none
MDT CustomSettings.INI and Connection-specific DNS Suffix RRS feed

  • Question

  • I have an environment with 2 domains.  No trust between the domains.

    I have a WSUS server in each domain.

    My server hosting the MDT 2013 U2 deployment share is allowed through the boarder firewall between the two domains.

    Basically I need to be able to deploy images to both domains (works) but depending on the "Connection-specific DNS Suffix" of the target, have it choose one of two WSUS servers.

    I have my primary WSUS server defined in CustomSettings.ini today, but it fails at that step on the 2nd domain.

    Instead of fighting the long battle to add a linked deployment share in my 2nd domain, is there away to leverage a UserExit script or other logic to choose which WSUS server to contact, based off of the "Connection-specific DNS Suffix"?

    Thanks,

    -Matt


    There's no place like 127.0.0.1

    Wednesday, October 26, 2016 6:17 PM

All replies

  • I'm thinking something like this:

    *DISCLAIMER* I have no VB experience.  I hacked this together from examples and have no idea if the context is correct.

    CustomSettings.ini

    WSUSServer=#GetDNSS("%WSUSServer%","%sDNSSuffix%")

    GetDNSSuffix.vbs

    objNetAdapter.DNSDomain
    
    Function UserExit(sType, sWhen, sDetail, bSkip) 
      UserExit = Success 
    End Function 
    
    Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\" &
    strNameSpace)
    
    Set colNetAdapters = objWMIService.ExecQuery("Select * from
    Win32_NetworkAdapter Where (AdapterTypeId = 0 And NetConnectionID =
    
    For Each objNetAdapter in colNetAdapters
    arrNetCardID(strCount) = objNetAdapter.SettingID
    arrNetCardIndex(strCount) = objNetAdapter.DeviceID
    
    Function GetDNSS(sWSUSServer,sDNSSuffix)
      If (objNetAdapter.DNSDomain = "Domain1") Then
        GetDNSS = "http://server1.domain1.com:8530"
      Else (objNetAdapter.DNSDomain = "Domain2") Then
        GetDNSS = "http://server2.domain2.com:8530"
      End If
    End Function


    There's no place like 127.0.0.1

    Wednesday, October 26, 2016 6:47 PM
  • If you have different gateways, you could modify customsettings.ini with that.

    [Settings]
    #Add DefaultGateway to Priority
    Priority=Init,DefaultGateway,Default
    
    [DefaultGateway]
    #Your first gateway
    1.1.1.1=FirstGatewayLocation
    #Your second gateway
    2.2.2.2=SecondGatewayLocation
    
    [FirstGatewayLocation]
    WSUSServer=http://<WSUS Server 1>:8530
    
    [SecondGatewayLocation]
    WSUSServer=http://<WSUS Server 2>:8530

    Wednesday, October 26, 2016 8:24 PM
  • 1. getting the DNS address of the Domain is easy:

    https://msdn.microsoft.com/en-us/library/ms992621

    But we can compress the code down into a single line:

    CreateObject("AdSystemInfo").DomainDNSName

    2. Now we can use the VBScript code injection functionality in ztigather.wsf to query for the domain name without the need for an extra file, by using the '#' tag:

    MyDNSName = #CreateObject("ADSystemInfo").DomainDNSName# 

    Don't forget to add MyDNSName to the "properties" list.

    3. Now we can create a conditional branch based off of the query by placing MyDNSName in the [settings] 'priority' field. ZTIGather will auto expand what ever MyDNSName is set to, and run that section. In my case my DNS server is set to 1e.local

    [Settings]
    Priority=Default,MyDNSName
    Properties=MyDNSName
    
    [Default]
    MyDNSName = #CreateObject("ADSystemInfo").DomainDNSName# 
    
    [1e.local]
    WSUSServer=WSUS.1e.local:8530
    
    [contoso.local]
    WSUSServer=WSUS.Contoso.local:8530

    4. Finally, to test the results, we can call ztigather.wsf directly to see how the machine will respond:

    cscript.exe //nologo c:\Deploy\scripts\ZTIGather.wsf /inifile:c:\test\test.ini /nolocalonly

    On My machine it looks like:

    <...>

    Using COMMAND LINE ARG: Ini file = C:\test\test.ini Finished determining the INI file to use. Added new custom property MYDNSNAME Using from [Settings]: Rule Priority = DEFAULT,MYDNSNAME ------ Processing the [DEFAULT] section ------ Property MYDNSNAME is now = 1e.local Using from [DEFAULT]: MYDNSNAME = 1e.local ------ Processing the [1e.local] section ------ Property WSUSSERVER is now = WSUS.1e.local:8530 Using from [1e.local]: WSUSSERVER = WSUS.1e.local:8530 ------ Done processing C:\test\test.ini ------

    <...>


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com


    Wednesday, October 26, 2016 8:27 PM
    Moderator
  • If you have different gateways, you could modify customsettings.ini with that.

    [Settings]
    #Add DefaultGateway to Priority
    Priority=Init,DefaultGateway,Default
    
    [DefaultGateway]
    #Your first gateway
    1.1.1.1=FirstGatewayLocation
    #Your second gateway
    2.2.2.2=SecondGatewayLocation
    
    [FirstGatewayLocation]
    WSUSServer=http://<WSUS Server 1>:8530
    
    [SecondGatewayLocation]
    WSUSServer=http://<WSUS Server 2>:8530

    I do.  Unfortunately hundreds of them.  Too many to maintain in a list.  :(


    There's no place like 127.0.0.1

    Wednesday, October 26, 2016 8:28 PM
  • In that case

    [Settings]
    Priority=MyDNSName,Default
    Properties=MyDNSName
    
    [MyDNSName]
    MyDNSName = #CreateObject("ADSystemInfo").DomainDNSName# 
    
    [Default]
    WSUSServer=WSUS.%MyDNSName%:8530
    
    Would require that all WSUS servers across the various domains would have the same name for organization.


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com

    Wednesday, October 26, 2016 9:05 PM
    Moderator
  • In that case

    [Settings]
    Priority=MyDNSName,Default
    Properties=MyDNSName
    
    [MyDNSName]
    MyDNSName = #CreateObject("ADSystemInfo").DomainDNSName# 
    
    [Default]
    WSUSServer=WSUS.%MyDNSName%:8530
    Would require that all WSUS servers across the various domains would have the same name for organization.


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com

    Keith, my reply wasn't to you.  I think your solution will work fine.  I ran into some issues testing it last night.  I think I had something wrong with the way I shoehorned this into my existing CustomSettings.ini, because it wasn't picking it up and was skipping all of my settings as well.

    Going to do more testing today.

    Thanks!

    -Matt


    There's no place like 127.0.0.1

    Thursday, October 27, 2016 2:35 PM
  • 1. getting the DNS address of the Domain is easy:

    https://msdn.microsoft.com/en-us/library/ms992621

    But we can compress the code down into a single line:

    CreateObject("AdSystemInfo").DomainDNSName

    2. Now we can use the VBScript code injection functionality in ztigather.wsf to query for the domain name without the need for an extra file, by using the '#' tag:

    MyDNSName = #CreateObject("ADSystemInfo").DomainDNSName# 

    Don't forget to add MyDNSName to the "properties" list.

    3. Now we can create a conditional branch based off of the query by placing MyDNSName in the [settings] 'priority' field. ZTIGather will auto expand what ever MyDNSName is set to, and run that section. In my case my DNS server is set to 1e.local

    [Settings]
    Priority=Default,MyDNSName
    Properties=MyDNSName
    
    [Default]
    MyDNSName = #CreateObject("ADSystemInfo").DomainDNSName# 
    
    [1e.local]
    WSUSServer=WSUS.1e.local:8530
    
    [contoso.local]
    WSUSServer=WSUS.Contoso.local:8530

    4. Finally, to test the results, we can call ztigather.wsf directly to see how the machine will respond:

    cscript.exe //nologo c:\Deploy\scripts\ZTIGather.wsf /inifile:c:\test\test.ini /nolocalonly

    On My machine it looks like:

    <...>

    Using COMMAND LINE ARG: Ini file = C:\test\test.ini Finished determining the INI file to use. Added new custom property MYDNSNAME Using from [Settings]: Rule Priority = DEFAULT,MYDNSNAME ------ Processing the [DEFAULT] section ------ Property MYDNSNAME is now = 1e.local Using from [DEFAULT]: MYDNSNAME = 1e.local ------ Processing the [1e.local] section ------ Property WSUSSERVER is now = WSUS.1e.local:8530 Using from [1e.local]: WSUSSERVER = WSUS.1e.local:8530 ------ Done processing C:\test\test.ini ------

    <...>


    Keith Garner - Principal Consultant [owner] - http://DeploymentLive.com


    Not quite sure what I'm doing wrong.  Previously I had changed the names of some of your properties, and it either didn't like that, or I had some other context error.  I revered the changes and tried again using your values as is (except for server / domain specifics), and now CustomSettings.ini is being processed correctly.

    Except for the script property.  What I'm getting back is:

    Property WSUSSERVER is now = #CreateObject("ADSystemInfo").DomainDNSName# 

    Here is the entirety of my CS.ini

    [Settings]
    Priority=Default,MyDNSName
    Properties=MyCustomProperty,MyDNSName
    
    [Default]
    OSInstall=Y
    SkipApplications=YES
    SkipAppsOnUpgrade=YES
    SkipCapture=NO
    SkipAdminPassword=YES
    SkipProductKey=YES
    BitsPerPel=32
    VRefresh=60
    XResolution=1
    YResolution=1
    BDEInstallSuppress=YES
    ;HIDESHELL=YES
    
    ;------------------------
    ;RADIA SETTINGS
    ;------------------------
    ;DoNotCreateExtraPartition=YES
    
    ;------------------------
    ;DEPLOYMENT
    ;------------------------
    SkipFinalSummary=No
    SkipLocaleSelection=YES
    KeyboardLocale=en-US
    UserLocale=en-US
    UILanguage=en-US
    SkipBitlocker=YES
    SkipPackageDisplay=YES
    SkipProductKey=YES
    SkipSummary=YES
    SkipTaskSequence=NO
    SkipTimeZone=Yes
    TimeZone=020
    SkipLocaleSelection=YES
    TimeZoneName=Central Standard Time
    
    ;-----------------
    ;Computer Name Script
    ;-----------------
    UserExit=GetComputerNameMSTR.vbs
    OSDComputerName=#GetCN("%ComputerName%","%SerialNumber%","%Model%")#
    
    ;-----------------
    ;WSUS (Disable to use Windows Update)
    ;-----------------
    
    MyDNSName = #CreateObject("ADSystemInfo").DomainDNSName# 
    
    [PROD.com]
    WSUSServer=http://server.prod.com:8530
    
    [TEST.com]
    WSUSServer=http://server.test.com:8530
    
    ;-----------------
    ;USMT
    ;-----------------
    SkipUserData=No
    USMTMigFiles001=custmiguser.xml
    USMTMigFiles002=migapp.xml
    USMTMigFiles003=MigOverride.xml
    UserDataLocation=NETWORK
    UDShare=\\server\Deploy$\MigData
    UDDir=%ComputerName%
    ScanStateArgs=/o /v:5 /localonly /uel:30 /ue:%computername%\Administrator 
    LoadStateArgs=/c /v:5
    
    ;-----------------
    ;LOGGING
    ;-----------------
    SLShare=\\server.prod.com\Deploy$\Logs
    UserID=WhatEver
    UserDomain=WhatEver
    UserPassword=WhatEver
    EventService=http://server.prod.com:9800
    
    ;-----------------
    ;BUILD&CAPTURE
    ;-----------------

    -Matt


    There's no place like 127.0.0.1

    Thursday, October 27, 2016 4:23 PM