Dynamically set Computer name of Physical and Virtual Machines via CustomSettings.ini

I needed a clean way to set the hostname of physical and virtual machines in MDT via the customsettings.ini file. Sure I could use %SerialNumber% variable but if I deploy onto a virtual machine I would hit an error because the Serial Number of a VM tends to be too long for a hostname.

So rather than write a script and have additional steps in the Task Sequence I got the desired outcome with a few extra lines in the customsettings.ini:

Here’s how:

[Default]

Subsection=VM-%ISVM%

[VM-TRUEset ]

OSDComputerName=#REPLACE(“VM-%MACADDRESS001%”,”:”,””)#

[VM-FALSE]

OSDComputerName=PH-%SerialNumber%

The first line “Subsection=VM-%ISVM%” is added to the Default section of the customsettings.ini file. This line essentially tells ZTIGather to process another section in the ini file. The section we want to process is either VM-TRUE or VM-False. Which section is processed will depend on the in-built %IsVM% Task Sequence Variable.

The next part of the solution is to set the OSDComputerName variable.

For physical machines we simply user the %SerialNumber% variable. In the example I prefix the hostname with PH.

For Virtual machines we use the MAC address instead of the serial number. This ensures we stay within the 15 character hostname limit. We cannot use the %MACADDRESS001% variable directly, we first need to remove the “:” separators. To do this we can get ztigather to process code directly from the customsettings.ini. Anything inside “#” is treated as code, in our example we are simply using the Replace function to remove the “:”.

This works with an SCCM OSD Task Sequence too (with MDT integration).

DISM Cmdlets fail to run in Win PE with MDT 2013 Update 1 – WORKAROUND

Whilst working with Windows 10 and MDT 2013 Update 1 my colleague Graham Hardie and I ran into an issue which was preventing us from running DISM Cmdlets in Win PE.

The issue became apparent whilst trying to implement Michael Niehaus’s Windows 10 Inbox App Removal script and specifically trying to run the script offline in Win PE.

The MDT boot Image was successfully generated with the MDAC, .NET, PowerShell and DISM Cmdlets features but would fail to run the “Get-AppxProvisionedPackage” Cmdlet with the following error:

Get-AppxProvisionedPackage : The ‘Get-AppxProvisionedPackage’ command was found in the module ‘Dism’, but the module could not be loaded. For more information, run ‘Import-Module Dism’.
At line:1 char:1
+ Get-AppxProvisionedPackage -Path e:\
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : ObjectNotFound: (Get-AppxProvisionedPackage:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CouldNotAutoloadMatchingModule

We found that the Microsoft.Dism.Powershell.dll file was becoming corrupt at boot up…not had the chance to investigate what exactly is causing the corruption yet.

However, to workaround the issue you need to do the following:

  1. Delete the file from:
    x:\Windows\System32\WindowsPowerShell\v1.0\Modules\Dism
  2. Copy the file back down to the X: drive from the Deployment share:
    %DEPLOYROOT%\Servicing\x64\Microsoft.Dism.Powershell.dll 

You can obviously automate this as part of your Task Sequence. I simply added two ‘Run Command Line’ steps to Delete the file and copy the new file.  The steps need to be added before you run any script which has a dependency on DISM Cmdlets…in our case before Michael’s Inbox App Removal script:

The first step:
DISMCmdLetFix1

Command Line:

cmd.exe /c Del “%SystemRoot%\System32\WindowsPowerShell\v1.0\Modules\Dism\Microsoft.Dism.Powershell.dll” /q /s

The Second step:
DISMCmdLetFix2

Command Line:

robocopy Z:\Servicing\x64 X:\Windows\System32\WindowsPowerShell\v1.0\Modules\Dism Microsoft.Dism.Powershell.dll /is

Note: Add Error Code 1 to Success Codes for this step…robocopy can report a success with a non zero return.

A bug has also been opened on Connect.

Let us know if this works for you or better still if you identify the root cause of the issue.

Moving MDT Domain Join to the end of the Task Sequence

This sounds easy…but it’s not as straight forward as you may think so I put together a quick blog post:

Default MDT Behaviour:
By default, MDT will join a client to the domain via Windows Setup.  This is driven by the Unattend.xml which MDT populates with the required settings. There is also another step (Recover from Domain) which can be used later in the deployment process (during State Restore) to re-try a Domain Join should the previous attempt have failed during OS setup.

Why does this cause an issue?
Joining the domain before the state restore phase can cause issues later in the deployment because the machine will start to process Group Policy during the build process itself. In most cases this is not an issue if:

  1. You pre-stage all your clients in a staging OU which has no GPO’s linked to it.
  2. Or you are confident there is nothing in your Group Policy which could break the imaging process.

In my case policy would break deployments (renaming/disabling admin accounts, legal notices etc..) and pre-staging was not an option so I needed to shift the Domain Join to later in the Task Sequence.

Solution

To move the Domain Join process to later in the deployment you need to update the Unattend.xml and the ZTIDomainJoin script. Here’s how you do it:

  1. Update Unattend.XML
    The first thing we need to do is to stop MDT from performing the Domain Join during OS Setup. One way to achieve this is to remove the MDT Domain Join Task Sequence Variables in CustomSettings.ini and instead set these on the Task Sequence in the “State Restore” phase.  But I generally prefer to set my variables in CustomSettings.ini so to make this work I have to remove the Domain Join Node from the unattend.xml.
    SIM
    This will prevent MDT from adding the Domain Join settings to the unattend.xml and OS Setup will therefore not join the machine to the domain.
  2. Update ZTIDomainJoin.wsf
    An update to the ZTIDomainJoin.wsf script is required to prevent the script from rebooting the machine after joining the domain. I usually avoid editing built-in MDT scripts but if I have to, I prefer to make a custom subdirectory in the MDT scripts folder and edit a copy of the script in the subdirectory. This will ensure that any subsequent updates to MDT will not overwrite the script and break your Task Sequence (remember to update the relative path to ZTIUtility at the top of the script). The following TWO lines of the script need to be commented out to suppress the reboot:

    oEnvironment.Item(“LTISuspend”) = “” ‘oEnvironment.Item(“SMSTSRetryRequested”) = “true” ‘oEnvironment.Item(“SMSTSRebootRequested”) = “true”

    iRetVal = SUCCESS

  3. Add a Domain Join Step into the Task Sequence
    Now add a new command line step into the Task Sequence to run the updated script:
    TS
  4. Set Domain Join Variables in CustomSettings.ini
    Next, you need to set the following six variables in customsettings.ini for ZTIDomainJoin.wsf to work:

    JoinDomain (Domain to join)
    DomainAdmin (Account to be used to perform Domain Join)
    DomainAdminDomain (Domain of Domain Join account)
    DomainAdminPassword (Password for Domain Join account)
    MachineObjectOU (OU in which machine object should be created)
    DomainErrorRecovery (What to do on failure e.g FAIL)

  5. Update the Unattend.xml template (Optional)
    This step is not essential but if you want to ensure that all new Task Sequences on the given Deployment Share always generate an unattend.xml without the Domain Join node you can update the template.To achieve this copy the unattend.xml for your OS (in my case Unattend_x64.xml) from:
    %ProgramFiles%\Microsoft Deployment Toolkit\Templates
    Into the Templates directory in the root of you Deployment share and then remove the Domain Join node from the file.

And that’s it..you are good to go 🙂

Surjit Khera

Automating the Import of Office 2013 Language Packs into MDT with PowerShell

I recently needed to add Office Language Pack support into an MDT deployment and found this to be a looooong time consuming task…especially if you need to support a number of languages. So I ended up writing a PowerShell script to automate the steps.

Some background first. The following blog by Johan Arwidmark and Patrick Zovistoski is a great post and should be used in conjunction with my script:

deploymentresearch.com – Installing Office 2013 Language Packs in MDT

The high level steps to Install Office Language Packs with MDT are as follows:

  1. Obtain the Office 2013 Language Pack DVD media from the Microsoft VL website.
  2. Create the correct Folder structure for each language you need to import (containing all component language folders, setup files etc…)
  3. Update the config.XML for each language to run silent and suppress reboot.
  4. Import each language into MDT as an application.
  5. Add the Applications into the MDT Task Sequence.

My script automates the first 4 steps…so all you need to do manually is add the languages to the Task Sequence 🙂

So onto the script.  You need to do the following:

  1. Mount the two Office 2013 Language Pack ISO files on your MDT server.
  2. Create a staging folder on your server.  This location will be used to create the source folders for the Language packs.
  3. Copy the script and CSV file (Download from here) into the staging folder on your MDT Server.
  4. Update the varibles at the top of the script with details of your deployment share, path of the Language Pack DVD’s etc…SetVars
  5. Update the CSV file to reflect the languages you want to import.csv
  6. Run the script.

The script will create the source folders for each language you specify and update the config XML’s for each language:Staging afterFinally the script will import each language pack into your MDT deployment share:DSAfter

And that’s it… A good hour of work down to about 5 mins.

Download the script from here

Enjoy 🙂

MDT Debugger 2.4.1

Starting on the Deployment Guys blog I released the MDT Debugger.  It’s a simple, but effective, tool for troubleshooting LTI deployments immediately at failure time (and to even prevent the failure) without having to trawl through log files trying to piece together what happened and when.

At the link below is an update to the tool that includes the following fixes:

  • Branding removed to maximise screen usage.  Vertical resolution is now less than 500 pixels so it should fit onto all display resolutions, including WinPE.
  • The MDT Installation Progress window is now moved to the bottom right (or as close as possible) of the screen when the debugger is displayed.
  • About dialog box added
  • Some minor bug fixes

To get the tool, click here.  As always, this is a free tool but not supported!  Please comment here if you have any questions.