Powershell script cannot access network shares during OS deployment RRS feed

  • Question

  • I have written a powershell script that updates bios on client computers. It works fine when I run it in a separate custom task sequence by itself using litetouch.vbs , however when I run it during OS deployment it fails.

    I am running the power shell script from a batch file this way: 

    PowerShell.exe -ExecutionPolicy Bypass -Command "& DDSBIOS.ps1'"

    The power shell script runs and tries to access a unc path which is on the deployment server, but a different share. It tests the unc path and reports an error if the path does not exist. So it is reporting that the path does not exist. This is really odd because as I said it works perfectly in a separate task sequence by itself. 

    What is different about running a powershell script during an OS deployment task sequence vs a custom task sequence? How can I make sure the script has access to the network credentials given at the beginning of the deployment? 

    • Edited by Wolverine58 Saturday, December 15, 2018 12:54 AM
    Saturday, December 15, 2018 12:47 AM

All replies

  • Might be dependant on where your PSScript is being executed from

    Was your Custom Task sequence launched on a ready built machine where it works? Have you tried specifiying the entire path of your PowerShell script to ensure that it runs during the OS Deployment phase?

    Monday, December 17, 2018 9:06 AM
  • This can depend on if the machine has joined the domain at this point or not. If it has not joined the domain you may need to map a drive letter to the share first. To make sure the script is running under a specific account you need to enable that option on the task for that script and provide credentials for an account with access. You will use a command line task and run the powershell from there and enable the option "run this step with the following account"

    However it is much easier to put those scripts in the script folder in MDT. I do this with the Dell and HP programs used to modify the BIOS.

    Monday, December 17, 2018 1:17 PM
  • When you're doing a normal MDT deployment (booting from and MDT boot file) access credentials to your deployment share are defined boot.ini file. The deployment task sequence runs as the local Administrator account.

    Verify your deployment share permissions:

    • Share permissions should be r/w for Everyone or Authenticated User
    • Then use NTFS to restrict permissions
    • Create a MDT_user that has access to deployment share
    • Define the MDT_user and credentials in your boot.ini file
    Monday, December 17, 2018 3:17 PM