/bundles/itninjaweb/img/Breadcrumb_cap_w.png

Blog Posts tagged with Supporting Windows

Ask a question

Fix for Error Uninstalling Program (Missing Source Files)

A handful of machines were failing uninstall-type Managed Installs (using Adobe's Uninstall, MSI uninstall commands, etc) and when trying to manually uninstall via Add/Remove Programs (which would give the annoying "missing source files" error).  I've used these tools several times now and found them to be very useful (particulaly since the error typically points to a Temp subfolder which got purged months/years ago).

Definitely beats purging the software by hand from the registry and manually deleting program folders/files (which is what I've done for many years).  The only thing improvement I would make would be to add an option to uninstall multiple applications in one shot, but other than that I can't complain.

These also have "Install Repair" functionality, but I can't speak for it since I haven't needed to use it yet.  Just FYI, it's there as well.

John
___________________________________________

XP & Vista
http://support.microsoft.com/kb/971187
* requires an active Internet connection, works with proxy via IE settings

Win7
http://support.microsoft.com/mats/Program_Install_and_Uninstall
* portable version of FixIt app available for download

View comments (3)

Dell K2000- Windows 7,8,10 with BitLocker Pre-Provisioning

Prerequisites:

Windows ADK for Windows 10

https://msdn.microsoft.com/en-us/windows/hardware/dn913721.aspx

Dell K2000 Media Manager

http://YOUR-k2000/utils/kmediamanager.msi

Dell KBE Manipulator (3.7.1.8)

http://www.itninja.com/question/kbe-manipulator

Microsoft BitLocker Administration and Monitoring - Client Deployment Scripts

https://www.microsoft.com/en-us/download/details.aspx?id=48698

Dell Command | Configure

http://en.community.dell.com/techcenter/enterprise-client/w/wiki/7532.dell-command-configure

VMware Workstation (For RSA)

https://www.vmware.com/products/workstation

Get/Set ComputerName

http://www.itninja.com/blog/view/get-set-computername

(Optional) Windows Server 2012 R2 (NIC Teaming)

https://www.microsoft.com/en-us/server-cloud/products/windows-server-2012-r2/

 

 

Assumptions:

Golden Image made and sysprep'd

BitLocker enabled in your Active Directory environment but want a way to automate this process

Microsoft BitLocker Administration and Monitoring 2.5 SP1 setup in your environment (Not 100% needed but used for PowerShell script)

Dell K2000 is in place and setup with latest version

Dell K2000 RSA is in place and setup with latest version

Dell K2000 samba share is enabled

Dell Laptop/Desktop are used in your environment

 

Before we Begin:

I will take you through the steps to getting BitLocker automated using the K2000 appliance. The process I am writing took a lot of time and effort to perfect. If you have a better way to improve this 

process please let post as I am always looking for a way to improve this process. Also this is my first post/blog so try not to troll me to much :-)

 

Let's take it from the top:

  1. Setting up Windows 2012 R2 for NIC Teaming
    • Login to your Windows 2012 R2 Server (I recommend to login locally or via iDRAC)
    • Open the "Server Manager" dashboard (if it hasn't already opened on login)
    • Go to Configure this local server--> NIC Teaming Disabled
    • The "NIC Teaming" dashboard will open
      • Under "ADAPTERS AND INTERFACES" right click the 2 NICS you want to team--> Add to New Team
      • Team Name: "ENTER YOUR CUSTOM NAME"
      • Make sure both NICS are checked and click the drop down "Additional properties"
        • Teaming mode: Switch Independent
        • Load balancing mode: Dynamic
        • Standby adapter: None (all adapters Active)
        • Click "OK"

 

  1. Installing VMware Workstation and Importing Dell K2000 RSA
    • Download VMware Workstation and run through the installation
    • Open Internet Explorer or your favorite browser
      • Navigate to http://YOUR-K2000/ and login
      • Go to Deployments--> Remote Sites--> Choose Action--> Download OVF--> Download
    • Once the install is complete open VMware Workstation
      • Go to Edit--> Virtual Network Editor…
      • Select all VMnet networks except for the "Bridged" Type Network (Mine is VMnet0)
      • Click "OK"
    • Extract your Dell K2000 RSA
    • Navigate to where you just extracted your Dell K2000 RSA OVF and double click to begin the import
    • Don't bring up the VM just yet we need to remove the flex NIC and add the e1000 NIC

 

  1. Setting up your Dell K2000 RSA for MAX performance
    • With VMware Workstation still open click on the VM you just imported
    • Click Upgrade Hardware Version--> Alter this VM--> Select latest version available--> OK
    • Right click you Dell K2000 RSA--> Settings
      • Memory: 4GB
      • Processors: 2
      • Remove Floppy Drive
      • Remove Network Adapter
      • Add CD/DVD drive
      • Click the "Options" Tab
        • Guest operating system: FreeBSD (64-bit)
      • Click OK
    • Right click you Dell K2000 RSA--> Settings
      • Add Network Adapter
      • Click OK
    • Right click you Dell K2000 RSA--> Settings
      • Click the "Options" Tab
        • Guest operating system: FreeBSD (32-bit)
      • Click OK
    • Power on your VM!
    • Once the VM is up login with konfig
      • IP address: 10.0.0.1 (Make it a bogus IP address)
      • Network Speed: 1000Mbps (IMPORTANT)
      • Save
    • After the VM is back up again login with konfig
      • IP address: X.X.X.X (Make it the IP address you want now)
      • Network Speed: Auto-negotiate
      • Save

 

  1. Creating a custom WinPE 10 KBE and upload to Dell K2000
    • Open K2000 Media Manager
      • Enter your "K2000 hostname" and "Samba Share Password"
      • Click the "Create K2000 Boot Environment" Tab
      • Name: TEMPKBE
      • Architecture: 64-bit (x64)
      • Path: C:\Program Files (x86)\Windows Kits\10 (This should already be selected for you)
      • Click "Start Upload"
      • Close once it has created the media and uploaded to the K2000
    • Open Internet Explorer or your favorite browser
      • Navigate to http://YOUR-K2000/ and login
      • Go to Deployments--> Boot Environments--> TEMPKBE
      • Click "Download bootable ISO for this Boot Environment"
      • Save to your Downloads or somewhere you know to get to it
    • Mount the ISO
    • Copy the BOOT.WIM file to a location on your computer
    • Let's mount  the WIM image with DISM
      • Open a command prompt and Run as Administrator
      • mkdir C:\KBE
      • Dism /Mount-Image /ImageFile:C:\TEMPKBE.wim /index:1 /MountDir:C:\KBE
    • Add Dell Command | Configure
      • mkdir C:\KBE\CCTK
      • mkdir C:\KBE\CCTK\AMD64
      • mkdir C:\KBE\CCTK\X86
      • copy "C:\Program Files (x86)\Dell\Command Configure\X86_64" C:\KBE\CCTK\AMD64
      • copy "C:\Program Files (x86)\Dell\Command Configure\X86" C:\KBE\CCTK\X86
    • Add custom features using DISM
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-NetFx.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-HTA.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-SecureStartup.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-StorageWMI.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-PowerShell.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-Scripting.cab"
    • Add custom features locale using DISM
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WMI_en-us.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-NetFx_en-us.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-HTA_en-us.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-SecureStartup_en-us.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-StorageWMI_en-us.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-PowerShell_en-us.cab"
      • Dism /image:C:\KBE /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-Scripting_en-us.cab"
    • Commit changes to your image and unmount
      • Dism /unmount-image /mountdir:C:\KBE /commit
    • Open KBE Manipulator and upload your custom KBE
      • File--> Choose .wim to upload
      • Select the WIM file location
      • Enter your "K2000 Information"
      • Name to assign the KBE: WinPE 10 KBE
      • KBE Architecture: x64
      • Click "Create KBE"
    • Set Default K2000 Boot Environment
      • Open Internet Explorer or your favorite browser
      • Navigate to http://YOUR-K2000/ and login
      • Go to Settings--> Control Panel--> Default K2000 Boot Environments
      • Windows x64: WinPE 10 KBE
      • Click Save

 

  1. Creating your Pre-Installation System Image Tasks
    1. Create a zip called TPMActivateCheck.zip and the following to it
      • Open notepad and save the following as TPMActivateCheck.ps1:

 

$TPM = X:\CCTK\AMD64\cctk.exe --tpm

$TPMActivated = X:\CCTK\AMD64\cctk.exe --tpmactivation

 

If($TPM -eq "tpm=off" -And $TPMActivated -eq "tpmactivation=deactivated"){

X:\CCTK\AMD64\cctk.exe --setuppwd=password

X:\CCTK\AMD64\cctk.exe --tpm=on --tpmactivation=activate --valsetuppwd=password

X:\CCTK\AMD64\cctk.exe --setuppwd= --valsetuppwd=password

Write-Host "TPM has been ENABLED and ACTIVATED"

Write-Host "The computer will now need to reboot and the image process to be restarted."

Write-Host "Reboot in 1 minute"

Start-Sleep -s 60

Restart-Computer

}

If($TPM -eq "tpm=on" -And $TPMActivated -eq "tpmactivation=deactivated"){

Write-Host "Please boot into the BIOS and Load Defaults and"

Write-Host "remove the ADMIN password in the BIOS to image this computer"

Write-Host "The computer will now need to reboot and the image process to be restarted."

Write-Host "Reboot in 1 minute"

Start-Sleep -s 60

Restart-Computer

}

If ($TPM -eq "tpm=off" -Or $TPMActivated -eq "tpmactivation=deactivated"){

Write-Host "TPM has been ENABLED and ACTIVATED"

Write-Host "The computer will now need to reboot and the image process to be restarted."

Write-Host "Reboot in 1 minute"

Start-Sleep -s 60

Restart-Computer

}

  • Open notepad and save the following as TPMActivateCheck.bat:

 

X:

cd X:\Windows\System32\WindowsPowerShell\v1.0

powershell.exe -nologo -executionpolicy bypass -noprofile -file Y:\preinstall\XXX\contents\TPMActivateCheck.ps1

exit

  • Open Internet Explorer or your favorite browser
  • Navigate to http://YOUR-K2000/ and login
  • Go to Library--> Pre-installation Tasks--> Choose Action--> Add Application…
    • Name: **TPM REBOOT CHECK**
    • Runtime Environment: K2000 Boot Environment (Windows)
    • Upload File: TPMActivateCheck.zip
    • Parameter: cmd /k TPMActivateCheck.bat
    • Click Save
  • Go to Library--> Pre-installation Tasks
    • Hover your mouse over **TPM REBOOT CHECK** and take note of the id=
    • Replace id number in TPMActivateCheck.bat from XXX to the number noted
    • Replace the file in the TPMActivateCheck.zip and replace in that task
  1. Windows- Create two partitions
    • Open Internet Explorer or your favorite browser
    • Navigate to http://YOUR-K2000/ and login
    • Go to Library--> Pre-installation Tasks--> Choose Action--> DISKPART Script
      • Name: Windows- Create Two Partitions
      • DISKPART Script:

select volume 0

remove all noerr

select disk 0

clean

create partition primary size=200

assign letter="C"

active

create partition primary

assign letter="D"

Exit

  • Click Save
  1. Windows- Format Disks
    • Open Internet Explorer or your favorite browser
    • Navigate to http://YOUR-K2000/ and login
    • Go to Library--> Pre-installation Tasks--> Choose Action--> BAT Script
      • Name: Windows- Format Disks
      • BAT Script:

format /q /y /fs:ntfs /v:Boot C:

bootsect.exe /NT60 C:

format /q /y /fs:ntfs /v:Windows D:

bootsect.exe /NT60 D:

  • Click Save
  1. Dell Command | Configure
    • Open Internet Explorer or your favorite browser
    • Navigate to http://YOUR-K2000/ and login
    • Go to Library--> Pre-installation Tasks--> Choose Action--> BAT Script
      • Name: Dell CCTK
      • BAT Script:

start /wait x:\cctk\amd64\cctk.exe --setuppwd=password

start /wait x:\cctk\amd64\cctk.exe --wakeonlan=enable --usbpowershare=enable --wakeonlan=lanorwlan --fastboot=minimal --embnic1=on --valsetuppwd=password

start /wait x:\cctk\amd64\cctk.exe bootorder --sequence=hdd --valsetuppwd=password

  • Click Save
  1. BitLocker WinPE Encryption
    • Open Internet Explorer or your favorite browser
    • Navigate to http://YOUR-K2000/ and login
    • Go to Library--> Pre-installation Tasks--> Choose Action--> BAT Script
      • Name: BitLocker WinPE Encryption
      • BAT Script: manage-bde -on D: -UsedSpaceOnly -em aes256
      • Click Save
  1. Creating your Mid-Level and Post-Installation Tasks
    1. Create Activate TPM EXE package using Dell Command | Configure
      • Open Dell Command | Configure Wizard
        • In Search box type: tpmactivation
        • tpm: on
        • tpmactivation: activate
        • Export .EXE
        • Use the password information below (use the password you set as the Dell CCTK task)
        • Click OK
        • Save file as tpm_sce.exe
    2. Set Computer Name
      • Open Internet Explorer or your favorite browser
      • Navigate to http://YOUR-K2000/ and login
      • Go to Library--> Post-installation Tasks--> Choose Action--> Add Application…
        • Name: Set Computer Name
        • Runtime Environment: K2000 Boot Environment (Windows)
        • Upload File: SetComputerName_x64.exe
        • Parameter: SetComputerName_x64.exe /name:$Serial
        • Click Save
    3. Bitlocker Save TPM Owner
      • Open Internet Explorer or your favorite browser
      • Navigate to http://YOUR-K2000/ and login
      • Go to Library--> Post-installation Tasks--> Choose Action--> Add Application…
        • Name: Bitlocker Save TPM Owner
        • Runtime Environment: K2000 Boot Environment (Windows)
        • Upload File: SaveWinPETpmOwnerAuth.wsf
        • Parameter: cscript.exe SaveWinPETpmOwnerAuth.wsf
        • Click Save
    4. TPM CCTK Activation
      • Open Internet Explorer or your favorite browser
      • Navigate to http://YOUR-K2000/ and login
      • Go to Library--> Post-installation Tasks--> Choose Action--> Add Application…
        • Name: TPM CCTK Activation
        • Runtime Environment: Windows
        • Upload File: tpm_sce.exe
        • Parameter: tpm_sce.exe /nolog
        • Click Save
    5. Reboot (Needed to disable UAC and auto login)
      • Open Internet Explorer or your favorite browser
      • Navigate to http://YOUR-K2000/ and login
      • Go to Library--> Post-installation Tasks--> Choose Action--> Add BAT Script…
        • Name: Reboot
        • Runtime Environment: Windows
        • Bat Script:

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DisableCAD /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v ForceAutoLogon /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoLogonCount /t REG_DWORD /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d %computername%  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d USERNAME  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d PASSWORD /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /d 0 /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 0 /f

  • Click Save
  1. Install MBAM 2.5 SP1
    • Create zip named MBAMClientSetup.zip
      • Copy MBAMClientSetup.msi into the zip
      • Create a batch file named MBAMClientSetup.bat

msiexec /i MBAMClientSetup.msi /q ALLUSERS=1 OPTIN_FOR_MICROSOFT_UPDATES=1

  • Copy the MBAMClientSetup.bat into the zip
  • Open Internet Explorer or your favorite browser
  • Navigate to http://YOUR-K2000/ and login
  • Go to Library--> Post-installation Tasks--> Choose Action--> Add Application…
    • Name: Install MBAM 2.5 SP1
    • Runtime Environment: Windows
    • Upload File: MBAMClientSetup.zip
    • Parameter: MBAMClientSetup.bat
    • Click Save
  1. TPM CCTK Activation
    • Open Internet Explorer or your favorite browser
    • Navigate to http://YOUR-K2000/ and login
    • Go to Library--> Post-installation Tasks--> Choose Action--> Add Application…
      • Name: TPM CCTK Activation
      • Runtime Environment: Windows
      • Upload File: tpm_sce.exe
      • Parameter: tpm_sce.exe /nolog
      • Click Save
  2. Domain Join
    • For this step join the domain and if you enable UAC via GPO make sure to add these entries to the batch file. This will work because the batch file is still elevated once it joins the domain.

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DisableCAD /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v ForceAutoLogon /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoLogonCount /t REG_DWORD /d 1  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultDomainName /d DOMAIN  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUserName /d USERNAME  /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassWord /d PASSWORD /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /d 0 /f

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 0 /f

  1. Bitlocker Encryption
    • Create zip named MBAMencrypt.zip
    • Copy BDEAdBackup.vbs into the zip
    • Copy Invoke-MbamClientDeployment.ps1 into the zip
    • Create a batch file named MBAMencrypt.bat

powershell.exe -nologo -executionpolicy bypass -noprofile -file Invoke-MbamClientDeployment.ps1 -RecoveryServiceEndpoint http://MBAM-SERVER:80/MBAMRecoveryAndHardwareService/CoreService.svc -StatusReportingServiceEndpoint http://MBAM-SERVER:80/MBAMComplianceStatusService/StatusReportingService.svc -IgnoreEscrowOwnerAuthFailure

cscript BDEAdBackup.vbs

manage-bde -protectors -enable C:

  • Copy MBAMencrypt.bat into the zip
  • Navigate to http://YOUR-K2000/ and login
  • Go to Library--> Post-installation Tasks--> Choose Action--> Add Application…
    • Name: Bitlocker Encryption
    • Runtime Environment: Windows
    • Upload File: MBAMencrypt.zip
    • Parameter: MBAMencrypt.bat
    • Click Save

 

  1. Installation Plan Layout
        

 

 

Answers to the Why's:

  1. Setting up Windows 2012 R2 for NIC Teaming

So in my testing when we get the K2000 RSA changed from the flex NIC to the e1000 NIC the speed jumped from 20-30Mbps to 60Mbps. Great right? But we should be able to saturate our Gigabit NIC on our server and reach a theoretical speed of about ~90Mbps or similar to a file transfer on the network to another computer. Anyways when you team the NIC's we are able to jump from 60Mbps to 90Mbps! There are also other benefits for teaming the NICs that I don't cover here.

 

 

Credit where Credit is due:

 

Enable TPM in a Task Sequence (DELL)

 

How can I Pre-Provision BitLocker in WinPE for Windows 8 deployments using Configuration Manager 2012 SP1

 

How to create a Dell Command-Configure Package in ConfigMgr

 

Bitlocker, MDT, Dell and TPM

 

17 Steps to Installing MBAM 2.5 SP1 In a 5 Tier Setup

 

Change VMWare Server NIC to e1000 (111351)

 

K2000 Performance (111769)

 

MBAM 2.5 SP1 SCCM OS Deployment

 

TPM activation using CCTK SCE in an SCCM environment

 

MBAM key recovery backup if machine already encrypted

 

How to Pre-Provision BitLocker on Windows 7

 

Bypass MBAM policy check when running Invoke-MbamClientDeployment.ps1

 

MBAM 2.5 SP1 - Failed to escrow TPM owner-auth

View comments (3)

Custom Deployments

Custom Deployments is a new feature in version 6.0 of the KACE Systems Deployment Appliance (SDA) that allow users to deploy a set of tasks to a Windows workstation without deploying an image or scripted install. 

With a custom deployment, no hidden tasks are automatically assigned like in an image or scripted install.  This means that everything needing to run will have to be manually assigned and for this reason, it is considered an advanced feature.  The 6.0 release of the SDA includes 2 custom deployments by default; x86 and x64 variations of "Scan User States Offline and Shutdown".  This is a perfect example of a custom deployment because after the task is complete and the shutdown command is given, the deployment shows as completed.  In the past, you would need to do a batch script to shut down, and because the built in tasks did not run, it would never display as successfully completed and it would stay in the Progress portion of the UI until removed.  This is just one example of a custom deployment, there are other great ways to leverage them.

We are including these downloads to get you started, you must be a member of the K2000 community on ITNinja to gain access.  After extracting the download, the package can be imported into the SDA.  The import is a task group (another new feature of 6.0) that contains all the tasks needed for the custom deployment. Since each custom deployment is assigned a specific architecture, it is easier to provide them as a single package with task groups

To use the imported item, create a new custom deployment, apply the appropriate task group, and save.  All the tasks are named with [CU] as a prefix, as CU is the prefix used when exporting custom deployments. By implementing this naming scheme it is easy to find the tasks commonly used for custom deployments.  I also name my custom deployments with the [CU] prefix.

******NOTE
SDA version 6.0 is not yet available.  Once it is released we will include the links to the packages.  When it is released do not import these tasks into any version less than 6.0, it will cause issues.

Windows 10 in-place upgrade.  This custom deployment is used when an in-place upgrade of Windows 10 is needed, either from Windows 7/8 or an earlier build of Windows 10.  The same edition must be used when upgrading.  The auto logon and prepare Windows 10 tasks need to be customized for your environment, make sure to read the notes.

Run tasks in an operating system.  If you have tasks that need to be run within the OS, then this task group is needed for everything to run the way you would expect. Some tasks need to be customized for your environment, make sure to read the notes.

USMT, DoD Wipe and Shutdown.  This task group will scan user states offline, partition/format the drive, perform a 7-pass DoD wipe and then shut the machine down.  We have referenced the SysInternals tool SDelete.  We cannot include the executables as we do not have rights to distribute them, but the task has a link to download SDelete from Microsoft.  Once you have downloaded SDelete, extract the file, download the SDelete.bat file from the task and then ZIP the 3 files together. Use the resulting ZIP file to replace the BAT file in the task.  The BAT file will determine which architecture is running and run the appropriate application.  No other changes are needed unless you want to change some of the SDelete parameters, those changes would need to be made in the BAT file before it is added to the ZIP.

How will you use custom deployments?  If you have any interesting ideas that you believe others can use, export your tasks as a task group, making sure to have the tasks named with [CU].  Please review the tasks that are included here first and try to reuse those so we can stay consistent. Email your exported task groups to Corey Serrins [corey dot serrins at quest dot com] and we will add those to this page.



View comments (1)

Step-by-step: How to create a network bootable floppy


A Step-by-Step: Creating a Network Boot Disk 

Using Windows NT's Network Client Administrator

Creating a network boot disk can be a real headache. The subject is documented fairly poorly and tools to help you do the job are equally hard to come by. Due to the need for network startup disks for use with imaging software, this has become a regularly revisited subject at AppDeploySM. Though most imaging software packages come with their own network boot disk generation utility, even with these you may still want to create your own in an attempt to get the most optimal use of the limited space you have on that floppy disk. Step-by-step instructions covering how to do it yourself seem to be very difficult to find- so here goes:

 Network Client Administrator Installation

Network Client Administrator Installation

If you have an NT workstation you may skip to "Network Client Administrator Execution". Windows 2000 does not include an equivalent tool, however you may use the Windows NT version of the tool on a Windows 2000 system by performing the following steps: 

Create a folder called C:\Ncadmin.

Create a subfolder called C:\Ncadmin\Clients

Copy the following files from the I386 folder on the Windows NT Server 4.0 CD-ROM to the folder you created:

  •  Ncadmin.cn_

  •  Ncadmin.ex_

  • Ncadmin.hl_

At a command prompt, change to the C:\Ncadmin folder, and then type the following command:

"expand -r ncadmin.*"

Double-click Ncadmin.exe to launch the utility.

 Network Client Administrator Execution

Network Client Administrator Execution

Note: If you know that your network card is not listed, you will need to implement the steps below to add it to those available before proceeding.

Once launched, select the “Make Network Installation Startup Disk” from the menu and press the “Continue” button to begin.

You are requested to provide a path to the client installation files. Enter “C:\Ncadmin\Clients” as the path if you followed the steps above (or the appropriate directory if running from an existing NT Server installation), select the “Share Files” radio button and press “OK”.  This will share the "C:\Ncadmin\Clients" folder as “clients”, which you may feel to remove after your network boot disk has been created. 

The next dialog prompts you to choose what type of floppy, network client, and network card driver you wish to create the boot disk for. Choose “Network Client v3.0 for MS-DOS and Windows” as your network client.  Select your network card from the list and press “OK” to continue. If your network card is not listed, see “Adding new entries to the Network Client Administrator” below.

The next dialog will prompt you for startup disk configuration information including Computer Name, User Name (must be unique on the network), Domain, and Protocol and (if necessary) IP information. Select “TCP/IP Protocol” from the protocol dropdown list, it may appear that there is only one item to select- look closely and you should see a very small scroll bar in the dropdown list (push the down arrow to see “TCP/IP Protocol”). If available it is recommended that you use DHCP for simplicities sake- otherwise fill in the proper IP information here. 

Next the boot disk itself will actually be created. You will need to provide a blank, formatted system disk (bootable) for the files to be placed on. Windows NT/2000 cannot do this for you, as there is no DOS equivalent operating system present to place on the floppy. Go to a DOS or Windows 9x machine and format the disk with the “/s” option to create the blank, formatted system disk. This should NOT be a Windows NT formatted diskette.

As the floppy is populated with the necessary files a progress dialog is presented. When complete, you have your network boot floppy. If you should run into problems see some tips at the end of this document, our network boot disk creation FAQ or visit our network boot disk user forum.

 Adding New Entries to the Network Client Administrator

Adding New Entries to the Network Client Administrator

1. Copy the “Clients” subdirectory from the Windows NT Server compact disc to “c:\Ncadmin\clients”. Note that this requires nearly 70 megabytes (MB) of disk space.

2. Copy the network card’s entry in the [netcard] section of your NDIS2 driver's Oemsetup.inf and paste it into the [netcard] section of the file Wcnet.inf, found in the "\Clients\Msclient\Netsetup" folder.

For example, the following is the [netcard] section of the 3com 3C90x driver's Oemsetup.inf file:

[netcard]

tcm$el90x="3Com EtherLink PCI NICs (3C90X)",0,ndis,ethernet,0x07,tcm$el90x,tcm$el90x_nif

3. Append the NDIS2 driver's header and NIF section from the Oemsetup.inf file to the bottom of the same Wcnet.inf file.

For example, the following are the header and NIF sections of the 3com 3C90x driver's Oemsetup.inf file:

[tcm$el90x]

ndis3=1:el90x.386
ndis2=1:el90x.dos
mlid=1:3c90x.com

[tcm$el90x_nif]

param=DriverName,"",static,"el90x$"
slot=SLOT,"Adapter Slot Number",int,"1,64,1",1,0x32
param=earlyrelease,"Early Release Option",keyonly,,,0x02
param=maxrequests,"Maximum number of general requests",int,"3,10,1",3,0x02
param=maxmulticasts,"Maximum number of multicast addresses",int,"1,50,1",16,0x02
param=maxtransmits,"Maximum number of queued transmits",int,"3,50,1",10,0x02
param=maxreceives,"Maximum Receive Buffers",int,"3,30,1",3,0x02
param=maxframesize,"Maximum frame size",int,"256,17952,8",4096,0x02

4. If in step three the data you appended contained DEVDIR= and/or DEVICE= entries, delete those lines from the file (Wcnet.inf).

5. If not already present, add the line, "ndis2=1:<drivername>" to the header (first part) of the data appended and save the Wcnet.inf file.  The driver name should have the .DOS extension. The 3com example above already contains this entry.

6. Copy the NDIS2 driver to the "\Clients\Msclient\Netsetup" folder.

In the 3com 3c90x example you would copy the file el90x.dos to the "\Clients\Msclient\Netsetup" folder.

 Troubleshooting Your New Network Boot Disk

Troubleshooting Your New Network Boot Disk

Error 33: Unable to Bind

Some cards require the Drivername value to be set under the header section in the Protocol.ini file. For example the 3c905 example described above exhibited this error until the protocol.ini file was edited to include the entry “drivername=el90x$” as follows:

[network.setup]

version=0x3110
netcard=tcm$el90x,1,TCM$EL90X,1
transport=tcpip,TCPIP
lana0=tcm$el90x,1,tcpip

[tcm$el90x]

DriverName=el90x$   <---- Note DriverName entry was added manually

[protman]

drivername=PROTMAN$
PRIORITY=MS$NDISHLP

[tcpip]

NBSessions=6
DefaultGateway0=
SubNetMask0=
IPAddress0=
DisableDHCP=0
DriverName=TCPIP$
BINDINGS=tcm$el90x
LANABASE=0  
 

One visitor reports that the DriverName entry was case sensitive, so be careful. (and thanks to Brian Fort for sharing!)

If the problem persists, this error can also sometimes be attributed to a problem with the internal name used in the protocol.ini. The internal driver name of the NIC driver is not what is expected. The driver name is normally the same as the filename of the driver with a $ appended to the end (i.e. FEM556N2.DOS would be FEM556N2$), but this isn't true for all drivers, check with your NIC vendor. 

Need some space? You can delete the file "a:\net\neth.msg" as it is not needed (121 kb)

Need a packet driver? Check out this resource: ftp://ftp.crynwr.com/drivers/00index.html 

 

 
Be the first to comment

[Konf 2011] 100% Windows 7 Deployment Automation

For those of you who were at the Konference, you may have seen my presentation on Windows 7 automation that uses several methods to achieve total automation for the end user experience. For those of you who missed it or who didn't attend the Konference, here is the presentation:

100% Windows 7 Deployment Automation

I will be adding code examples to this post soon, but I at least wanted to make the presentation available. I will also post a link to the video of my presentation if and when it becomes available on the DellKACE website.

For the following examples, much of the code is written in AutoIT. If you are unfamiliar with AutoIT, head over to www.autoitscript.com and download the free IDE and compiler. Also, I wrote an O'Reilly book back in 2007 that is available on Amazon for $7.99 that gives you a basic start with the language. Now, here is the example list. This will be growing.

View comments (1)
Showing 1 - 5 of 394 results

Top Contributors

Talk About Microsoft Windows