From dc587a52cab30b862be1b90df1777ea84f18ef50 Mon Sep 17 00:00:00 2001 From: slore Date: Mon, 29 Apr 2019 22:03:43 +0800 Subject: [PATCH] improve SwitchToAdmin for 20H1 --- .../WIN10XPE/00-Configures/System/Admin/Admin18850+.bat | 6 ++++++ .../WIN10XPE/00-Configures/System/Admin/SwitchToAdmin.bat | 3 ++- Projects/WIN10XPE/_CustomFiles_/Pecmd.ini | 2 -- Projects/WIN10XPE/_CustomFiles_/PecmdAdmin.ini | 1 + 4 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 Projects/WIN10XPE/00-Configures/System/Admin/Admin18850+.bat diff --git a/Projects/WIN10XPE/00-Configures/System/Admin/Admin18850+.bat b/Projects/WIN10XPE/00-Configures/System/Admin/Admin18850+.bat new file mode 100644 index 00000000..7c919474 --- /dev/null +++ b/Projects/WIN10XPE/00-Configures/System/Admin/Admin18850+.bat @@ -0,0 +1,6 @@ +@echo off +for /f "delims=." %%s in ('reg query "HKLM\SECURITY\SAM\Domains\Builtin\Aliases\Members"') do set AdminSID=%%s-500 +set "AdminSID=%AdminSID:HKEY_LOCAL_MACHINE\SECURITY\SAM\Domains\Builtin\Aliases\Members\=%" +reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileService\References\%AdminSID%" /v RefCount /t REG_BINARY /d 02000000 /f +LSAgetRights.exe -c +reg load "HKU\%AdminSID%" X:\Users\Administrator\NTUSER.DAT diff --git a/Projects/WIN10XPE/00-Configures/System/Admin/SwitchToAdmin.bat b/Projects/WIN10XPE/00-Configures/System/Admin/SwitchToAdmin.bat index c6b54b26..1bd20aae 100644 --- a/Projects/WIN10XPE/00-Configures/System/Admin/SwitchToAdmin.bat +++ b/Projects/WIN10XPE/00-Configures/System/Admin/SwitchToAdmin.bat @@ -64,8 +64,9 @@ if not exist "%X_SYS%\tsdiscon.exe" ( expand Security.cab -F:* "%X_WIN%\Security" -if %VER[3]% GTR 18800 ( +if %VER[3]% GTR 18850 ( copy /y LSAgetRights_%WB_PE_ARCH%.exe "%X_SYS%\LSAgetRights.exe" + copy /y "Admin18850+.bat" "%X_SYS%\" ) rem use in :PECMD_ENTRY@last.bat diff --git a/Projects/WIN10XPE/_CustomFiles_/Pecmd.ini b/Projects/WIN10XPE/_CustomFiles_/Pecmd.ini index 990d9723..ab2c7f1d 100644 --- a/Projects/WIN10XPE/_CustomFiles_/Pecmd.ini +++ b/Projects/WIN10XPE/_CustomFiles_/Pecmd.ini @@ -95,8 +95,6 @@ _SUB LoadShell IFEX %WinDir%\System32\ctfmon.exe, EXEC %WinDir%\System32\ctfmon.exe -IFEX %WinDir%\System32\LSAgetRights.exe, EXEC !=LSAgetRights.exe -c - //EXP_SHEL %WinDir%\explorer.exe //WXS_SHEL %ProgramFiles%\WinXShell\WinXShell.exe -regist -winpe //EXP_EXEC !%ProgramFiles%\WinXShell\WinXShell.exe -regist -daemon diff --git a/Projects/WIN10XPE/_CustomFiles_/PecmdAdmin.ini b/Projects/WIN10XPE/_CustomFiles_/PecmdAdmin.ini index 2f0eb7ba..b4288a4c 100644 --- a/Projects/WIN10XPE/_CustomFiles_/PecmdAdmin.ini +++ b/Projects/WIN10XPE/_CustomFiles_/PecmdAdmin.ini @@ -44,6 +44,7 @@ EXEC != secedit.exe /configure /db %WinDir%\security\database\unattend.sdb /cfg CALL $Netapi32.dll,NetJoinDomain,,WORKGROUP,,,,1 EXEC !=SC start seclogon +IFEX %WinDir%\System32\Admin18850+.bat, EXEC =Admin18850+.bat EXEC !%WinDir%\System32\tsdiscon.exe _END