Active Directory doesn’t let you edit the Dial-up of VPN access policies for multiple users at once through the GUI. You have to edit this setting one at a time for each user. This can be painstaking if you a lot of users. Luckily there is a VB script available like for almost everything else in AD.

Dim aConnection, aCommand, aResult, strLDAPPath, user, objUser
Const ADS_PROPERTY_CLEAR = 1
strLDAPPath = InputBox("Please enter the LDAP path of the OU:")
WScript.Echo strLDAPPath
Set aConnection = CreateObject("ADODB.Connection")
Set aCommand = CreateObject("ADODB.Command")
aConnection.Provider = "ADsDSOObject"
aConnection.Open
aCommand.ActiveConnection = aConnection
aCommand.CommandText=";(&(objectCategory=Person)(objectClass=User));distinguishedName;subTree"
Set aResult = aCommand.Execute()
Do While Not aResult.EOF
strDN = aResult.Fields("distinguishedName")
WScript.Echo strDN
Set objUser = GetObject("LDAP://" & strDN)
' Comment the following line to manage connection through Remote Access Policy
objUser.Put "msNPAllowDialin", FALSE
' Uncomment the following line to manage connection through Remote Access Policy
' objUser.PutEx ADS_PROPERTY_CLEAR, "msNPAllowDialin", 0
objUser.SetInfo
aResult.MoveNext
Loop

This script will update the access settings for a group of users in a particular OU. Once you run the script, a dialog box will ask you for this OU. Once this is set all users in that OU will be updated.

The AD property this script modifies is ‘msNPAllowDialin’. This property is accepts boolean values. So the three options are

To manage access via the Remote Access Policy, comment out the

objUser.Put "msNPAllowDialin", FALSE

and uncomment the

' objUser.PutEx ADS_PROPERTY_CLEAR, "msNPAllowDialin", 0

line.

The officially supported method of detecting the presence of the .NET Framework 2.0 is to check the following registry key/value:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Net Framework Setup\NDP\v2.0.50727]
Install = 1 (REG_DWORD)

net user <username> <password>
Or if you want to hide the password and enter it at a prompt
net user <username> *

If you want to allow non-admin users in Windows to change the IP address settings on their PCs, you can add them to the built-in “Network Configuration Operators” group. This can be done from the command line as

net localgroup "Network Configuration Operators" /add <username>

Office 2003 wont install unless you supply a valid license key, unlike Office 2007 which lets you enter the key once you’re done installing. This is very inconvenient when you’re trying to create a base image of a system to deploy on multiple PCs. You can’t have the same Office license key for all the PCs.

In order to get somewhat similar functionality as Office 2007, i.e., install without key to be filled in later, use the following method. You will still need a valid serial key for the first install, but it will be cleared after its completed.

setup.exe /QB PIDKEY=YOURSERIALHERE
regedit /S clear-key.reg

The first line installs office silently with the specified key, and second line clears the registration information. The clear-key.reg file contains the following registry key

Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\11.0\Registration]


Now when you run Office, it’ll ask you for a license key.