SysNative (CMD)

Today I’ve encountered something new in my work on the Windows x64 platform.

First:
On a 64 bit Windows 10 platform you have:

  • Program Files, for your x64 programs
  • Program Files (x86), for your x86 programs
  • System32, for your x64 system files
  • SysWOW64, for your x86 system files

Now:
In working with Quest Kace, I’ve discovered a new “folder”. Well it not a folder as such.

I’ve created a script where I need to reset the Windows Update Agent and force it to register with WSUS.
As soon as the script executed from Kace, if failed at the ‘wuauclt.exe’ command: ‘File not found’. I then added the full path to the file ‘C:\Windows\System32\wuauclt.exe’ – Still: ‘File not found’. I used PSexec and looked inside the ‘C:\Windows\System32’ folder, and to my surprise there were no ‘wuauclt.exe’ file, but I could see it in a regular CMD running as admin or as a regular user.

Then an old colleague told me about the ‘SysNative’ folder, as if the whole world knew what that was!

On a 64 bit platform, there is a new “folder” called ‘SysNative’, that points around the ‘File System Redirector’ and will give you access to the correct system folder, in my case ‘System32’.

So, I changed my script to use the new “folder” ‘%WinDir%\SysNative\wuauclt.exe’, and it worked like a charm.

Well, you learn something new everyday!

Set ComputerName in TS (CMD)

Change the “Computer” or “This PC” to %COMPUTERNAME% in a Task Sequence.

Use SetACL, by Helge Klein, to change owner, set appropriate permissions on the registry key and after changing the registry key, releasing the key back to the system.

Place the appropriate SetACL.exe and the script below, together with the registry key and execute from TS.

"%~dp0setacl.exe" -on HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} -ot reg -actn setowner -ownr "n:S-1-5-32-544"
"%~dp0setacl.exe" -on HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} -ot reg -actn ace -ace "n:S-1-5-32-544;p:full;s:y"
..
.. 
"%~dp0setacl.exe" -on HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} -ot reg -actn ace -ace "n:S-1-5-32-544;p:read;s:y" "%~dp0setacl.exe" -on HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} -ot reg -actn setowner -ownr "n:S-1-5-18" 

This script has only been tested on Windows 7, x64, through a TS