locked
How to Suppress Message saying "Message containing a password has been suppressed?" RRS feed

  • Question

  • On one of our task sequences, the summary page turns yellow with 1 error saying a message containing a password has been suppressed.

    The deployment is successful and we don't need to do anything about it, so it is a useless warning.

    I looked in the BDD.log and I see the reference to the error in there, but it is no more specific as to what is the cause.

    Is is the same OS image used in other task sequences without this error, so it must not be an issue with the OS installation itself and I can only assume it is something to do with a unique task inside the task sequence that clears the bios password, updates the bios and then resets the password.

    Is there a way to find specifics on what is generating this vague error message such as "unsupress" whatever is being suppressed so we can see the specifics of it or just suppress this error from being displayed?

    Thursday, August 7, 2014 6:51 PM

Answers

  • Wow, this thread is going nowhere.

    MyGposts - If you are still having problems, please copy your bdd.log file to a public site like OneDrive, and copy the link here.

    Yellow errors mean that MDT found a "warning" log message in the bdd.log file. The bdd.log segment from above does not contain the error.

    Whenever MDT comes across any log entry with the word "Password" in it, it will suppress adding that line to the log file for obvious reasons. An example of this might be if you have a install program like: "cmd.exe /c Implement-IT-Password-Policy.cmd" - If the script returns any error level, it will show up with the symptoms described above.

    You can disable this feature by running MDT with debug=true to see the real error. Having the real bdd.log file to look at can help us understand which component this happened with.


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com

    Monday, August 11, 2014 5:02 PM

All replies

  • I came across this issue a month ago. Visit this site!

    http://mickitblog.blogspot.com/2014/04/mdt-message-containing-password-has.html

    Thursday, August 7, 2014 6:58 PM
  • Specifically, there might be a mismatch between your unattend.xml and customsettings.ini files
    Thursday, August 7, 2014 7:04 PM
  • You can also put in your cs.ini:

    SkipFinalSummary=YES

    then no message will be displayed, unless it's an error which has caused the task sequence to stop.

    Removing information written to bdd.log isn't really something you can intervene with.


    If this post is helpful please click "Mark for answer", thanks! Kind regards

    • Proposed as answer by MrBrooks Thursday, August 7, 2014 7:25 PM
    • Unproposed as answer by Keith GarnerMVP Monday, August 11, 2014 4:53 PM
    Thursday, August 7, 2014 7:24 PM
  • You can also put in your cs.ini:

    SkipFinalSummary=YES

    then no message will be displayed, unless it's an error which has caused the task sequence to stop.

    Removing information written to bdd.log isn't really something you can intervene with.


    Is that a challenge? :)
    Thursday, August 7, 2014 7:25 PM
  • Don't know, but why make things any harder for yourself, if you can solve it any other way.

    But if you want to approach this, you'll need to change either your bdd.log or smsts.log on the local machine you are deploying. And since the file is in use, and constantly is being filled with information from the running task sequence, I just wouldn't spend to much time on it.

    But of course, there's always a desire, a wish or requirement from someone who thinks these things are important :)


    If this post is helpful please click "Mark for answer", thanks! Kind regards

    Thursday, August 7, 2014 7:32 PM
  • Specifically, there might be a mismatch between your unattend.xml and customsettings.ini files
    That doesn't make sense to me because we are using the same OS image for multiple OS deployments and I assume there is only one unattend.xml per OS image.
    Thursday, August 7, 2014 8:22 PM
  • Specifically, there might be a mismatch between your unattend.xml and customsettings.ini files

    I looked at the file through WSIM and I see  under 7 Autologon\Password\Settings\Value the password is showing in plain text in this unattend.xml.

    In the other deployment tasks, the password is encrypted showing random characters.  The password properties are grayed out so I cannot change Plaintext value from true to false.  How is this done?

    Thursday, August 7, 2014 8:42 PM
  • I figured out how to get the password value changed to plaintext false in WSIM and saved the changes, but I still get the same suppressed password warning screen at the end of the deployment.  So, there must be something else causing this issue.
    Friday, August 8, 2014 12:08 AM
  • Yeah I was just kidding, only thing I could think of was possibly stop sequence and parse the bdd.log.  Definitely NOT worth the effort, suppressing warnings with SKIPFINALSUMMARY is the way to go OP.  You can get warnings for all kinds of stuff that will look hazardous otherwise.  Cant reach the file location immediately on boot?  That's a warning.  Didn't type your password in correctly?  That's a warning. 
    Friday, August 8, 2014 2:51 PM
  • So, if you skip the summary then you don't get a deployment summary at all to warn you of failed tasks inside the task sequence?

    We occasionally get other errors, like failed to connect to share on first attempt, but is is pretty rare.

    This error is constant.  bdd.log has this in reference to the error:

    <![LOG[<Message containing password has been suppressed>]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[<Message containing password has been suppressed>]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Property SKIPBDDWELCOME is now = yes]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Using from [DEFAULT]: SKIPBDDWELCOME = yes]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[------ Done processing X:\Deploy\Scripts\Bootstrap.ini ------]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Remapping variables.]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Property TaskSequenceID is now = ]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Property DeploymentType is now = NEWCOMPUTER]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Finished remapping variables.]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[ZTIGather processing completed successfully.]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Command completed, return code = 0]LOG]!><time="14:16:07.000+000" date="08-07-2014" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">

    Friday, August 8, 2014 3:55 PM
  • You will still get errors and the red box on stop.  What you're seeing is a warning, not an error, similar to the can't reach the filer warning. 
    Friday, August 8, 2014 4:05 PM
  • Also ZTIGather does query the bios, if the password you're changing it to is plain text it's possible that's what's being suppressed.  I'm just guessing from reading ztigather.wsf though.
    Friday, August 8, 2014 4:08 PM
  • Wow, this thread is going nowhere.

    MyGposts - If you are still having problems, please copy your bdd.log file to a public site like OneDrive, and copy the link here.

    Yellow errors mean that MDT found a "warning" log message in the bdd.log file. The bdd.log segment from above does not contain the error.

    Whenever MDT comes across any log entry with the word "Password" in it, it will suppress adding that line to the log file for obvious reasons. An example of this might be if you have a install program like: "cmd.exe /c Implement-IT-Password-Policy.cmd" - If the script returns any error level, it will show up with the symptoms described above.

    You can disable this feature by running MDT with debug=true to see the real error. Having the real bdd.log file to look at can help us understand which component this happened with.


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com

    Monday, August 11, 2014 5:02 PM