XP Service Pack 2 Deployment - Unique Problem

  • Thread starter Thread starter Mark
  • Start date Start date
M

Mark

Hello

I have quite the interesting problem. I am trying to
deploy windows XP service pack 2 in an industrial
environment. We use windows XP machines to control
machinery. The problem is that the plant is huge, and to
go locally to every machine and install SP2 would be a
huge waste of time. We currently use VNC, which is a type
of remote control for your pc, the problem is that
immediately after you install SP2, it #1 Enables the
firewall, locking out our VNC program as well as our
application to control machinery which uses IP
information, and #2 After the machine boots, it comes up
with choices, I believe one has to do with enabling
automatic updates, and the other has to do with the
firewall, which again means we have to go locally.

My question is simple but I'm not sure if there is an
answer. Is there a way to prepare, SP2 to deploy in a way
that it will not ask those questions after it first boots,
and will disable the firewall settings by default? I have
the network installation version of SP2 and I can figure
things out a lot of the time, but I really am stuck on
this one, and I'm sure there's something but I really just
need to know how to do this and nothing more than that.
I've been digging around technet and websites all day, and
my brain is fried, I could really just use the info about
this subject, it has nothing to do with laziness, I just
feel like I've been searching for needle in a haystack all
day.

Thanks so much whoever answers, you saved my brain from
being toast.
 
Hi,

You need to search for it, but it has been posted in here before on how to
disable the windows firewall before doing the install. I think MVP Torgeir
Bakken or Mike Brannigan were the ones that stated how to disable the
firewall during the installation.

Jeff
 
Mark said:
Hello

I have quite the interesting problem. I am trying to
deploy windows XP service pack 2 in an industrial
environment. We use windows XP machines to control
machinery. The problem is that the plant is huge, and to
go locally to every machine and install SP2 would be a
huge waste of time. We currently use VNC, which is a type
of remote control for your pc, the problem is that
immediately after you install SP2, it #1 Enables the
firewall, locking out our VNC program as well as our
application to control machinery which uses IP
information, and #2 After the machine boots, it comes up
with choices, I believe one has to do with enabling
automatic updates, and the other has to do with the
firewall, which again means we have to go locally.

My question is simple but I'm not sure if there is an
answer. Is there a way to prepare, SP2 to deploy in a way
that it will not ask those questions after it first boots,
Click to expand...

This "configure automatic updates" screen will not show up if you
install SP2 in unattended mode (using command line parameters) as
e.g. GPO, SUS, or SMS does.

See "Deploying Windows XP Service Pack 2" here for
documentation on the command line parameters:

Service Pack 2 for Windows XP: Resources for IT Professionals
http://www.microsoft.com/technet/winxpsp2

and will disable the firewall settings by default?
Click to expand...

You can create some registry values that will disable the firewall,
more here:

http://groups.google.com/[email protected]


I would think you want to configure/disable the Security Center as
well, to avoid tray popups from it.

To keep the service running, but disable the notify part of it, you
can do this with some registry settings:

Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center

DWORD Value: FirewallDisableNotify
Value Data: 1

DWORD Value: UpdatesDisableNotify
Value Data: 1

If you want to disable the notification about any unknow status of
Antivirus software as well:

DWORD Value: AntiVirusDisableNotify
Value Data: 1

I would think you can create those values before installing SP2 and
they will stick.


Manually, you can do this after SP2 install/reboot this way:

Control Panel/Security Center, click on the "Change the Way Security
Center Notifies Me" link in the left pane.


Alternatively, disable the Security Center service.

This *might* work before reboot after the SP2 installation:

sc.exe config wscsvc start= disabled

If you need a reboot first for the command line above to take affect,
you could put the command into RunOnce in registry before the reboot
to let it run after the reboot.

In that case, you should add this command line to RunOnce as well:
sc.exe stop wscsvc


Manually, you can disable the Security Center service after SP2
install/reboot this way:

Start/Run --> services.msc

Find "Security Center" in the list, double click on it, set
"Startup type" to Disabled.


There is also a Group Policy setting available to disable the
Security Center (Start/Run--> gpedit.msc).

Take a look at the chapter for the Security Center in
06_CIF_Maintenance.DOC

What settings are added or changed in Windows XP Service Pack 2?
Group Policy settings (page 26 for me)


06_CIF_Maintenance.DOC ("Changes to Functionality in Microsoft Windows XP
Service Pack 2, Part 6: Computer Maintenance") can be downloaded from here:

http://www.microsoft.com/downloads/...d7-b791-40b6-8364-685b84158c78&DisplayLang=en

Note: WinXPSP2_Documentation.zip contains all the .doc downloads...
 
Back
Top