Search This Blog

Thursday, August 29, 2013

Setting Google as default search provider in unattend.xml


When deploying Windows I sometimes need to change the default search provider to Google for all deployed computers.

While this can be done in many ways I prefer to use unattend.xml because users can then change it if they want. An alternative could be to use GPP but it will then have an impact on login time.

So by adding this to unattend.xml

     <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="" xmlns:xsi="">
                <Scope wcm:action="add">

Shown here in the Windows System Image Manager.


You can then control the default search engine in Internet Explorer 9.

The values to use in the different settings can be found by adding Google search on a client and then look in the registry

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes


Even though ShowSearchSuggestions has the value of true, suggestions does not work for me.

The users will be prompted to turn on suggestions.


So in order to avoid this I set this registry value HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ShowSearchSuggestionsInAddressGlobal to the value 1 (dword).

This is also deployed by my MDT or SCCM task sequence and loaded in the default profile so all new users will receive this setting by default, see for more information on how to do this for all users.

Thursday, August 22, 2013

Setting environment system variables in a task sequence

One way to set a environment system variable during a MDT or SCCM Task Sequence is to use the SETX command.

This command SETX LLVAR TEST /M will set the variable LLVAR to the value TEST


If we take a closer look at the System variables after this step, we will see that the variable has been defined and the value set to TEST:


We can also use existing system variables, this command will add a new directory path to the existing System variable PATH using the existing value of both %PATH% and %PROGRAMFILES(X86)% in the command.


Thursday, August 15, 2013

Link: SQL Server Builds

I sometimes need a quick overview of the latest SQL server builds, while the information is available on different sites I have found this particular site to be very helpful.

You might also be able to use this resource in your daily work Smiley


Thursday, August 8, 2013

A website is trying to run a RemoteApp program


After publishing a RemoteApp and defining certificates you may still se this information warning:

A website is trying to run a RemoteApp program. make sure that you trust the publisher before you connect to run the program.

The certificate used is trusted but the message is still shown.


On your domain joined clients you can remove this popup by adding the certificate thumbprint to a GPO.

First click on the publisher (here *.gt.local).

Go to the details tab and find the Thumbprint field:


Copy the thumbprint to the clipboard, in this example:

d3 88 39 c2 a3 98 b1 e6 60 d8 e2 32 0a 67 82 0a 07 ea dd 18

Be careful when copying you need to start copying from the first hex number, or you will see a question mark in the copied text, the question mark must be removed.

Create a GPO for your clients, and find this policy:

Computer Configuration – Policies – Administrative Templates – windows Components – remote Desktop Services – Remote Desktop Connection Client – Specify SHA1 thumbprints of certificates representing trusted .rdp publishers


We need to insert the thumbprint from the certificate in this policy, but lets do a little formatting first.

Start PowerShell and use use this command to remove the spaces ("thumbprint here").replace(" ","")


Copy the thumbprint without spaces and enable the policy and insert the thumbprint into the policy.


This will remove the popup for your clients in the future, in order to speedup the policy refresh you can use gpupdate on the client.