MDT 2012 Settings for fully automated LTI deployment, Part II: Customsettings.ini

So my second part of how to achieve a fully automated deployment, can be used to create a reference image or to deploy a computer.

Lets start customizing 🙂

First of all we can set our priority and fortunately the ‘deployment bunny’ has written a great blog about the available properties for setting the priority in which order MDT executes which task with which properties:

[Settings]
Priority=MACAddress, Default
Properties=MyCustomProperty

In my case I have set the priority on MACAddress first, this means that MDT will look for a machine with the given MACAddress and apply the custom defined properties only for this machine. This is especially handy when we want to use our deploymentshare for more then one purpose alone. In my case the ability to create an automatic reference image but also being able to use other task sequences from that same deploymentshare to other computers.

So if we specify our MACAddress here, we can then apply the settings we want. In my case I start again with configuring the IP address for a virtual machine which occurs in a back-end server environment with no particular DHCP present on the VLAN.

[00:00:00:00:00]
OSDAdapterCount=1
OSDAdapter0EnableDHCP=FALSE
OSDAdapter0IPAddressList=192.168.1.45
OSDAdapter0SubnetMask=255.255.255.0
OSDAdapter0Gateways=192.168.1.1
OSDAdapter0DNSServerList=192.168.1.11,192.168.1.12
OSDAdapter0DNSSuffix=contoso.local

Then I specify that the task sequence wizard needs to be skipped by providing the following option: SkipTaskSequence=YES
And immediately after that I fill-in the desired TaskSequenceID which needs to be executed automatically, which is in my case OSB001 (Operating System Build 001)

SkipTaskSequence=YES
TaskSequenceID=OSB001

Next we need to provide an computer name for our reference build. With the SkipComputerName=YES we prevent the hostname wizard, but when we do this, we also need to provide an hostname for the upcoming deployment. The task sequence variable “OSDComputerName” will be picked up and understood by the scripts if provided.

SkipComputerName=YES
OSDComputerName=OSBUILD

Then to capture the created reference image we provide the following parameters:
SkipCaptures=YES obviously the wizard pane needs to be skipped. But because we want to capture our reference image, we provide the DoCapture=YES setting too, followed by the backup location which needs to point to an accessible network-share and provide the file-name for the captured WIM file.

SkipCapture=YES
DoCapture=YES
ComputerBackupLocation=\\server01.contoso.local\deploymentshare$\Captures
BackupFile=W7ENTSP1x64EN.wim

So far our custom properties for one particular fully automated Task Sequence. When all the other configurable options will remain the same we can configure these options beginning with the organization name displayed during deployment. The organization name displayed can be modified by providing the parameter “_SMSTSOrgName” and a value for the organizational name, for example “Contoso IT”. Further, OSInstall lets MDT know we want to deploy and operating system.

[Default]
_SMSTSOrgName=Contoso IT
OSInstall=Y

The following options are for preventing the multiple wizard panes popping up for input or requesting input. At default, we don’t want the Task Sequence wizard to skip, therefore we set this setting to “NO”. With SkipApplications and SkipAppsOnUpgrade we can see the apps that will be installed if the Application Guid has been provided in the customsettings.ini. Once again, Andrew Barnes has written a nice blog about that particular subject.

Skipping the capture, makes sure that your deployment will not ask you to start capturing at the end of the deployment and defining the property DoCapture=NO answers the question that your deployment will not be captured.

SkipTaskSequence=NO
SkipApplications=NO
SkipAppsOnUpgrade=YES
SkipCapture=YES
DoCapture=NO

Then a few more obvious properties; SkipAdminPassword prevents the wizard pane for providing your local admin password for the machine that will be deployed. SkipProductKey will skip the request for a valid product key which should / could already be filled in in your unattended.xml. The SkipDeploymentType and DeploymentType evaluate what kind of deployment scenario will be used, because there are tree scenario’s possible: NEWCOMPUTER, REFRESH, REPLACE

NEWCOMPUTER
The target computer is a new computer that has never been a member of the network.
REFRESH
The target computer is an existing computer on the network that needs the desktop environment standard to be redeployed.
REPLACE
An existing computer on the network is being replaced with a new computer. The user state migration data is transferred from the existing computer to a new computer.

SkipAdminPassword=YES
SkipProductKey=YES
SkipDeploymentType=YES
DeploymentType=NEWCOMPUTER

Then we are going to join the computer to our domain, SkipDomainMembership=YES means we will not see the domain join wizard pane. If we provide the following additional parameters the computer will automatically join the specified domain:

SkipDomainMembership=YES
MachineObjectOU=OU=Computers,OU=Laptops,DC=contoso,DC=local
NetworkLocation=Work
JoinDomain=contoso
DomainAdmin=srv-rollout
DomainAdminDomain=contoso
DomainAdminPassword=

If there is userdata that needs to be migrated the following can be specified “SkipUserData” and “UserDataLocation”, if any existing profiles are present on the computer an USMT MIG file will be created which can be placed back after the OS deployment has been completed. More information on MDT in combination with USMT, please check this blog

SkipUserData=YES
UserDataLocation=\\server01.contoso.local\deploymentshare$\USMTdata

The only wizard pane we would like to see if we cannot prepopulate the hostname in advance is the ComputerName pane, by providing the following setting we will be asked for an hostname:

SkipComputerName=NO

Then the locale selection can be prepopulated too! “SkipLocaleSelection” and “SkipTimeZone” will hide or show the locale selection wizard pane, providing the following parameters will set the locale settings:

SkipLocaleSelection=YES
SkipTimeZone=YES
TimeZoneName=W. Europe Standard Time
TimeZone=110
AreaCode=045
Language=00000413
SystemLocale=00000413
UserLocale=en-US
UILanguage=en-US
InputLocale=nl-US
KeyboardLocale=nl-US

A new addition to my customsettings.ini (which I have added december 2013) is setting the native resolution for each device, by providing the following settings, the machine will be forced to start “enable auto detection” of display settings. This way, you’re always getting the most optimized resolution settings for your device. See this blog for more information.

; Display Settings
BitsPerPel=32
VRefresh=60
XResolution=1
YResolution=1

“SkipBitLocker” will show the Bitlocker configuration pane during deployment, and the last of the regular wizard panes “SkipSummary” wil not show the configured properties of which the deployment will commense with after we have clicked next.

SkipBitLocker=YES
SkipSummary=YES

Setting the homepage for every deployment that will be executed, use the property: Home_page=

Home_page=http://www.contoso.com

Supplying the eventservice, makes sure that live monitoring will be reported back to the MDT deploymentshare at which current step your deploymentphase actually is.
Providing the value “SLSShareDynamicLogging” provides actual replication of the BDD.log which covers all the actions executed by the task sequence and is a nice feature for centrally logging the deployment progress!
In the end, using “HideShell” makes the Windows 7 GUI disappear and only the MDT progressbar visible for the length of the deployment.

EventService=http://CONTOSO01:9800
SLShareDynamicLogging=%DeployRoot%\Logs\%COMPUTERNAME%
HideShell=YES

In the end we specify which WSUS updates will not be included in the update process. Because enabling the two steps already present in the task sequence “Windows Update (Pre-Application Installation)” and “Windows Update (Post-Application Installation)” will start querying your WSUS server or Windows Update Server on the internet and download all available Windows update present at that time. To exclude certain updates we can first of al run a /query from which we can easily see which updates are being advertised to our computers.

By providing the following additional command: “/query” to the already existing command: “cscript.exe “%SCRIPTROOT%\ZTIWindowsUpdate.wsf”” we can see in our BDD.log which updates are being advertised to the system.

In my case I wanted to exclude the following updates:

;Microsoft Browser Choice Screen Update for EEA Users of Windows 7 for x64-based Systems (KB976002)
WUMU_ExcludeKB1=976002
;Microsoft Silverlight (KB2636927)
WUMU_ExcludeKB2=2636927
;Windows Internet Explorer 9 for Windows 7 for x64-based Systems (KB982861)
WUMU_ExcludeKB3=982861
;Bing Desktop (KB2694771)
WUMU_ExcludeKB4=2694771

Note that each update that needs to be excluded needs to be specified seperately, and numbered each time with a higher number for every new to be excluded updated.

Hope that this provides some insight in creating a fully automated reference image and explains the purpose of each property in the way that I have experienced it.

Download the script here:

zip
CustomSettings.txt

48 thoughts on “MDT 2012 Settings for fully automated LTI deployment, Part II: Customsettings.ini

  1. John

    Hi, I have a quistion.
    I have imported the Multi Language OEM DVD in MDT 2013
    When I try to deploy an OS to a machine , it Always installed the English version of Windows 7 and I want it to install the Dutch version. What do i have to change in my settings and where ?

    Reply
    1. Rens Hollanders

      HI John,

      First keep in mind deploying OEM is officially not supported by Microsoft, unless you work for DELL, HP, or have a OEM vendor agreement like large retail company’s who ship out computers.

      In the BDD.log you can find certain valuable values which are found during deployment, one of them is ImageLanguage=

      Property ImageLanguage001 is now = nl-NL

      You then need to specify certain UserLocale and Regional Settings values:
      TimeZoneName=W. Europe Standard Time
      KeyboardLocale=nl-US
      UserLocale=nl-NL
      ImageLanguage001=nl-NL

      Hope this helps 🙂

      Good luck and let me know!

      Reply
  2. John Barneveld

    Hoi rens,

    Dank je wel voor de tip. Het heeft helaas niet gewerkt.
    Wat wel werkte is LanguagePacks001=nl-NL. Dit gaf daarna een foutmelding na de deployment dat het LP nioet gevonden kon worden. Nadat ik dit had geimporteerd in MDT onder packages werkte het wel.

    Dit had echter als nadeel dat ik weer een package extra had in mijn deployment.

    Ik heb het nu als volgt opgelost.
    Van de MSDN Site de NL versie van windows 7 gedownload en die als distributie gebruikt.

    De reden waarom ik in eerste instantie een OEM versie gebruikte is de volgende.

    Wij (valksoftware) maken kassa systemen voor Retail gebruikers gebaseerd op een NL versie van Windows 7. Wij hebben dus een magazijn vol met Dell Systemen waar een OEM licentie bij hoort.

    Nu maak ik dus de image van de MSDN DVD en na afloop wijzig ik het nummer van de licentie die op de sticker staat op de PC.

    Ik hoop in de toekomst “als het mag” dat ik wat vaker een beroep op je kan doen als ik vragen heb over MDT.

    Met vriendelijke groet,

    John Barneveld

    Reply
  3. Pingback: terrance

  4. Marco Meijer

    Hoi Rens,

    Ik heb een paar vraagjes over MDT 2013 customsettings.ini
    Wij willen graag dat de computernaam automatisch word meegenomen en ik wil graag dat ik een capture image kan maken ivm. Updates?
    Elke keer als ik een capture doe dan herstart de computer.
    Zou jij me hier mee kunnen helpen?
    Zie hier onder hoe ik het heb gedaan:

    [Settings]
    Priority=Default
    Properties=MyCustomProperty

    [Default]
    SkipBDDWelcome=Yes
    OSInstall=YES
    _SMSTSORGNAME=AddComm Direct BV
    SkipCapture=NO
    SkipAdminPassword=YES
    AdminPassword=********
    SkipProductKey=YES
    SkipDeploymentType=NO
    DeploymentType=Newcomputer
    SkipDomainMembership=YES
    JoinDomain=addcommnl
    DomainAdmin=********
    DomainAdminDomain=addcommnl
    DomainAdminPassword=*******
    SkipUserData=YES
    SkipBuild=NO
    SkipComputerName=NO
    OSDComputerName=ADCMDT-%001%
    SkipPackageDisplay=NO
    SkipLocaleSelection=YES
    SkipTimeZone=YES
    SkipApplications=NO
    SkipBitLocker=YES
    SkipBitLockerDetails=YES
    SkipSummary=YES
    SkipFinalSummary=YES
    UserDataLocation=AUTO
    SkipAppsOnUpgrade=NO
    TimeZoneName=W. Europe Standard Time
    TimeZone=110
    AreaCode=0413
    UserLocale=nl-NL
    Language=00000413
    SystemLocale=00000413
    UserLocale=00000413
    InputLocale=0413:00020409
    InputLocale=nl-US
    KeyboardLocale=nl-US
    WSUSServer=http://wsus01.addcomm.nl
    FinishAction=REBOOT
    EventService=http://WDS02:9800

    bootstrap.ini

    [Settings]
    Priority=Default

    [Default]
    DeployRoot=\\wds02\DeploymentShare$
    SkipBDDWelcome=YES
    KeyboardLocale=nl-US
    Userid=********
    UserPassword=*******
    Userdomain=addcommnl

    Met vriendelijke groet,
    Marco Meijer

    Reply
  5. xrainz

    Hi,
    thank s for you post! really great and commented!

    so i have a question : I’m facing a problem with a task sequence “sysprep and capture”

    each time i’m trying to capture via this task, i see that the process skip all the times the sysprep and capture phase and goes directly to MDT DO NOT ENABLE OR DELETE – and after the deployment siummary prompt shows succes without erroes or warnings.

    I have some others deployments task sequences which work perfeclty!

    I get this trouble since i’ve migrate from MDT 2010 to MDT 2012 sp1.

    my cs.ini :
    [Settings]
    Priority=Default
    Properties=MyCustomProperty

    Other]
    TaskSequenceID=CAPTURE
    SkipTaskSequence=NO
    SkipComputerName=YES
    SkipCapture=NO
    DoCapture=YES

    Default]
    OSInstall=Y
    UserID=**************
    UserDomain=*************
    UserPassword=test
    SkipAppsOnUpgrade=NO
    SkipCapture=NO
    SkipAdminPassword=YES
    SkipProductKey=YES
    DeploymentType=NEWCOMPUTER
    DeploymentMethod=NETWORK
    SkipDomainMembership=YES
    JoinDomain=*********
    DomainAdmin=*******
    DomainAdminDomain=*********
    DomainAdminPassword=******
    SkipSummary=YES
    SkipLocaleSelection=YES
    SkipTimezone=YES
    TimeZoneName=Romance Standard Time
    UILanguage=fr-FR
    UserLocale=fr-FR
    KeyboardLocale=040C:0000040C
    SkipUserData=YES
    SkipBitLocker=YES
    ***********************
    Please give me a solution 3 days without fixes…..
    Thanks a lot

    Reply
    1. Rens Hollanders

      Hi,

      I’m missing the following properties in your cs.ini:
      ComputerBackupLocation=%DeployRoot%\Captures
      BackupFile=image.wim

      Also I see you have your [other] and [default] section, missing the left “[” perhaps that just happened copying the cs.ini on my blog. And I see you do not have specified your [other] section at the priority property.

      What you can do is specify the properties as a task sequence variable in your Sysprep and Capture task sequence.
      Open the task sequence create a new group and place it as high as possible, then add a “Task Sequence Variable” and copy this step 4 times, then add the following task sequence variable properties and it’s value:

      SkipCapture=YES
      DoCapture=YES
      ComputerBackupLocation=%DeployRoot%\Captures
      BackupFile=W7ENTSP1x64EN.wim

      Cheers!

      If all fails, please send me your bdd.log which you can find in C:\Windows\Temp and smstlog which you can find in %localappdate%\temp through mail.

      Reply
  6. Gregg

    Thanks for your willingness to share! I plan to return often. I’m having the following problem in automating my deployment using MDT and WDS. When I create (or update) my LiteTouchPE_x64.wim and upload it to WDS, the changes aren’t there when I start the deployment via PXE. But when I start the OS and use the LiteTouch.wsf it works like a charm.

    The path to the boot wim in MDT is E:/DeploymentShare/Boot.

    The path to the boot wim in WDS is E:/RemoteInstall/Boot/x64/Images.

    I even tried a file copy to make sure the file was correct but it didn’t help.

    I’m not understanding how the boot wims being used could be different? Am I missing something so basic??

    Reply
    1. Rens Hollanders

      Hi Gregg,

      Thanks for giving a reply. Did you import the WIM files in WDS? Or just put the files in the designated “RemoteInstall” folder? Because they really need to be imported into WDS through the MMC / Gui.

      The reason why it is different, is because if you call Litetouch.vbs from a desktop running Windows, the connection with the deploymentshare is made through the script, which in it’s turn, reboots the machine and offers the WinPE file. While doing it with WDS the WIM file from WDS is used.

      That help you?

      Cheers! Rens

      Reply
      1. Gregg

        Wow that was a FAST reply!
        I did import the new wim into WDS (each time I recreated it) but when that didn’t work, I tried the file copy. Neither seems to get me the correct wim when I boot using WDS PXE. I’m stumped? It seems like WDS is sending an old wim that hasn’t been updated through the import process, it’s just using the same old one every time. I feel like a path is incorrect somewhere, I just can’t figure out where?

        Reply
        1. Rens Hollanders

          Yeah I’m fast even on Sundays 🙂
          Two things I should try, erase every boot image in your WDS, perform a search after that in your RemoteInstall folder for *.WIM files there shouldn’t be any left which match the size and description of your prior imported boot images.

          Another thing I once encountered was the machine holding settings of an old bootfile. Therefore, perform a “DISKPART > SELECT DISK 0 > CLEAN” action running from a command prompt within WinPE on the machine to entirely wipe the disk and know for sure you aren’t being messed around with by MDT/WDS.

          That’s all I can think off.

          Good luck! Cheers! Rens

          Reply
          1. Gregg

            I did everything you suggested, deleted all wims from WDS, searched and found no remaining files in RemoteInstall folder, then ran diskpart on machine and I’m still getting the old wim file booting from WDS PXE. I feel like I’m taking crazy pills! It’s got to be something simple I’m missing.

            I’m going to create a new deployment share and try it all again from scratch, uploading from an entirely new location.

            THANK YOU for your time! I’ll let you know how it works out.

          2. Rens Hollanders

            I wouldn’t bother creating a new deploymentshare, I’d go for disabling the WDS role, delete the RemoteInstall folder and reconfigure WDS. Since WDS is the transport system for your Boot image. This isn’t MDT.

            Cheers! Rens

  7. Gregg

    Does anything in my files look bad?
    ============= Bootstrap.ini ==============
    [Settings]
    Priority=Default

    [Default]
    DeployRoot=//servername/DeploymentShare$
    ==========================================

    =========== customsettings.ini ===========
    [Settings]
    Priority=Default
    Properties=MyCustomProperty

    [Default]
    _SMSTSOrgName=IT Department

    OSInstall=YES

    SkipBDDWelcome=YES

    UserID=xxxxxxx (edited out)
    UserDomain=xxxxxxx (edited out)
    UserPassword=xxxxxxx (edited out)

    SkipTaskSequence=YES
    TaskSequenceID=W7OFC13DEPLOY

    SkipComputerName=YES
    OSDComputerName=RENAME

    SkipDomainMembership=YES
    JoinWorkgroup=A
    ;JoinDomain
    ;DomainAdmin
    ;DomainAdminDomain
    ;DomainAdminPassword
    ;MachineObjectOU

    SkipUserData=YES
    UserDataLocation=NONE
    ;UDDir
    ;UDShare
    ;UserDataLocation=//servername/deploymentshare$/USMTdata

    SkipComputerBackup=YES
    ;BackupDir
    ;BackupShare
    ;ComputerBackupLocation

    SkipProductKey=YES
    ;ProductKey
    ;OverrideProductKey

    SkipPackageDisplay=YES
    ;LanguagePacks

    SkipLocaleSelection=YES
    ;KeyboardLocale=en-US
    ;UserLocale=en-US
    ;UILanguage=en-US

    SkipTimeZone=YES
    ;TimeZone=035
    ;TimeZoneName=Eastern Standard Time

    SkipRoles=YES
    ;OSRoles
    ;OSRoleServices
    ;OSFeatures

    SkipApplications=YES
    ;Applications001={1D7DF331-47B7-472C-87B3-442597EC2F7D}
    ;Applications002={9d2b8999-5e4d-4f3d-bb05-edaaf4fe5628}

    SkipAdminPassword=YES
    ;AdminPassword

    SkipAdminAccounts=YES
    ;Administrators

    SkipCapture=YES
    ;ComputerBackupLocation=NONE
    ;or
    ;ComputerBackupLocation=NETWORK
    ;BackupShare=//servername/Backup$
    ;BackupDir=%OSDComputerName%

    SkipBitLocker=YES
    ;BDEDriveLetter
    ;BDEDriveSize
    ;BDEInstall
    ;BDEInstallSuppress
    ;BDERecoveryKey
    ;TPMOwnerPassword
    ;OSDBitLockerStartupKeyDrive
    ;OSDBitLockerWaitForEncryption

    SkipSummary=YES
    ;Ready to begin

    SkipFinalSummary=YES
    ;Operating system deployment completed successfully (or not)

    ;OTHER
    FinishAction=REBOOT
    Home_Page=http://www.msn.com
    EventService=http://servername:9800
    SLShareDynamicLogging=%DeployRoot%/Logs/%COMPUTERNAME%
    HideShell=YES
    ==========================================

    I’m thankful for your help!!

    Reply
    1. Rens Hollanders

      Not really, other then I have the following info in my bootstrap.ini:

      [Default]
      DeployRoot=\\servername.contoso.local\deploymentshare$
      SkipBDDWelcome=YES
      KeyboardLocalePE=nl-US

      ;Authentication with DeploymentShare
      UserID=mdt_sa-account
      UserPassword=P@55w0rd
      UserDomain=contoso.local

      So that’s it. What exactly was the change between boot images? Modifications in the bootstrap.ini or added drivers? Notice that every change in bootstrap.ini means the need to update your deployment share, so the bootstrap.ini which is embedded in the boot.wim is updated. This is exactly the same for drivers that are needed into your boot image.

      These are the only two reasons to update your deploymentshare, and to update the boot image that is located on a USB stick or WDS server (Try an USB stick with your most recent boot image to see if that helps, that would also help locate the evil dependency here)

      Cheers! Rens

      Reply
      1. Gregg

        Great news, it looks to be working. I added the SkipBDDWelcome=YES to the bootstrap.ini and that appears to have done it. I wonder if/why it has to be in both scripts, but it’s time to move on. Now all I have to do is wait to see if it finishes correctly.

        THANK YOU so much for your help. I’m just beginning to learn MDT/WDS, and tomorrow I start looking into SCCM so that we can start pushing patches, updates and drivers without touching every machine or completely re-imaging them. I have 700 PC’s in two schools to be re-imaged by mid-August. We’ve got about 10 different hardware platforms and 15 images in our old system (FOG) to transition to the new way of doing things. I wonder just how much customization I can do to bring down the number of images and how well the patching is going to work. Certainly have my work cut out for me :-). I’ll b a regular visitor to your website from now on!!!
        Thanks again!

        Reply
        1. Rens Hollanders

          Gregg, SkipBDDWelcome only needs to be present in your bootstrap.ini, you can remove it in the customsetttings.ini. Regarding your number of images, MDT as well as SCCM provides the tools/mechanism to create one image to deploy to all of your hardware. For driver management, have look at this article http://deploymentresearch.com/Research/Post/325/MDT-2013-Lite-Touch-Driver-Management which pritty much explains everything on how to achieve OS deployment with one image for multiple hardware devices.

          Glad I’d could help, and thank you for your appreciation.

          Cheers! Rens

          Reply
  8. TheHunter

    Where to find local codes for other countries for example Sweden.

    TimeZone=
    AreaCode=
    Language=
    SystemLocale=

    Reply
    1. Rens Hollanders

      Hi,

      You can find the codes in the following two files: ListOfLanguages.xml and DeployWiz_LanguageUI.xml located in the .\DeploymentShare\Scripts folder. If you scroll trough the XML file, you can find all the codes, timezones and locale’s that you can or may enter through the wizard, these values are also accepted when you provide them directly into the customsettings.ini.

      Cheers! Rens

      Reply
  9. Michael

    Hi Rens, thanks for this helpful blog post! I just have a question you may be able to help with. I do not have DHCP available, so I put the static entries in my cs.ini and rules files as you wrote above. The IP config works fine once booted into Windows, but in WinPE at start of deployment, and then the final capture stage it applies all settings like gateway, dns servers etc except the IP and subnet addresses, which stays set to “Autoconfiguration IPv4 address”. I can set the IP manually via netsh again, but the goal was to have this all automated. I wonder if there is some other setting I need to check with my config if you’ve come across this before?
    See screenshot: http://i.imgur.com/gsN0ewZ.png
    I am using Win10 ADK (RTM build) with MDT 2013 Update 1 on a Win2012 R2 server.

    Reply
    1. Rens Hollanders

      Hi Michael,

      Sorry for my late responce, strange that you lose the IP configuration in the WinPE phase, because that is the place where the configuration is initially set. I’ve not yet encountered this. So I can only recommend you to view your logs (also the logs in and during the WinPE phase) view them with Trace.exe or CMtrace.exe.

      In the logs you may see if, how and when the adapter has been appointed an address.

      Cheers! Rens

      Reply
  10. Saeid

    Hi Rens,

    We have 2 sites, site A and site B.
    Site A is our main site with MDT and WDS and also DB linked to MDT for deployment of specific Drivers or applications base on Make and Model.

    I need to be able to image computers on SITE B which is our remote site connected to our network via 100Mb Wan connection.
    Since the number of computers in Site B are lot less than ours , I decided to create a USB bootable Media for them so they can Image their laptops.
    I need their computers to be able to connect to my DB on Site A to just get the Make and Model information, but the rest should be running from the USB drive locally.
    The question is what should I put in CS.ini and Bootstrap.ini for the USB Media so it will work properly?
    Thanks

    Reply
    1. Rens Hollanders

      Hi Saeid,

      Clever solution you’ve got there. I think you’ll need to provide everything, except the path to your deploymentshare in the bootstrap.ini. When you create offline media, your template bootstrap.ini is almost completely empty. It has no referrals to the share. So you should leave those out. All other properties like DB settings, should be in the bootstrap.ini and customsettings.ini.
      And also pretty obvious, the Database servers needs to be accessible from the remote location Site B.

      Cheers! Rens

      Reply
  11. Pingback: Configuration avancée de MDT 2013 | Déploiement MDT - WDS | IT-Connect

  12. YK

    Hi Rens,

    I have a problem, when i auto signin my MDT to the deploymentshare i don’t see any Task Sequences. But when i clear the auto signin it shows all the Task Sequences.
    Can you help me with this problem?

    Greets

    Reply
    1. Rens Hollanders

      Hi Yordy,

      That’s some strange stuff going on there. So if you provide settings in bootstrap.ini you don’t see them, and if you enter them manually, you see the task sequences.
      My first guess would be to check your permissions. The MDT account both needs NTFS and Share permissions.

      Also please view your logfiles in WinPE during the initialization phase to see what is going on.

      Cheers! Rens

      Reply
  13. Naveen Punj

    Hi Dear,

    Keeping the domain joining admin password with in the customsetting file is something we want to avoid.
    As an alternate we can use the Task sequence to provide the domain joining OU and credentails But this does not work in Refresh scinerio.

    Is there any other alternate way available?

    Reply
    1. Rens Hollanders

      Hi Naveen,

      Did you use task sequence variables to supply domain join credentials? You may also use custom scripting so the credentials are not used in the customsettings.ini, or use a different customsettings.ini per specific deployment. Just some options.

      Cheers! Rens

      Reply
  14. Kim

    Hi Rens!

    A lot of great tips on your blog, it’s really appreciated.

    I’m quite new to MDT and WDS and for my current project I need to be able to create a reference image for Win10 v1607 and I am currently having some issues:

    1. I need to pre-populate computer names, so the technician who installs the image can choose a name from a drop down. Do I need to use the MDT database or can I script this somehow?

    Any tips on this?

    Thanks in advance!

    best regards,
    Kim

    Reply
    1. Rens Hollanders

      Hi Kim,

      Thanks appreciated you reaching out to me. You can use either a database connected to MDT or, you can provide a prefix. Most hostnames consist out of an abbreviation of the organization followed by a number and perhaps a distinction between desktops and laptops. So lets say: CONTOSO is the name of the company, you can work with a ByLaptop ByDesktop subsection, if the machine is a Laptop, the prefix will be: OSDComputerName=CNTS-LT and if it’s a desktop it would be CNTS-DT. This way your support technician would only have to fill in the number. Providing a list isn’t flexible for hostnames. Then I would advise the database, but be aware this requires hardware information from the machine, such as mac-address, serial number, asset tag or UUID.

      So using the prefix would definitely by the way to go in my opinion. See the example of the customsettings.ini on this website: https://deploymentbunny.com/2012/04/21/back-to-basic-customsettings-ini-explained/ “CustomSettings.ini – Act II”

      Cheers! Rens

      Reply
      1. Kim

        Thanks for the very quick reply!

        The naming standard we will be using is something like this:

        US-MT-001-C001

        Where

        US = Country code
        MT= Self defined computer type, not necessarily Laptop or Desktop. All types are pre defined though (MT, PT, ST)
        001= Location no
        C001= Client no

        These values should be predefined except tha last one, there should always be a +1 increment according the the values already in AD.

        I can’t really seem to wrap my head around how to accomplish this using Mikael’s customsettings.ini wizardry.

        Is the MDT database the solution for this scenario?

        Thank you so much!

        Reply
  15. jc lamb

    Howdy from Canada!

    Loving the details in your work.
    this might get a little ugly. I hope you are able to follow the bouncing ball i am about to present….

    I have a different scenario and i am having trouble isolating a solution.
    I have one MDT 2013 deployment share
    I have inherited two images (which in reality could be accomplished with one but for now, two)
    Both are 64bit win 7
    one has special software that the other doesnt (and cant) have installed
    the one with the special software needs to be DOMAIN joined (Office)
    the other is WORKGROUP joined (Field)
    All PCs are Dell

    I am tasked to try to reduce the number of times the image process requires to be touched by the deployment team.

    Current deployment process is typical (and quite manual):
    *Manually Boot PC
    *Manually f12 to boot off NIX w/PXE
    *Once PXE is engaged, Manually f12 to pull the Bootable WIM
    *Once MDT is displayed, a list of Task Sequences are presented (Manually choose between Office or Field)
    *Both task sequences are set to install McAfee Agent as a step during State Restore (i.e. not in CS.ini – which i am going to test shortly)

    *In the domain joined TS, the agent will not install unless an administrator is logged in (we disable to domain\administrator account so the TS fails to auto login to finalize the installation) There is no issue with this on the workgroup machine because it isnt trying to authenticate a domain account to do the install.

    I need to be able to (somehow) boot, run a specific task sequence which installs a specific image (and software) with the deployment team only running one step (i.e. they kick off the image process for either an Office or a Field image and when they return it is 100% complete without ever touching it again).

    Am i completely out to lunch thinking i should be able to automate this from start to finish?

    Reply
    1. Rens Hollanders

      Hi Jeff,

      Is there something like a unique value for you to work with? Say certain Dell machines will always receive image A and others image B? This can easily be implemented by using a “Model” subsection in your customsettings.ini and put the “Model” priority before the “Default” priority and subsection. The way how I build my deploymentshares nowadays is with task sequence variables for the domain join embedded in the task sequence. So other task sequences (where machines are not to join the domain) aren’t troubled with obsolete information in the customsettings.ini.

      Auto-logging in can be prevented for example by adding the HideShell=YES in your customsettings.ini and FinishAction=LOGOFF, this way during deployment the explorer shell isn’t loaded and at the end of a deployment tasks executed by a agent can be performed. Ideally you would want to disable auto login elsewhere. If you add a reboot to your task sequence in the State Restore step, or set it as a FinishAction, basically it tells your machine to set the autologon properties just one more time.

      How do you deal with computernames? Because If you want to make it 100% fully automated, consider implementing a SQL database (MDT has integration for it) so you can import computers, create a relationship between computername and mac-address or serial number, or uuid or asset tag, and then tell your machine: which name it has, which task sequence to run. This has some work upfront but in the end this will help you immensely.

      So there are some things for you to think about worth implementing!

      Let me know!

      Cheers! Rens

      Reply
  16. jc lamb

    Howdy Rens

    Another amazingly quick response 🙂

    It seems having a unique identifier is my challenge to try to automate this process.
    All pcs are Dell (yes, we have different models but we dont specify which model goes where – any model can be deployed any where; office or field).

    To automatically name the PC, we put our company asset tag# into the Dell BIOS maintenance, which MDT picks up very nicely as variable %ASSETTAG%

    We have a reboot in the POST INSTALL section just prior to the State Restore section. Should i remove that to allow the application to install with the shell hidden?

    the state restore is doing all the default processes with the added function of installing the McAfee Agent (i.e. gather local only, post-apply cleanup, recover from domain, install mcafee agent)

    I can easily work with the mcAfee agent as a post deployment task as a separate package to deploy

    Solving the automation /selection of 2 images is my most important challenge today

    Jeff

    Reply
  17. jc lamb

    Do you think having 2 deployment shares (with two CS.ini) would be the easiest?
    the only thing…. how does the PC know which deployment share to access?

    Reply
    1. Rens Hollanders

      Jeff,

      I would definitely work with a database then. If somehow you can manage to retrieve the computers hostname, and mac-address and or the other identifiers I’ve mentioned (by running a logon script that writes this information to a share or perhaps export from your mcafee solution) and you manage to bulk import a list of computernames, with the identifiers and each task sequence to follow this is a much better solution. You’ll also have advantage from this in the unforeseeable future. I’d be happy to build it for you 🙂 Always wanted to visit Canada 😛

      Cheers! Rens

      Reply
  18. Rafi Niazi

    Hallo iedereen,

    Toevallig was op zoek naar een oplossing van mijn probleem op het net zag deze site ik zal even uitleggen.
    Ik heb een simpel MDT, hoe kan ik de laatste optie skippen, want in de applicatie keuze geef ik aan welke applicatie wil ik deployen, want na de action install OS komt het wizard weer naar voeren en die wil ik niet hebben.
    hier geef ik aan dat ik bv office en zo wil deployen.
    https://imgur.com/a/ED9AO
    maar dez optie wil ik niet hebben en de applicaties die ik aangevinkt heb wel geinstalleerd hebben.
    https://imgur.com/a/eW9qr

    mvg

    Reply
    1. Rens Hollanders Post author

      Hallo Rafi,

      De opties SkipApplications=YES en SkipTaskSequence=YES laten de applicatie en tasksequence selectie pagina niet meer zien.
      Als je applicaties verplicht wilt installeren kun je in de customsettings.ini ook InstallApplication001= meegeven. Zie deze pagina voor meer tekst en uitleg: http://systemscenter.ru/mdt2012.en/propertydefinition.htm

      Groeten

      Reply
      1. Rafi Niazi

        Hoi Rene,

        Bedankt voor snelle reactie ik ga vandaag proberen nogmaals bedankt.

        groet

        rafi

        Reply
  19. Rafi Niazi

    Hoi Rene,
    Ik wil wel de keuze hebben om de applicaties te selecteren die je wilt installeren “https://imgur.com/a/ED9AO” dit wil ik hebben, maar na install OS doet ie rebooten en komt ie weer met deze TS https://imgur.com/a/eW9qr en deze stap wil ik geautomatiseerd hebben eigenlijk ik heb al aangegeven in eerste TS dat welke applicaties wil ik hebben.
    dit is de setthings.

    [Settings]
    Priority=Default
    Properties=MyCustomProperty

    [Default]
    OSInstall=YES
    ComputerName=%SerialNumber%
    SkipCapture=YES
    SkipAdminPassword=YES
    SkipProductKey=YES
    SkipDeploymentType=YES
    DeploymentType=Newcomputer
    SkipDomainMembership=YES
    SkipUserData=YES
    SkipBuild=NO
    SkipComputerName=NO
    SkipPackageDisplay=YES
    SkipLocaleSelection=YES
    SkipTimeZone=YES
    SkipApplications=NO
    SkipBitLocker=YES
    SkipBitLockerDetails=YES
    SkipSummary=YES
    SkipFinalSummary=YES
    Home_page=https://www.albeda.nl/
    HideShell=YES
    EventService=http://SRVMDT01:9800
    UserDataLocation=NONE
    SkipAppsOnUpgrade=YES
    TimeZoneName=W. Europe Standard Time
    TimeZone=110
    AreaCode=0413
    UserLocale=nl-NL
    Language=00000413
    SystemLocale=00000413
    UserLocale=00000413
    InputLocale=0413:00020409
    InputLocale=nl-US
    KeyboardLocale=nl-US
    FinishAction=REBOOT
    EventService=http://SRVMDT01:9800

    Reply
  20. Nirav

    Hi Ren,

    Thank you so much for the amazing blog.
    Is it possible to make a drop down list with different domain OU where each OU has it’s specific rules and policy.

    Regards,
    Nirav

    Reply
  21. ahmed

    Rens,
    i have two custom settings. one to install the system with swedish keyboard and the other with danish. is there a way to put those two custom settings in one file and choose which one through the deployment. i have the MDT install on an external hard disk.
    thanks for this nice tutorial.
    Regards

    Reply
  22. Tommy Helmersson

    Hi Rens,

    Have a question: We have created a feature for our users (and ourselves) to remount a machine remotely through a running bat file and do a refresh on the client.
    Can you somehow avoid all the wizards when doing a refresh?
    Know that I can do this in the ini files, but do not want this statically but only when the name does NOT start with MININT.
    Regards
    Tommy

    Reply
    1. Rens Hollanders Post author

      Hi Tommy,

      You can by possible selecting a different ini file for refresh and setting all the wizard properties that start with SkipXXXX to yes.

      Reply

Leave a Reply

Your email address will not be published.