none
Deploy computer as if new RRS feed

  • Question

  • I am working on a OS deployment in MDT and have met an unfamiliar issue. For this particular deployment I need the computers to be deployed with a Win 10 image just like it they were new. This means no OOBE stuff, i just want the image applied and nothing else. The reason for this is that this way, when the machine is first started, the users can log on with a Microsoft account and Intune will handle the rest based on this account. The problem I face when using an OS task sequence in MDT is that the local Administrator account will log on during the deployment process to finish the task sequence, so the first real person to log on is not actually the first account on the computer.

    Any advice on how to achieve this will be much appreciated.

    Sunday, March 10, 2019 12:28 AM

All replies

  • I am working on a OS deployment in MDT and have met an unfamiliar issue. For this particular deployment I need the computers to be deployed with a Win 10 image just like it they were new. This means no OOBE stuff, i just want the image applied and nothing else. The reason for this is that this way, when the machine is first started, the users can log on with a Microsoft account and Intune will handle the rest based on this account. The problem I face when using an OS task sequence in MDT is that the local Administrator account will log on during the deployment process to finish the task sequence, so the first real person to log on is not actually the first account on the computer.

    Any advice on how to achieve this will be much appreciated.

    To make sure we're on the same page, i've only seen the ability to login with a microsoft account on initial startup through the OOBE process.

    By "no OOBE stuff" means you don't want the OOBE process to show after the WinPE imaging process is done, correct? This is what MDT should be doing by default.

    An active administrative account is needed to finish the task sequence as MDT needs to be able to read and execute with local system privileges to be able to modify the local installation, regarding the options list configured in the task sequence. This is why the local "Administrator" account is an ideal fit.

    If you mean to have the first user that logs onto the computer be a microsoft account-based user, then you would need to use the OOBE process to do that as far I know. There are options in the unattend.xml file under <OOBE> to specify which OOBE steps should be shown.





    • Edited by MDA400 Monday, March 18, 2019 10:31 PM
    Monday, March 18, 2019 8:39 PM
  • You may have to do this with just WDS and not MDT. As you know MDT uses the local admin account to do a lot thing such as installing applications but only after it logs onto the computer for the first time. You can build an image, sysprep and capture it just using WDS and they deploy it as well. It does need to log onto the desktop to complete its deployment. I used to do this before using MDT. You can quite easily setup scripts that run from the unattended passes to install drivers and applications.

    You will need to make a two boot image for WDS, one to deploy and one for capture and inject the boot critical drivers into it. If you want to try this route I can upload examples of scripts and an unattended file to get you started. Here is some information on creating the discover and capture boot images for WDS, http://www.itingredients.com/how-to-capture-image-and-deploy-image-using-wds/.

    Monday, March 18, 2019 10:53 PM
  • Hi Eirik,

    I believe that what what you is the opposite of what you asked for: You want OOBE to fire up when your user first boot the device to allow Intune enrollment.

    You should be able to do this with a few modification to the standard task sequence:

    - Remove the whole state restore part

    - In the Post install part remove steps Copy Scripts, Configure, Add Windows Recovery and Restart Computer.

    Now the task sequence should apply Windows image, prestage patches and drivers and stop.

    If you want the PC to shut down when done you can add the property FINISHACTION=SHUTDOWN to the [Default] section of your rules (CustomSettings.ini)

    I have to mention that i've not tested the solution, but i'm pretty confident. If you have problems, i'll be glad to help. 

    Tuesday, March 19, 2019 10:11 AM
  • Thank you, but I have already tried almost exactly the same, except that I skipped the postinstall section as well. No luck... I suspect it may be because of default settings in unattend.xml that will make things happen anyway. Testing with modified unattend now to see if I can make it work.
    Wednesday, March 20, 2019 1:55 PM
  • Thank you for answering

    You are probably right that using only WDS could do the trick, but that is not an option in this environment. We create ISOs in MDT that are shipped to serverless locations. Some computers will use MDT as it was supposed to be used so I need multiple options available from the wizard in PE where one is the one described above.

    Wednesday, March 20, 2019 2:01 PM
  • Thanks, I may have been unclear on the "OOBE stuff" :)

    What I meant was that I don't want MDT to handle OOBE, I want this to be handled by the user.

    Wednesday, March 20, 2019 2:03 PM