.jpeg

goGS7u.jpeg

grukQ7.jpeg

VU9Tzo.jpeg

fE9RNS.jpeg
9FBDTf.jpeg


14dYRH.jpeg

Answered 10/26/2015 by: SMal.tmcc
Red Belt

  • Holy Moly. This looks to be perfect.

    What are you using in your delayedfreeze.bat?

    I had no clue Faronics Core existed. Trying to get that setup now. I am just getting the lay of the land again with Deep Freeze. Its been about 5 or 6 years since I have touched it.
    • I use a local file to call a protected file on a server that only certain users can see. That way when we change the DF command line password all we need to do is modify it on the server. I also use the k1000 scripting to freeze, thaw, autologin and stop autologin
      • And you've had better luck with the K1000 handling the thawing and freezing than using the Deep Freeze console? We are wrestling with this now, and our K1000 scripts work, but not all the time. Unfortunately, we are running a very old version of deep freeze.
      • It just saves needing to open the console and kace to deploy tasks, This just makes it a one stop tech tool
    • get to the newest version. the core is handy is you are also using their AV. They also now have a web version but we are sticking with DF servers. Post 3 I have a different install to point the DF install to the server for that site.
      • Got Core setup and running. Is there a specific way to be able to manage deep freeze from it. I am not finding much if any documentation but I read you are supposed to be able to.
      • nvm I think I found the right document! http://www.faronics.com/assets/YDF_Manual.pdf
      • This content is currently hidden from public view.
        Reason: Removed by member request
        For more information, visit our FAQ's.
    • feel free to email if you need more detailed help.
    • If you're using the latest version of Deep Freeze, they added a new install switch (/thawed) to allow the install to remain thawed.

      Small change, only saves you a step, but still helpful.

      DFSetup.exe /Install /thawed /NOREBOOT
Please log in to comment

Answers

1
sorry about missing that part I have a local batch file that calls a batch on a server share that only our installer user has access to so even if users find the local bat they cannot see it due to rights.

ksleep 20
call \\dr-acad\programs\installs\w2d\frozenpolicy.bat
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v legalnoticecaption /d "TMCC Academic Use Statement" /f

reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v legalnoticetext /d "TMCC Computer Use Policy - TMCC General Access Computer Labs are educational computer facilities open to all students, faculty and staff at TMCC. If not enrolled or employed at TMCC, then access is not allowed. Identification may be requested. Lab Assistants may monitor computer use. Students needing a computer to do their homework will have preference over students that are playing games or participating in Internet chat. Students who are on the chat lines or playing games are welcome, but will be advised to come back when the labs are not busy. Viewing or printing pornographic material that can be viewed by others is not allowed in any of the Labs or Kiosks. Cell-phone use in the labs is prohibited. Emergency calls can be received, but the user must step outside of the Lab to continue the conversation. Absolutely no food or beverages are allowed in the labs! Maintain a friendly and quiet lab for other students to do their work. Maintain a quiet work area: Loud boisterous behaviour is not acceptable; the Lab is not a place to socialize, as it's distracting to others. Children are not to be left unattended in the labs. Head count and surveys: In order to effectively use technology resources, head counts or surveys will be taken by the lab monitor. Please provide them with your cooperation. Closing time: The labs must close promptly at the scheduled time. Your cooperation in abiding with the closing time would be greatly appreciated. ACTIVITIES IN VIOLATION OF TMCC'S COMPUTER USE POLICY - Unauthorized use of a computer account. Using the campus network to gain unauthorized access to any computer systems. Connecting unauthorized equipment to the campus network. Using electronic mail to harass or threaten others. This includes, but is not limited to, sending repeated, unwanted Email to another user. Transmitting or reproducing materials that are slanderous or defamatory in nature or that otherwise violate existing laws, NSHE, or College regulations. Displaying obscene, lewd, or sexually harassing images or text in a public computer, facility, or location that can be in view of others. Initiating or propagating electronic chain letters inappropriate mass mailing. This includes, but is not limited to, multiple mailings to the TMCC Campus, newsgroups, mailing lists, or individuals forging the identity of a user or machine in an electronic communication. Attempting to monitor or tamper with another user's electronic communications, or reading, copying, changing, or deleting another user's files or software without the explicit agreement of the owner. Unauthorized attempts to circumvent data protection schemes or uncover security loopholes. This includes creating and/or running programs that are designed to identify security loopholes and/or decrypt intentionally secure data. Knowingly or carelessly performing an act that will interfere with the normal operation of computers, terminals, peripherals, or networks. This includes tampering with or removing computer hardware or software. Knowingly or carelessly running or installing on any computer system or network, or giving to another user a program intended to damage or to place excessive load on a computer system or network. This includes, but is not limited to, programs known as computer viruses, Trojan horses, and worms. Deliberately wasting/overloading computing resources, such as printing excessive copies of a document. Violating terms of applicable software licensing agreements or copyright laws. Violating the TMCC Copyright Infringement policy, copyright laws and their fair use provisions through inappropriate reproduction or dissemination of copyrighted text, images, etc. Using college resources for commercial activity such as creating products or services for sale." /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 0 /f

reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v defaultpassword /f

if EXIST c:\windows\SysWOW64\dfc.exe (c:\windows\SysWOW64\dfc.exe DFPassword /FREEZENEXTBOOT) ELSE (c:\windows\System32\dfc.exe DFPassword /FREEZENEXTBOOT)

start /wait shutdown -r -t 15 -f


Answered 10/26/2015 by: SMal.tmcc
Red Belt

  • we would have used kace scripting but I found a length limit bug for scripts to about 800 characters so the reg add for the policy would fail
Please log in to comment
Answer this question or Comment on this question for clarity