The Deployment Bunny

OS Deployment, Virtualization, Microsoft based Infrastructure…

  • Archives

  • Meta

Posts Tagged ‘Zero Touch’

OSD – Add information to the Computer during OSD using a Custom Tattoo Step

Posted by Mikael Nystrom on December 2, 2016

When using an MDT (integrated in ConfigMgr or standalone) there is a step called Tattoo, this step will write information to the registry as well as to the WMI repository.

Let us see what it looks by default:

Get-WMIObject –Class Microsoft_BDD_Info

image
Result.

Get-Item -Path ‘HKLM:\SOFTWARE\Microsoft\Deployment 4’

image

Cool, but I need my own stuff?

We have done this for various  reasons and many customers, it could be used for making sure the computer ends up in certain ConfigMgr Collections, or that applications behave in a certain way, or that the asset management tools does the job differently, or that the correct support team can know what the computer was configured for, or what task sequence that was used, or…. As you see the are some valid reasons for this, no doubt.

The question is of course, should you modify the existing ZTITatto.wsf and corresponding .MOF file?, No, you should not do that, instead you should create new files and use them instead.

So, here is the download : https://github.com/DeploymentBunny/Files/tree/master/Tools/Custom-ZTITatoo

To make the work in a task sequence you need to add the files to you Scripts folder, update the CustomSettings.ini if you are using Custom Properties and add a step in the Task Sequence.

Here is a sample of CustomSettings.ini

image

I have added 4 new properties, added them to a MacAddress, so first step is to verify that the ZTIGather process reads this correct, let us verify this by running:

cscript \\redepl01\mdtproduction$\Scripts\ZTIGather.wsf /inifile:c:\Temp\CustomSettings.ini

image
Result after running the following command to perform the inventory.

Now, lets run the custom tattoo script:

cscript \\redepl01\mdtproduction$\Scripts\ViaMonstraTatoo.wsf

image
That looks great!

Now, let us verify that we get the correct data from WMI and Registry:

First, get the WMI repository:

Get-WmiObject -Class ViaMonstra_Info

image
The WMI repository was updated.

Let us check the Registry:

Get-Item -Path ‘HKLM:\SOFTWARE\ViaMonstra\OSD’

image
The Registry was updated.

At LabCenter

The Customer LabCenter deploys computer for hands-on labs and they wanted each computer to be tattooed with information regarding the LAB and one thing they use it for is to be able to display the information directly in the screen using BGinfo, but they also use it for other purposes. BGInfo reads the Registry values, or WMI

image

How to change my own stuff then?

Download the files from:https://github.com/DeploymentBunny/Files/tree/master/Tools/Custom-ZTITatoo and edit the scripts, (.wsf and .mof) by replacing the values that are in use, like

  • ViaMonstra
  • ViaRole
  • ViaClass
  • ViaOwner
  • ViaTag

Save, and verify

/mike

Posted in ConfigMgr, Lite Touch, MDT, OSD, Zero Touch | Tagged: , , , , | 5 Comments »

Nice to Know – Yes, it is possible to copy items between to Task Sequences as well as copy items between 2 different deployment shares

Posted by Mikael Nystrom on November 11, 2014

This is NOT a new feature, I cant even remember how long this has been working, but this morning I saw a Tweet when someone was happy about the possibility to copy items between deployment shares in MDT, so for thoose that knows all this, you do not need to read more, for the rest of you.

Yes, you can copy items between Task Sequences

(it also works copy items within a Task Sequence)

This works in both MDT as well as in ConfigMgr.

image

image

image

Yes, you can copy items between Deployment Shares (Only for MDT, Lite Touch)

In this case I have 3 deployment shares in the Deployment Workbench and it is possible to copy all kind of items between these 3 deployment shares

image

Let us copy some application from one deployment share to another.

Select Application, right click and select Copy.

image

Browse to new location, right-click, select Paste.

image

The application has been copied to the new deployment share.

image

/mike

Posted in ConfigMgr, Lite Touch, MDT, OSD, Zero Touch | Tagged: , , , , , , | 3 Comments »

OSD – Using PowerShell Commands in UserExit VB script to extend the ZTIGather process during OSD

Posted by Mikael Nystrom on November 11, 2014

During todays session I realized that I have done a lot of OSD stuff, but never published it (shame on me), so time to work. First up is how to run PowerShell CommandLets inside a UserExit script. A UserExit script is an extension to the ZTIGather process, giving you the opportunity to extend the gather process with information that the Gather process does not cover. That has been possible for a long time, but VBscript is not really the easiest script language in the world, so I asked my self if it would be possible to use PowerShell inside the VBscript and of course it is!

The idea

The basic idea is to run the UserExit script from customsettings.ini as usual and then do a jump out into PowerShell, execute the PowerShell CMDLets, terminate and return the value into the VBscript, which then will be a value connected to a Custom Property in the gather process, which then can be consumed by customsettings.ini and/or the task sequence. you can download everything from here: http://1drv.ms/1u41Yj2

How-To

The Boot Image

The boot image must have support for PowerShell and you can get that by adding .NET and PowerShell

image
Lite Touch.

image
Zero Touch.

The Customsettings.ini file

The customsettings.ini file will direct ZTIGather to process the section called UserExits, which will execute the UserExit.vbs script, call the function called RunningPSCommand and return the value from that function into the property called PSCommand.

image
This is a sample of how the customsettings.ini file should look like to call the UserExit script.

The UserExit Script that runs PowerShell commands

The script is rather simple, basically the PowerShell command is a string, executed by PowerShell.exe and using Executor.StdIn.Close to close the window and then using Executor.StdOut.ReadAll to grab whatever you have in the window and put that in the RunningPSCommand, which then is returned back to the ZTIGather process as a value for the Property RunningPSCommand.

image

The result of running the ZTIGather

image

As you can see the PowerShell command was running and returned the value “Virtual Machine” and now the Property PSCommand is equal to Virtual Machine and can be used elsewhere in CustomSettings.ini or in the Task Sequence

/mike

Posted in ConfigMgr, Lite Touch, MDT, OSD, Zero Touch | Tagged: , , , , | 2 Comments »

PowerShell is King – Testing OS Deployment Web Services using PowerShell

Posted by Mikael Nystrom on November 2, 2014

Recently I was setting up Maik Kosters OS Deployment Web Services for a customer and I need to test them, sure, you can do that interactively directly by running them, but I wanted the “PowerShell” way to do it.

You can get the Web Services from Maik Koster here: http://mdtcustomizations.codeplex.com/documentation?referringTitle=Home

Testing a Web Services the Non PowerShell Way.

image
Browsing to the Web Services

image
Select the DoesComputerExists

image
Type in a value and Invoke.

Testing a Web Services the PowerShell Way.

Since PowerShell has the function built-in it is very much a no-brainer.

To connect and get all members from the Web Services execute this:

$ADWebS = New-WebServiceProxy -Uri http://MDT01/OSD/ad.asmx?WSDL
$ADWebS | Get-Member -Type Method

That will give you something like this back

image

To connect and get one member with some detail execute this:

$ADWebS = New-WebServiceProxy -Uri http://MDT01/OSD/ad.asmx?WSDL
$ADWebS | Get-Member -Name DoesComputerExist -Type Method | Format-List

That will give you something like this back

image

So, to test the DoesComputerExists with a value you can now execute the following:

$CompuerNameToTest = "MDT01"
$ADWebS = New-WebServiceProxy -Uri http://MDT01/OSD/ad.asmx?WSDL
$ComputerExistsInAd = $ADWebS.DoesComputerExist("$CompuerNameToTest")

Write-Host "The Computer $CompuerNameToTest exists in Active Directory: $ComputerExistsInAd"

So if the Computer Exists in Active Directory you should get something like this back

image

/mike

Posted in Lite Touch, MDT, OS Deployment, Zero Touch | Tagged: , , , , , , | Leave a Comment »

OSD–Using ZTISendMail to send email in a LTI/ZTI task sequence

Posted by Mikael Nystrom on June 13, 2014

Long time ago I had a need to send email an email in the end of the task sequence to notify the technician that the OS deployment was done, therefore creating a script which then ended up as a blog post at Deployment Research about two years ago. This week I’m running a Mastering Windows 7 and 8.1 OS Deployment using Lite Touch and Zero Touch in Minnesota and there where some requests on the subject so I decided to create a new version of the script and this time it is a PowerShell script instead. One of the request was to be able to send and email to the administrator that does the deployment (in Lite Touch) using the login name, so that need to to be taken under considerations to.

The script is tested in MDT 2013 but should work perfect in MDT 2012 Update 1 as well and it works when deploying Windows 8 and above.

Lite Touch

First you need to download the script and sample customsettings.ini  from here http://1drv.ms/1kvmobn and store the PowerShell it in the MDT Scripts folder.

Option Number One: Using the UserID directly

Update the CustomSettings like this. (you can copy and paste from the sample customsettings.ini files)

The name used to login to the LTI Wizard is defined as UserID and that is then used as a part of the email address to send it to.

image

Option Number Two: Using the UserID with translation.

In this case we create a section for every user account that should have an email an can logon. As an example, if you login as Administrator (don’t use that account!) an email would be sent to administartor@viamonstra.com, but you can have any other setting for that userID if you liketo.

Update the CustomSettings like this. (you can copy and paste from the sample customsettings.ini files)

image

Add a step in the TaskSequence.

image

Zero Touch

First you need to download the script and sample customsettings.ini  from here http://1drv.ms/1kvmobn and store the PowerShell it in the MDT Package Scripts folder.

In the ZTI we don’t really have a UserID and therefore we just send the email to a predefined email address and cc to an other.

Update the CustomSettings like this. (you can copy and paste from the sample customsettings.ini files)

image

Add a step in the Task Sequence like this.

image

Update the settings package and the MDT Package.

If you need a SMTP server to test against, read this https://deploymentbunny.com/2014/06/12/nice-to-knowa-simple-and-small-smtp-mailserver-fr-devlabtest-smtp4dev/

image

/mike

Posted in ConfigMgr, Deployment, Lite Touch, MDT, OS Deployment, OSD, SCCM, Zero Touch | Tagged: , , , , | 18 Comments »

Modelalias User Exit for Microsoft Deployment Toolkit 2010/2012

Posted by Mikael Nystrom on May 1, 2012

No, I did not create this script, I think this has been around for a long time, somewhere around 2007 and correct me if I’m wrong but I believe it was Ben Hunter that started this back in the days. I have then seen this at the Deployment Guys and various other TechNet sites I did some updates to it since I do a lot of OS deployment in virtual environments, VirtualBox, VMware, Xen and of course Hyper-V. In MDT 2012 they spot most of this with the following information but in some cases you need a bit ore, and you need to be able to modify it to

So Credit goes to Microsoft, Ben Hunter and “The Deployment Guys” (and I’m sure Michael Niehaus has been involved too, so credits for him as well)

Using the Modelalias User Exit script in the Virtual World

In MDT 2012 they have bumped up the information you get from the ZTIGather script, below is the most important information we get from it. But sometimes we need more, but before we get into that, check out the list below. Notice the two last Hyper-V examples, we have the same info returned but that is not the same version of the Hypervisor.

What do you get directly from MDT 2012 s virtualization information?

Here is the result you get during the inventory when running on a VMWare ESXI or VMware Workstation

  • Property IsHypervisorRunning is now = True
  • Property IsVM is now = True
  • Property VMPlatform is now = VMware

Here is the result you get during the inventory when running on a VirtualBox

  • Property IsHypervisorRunning is now = False
  • Property IsVM is now = True
  • Property VMPlatform is now = VirtualBox

Here is the result you get during the inventory when running on a Xen

  • Property IsHypervisorRunning is now = True
  • Property IsVM is now = True
  • Property VMPlatform is now = Xen

Here is the result you get during the inventory when running on Hyper-V (2008 R2)

  • Property IsHypervisorRunning is now = True
  • Property IsVM is now = True
  • Property VMPlatform is now = Hyper-V

Here is the result you get during the inventory when running on Hyper-V (2012 BETA)

  • Property IsHypervisorRunning is now = True
  • Property IsVM is now = True
  • Property VMPlatform is now = Hyper-V

There are more info that we will get in MDT around virtualization, here is the complete information around virtualization for a Hyper-V guest OS

  • Property IsHypervisorRunning is now = True
  • Property SupportsVT is now = False
  • Property SupportsNX is now = True
  • Property Supports64Bit is now = True
  • Property SupportsHyperVRole is now = False
  • Property VMHost is now = IBL04.tslab.net
  • Property VMName is now = TESTHV20
  • Property IsVM is now = True
  • Property VMPlatform is now = Hyper-V

As you can see we also get the hostname and VMname, but only if the IC’s are loaded and they are not loaded by default in WinPE, but a friend of mine banged his head against the keyboard for a while and here is the answer…

Is this ok?

This is mostly ok and fine, but sometimes I really need to know what version of Hyper-V (or other platform) it is and at the same time I would like to support and handle the different naming standards that all vendors has and translate it all to one new property called ModelAlias. Then I can use ModelAlias instead of Model, since I can tweak, twist and bend whatever the OEM’s try to do I can translate it to something that is easy to handle. ModealAlias has been one of the easy ways to deal with Lenovo’s interesting model naming. They use 4+3 digits as model, the first 4 is the real model and the rest is the “unique” build, like unique keyboards and such (things that matters outside the OS deployment world), but for me the same driver is going to be installed even if the keyboard is in Swedish…

If you look at the last example, you will see that we get the same result for Hyper-V in all releases, well that’s “ok”, but the issue is that If I need to install the Integration Components I need to know what version to install to be supported and optimized. So by using the ModelAlias userexit script in MDT (Works in both LiteTouch and in ZeroTouch) the script will examine the bios version (and other information if you need to) and determine the version. So if we take a peek into the script it looks like this for the Hyper-V part.

As you can see BIOS version VRTUAL – 3000919 will give me ModelAlias=Hyperv2008R2 and BIOS version VRTUAL – 9001114 will give me ModelAlias Hyper-V2012BETA

Using the Modelalias User Exit script in the Physical World

Here is another example on how to use this, I was deploying servers not long ago and I was using MDT 2010 LiteTouch. I handle drivers using %make%\%model% in most cases but in this case that was kind of tricky. The reason, well IBM has some fancy characters in the model string (like -[]-), not really easy to use as a path. J

As you can see they have —[HS22]— as model name and after using the userexit script it will be converted into IBMHS22 and that is a bit easier to handle as part of a file path.

Here is one other example for a HP Compaq 8240. HP has a bunch of “different” 8240’s, but from my perspective it is just the same when it comes to drivers and apps, so we convert them into something more useful, like this

Here you can see the real model name being “HP Compaq nw8240 (PY442EA#AK8)” and after a translation it will be just “HP Compaq nw8240” instead, easier to handle, easier to have as a path in MDT

How do you use the UserExit script?

This is the easy part, just download it, unpack it and save it in the scripts folder in MDT. Then you modify the customsettings.ini to use the script like this:

[Settings]
Priority=SetModelAlias, ModelAlias, Default
Properties= ModelAlias

[SetModelAlias]
UserExit=ModelAliasExit.vbs
ModelAlias=#SetModelAlias()#

[Hyper-V2008R2]
MandatoryApplications001=<GUIDNumberOFApplicationInLTI>

[Hyper-V2012BETA]
MandatoryApplications001=<GUIDNumberOFApplicationInLTI>

(If you are using SCCM you will the use Packages or Application name, but it works the same)

When you run ZTIGather.wsf you can see the result like this on a Windows Server 2012 BETA

You can download the ModelAlias.vbs script here

Here is some links to older versions of the script:

The Deployment Guys

Ben Hunters Blog

/mike

Posted in Deployment, Hyper-V, Lite Touch, MDT, SCCM | Tagged: , , | 2 Comments »

Deployment Geek Week in Redmond – December 12-16, 2011

Posted by Mikael Nystrom on November 22, 2011

It’s time for Johan Arwidmark and me to deliver the “Geek Week”, this is by far the most exiting training I have ever done, it is fun, it is very technical and I have never ever had so many “-Aha, I did not know you could do that?”

The reason why it is so fun for us and in many cases “exiting” for our attendees is that it is “complete”, that means that we cover everything more or less, we start out with general Windows 7 Deployment, ref images, Windows Deployment Services, Microsoft Deployment Toolkit, Lite Touch, Zero touch, Applications, MAP and ACT and that is only the first 2 days and you build most of this. So what will happen next then? Since the world is not perfect and deployment people normally know less of the “Dark Side” (That is Server Side) we start putting up different solutions for app-compat issues, so we will setup System Center Virtual Machine manager, learn Hyper-V, Scripting Hyper-V, Deploy Terminal Servers, Learn GPP/GPO, learn things around File, Print, Cluster, Active Directory and everything that you really need know about. Not only will you learn, you will learn by doing, since you are building the entire infrastructure around this. We also spend time on troubleshooting of course

We normally stay at the same hotel, that means all of us, so is just happens to be a bar there. So after class there will be a bunch of doing down in the hotel to continue the “class” over a drink.

It is hard to describe this event, but at least I tried. We don’t run those events very often so you might want to join in, I’ll guess we will run the next event in the summer of 2012 or even later than that.

Anyway, you can read what other are saying about this here Microsoft Pinpoint’

and you can read more and sign up here – http://www.truesec.com/infrastructure/labs/deployment/migration/deployment_geek_week

Really hope to see you there.

/mike

Posted in Deployment, Geek Week, Hyper-V, iSCSI, Lite Touch, MDT, SCCM, SCVMM, Windows 7, Windows Server 2008 R2 | Tagged: , , , , , , | Leave a Comment »