You can do this with Group Policy. This is what you will need to do
1. Setup a Startup Script
1a. In your script, you will create a new directory on the local drive or create a registry entry (with reg add)
1b. On startup, you will check to see if this directory/registry entry exists on the local PC. If it does, you skip it.
2. Your script would have to copy the necessary files (robocopy, or you can use PowerShell or VBScript) to copy the files to the necessary location.
I read that you can't script out the config. You should be able to manage this with Group Policy. Enterprise apps like XenApp have GPO's that are designed to allow you to do this specific task. You can then apply the policy to a group of users or specific users. However if you do not have access to Group Policy then you can get creative by doing the following
On a good known working machine (preferably one that has recently been imaged and all updates applied) and then use software to capture the before and after state and export the results as a registry entry. There are several tools to assist you with this but I won't recommend one over the other.
Asking the user for their password should never be done once the person has started working. If the person is about to start, you can assign the password and take all the necessary steps then use AD to force the user to change the password upon login.