So my second part of how to achieve a fully automated deployment, can be used to create a reference image or to deploy a computer.
Lets start customizing 🙂
First of all we can set our priority and fortunately the ‘deployment bunny’ has written a great blog about the available properties for setting the priority in which order MDT executes which task with which properties:
[Settings]
Priority=MACAddress, Default
Properties=MyCustomProperty
In my case I have set the priority on MACAddress first, this means that MDT will look for a machine with the given MACAddress and apply the custom defined properties only for this machine. This is especially handy when we want to use our deploymentshare for more then one purpose alone. In my case the ability to create an automatic reference image but also being able to use other task sequences from that same deploymentshare to other computers.
So if we specify our MACAddress here, we can then apply the settings we want. In my case I start again with configuring the IP address for a virtual machine which occurs in a back-end server environment with no particular DHCP present on the VLAN.
[00:00:00:00:00]
OSDAdapterCount=1
OSDAdapter0EnableDHCP=FALSE
OSDAdapter0IPAddressList=192.168.1.45
OSDAdapter0SubnetMask=255.255.255.0
OSDAdapter0Gateways=192.168.1.1
OSDAdapter0DNSServerList=192.168.1.11,192.168.1.12
OSDAdapter0DNSSuffix=contoso.local
Then I specify that the task sequence wizard needs to be skipped by providing the following option: SkipTaskSequence=YES
And immediately after that I fill-in the desired TaskSequenceID which needs to be executed automatically, which is in my case OSB001 (Operating System Build 001)
SkipTaskSequence=YES
TaskSequenceID=OSB001
Next we need to provide an computer name for our reference build. With the SkipComputerName=YES we prevent the hostname wizard, but when we do this, we also need to provide an hostname for the upcoming deployment. The task sequence variable “OSDComputerName” will be picked up and understood by the scripts if provided.
SkipComputerName=YES
OSDComputerName=OSBUILD
Then to capture the created reference image we provide the following parameters:
SkipCaptures=YES obviously the wizard pane needs to be skipped. But because we want to capture our reference image, we provide the DoCapture=YES setting too, followed by the backup location which needs to point to an accessible network-share and provide the file-name for the captured WIM file.
SkipCapture=YES
DoCapture=YES
ComputerBackupLocation=\\server01.contoso.local\deploymentshare$\Captures
BackupFile=W7ENTSP1x64EN.wim
So far our custom properties for one particular fully automated Task Sequence. When all the other configurable options will remain the same we can configure these options beginning with the organization name displayed during deployment. The organization name displayed can be modified by providing the parameter “_SMSTSOrgName” and a value for the organizational name, for example “Contoso IT”. Further, OSInstall lets MDT know we want to deploy and operating system.
[Default]
_SMSTSOrgName=Contoso IT
OSInstall=Y
The following options are for preventing the multiple wizard panes popping up for input or requesting input. At default, we don’t want the Task Sequence wizard to skip, therefore we set this setting to “NO”. With SkipApplications and SkipAppsOnUpgrade we can see the apps that will be installed if the Application Guid has been provided in the customsettings.ini. Once again, Andrew Barnes has written a nice blog about that particular subject.
Skipping the capture, makes sure that your deployment will not ask you to start capturing at the end of the deployment and defining the property DoCapture=NO answers the question that your deployment will not be captured.
SkipTaskSequence=NO
SkipApplications=NO
SkipAppsOnUpgrade=YES
SkipCapture=YES
DoCapture=NO
Then a few more obvious properties; SkipAdminPassword prevents the wizard pane for providing your local admin password for the machine that will be deployed. SkipProductKey will skip the request for a valid product key which should / could already be filled in in your unattended.xml. The SkipDeploymentType and DeploymentType evaluate what kind of deployment scenario will be used, because there are tree scenario’s possible: NEWCOMPUTER, REFRESH, REPLACE
NEWCOMPUTER
The target computer is a new computer that has never been a member of the network.
REFRESH
The target computer is an existing computer on the network that needs the desktop environment standard to be redeployed.
REPLACE
An existing computer on the network is being replaced with a new computer. The user state migration data is transferred from the existing computer to a new computer.
SkipAdminPassword=YES
SkipProductKey=YES
SkipDeploymentType=YES
DeploymentType=NEWCOMPUTER
Then we are going to join the computer to our domain, SkipDomainMembership=YES means we will not see the domain join wizard pane. If we provide the following additional parameters the computer will automatically join the specified domain:
SkipDomainMembership=YES
MachineObjectOU=OU=Computers,OU=Laptops,DC=contoso,DC=local
NetworkLocation=Work
JoinDomain=contoso
DomainAdmin=srv-rollout
DomainAdminDomain=contoso
DomainAdminPassword=
If there is userdata that needs to be migrated the following can be specified “SkipUserData” and “UserDataLocation”, if any existing profiles are present on the computer an USMT MIG file will be created which can be placed back after the OS deployment has been completed. More information on MDT in combination with USMT, please check this blog
SkipUserData=YES
UserDataLocation=\\server01.contoso.local\deploymentshare$\USMTdata
The only wizard pane we would like to see if we cannot prepopulate the hostname in advance is the ComputerName pane, by providing the following setting we will be asked for an hostname:
SkipComputerName=NO
Then the locale selection can be prepopulated too! “SkipLocaleSelection” and “SkipTimeZone” will hide or show the locale selection wizard pane, providing the following parameters will set the locale settings:
SkipLocaleSelection=YES
SkipTimeZone=YES
TimeZoneName=W. Europe Standard Time
TimeZone=110
AreaCode=045
Language=00000413
SystemLocale=00000413
UserLocale=en-US
UILanguage=en-US
InputLocale=nl-US
KeyboardLocale=nl-US
A new addition to my customsettings.ini (which I have added december 2013) is setting the native resolution for each device, by providing the following settings, the machine will be forced to start “enable auto detection” of display settings. This way, you’re always getting the most optimized resolution settings for your device. See this blog for more information.
; Display Settings
BitsPerPel=32
VRefresh=60
XResolution=1
YResolution=1
“SkipBitLocker” will show the Bitlocker configuration pane during deployment, and the last of the regular wizard panes “SkipSummary” wil not show the configured properties of which the deployment will commense with after we have clicked next.
SkipBitLocker=YES
SkipSummary=YES
Setting the homepage for every deployment that will be executed, use the property: Home_page=
Home_page=http://www.contoso.com
Supplying the eventservice, makes sure that live monitoring will be reported back to the MDT deploymentshare at which current step your deploymentphase actually is.
Providing the value “SLSShareDynamicLogging” provides actual replication of the BDD.log which covers all the actions executed by the task sequence and is a nice feature for centrally logging the deployment progress!
In the end, using “HideShell” makes the Windows 7 GUI disappear and only the MDT progressbar visible for the length of the deployment.
EventService=http://CONTOSO01:9800
SLShareDynamicLogging=%DeployRoot%\Logs\%COMPUTERNAME%
HideShell=YES
In the end we specify which WSUS updates will not be included in the update process. Because enabling the two steps already present in the task sequence “Windows Update (Pre-Application Installation)” and “Windows Update (Post-Application Installation)” will start querying your WSUS server or Windows Update Server on the internet and download all available Windows update present at that time. To exclude certain updates we can first of al run a /query from which we can easily see which updates are being advertised to our computers.
By providing the following additional command: “/query” to the already existing command: “cscript.exe “%SCRIPTROOT%\ZTIWindowsUpdate.wsf”” we can see in our BDD.log which updates are being advertised to the system.
In my case I wanted to exclude the following updates:
;Microsoft Browser Choice Screen Update for EEA Users of Windows 7 for x64-based Systems (KB976002)
WUMU_ExcludeKB1=976002
;Microsoft Silverlight (KB2636927)
WUMU_ExcludeKB2=2636927
;Windows Internet Explorer 9 for Windows 7 for x64-based Systems (KB982861)
WUMU_ExcludeKB3=982861
;Bing Desktop (KB2694771)
WUMU_ExcludeKB4=2694771
Note that each update that needs to be excluded needs to be specified seperately, and numbered each time with a higher number for every new to be excluded updated.
Hope that this provides some insight in creating a fully automated reference image and explains the purpose of each property in the way that I have experienced it.
Download the script here:
Hi, I have a quistion.
I have imported the Multi Language OEM DVD in MDT 2013
When I try to deploy an OS to a machine , it Always installed the English version of Windows 7 and I want it to install the Dutch version. What do i have to change in my settings and where ?
HI John,
First keep in mind deploying OEM is officially not supported by Microsoft, unless you work for DELL, HP, or have a OEM vendor agreement like large retail company’s who ship out computers.
In the BDD.log you can find certain valuable values which are found during deployment, one of them is ImageLanguage=
“Property ImageLanguage001 is now = nl-NL”
You then need to specify certain UserLocale and Regional Settings values:
TimeZoneName=W. Europe Standard Time
KeyboardLocale=nl-US
UserLocale=nl-NL
ImageLanguage001=nl-NL
Hope this helps 🙂
Good luck and let me know!
Hoi rens,
Dank je wel voor de tip. Het heeft helaas niet gewerkt.
Wat wel werkte is LanguagePacks001=nl-NL. Dit gaf daarna een foutmelding na de deployment dat het LP nioet gevonden kon worden. Nadat ik dit had geimporteerd in MDT onder packages werkte het wel.
Dit had echter als nadeel dat ik weer een package extra had in mijn deployment.
Ik heb het nu als volgt opgelost.
Van de MSDN Site de NL versie van windows 7 gedownload en die als distributie gebruikt.
De reden waarom ik in eerste instantie een OEM versie gebruikte is de volgende.
Wij (valksoftware) maken kassa systemen voor Retail gebruikers gebaseerd op een NL versie van Windows 7. Wij hebben dus een magazijn vol met Dell Systemen waar een OEM licentie bij hoort.
Nu maak ik dus de image van de MSDN DVD en na afloop wijzig ik het nummer van de licentie die op de sticker staat op de PC.
Ik hoop in de toekomst “als het mag” dat ik wat vaker een beroep op je kan doen als ik vragen heb over MDT.
Met vriendelijke groet,
John Barneveld
Pingback: terrance
Hoi Rens,
Ik heb een paar vraagjes over MDT 2013 customsettings.ini
Wij willen graag dat de computernaam automatisch word meegenomen en ik wil graag dat ik een capture image kan maken ivm. Updates?
Elke keer als ik een capture doe dan herstart de computer.
Zou jij me hier mee kunnen helpen?
Zie hier onder hoe ik het heb gedaan:
[Settings]
Priority=Default
Properties=MyCustomProperty
[Default]
SkipBDDWelcome=Yes
OSInstall=YES
_SMSTSORGNAME=AddComm Direct BV
SkipCapture=NO
SkipAdminPassword=YES
AdminPassword=********
SkipProductKey=YES
SkipDeploymentType=NO
DeploymentType=Newcomputer
SkipDomainMembership=YES
JoinDomain=addcommnl
DomainAdmin=********
DomainAdminDomain=addcommnl
DomainAdminPassword=*******
SkipUserData=YES
SkipBuild=NO
SkipComputerName=NO
OSDComputerName=ADCMDT-%001%
SkipPackageDisplay=NO
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipApplications=NO
SkipBitLocker=YES
SkipBitLockerDetails=YES
SkipSummary=YES
SkipFinalSummary=YES
UserDataLocation=AUTO
SkipAppsOnUpgrade=NO
TimeZoneName=W. Europe Standard Time
TimeZone=110
AreaCode=0413
UserLocale=nl-NL
Language=00000413
SystemLocale=00000413
UserLocale=00000413
InputLocale=0413:00020409
InputLocale=nl-US
KeyboardLocale=nl-US
WSUSServer=http://wsus01.addcomm.nl
FinishAction=REBOOT
EventService=http://WDS02:9800
bootstrap.ini
[Settings]
Priority=Default
[Default]
DeployRoot=\\wds02\DeploymentShare$
SkipBDDWelcome=YES
KeyboardLocale=nl-US
Userid=********
UserPassword=*******
Userdomain=addcommnl
Met vriendelijke groet,
Marco Meijer
Hi,
thank s for you post! really great and commented!
so i have a question : I’m facing a problem with a task sequence “sysprep and capture”
each time i’m trying to capture via this task, i see that the process skip all the times the sysprep and capture phase and goes directly to MDT DO NOT ENABLE OR DELETE – and after the deployment siummary prompt shows succes without erroes or warnings.
I have some others deployments task sequences which work perfeclty!
I get this trouble since i’ve migrate from MDT 2010 to MDT 2012 sp1.
my cs.ini :
[Settings]
Priority=Default
Properties=MyCustomProperty
Other]
TaskSequenceID=CAPTURE
SkipTaskSequence=NO
SkipComputerName=YES
SkipCapture=NO
DoCapture=YES
Default]
OSInstall=Y
UserID=**************
UserDomain=*************
UserPassword=test
SkipAppsOnUpgrade=NO
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
DeploymentType=NEWCOMPUTER
DeploymentMethod=NETWORK
SkipDomainMembership=YES
JoinDomain=*********
DomainAdmin=*******
DomainAdminDomain=*********
DomainAdminPassword=******
SkipSummary=YES
SkipLocaleSelection=YES
SkipTimezone=YES
TimeZoneName=Romance Standard Time
UILanguage=fr-FR
UserLocale=fr-FR
KeyboardLocale=040C:0000040C
SkipUserData=YES
SkipBitLocker=YES
***********************
Please give me a solution 3 days without fixes…..
Thanks a lot
Hi,
I’m missing the following properties in your cs.ini:
ComputerBackupLocation=%DeployRoot%\Captures
BackupFile=image.wim
Also I see you have your [other] and [default] section, missing the left “[” perhaps that just happened copying the cs.ini on my blog. And I see you do not have specified your [other] section at the priority property.
What you can do is specify the properties as a task sequence variable in your Sysprep and Capture task sequence.
Open the task sequence create a new group and place it as high as possible, then add a “Task Sequence Variable” and copy this step 4 times, then add the following task sequence variable properties and it’s value:
SkipCapture=YES
DoCapture=YES
ComputerBackupLocation=%DeployRoot%\Captures
BackupFile=W7ENTSP1x64EN.wim
Cheers!
If all fails, please send me your bdd.log which you can find in C:\Windows\Temp and smstlog which you can find in %localappdate%\temp through mail.
You’re the best
I forgot to put this setting :
SkipCapture=YES ….
Now it’s works.
thanks you so much
Glad I’d could help!
Cheers!
Thanks for your willingness to share! I plan to return often. I’m having the following problem in automating my deployment using MDT and WDS. When I create (or update) my LiteTouchPE_x64.wim and upload it to WDS, the changes aren’t there when I start the deployment via PXE. But when I start the OS and use the LiteTouch.wsf it works like a charm.
The path to the boot wim in MDT is E:/DeploymentShare/Boot.
The path to the boot wim in WDS is E:/RemoteInstall/Boot/x64/Images.
I even tried a file copy to make sure the file was correct but it didn’t help.
I’m not understanding how the boot wims being used could be different? Am I missing something so basic??
Hi Gregg,
Thanks for giving a reply. Did you import the WIM files in WDS? Or just put the files in the designated “RemoteInstall” folder? Because they really need to be imported into WDS through the MMC / Gui.
The reason why it is different, is because if you call Litetouch.vbs from a desktop running Windows, the connection with the deploymentshare is made through the script, which in it’s turn, reboots the machine and offers the WinPE file. While doing it with WDS the WIM file from WDS is used.
That help you?
Cheers! Rens
Wow that was a FAST reply!
I did import the new wim into WDS (each time I recreated it) but when that didn’t work, I tried the file copy. Neither seems to get me the correct wim when I boot using WDS PXE. I’m stumped? It seems like WDS is sending an old wim that hasn’t been updated through the import process, it’s just using the same old one every time. I feel like a path is incorrect somewhere, I just can’t figure out where?
Yeah I’m fast even on Sundays 🙂
Two things I should try, erase every boot image in your WDS, perform a search after that in your RemoteInstall folder for *.WIM files there shouldn’t be any left which match the size and description of your prior imported boot images.
Another thing I once encountered was the machine holding settings of an old bootfile. Therefore, perform a “DISKPART > SELECT DISK 0 > CLEAN” action running from a command prompt within WinPE on the machine to entirely wipe the disk and know for sure you aren’t being messed around with by MDT/WDS.
That’s all I can think off.
Good luck! Cheers! Rens
I did everything you suggested, deleted all wims from WDS, searched and found no remaining files in RemoteInstall folder, then ran diskpart on machine and I’m still getting the old wim file booting from WDS PXE. I feel like I’m taking crazy pills! It’s got to be something simple I’m missing.
I’m going to create a new deployment share and try it all again from scratch, uploading from an entirely new location.
THANK YOU for your time! I’ll let you know how it works out.
I wouldn’t bother creating a new deploymentshare, I’d go for disabling the WDS role, delete the RemoteInstall folder and reconfigure WDS. Since WDS is the transport system for your Boot image. This isn’t MDT.
Cheers! Rens
Does anything in my files look bad?
============= Bootstrap.ini ==============
[Settings]
Priority=Default
[Default]
DeployRoot=//servername/DeploymentShare$
==========================================
=========== customsettings.ini ===========
[Settings]
Priority=Default
Properties=MyCustomProperty
[Default]
_SMSTSOrgName=IT Department
OSInstall=YES
SkipBDDWelcome=YES
UserID=xxxxxxx (edited out)
UserDomain=xxxxxxx (edited out)
UserPassword=xxxxxxx (edited out)
SkipTaskSequence=YES
TaskSequenceID=W7OFC13DEPLOY
SkipComputerName=YES
OSDComputerName=RENAME
SkipDomainMembership=YES
JoinWorkgroup=A
;JoinDomain
;DomainAdmin
;DomainAdminDomain
;DomainAdminPassword
;MachineObjectOU
SkipUserData=YES
UserDataLocation=NONE
;UDDir
;UDShare
;UserDataLocation=//servername/deploymentshare$/USMTdata
SkipComputerBackup=YES
;BackupDir
;BackupShare
;ComputerBackupLocation
SkipProductKey=YES
;ProductKey
;OverrideProductKey
SkipPackageDisplay=YES
;LanguagePacks
SkipLocaleSelection=YES
;KeyboardLocale=en-US
;UserLocale=en-US
;UILanguage=en-US
SkipTimeZone=YES
;TimeZone=035
;TimeZoneName=Eastern Standard Time
SkipRoles=YES
;OSRoles
;OSRoleServices
;OSFeatures
SkipApplications=YES
;Applications001={1D7DF331-47B7-472C-87B3-442597EC2F7D}
;Applications002={9d2b8999-5e4d-4f3d-bb05-edaaf4fe5628}
SkipAdminPassword=YES
;AdminPassword
SkipAdminAccounts=YES
;Administrators
SkipCapture=YES
;ComputerBackupLocation=NONE
;or
;ComputerBackupLocation=NETWORK
;BackupShare=//servername/Backup$
;BackupDir=%OSDComputerName%
SkipBitLocker=YES
;BDEDriveLetter
;BDEDriveSize
;BDEInstall
;BDEInstallSuppress
;BDERecoveryKey
;TPMOwnerPassword
;OSDBitLockerStartupKeyDrive
;OSDBitLockerWaitForEncryption
SkipSummary=YES
;Ready to begin
SkipFinalSummary=YES
;Operating system deployment completed successfully (or not)
;OTHER
FinishAction=REBOOT
Home_Page=http://www.msn.com
EventService=http://servername:9800
SLShareDynamicLogging=%DeployRoot%/Logs/%COMPUTERNAME%
HideShell=YES
==========================================
I’m thankful for your help!!
Not really, other then I have the following info in my bootstrap.ini:
[Default]
DeployRoot=\\servername.contoso.local\deploymentshare$
SkipBDDWelcome=YES
KeyboardLocalePE=nl-US
;Authentication with DeploymentShare
UserID=mdt_sa-account
UserPassword=P@55w0rd
UserDomain=contoso.local
So that’s it. What exactly was the change between boot images? Modifications in the bootstrap.ini or added drivers? Notice that every change in bootstrap.ini means the need to update your deployment share, so the bootstrap.ini which is embedded in the boot.wim is updated. This is exactly the same for drivers that are needed into your boot image.
These are the only two reasons to update your deploymentshare, and to update the boot image that is located on a USB stick or WDS server (Try an USB stick with your most recent boot image to see if that helps, that would also help locate the evil dependency here)
Cheers! Rens
Great news, it looks to be working. I added the SkipBDDWelcome=YES to the bootstrap.ini and that appears to have done it. I wonder if/why it has to be in both scripts, but it’s time to move on. Now all I have to do is wait to see if it finishes correctly.
THANK YOU so much for your help. I’m just beginning to learn MDT/WDS, and tomorrow I start looking into SCCM so that we can start pushing patches, updates and drivers without touching every machine or completely re-imaging them. I have 700 PC’s in two schools to be re-imaged by mid-August. We’ve got about 10 different hardware platforms and 15 images in our old system (FOG) to transition to the new way of doing things. I wonder just how much customization I can do to bring down the number of images and how well the patching is going to work. Certainly have my work cut out for me :-). I’ll b a regular visitor to your website from now on!!!
Thanks again!
Gregg, SkipBDDWelcome only needs to be present in your bootstrap.ini, you can remove it in the customsetttings.ini. Regarding your number of images, MDT as well as SCCM provides the tools/mechanism to create one image to deploy to all of your hardware. For driver management, have look at this article http://deploymentresearch.com/Research/Post/325/MDT-2013-Lite-Touch-Driver-Management which pritty much explains everything on how to achieve OS deployment with one image for multiple hardware devices.
Glad I’d could help, and thank you for your appreciation.
Cheers! Rens
Where to find local codes for other countries for example Sweden.
TimeZone=
AreaCode=
Language=
SystemLocale=
Hi,
You can find the codes in the following two files: ListOfLanguages.xml and DeployWiz_LanguageUI.xml located in the .\DeploymentShare\Scripts folder. If you scroll trough the XML file, you can find all the codes, timezones and locale’s that you can or may enter through the wizard, these values are also accepted when you provide them directly into the customsettings.ini.
Cheers! Rens
Hi Rens, thanks for this helpful blog post! I just have a question you may be able to help with. I do not have DHCP available, so I put the static entries in my cs.ini and rules files as you wrote above. The IP config works fine once booted into Windows, but in WinPE at start of deployment, and then the final capture stage it applies all settings like gateway, dns servers etc except the IP and subnet addresses, which stays set to “Autoconfiguration IPv4 address”. I can set the IP manually via netsh again, but the goal was to have this all automated. I wonder if there is some other setting I need to check with my config if you’ve come across this before?
See screenshot: http://i.imgur.com/gsN0ewZ.png
I am using Win10 ADK (RTM build) with MDT 2013 Update 1 on a Win2012 R2 server.
Hi Michael,
Sorry for my late responce, strange that you lose the IP configuration in the WinPE phase, because that is the place where the configuration is initially set. I’ve not yet encountered this. So I can only recommend you to view your logs (also the logs in and during the WinPE phase) view them with Trace.exe or CMtrace.exe.
In the logs you may see if, how and when the adapter has been appointed an address.
Cheers! Rens
Hi Rens,
We have 2 sites, site A and site B.
Site A is our main site with MDT and WDS and also DB linked to MDT for deployment of specific Drivers or applications base on Make and Model.
I need to be able to image computers on SITE B which is our remote site connected to our network via 100Mb Wan connection.
Since the number of computers in Site B are lot less than ours , I decided to create a USB bootable Media for them so they can Image their laptops.
I need their computers to be able to connect to my DB on Site A to just get the Make and Model information, but the rest should be running from the USB drive locally.
The question is what should I put in CS.ini and Bootstrap.ini for the USB Media so it will work properly?
Thanks
Hi Saeid,
Clever solution you’ve got there. I think you’ll need to provide everything, except the path to your deploymentshare in the bootstrap.ini. When you create offline media, your template bootstrap.ini is almost completely empty. It has no referrals to the share. So you should leave those out. All other properties like DB settings, should be in the bootstrap.ini and customsettings.ini.
And also pretty obvious, the Database servers needs to be accessible from the remote location Site B.
Cheers! Rens
Pingback: Configuration avancée de MDT 2013 | Déploiement MDT - WDS | IT-Connect
Hi Rens,
I have a problem, when i auto signin my MDT to the deploymentshare i don’t see any Task Sequences. But when i clear the auto signin it shows all the Task Sequences.
Can you help me with this problem?
Greets
Hi Yordy,
That’s some strange stuff going on there. So if you provide settings in bootstrap.ini you don’t see them, and if you enter them manually, you see the task sequences.
My first guess would be to check your permissions. The MDT account both needs NTFS and Share permissions.
Also please view your logfiles in WinPE during the initialization phase to see what is going on.
Cheers! Rens
Hi Dear,
Keeping the domain joining admin password with in the customsetting file is something we want to avoid.
As an alternate we can use the Task sequence to provide the domain joining OU and credentails But this does not work in Refresh scinerio.
Is there any other alternate way available?
Hi Naveen,
Did you use task sequence variables to supply domain join credentials? You may also use custom scripting so the credentials are not used in the customsettings.ini, or use a different customsettings.ini per specific deployment. Just some options.
Cheers! Rens
Hi Rens!
A lot of great tips on your blog, it’s really appreciated.
I’m quite new to MDT and WDS and for my current project I need to be able to create a reference image for Win10 v1607 and I am currently having some issues:
1. I need to pre-populate computer names, so the technician who installs the image can choose a name from a drop down. Do I need to use the MDT database or can I script this somehow?
Any tips on this?
Thanks in advance!
best regards,
Kim
Hi Kim,
Thanks appreciated you reaching out to me. You can use either a database connected to MDT or, you can provide a prefix. Most hostnames consist out of an abbreviation of the organization followed by a number and perhaps a distinction between desktops and laptops. So lets say: CONTOSO is the name of the company, you can work with a ByLaptop ByDesktop subsection, if the machine is a Laptop, the prefix will be: OSDComputerName=CNTS-LT and if it’s a desktop it would be CNTS-DT. This way your support technician would only have to fill in the number. Providing a list isn’t flexible for hostnames. Then I would advise the database, but be aware this requires hardware information from the machine, such as mac-address, serial number, asset tag or UUID.
So using the prefix would definitely by the way to go in my opinion. See the example of the customsettings.ini on this website: https://deploymentbunny.com/2012/04/21/back-to-basic-customsettings-ini-explained/ “CustomSettings.ini – Act II”
Cheers! Rens
Thanks for the very quick reply!
The naming standard we will be using is something like this:
US-MT-001-C001
Where
US = Country code
MT= Self defined computer type, not necessarily Laptop or Desktop. All types are pre defined though (MT, PT, ST)
001= Location no
C001= Client no
These values should be predefined except tha last one, there should always be a +1 increment according the the values already in AD.
I can’t really seem to wrap my head around how to accomplish this using Mikael’s customsettings.ini wizardry.
Is the MDT database the solution for this scenario?
Thank you so much!
Hi,
I would lose the dashes or just have one dash (-).
Did you see, try this script? https://gallery.technet.microsoft.com/scriptcenter/SCCM-MDT-Computer-Auto-7969a373
Or this one: https://bjtechnews.org/2014/07/30/mdt-sequential-computername-workaround-finally/
It should be possible, having a database connection would be the nicest way I think, because you also
Let me know.
Cheers! Rens
Howdy from Canada!
Loving the details in your work.
this might get a little ugly. I hope you are able to follow the bouncing ball i am about to present….
I have a different scenario and i am having trouble isolating a solution.
I have one MDT 2013 deployment share
I have inherited two images (which in reality could be accomplished with one but for now, two)
Both are 64bit win 7
one has special software that the other doesnt (and cant) have installed
the one with the special software needs to be DOMAIN joined (Office)
the other is WORKGROUP joined (Field)
All PCs are Dell
I am tasked to try to reduce the number of times the image process requires to be touched by the deployment team.
Current deployment process is typical (and quite manual):
*Manually Boot PC
*Manually f12 to boot off NIX w/PXE
*Once PXE is engaged, Manually f12 to pull the Bootable WIM
*Once MDT is displayed, a list of Task Sequences are presented (Manually choose between Office or Field)
*Both task sequences are set to install McAfee Agent as a step during State Restore (i.e. not in CS.ini – which i am going to test shortly)
*In the domain joined TS, the agent will not install unless an administrator is logged in (we disable to domain\administrator account so the TS fails to auto login to finalize the installation) There is no issue with this on the workgroup machine because it isnt trying to authenticate a domain account to do the install.
I need to be able to (somehow) boot, run a specific task sequence which installs a specific image (and software) with the deployment team only running one step (i.e. they kick off the image process for either an Office or a Field image and when they return it is 100% complete without ever touching it again).
Am i completely out to lunch thinking i should be able to automate this from start to finish?
Hi Jeff,
Is there something like a unique value for you to work with? Say certain Dell machines will always receive image A and others image B? This can easily be implemented by using a “Model” subsection in your customsettings.ini and put the “Model” priority before the “Default” priority and subsection. The way how I build my deploymentshares nowadays is with task sequence variables for the domain join embedded in the task sequence. So other task sequences (where machines are not to join the domain) aren’t troubled with obsolete information in the customsettings.ini.
Auto-logging in can be prevented for example by adding the HideShell=YES in your customsettings.ini and FinishAction=LOGOFF, this way during deployment the explorer shell isn’t loaded and at the end of a deployment tasks executed by a agent can be performed. Ideally you would want to disable auto login elsewhere. If you add a reboot to your task sequence in the State Restore step, or set it as a FinishAction, basically it tells your machine to set the autologon properties just one more time.
How do you deal with computernames? Because If you want to make it 100% fully automated, consider implementing a SQL database (MDT has integration for it) so you can import computers, create a relationship between computername and mac-address or serial number, or uuid or asset tag, and then tell your machine: which name it has, which task sequence to run. This has some work upfront but in the end this will help you immensely.
So there are some things for you to think about worth implementing!
Let me know!
Cheers! Rens
Howdy Rens
Another amazingly quick response 🙂
It seems having a unique identifier is my challenge to try to automate this process.
All pcs are Dell (yes, we have different models but we dont specify which model goes where – any model can be deployed any where; office or field).
To automatically name the PC, we put our company asset tag# into the Dell BIOS maintenance, which MDT picks up very nicely as variable %ASSETTAG%
We have a reboot in the POST INSTALL section just prior to the State Restore section. Should i remove that to allow the application to install with the shell hidden?
the state restore is doing all the default processes with the added function of installing the McAfee Agent (i.e. gather local only, post-apply cleanup, recover from domain, install mcafee agent)
I can easily work with the mcAfee agent as a post deployment task as a separate package to deploy
Solving the automation /selection of 2 images is my most important challenge today
Jeff
Do you think having 2 deployment shares (with two CS.ini) would be the easiest?
the only thing…. how does the PC know which deployment share to access?
Jeff,
I would definitely work with a database then. If somehow you can manage to retrieve the computers hostname, and mac-address and or the other identifiers I’ve mentioned (by running a logon script that writes this information to a share or perhaps export from your mcafee solution) and you manage to bulk import a list of computernames, with the identifiers and each task sequence to follow this is a much better solution. You’ll also have advantage from this in the unforeseeable future. I’d be happy to build it for you 🙂 Always wanted to visit Canada 😛
Cheers! Rens
Hallo iedereen,
Toevallig was op zoek naar een oplossing van mijn probleem op het net zag deze site ik zal even uitleggen.
Ik heb een simpel MDT, hoe kan ik de laatste optie skippen, want in de applicatie keuze geef ik aan welke applicatie wil ik deployen, want na de action install OS komt het wizard weer naar voeren en die wil ik niet hebben.
hier geef ik aan dat ik bv office en zo wil deployen.
https://imgur.com/a/ED9AO
maar dez optie wil ik niet hebben en de applicaties die ik aangevinkt heb wel geinstalleerd hebben.
https://imgur.com/a/eW9qr
mvg
Hallo Rafi,
De opties SkipApplications=YES en SkipTaskSequence=YES laten de applicatie en tasksequence selectie pagina niet meer zien. meegeven. Zie deze pagina voor meer tekst en uitleg: http://systemscenter.ru/mdt2012.en/propertydefinition.htm
Als je applicaties verplicht wilt installeren kun je in de customsettings.ini ook InstallApplication001=
Groeten
Hoi Rene,
Bedankt voor snelle reactie ik ga vandaag proberen nogmaals bedankt.
groet
rafi
Hoi Rene,
Ik wil wel de keuze hebben om de applicaties te selecteren die je wilt installeren “https://imgur.com/a/ED9AO” dit wil ik hebben, maar na install OS doet ie rebooten en komt ie weer met deze TS https://imgur.com/a/eW9qr en deze stap wil ik geautomatiseerd hebben eigenlijk ik heb al aangegeven in eerste TS dat welke applicaties wil ik hebben.
dit is de setthings.
[Settings]
Priority=Default
Properties=MyCustomProperty
[Default]
OSInstall=YES
ComputerName=%SerialNumber%
SkipCapture=YES
SkipAdminPassword=YES
SkipProductKey=YES
SkipDeploymentType=YES
DeploymentType=Newcomputer
SkipDomainMembership=YES
SkipUserData=YES
SkipBuild=NO
SkipComputerName=NO
SkipPackageDisplay=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipApplications=NO
SkipBitLocker=YES
SkipBitLockerDetails=YES
SkipSummary=YES
SkipFinalSummary=YES
Home_page=https://www.albeda.nl/
HideShell=YES
EventService=http://SRVMDT01:9800
UserDataLocation=NONE
SkipAppsOnUpgrade=YES
TimeZoneName=W. Europe Standard Time
TimeZone=110
AreaCode=0413
UserLocale=nl-NL
Language=00000413
SystemLocale=00000413
UserLocale=00000413
InputLocale=0413:00020409
InputLocale=nl-US
KeyboardLocale=nl-US
FinishAction=REBOOT
EventService=http://SRVMDT01:9800
Hi Ren,
Thank you so much for the amazing blog.
Is it possible to make a drop down list with different domain OU where each OU has it’s specific rules and policy.
Regards,
Nirav
Yes, see this one:
https://bjtechnews.org/2013/07/mdt-2012-pre-populating-the-domainous-list/
Rens,
i have two custom settings. one to install the system with swedish keyboard and the other with danish. is there a way to put those two custom settings in one file and choose which one through the deployment. i have the MDT install on an external hard disk.
thanks for this nice tutorial.
Regards
Hi Rens,
Have a question: We have created a feature for our users (and ourselves) to remount a machine remotely through a running bat file and do a refresh on the client.
Can you somehow avoid all the wizards when doing a refresh?
Know that I can do this in the ini files, but do not want this statically but only when the name does NOT start with MININT.
Regards
Tommy
Hi Tommy,
You can by possible selecting a different ini file for refresh and setting all the wizard properties that start with SkipXXXX to yes.