none
Controlling Order Of Selected Applications Run Order RRS feed

  • Question

  • I have a task sequence and I have static entries for all applications that are part of the default build. I have a list of optional applications that run when the "Install Applications" action is listed. I need to add a secure delete/format option. I do not want it to run on every instance, but I want it available to select and if selected, run it before the formation/partition and OS installation. 

    Can this be done?

    Wednesday, December 3, 2014 6:45 PM

Answers

  • The MDT "Replace" task sequence has steps that support a secure delete/format option, you can start to look there.
    Otherwise, I'm not 100% sure what you are trying to do. Are you trying to secure delete/format disk 0 or some other disks on the system?

    If you are just trying to securely erase the old disk and install a new OS, all the while ensuring that no data is transferred over, I would just perform a "NewComputer" installation, with:

    * ensure that bitlocker is enabled in the wizard.

    * set BDEDisablePreProvisioning = YES

    * Set BDEWaitForEncryption = TRUE

    These steps will force a *COMPLETE* unrecoverable overwrite of the entire disk.


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com

    Thursday, December 4, 2014 12:45 AM
    Moderator

All replies

  • The MDT "Replace" task sequence has steps that support a secure delete/format option, you can start to look there.
    Otherwise, I'm not 100% sure what you are trying to do. Are you trying to secure delete/format disk 0 or some other disks on the system?

    If you are just trying to securely erase the old disk and install a new OS, all the while ensuring that no data is transferred over, I would just perform a "NewComputer" installation, with:

    * ensure that bitlocker is enabled in the wizard.

    * set BDEDisablePreProvisioning = YES

    * Set BDEWaitForEncryption = TRUE

    These steps will force a *COMPLETE* unrecoverable overwrite of the entire disk.


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com

    Thursday, December 4, 2014 12:45 AM
    Moderator
  • Thanks Keith for the reply. I have the requirement from the DoD to perform multiple passes (minimum of 3, max of 7) using a utility like SDelete. 

    We have BitLocker as an optional item as well so there may be a case where the previous drive was not encrypted. 

    I guess I can create two task sequences.

    Thursday, December 4, 2014 4:20 PM
  • Optional?!?!

    If your computers have sensitive data, then bitlocker should be mandatory.

    Having a laptop stolen, or a hard drive walk out of the building is a far more common threat vector. 7 pass DoD wipe won't protect you then.


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com

    Thursday, December 4, 2014 6:11 PM
    Moderator
  • Jason,

    I would say add those optional application into an application bundle and make the bundles optional.  Bundles can be ordered however you like.


    -BrianG (http://supportishere.com)

    Thursday, December 4, 2014 7:20 PM