MDT 2013 Windows 10 and the MSP Part 3
March 1, 2017 1 Comment
When a client connects up to MDT, via PXE, USB or UNC it will launch LiteTouch.vbs. This is the script that kicks off the whole MDT process.
LiteTouch.vbs itself then kicks off a lot of other scripts and wizards that finally present you with your TaskID choices that you create with Task Sequences.
Before those TaskIDs are shown, your system has been interrogated for information about the architecture, vendor, bios version etc. This information can be used to shape the choices that MDT presents to you.
What MDT does with this information, is defined by CustomSettings.ini.
One of the reasons I liked WDS so much was it’s ability to automatically name the client computers it installed using the naming convention you supplied, which is something I had struggled to reproduce in MDT until I found this blog post. This was posted three years ago, and perhaps demonstrates how much I have really missed the boat on MDT.
The post explains how we can use variables to modify the Computer Name of the client we are going to deploy.
We can update our CustomSettings.ini to include the following:
[Settings] Priority=Init, ByDesktop, ByLaptop, ByVirtual, Default Properties=MyCustomProperty,ComputerSerialNumber, ComputerTypeName [Init] ComputerSerialNumber=#Right("%SerialNumber%",5)# [ByLaptop] Subsection=Laptop-%IsLaptop% [ByDesktop] Subsection=Desktop-%IsDesktop% [ByVirtual] Subsection=Virtual-%IsVM% [Laptop-True] ComputerTypeName=L [Desktop-True] ComputerTypeName=D [Virtual-True] ComputerTypeName=V
I am only choosing to use the last 5 characters of the serial number, if I wanted the first 5 I could change this to left, or change the number to capture more characters.
Under [Default] we add another line.
This will tell MDT to name any computer that we install ABC-%computerTypeName%-%ComputerSerialNumber%.
%computerTypeName% should be set to either an L a D or a V, depending on if the client is identified as a Laptop, Desktop or Virtual.
We need to update the Deployment Share before we move on.
During my testing I found that some of the section above was not working as expected, so I found another post (from 2011) about testing the CustomSettings.ini file.
You can download and install the Config Manager 2007 Toolkit V2 on the machine where you want to test CustomSettings.ini, and create your TestIni.cmd file.
Browse to the Scripts folder of your Deployment Share, and use the ‘open a command prompt here’ trick.
Run TestIni.cmd and it will output a lot of information to the CMD window, then open a log file displaying the results.
Given my Lab Client is a Virtual Machine, I would expect the Computer Name to return, ABC-V-11-02.
However it returns as ABC-D-11-02. Looking through the Log you can see that %IsVM% does indeed return True.
I spent some time testing different settings but could not immediately see what was wrong.
The issue here is actually in the order that MDT processes the CustomSettings.ini Settings Section, because whilst my VM is indeed a VM, the Hyper Visor in my lab is running on an HP ProDesk 600, which is a desktop.
By changing the order of Priority we can make sure ByVirtual is processed before ByDesktop.
Inside our LiteTouch wizard we can now see the expected default name.
If you want to change this value, you can do so here. Just type in a different name.
Interestingly you can also run TestINI.cmd from a PXE booted machine.
You don’t have the benefit of the config manager tools to read the log, but the CMD window is good enough here.
Suppose I wanted to control the behaviour of the LiteTouch.vbs wizard with different options when booting from WDS compared to running from a UNC.
I can add a new section to our CustomSettings.ini file.
[Settings] Priority=Init, ByWDS,ByVirtual, ByDesktop, ByLaptop, Default Properties=MyCustomProperty,ComputerSerialNumber, ComputerTypeName
[WDS-LAB-MDT0.sbs.local] ' Skip Sysprep SkipCapture=Yes ' Skip Locale Settings SkipLocaleSelection=YES KeyboardLocale=en-GB UserLocale=en-GB UILanguage=en-GB SkipProductKey=YES SkipTimeZone=YES TimeZoneName=UTC ' Skip Admin Password AdminPassword=P@ssw0rd SkipAdminPassword=YES ' Default Task TaskSequenceID=01
So what we have done here, is add a new WDS section, that tells LiteTouch, if you are running from WDS, Skip the Capture Menu, Skip the UserLocale settings (and use the following settings), Skip the Admin Password (and use the following Password) and default to TaskSequence 01.
I mocked this up in about 10 minutes, so I suspect given some time a lot of really useful customisations could be made.
For example you could target Dell computers to a specific TaskSequenceID or a Laptop to have a different default admin password.
Join the Domain?
Of course one of the choices during our Deployment, is whether or not the client will join a domain.
We can control the behaviour of the MDT wizard in that respect by adding some lines to CustomSettings.ini.
The first line we can add is:
This will prepopulate the domain name field with the domain name we specify.
If we want to add credentials, we can do the following:
DomainAdmin=robAdmin DomainAdminDomain=sbs.local DomainAdminPassword=
Again this is all stored in plain text, so you may want to omit the password, or set it to an account that is disabled until needed. I believe it is also not necessary to use a Domain Admin account, just an account with permission to join computers to the domain.
As I didn’t specify a Password value in CustomSettings.ini we see an empty box and a message prompting for the password.
If we want to specify a password and force the client to join the domain we can add the following to CustomSettings.ini
Back in MDT we can look at the WinPE section of our Deployment Share.
When you switch to the WinPE tab, you are placed on the x86 settings.
Now if you are like me, you no longer deploy any x86 client computers.
So, to speed things up when we update our Deployment Share and Boot Images, we can disable the x86 settings.
Switch back to the General tab and uncheck x86 under Platforms Supported.
Switch back to WinPE and change the drop down menu to x64.
If you do not intend on ever booting an ISO you can disable the ISO creation.
Switch to the Drivers and Patches tab, and change the drop down menu to Drivers Only.
This keeps our Boot image light, and makes sure only relevant drivers are included.
The last two things I wanted to cover were the background image of your MDT deployment, and a customised message banner.
As shown in some earlier example images the default background is a rather dull grey with a Microsoft message in the top right corner.
You can modify this image or completely replace it. For reference, it is an 800×600 bmp image.
I chose to simply add my companies logo, which I thought was a nice simple touch.
Update the image path with the path to your new image file.
The message banner I mention, is displayed when MDT is executing a task sequence.
In the LiteTouch.wsf file in your Scripts folder, you can edit this text on line 724:
Lite Touch Installation
You can change it to anything of course, but I have chosen:
Installation in progress, please wait..
We can now update our Deployment Share again, the time run the optimise and compress option.
Don’t forget to PowerShell command to update the image stored in WDS.
In the next post we will look at adding Applications and Operating System Packages to our Deployment Share.