Hi guys and girls, it’s been a while since I’ve written an post related to MDT or anything other useful to contribute.
At this momentย my inspiration for writing blogs is on the back-burner. This is also due to the fact that writing about MDT is related to the things I encounter in my day to day activities, which are going pretty solid at this moment.ย ย (I’m mostly relaxing, watching the World Cup Soccer, and doing other things not work related)
The’re no issues I’d encounter and had to resolve, and unfortunately no new stuff I haven’t done. So if there’s is anything you would like to know or would like to have explained. Don’t hesitate and leave your comment or remarks in the comment section.
Cheers! ๐
HI,
Iโve got a problem and was wondering if you could help me, Iโve got a SCCM 2012 r2 environment with MDT integration, at present im using a SCCM task sequence to deploy my windows 7/8 images.
What im trying to do is use MDT task sequence and combine the laptop and desktop image together as one task sequence using IsLaptop and IsDesktop variables.
In the customsettings I have added the IsLaptop and IsDesktop variables in there.
In the task sequence I have used a condition TS variable IsDesktop equals TRUE.
But it seems to ignore it.
The below is the customsettings.ini
[Settings]
Priority=Default
Priority=ByLaptopType,ByDesktopType,ByVMType,Default
Properties=MyCustomProperty
[ByLaptopType]
SubSection=Laptop-%IsLaptop%
[ByDesktopType]
SubSection=Desktop-%IsDesktop%
[ByVMType]
SubSection=VM-%IsVM%
[Laptop-TRUE]
MachineObjectOU=OU=Laptops,OU=ICHNT Workstations,DC=domain,DC=sccm,DC=tgv,DC=uk
Bitlocker Configuration
BDEInstallSuppress=NO
BDEWaitForEncryption=False
BDEDriveLetter=S:
BDEDriveSize=2000
BDEInstall=TPMKey
BDERecoveryKey=AD
BDEKeyLocation=C:\Windows\BDEKey
[Desktop-TRUE]
MachineObjectOU=OU=Standard,OU=ICHNT Workstations,DC=dirone,DC=sccm,DC=tgv,DC=uk
[VM-TRUE]
MachineObjectOU=OU=Standard,OU=ICHNT Workstations,DC=domain,DC=sccm,DC=tgv,DC=uk
[Default]
SMSTSErrorDialogTimeout=86340
_SMSTSOrgName= TEST
_SMSTSPackageName=Windows 8 MDT OS Deployment – AFRAS
OSInstall=Y
SkipCapture=YES
SkipAdminPassword=YES
SkipProductKey=YES
KeyboardLocale=en-GB
UserLocale=en-GB
UILanguage=en-GB
TimeZoneName=GMT Standard Time
SLShare=\\SLW-SCCM-001\OSDLogs$
;WINDOWSUPDATES TO SKIP
;Internet Explorer 10
WUMU_ExcludeKB003=2817183
WUMU_ExcludeID004={5f84379f-7c14-472f-b560-62a0cdec6f31}
;Microsoft Browser Choice Screen Update for EEA
WUMU_ExcludeKB005=KB976002
;Internet Explorer 9
WUMU_ExcludeKB006=982861
FinishAction=RESTART
Ive looked at the ZTIGather.log and it displays Property IsDesktop is now = False
Any help would be appreciated.
Hi Afras,
Perhaps a bit to obvious, but assumingly you have copied and pasted your customsettings.ini, I see, that priority definition is mentioned twice:
[Settings]
Priority=Default
Priority=ByLaptopType,ByDesktopType,ByVMType,Default
Properties=MyCustomProperty
This way it will surely not work, so remove the first line: Priority=Default
A good example of how to work with the ByLaptop and ByDesktop item’s can be found here:
Hope this helps!
Ping back to me if it didn’t solve your problem.
Cheers! ๐
Apology for the mistake, that was me copying and pasting, but the original one was without the mistake.
Hi,
Great that Microsoft at last put an understandable Technet article on “Create a Windows 8.1 Reference Image”. Great comments by you aswell on clearing the event logs. I think Microsoft should put that as default in MDT.
Maybe there are some other small “tips” that you ALWAYS perform at every MDT installation you do that you can share with us?
Hi,
Thanks for visiting the blog and leaving a comment. It’s very rewarding to hear you like the contribution I made to the article. I’ll go and work on a blog about how I build my ref. images and which practices I use in building them.
Cheers and have a nice weekend!
Hello there. I am trying to use MDT to deploy window 7 Embedded (WES7P) and the deployment stops when the target reboots from what looks like the end of the Postinstall phase. I turned on the monitoring and it says that it is on step 62 of 88. I am left with a logon screen, which I could use to continue (undesirable as it takes more steps). When I try to redeploy to the box in this state, it claims that there is already a deployment in progress, so it knows something is still unfinished. How do I get the reboot to Embedded to boot to the continuation script?
Thank you – Steve
Hi Steve,
That’s not good to here, you are stuck on a deployment. Please check your bdd.log and or your smsts.log. These can be found with the help of fellow blogger Ward Vissers, he has written a blog on where to find the right logfiles. http://www.wardvissers.nl/2010/06/11/where-to-find-the-right-mdt-2010-logs/ view them with trace.exe to see if errors occur. Only then I can help you further with your deployment.
Cheers!
Hello could I ask some questions?
1.I am creating Linked Deployment Share, what difference between Merge and Replace, during creating?
What properties do you recommend for using?
2.Could you explain features of Extrafiles directory on MDT, how can I use It, and may be you know were I can find information about it. May be you know good examples?
3.Is it important the order of positions priority in customsetting
Priority=DefaultGateway,Make,Default,SendMail
Properties=OSDSendMailFrom,OSDSendMailTo,OSDSendMailSubject,OSDSendMailBody,OSDSendMailSMTPServer,OSDSendMailIncludeBDDLog,SavedJoinDomain
and how could I understand what have to be first,second, third
What is Priority and Properties?
4.What difference between LiteTouch.wsf and LiteTouch.vbs? And which script I have to start to implement replace scenario?
thank you for your answers
Hi Alexander,
I’ll have to write a blog about your question’s, please give me some time to work this out. I can already give you one piece of advice, and that’s: Forget linked deploymentshares and use robocopy instead! I’ll explain later but it will save you allot of headaches, pain and time.
Cheers!
Hi Alexander,
I’ve kept my promise and responded to your questions, with the following blog: http://renshollanders.nl/2014/09/mdt-linked-deployment-shares-litetouch-vbs-and-customsettings-ini-properties-and-priority-user-question/
Cheers! Rens
Hi Rens,
Thank you for the quick reply.
From my untrained eyes, it looks like there is no D: partition on the Windows PE OS, but perhaps there is more.
I have included the log snippets of interest (from what I see).
I do not always get a c:\MINIT folder, but this time I did.
In the C:\MININT\SMSOSD\OSDLOGS\BDD.log file , viewed with the SMSTrace utility, in red was a line which follows:
————- red error line in BDD.log file ————————-
FAILURE ( 9601 ): ERROR – ZTITatoo state restore task should be running in the full OS, aborting. ZTITatoo 9/5/2014 9:10:38 AM 0 (0x0000)
———– end of red error line ——————–
The rest of the lines in the log follow:
—————————– rest of lines (in white background) —————————————-
Event 41002 sent: FAILURE ( 9601 ): ERROR – ZTITatoo state restore task should be running in the full OS, aborting. ZTITatoo 9/5/2014 9:10:38 AM 0 (0x0000)
Microsoft Deployment Toolkit version: 6.1.2373.0 ZTIApplications 9/5/2014 9:10:38 AM 0 (0x0000)
The task sequencer log is located at X:\windows\TEMP\SMSTSLog\SMSTS.LOG. For task sequence failures, please consult this log. ZTIApplications 9/5/2014 9:10:38 AM 0 (0x0000)
Environment Error: ManualRetry (From ZTIApplications). ZTIApplications 9/5/2014 9:10:38 AM 0 (0x0000)
Property LTISuspend is now = LiteTouch is trying to install applications.
This cannot be performed in Windows PE.
If booting from a USB Flash Disk, please remove all drives before restarting.
Otherwise, ensure the hard disk is selected first in the BIOS boot order. ZTIApplications 9/5/2014 9:10:38 AM 0 (0x0000)
Property SMSTSRebootRequested is now = true ZTIApplications 9/5/2014 9:10:38 AM 0 (0x0000)
Property SMSTSRetryRequested is now = true ZTIApplications 9/5/2014 9:10:38 AM 0 (0x0000)
ZTIApplications processing completed successfully. ZTIApplications 9/5/2014 9:10:38 AM 0 (0x0000)
Event 41001 sent: ZTIApplications processing completed successfully. ZTIApplications 9/5/2014 9:10:39 AM 0 (0x0000)
Command completed, return code = -2147021886
Property LTIDirty is now = FALSE
If there is a drive letter defined, make sure we clear it now so we can *force* recalcutation.
Property OSDTargetDriveCache is now = DIRTY
LTI initiating task sequence-requested reboot.
Event 41017 sent: LTI initiating task sequence-requested reboot.
————– end of the BDD.log file ————————
A few observations:
After the reboot to the WES7P OS, There was no X: drive present, so I could not find the SMSTS.log file there
The SMSTS.log file was not found in the C:\MINIT folder.
The SMSTS.log file was not found in the C:\WINDOWS\TEMP folder.
I used the “F8” function key to bring up a cmd window in the middle of the deployment, and this might have helped create the C:\MINIT folder.
The “LiteTouch is trying to install applications…. ” text showed up in a popup (which dismissed itself before I could read it all).
I then tried anothter deploy, used F8 and copied X:\windows\TEMP\SMSTSLog\SMSTS.LOG to c:\temp.
In this SMSTS.LOG file, I see the following:
———– in white background file SMSTS.LOG ———-
User specified local data drive D:
D:\_SMSTaskSequence does not exist
uRet == ERROR_ALREADY_EXISTS, HRESULT=80070003 (e:\nts_sms_fre\sms\framework\tscore\utils.cpp,916)
Creating directory D:\_SMSTaskSequence
————- first red background ————————-
Failed to create D:\_SMSTaskSequence (3)
————- yellow background ———————-
Failed to create user-specified local data path D:\_SMSTaskSequence. Error 0x80070003
————- white background ———————–
Volume C:\ has 127412006912 bytes of free space
Volume E:\ is not a fixed hard drive
Volume V:\ has 491524096 bytes of free space
Volume X:\ is not a fixed hard drive
Volume Y:\ is not a fixed hard drive
Volume Z:\ is not a fixed hard drive
TSM root drive = C:\
C:\_SMSTaskSequence does not exist
———– lower in white background file SMSTS.LOG ———-
Start executing the command line: cscript.exe “%SCRIPTROOT%\ZTITatoo.wsf”
Expand a string:
Executing command line: cscript.exe “%SCRIPTROOT%\ZTITatoo.wsf”
Process completed with exit code 9601
————- second red background ————————-
Failed to run the action: Tattoo. DNS zone does not exist. (Error: 00002581; Source: Windows)
————- white background ———————–
Sending status message . . .
Executing in non SMS standalone mode. Ignoring send a task execution status message request
Set a global environment variable _SMSTSLastActionRetCode=9601
Set a global environment variable _SMSTSLastActionSucceeded=false
Clear local default environment
————- yellow background ———————-
The execution engine ignored the failure of the action (Tattoo) and continues execution
————- white background ———————–
Sending status message . . .
Executing in non SMS standalone mode. Ignoring send a task execution status message request
Updated security on object C:\_SMSTaskSequence.
Set a global environment variable _SMSTSNextInstructionPointer=59
Set a TS execution environment variable _SMSTSNextInstructionPointer=59
Set a global environment variable _SMSTSInstructionStackString=54
Set a TS execution environment variable _SMSTSInstructionStackString=54
Save the current environment block
Successfully save execution state and environment to local hard disk
Start executing an instruciton. Instruction name: Opt In to CEIP and WER. Instruction pointer: 59
…
Hi Rens,
I have more information.
With the new knowledge of the logfiles and how to look at them, I tried a deployment from Windows 7 Enterprise, which worked as expected. After looking at those logs with the SMSTrace utility as well, it looks like the D: drive mounting is not an issue as this error message is present in the Win7 enterprise deployment, which worked to completion. I looked for the second error, namely the “Tattoo error” in the working deployment, and this was not found in the logfile.
Thanks – Steve
Hi Steve,
Thanks for reaching out to me. I’ll have a look at it after the weekend. I’ll keep you posted and contact you for possible more information.
Cheers and have a great weekend in advance ๐
Rens
Rens,
I hope you had a good weekend.
I have chased down the “Tattoo error” which was inadvertently put in when I disabled the postInstall->”restart computer” task. When I put this back in, the “Tattoo error” want away.
Searching for “Successfully complete the action” in the smsts.log, I see as the last entry: “Successfully complete the action (Restart computer) with the exit win32 code 0” which is what I see also on the successful deployment.
However, I am still not executing my “State Restore -> Install Applications” task on the Embedded target machine.
Thanks – Steve
Hi Steve,
Here’s my responce, did you disable or remove any steps from the default client.xml task sequence template you used to deploy the thin client with? The error: “Failed to run the action: Tattoo. DNS zone does not exist.” reveals the following: http://verbalprocessor.com/2011/09/19/ztitatoo-wsferror-9601-dns-zone-does-not-exist/ and http://social.technet.microsoft.com/forums/systemcenter/en-US/db3cf9e4-a5d1-40b6-8973-6134591b0b5e/error-deploying-with-osd-created-standalone-iso.
Please check network dependencies when deploying the machine from an USB device or ISO. Also check the operating system has been applied correct to the OS disk, which sometime can be a pain, due to the mechanism being unable to determine the destination disk. Secondly, more then one physical disk available also can cause some troubles. You’ll get error’s such as: “Unable to find litetouch.wsf” this is due to the machine not being able to find the _SMSTaskSequence folder. However the folder may be present, sometimes the disk can be set to offline, so the folder can’t be found.
These are just my thought’s on the problems you encounter. Feel free to respond!
Cheers!
Hi,
I’ve got a problem with MDT and “Dirty Environment”.
We deploy about 200 Client machines each Friday, and it needs to be working on Monday morning.
So I wish for the MDT to ALWAYS do what it says in the TS, and not ask me if I wish to do a new deploy or Continue on the existing.
Is there a way to disable this step, or to allways have it say “Do a new Deployment”.
Regards
Johan
Hi Johan,
thanks for your question, have you ever seen these two threads?
For the first scroll down untill you’ll find “Great Triscuit” contribution, he talks about commenting the script section that causes the “Dirty Environment” notification
http://social.technet.microsoft.com/Forums/en-US/36ed037b-51b1-4053-a248-46bd3ac9ecda/dirty-environment-found?forum=mdt
The following blog describes how to solve the “Dirty Environment” in another way:
http://deployhappiness.com/how-to-fix-dirty-environment-found-errors/
If this does not resolve your question, please give me a shoot out and I’ll look into it.
Cheers!
Hi,
I have my Deployment Pretty well polished now, I’m using a purely 64bit environment, with windows 7 pro, I am slowly (and testing as I go) moving towards zero touch almost) with a database connected to my Deployment, but if I turn off the welcome screen it makes it more time consuming to find the mac address and serial numbers on screen when adding them to the database (due to our method for naming machines I prefer adding machines manually then leaving Litetouch to query when deploying) I have bginfo64.exe and I’m using mdt2013 so in theory it should be possible to get the BGinfo64.exe and my custom BGinfo.bgi to run at when the litetouchPE start’s up but I cant get it to work on a 64bit, can you help?
Hi Stephen,
Not sure which OS you are deploying besides Win7 PRO but one of the first hits on google when looking for bginfo64.exe was finding this thread: http://forum.sysinternals.com/server-2012-bginfo-not-displaying-on-desktop_topic28656.html perhaps this may solve your problem? I haven’t really looked into getting BGinfo to do stuff during deployment. Only thing I can advise you to test, is to incorporate bginfo in a x86 boot image. Since x86 boot images allows you to either deploy a -32 and -64 bit operating system. And is fully compatible with 32 bit applications, like bginfo, trace, putty, etc. I understand you perfectly there is no need for -32 bit support. But I’ve seen some strange behavior in the past regarding -64 bit only boot images. And I believe support and stability has improved, but for the sake of testing, would you try a x86 boot image, and post your results back here?
Thanks and good luck, Cheers!
-Rens
HI Rens,
I Need to use x64, as 32bit doesn’t support UEFI booting we are using UEFI hardware on site. I’m using MDT 2013 and its when the Lifetouch has finished loading but before the deployment welcome screen loads I want the BGINFO64.exe to run so I can see on screen all the info I need at a glance.
Stephen,
I need to dig into this topic, as I have never incorporated BGinfoX64 into WinPE x64. Please give me some time to investigate. Or is the issue pressing? I’m assuming this is a nice to have.
Cheers Rens
It’s ok worked it out, you can still use 32bit version on the 64bit Lifetouch, I just added a couple of lines in to the Unattend.xml and copied the BGINFO, BGinfo.bgi and background image I needed in to the extras folder and all worked fine,
First section adds the display settings forcing auto-detect, next section tells the winpe to run BGINFO.exe with the BGinfo.bgi config, (you just need to configure the bginfo.bgi ahead of time to pick up the background image and info you want to see took some trial and error but I got it in the end.
32
1
60
1
Set BackGround
1
BGInfo.exe BGinfo.bgi /silent /timer:0 /NOLICPROMPT
Lite Touch PE
2
wscript.exe X:\Deploy\Scripts\LiteTouch.wsf
Hi Stephen,
That’s nice to know. Thanks for getting back at me. Perhaps I devote a blogpost to your experiences anywhere in the near future.
Regards,
Rens
Hello,
I have a question.
How do I permanently remove the “Z” mapping (as it appears the cleanup step failed)?
We imaged 50 computers and the problem re-creates itself with each new user (which then locks the account used for the MDT due to bad password attempts).
I have tried many different things and none have provided a full solution.
Thanks,
Scott S.
I was wondering if you’ve had any experience creating custom wizard pages and associating them with custom VBS scripts? Think you could write a blog post about that process?
Hi Joshua,
Sorry for my late response. I have little knowledge about custom wizard pages and custom vbs scripts. For a project I once did at a customer we’ve co-created our own frontend HTA (HTML application) which asked for computername, username, regional settings etc. Unfortunately my knowledge of creating HTA’s and VB Scripts is limited, I can read and modify scripts but that’s about it. Sorry. I can provide you the HTA though, just send me an e-mail at rens dot hollanders @ gmail dot com.
Cheers! Rens
Alright, well… stupid mistake on my part. I was trying to clear litetouch.vbs from the recent files on a Win10 technical preview, and without fully thinking about it, just selected it and hit delete. At the same point, the realization that it was a network location and I was logged into the client with domain admin privileges hit me. I’ve searched recycle bin on both the client and the server (not there). I’ve checked for “previous versions” of the folder, but none available, and unfortunately our deployment server is not part of the backup schedule.
What can I do to recover or recreate the litetouch.vbs? The .wsf is still present.
I appreciate any suggestions.
Hi Matt,
If you are looking for the original Litetouch.vbs, there is a sample folder where the actual Microsoft Deployment Toolkit is installed. This folder holds most of the content you will find in your deploymentshare. Your solution also works indeed.
Cheers! Rens
last post regarding deleted litetouch.vbs is resolved. Easiest solution, make a new share, copy and paste the .vbs, and then close the new share.
I am using MDT 2013 to deploy Win 8.1. Met 2 weird issue that i could find an answer:
1) During deployment, my Task sequence and MININT sometimes appear in D: or E: drive causing the deployment to keep looping at gather local. If i manually copy the task sequence folder to C: it will continue on.
2) I use a USB 2 HDD to do deployment and everything went well. However when copy the media to a USB 3 HDD it show operating not found after the install OS step.
Hi Gilbert,
Regarding question one, I have seen on MDT deployment’s with multiple disks or partition’s that MDT likes to store this kind of info elsewhere then on the C: drive. Although I cannot explain the behavior, you could try allocating the other disks and or partition’s afterwards with a dispart.txt script to avoid the deployment from failing.
Regarding question two, I can imagine USB3.0 will be detected on your machine as an internal hard drive and propose itself as a bootable device, while the USB 2.0 does not. So perhaps you can fiddle with the boot order or boot hard drive in your BIOS. Also using HDD’s for deployment isn’t really recommended since errors like these can occur. Using an USB stick would be more preferable.
Hope this can be of some assistance.
Cheers! Rens
Hi Rens,
I am trying to make it possible to do the following:
Custom Pane select location; based on location it will generate a serial number on eg: LP-NL-23432 (type-location-serialnumber) where MDT automatically knows the type (laptop/workstation etc and the serial number) but it cant know the location becuz that’s a manual input..
I got the serial number, and the type working.. but the input based on location i cant seem to get to work.. can you help me?
This is the top part of my customsettings.ini:
[Settings]
Priority=Init,ByLaptop,ByDesktop,ByVM,TaskSequenceID, Default, IMG7, IMG8, W7PROD
Properties=MyCustomProperty,ComputerTypeName,ComputerSerialNumber
[Init]
ComputerSerialNumber=#Left(“%SerialNumber%”,6)#
[ByDesktop]
SubSection=Desktop-%IsDesktop%
[Desktop-True]
ComputerTypeName=PC
MachineObjectOU=OU=Computers,OU=Quooker,DC=quooker,DC=lan
[ByLaptop]
SubSection=Laptop-%IsLapTop%
[Laptop-True]
ComputerTypeName=LP
MachineObjectOU=OU=Laptops,OU=Quooker,DC=quooker,DC=lan
MandatoryApplications001={4ef38f1f-2660-4eb7-83bf-21c894696fe4}
[ByVM]
SubSection=VM-%IsVM%
[VM-True]
ComputerTypeName=VM
SkipComputerName=NO
OSDComputername=%ComputerTypeName%-#Right(Replace(Replace(oEnvironment.Item(“SerialNumber”),” “,””),”-“,””),4)#
And then [DEFAULT] with default settings etc.
Hi Glenn,
My experience with custom panes to provide the location and use that information to generate the name isn’t really good. To my experience this is often not working. Perhaps an different angle on the problem could help you solve it. I assume since you mention locations in other countries, these locations also have different subnets and different subnets mean different gateways. This way you can control customsettings.ini that if the default gateway matches 192.168.10.254 the country abbreviation to add is NL, where 192.168.20.254 represents DE for Germany.
Perhaps this helps?
Cheers! Rens
Hi Rens,
Sadly this wont work; as all laptops are ‘provided’ by our company in the Netherlands.
Our sites in other countries dont have ‘real’ offices,. mostly sales people that travel.
This wont work in that enviroment, as the subnet is either unknown or changes all the time. Depending on the employee.
Glenn,
Other possibility is to connect an MDT database, import all the machines, and define the name of the machine accordingly and use the following: http://renshollanders.nl/2013/09/mdt-2012-lti-deployment-regional-and-locale-settings-based-on-chars-hostname/
Cheers! Rens
I’m not sure I fully understand that blog post tbh, I have never worked with the MDT database. does that not introduce a whole lot of hassle? as you need to ‘feeed’ MDT every MACAddress? and I honestly dont know them all.
I could look into our Inventory DB, but still those 2 arent linked?
My deployment is stopping at PostInstall. It reboots and waits for further interactions to go further . Any ideas
Hi Felix,
In such case I would always review the following logfiles:
BDD.log
Panther.log
DISM.log
Have a look here for logfile locations:
http://www.wardvissers.nl/2010/06/11/where-to-find-the-right-mdt-2010-logs/
Panther.log and DISM.log are found in C:\Windows\Panther and C:\Windows\Logs\DISM
Cheers! Rens
Hello Rens,
Nice website you have. I have the following issue with my MDT test environment. I want to capture an image with MDT. The problem is sometimes it works sometimes it doesn’t. When I select the capture task sequence it only processes configure MDT and then it reboots. This is my custom ini file :
[Settings]
Priority=Default
Properties=MyCustomProperty
[Default]
OSInstall=Y
SkipAppsOnUpgrade=YES
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipDomainMembership=NO
JoinDomain=jsl.edu
DomainAdmin=administrator
DomainAdminDomain=jsl.edu
DomainAdminPassword=Windows01
SkipUserData=YES
SkipBuild=NO
SkipComputerName=NO
SkipPackageDisplay=NO
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipApplications=NO
SkipBitLocker=YES
SkipBitLockerDetails=YES
SkipSummary=YES
SkipFinalSummary=YES
UserDataLocation=NONE
SkipAppsOnUpgrade=YES
TimeZoneName=W. Europe Standard Time
TimeZone=110
AreaCode=0413
UserLocale=nl-NL
Language=00000413
SystemLocale=00000413
UserLocale=00000413
InputLocale=0413:00020409
InputLocale=nl-US
KeyboardLocale=nl-US
ComputerBackupLocation=AUTO
BackupShare=\\wds01\DeploymentShare$
BackupDir=Captures
FinishAction=REBOOT
What am I doing wrong ?
I have two capture sequences. One for Windows 7 and one for Windows 8.
Hi John,
MDT needs 4 properties to make the capture work, and I’m not sure the properties you have configured are correct. Have a look here for examples:
http://systemscenter.ru/mdt2012.en/propertydefinition.htm
To my knowledge, these 4 properties work guaranteed:
; Computer Backup Location
SkipCapture=YES
DoCapture=YES
ComputerBackupLocation=%DEPLOYROOT%\Captures
BackupFile=image.wim
Cheers! Rens
Hello Rens,
Thanks for the reply. I will test it tomorrow. Is it maybe better to create a separate ini file for captures? Because in my case it looks like it is not processing the custom ini file.
Hi John,
You’re welcome. No one ini should be just fine. You can specify these properties however in one single or multiple ini files. I’ve seen people create a second deployment share just for capturing, etc. best way to do it in my opinion is one ini file and set these properties either in the ini file or in your task sequence as task sequence variables.
Just keep in mind that you deal with your domain join settings too! If the machine you are trying to capture is domain joined since you’ve also supplied these settings in your ini file, then the machine cannot be captured.
Therefore I would put my domain join settings in the task sequence itself so it doesn’t interfere with the capture settings.
Have a look over here: http://renshollanders.nl/2015/04/mdt-put-the-domain-join-where-it-belongs/
Cheers! Rens
I have in the task sequence a Suspend MDT so that I can update the image then take a snapshot then click resume task sequence and it is then suppose to capture the image. What happens is it appears to do something then logs me out and does not capture anything. I have looked at all the logs I can find and I don’t see any errors. I’m guessing that sysprep is not executing. If anyone has run into this before and can help that would be amazing.
Hello Rens
Greetings
After Windows 7 deployment through MDT minint and _smstasksequence_ folder resides in C:\ and also litetouch.wsf resides in startup folder. Is there any way preferably through Task Sequence that deleted all these three things.
Thanks in advance
Abhishek
Hi,
Usually MDT clean’s up it’s act. If folders minint and _smstasksequence_ are still present, the task sequence did not end properly. You should check the bdd.log and smsts.log to review if steps have failed.
A completed task sequence without errors will not leave these folders in the root of C:
Cheers! Rens
Hi Rens,
I need to deploy a windows 7 image with WDS and MDT 2013. The deployment part is working well but I would like to set up an autologin account at the end of the deployment process. In my task sequence in MDT I have set up a task (a command line) like that :
reg.exe import “My_reg_key.reg”
and it’s not working properly. If I run this command line manually it’s working well.
The weird thing is if I put a restart task straight after the “autologin” task it will work but the task sequence will never end up as the system can’t catch up where the task sequence has been left before the reboot if the user logged in is not the admin user.
Thanks for your help,
William
Hi William,
During deployment, the LTICleanup script cleans the autologon registry keys at the end of the deployment. So when you configure autologon during deployment, settings settings are also removed. You’ll need to find a a way to run a configuration script post deployment. This can be done, by example by calling the autologon script, in the RunOnce registry key, located in: “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce”.
Cheers! Rens
Thanks Rens, you have sorted my problem!
Hi Rens,
I am getting an error when importing an operating system into my deployment share.
Performing the operation “import” on target “Operating system”.
Creating new item named REFW81X64CDrive in Windows 8.1×64 REFW81X64.wim at DS002:\Operating Systems.
Creating new item named REFW81X64CDrive in Windows 8.1×64 REFW81X64.wim at DS002:\Operating Systems.
Item already exists: ‘E:\MDT\DEPLOYMENT\Operating Systems\REFW81X64CDrive in Windows 8.1×64.wim’ specified.
Import processing finished.
It says item already exists ” specified. Can you please tell me what is happening??
Hi Rens,
Another question for you. I am trying to capture my reference image of Windows 10. It goes through everything as normal but the WIM file it spits out into the captures folder is only 3.4mb. The wizard says complete though with no errors? I have sifted through some log files but with no answers. Any ideas?
Joel
Hi Joel,
That’s strange, when you follow the capturing process how long does it take to capture? Assuming you must have a WIM file of approx 10 Gb, it would take up to an hour to capture a WIM depending on disk and network speed. So 3.4 mb is strange, the only thing you can check is to make sure the machine is not a member of the domain (but then it wouldn’t capture at all), you have the latest software versions of MDT 2013 update1 and Windows ADK. If it still fails to capture, you could try to capture it manually, by booting into WinPE, creating the network connection yourself with NET USE \\server\deploymentshare$ and try to capture your installation either with DISM or IMAGEX (you’ll need to google the command’s, or look in your BDD.log from previous captures)
Also I’d open a thread on social.technet.
Cheers! Rens
Thanks Rens,
The reference image isn’t on the domain, i have also updated MDT 2013 update 1 and ADK. It doesn’t necessarily “fail” capture, it succeeds but the .wim file it spits out is only tiny. It should be around 10GB as you said. I have a Windows 8.1 reference image on a different VM and that captures normally no issues.
I have posted to TechNet and will also try your suggestion of capturing manually using dism or imagex.
Thanks!
Joel
Hi Rens,
So i tried capturing the image manually using DISM and it worked. It pushed out a WIM file that was the correct size. So its possibly capturing the wrong partition or something like that when i try and capture the WIM using the normal process.
So how can i check what partition it is trying to capture when i click the resume task sequence button on the desktop of my reference image and try to capture the image that way?
Cheers,
Joel
Hi Joel,
Sorry for my late response, been kinda busy past couple a days. You should have a look at the dism capture command that you can find in bdd.log and smsts.log of the machine that you are trying to capture to see which partition is being captured. Alternatively I shoukd open up a question on social.technet.com since this isn’t default behaviour.
Cheers! Rens
Hello Rens,
So glad I’ve found your page – hoping you can answer some of my questions.
First Question: Is there a way to create multiprompt in Wizard.hta so it would prompt technician’s credentials? Currently I have in Customsettings.ini:
DomainAdmin=admin
DomainAdminDomain=domain
DomainAdminPassword=Pa$$w0rd
Obviously it is not encrypted and I don’t want it to leave exposed.
Second question: I would like to setup the deployment in such a way so Active Directory would be able to tell when the machine was deployed and who was the technician.
Hi ML,
I’f you are worried about security regarding to MDT, then I say don’t worry. I know it’s everyone’s intention to maintain a secure deployment. But you can configure the MDT service account to have only read permissions on the share. Secondly, you can configure the domain join account with minimal right’s. (See this link: https://jonconwayuk.wordpress.com/2011/10/20/minimum-permissions-required-for-account-to-join-workstations-to-the-domain-during-deployment/)
If you want to monitor which technician does a deployment, you could create a custom HTA, or CMD / VBS messagebox, to provide the name of the technician and echo this somewhere in a custom logfile or make it part of your task sequence variables, so the entry will be documented in the most important logs of MDT: BDD.log and/or SMSTS.log Also you can have it written to the machine object details but again this requires custom scripting.
Cheers! Rens
Ahh – one more question:
Is there a way in Monitoring section of DeploymentWorkbench to translate which task in task sequence “current step” corresponds to?
Thank you!
Michael
Nope it’s not possible to make a translation between the steps in monitoring or your actual task sequence. The only thing you can do is enable SLShareDynamicLogging (see: http://systemscenter.ru/mdt2012.en/slsharedynamiclogging.htm) which will create a per machine deployment bdd.log if you define the setting as following in your customsettings.ini:
SLShareDynamicLogging=%DeployRoot%\Logs\%ComputerName%
Cheers! Rens
Love the site Rens. I am getting an error when trying to run Bitlocker in the task sequence. The image is windows 7 enterprise and I get this error when it runs the ztibde.wsf file Verify %OSSKU% is defined. I have even forced the variable in the task sequence to Enterprise and still get the error.
Hi Kent,
Strange behavior I’ve never encountered before, but I stumbled upon a possible workaround. The ZTIBDE.wsf script in the deployment share\scripts folder checks for the proper OS SKU to be Enterprise. You could comment out the section where it checks for the SKU and do a redeployment, to see if the process itself works as expected.
See this link for more information on how to comment the section: http://supportishere.com/mdt-2013-bug-alert-mdt2013-natively-does-not-support-bitlocker-for-windows-8x-professional/
Lastly assure yourself you have a validated and original version of Windows 7 Enterprise.
Cheers! Rens
Same issue with Windows 10 Pro here, Pro is supposed to be supported, but ztibde.wsf is somehow wrong and doesn’t let you encrypt, we went for that workaround http://happysccm.com/MDT-Bitlocker-OSSKU
After upgrading to ADK 10 and MDT 2013 Update 2, I’m having the hardest time getting my 32-bit OS to install. Once the deployment starts and it gets to the “Installing Operating System” part, it just stalls at 100%. I originally thought this was the case with my 64-bit OS, but after about 10 minutes or so at the above step, it eventually went on to complete the remainder of the install. However, I never got the FinalSummary window at the end. I’m really not sure what to do at this point. And now that I’ve been testing it, 64-bit doesn’t seem to work. I have copies of the BDD and SMSTS logs if you need them.
Hello Britney,
Thank you for your question. Sorry for my late response, been busy this weekend. Are you sure you’ve installed the latest versions of MDT and ADK? I know that with the release of MDT 2013 update 1 no progress was shown for the installation of the WIM file. This is something that has been resolved with MDT 2013 update 2 but also requires the latest version of ADK. See these links for download: http://download.microsoft.com/download/3/8/B/38BBCA6A-ADC9-4245-BCD8-DAA136F63C8B/adk/adksetup.exe and https://download.microsoft.com/download/3/0/1/3012B93D-C445-44A9-8BFB-F28EB937B060/MicrosoftDeploymentToolkit2013_x64.msi
The SkipFinalSummary and SkipSummary options in your CustomSettings.ini should be set to NO to show these summaries. If you did not see the FinalSummary either the summary is surpressed or your task sequence did not complete entirely. This can be seen in the BDD.log, if you’d like, you may send the logfiles to me.
Cheers! Rens
Actually after working on it all weekend (no pay) and moving the Windows ADK 10 to the same drive as my Deployment Share and then regenerating the boot image completely, it seemed to work just fine. This is with MDT 2013 Update 2 and the ADK 10. That thing is quite sensitive for some reason. I even had to redo all of my Task Sequences after I did the update.
Britney,
Have to say that’s quite strange. Normally I have my ADK on the C drive of a machine, and the deployroot situated on another drive (usually D:) and never experienced any issues. But I know that MDT 2013 update 1 has an updated task sequence template to start with. So I can imagine this does something for you. Glad it has resolved itself.
Cheers! Rens
Well so far it’s been fine for the 64-bit PXE boot and the Mobile USB MDT, but I’m still having it hang up on the same part for the 32-bit OS. I just did a Diskpart to see if all of the failed deployments were causing a problem. (Fingers crossed)
FAILED. Of course. Here is my BDD log if you’re interested:
https://onedrive.live.com/redir?resid=29A3A66B1CD5369C!268&authkey=!AELQbK_PxpopB2s&ithint=file%2clog
I need to copy some folders into the program files during the installation procedure. The files are present on a shared folder and cannot be moved on the WDS server as the folders get updates periodically. Can you please guide me as to how should i go about my script. I tried to map the drives using the net use cmd in powershell but its doesnt map the drive. Any idea ?
You have already responded to my question
1. Map the drive with net use n: \\server\share
2. Copy the files for example with %~DP0 which represents the absolute path
3. Deletes the just created mapping
can you please provide me the script as i am not able to understand how to copy using %~DP0
The path of the folder is this \fileserver1\resources\apps\Project1\Folder1 and it needs to be copied into programfiles in the C drive
Hi these command’s do not work in powershell, they work as a CMD file. If you wish to do this in powershell use the commands:
New-PSDrive: https://technet.microsoft.com/en-us/library/hh849829.aspx
Copy-Item: https://technet.microsoft.com/en-us/library/hh849793.aspx
Remove-PSDrive: https://technet.microsoft.com/en-us/library/hh849760.aspx
Cheers! Rens
sorry i meant can you write the cmd script ?
Hello Hasan,
There are plenty examples out there and useful sites to. If I write the script and it does not work, you’ll come back again to me saying it does not work.
Have a look here for CMD command lines: http://ss64.com/nt/copy.html, http://ss64.com/nt/net_use.html.
It will take you no more then 10 minutes to write a three lined command line script.
Cheers! Rens
Hello Rens,
We have a MDT integrated Task Sequence we use to build the devices in SCCM 2012.
The ask is to capture the user ID that is entered in UDI to authenticate the device to Network access (Domain join credentials).
I have tried below & i’m getting the UserID key in registry but is has no value in it.
In “scripts” folder, modified ZTITatoo.wsf,:
Added:
oShell.RegWrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Deployment 4\UserID”, oEnvironment.Item(“UserID”), “REG_SZ”
Then modified ZTITatoo.mof:
Added
string UserID;
And then added
[PropertyContext(“local|HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Deployment 4|UserID”), Dynamic, Provider(“RegPropProv”)]
UserID;
Can you please suggest & help me in this scenario ?
Thanks in advance
I am trying to upgrade to Windows 10 for testing, but when I run the LiteTouch.vsb file, it shows the initial progress, flashes and then nothing else.
Any suggestions
Hi Rens,
I am working in a multisite infrastructure and last year I have set up a WDS/MDT 2013 server for each site. They are working fine. As we are working to build another extra site I have set up another server but with MDT 2013 update 2 to be able to deploy windows 10 in a few. When I PXE boot I can select lite touch boot image but then the task sequences don’t show up. I have run the command cscript //nologo litetouch.wsf /debug:true and apparently the error would be “gathering complete but no INI file were found” and then i have got a blank windows.
I am using the same ini files (custom settings and bootstrap) than usual I have just changed the server name. I have updated the deployment share and then replace my boot image.
Thanks for your help,
Will
Hi Will,
During WinPE phase you can verify logfiles also to see what’s going wrong. Make sure you have embedded CMtrace.exe or Trace.exe in your boot image so you read logfiles properly.
I’m not sure which logfile to look for, but I would start with the BDD.log on X:\ and smsts.log if there is any present.
Cheers! Rens
Hi Rens,
Thanks for your reply but I was expecting MDT to set up the sharing permissions for me as usual but the latest version of MDT doesn’t do it and that’s where was my mistake. It’s working fine now.
Cheers,
Will
Hi Will,
If you have setup MDT manually then you’ll need to set the permissions yourself indeed. I have a automated script that sets the permissions directly (everyone full control share permissions)
Cheers! Rens
Hey Rens,
Yes I have set it up manually, but that’s the first time I come across this issue or I did set up the permissions on the other servers and I don’t remember … I was thinking, give the full access to everyone, could that be a security issue or is it the normal way to do it? I guess as you need credentials to first access the deployment share it seems pretty secure.
Cheers,
Will
Dear Rens
I’m having problem with MDT 2013 Update 2
I have created a task for windows 10 pro, everything works good until i put a set suspend in my task, with error message
( litetouch deployment failed return code = -2147467259 0x80004005 )
and
(Failed to run the action: Set Suspend)
I hope that you can help me with this problem.
Regards
Al
Hi Al,
The correct usage for LTIsuspend is to a Run Commend Line step, and provide the following command line: cscript %scriptroot%\ltisuspend.wsf
Can you verify your command line matches the command line above?
Cheers! Rens
I have an issues trying to assign drive letters to different partitions in MDT 2013.
1. Current working task sequence (created by another engineer):
– Preinstall State: Create an OS partition (80GB)
– Install State: OS wim image restored to the OS partition.
– State Restore State:
+ Create extended partitions using Run Command Line: diskpart /s %SCRIPTROOT%\Diskpart\dell_partitions.txt with the dell_partitions.txt include the following line:
select disk 0
create partition extended
create partition logical size=51200
format quick fs=ntfs label=”RECOVERY”
create partition logical
format quick fs=ntfs label=”DATA”
+ So the drive partitions structure is as follow:
Volume 1 = System Reserved (hidden)
Volume 2 = OS (the primary partition where OS installed)
Volume 3 = Recovery (logical partition)
Volume 4 = Data (logical partition)
+ Drive letters assign: Run Command Line: diskpart /s %SCRIPTROOT%\Diskpart\assign_drive_letters.txt
assign_drive_letters.txt has the following:
select volume 0
assign letter=F
select disk 0
select partition 1
assign letter=S
remove
select partition 3
assign letter=R
select partition 4
assign letter=D
Everything works and all partitions get correct drive letters assigned.
2. I want to change the way the partitions get created by creating them in the Preinstall Phase:
– Preinstall Phase: create OS partition, create Recovery partition, create Data partition.
– State Restore Phase:
using the same assign drive letters command as above will make the task fail.
If I skip the assign drive letter step and run that same script within Windows OS after the deployment is done it will work. I don’t know why it failed.
Please help. Thank you.
Hi,
Why don’t you just create the drives in the Format and Partition step in the preรฏnstall phase? You can still change driveletters afterwards by script?
Unfortunately I can’t say my experience with more then one partition during OS deployment with MDT has been positive, mostly when reinstalling the machine. I usually receive “Unable to find Litetouch.wsf” and then it appears the MDT scripts that are being copied locally are copied to the wrong drive. Therefore I avoid multiple disk configurations in MDT.
Cheers! Rens
That’s exactly what I want to achieve: create all the partitions in the Format and Partition step in the Preinstall Phase. That’s easy to do. However if I do that the driveletters change script won’t work.
I found out something today: If I create the partitions order as follow
System Reserved
OS
Recovery
Data
The change letters script will not work at all even though diskpart script looks correct:
select volume 3
assign letter=R
select volume 4
assign letter=D
Now if I create the partitions as the following order:
System Reserved
Recovery
Data
OS
and change the assign letters script as
select volume 2
assign Letter=R
select volume 3
assign letter=D
It will work perfectly. So look like any partition create after the OS partition, the diskpart script will not work in MDT. If I run the script directly from within the OS itself, it works fine. Something in MDT that caused this and it just bugs me.
Anyway, thank you for your reply!!!
Alex.
How do you create a Task to install Bginfo and company wallpaper
Hi Sanchez,
Import BGinfo as an application, together with the info.xml you would want to display. Provide the following commandline for the application:
“bginfo.exe c:\users\lowell\bin\config.bgi /timer:0 /nolicprompt /silent”
For more info, please see the following websites:
http://www.howtogeek.com/school/sysinternals-pro/lesson7/ and https://technet.microsoft.com/en-us/sysinternals/bginfo.aspx?f=255&MSPPError=-2147217396
Cheers! Rens
Hello Rens,
I have a issue with performance of my MDT 2013. When i setup it on vm server it get dhcp and other settings from another vm server.
The problem is performance of booting the Wizard setup.
When I start it from this server is booting ok and login box show very quickly and after that I click on Install Wizard button next windows appear in few seconds.
The problem is with my standalone server. I moved everything from vm server to physical. It’s mean images, setting is 1:1 copy. The booting is ok but loading of deployment toolkit take very long time. Time to show login screen takes 30 sec or more. After that when i click on button to start it’s take over 3 to 5 min to show Wizard when i can choose the operating system. I don’t know what is wrong.
My machine is core i5-3420 and 8 gb of ram I install the system and all files on ssd disk and vm is xeon and 8 gb ram
Hi Rens,
i am configuring MDT at my workplace but it’s getting stuck after initializing credentials. in the trouble shoot process i have checked share folder properties, bootstrap.ini. the pxe client getting address from DHCP scope.
if you can give me your email id i can send you some screenshot so you can get exact idea.
Hi Rens,
what I’d like to achieve is this:
After a Computer has been deployed and the last default step from the Task Sequence “State Restore” is running (i.e. running some customized scripts), the last step should automatically create an backup image of this PC, stored in the hidden (usually created) restore partition so that if you would use the Windows Restore functions THIS image will be used and the PC is at the exact same state like it was, when it was deployed.
Perhaps I’m just too blind to find this function, because it should not seem to be that hard to implement. However I can’t find a simple solution anywhere…
I’d be glad if you could help!
Greetings!
Andreas
Hi Andreas,
You’ll need to find a way to boot your machine into WinPE after the deployment task sequence has finished. Then with DISM you can create a WIM file of the operating system partition. See this link for reference: https://technet.microsoft.com/en-us/library/hh825072.aspx unfortunately I do not have a turnkey solution for this. Perhaps there is more to find on the internet.
I never considered backing up a recently deployed system, because of the short deployment time. Creating an image will set you back approx. another 30 minutes, while a new machine deployment in most scenario’s I’ve built are done in 45, so the advantage of having an image on a local pc does not weigh up against the flexibility of deployment, besides how do you handle incremental updates to your deployment and the images stored on your machines..?
Cheers! Rens
Hi Rens,
thanks for your answer.
The reason i came up with this is this: we have to re-image several PCs in different branches about every month. Not all of the branches have gigabit connection to their wds servers. So deploying 10 or more PCs at the same time just takes too long.
So far i managed to use diskpart and wbadmin to create the system backup in the hidden recovery partition. But when i use the windows recovery boot where you can chose your restore point, it always says that it cannot be found. Ironically when i select the option to instlal a driver and have to search for the location, the recovery partition is actually unhidden and i can see the whole content. Nevertheless i can’t select or use it to restore the system. Any idea about that?
I have also thoughts about automatic incremential updates on the fly in the restore file, but this takes too long to explain here.
Cheers! Andreas
Hi Rens,
I have an interesting issue when deploying a machine with Bitlocker.
TPM is not activated fully and then the encryption got suspended after the deployment is done. There are no protectors enabled.
I have encountered a few logs that would be helpful but I didn’t came close to a fix on that. Basically when the MDT tasks tried to activate TPM on the target machine it returns a 6711 error (see below)
[Default]
BDEInstallSuppress=NO
BDEDriveLetter=S:
BDEDriveSize= 2000
BDEInstall=TPM
BDEWaitForEncryption=False
BDEKeyLocation=C:
SkipBitLocker=YES
Also I have tried different machines and models – no good. Upgraded BIOS, no success.
Can you please help identifying the root cause of this ?
Many thanks,
Hugo
Hello Hugo,
Thanks for your question, what kind of version of Windows are you using? Professional or Enterprise? There should be a log entry as to why bitlocker failed to enable in either bdd.log or ztibde.log. Hopefully you’ll find the reason why.
Cheers! Rens
I have enabled monitoring but since 2 week no new deployments are showing up and an old task cannot be deleted. I hope you can help.
Hi Rob,
Did you also specify the eventservice in the customsettings.ini?
Like so: EventService=http://WDG-MDT-01:9800
Enabling monitoring only on the DeploymentShare Properties tab is not enough. Also be sure the port used is not in use by any other application, and perhaps your firewall needs to have an exception for this particular port.
Cheers! Rens
Hi Rens,
I have a requirement for building an HTA front end for MDT 2013 for selecting the OS ( I have 4 OS – CBB x86 and X64 , LTSB x86 and x64) . I will have a single master Task sequence , but on the front end I would prefer to have a HTA to select the OS among the 4 listed above.
Kindly suggest .
Hi Prasanna,
Please have a look at implementing the MDT UDI task sequence and UDI wizard en custom wizard pages. This will enable you to select different operating systems from one task sequence.
Otherwise you’ll have to look at using conditions on the install operating system step, but I’m not sure this will work.
Cheers! Rens
I have a lenovo P50 which is very close to go into production but for some reason I cannot get it to Image using MDT 2013. We give our desk side techs a USB to image the computers offline. Same USB is used to image other lenovo models. I am attaching the SMSTS.LOG. Any help will be appreciated
Used smsts.ini to set logging settings. TSMBootstrap 9/20/2016 10:46:11 AM 1920 (0x0780)
==============================[ TSMBootStrap.exe ]============================== TSMBootstrap 9/20/2016 10:46:11 AM 1920 (0x0780)
Command line: “X:\Deploy\Tools\X86\TsmBootstrap.exe” /env:SAStart TSMBootstrap 9/20/2016 10:46:11 AM 1920 (0x0780)
Current OS version is 10.0.10240.0 TSMBootstrap 9/20/2016 10:46:11 AM 1920 (0x0780)
Running Task Sequence in standalone. TSMBootstrap 9/20/2016 10:46:11 AM 1920 (0x0780)
Hi ‘Hazzy’,
I can’t make up anything strange in your smsts.log. First rules of thumb when it comes to troubleshooting regarding OS deployment to models in my experience is to perform a clean OS deployment (without any other steps) to the problematic model. Just try a straight forward new task sequence with at most the drivers, and leave everything else default. If this doesn’t work, also try a original operating system iso file instead of a reference image.
Not only view your smsts.log but also review your bdd.log and monitor after which step the task sequence fails, or the model refuses to install.
Cheers! Rens
I have a challenge for you:
Win Server 2008R2, MDT 2012 u1 (6.1.2373), WAIK (2.0.0.0), WDS using PE x86 and x64
I have two Dell models that stop at the Wizard and display X:\Deploy. If I enter the path X:.\Deploy\Scripts\LiteTouch.wsf I get prompted for a domain credentials window in the task sequence when using a usb thumb drive to image a laptop or pc. Dell older models I am not prompted for credentials, they simply go to the wizard and let me select my task sequence options. I used the same usb thumb drive in an E7240, E7250 (success) and same ubs thumb drive with an E7270 (prompted/fail), so I know the thumb drive is working. Previous Models working with usb media E72750, E72740, E5420, Optiplex 580, 3010, 3020.
Additional Info: Using the Nic boot option all models complete imaging, after credential verification, because they are completed on our network and need to have domain credentials verified.
MDT is set up with (total control) Folder Models in Out-of – Box Drivers and Dell’s latest driver package has been added to the latest model folders. MDT has been updated, media updated.
I have not been able to figure out why the usb key won’t work with E7270 and Optiplex 3040.
Need some help/solution,
Hi Marshall,
This is a challenge indeed. Thank you for your extensive description of your problem. If I understand you correctly, you can deploy all models through network installation, but the E7270 and Optiplex 3040 not through USB.
Just to be sure, you have used the intended WinPE10 driver pack for Dell. And these models open up a command prompt during USB staging, and do not initiate the proces of processing bootstrap and customsettings.ini?
Think you should review all the log files you can find in your WinPE session, be sure to embed cmtrace.exe in your WinPE image so you can view the logfiles in such manner that they are readable (with Notepad there is no starting in this). Be sure to check the MININT\SMSOSDLOGS folder, X:\Windows\Logs directory, and BDD.log and SMSTS.log
There needs to be a clue somewhere. Alternatively, you can try to create a boot image with only network and storage drivers of these particular systems, and completely regenerate your boot images. Think these points will be a good start to troubleshoot from.
Cheers! Rens
How do I make a Task Sequence in MDT which builds a Windows 2012R2 server, and then uses wbadmin to restore a full C:\ backup of the system?
Hi,
I don’t think MDT is the suitable solution to initiate a system state restore. Although I think it can be done, it has to be the last step in the task sequence, initiated by script so MDT can finish it’s steps, clean up the system and then be finished. Through the script you can initiate te restore.
Cheers! Rens
I’m currently using a Standard Client Upgrade TS with the latest ADK and MDT 2013 Upg 2 ver 8443. To get applications to install, I had to remove the registry dependency on the Post-Installation folder of tasks because it was not being written. I have edited the setupcomplete.cmd script file to write the dependent registry entry according to https://goo.gl/5RWEuL. Now I am having issue with the installation hanging on the ‘Tattoo’ step. I attempted a fix to this listed here https://goo.gl/xsu9hM and have verified that the script is copying to the right directory and all registry changes are completing as they should, but am still having the same issue. Do you have any ideas on 1) why MDT’s OS installation is not writing the dependent registry key for post-application installation and 2) why the installation hangs on the ‘Tattoo’ step when I script this registry entry to be written?
Hi Joshua,
These are very specific questions. That I doubt I can answer, especially when you deviate from the standard path (regarding your script modifications) is there any other way to get around the things that you want to execute post install? What happens when you start a blank / clean standard template deployment from scratch on this machine?
Cheers! Rens
I actually have a blank slate TS for client upgrade, but the Post-Processing steps are completely ignored for some reason unless I remove the built-in dependency on the registry value at HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\Win10UpgradeStatusCode = SUCCESS.
If I remove this from options, the post-processing happens just fine. That’s what moved me to try to force the registry value to be written using the setupcomplete.cmd script just for the sake of experimentation but it leads to upgrade TS getting stuck on Tattoo. Very strange.
Hi Joshua,
What do you need the regkey for? You said that if you removed it, it would work just fine. What happens when you set this key at the very end of the deployment? Does it ruin your tattoo step?
Cheers! Rens
Hello Rens
Nice to meet you…am pretty new to MDT however with the help of some reading and Youtube video i have been able to setup mdt with WDS successfully. I am having an issue with deploying applications (.msi files). I’d also would like help on determining how mdt can format and deploy an OS with two internal HD. Your assistance is greatly appreciated.
Thanks
Hi Rens,
Thought I’d take you up on your offer to answer a question.
Due to multiple locations with very low bandwidth, we’re going to have to use an offline deployment (media creation)
My media is very large(20GB), have a thick image and a wide variety of machines, so lots of different drivers.
Is there a way to create my media so that the boot is on one partition and the deployment media(drivers and image) is on another?
I have done this manually by applying the litetouch wim to the Fat32 portion of a portable drive and copying the DeploymentShare to the NTFS portion. Once I boot into the litetouch, I have to specify where the deployment root is, and it works like it should but i’m not sure how to have the computer identify the DeploymentShare automatically
Thanks for your help
Hi Tom,
I think you should/could run a script prior to calling the litetouch.vbs which can determine the drive letters of the USB device, and then on the fly write a proper bootstrap.ini for your situation.
Unfortunately I don’t have a script like this at hand, I can only point you into a certain direction.
In WinPE which is just regular WinPE a ini file is responsible for calling the mdt scripts and initialization. Prior to this you can call different actions or scripts. I know there are scripts that can determine if an USB device is attached and which drive letter is appointed to it (this can vary due to multiple disk configuartions in machines) then you could write the bootstrap.ini in a variable way prior to loading the bootstrap.ini. Which then already has the correct parameters.
Hope this helps.
Cheers! Rens
Hi Ren , I found your blog very helpful and i am facing this issue since long time and not able to fix so kindly help this issue , I gone by BDD.log and other logs but so far not resolve .
Failure (5627) 1073741515 0xC0000135:run DISM.exe
Hi Mohammed,
You should review dism.log cause this logfile holds the precise error description. You can find it during the WinPE phase in X:\Windows\Logs\DISM\dism.log or during setup phase on C:\Windows\Logs\DISM\dism.log.
Let me know.
Cheers! Rens
Hello,
when I deploy windows 10 the TS copies drivers, installing operating system, and restart and login to to local account after that TS wont continue it stops before state restore phase.
Am I missing anything in WIndows 10
Hi,
You should review your bdd.log and smsts.log. Also please perform a standard client xml deployment with no modifications except for drivers. This should always work 100%.
Cheers! Rens
Hi Rens
Thanks for your blog, loads of good info for a MDT novice like me. – This one might be trivial, but I haven’t mananaged to figure out how.
I’ve configured MDT 2013 Update 2, and made a TS to build a reference image, and all the builtin stuff works like a charm.
Lastly I’ve made a custom script to be launched just before the image capture, that fails for some reason. I’d like somehow to break into a cmd prompt to further investigate.
I’m new to MDT, but it seems that in previos versions it was possible to enable this on the Windows PE tab on each deployment share, but that option is no longer there in 2013UP2?
Ofcourse I could write extra logging, but it would be alot faster to debug with access to a cmd.exe prompt.
BR Kasper
Hi Kasper,
You are welcome, braking in during the TS might be difficult, however you can put a LTISuspend prior or after this task to see logging etc.
Add a Run-Command line step to your task sequence with the following commandline: cscript %SCRIPTROOT%\LTISuspend.wsf this will pause the task sequence and create a shortcut for resuming the task sequence after you are done investigating.
Also if you like, please post me the script you are trying to run, perhaps I can detect the error.
Cheers! Rens
Hi Rens
Thanks for the quick response!
I thought the LTISuspend supposed was meant to be used while the reference image is still live, and not in WinPE? . (That’s where my script fails)
It’s a simple script, that is supposed to copy the boot folder from the system reserved partition to the Windows system partiton. (In order to make the image compatible with a 3’rd party deployment tool)
Const OverwriteExisting = True
Set oFSObj = CreateObject(“Scripting.FileSystemObject”)
oLogging.CreateEntry “Assigning drive letter to system partition”, LogTypeInfo
RunDiskPartSilent array(“select disk 0”, “Select volume 1”, “Assign letter=s”,”exit”)
oLogging.CreateEntry “Copying boot files to system drive”, LogTypeInfo
oFSObj.CopyFolder “S:\Boot”,”C:\Boot”, OverwriteExisting
I guess the S drive letter could already be in use, or maybe the Windows partition gets assigned to another drive letter during the capture process. Which could be easily determined from a CMD prompt ๐ This needs to be done from WinPE, since the folder will be locked on a live OS.
Or maybe i’m launching it the wrong way? I placed the file in on my my \\Deployserver\deploymentshare\Scripts – Currently as a command line like this:
cscript.exe “%SCRIPTROOT%\CustomCopyBootFolder.wsf”
As said, I’m a novice at MDT, and currently learning by doing. So a good way to debug similar issues could be useful in the future also ๐ – I asume MDT somehow prevents the cmd prompts to show up during winpe
BR, Kasper
Hi Kasper,
In WinPE you can press F8 and then the command prompt will appear. Logfiles are then spread out over two locations: X: and C: (that is after your disk has already been formatted)
LTISuspend is indeed when you are in Windows after the state restore phase in the task sequence.
You can add extra files and folders in the WinPE boot image, so I suggest you add cmtrace.exe or trace.exe in your WinPE image, because that always comes in handy reading logfiles with instead of reading them with notepad (which is just unreadable)
You can use the variable SCRIPTROOT already in WinPE so that shouldn’t be a problem. I would try to run it manually when you have your command prompt open.
As far as I can see there is no option in MDT to enable or disable command prompt, pressing F8 will always get you there. If you are already in the phase of Windows setup (like: Detecting hardware, setting up your machine) pressing SHIFT+F10 will get you the command prompt.
Cheers! Rens
Hello Rens,
my deployment is showing no error’s in BDD log. The last log is
”
”
More over I did not add custom steps to TS.
Thanks
and its stopping there
Aravind, did you perform a completey standard Task Sequence deployment with no modifications other then the drivers?
Let me know.
Hi Rens,
We are currently plan to migrate our Win7 Ent to Win10 Ent LTSB 2016.
I already built tasks sequences to migrate 7 to 10-2015 and 10-2015 to 10-2016. According to Microsoft and my tests, it’s not possible to migrate Win7 Ent to Win10 Ent 2016 directly (https://technet.microsoft.com/en-us/itpro/windows/deploy/windows-10-upgrade-paths)
do You have any idea if is it possible to combine my 2 upgrade tasks in only one? OS GUID and IOS Path are both present in those files ts.xml and Unattend.xml…and I’m not sure if is it possible.
Thank you,
Vincent
Hi Vincent,
Interesting question, haven’t done much with in place upgrade. However If I may suggest an out of the box option, why not make the two task sequences chained, one task sequence calls the other at the end. I understand it may be twice the hassle, but perhaps it’s worth trying. You could also try to combine both task sequences into one, so you need to copy and paste the entire content of one at task sequence at the end of the other task sequence. Not sure how MDT will cope with the fact that Task Sequence Variables are changed (had some issues with different WIM file selections which is basically what you are doing). I suppose the 1607 update cannot be slip-streamed or initiated otherwise.
If you would like to chain task sequences, all you have to do is add a “Run command-line” step at the end of the first task sequence that calls: “cscript.exe %scriptroot%\litetouch.vbs” /tasksequenceid: you might want to use a different customsettings.ini also, which is possible if you add the switch /inifile see a.o. https://mdtguy.wordpress.com/2016/04/21/overriding-customsettings-ini-in-mdt-2013-update-2/
Cheers! Rens
hi Rens and thank you for your super quick answer!
Finally in the meanwhile I was able to run a remote PdqDeploy task without any user input.
As you wrote with the magic switchs and custom *.ini file.
That way I’ll try to make a task sequence with update 1 and update 2 delayed with a 3 hours timer.
I’ll either try call the second task at the end of the first one and see what’s happen…
I’ll post results here ๐
Vincent
Curiously awaiting your results, let me know.
Cheers! Rens
Hello,
i have such a problem, maybe you could help me a bit.
So i decided to set some variables not inside of customsettings.ini file but a script is called inside of the ZTIGather.wsf. In the script I set some oEnviroment variables like TaskSequenceIQ and TimeZones (everything is based on values from the Registry). It ends succesfully, but when i start the installation process, it had all the values unchanged. Do you have any idea what could be the issue? When you need some more info, give me the details and i will get them for you. Thank you very much
Regards
Alex
Hi Alexander,
Modifying scripts is something I would definitely not recommend doing, why didn’t you put the task sequence variables in your task sequence? Because this is perfectly possible. These variables will then only apply during this specific task sequence. If the variables are always used for every deployment I think you should put them in the CustomSettings.ini. Another possibility is you set the TimeZone directly into the unattend.xml.
So I just wouldn’t modify ZTIGather.wsf or call another script from ZTIGather.wsf. You can almost make everything conditional applicable through conditions, WMI queries, task sequence variables so there must be another way?!
Cheers! Rens
Hi Rens,
the thing is that i want the installation process to be automatic, so when the user click install, every variable will be set, cause of this i take out the last TaskSequenceiD and use it again. So i dont realy choose even the tasksequence, it should be automatic. First i created some scripts that run synchronous with the LiteTouch.vbs but that was too blunt ๐ So now i want to use the variables. Can you somehow give an example how to use the wmi queries for setting the timezone? Also, wow! you responded fast, niiice
Cheers!
Alex
Hi Alex,
I’m guessing you want to make a flexible deployment perhaps divided over more countries so you have multiple regional settings en such. If you can find a specific property that is unique to every country such as a different default gateway, some prefixes in the hostname or stuff like that you can build a flexible deployment without too much scripting hassle. If you understand scripting, I want to point out to the following article I once wrote:
http://renshollanders.nl/2013/09/mdt-2012-lti-deployment-regional-and-locale-settings-based-on-chars-hostname/
Also you can query registry keys through the condition’s pane on every step, you can also query registry through WMI, so that should be perfectly possible. Cheers! Rens
Hi Rens,
i tried to use a variable task sequence like that, but as the task sequence has to be set automaticaly its too complicated (it did not work, maybe some syntax issues). I am working with scripting half a year now, cant do everything, but like to learn. So all the If…Else statements from my scripts can be set as flexible deployment options. The specific value could be the old TaskSequence from the registry. The userexit script , when does it exactly run? (thank you for your patience with me ๐ )
Cheers
Alex
The userexit script runs at the beginning of the task sequence, right after the machine has received a name.
You could also provide these settings when a specific task sequence is called. Just add TaskSequenceID to your cs.ini priority before the word “default”
Then create a subsection given the name of your task sequence ID an put all the applicable variables in the subsection of the tasksequence ID.
So example:
[ID004]
TimeZoneName=W. Europe Standard
KeyboardLanguage=0413
[ID005]
TimeZoneName=Pacific Standard Time
KeyboardLanguage=0409
etc.
You can test this without doing a deployment. Just use: cscript litetouch.vbs /infile:”path to your customsettings.ini” /tasksequenceID:”ts_id” and review your bdd.log in C:\MININT for the outcome.
Cheers! Rens
HI Rens,
thanks for your fast answers, will give it a try ๐
Hopefully i can cook something nice up from this.
Cheers
Alex
Good luck!
Hi Rens,
again me, maybe ill give you an example. So the Gather will call a sccript that sets the TaskSequenceID variable to CurrentSystemTaskSequenceID = objshell.RegRead( “HKEY_LOCAL_MACHINE\Software\Microsoft\Deployment 4\Task Sequence ID”). The settings i need have to be set before the taskseuence even starts (or so i think) as the user has to be able to install it with only the install and begin buttons.
Cheers
Alex
Hi Rens,
a small quick question, how do i skip the Media Details window? ๐
Everything seems to be working, but i cant find the ine window that shows me what i am installing.
I want that after the installation is started only the window with the begin button shows.
Cheers
Alex
Please post me a screenshot. Basically every wizard pane can be skipped with Skip”name of the pane”=YES
See the help file or http://systemscenter.ru/mdt2012.en/propertydefinition.htm for the exact properties.
Cheers! Rens
Hi Rens,
here is the screen http://prntscr.com/e91z8t
Could not pinpoint that screen, did try skipbuild and such, nothing
Cheers
Alex
Is this SCCM integrated MDT or just standalone MDT?
Don’t recall ever seeing this screen on standalone media with USB deployment.
Which version of MDT are you using and which version of Windows ADK?
Hi Rens,
its standalone Microsoft Deployment Workbench 6.2.5019.0
and ADK 14.11.2014
Cheers
Alex
And this happens when doing online deployment over the network or with standalone offline deployment through media such as USB or ISO?
I would recommend updating your components by the way. MDT is at 6.3.8443 and ADK at 10.1.14393
Really never seen this screen before. Quite strange since I have seen some MDT panes over time.
That window pops up when i start an offline deployment trough an USB.
Thanks for the recommendation, will update. That screen is driving me crazy ๐
so i tried Skipsummary, so now i only have the Media Details page, that thing is quite the fighter ๐
Alex,
Which deployment scenario are you using? Litetouch, Zero Touch or User Driven? Usually it should be Litetouch, Zero Touch is SCCM integrated and User Driven isn’t used that often.
I’ve forwared your question to the MDT godfather https://twitter.com/renshollanders/status/831882326351151105 so I’m awaiting his response
Good Morning Rens,
it is Litetouch, i think that maybe it is custom somewhere, when you are not familliar with it.
Cheers
Alex
Someone mentioned the DeployWiz_Definition_ENU.xml file in the \Scripts folder. Perhaps it could be a custom page. You can use notepad++ to find in files looking after specific words. I would do a search for “Media details” to see if there is any script that holds the contents for this page.
Hi Rens,
i now checked the twitter, checking it right now ๐
Cheers
Alex
Hi Rens,
was a custom page, you are quite an awesome guy! Thanks for the help.
Say thanks to Greg to. ๐ Have a beautiful Thursday
Cheers!
Alex
Hi Alex,
Would you care to share the custom page contents? I can imagine the deployment time and size would be something interesting to know.
Cheers! Rens
Hi Rens,
Here you go:
<![CDATA[
table, tr, td{
border: 1px solid black;
border-collapse: collapse;
}
Product Update
Description:
Name:
Unknown
Version:
Unknown
Approx. Duration:
Unknown
]]>
<![CDATA[ TaskSequenceName.InnerText=oEnvironment.Item("TaskSequenceName")
TaskSequenceVersion.InnerText=oEnvironment.Item("TaskSequenceVersion")
if Property("ExpectedDuration") “” then
ExpectedDuration.InnerText=Property(“ExpectedDuration”)
End if]]>
Cheers!
Alex
MDT 2013 now that i have added new ADK10 for windows 10, my windows 7 task on the install operating system task gets to 100%, sits there for a few minutes, then resets back to 0 and attempts to install the OS again. This task in my task sequence seems to be in a loop, the win10 option works great. Any thoughts on how to fix?
Hi Dan, are you sure it is being reinstalled? What has changed in recent versions of MDT is that the image is being applied with DISM instead of ImageX, therefore the status of applying the image went broke on some version of DISM / Windows ADK. Microsoft has fixed the issue, however what can be seen is an image status going from 0 to 100 and then starting all over again. This is especially with large images. I think they calculated and approximate time for the image to deploy, say 10 minutes, if the image takes longer it will reset the counter and start over again from 0. I would recommend giving it some time to see if the image actually isn’t being deployed successfully.
Let me know!
Cheers! Rens
Hi Rens,
here is Alex again ๐ A quick question, there is a property in the BDD.log with the name CleanStart. As default it is empty, where and how can i enable this cleanstart switch. As i understand, it will clean any old MDT instances before the Wizard. I currently have an custom script that will do the same, but would like to use MDT itself for it.
Cheers
Alex
Hi Alexander,
Have to give it to you, you have some good questions. I’ve never encountered the clean start (or just haven’t looked at it) before.
Let me do some digging en get back to you.
Rens
Hi Ren,
I’m implementing Dell CCTK tool to configure the BIOS settings before the “preinstall” phase. It ends with a restart.
I would set it to auto PXE boot so it can continue the next phase “Preinstall”
However, it completely skips it and goes straight to phase “Install” where it proceeds to install the OS.
Is it by MDT design that it proceeds to “Install” after a restart?
Hi CT,
Dell CCTK is as far as I know outdated by Dell Command Configure, are you using the latest tools from Dell to incorporate BIOS updates? I’ve embedded a BIOS configuration (not upgrade!) step myself for HP laptops during the preรฏnstall phase. I believe this is the best phase to do it, because you are in WinPE during these steps, and during the Preinstall phase, the machine gets it’s hardware drivers injected etc. Right after that the machine will reboot itself automatically, so If you have incorporated any reboots other then the ones present I would remove them. Also please have a look at this blog from Mikael Nystrom: https://deploymentbunny.com/2011/05/20/step-by-step-upgrading-bios-during-litetouch-deployment-for-dell-hewlett-packard-and-lenovo/ and a more recent post: https://deploymentbunny.com/2016/07/20/osd-bios-upgrade-during-os-deployment-in-mdtconfigmgr-v3/ or another solution is to do it later in the task sequence: https://deployhappiness.com/updating-bios-versions/
Think this should get you on your way. Let me know!
Cheers! Rens
HI All
I have gone many blogs abt enabling a prompt during initial process to ask for the disk partition info in MDT but not able to find a right solution. Can someone help me with the right scripts and the process to enable a prompt if possible plz?
https://social.technet.microsoft.com/Forums/en-US/0ef8734e-1db5-469a-9950-ffe1808f4a6d/custom-partition-sizes-in-mdt-2010?forum=mdt
I was trying to follow what’s on this blog but the link to the script is not available now.
Recently upgraded to MDT 6.3.8443 and the Windows 10 PE image. Now all vbscript expression in CustomSettings.ini are no longer processing. I.E.
SN=#REPLACE(%SerialNumber%”,” “,””)#
Sets the SN variable to #REPLACE(%SerialNumber%,” “,””)# instead of the output of the vbscript snippit.
We have used #code# snippits in the past without issue. Any ideas as to why it no longer works? Is it something they removed from the newer versions?
Also, tried doing this in a UserExit script but some results. Variable is set to the #function# instead of the output of the function.
Hi David,
Wish I could help, unfortunately no such experience with vbscript expressions.
I’m sorry.
Cheers! Rens
Hoi Rens,
Ik ben na lang zoeken uiteindelijk op jouw site terecht gekomen. Ik hoop dat je me kan helpen met MDT. Ik ben een week of 2 geleden begonnen met MDT en het bevalt me wel.
Ik probeer computers die met MDT gedployed worden automatisch een OU te laten joinen gebaseerd op de naam van de computer. Ik heb lang gezocht op internet maar heb niks concreets kunnen vinden.
Ik wil dat computers met een ‘LL’ in een aparte OU gaan en computers met ‘LK’ in een aparte OU gaan. Het automatisch joinen van een domein is mij tot nu toe wel gelukt.
Ik kijk uit naar je antwoord!
A
Beste A,
Je kan een TaskSequence Variable maken aan het begin van de task sequence met de volgende parameters: bijv: OU=LL,OU=Workstations,DC=Contoso,DC=COM
Task Sequence Variable: MachineObjectOU
Value:
Op deze task sequence variabele kun je dan een conditie zetten (het tweede tabblad) op basis van een task sequence variable namelijk:
Variable: OSDComputerName
Condition: Greater Than
Value: LL of LK
Nu wordt de Task Sequence Variabele uitgevoerd en wordt er gekeken naar het begin van de computernaamvariabele.
Laat me even weten of het je is gelukt.
Groeten Rens
Beste Rens,
Bedankt voor je snelle reactie.
Helaas worden de computers nog niet in het goede OU geplaatst.
Ik denk dat het mis gaat bij Greater Then aangezien de computernamen niet beginnen met LL of LK maar bevatten.
Bijv: 19-2-2-LL01, 19-2-2-LK01.
Waar moet ik de taak plaatsen in de Task Sequence? Ik had hem helemaal bovenaan onder Gather local only gedaan, De join domain staat pas lager maakt dit iets uit?
Printscreen: https://screenshot.net/pdpwqt9
A
Ik had verwacht dat de computernamen begonnen met LL en LK. Ik zou de Task Sequence Variabelen helemaal boven aan zetten, nog boven de Gather group en de omschrijving Task Sequence Variable – Computername %LL% en %LK% meegeven in de omschrijving dat is iets overzichtelijker. Ik heb de query in WMI even getest met wbemtest: select * from win32_computersystem where name > “%LL” en dit werkt ook. Je zou dus als value voor je conditie: “%LL” kunnen gebruiken of een keer proberen zonder quootjes: %LL.
Ben benieuwd, heb dit nl. nog nooit eerder uitgevoerd op deze manier.
Succes!
Hoi Rens,
De % werkt!
Beide computers komen wel in dezelfde OU, maar ik denk dat dit aan de conditie greather than ligt. Ik heb het nu veranderd naar equals.
Ik zal een update sturen als alles werkt.
Vele malen dank!
A
Top,
heb er vertrouwen in dat het goed gaat komen, laat me even weten wat je precies gedaan hebt.
Groeten
Hoi Rens,
Ben ik weer.
Ik heb verschillende condities ingesteld maar de computers komen telkens in dezelfde OU.
Ik denk dat ik het kan oplossen met de ‘If statement’ maar weet niet hoe deze instelling werkt.
Nogmaals, dank voor je hulp.
A
Aanvullende vraag, weet jij of ik Task Sequences kan testen zonder telkens opnieuw te deployen?
Hoi, ja dat kan op de volgende manier: op een test machine in Windows ga je naar de deploymentshare vanuit een commandprompt en dan type je het volgende: cscript.exe .\scripts\litetouch.vbs /inifile:.\Control\Customsettings.ini /tasksequenceid: in de C:\MININT folder vindt je dan een BDD.log waarin je alle processed properties kunt vinden, zo kun je achterhalen of een machine in de juiste OU komt. Belangrijk is dan wel dat je de OSDComputerName ergens vermeld hebt (bijv. ook in de CS.ini)
If Statements is alleen voor het combineren van meerdere condities, If any is true execute, If all is true execute en If not execute is true
Succes!
Hoi,
Als ik de command invoer krijg ik de setup van lite touch.
Of moet ik de command zo uitvoeren?
cscript.exe .\scripts\litetouch.vbs /inifile:.\Control\Customsettings.ini /tasksequenceid:
Of moet ik de setup cancelen en dan naar de logs?
A
Hoi, weet niet welke setup je bedoeld, maar als jij een MDT wizard pagina krijgt hangt dat af van je CustomSetttings.ini, en je moet natuurlijk het juiste pad opgeven he, dat van mij was maar een voorbeeld. Je krijgt dus:
cscript \\server1\deploymentshare\scripts\litetouch.vbs /inifile:\\server1\deploymentshare\control\customsettings.ini /tasksequenceid
Zie dit artikel: http://deploymentresearch.com/Research/Post/348/Save-time-and-avoid-pain-Create-a-MDT-simulation-environment
Groeten
Hoi Rens,
Ik heb het artikel gevolgd maar ik krijg nergens in de log te zien in welke OU hij geplaatst wordt.
Als ik in de task alleen een regel voor LK of alleen voor LL aan maak werkt het wel, maar beide niet (IF IF), maar ook dan is het niet uit te lezen in de logs.
Brutale vraag, maar ben je eventueel bereid om 5-10 minuten op afstand mee te kijken, volgens mij is het erg simpel maar kijk ik ergens overheen. Vervolgens zal ik uiteraard de oplossing hier delen.
Hoi,
Ja dat kunnen we zeker even doen. Wordt wel na werktijd (als dat kan) of straks tegen 16:00 dan kan dat wel. Kunnen we ook even bellen. Ik zal je een bericht sturen met contact info op het e-mail adres wat je opgegeven hebt.
Groeten
Hi
I created a reference image and now, I am trying to import the .wim file to the final deployment share.
although wizard says that import has been completed successfully, I don’t see the file in deployment workbench under the operating system in the final deployment share. However, when I open the operating system folder with windows explorer, the .wim file is there.
why doesn’t it show up in the workbench?
Hi Sam J.
What happens when you perform a refresh. Alternatively you can check if the entry of the imported operating system is present in the .\DeploymentShare\Control\OperatingSystems.xml file. It should be there. If not there is some form of corruption. I would advise you to make a backup of your control folder, delete and recreate or empty the OperatingSystems.xml and OperatingSystemGroups.xml and import all your operating systems again.
Cheers! Rens
What file controls initial processing of MDT deployments?
Hi Davidk,
That should be the customsettings.ini. This file holds all the properties to the behaviour of the deploymentshare, the bootstrap.ini holds the properties to connect to the share.
Cheers! Rens
I have a cleanup VBS script that calls a batch to remove MININT and other unnecessary files. What part of my MDT task sequence should I run cscript.exe “%SCRIPTROOT%\cleanup.vbs?
Hi Navin, at the end of your deployment, place the step as low as possible in the State Restore phase.
Cheers! Rens
Hi Rens, we are having a weird issue with some new HP models and an SCCM MDT Integrated W10 Task Sequence.
We are using the following versions – SCCM 1610 w Hotfix KB4010155, MDT 2013 U2, MDT Boot Image 10.0.10586.0 (1511), W10 WIM 1607.
The problem we are having is a new chassis type from HP (35) not being recognised as either a Laptop or Desktop. So we added 35 to our ZTIGather.wsf file thinking it would resolve the issue. But now we are getting strange results, when the MDT Toolkit runs during the Initialization and Install groups – IsDesktop=False. But then in the State Restore group IsDesktop=True.
Any ideas?
Hi Dan,
I would do a find in file/directory with notepad++ for “IsDesktop” in .\DeploymentShare\Scripts folder to check if the variable is used in another script. This could be the case.
Otherwise perhaps an additional task sequence variable can be set: Task Sequence Variable: Name IsDesktop value: True with a condition that if the Model equals “ProDesk 400” it’s a desktop.
This is a workaround.
Cheers! Rens
Thanks for your repsonse Rens – when I looked at the ZTIGather.log file, I noticed that initially IsDesktop was set to false a few times, then nearer the bottom of the log it was set to true.
Running “wmic path win32_systemenclosure get chassistypes” from within Windows returned the expected value (35) – but when I ran the same command from our PE boot image, it returned (2) – Unknown. This got me thinking that something is wrong with our Boot image, so I checked in my lab environment and from PE the command returned (35).
So I think this issue may be related to either the version of W10 or ADK that the boot image is created with. Both of these are newer in my lab environment are newer so I have been unable to confirm exactly which.
We are updating to SCCM 1702 soon and will update our boot images and ADK at the same time – I will post on here if this does / doesn’t fix the issue.
Hi Rens
Greetings.
I am facing an intresting issue using MDT. I am using Media for the deployment which deploys the OS but the the task Sequence doesnt resume after the reboot when i try to run Ltibootstrap.vbs it gets deleted but when I use Litetouch.iso to deploy it works fine by itself without maunally doing anything. There are no customisations in my Rules file and moreover i have created new task sequences new Dep shares and even Reinstalled MDT. I have checked BDD.log everytime using CMtrace but it doesnt show any errors. The task sequence is absolutely plain with no customisations and also there is no step for the Domain join as well. i have also tried with different .wims but no luck.
Kindly advise
Regards
Aqib Javid
Hi,
I’ve made a custom MDT pane to generate a specific computername with variables.
The issue is that the “Next” button does not let me go to the next pane, nothing happens when I click it.
I could post the content of configuration files if needed, but I first just want to know if someone already faces this issue, I’m pretty sure it’s just a little mistake but I can’t find it…
Thanks !
Hi Rens!
[Note: Y: is my deploymentshare, IMG is my standard capture image without Sysprep task sequence ID]
I made a very nice custom shell within Windows PE and I try to capture a Image with one single button click (within the custom shell) This is what proccess I initate:
cscript.exe Y\Scripts\LiteTouch.vbs /TaskSequenceID:IMG /DoCapture:YES /BackupFile:WIM.wim /ComputerBackupLocation:{UNCPATHSTRING}
It doesnt work at all! I also tried to Initiate ZTIBackup.wsf but I want to use LiteTouch because of the GUI.
Any thoughts on how to fix my problem?
Thanks!
P.S: LiteTouch.wsf also doesnt work..
Hi Rens,
Hope you can help or point me in the right direction?
I have setup MDT 2013 and WDS on a 2012R2 domain joined Server to deploy Windows 10 1709 over the existing Win7 image.
Customsettings.ini is setup to bypass most of the deployment screens to make it as foolproof as possible for the deployment personel (machine name and machine model are all that they need to select) the task sequence only has the driver pack for the machine model needed otherwise is default.
All works fine in testing with captured custom image on legacy or UEFI settings (mixture of desktops and laptops, new and older all used in testing).
When testing on the production side the deployment to legacy bios works perfectly but the UEFI fails near the end of the task sequence don’t no the exact point.
O/S has deployed and reboots, it is setting up for a new Windows 10 user, error on screen “fails to find litetouch.wsf” if you click the error box the system stops and leaves you on the desktop, the sequence is supposed to log you off of windows.
Unfortunatly the logs are set to move from the machine being built to the MDT server, they never arrive and nothing is left on the machine being built to check.
Regards
Steve
Steve,
First of all you need to find the smsts.log and have a look at the bdd.log. These can be found in %localappdata%\temp. Also this common error happens when having more then one partiiton on your hard drive of more then one physical disk. Can you please let me know if this is the case?
Cheers! Rens
Hi Rens,
Yes we have set 50% of the drive for the O/S the rest for a data drive.
I’ll try a deployment to UEFI with OS using all the drive.
Many thanks for prompt reply (roll out in 3 weeks)
Steve
Hi Steve,
I think success guaranteed if you have 100% space allocated to your C drive and no other data partitions.
Cheers! Rens
Hoi Rens,
Wellicht kan jij ons helpen. In het verleden heb jij contact gehad met een stagiaire van mij.
Wij deden toen domein aanmelding via de custumsettings.ini met parameter joindomain etc..
Hier zijn wij vanaf gestapt omdat joindomain problemen oplevert met capture en sysprep en de pc kwam veel te vroeg in het domein, waardoor er andere (software)conflicten optrede.
Ik heb inmiddels een powershell script die de pc in het domein zet na alle softwareinstallatie. Deze ziet er als volgt uit:
Voorwaarde: OSDComputerName, Greater than LK
____
$strUser = “domein\MDT”
$strDomain = “domein.local”
$strPassword = ConvertTo-SecureString “***” -AsPlainText -Force
$Credentials = New-Object System.Management.Automation.PsCredential $strUser,
$strPassword
$strOU = “OU=Computers Teamleden,OU=school,DC=domein,DC=local”
Add-computer -DomainName $strDomain -Credential $Credentials -OUPath $strOU
——-
en
Voorwaarde: OSDComputerName, Greater than LL
_____
$strUser = “domein\MDT”
$strDomain = “domein.local”
$strPassword = ConvertTo-SecureString “***” -AsPlainText -Force
$Credentials = New-Object System.Management.Automation.PsCredential $strUser,
$strPassword
$strOU = “OU=Computers Leerlingen,OU=school,DC=domein,DC=local”
Add-computer -DomainName $strDomain -Credential $Credentials -OUPath $strOU
Echter treed nu het probleem op dat PC’s met de naam beginnend met LL, 2x een script uitvoeren. Hierdoor volgt o.a. de melding pc staat al in het domein. Hoe dit het makkelijkste op te lossen? Voorwaarde aanpassen of de powershell aanpassen (waar ik weinig tot geen kennis van heb momenteel).
Vreemd genoeg werkte bovenstaande voorwaarde wel met joindomain i.c.m. custumsettings.ini….
Mvg, Bvd,
T.
Hallo,
Ik zou de LL stap voor de LK stap zetten, dan ben je er toch? Omdat het script dat kijkt of iets groter is dan LK ook toepasbaar is op LL computers. Echter als je de LL stap voor de LK stap zet zou dit volgens mij niet het geval zijn. Of je query aanpassen
Je kan namelijk ook een OSDComputerName not equals en dan werken met een wildcard in de vorm van % teken, dit bijvoorbeeld op de machines die je niet in je domein wilt hebben. Een andere oplossing is de domainjoin stap alleen op te nemen in de task sequence vd. machines die daadwerkelijk het domein moeten joinen. Dit gaat echter weer alleen als je 2 verschillende task sequences hebt voor referentie image creatie en daadwerkelijke uitrol van het image. Kijk hier eens naar: http://renshollanders.nl/2015/04/mdt-put-the-domain-join-where-it-belongs/
Groeten Rens
Beste Rens,
Ik ga eerst proberen om beide om te draaien, echter ben ik bang dat het probleem blijft bestaan dat hij 2x een script wil uitvoeren omdat hij nog steeds aan beide voorwaarde voldoet, L is hoger dan K, dit blijft.
Wij hebben de Microsoft configuration Manager Trace Log Tool draaien, maar hier kun je toch ook een venster starten om paramaters/value te testen op basis van o.a. computernaam?
Beste Rens,
Inmiddels is het opgelost, hieronder een korte samenvatting zodat niet alleen jij weet hoe wij het uiteindelijk hebben opgelost, maar ook de andere lezers.
Ondanks wij de volgorde op jou advies hadden aangepast kregen wij helaas nog steeds de foutmelding omdat hij 2x een script wilde uitvoeren bij computers beginnend met LL.
In het bericht hierboven had ik het over het testen van value, of beter gezegd misschien query. Uiteindelijk ben ik erachter wat ik bedoelde, n.l. wbemtest.exe.
Voor de medelezers, hiermee kan je heel snel Querys (Value/voorwaarde) testen op een computer in of buiten het domein, in dit geval op computernaam. Op deze manier hoef je niet telkens een pc van een nieuwe images te voorzien.
(Aanvullend kun je nog gebruik maken van de “Configuration manager trace log tool”, volgens mij, echter ben ik hier nog niet in thuis.)
In ons geval krijgen wij via de wbemtest alleen antwoord bij de LL computers met:
Select * from Win32_ComputerSystem where name > “LL00”
en bij de LK computers met:
Select * from Win32_ComputerSystem where name < "LK99"
Uiteindelijk voor de powershell script LL de voorwaarde:
OSDComputerName greather than LL00
Bij de powershell LK de voorwaarde:
OSDComputerName less than LK99
Het probleem is hiermee dus opgelost. Ooit wil ik mij nog wel verdiepen in een compleet powershell script en de andere aangeboden (mogelijke) opties.
Maar voor nu werkt het! Dank voor je feedback.
Hi,
I am using multiple ways of deploying my image (pxe, usb etc) and I want to ensure that the system drive is C (this part is no problem) but to create a data drive that’s D. I notice for some hardware the USB drive or DVD rom drive will be D. I was trying to use diskpart but I’m having an issue with that. Is there a sure way of doing this? Thanks for you time
Sammy,
I think you need to script this post installation would be the best solution. You can use powershell to change drive letters but it needs to be done post deployment when the USB is not present.
Have a look for a scheduled task after deployment which runs once to do this, or perhaps via GPO or a client/server push of code.
Cheers Rens!
Thanks for the Advise Rens, but GPO wasn’t an option. I did put a runonce reg entry to point to a diskpart and that works fine.. the org I’m with does find this an ideal solution but it works ๐
I’m just wondering if there is any way I have the same effect by perhaps modifying the boot.wim do you have any experience with that?
Beste,
Kunt u mij vertellen hoe ik via WBEMTEST de volgende query kan testen maar dan met een ingevulde waarde i.p.v. het ophalen van de computernaam. “SELECT * FROM Win32_ComputerSystem WHERE Name LIKE ‘PC….’ “
Hallo,
Een WMI query wordt voornamelijk gebruikt als een conditie op een stap in MDT. Als de conditie voldoet, dan wordt er een actie wel of juist niet uitgevoerd. Op basis van uw query geld dat er resultaat wordt getoond wanneer de naam van de PC voldoet aan ‘PC’. Wanneer u een specifieke hostnaam in gedachten heeft kunt u in plaats van “LIKE” de operator “=” gebruiken. Ook kunt u door middel van het gebruik van Wildcards “%” zeggen dat de machinenaam van de PC “PC%” mag bevatten, alles na PC is dan niet meer relevant. Zet u ook nog een procent teken voor het woord of karakter PC, dan zal ook alles ervoor niet relevant zijn, en zal WBEMTEST een resultaat terug geven zolang de string PC maar in de naam van de computer voorkomt.
select * from win32_computersystem where name = ‘PC12345678’ (matched dus volledig op de naam van de PC)
select * from win32_computersystem where name like ‘PC%’ (matched op de eerste 2 karakters op de naam van de PC)
select * from win32_computersystem where name = ‘%PC%’ (matched op de aanwezigheid van het woord PC)
Beantwoord dit uw vraag?
Niet helemaal, informatie is wel nuttig ๐
Nu kijkt die voornamelijk door * from win32_computersystem naar de eigen computernaam.
Kan ik hier ook een computernaam plaatsen die ik bijv. later wil gebruiken op een andere computer om te testen of die voldoet aan de voorwaarde?
Rens,
I’m extremely late to this party but may be my question will be good enough to catch your attention. I will keep it short.
My scenario:
One domain, multiple subnet/vlans.
3 major sites: A, B, and C. Each site has its own AD DS and DHCP to serve each sites dns and devices and each of the 3 sites are connected to each other via 100MB connection.
Site A is where I am located. I have a MDT/WDS server setup and working great at site A. The issue appears I am facing is it takes 4-5 hours to bring down a 2.7GB image located in site A from site B and C. So I decided to install WDS role in sites B and C and then upload the Litetouch (boot.wim) to the sites B and C and then updating the DHCP options to point to the the respective WDS servers at B and C.
At site B, I PXE booted and I noticed the client was still pointing to site A just before I select “begin” in the OSD screen (after applications windows).
My question is, how can I get a copy of the MDT contents at site A to site B and C so PXE clients from sites B and C are not going over the vlan/subnets to site A?
Are you familiar with MDT + DFSR? I read somewhere that the following steps could accomplish this:
1. Setup the WDS role on each DHCP server
2.Setup a local file server (if not already done so at each site)
3. Use MDT+DFSR to deploy the actual image, WDS to just PXE boot into MDT
4. Use cs.ini and conditional gateway settings to point the local MDT Deployment Share
I am not sure how to go about setting up DFSR with replication and using cs.ini with gateway settings to point to the local MDT deployment share at site B and C.
I really would prefer not to have to setup 2 MDT servers just for this.
James,
I’ve got a simple answer for you. Indeed implement DFS, but do not replicate it with DFSR technology. Instead schedule a robocopy mir from the target location to the destination locations or vice versa. Maybe you need to go into folder details as to which MDT folder you want to explicitly sync (Imaging to sync 5 operating system images when you only need 1) but this is yet to date still the best option to take.
You indeed can use the Bootstrap and CS ini to take different deploymentshares on different locations based on gateway details if you will not implement DFS and just point to the three fileshares where each of the copies of the deploymentshare reside.
To prevent the boot.wim loading through WDS/PXE from site A to site B or C taking a too long time, I would suggest you also incorporate a WDS/PXE server per network (A, B and C) and keep your boot images in sync, once you made those flexible with the Bootstrap and CS ini based on gateways.
No need to setup DFSR or a 2nd deploymentshare.
Caught my attention. Good luck!
Kind regards
Thanks for your response Rens. I’m familiar with robocopy.
I suppose what i need is a pointer in the right direction as to where to start the implementation.
Site A will always be where the development work with new done.
Do you have pointers to how the cs.ini with gateways can be achieved? I think I’ve read on your website in the past but I’m not sure.
Is there a reason you said to not replicate the mdt contents? or is there a reason why you prefer robocopy over the replication mechanism built into dfsr?
At this point, I’m busy looking for a howto or step by step guide to get this going.
Thanks so much for your quick response. Very much appreciated.
Because, DFSR can cause a whole lot of new problems if you are syncing to often too much data. It best the schedule or manually do a robocopy mir. Then you are sure the files will be copied and the integrity of the files are solid.
You can follow this example for cross domain / network gateway configuration in your bootstrap.ini:
http://renshollanders.nl/2015/11/mdt-use-mdt-cross-domain-workgroups/
Thank you Rens. I think I’ll implement DFS and use robocopy as you suggested over the next days. I agree with everything you have said. Besides with MDT, you always want control of things and that’s probably where robocopy plays an important role here.
Quick question, I’ve got several application scripts that run off the Site A MDT server (@ the end of the deployments), if i replicate this over robocopy, does that mean I’ll have to edit these scripts to point to the remote sites as well? To preempt your response, i think yes.
Wouldn’t that be too much maintenance in the long run? i.e, i have powershell scripts that uses unc paths for installation paths. I did this way because I can not get psdrive to work properly with MDT.
Thanks again for your response. Much appreciated.
James,
you need to build/make your scripts flexible. This can be done by using the variables %deployroot% and %scriptroot% throughout the deployment. Besides if you use DFS the path is always the same. Third if you use things such as “%~DP0” in a cmd file it will always use the absolute path.
So options enough ๐
Rens,
Those 2 MDT variables (%deployroot% and %scriptroot% do not carry over to Powershell during application deployment (I have tried many times and I couldn’t get it to work). I think even you wrote an article on this in the past.
I’ll try the DFS route and see. Thanks once more for your response.
Rens,
Thanks for your help. I implemented this today and everything seem to work well.
To recap, I did as you suggested.
1. Created file shares (mdt) at sites b and c (exact share names with same permissions as my main MDT server at site A)
2. Added dfs to all 3 sites and wds to sites b and c.
3. Setup the dfs namespaces
4. Updated the bootstrap with your reference blog, updated the deployment share.
5. Replicated the deployment share via RoboCopy and updated the boot wim on all 3 sites.
On my test client vm at site C, i pxe booted and ran netstat command to see if the client connected to the proper server.
Your suggestion about being more flexible with my application scripts unc path via the DFS share was awesome. It worked beautifully. This was one thing that had skipped me for ages and I’m glad you helped a lot.
Thanks alot again. Very much appreciated.
You are welcome! Glad everything worked out they way it was intended
Rens,
Thanks for having this site. I just upgraded our MDT to 8456 from something in 2016. Forgot the exact version. I’ve backed up the deployment share. Uninstalled ADK from 2016, reinstall ADK 10.1.11763.1, rebooted. Then installed MDT 8456 on top of the existing MDT from 2016. I’ve updated the deployment share and created a new task sequence. Everything looks good, the win 10 image deploys fine on my laptop. The issue I am having is that the customized jobs after the OS deployment doesn’t seem to kick off.
This is under State Restore right after Tatoo,
Task 1 – net use p: \\server\share /user:domain\useraccount password
Task 2 – run powershell script to uninstall win 10 bloatware
Task 3 – change admin account
Task 4 – change admin password
Once the image completes and boots into windows, i get the following popup on the deployment summary:
Litetouch deployement failed, Return code = -2147467259 0x80004005
Failed to run the action: Map Folder to P:.
The system cannot find the file specified: (Error: 00000002; Source: Windows)
I’ve confirmed the username/password are correct. I basically just copied and pasted the command from the old working task sequence to the new task sequence.
Thanks
Hi, you should look after using the variable %scriptroot%, it will let you run scripts from inside the deploymentshare\scripts folder. No need to mess around with UNC paths and network authentication as long as you can run scripts from within the deploymentshare.
Cheers!
Hi There,
I have a problem with my MDT/WDS deployments.
I’ve created a capture deployment share and deployed and captured and image for windows 10 that I will use as my base image. When originally run the litetouch.vbs from the computer I deployed I saw one task in the list which was the task to deploy and capture. since then I have created another task which has a list of application I’d like to deploy just by running litetouch.vbs and selecting that task. I’ve updated the deployment share and run the litetouch.vbs but the new task is not listed. additional to that I’ve created and new deployment share and have not created any tasks, but when I run the litetouch.vbs from that deployment share I see the same task that was created in the first capture deployment share. I’m not sure what is going on. It seem like something is not updating correctly.
Any Help would be appreciated.
Thanks
Additional info to my previous issue…
if I run litetouch.vbs from a domain joined computer. I see the correct tasks from the correct deployment shares.
Thanks,
Kris
Hi There,
I’m Using a VM machine to update a windows everyday and capturing its image using MDT
Problem is everyday that this capture happens it adds new user to my user profiles
I don’t know why its doing that but it seems problem is related to MDT Syspreping original image
Do you know any way to keep sysprep but stop adding new user ?
Thank you in advance
Daniel
Hi All,
Actually I am new to MDT console . I have just deployed an ISO with some applications in a Virtual machine using Hyper-V in my laptop. The applications which i have installed in the Task sequence are Adobe reader , Microsoft silverlight , Notepad and 7zip .
If I want to update the application to the newer version of it . how can i do it by using MDT ?
Is there any way to update the application to its newer version by using task sequence or anything ?
Thanks,
Ankush
Hi,
This can only be done via a custom task sequence, in which you specify new to be installed applications. You need to call the tasksequence via calling the litetouch.vbs and select the custom task sequence on the running OS.
If you need to uninstall previous installed applications, you need to build this yourself.
Calling the litetouch.vbs can be done via login script, GPO or scheduled tasks. But bare in mind. MDT is a pull system, not a push system. It has no agent whatsoever. So you need to basically figure something out to make this pull system a push system.
Kind regards