Category: Deployment

MDT 2012 Feature: Item Sorting

There is a new feature in MDT 2012 RC1. It will keep the list of items (applications, drivers OS packages, task sequences) in alphabetical order.

Now when you first install MDT 2012 RC1, you might notice that the items aren’t sorted right away – you have to change something in the folder first. As soon as you do (e.g. add an item, rename an item), the items in that folder will be sorted.

Keeping the list of folders sorted is a much bigger challenge, so at this point they will still show up in the order that they were added.

Microsoft Deployment Toolkit (MDT) 2012 RC1

The Solution Accelerators team released Microsoft Deployment Toolkit (MDT) 2012 RC1 is available for download on Connect now.

Download the MDT 2012 RC1 release now

New features and enhancements:

Support for Configuration Manager 2012 RC2: This update provides support for Configuration Manager 2012 RC2 releases. MDT 2012 fully leverages the capabilities provided by Configuration Manager 2012 for OS deployment. The latest version of MDT offers new User-Driven Installation components and extensibility for Configuration Manager 2007 and 2012. Users now also have the ability to migrate MDT 2012 task sequences from Configuration Manager 2007 to Configuration Manager 2012.

Customize deployment questions: For System Center Configuration Manager customers, MDT 2012 provides an improved, extensible wizard and designer for customizing deployment questions.

Ease Lite Touch installation: The Microsoft Diagnostics and Recovery Toolkit (DaRT) is now integrated with Lite Touch Installation, providing remote control and diagnostics. New monitoring capabilities are available to check on the status of currently running deployments. LTI now has an improved deployment wizard user experience. Enhanced partitioning support ensures that deployments work regardless of the current structure.

Secure Deployments: MDT 2012 offers integration with the Microsoft Security Compliance Manager (SCM) tool to ensure a secure Windows deployment from the start.

Reliability and flexibility: Existing MDT users will find more reliability and flexibility with the many small enhancements and bug fixes and a smooth and simple upgrade process.

Support for Windows 8: The RC1 release of MDT 2012 provides support for deploying Windows 8 Consumer Preview in a lab environment.

Key Benefits:

  • Full use of the capabilities provided by System Center Configuration Manager 2012 for OS deployment.
  • Improved Lite Touch user experience and functionality.
  • A smooth and simple upgrade process for all existing MDT users.

New Features:

For System Center Configuration Manager customers:

  • Support for Configuration Manager 2012 (while still supporting Configuration Manager 2007)
  • New User-Driven Installation components for Configuration Manager 2007 and Configuration Manager 2012
    • Extensible wizard and designer, additional integration with Configuration Manager to deliver a more customized OS experience, support for more imaging scenarios, and an enhanced end-user deployment experience
  • Ability to migrate MDT 2012 task sequences from Configuration Manager 2007 to Configuration Manager 2012

For Lite Touch Installation:

  • Integration with the Microsoft Diagnostics and Recovery Toolkit (DaRT) for remote control and diagnostics
  • New monitoring capabilities to see the progress of currently running deployments
  • Support for deploying Windows to computers using UEFIAbility to deploy Windows 7 so that the computer will start from a new VHD file, "Deploy to VHD"
  • Improved deployment wizard user experience

For all customers:

  • Integration with configuration templates from the Security Compliance Manager Solution Accelerator, ensuring Windows is secure from the start
  • A simple mechanism for running Windows PowerShell scripts during a deployment, with task sequence environment and logging integration
  • Better partitioning support, creating the recommended partitioning structures on new computers and ensuring deployments work regardless of the current structure
  • A smooth and simple upgrade process for all existing MDT users
  • Many small enhancements and bug fixes

Enable TPM devices on HP Laptops trough MDT

Yes, It can be done and it is pretty simple to. Here is what you need and how you should do it. Basically, the only thing you need is “BiosConfigUtility.EXE” and a text file with settings in it, add that to the TS and it will work like a charm, 🙂

Step One – Get the utility

The utility is a part of HP’s SSM (SP49507), SSM stands for “HP System Software Manager” and version I have been playing with is 2.14 Rev A. Download that from the ftp://ftp.hp.com/pub/softpaq/sp49501-50000/sp49507.exe and if you need to see if your PC is in the list, check ftp://ftp.hp.com/pub/softpaq/sp49501-50000/sp49507.html

Step Two – Create the file

This is how the file should look like and it should have the name TPMEnable.REPSET

image

If you look at the picture, you can see that in every section there is a *. That is our default value that will be pushed into the bios.

Step Three – Create a Command and verify that it works

Now, be a bit careful, TPM is a security device and if you look your self out, it could be “tricky” to get back, so now you have been notified at least. So, we need a command to set all this and also to set a BIOS password and here it is:

BIOSConfigUtility /SetConfig:TPMEnable.REPSET /NewAdminPassword:"Password1"

So, if you take the BIOSConfigUtility.exe and TPMEnable.REPSET and put them in the same folder and run the command (elevated) with a password that is better then mine and then reboot the machine, you will see that it is going to enable the TPM chip and now you can just enable BitLocker on the machine.

Step Four – Getting stuff into the TS

Now, this can be done in different ways, one is to create a Script, or a batch file or an MDT Application. The reason for me to have an application, is very simple. When I work at customers I create a lot of “things”, if they are applications, they are pretty easy to copy inside the deployment workbench, from my personal Deployment share to the customers and vice versa. I like drag and drop, it makes life more…relaxed…:-) One other story, if they are applications, you could use the “MandatoryApplications001=” in CS.ini

So this is how it looks in my Task Sequence

image image

(No, sorry, my password for TPM is not 111-something, trust my…)

Now when I have the application I can open my Task Sequence and modify that like this:

image image

In the first picture you can see that I have added the application called “CUSTOM – Hewlett-Packard – BIOS Configuration” and in the other picture you can see that I have one condition to run this and that is same condition as the task “Enable Bitlocker” has.

So, that was pretty easy, right 🙂

Step Five – some more things…

Configure BitLocker:

image

This is my settings (also default)

Just one small thing. Modify/Set this BDEKeyLocation= to something, otherwise the keyfile ends up locally on the c: drive…:-)

MDT 2012: New Features – Hide Shell

Here is a common scenario. You are deploying an operating system using MDT Lite Touch, during the deployment you install some user specific applications. However the users think that the deployment is completed an they close the application installs or perhaps start messing with the machine while it is still logged in as the local administrator. Now you could simply inform the user that they should not touch the computer until the deployment is completed. However in my experience this “don’t touch” approach has not always been 100% successful.

Well now we have a better way, you can hide explorer shell while MDT is “doing it’s thing”!

So how do we do this? It is simple, just add the following line to the customsettings.ini file:

HIDESHELL=YES

I have included before and after shots below:

Look explorer…

,image

No explorer…. that’s better!

image

Glimlach

MDT 2012 Beta 2 Monitoring

Today I upgraded a MDT 2010 installation to MDT 2012 Beta 2.

One of the new features is monitoring Glimlach

To Configure monitoring you find a tab Monitoring on properties of the Deployment Share.
You must set a V Enable monitoring of this deployment share

image

Under the root of the Deployment Share u see now Monitoring. When you click on Monitoring you can see running deployments.

image

MDT 2012 Beta 2 Released

The latest version of MDT is now available on Connect (Join the MDT 2012 Beta 2 Connect program here!)

MDT 2012 Beta 2 offers new User-Driven Installation components and extensibility for Configuration Manager 2007 and Configuration Manager 2012 as well as integration with the Microsoft Diagnostics and Recovery Toolkit (DaRT) for Lite Touch Installation remote control and diagnostics.

Key benefits include:

  • Full use of the capabilities provided by System Center Configuration Manager 2012 for OS deployment.
  • Improved Lite Touch user experience and functionality.
  • A smooth and simple upgrade process for all existing MDT users.

New features For System Center Configuration Manager customers:

  • Support for Configuration Manager 2012 (while still supporting Configuration Manager 2007)
  • New User-Driven Installation components for Configuration Manager 2007 and Configuration Manager 2012
    • Extensible wizard and designer, additional integration with Configuration Manager to deliver a more customized OS experience, support for more imaging scenarios, and an enhanced end-user deployment experience
  • Ability to migrate MDT 2012 task sequences from Configuration Manager 2007 to Configuration Manager 2012

New features For Lite Touch Installation:

  • Integration with the Microsoft Diagnostics and Recovery Toolkit (DaRT) for remote control and diagnostics
  • New monitoring capabilities to see the progress of currently running deployments
  • Support for deploying Windows to computers using UEFI
  • Ability to deploy Windows 7 so that the computer will start from a new VHD file, “Deploy to VHD”
  • Improved deployment wizard user experience

MDT 2012 the final release will be available download through to January 2012 I think.

The Deployment Guys released Deployment Mindmaps

"Why deployment is so hard?", “Where can I find all related information?” What else I need to consider?”

Those or similar questions are normal during my any projects. After getting the same questions again and again, The Deployment Guys decided to create a Mindmap with all common links you need to know if you in the deployment space.

Attachment: MINDMAPS.zip Source:Deployment-Mindmaps

MDT Restricting the available Task Sequences by user

  1. Within DeploymentWorkbench go to Deployment Shares\<YourDeploymentshare>\Task Sequences.

  2. Organize the available task sequences into folders. Task sequences that aren’t in a folder can’t be restricted.

    image

  3. Within DeploymentWorkbench go to Deployment Shares\<YourDeploymentshare>\Advanced Configuration\Selection Profiles.

  4. Create a new selection profile and at “Select the folders that should be included in this selection profile” select the folders below Task Sequences that should be visible for this profile.

    image

  5. Edit CustomSettings.ini, add UserID to Priority before the value Deffault under [Settings]: 

    [Settings]
Priority=UserID, Default

  6. Define a section in CustomSettings.ini in the form [userid]. Example: if the User ID is Helpdesk then the section should be [helpdesk].

  7. Define the selection profile to be used for this user below this section. Example: to give helpdesk access to the Helpdesk selection profile, add the following:

    [helpdesk]
WizardSelectionProfile=Helpdesk

  8. Create a selection profile in which no folder has been selected and place a WizardSelectionProfile=nameofemptyselectionprofile below [Default] if you want none other than the defined user IDs to have access to the task sequences.

  9. Now when the user logs into the wizard in the WinPE environment, he/she sees only the task sequences that are available in the selection profile.

    image

    Source:Microsoft TechNet – MDT Forum – How to hide/show task sequence for specific users/user groups?

MDT 2010 WSUS deployment Error 0x80244019

I added so as always WSUSServer=http://ward-bh01 to customsettings.ini

When the deploying the image I get de following error

The Error

image

Solution:

Ad the Port number to de WSUSServer address in customsettings.ini. In my case it was 8530. Because the WSUS site was running on that port number see the pictures

clip_image002clip_image002[4]

WSUSServer=http://ward-bh01:8530

Microsoft Deployment Toolkit (MDT) 2012 Beta 1 Available

Microsoft has just released as a public beta the newest version of Microsoft Deployment Toolkit (MDT) 2012 with a few important updates:

  • Supporting System Center Configuration Manager (SCCM) 2012.
  • Using Lite Touch Installation (LTI), great improvements in the client side look-n-feel.
  • Also for LTI, behind-the-scenes enhancements for partitioning, UEFI (Unified Extensible Firmware Interface), and user state migration.
  • Some minor bugs fixed.

MDT 2012 Requirements

Same as MDT 2010:

  • Windows Automated Installation Kit (WAIK) 2.0. You can download it from here.
    Note: The download page indicates that the WAIK version is “1”; but don’t worry, the actual version is 2.0.
  • MSXML 6.0
  • PowerShell.
  • .Net Framework 3.5 SP1. Available for download here.
    Note: Even though .Net Framework 2.5 SP1 is not a requirement for MDT 2010 installation; one of its features, User-Driven Installation (UDI), does requires the latest Microsoft Framework installed.

MDT 2012 Look-n-Feel

For what I’ve seen so far, the user experience of the Deployment Workbench console is pretty much the same.

mdt2012a01

mdt2012a02

MDT 2012 Beta 1 Download

The beta is available in this link from Microsoft Connect,

Translate »