Hi guys, I am looking to password protect my rebuild task sequence. Basically I want to have a task sequence which every SCCM client can see via run advertised programs. Then I want helpdesk to be able to troubleshoot it down to the machine requiring a rebuild, if this is required they can kick this off from Run Advertised Programs. However in order for standard users to not run this themselves I want to be able to password protect the task sequence The following below works but only after booting into WINPE, which of course the helpdesk person cannot enter it in at this point as he has no remote tools running. Also it appears when placing in the password it is clear text, anyway to hide the charecters so users cant see this if say the helpdesk person is remoted on via UltraVNC http://www.windows-noob.com/forums/index.php?/topic/2336-password-protect-a-task-sequence/ Any ideas here would be great Thanks

Hi - Am not sure the below blog will help you or not. But, really worth going through it (if you are not)...... http://blogs.technet.com/b/cameronk/archive/2010/04/27/creating-a-user-interactive-task-sequence-experience.aspxAnoop C Nair - This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

you can make a dependancy on the task sequence so that a HTA run's first, that way the HTA run's as user permissions before the ts kicks off. to do this right click on the task sequence, properties, advanced and choose Run Another Program First My step by step SCCM Guides I'm on Twitter > ncbrady

Thanks guys, Niall I have got an HTA application up and running and looks to be exactly what I am after. And I can get it to exit if incorrect password is entered, however at this point it will continue on regardless of whether the password is correct or not. I suppose I dont know how to gracefully exit without starting the task sequence if it is entered incorrectly and how to continue on with the task sequence if it is entered correctly Nick

Ok, think Im on the right track. What I have thought of is to kick off HTA app which prompts for a password. If this is entered correctly it will add a registry entry such as HKLM\Rebuild\ etc... then the task sequence steps can be set so that they are conditional on the existence of this reg key Thats fine but what I would want is to be able to set the whole task sequence to be conditional on a reg entry. Is this possible? Thanks

why not, simply create your own validate section in the TS at the beginning of the TS, if the key is present it continues, if not it exits (similar to the way the password prompter exits) My step by step SCCM Guides I'm on Twitter > ncbrady

Thanks Niall, I setup a top level group named "Password Check" and under this group I have all others such as Setup Operating system, install software etc. However the behviour I would have expected is that if it does not find the reg key in this top level group it would not continue on with the nested groups. It seems as though it performs the correct check, does not find the key but then continues on with the rest of the task sequence... so not getting it to exit gracefully at that top level if the key does not exist. Do you think that I should use a similar exit strategy to the password prompter mentioned above? Thanks Nick

use a WSF to exit from the ts much like the one i provided in the Password Protect a Task Sequence, have you tried that ? My step by step SCCM Guides I'm on Twitter > ncbrady

GOT IT! Sorry, had incorrect nestings of my groups so had a couple of groups which fell outside this top level password check group. I moved these up so they all sit under the top level group. looking all good now. It will successfully exit if entered incorrectly (exits gracefully). and continues on with task sequence if password is entered correctly Below is my HTA applicaiton if anyone is interested. Thanks <html> <head> <title>HTA Test</title> <HTA:APPLICATION ID="objTest" APPLICATIONNAME="REBUILD" SCROLL="yes" SINGLEINSTANCE="yes" > </head> <SCRIPT LANGUAGE="VBScript"> Sub TestSub set WshShell = WScript.CreateObject("WScript.Shell") if PasswordArea.value = "password" Then Msgbox "Thanks password is correct. Task sequence will now continue" WshShell.RegWrite "HKLM\Software\REBUILD\Rebuild","00000000","REG_DWORD" Self.Close Else Msgbox "Sorry, password is not correct. Please try again" End If End Sub </SCRIPT> <body> <P>MICROSOFT SCCM</p> <P>SYSTEM REBUILD</P> <input type="password" name="PasswordArea" size="30"><P> <input id=runbutton class="button" type="button" value="ENTER" name="run_button" onClick="TestSub"> </body>

thanks Nick i've updated the original post to link back here and to include your code snippet above, cheers niall My step by step SCCM Guides I'm on Twitter > ncbrady

Can you expound on this a little? I have the same problem we are trying to solve. I don't understand the part of making an HTA run first to get the password prompt.

a hta is just a html web page, can be anything, and in this case it simply prompts the user in windows to enter a password, if correct then the rest of the task sequence can begin, the key here is that the first dependancy, runs in Windows under the user's context, the remaining (the actual task sequence) runs in System, you see you can't display a HTA in windows under the system account as you'll never see it, hence this workaroun/fix/whatever cheers niall My step by step SCCM Guides I'm on Twitter > ncbrady