MDT

PSD 0.2.3.6 Released – Important Updates, Certificate Changes

By on ( Leave a comment )

So, some work has been done to fix issues in PSD, we are now releasing version 0.2.3.6

The Friends of MDT community has released a new version of PowerShell Deployment (PSD)version 0.2.3.6.
This release continues the steady evolution of PSD as the preferred way to run MDT-based deployments using PowerShell,

This post walks through:

  • What changed in recent PSD releases
  • Why these updates matter in real deployments
  • Important upgrade considerations—especially around certificates

GitHub repository:
👉 https://github.com/FriendsOfMDT/PSD

MDT Is Gone

On January 6, 2026, Microsoft removed MDT from the official download site. While copies may still exist on the Internet Archive (Wayback Machine) or elsewhere, the community has already seen malware and ransomware distributed through unofficial links.

Be extremely cautious with where you download MDT binaries from.

What’s New in PSD 0.2.3.1 – 0.2.3.6

PSD 0.2.3.6 builds on changes introduced in late 2025 and early 2026. Below is a structured breakdown of the most important updates.

Authentication and Network Improvements

Start-BitsTransfer Authentication Change

  • Authentication mode changed from NTLM to Negotiate
  • Improves compatibility and security in modern environments
  • Credit: @theQ23 (GitHub)

Why it matters:
Using Negotiate allows is better

Certificate Handling – Important Change

Root and Intermediate Certificate Support Added

  • PSD now supports using Root and Intermediate Certificates
  • Credit: stefanweilguni-oss (GitHub) – Issue 265

⚠ Upgrade Note (Very Important)

If you upgrade from a previous PSD version:

  • You must move the existing PSDRoot.cer
  • New location: Certificates\Root

Updated Certificate Script

  • New-PSDRootCACert.ps1 updated
  • Reflects the new certificate configuration model

Why it matters:
Certificate trust is critical when deploying over HTTPS, using web services, or working in locked-down enterprise environments. This change makes PSD more aligned with proper PKI practices.

BitLocker Documentation Added

  • New BitLocker information during deployment included
  • Credit: BlackCatDeployment (GitHub) – originally part of closed Issue 237

Proper detection of bitlocker drives are now being done

PSDStart and Wizard Changes

Legacy Wizard Removed

  • Legacy Wizard is now fully removed
  • PSDStart has been updated accordingly

UserExitScripts Support

  • PSDStart now supports UserExitScripts
  • A sample UserExitScripts folder is included in: PSDResources

PSDUtility Updated

  • Updated to support new PSDStart functionality
  • Legacy MDT wizard dependencies are being retired
  • Custom logic is now expected to live in UserExitScripts

For advanced environments, this is a net positive—cleaner logic, more control, and easier versioning.

ZTIGather.xml Finally Included

  • ZTIGather.xml added
  • Previously missing “for a long time”

This file is foundational for:

  • Property gathering
  • Task sequence logic
  • Environment detection

Its inclusion fixes long-standing inconsistencies between PSD and classic MDT behavior.

Documentation Refresh

Multiple guides have been updated:

  • Operations Guide
  • PowerShell Deployment – Operations Guide
  • BranchCache Installation Guide
  • General documentation cleanup and corrections

Why it matters:
In a post-MDT world, documentation quality matters as much as code. These updates reduce tribal knowledge dependencies and help new engineers onboard faster.

PSDWizard and Prestart Menu

  • Updates to PSDPrestartMenu
  • Reverted updates to PSDWizard (stability-focused rollback)

This suggests a pragmatic approach by the maintainers: stabilize the core experience rather than pushing unproven changes.

Version Summary

VersionDateKey Highlights
0.2.3.6Jan 2026Certificate improvements, authentication changes, updated guides
0.2.3.2Jan 2026BitLocker docs, PSDWizard adjustments
0.2.3.1Dec 2025ZTIGather.xml added, Legacy Wizard removed, UserExitScripts

Practical Recommendations

If you manage or maintain PSD today:

  1. Review certificate deployment
    • Move PSDRoot.cer to the correct folder
    • Validate trust chains before production upgrades
  2. Revisit custom logic
    • Migrate legacy wizard logic to UserExitScripts
    • Treat them as version-controlled deployment assets
  3. Update documentation
    • Align internal runbooks with the updated PSD guides
    • Especially important for operations teams

Until next time
/mike

Categories: MDT, OS Deployment, OSD, psd, Uncategorized

Tagged as: , , , ,

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.