Wednesday, January 09, 2013 4:27 AM
Hi, I'm dealing with a few workstations with Windows 7 Pro pre-installed. These workstations are used for locked-down environment so I want to keep the per-machine OEM activations for my convenience. With every machine I boot into audit mode, use diskpart to modify partitions, dism to inject an unattend.xml and sysprep. Then the computer reboots and join the domain, install some applications. Domain-join and Diskpart come with unattend.xml whereas applications are installed by “add synchronized command” in the oobe stage.
The only downside of that approach is that I have to tailor a unattend.xml for every model by every application groups. So I wonder if there is any way I can make use of MDT by creating one task sequence that join the current computer to domain and install selected applications only. It would be better if it starts from audit mode, or else I have to find a way to disable all local accounts created during the initial oobe stage.
Thursday, January 24, 2013 3:11 PM
You should just be able to create a task sequence that only installs applications and then joins the computer to the domain. In MDT create a new task sequence and choose Custom Task Sequence. This will create a task sequence with only Application Install steps included. Open the new task sequence, click the Task Sequence tab and choose Add. Under Settings choose Recover From Domain. This will add a step to add the computer to the domain. You can specify settings like which domain, OU, and username and password in your Customsettings.ini file specifically for this task sequence for adding the PC's to the domain.
Info about the Recover From Domain step: http://scriptimus.wordpress.com/2011/05/10/mdt-2010-joining-a-domain/
I hope this is what you were looking for.
Thursday, January 24, 2013 10:34 PM
You need to create a Post Operating System Installation Task Sequence. It's designed to do everything you've asked for.
I've explained it here: LTI/ZTI Deployments: Post OS Task Sequence
Sunday, January 27, 2013 9:35 AMAndrew Barnes, that seems to be what I'm looking for however I have difficulties trying to access the link. Any chance you can post the content here?
Monday, January 28, 2013 8:46 AM
We used to have this for one off machines that werent in the MDT - the CEO for instance who would BYOD. Worked like a charm. Does everything you need it to (install apps, run commands, join domain, rename the computer etc). I didn't read all the manuals before I started though so I took a few wrong turns but a few things to keep in mind:
- You run the script directly from the installed operating system (not through WinPE)
- I ended up creating a batch file that pre-set the task sequence and automated the whole process so the helpdesk wasn't presented with an option that may break the machine (if they selected a new computer task sequence for instance) and just ave them access to the batch file.
- You might need to loosen the share rights on your deployment share (ourse was locked down tight) as the user that you are running as, usually a local admin, will need to access the share.
Its a little bit of setup but it was awesome once it was working, you could literally just take an OEM laptop and half an hour later it was good to go...
Monday, January 28, 2013 1:54 PM
Are you in a country that blocks wordpress.com?
The article simply explains how to create a task sequence based on the Post OS Installation Task Sequence template.
You can find information on this in the Microsoft Deployment Toolkit Documentation Library. Simply Create a post os task sequence and from the new machines, log in and connect to the deployment share.
In the customsettings.ini create properties for skip wizard panes, domain join and application install as in a normal LTI.
Tuesday, January 29, 2013 3:36 AMThank you all of you guys. I’m looking into the Post OS Installation Task Sequence now.
I created a task sequence based on the Post OS Installation Task Sequence template as described. I added a Recover From Domain step in the TS However I didn’t see a Computer Details UI when I launched litetouch.wsf from a target computer. So I cannot input/change domain/OU name and the credential when needed. Is there anything I’m missing here?