Deploy .pfx cert embedded in script (a sort of 'cat << EOF' for windows)

@echo off
::
::  
:: In order to prepare the certificate please run
:: 'certutil -encode the_pfx_cert base_64_cert`
:: then paste the base_64_cert in the section below
:: Please note that the certificate password has to be given as start paramater to this script!
:: (eq: "cert-inst.bat S3cr3tPassw0rd")

:: If the cert was already installed, exit
REG QUERY HKCU\SOFTWARE\neXt /v CertInstalled
If %errorlevel%==0 goto :eof

:: define the temp name of the extracted cert
set extractedfile=%temp%\extract-%random%.txt

:: set the password needed to decode the cert
set certpasswd=%~1

:: separate the cert from this script
call:extractembedded embeddedfile %extractedfile%

:: process the extracted file
certutil -decode %extractedfile% %extractedfile%.pfx

certutil -f -user -p %certpasswd% -importpfx %extractedfile%.pfx

:: clean-up
::del %extractedfile% %extractedfile%.pfx

:: leave a trace in the registry, so the cert will not be installed again and again
REG ADD HKCU\SOFTWARE\neXt /v CertInstalled /t REG_DWORD /d 1

:: clean exit
exit /b

:: begin of the embed cert & extraction procedure
:: After the next line, please paste the "base_64_cert" created by certutil -encode
goto:embeddedfile
-----BEGIN CERTIFICATE-----
MIIMngIBAzCCDGQGCSqG
[...]
k05EzAQIFXJaGHOuxZcCAggA
-----END CERTIFICATE-----
:embeddedfile
:: before the previous line you can find the end of the "base_64_cert"

:: cert extraction procedure
:extractembedded
setlocal EnableDelayedExpansion
set embedbegin=goto:%~1
set embedend=:%~1
set embedcert=%~2
if exist %embedcert% del %embedcert%
set tmprndfile=%temp%\%random%.%random%
findstr /n ^^ "%~f0" > %tmprndfile%
call :seekembed < %tmprndfile%
del %tmprndfile%
exit /B
:seekembed
set oneline=:eof
set /P oneline=
if !oneline! == :eof goto nostart
set oneline=!oneline:*:=!
if not !oneline! == %embedbegin% goto seekembed
:getline
set oneline=:eof
set /P oneline=
if !oneline! == :eof goto nostop
set oneline=!oneline:*:=!
if !oneline! == %embedend% goto :eof
echo/!oneline!>> %embedcert%
goto getline
:nostart
echo Error finding start delimiter %embedbegin%
goto :eof
:nostop
echo Error finding stop delimiter %embedend%
goto :eof

Deploy local printers to Windows XP

- Go to a computer without any printer installed, login as administrator and  install all the printers you need to deploy.
- download & run UTFG://printmig.exe go to Actions and click on Backup - save the cab file with the name printers.cab
- download  UTFG://ListComps.exe and run listcomps.exe /D:MY_DOMAIN >> comps.txt
  (replace MY_DOMAIN with the domain you're in) edit the file comps.txt in order to remove unwanted computers, servers...
- in a command prompt type the following line: for /F %r in (comps.txt) do printmig.exe -i -r printers.cab \\%r 
- now watch printmig spawning an instance for every computer and pushing the drivers to all of them
- enjoy a beer 

if before you want to remove ALL the old network printers you can use my (somehow pretty drastic) method of deleting.
Add this .vbs script to the user login or use psexec.exe to launch it:

------------------BEGIN HERE--------------------
' removepr.vbs - Windows NT Logon Script. 
' VBScript - Silently remove ALL network printers
' -----------------------------------------------------------------------'
 
Const ForReading = 1 
Set objFSO = CreateObject("Scripting.FileSystemObject") 
Set objNet = CreateObject("WScript.Network")
Set WshShell = CreateObject("WScript.Shell")
Set wmiLocator = CreateObject("WbemScripting.SWbemLocator")
Set wmiNameSpace = wmiLocator.ConnectServer(objNet.ComputerName, "root\default")
Set objRegistry = wmiNameSpace.Get("StdRegProv")
Const HKEY_CLASSES_ROOT  = &H80000000
Const HKEY_CURRENT_USER  = &H80000001
Const HKEY_LOCAL_MACHINE = &H80000002
Const HKEY_USERS         = &H80000003
strComputer = "."

' If this script already run once for this user, then EXIT
userprrf = WshShell.Environment("PROCESS")("UserProfile") 
'wscript.Echo userprrf
If (objFSO.FileExists(userprrf & "\sctwashere.txt")) Then
Wscript.Quit
Else
blah = "let's have some fun"
End If

' Deletes RegistryKey with all subkeys in Network printers
sPath = "Printers\Connections"
lRC = DeleteRegEntry(HKEY_CURRENT_USER, sPath)
Function DeleteRegEntry(sHive, sEnumPath)
' Attempt to delete key.  If it fails, start the subkey enumration process.
lRC = objRegistry.DeleteKey(sHive, sEnumPath)
' The deletion failed, start deleting subkeys.
If (lRC <> 0) Then
' Subkey Enumerator   
On Error Resume Next   
lRC = objRegistry.EnumKey(HKEY_CURRENT_USER, sEnumPath, sNames)   
For Each sKeyName In sNames      
If Err.Number <> 0 Then Exit For      
lRC = DeleteRegEntry(sHive, sEnumPath & "\" & sKeyName)   
Next   
On Error Goto 0
' At this point we should have looped through all subkeys, trying to delete the key again.   
lRC = objRegistry.DeleteKey(sHive, sEnumPath)
End If
End Function 
'Now let's recreate only the "root" Key we deleted before
objRegistry.CreateKey HKEY_CURRENT_USER,sPath

'Tell something to the user 
'with createobject("wscript.shell")  
'   .popup "All Network Printers are now erased.",1, "Printers Manager"
'end with
------------------END HERE--------------------