Issues with MDT deployment RRS feed

  • Question

  • Hi, I hope someone can help me. We use MDT to deploy Windows 7 to desktops and laptops. This was working great until recently. The deployment deploys the image but it fails to logon to the computer once the deployment is done so that it can do the Post Install steps in the Task sequence.

    I have Auto Logon enabled in 7 oobe System section of the unattend.xml but when it gets to this part it says username/password incorrect. If I manually enter the password set in this step it logs on and carries on with the rest of the task sequence. I have tried creating a totally new task sequence and unattend.xml but i still get the same issue. I have tried changing the account it users from the defualt built in admin account to a domain account but still get the message username/password are incorrect. Is anyone able to help?

    Friday, October 28, 2016 6:28 AM

All replies

  • There are multiple places where the admin password could be pre-loaded. Did you check your customsettings.ini?

    How about group policies? Is there a password under your unattend.xml?

    Friday, October 28, 2016 11:55 AM
  • Checked customsettings.ini and the password set in there is correct. There is no group policy that would change the local Administrator account password.

    I do have a password in the unattend.xml file but again this is the same as all the other passwords. This was working absolutely fine and has been for over a year. It's just been in the last month or so that it started saying the username/password was incorrect. If you manually log on with the local admin account and the password set in the deployment it logs on and carries on the application installs etc.

    Friday, October 28, 2016 12:03 PM
  • MDT uses administrator as the username. Are you using the same name or does it change?
    Friday, October 28, 2016 12:07 PM
  • User name is administrator. Only thing that changes with that account is that the very last step is it gets disabled. other than that it's just the default built in local administrator account
    Friday, October 28, 2016 12:09 PM
  • When you say disabled, how are you implementing this step? In your task sequence or domain policy?
    Friday, October 28, 2016 12:10 PM
  • It's a task sequence the very last thing it runs
    Friday, October 28, 2016 12:11 PM
  • IF you modify your unattend.xml file in the \\sever\deploymentshare$\control\TaskSequence\ folder then yes, you can break auto login.

    1. Where does the password get read and processed from?

    2. What is set in your unattend.xml file? did you hard code a value here?

    3. IF you are still having problems, please copy your bdd.log file and unattend.xml file to a public site like one drive and share the link here. ( you can replace any passwords set to 1234567890 for security ).

    (oh and group polices can break the autologin process, try once without joining a domain).

    Keith Garner - Principal Consultant [owner] -

    Saturday, October 29, 2016 3:13 AM
  • Thanks for the response. The password is set in the Task Sequence. So when creating a new Task Sequence going through the wizard it is set there.

    The password is a very secure Pa$$w0rd from what I can see this password is set everywhere in the Task Sequence and the unattend.xml Below is a link to my OneDrive where I have copied the unattend.xml and the dbb.log file!AnYt9v0ty7LIgYxK7zJmjT28Cui0Ng

    Monday, October 31, 2016 10:59 AM
  • I went through your bdd log and a line(//settings[@pass="oobeSystem"]/component[@name="Microsoft-Windows-Shell-Setup"]/UserAccounts/LocalAccounts not found in C:\MININT\Unattend.xml, unable to update.)

    stuck out at me. Keith also elaborated on this line here

    and another thread here

    Take a look and see if these are helpful.

    Monday, October 31, 2016 11:44 AM
  • Hi and thanks for the response.

    I'm confused as to what creates the Local Administrator account then. I thought MDT used the default Administrator account. I've checked the unattend.xml and the switch to enable the account is set to run as per suggestion on the 2nd link you provided. However it still says username/password is incorrect. I even tried adding a line into the xml to create a local account called Administrator but this still didn't fix the issue.

    Monday, October 31, 2016 2:00 PM
  • What is the message when you deploy? Does it say incorrect password, or account disabled? 

    Monday, October 31, 2016 2:01 PM
  • It just says Incorrect username/password but if i manually enter the highly secure password of Pa$$w0rd, which is what MDT should be using for the account, it logs in
    Monday, October 31, 2016 2:03 PM
  • Okay good information. Did you create a custom unattend? There is a conflict somewhere between (3) possible areas..

    Unattend.xml, Task sequence, and customsettings.ini

    Did you place the password in your customsettings?

    I have this in mine


    Monday, October 31, 2016 2:10 PM
  • I have just checked and the customsettings has the SkipAdminPassword = Yes but i've not then got the AdminPassword= bit. I'll try adding that in and see if that makes any difference.
    Monday, October 31, 2016 2:14 PM
  • Yes, please enter the password as well...
    Monday, October 31, 2016 2:19 PM
  • Same thing, I'll trawl through the system and double check but I'm 99% sure there is no other password it would be trying to use
    Monday, October 31, 2016 2:45 PM
  • How are you deploying? USB, PXE, CD, ?

    Monday, October 31, 2016 2:46 PM
  • PXE boot
    Monday, October 31, 2016 2:47 PM
  • OK, this thread has diverged into several topic here and I'm going back to the original issue.

    From what I can tell, the root of the problem is that you opened the unattend.xml file with the Windows System Image Manager, *manually* entered the administrator password in there, and the selected the "encoded" option. MDT does not handle the encoded option, so it overwrote the value with the plaintext value *without* updating the <PlainText>false</PlainText> element, thus creating a failed installation.

    Please leave the unattend.xml file alone. As a fix, please us a diff tool like WinDiff to merge the unattend.xml file back to the original state.

    Keith Garner - Principal Consultant [owner] -

    Monday, October 31, 2016 5:51 PM
  • Thanks will give this a try, although when i created the new task sequence i didn't open the unattend file or manually enter the admin password. The only place i entered the admin password on the new task sequence was in the wizard where it says "admin password" so i'm not convinced this is the issue. And you have highlighted one of my major bugbears with the technet forums that someone can mark their own response as the answer. therefore i will unmark it as the answer until it's actually been proven that it is the answer to the question.
    Tuesday, November 1, 2016 7:41 AM
  • This didn't work. Same issue persists. Created a totally new tasksequence and therefore a new unattend.xml never opened the xml file so haven't *manually* entered the admin password in there and i still get Username/password are incorrect.
    Tuesday, November 1, 2016 1:55 PM
  • if you are still having problems, please copy your bdd.log and unattend.xml file to a public site like onedrive and share the link.

    Keith Garner - Principal Consultant [owner] -

    Tuesday, November 1, 2016 4:06 PM
  •!AnYt9v0ty7LIgYxK7zJmjT28Cui0Ng both log and unattend.xml are in this link

    Thursday, November 3, 2016 10:27 AM