2

I am creating ephemeral Windows Server VMs on AWS and would like to install a list of software unattended when they first start up. To do this, I am running a bootstrap script at startup that installs Chocolatey and then some custom choco packages. The system is joined to my domain at startup and I am assigning the startup script via a GPO. I can also create any other GP related items, as needed.

The script is running fine, but the problem I'm having is that many of the installers I'm running via choco require an interactive user session to work, so they won't run in the Session0 context that the startup script is running in.

I can see either of the following working:

  1. Create an interactive session for the script to run in on system startup.
  2. Log in a user from the Session0 context (can be a domain user) and instead install the packages as a logon script.

I'm open to other suggestions for how to solve this problem as well. As long as I can somehow run the installers unattended via a script, I will be satisfied.

Improve this question
5
  • 1
    Use psexec to start the script or the installer files using the -i and -s switches. That's assuming your installers aren't waiting for user input, which is something else you have to research to run silently.
    – Appleoddity
    Commented Oct 3, 2017 at 1:43
  • Yes, I've already figured out the silent install portion. I will give this a try!
    – Marty
    Commented Oct 3, 2017 at 1:59
  • @Appleoddity after reading the psexec docs, it seems like there needs to already be a session opened. I'll still give it a shot, but if a user is not logged in, doesn't that mean that only Session0 exists?
    – Marty
    Commented Oct 3, 2017 at 2:03
  • 1
    No session is necessary. Yes the application will run as SYSTEM during startup, but will be allowed to interact with the desktop. Trust me it works. Maybe not for everything, I'm not sure. But this solves the issue for me.
    – Appleoddity
    Commented Oct 3, 2017 at 2:04
  • @Appleoddity This worked great! If you want to turn this to an answer, I'd be happy to accept it.
    – Marty
    Commented Oct 3, 2017 at 16:53

1 Answer 1

Reset to default
2

Use PSEXEC to start your script or installer files using the -i and -s switches. This will run your applications as SYSTEM with an Interactive Desktop.

I typically put psexec.exe in the same path as my scripts on a network share then call it with the GPO startup scripts.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .