Remove OneDrive via Batch Script

I’ve used this batch script to remove OneDrive from Windows 10 20H2 clients used by students. The script has been added to the end of our MDT student deployment.

@echo off
REM Prevents all commands from being displayed including ‘echo off’

set x86=”%SYSTEMROOT%\System32\OneDriveSetup.exe”
set x64=”%SYSTEMROOT%\SysWOW64\OneDriveSetup.exe”
REM Specifies environment-variables named x86 & x64.

taskkill /f /im OneDrive.exe > NUL 2>&1
REM Forcefully terminate the process using the image name ‘OneDrive.exe’.
REM ‘NUL 2>&1’ suppress outputs and pipe errors to null.

ping 127.0.0.1 -n 5 > NUL 2>&1
REM Misuse the ping command to delay commands, ‘-n 5’ specifies 5 pings. There is a 1s delay between each ping.

if exist %x64% (
%x64% /uninstall
) else (
%x86% /uninstall
)
REM Use the ‘if exist’ condition to uninstall both 32bit & 64bit versions of OneDrive.

ping 127.0.0.1 -n 10 > NUL 2>&1
REM Misuse the ping command to delay commands, ‘-n 10’ specifies 10 pings.

rd “%USERPROFILE%\OneDrive” /Q /S > NUL 2>&1
rd “C:\OneDriveTemp” /Q /S > NUL 2>&1
rd “%LOCALAPPDATA%\Microsoft\OneDrive” /Q /S > NUL 2>&1
rd “%PROGRAMDATA%\Microsoft OneDrive” /Q /S > NUL 2>&1
REM Remove OneDrive remnants. Delete directories and directory trees silently.

REG DELETE “HKEY_CLASSES_ROOT\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}” /f > NUL 2>&1
REG DELETE “HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}” /f > NUL 2>&1
REM Remove OneDrive from File Explorer. Delete registry values without any confirmation prompt.

exit /b 0
REM Specifies to exit the current batch script. The numeric number specifies the process exit code.  Exit code is required for MDT deployment to finish without errors.

Using PowerShell to create local user accounts

I wanted to find a simple PowerShell script to create local user accounts on unmanaged laptops.

The script needed to use the laptop serial as part of the username.

Also, the accounts shouldn’t expiry or require the user to change their password on the first login attempt.

The first test command created the account but didn’t insert the laptop serial as part of the username.

New-LocalUser -Name "test-account" -NoPassword -AccountNeverExpires -UserMayNotChangePassword -Description "test account" | Set-LocalUser -PasswordNeverExpires $true

The second script did everything required successfully, including added the laptop serial.

$Error.clear() 
$startupVariables=””
$SN = gwmi win32_bios | Select-Object -Expandproperty SerialNumber
net user student$SN /add /passwordchg:no
wmic useraccount where "name='student$SN'" set passwordexpires=false

The third script includes the user password and adds the user to the local administrators group.

$Error.clear() 
$startupVariables=””
$SN = gwmi win32_bios | Select-Object -Expandproperty SerialNumber
net user admin$SN MyPa55W0rd /add /passwordchg:no
wmic useraccount where "name='admin$SN'" set passwordexpires=false
net localgroup administrators admin$SN /add

To process the commands in one line add semicolons after each command.

$Error.clear();
$startupVariables=””;
$SN = gwmi win32_bios | Select-Object -Expandproperty SerialNumber;
net user student$SN /add /passwordchg:no;
wmic useraccount where "name='student$SN'" set passwordexpires=false

Blocking Malware & Adult Content using 1.1.1.1 for Families

Cloudflare provides ‘1.1.1.1 for Families’ as an extra layer of protection against malware and adult content.  This is an alternative to the 1.1.1.1 DNS resolver which also filters content.

This service can be used on Android, Linux, Windows, iOS, macOS and Routers.

The below guide is taken from Cloudflare Developers Docs.

Windows limited users will be unable to change these settings when devices are configured by an administrator account.

Block malware and adult content
​IPv4
Click the Start menu > Settings.

Select Network and Internet > Change Adapter Settings.

Right-click on the WiFi network you are connected to and click Properties.

Select Internet Protocol Version 4

Click Properties.

Click Use The Following DNS Server Addresses and add:

1.1.1.3
1.0.0.3

Click OK.

​IPv6
Click the Start menu > Settings.

Click Network and Internet > Change Adapter Settings.

Right-click on the Wi-Fi network you are connected to and click Properties.

Select Internet Protocol Version 6.

Click Properties > Use The Following DNS Server Addresses and add:

2606:4700:4700::1113
2606:4700:4700::1003

Click OK.

Using Command Prompt to apply DNS setting

For Windows Vista and higher (requires Admin rights).

To join multiple commands in Command Prompt use two ‘&’ signs – &&

netsh int ipv4 set dns name="Wi-Fi" static 1.1.1.3 primary validate=no
netsh int ipv4 add dns name="Wi-Fi" 1.0.0.3 index=2 validate=no

netsh int ipv6 set dns name="Wi-Fi" static 2606:4700:4700::1113 primary validate=no
netsh int ipv6 add dns name="Wi-Fi" 2606:4700:4700::1003 index=2 validate=no

Using PowerShell to apply DNS setting – both IPv4 & IPv6

Set-DNSClientServerAddress "Wi-Fi" –ServerAddresses ("1.1.1.3","1.0.0.3","2606:4700:4700::1113","2606:4700:4700::1003")

Disable Proofing Tools in Office 2010

The executable ToggleProof1.exe can be used to edit user profiles to disable proofing in Office 2010.

Open command prompt as Administrator before navigating to the folder containing the ToggleProof1.exe executable. See usage and the example below for the correct command line argument.

Usage: ToggleProof.exe “path\to\ntuser.dat\file”

Example: ToggleProof1.exe F:\Users\Students\Profiles\Student001.V2\NTUSER.DAT

After running a successfully command line argument a confirmation will be displayed.

Rename the user DAT extension to the MAN extension after disabling proofing.

ToggleProof1 download

User Notice Using VB Script – Acrobat Reader Output

Option Explicit
DIM fso
Set fso = CreateObject("Scripting.FileSystemObject")

If (fso.FileExists("\\FILE_SERVER\NOTICE$\live.pdf")) Then

dim wShell:Set wShell=CreateObject("WScript.Shell")
dim i
i=wShell.Run("AcroRd32.exe \\FILE_SERVER\NOTICE$\live.pdf",1,False)
Set wShell=Nothing

Else
 WScript.Quit()
End if
 WScript.Quit()

Single Run User Notice Using VB Script – Internet Explorer Output

Option Explicit

'Delivery - run only if text file is not present

DIM fso
Set fso = CreateObject("Scripting.FileSystemObject")
If (fso.FileExists("N:\RedirectedProfileFolders\surveymonkey.txt")) Then

 WScript.Quit()

Else

'Payload - open url and create blank text file used by delivery section of script

dim wShell:Set wShell=CreateObject("WScript.Shell")
dim i
i=wShell.Run("iexplore.exe O:\Students\surveys\surveymonkey_students.url",1,False)
Set wShell=Nothing

Dim successful_run
Set successful_run = fso.CreateTextFile("N:\RedirectedProfileFolders\surveymonkey.txt",True)

End if
 WScript.Quit()

User Notice Using VB Script – Internet Explorer Output

Option Explicit
DIM fso
Set fso = CreateObject("Scripting.FileSystemObject")

If (fso.FileExists("\\FILE_SERVER\NOTICE$\live.url")) Then

dim wShell:Set wShell=CreateObject("WScript.Shell")
dim i
i=wShell.Run("iexplore.exe \\FILE_SERVER\NOTICE$\live.url",1,False)
Set wShell=Nothing

Else
 WScript.Quit()
End if
 WScript.Quit()