none
Using LocationServer.xml breaks share credentials

    Question

  • I have multiple deployment shares setup (Production, Development, International, etc.) and I am trying to use one boot environment for all. I have followed to the documentation about LocationServer.xml, removing the DeployRoot property from Bootstrap.ini, placed the custom LocationServer.xml in \\Share$\Extra Files\Deploy\Control, added Extra Files to the PE settings, and updated the Deployment Share to create a new iso and wim. When the deployment wizard launches it correctly displays the location wizard with the deployment shares' friendly names in the drop down list. But when I try to connect any share it prompts for credentials, which are defined in the Bootstrap.ini. I cannot find any documentation for how to define the deployment share user credentials within the LocationServer.xml file to automate this portion. If I cannot automate the user credentials, then the LocationServer.xml function is pretty much useless for me.

    Any thoughts or suggestions?

    Thanks,

    Wayne C.

    Wednesday, April 28, 2010 7:37 PM

Answers

  • Yup, DeployWiz_Validation.vbs Function ValidateDeployRoot() explicitly clears out any stored credentials.  (Never noticed that scenario before).

    Really the script should perform a ValidateConnection() function.

    I have filed a bug against the next version of MDT, and assigned it to the correct owner of this feature (Poor Schmuck).

    I am not aware of any work arround.

    Ref #: 11226


    Keith Garner (KeithGa.com) - Deployment Consultant - http://deployment.XtremeConsulting.com
    Thursday, November 11, 2010 3:47 AM
    Moderator

All replies

  • That should work - it should only prompt for credentials when it doesn't already have some.  Can you provide the BDD.LOG from one of the executions?  It may show what is going on.

    -Michael Niehaus
     Senior Software Development Engineer
     mniehaus@microsoft.com

     

    Wednesday, May 05, 2010 4:15 PM
  • Did you ever get an answer to this because I have just come up against the exact same issue. Add the LocationServer.xml to the boot image and anything specified for credentials in the Bootstrap.ini is ignored. This seems to be a bug!

     

    Wednesday, November 10, 2010 1:36 PM
  • I have just come up against the exact same issue. Add the LocationServer.xml to the boot image and anything specified for credentials in the Bootstrap.ini is ignored. This seems to be a bug!

     

    I am using MDT 2010 Update 1 and the latest WAIK.

    Regards

     

    Andrew

    Wednesday, November 10, 2010 1:36 PM
  • Yup, DeployWiz_Validation.vbs Function ValidateDeployRoot() explicitly clears out any stored credentials.  (Never noticed that scenario before).

    Really the script should perform a ValidateConnection() function.

    I have filed a bug against the next version of MDT, and assigned it to the correct owner of this feature (Poor Schmuck).

    I am not aware of any work arround.

    Ref #: 11226


    Keith Garner (KeithGa.com) - Deployment Consultant - http://deployment.XtremeConsulting.com
    Thursday, November 11, 2010 3:47 AM
    Moderator
  • As a workaround you can comment out the following lines in DeployWiz_Validation.vbs

    ' Get the credentials and connect to the share!
    
    oEnvironment.Item("UserID") = ""
    oEnvironment.Item("UserDomain") = ""
    oEnvironment.Item("UserPassword") = ""
    
    
    


    I only comment out the userid and userdomain; this way i only need to type a password and click ok.

    If you want it to be fully automated.... it looks a little tricky.  Once I get my environment up 100% I may look into this further.  Hopefully mdt 2012 will fix this; haven't had a chance to mess with the beta yet. 

    Wednesday, October 19, 2011 9:02 PM
  • Just specify the settings in the locationserver.xml file

     <serverid>1</serverid>
     <friendlyname>Friendly name for list</friendlyname>
     <UNCPath>\\server\share$</UNCPath>
     <DomainAdmin>username</DomainAdmin>
     <DomainAdminPassword>password</DomainAdminPassword>
     <DomainAdminDomain>domain-short-name</DomainAdminDomain>
     <JoinDomain>your.fully.qualified.domain</JoinDomain>
     <TaskSequenceID>TSID to run</TaskSequenceID>
     </server>

    You can specify pretty much any MDT variable there. :D

    • Proposed as answer by ccatlett1984 Thursday, October 20, 2011 3:25 PM
    Thursday, October 20, 2011 3:25 PM
  • True, but these variables are only set AFTER you provide credentials to login to the share.  I am trying to find a way to manually select a server and also forego entering any credentials.  I have decided to resort to a more involved edit of the stock scripts to accomplish this; unless someone knows of a way to do this without editing scripts...
    Wednesday, November 02, 2011 8:49 PM
  • There is still no fix for this or for the wiping out of logon credentials, and I am using MDT 2012 Update 1.

    Thursday, September 26, 2013 8:05 PM
  • MDT 2013 Here - same issue. 

    Looking at BDD.LOG I am seeing the processing of Bootstrap.ini and seeing ZTIGather return values for UserID, UserPassword and UserDomain that I set in bootstrap.ini. However right after Bootstrap.ini processes I see Wizard setting those values back to nothing. I can't seem to figure out where on any of the scripts to stop this from happening. Is there any sort of follow up or any other solutions to this?

    Saturday, October 18, 2014 8:32 PM
  • Still no fix for this, in bdd.log you can see indeed see happening what Acetaminophen777 described.

    Microsoft..., seriously?

    Thursday, April 16, 2015 6:43 AM
  • Hello Kind people who are kind enough to try and help in their free time and don't get paid for it at all,

    VortextTangent is pretty close to the money on this one.  To suppress the credentials wizard completely so that MDT references the user credential variables from Bootstrap.ini, mount your winpe image and open WelcomeWiz_DeployRoot.vbs. Modify the ValidateDeployRoot function by setting ValidateDeployRoot to true and commenting out most of the function like so:

    Function ValidateDeployRoot
     Dim oItem
     Dim oVariable
     Dim oName
     Dim sCmd

    ' ValidateDeployRoot = DisplayValidateDeployRoot
     ValidateDeployRoot = TRUE

    ' If ValidateDeployRoot = FALSE then
    '  Exit function
    ' End if
    '
    '
     ' Test the share for network access.
    '
    ' ValidateDeployRoot = FALSE
    '
    ' Do
    '  On Error Resume Next
    '  Err.Clear
    '  If oFSO.FileExists(DeployRoot.value & "\Control\OperatingSystems.xml" ) then
    '   ValidateDeployRoot = TRUE
    '   Exit Do
    '  End if
    '  On Error Goto 0
    '
    '  If Mid(DeployRoot.value, 2, 2) = ":\" then
    '   Alert "Invalid or unrecognized path specified!"  ' For example, if they specified W:\Deploy and that didn't exist
    '   ValidateDeployRoot = FALSE
    '   Exit Function
    '  ElseIf not ValidateDeployRoot then
    '
       ' Get the credentials and connect to the share!
    '
    '   oEnvironment.Item("UserID") = ""
    '   oEnvironment.Item("UserDomain") = ""
    '   oEnvironment.Item("UserPassword") = ""
    '
    '   oShell.Run "mshta.exe " & window.document.location.href & " /NotWizard /LeaveShareOpen /ValidateAgainstUNCPath:" & DeployRoot.value & " /Definition:Credentials_ENU.xml", 1, true
    '
    '   If UCase(oEnvironment.Item("UserCredentials")) <> "TRUE" then
    '    Alert "Could not validate Credentials!"
    '    Exit function
    '   End if
    '
    '  End if
    '
    ' Loop until ValidateDeployRoot = TRUE


     ' Flush the value to variables.dat, before we continue.

     SaveAllDataElements
     SaveProperties

     ' Process full rules

     sCmd = "wscript.exe """ & oUtility.ScriptDir & "\ZTIGather.wsf"""
     oItem = oSHell.Run(sCmd, , true)

     ' Extract out other fields within the XML Data Object.

     If oXMLSiteData is nothing then
      Exit function
     End if

     For each oItem in oXMLSiteData.selectNodes("//servers/server")
      If SiteList.value = oUtility.SelectSingleNodeString(oItem,"serverid") then
       For each oVariable in oItem.selectNodes("otherparameters/parameter")
        Set oName = oVariable.Attributes.getQualifiedItem("name","")
        If not oName is Nothing then
         oProperties(oName.Value) = oVariable.Text
        End if
       Next

      End if
     Next

    End Function

    Unmount the wim file, commit the changes and you're set. These changes worked in MDT 2013.




    • Edited by nerdfinger Wednesday, September 09, 2015 5:13 AM
    • Edited by Ty GlanderModerator Thursday, March 23, 2017 5:10 PM Removed insulting greeting and replaced with something more appropriate
    Wednesday, September 09, 2015 5:07 AM
  • Instead of commenting out those lines, what would be the drawback to just adding the necessary credentials?  That's what I am doing and it works great - when booting from a boot.iso, I get the options specified in the locationserver.xml, then a screen with the credentials specified already, hit enter, away I go.  I guess there would be some security issue as there is a .vbs sitting around with a username and password in it, but hey - 6 of one, 1/2 dozen of the other....
    • Edited by LSNadon Monday, September 14, 2015 5:52 PM
    Monday, September 14, 2015 5:51 PM
  • I guess it's about whatever floats your boat.  By commenting out the code it references the credentials that are already specified in Bootstrap.ini instead of hardcoded in the .vbs. After a thousand odd tablet builds, having to deal with 1 less wizard pane is a bonus too :D


    • Edited by nerdfinger Tuesday, September 15, 2015 6:36 AM
    Tuesday, September 15, 2015 6:36 AM
  • Keith,

    I am facing same issue, do we have solution for this problem yet ?

    Thursday, January 28, 2016 1:06 PM
  • I also have the same problem. I'm simply looking to cut down on the input required during deployment. 7yrs later, no actual fix...

    Wednesday, March 22, 2017 10:11 PM