The Deployment Bunny

OS Deployment, Virtualization, Microsoft based Infrastructure…

  • Archives

  • Meta

Archive for the ‘OSD’ Category

Nice to Know–Application or Packages works great when deployed after OSD, but some fail during OSD

Posted by Mikael Nystrom on August 16, 2018

There are many reasons for this, but I recently worked with a customer (you know who you are) that deployed 3-15 apps during OSD, some of the where Adobe CS apps and they are larger then Notepad++, just a bit. In this case the error was shown in the smsts.log file as “Install Dynamic application action failed to install application: ‘APPNAME’ Code 0x80004005” and Download Fail, hmm, running the same apps in a custom task sequence or directly to a collection works great of course.

Checking the cas.log shows that the Cache size is set to 5g (default) and going trough the log it turns out that after a few apps the cache is full and the cache cannot be cleared. Therefore the apps/packages cannot be installed, since files are missing.

(Note: There are are other settings that you should set in a Task Sequence as well, check out  Peter Lofgrens blogpost

The Fix

That’s easy and not something new, just change the client cache size during OSD by making it a bit larger

Cache size OSD has changed to 20GB.

Verify settings in the cas.log

In the cas.log you should now see.

Cas.log confirms the new size.

We did not need 20GB, but we did need 10.27 GB for sure.


Posted in ConfigMgr, OSD | Tagged: , | Leave a Comment »

Nice to Know – Fix High DPI resolution issues in Windows 10

Posted by Mikael Nystrom on January 19, 2018

Working at a customer, we had major issues with an application. It does not handle the new “Improving the high-DPI experience in GDI based Desktop Apps”.


Using the AppCompat mode by disable the built in functions work:

But, that does not fly for 1500 machines. Using ACT would work, but…

This one is easy…

REG ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers" /V "C:\Program Files(x86)\folder\app.exe" /T REG_SZ /D "~ DPIUNAWARE" /F

More info:

"~ HIGHDPIAWARE" = Override high DPI scaling behavior (Application)

"~ DPIUNAWARE" = Override high DPI scaling behavior (System)

"~ GDIDPISCALING DPIUNAWARE" = Override high DPI scaling behavior (System Enhanced)


Posted in ACT, OSD, Windows 10 | Tagged: , , | Leave a Comment »

Nice to Know – Mass upgrading Windows 10 Using PowerShell

Posted by Mikael Nystrom on December 5, 2017

Someone asked med a while back

– Is it possible to upgrade our Windows 7,8,8.1 and unsupported Windows 10 machines to a supported version of Windows 10 without a deployment solution?


– You mean without running around to all machines?


– Yes, it is possible

Before explaining how that can be done, let’s be clear, if you have ConfigMgr or Microsoft Deployment Toolkit, that is far better then doing it this way, but you could be in a situation when that is not an option but you still need to achieve the same goal, upgrade to a supported version of Windows 10. (I’ll write another post on how to combine the scripts here with MDT)


Assuming you have a licensed version of Windows 10, the Windows 10 Media, a network and access to all the computers over the network it will be possible to push out an upgrade. This method also works if you are running an older version of Windows 10 and would like to upgrade to a never version of Windows 10. The way to do this is rather easy, we basically need to perform the following steps:

– Enable remote access for PowerShell

– Copy the media down to the computer

– Run a compatibility scan to verify that we can upgrade

– Upgrade

Create a CSV file for computers that should be upgraded:

First of all we need to create a .CSV file with the computers that should be upgraded, the file contains the 3 servers I would like to upgrade to Windows 10.

Content of computers.txt

Store the file in your computer, in my case I stored it in D:\Upgrade2w10\Computers.txt

Enable remote access for PowerShell:

We need to access the computers using Remote PowerShell and therefor we need to enable that. This can be done using various method and one easy/weird/fun way to to that is to use WMI. The script below will connect using WMI and execute two commands on each server:

The following PowerShell script enables WinRM (Remote Access) and Remote PowerShell.

Content of Invoke-ComputerPrep.ps1

The result after running the script is this:


Copy the media down to the computer:

Now when we have access to all the machine, we can copy the media down to each machine and we will do that in a reversed way. We will create a scheduled task on each Windows 7 machine and the scheduled task will then download the content to the local hard drive. You need to edit the settings in this file to match your environment.

Content of Invoke-ImageDownload.ps1

Here is how it looks when you run the script:


Run a compatibility scan to verify that we can upgrade:

Ok, so we have the Windows 10 image in the C:\Source folder of each computer, now lets run the Compat Scan.

The script will connect to each computer, create a plain vanilla .BAT file and then we will remotely execute that:


And here is the result, as you can see all, none of the machines had any issues.



Ok, so the final step. The only thing we need to do is fire up the install program, and for that we use PsExec, it’s old but works for this kind of work.

The script will connect to each machine, create a .BAT file and then we let PSExec execute it.

Content of Invoke-ComputerUpgrade.ps1

Here is the result of running that, as you can see all (you can only see Win-01) of the machines is returning a success (return code 0)


Ok, so, what next, well, since the return code was 0, lets restart them…


The scripts can be downloaded here:


Posted in OS Deployment, OSD, Windows 10 | Tagged: , , | Leave a Comment »

OSD – Adding Description to the WIM file during Build and Capture

Posted by Mikael Nystrom on October 10, 2017

The default capture function in MDT does not add any description. It is not needed, but can be added by modifying ZTIBackup.wsf. In this case I added the Task Sequence Name, but you can add other things as will, like Task Sequence Description or Task Sequence version. I did this at a demo at Microsoft Ignite last week but I did not post it at that time, so here it is.

The Session from Ignite is here if you would like to see it:

The how:

Modifying the Script

Take a copy of ZTIBackup.wsf, open it in your favorite VBscript editor and look for this section:


At line 436 you will see this:

sCmd = " /Capture-Image /CaptureDir:" & oDrive.Path & "  /ImageFile:""" & sBackupPath & """  /Name:""" & sPrefix & Left(oDrive.Path, 1) & "Drive"" /Compress:MAX /ConfigFile:""" & sWimScriptPath & """ /ScratchDir:""" & oUtility.LocalRootPath & "\Scratch"""

Change that to:

sCmd = " /Capture-Image /Description:""" & oEnvironment.Item("TaskSequenceName") & """ /CaptureDir:" & oDrive.Path & "  /ImageFile:""" & sBackupPath & """  /Name:""" & sPrefix & Left(oDrive.Path, 1) & "Drive"" /Compress:MAX /ConfigFile:""" & sWimScriptPath & """ /ScratchDir:""" & oUtility.LocalRootPath & "\Scratch"""

(The yellow text shows the modification)

The result:

Using Get-WindowsImage will show you that the description is now set to the Task Sequence name:


If you import the WIM file into ConfigMgr you will also see the description set as well as the Comment:



Posted in ConfigMgr, Ignite, MDT, OS Deployment, OSD | Tagged: , , , , | 1 Comment »

OSD – App-V tools are missing in ADK 1703 when being installed on Windows Server 2016 (sometimes)

Posted by Mikael Nystrom on April 6, 2017

In ADK 1607 the App-V tools was included in the ADK, for some reason they don’t show up when installing on Windows Server 2016 (sometimes). If you install on Windows Server 2012 R2 it works as expected

Install ADK 1703 on windows server 2016 - 1

The App-V task Sequencer is missing.

The solution:

It is however possible to manually install the App-V Sequencer if you downloaded the entire kit.

Find the file “Appman Sequencer on amd64-x64_en-us.msi” and run the installer, and “woops”, there it is:




Posted in ADK, OS Deployment, OSD | Tagged: , , | 6 Comments »

OS Deployment – Installing ADK 1703 on Windows Server 2016 could fail

Posted by Mikael Nystrom on April 6, 2017

Update:It does not happens on all WS2016 machines, it happens only on computer where Secure Boot is enabled. This also means that this will happen on every machine that is using Secure Boot, regardless of OS version. It is a confirmed bug.

Yesterday Microsoft released Windows 10 1703 and also ADK 1703. But it fails to install correctly, the ADK actually installs, but it is the WIM mount driver that fails, du to this absurd message.

Install ADK 1703 on windows server 2016 - 2

A digitally signed driver is required

The message indicates that the driver Windows Overlay Filter is not signed.

The Solution:

According to this , the solution is to disable Secure Boot, really???



Posted in ADK, OS Deployment, OSD | Tagged: , , | 2 Comments »

OSD – Conditional disk layout (based on model)

Posted by Mikael Nystrom on February 10, 2017

A while back I did an online training for Penton Tech on Windows 10 OS Deployment. One of the attendees had a question (you know who you are).

– Is it possible to format and partition differently, based on what model I’m deploying?

Yes, you can have different disk layout/partitioning/volumes, based on anything, and that includes the model of the computer. I use this when deploying servers and client to have different partition schemas on virtual machines, I do not need to have the recovery partition in the end of the virtual disk, I don’t really “repair” a Virtual Machine the same way as i recover a physical machine, and you should not.

So, how do you do this?

Open your task sequence and modify the New Computer step like this.

The modified Task Sequence.

In this Task Sequence there are three different group’s, one for virtual machines, one for HP ZBook Studio G3 and the last one for everything else.

The modification starts under Validate, the first step after that sets DiskDone=NO, next step is the Group named Virtual Machine with the following conditions set:

Conditions on the group Virtual Machine.

The the group is executed if the Model is ‘Virtual Machine’ and DiskDone is NOT set to YES, so basically if it is a Virtual Machine it will partition/format according to the steps in the group. In the end of the group it will set DiskDone to YES, that way we know the disks are done and we can use that to prevent the following partitioning steps from running. Let us check the next step:

Conditions on the group HP ZBook Studio G3.

This step is the same as the step for Virtual Machine with one difference, in this case it only runs when the Model is a HP ZBook Studio G3. Let us check the last step:

Conditions on the group All others.

The last groups executes on any device, as long as DiskDone is NOT set to YES.

The Result.

Here is the result when running this in a Virtual Machine:


Here is the result when running this on a HP:


Here is a plain vanilla install:


Have fun!


Posted in Lite Touch, MDT, OS Deployment, OSD | Tagged: , , , | Leave a Comment »

OSD – Deploying Windows Server 2016 NANO using Microsoft Deployment Toolkit

Posted by Mikael Nystrom on January 31, 2017

The “Gandalf” of Windows Operating System has done it once again, I’m talking about Michael Niehaus of course. He has created a package for MDT Build 8443 that enables you to deploy NANO Server using MDT, including Domain Join.


Here is the link to the post.

Happy Deployment


Posted in NANO, OS Deployment, OSD, Windows Server 2016 | Tagged: , , , | Leave a Comment »

OSD – Add information to the Computer during OSD using a Custom Tattoo Step

Posted by Mikael Nystrom on December 2, 2016

When using an MDT (integrated in ConfigMgr or standalone) there is a step called Tattoo, this step will write information to the registry as well as to the WMI repository.

Let us see what it looks by default:

Get-WMIObject –Class Microsoft_BDD_Info


Get-Item -Path ‘HKLM:\SOFTWARE\Microsoft\Deployment 4’


Cool, but I need my own stuff?

We have done this for various  reasons and many customers, it could be used for making sure the computer ends up in certain ConfigMgr Collections, or that applications behave in a certain way, or that the asset management tools does the job differently, or that the correct support team can know what the computer was configured for, or what task sequence that was used, or…. As you see the are some valid reasons for this, no doubt.

The question is of course, should you modify the existing ZTITatto.wsf and corresponding .MOF file?, No, you should not do that, instead you should create new files and use them instead.

So, here is the download :

To make the work in a task sequence you need to add the files to you Scripts folder, update the CustomSettings.ini if you are using Custom Properties and add a step in the Task Sequence.

Here is a sample of CustomSettings.ini


I have added 4 new properties, added them to a MacAddress, so first step is to verify that the ZTIGather process reads this correct, let us verify this by running:

cscript \\redepl01\mdtproduction$\Scripts\ZTIGather.wsf /inifile:c:\Temp\CustomSettings.ini

Result after running the following command to perform the inventory.

Now, lets run the custom tattoo script:

cscript \\redepl01\mdtproduction$\Scripts\ViaMonstraTatoo.wsf

That looks great!

Now, let us verify that we get the correct data from WMI and Registry:

First, get the WMI repository:

Get-WmiObject -Class ViaMonstra_Info

The WMI repository was updated.

Let us check the Registry:

Get-Item -Path ‘HKLM:\SOFTWARE\ViaMonstra\OSD’

The Registry was updated.

At LabCenter

The Customer LabCenter deploys computer for hands-on labs and they wanted each computer to be tattooed with information regarding the LAB and one thing they use it for is to be able to display the information directly in the screen using BGinfo, but they also use it for other purposes. BGInfo reads the Registry values, or WMI


How to change my own stuff then?

Download the files from: and edit the scripts, (.wsf and .mof) by replacing the values that are in use, like

  • ViaMonstra
  • ViaRole
  • ViaClass
  • ViaOwner
  • ViaTag

Save, and verify


Posted in ConfigMgr, Lite Touch, MDT, OSD, Zero Touch | Tagged: , , , , | 5 Comments »

OSD – Microsoft Deployment Toolkit Build 8443 is out

Posted by Mikael Nystrom on November 14, 2016

Today a new version of MDT was released, the main reason is Quality Updates and full support for Windows Server 2016 as well as Windows 10 1607. It does require ADK 1607. If you are using MDT in your OS deployment solution, go ahead, download, read, update and enjoy live.



Posted in MDT, OSD | Tagged: , | 2 Comments »