New desktop or refurb HP laptop Windows 10
f10 for bios and update bios
reboot with Win10 usb in front, esc to enter pre-bios menu, then boot menu, then USB, Advanced, blow away all parts, install
- First boot, Customize, turn off everything. When prompted, select "Join a local AD domain" (it will happen later)
- "Who's going to use this machine?" Enter "temp" with password temp, answer "temp" to first three security questions, skip fingerprint, no Cortana, all privacy off (scroll down)
- Enable Administrator:
cmd.exe run as administrator
net user administrator /active:yes
net user administrator *
(enter scientific pwd twice)
- Log out of temp and log in as Administrator
- Delete temp account: Computer -> properties -> advanced -> Settings for User Profiles (in the middle) -> select temp and click the delete button
- "temp" user is still there, wtf? Settings -> Accounts -> Other people -> delete
- Set time zone
- updates and updates and updates and reboots
- uninstall "My Office" (or not, it just comes back later anyway)
- run \\192.168.1.15\technet
go to installers -> Microsoft -> Office 2016, no outlook for most
- Launch Word, turn updates on when prompted. Open a new blank doc then File menu -> Account -> click Change Product Key, paste the key and go
- Settings -> Updates -> Advanced Options -> "Give me updates for other MS products when I update Windows," and auto download, and defer feature updates for 365, and defer quality updates for 1
- Run Windows updates again, should see some for Office
- Install:
Windows Essentials 2012 (if dotnet prompt appears, go ahead) (customize, uncheck all but Photo Gallery and Movie Maker, launch and accept)
Chrome
Google Backup and Sync
Adobe Reader
Notepad++
VLC
MalwareBytes (Settings -> Account details -> deactivate premium trial, "I don't need realtime protection")
Flash is apparently already on there
Java
==================================
FOR DESIGNATED USER:
==================================
- Set computer name to jsmith-hpg4
- Join to AD Crossroads.local at the same time
- Reboot when prompted
- INVENTORY and STICKER
- Install/configure:
- ESET (enter reg code)
- Ninite (apply "update everything" policy)
- Meraki agent
- Move PC into OU: Crossroads.local/Crossroads/Computers/StaffDesktops
- Log in as DOMAIN administrator
- Run cmd as admin and run gpupdate /force and then reboot again
•• If user is currently in Sync OU, MOVE THEM TO THE NOSYNC OU FIRST!!!!!!!!!!!!!!!!
Log in as the user for the rest of these steps.
- Test printers and drive mappings
- Always more Windows updates. Always.
- Settings -> File Explorer Options -> show filename suffixes and full path
- Set "Default apps" (web -> Chrome, mail -> Chrome, PDFs -> Acrobat)
- Copy their old data from server home to new computer
- Configure Google Backups and Sync, give it time to sync/upload to Google (leave plugged in/on)
- DIS!!!able their home share on Windows server
• For Stu and Hazel:
- QuickBooks 2018 from server installs -- select "Premier Nonprofit Edition" on first launch and enable automatic updates and go to help -> run updates
- Log in as the user and launch QB
- Open existing file, navigate to the QuickBooks share and Crossrds.qbw