Automated Client Recovery from Rollback or OS Uninstall

This is a slim down version of our Recovery & OS Uninstall Solutions that we will be presenting at MMS 2019, and will blog the fancy version then.

What this does:  Restores the CM Client to a working state after a failed upgrade (Rollback) or if the system performs a Revert from New Build to Older Build after successful upgrade (OS Uninstall).

What happens to the CM Client during those Scenarios? Bad things man, bad things.  Client is in provisioning mode, and services are disabled, it also returns to a place in time that it thinks it is running the upgrade task sequence.
image

Current MS Bugs… SetupRollback.cmd  I’ve personally never been able to get this to run during a rollback, and MS has confirmed that there is a bug where it does not run during OS Uninstall.

My original plan was to tie into setuprollback.cmd, but without that, I’ve had to rely on creating some scheduled tasks that call powershell script that does the remediation.

So what does this slim down version do?
Before Upgrade, you have it copy PowerShell Scripts Local, and Create the Scheduled Task

  1. The Schedule task, Runs Daily and on Boot, calls PowerShell Script that Remediates issues.
  2. PowerShell checks for Rollback Key (HKLM:\SYSTEM\Setup\Rollback) then runs
    1. Removes from Provisioning Mode
    2. Run CCMEval to fix disabled Services
    3. Resets the Task Sequence so that Software Center is usable again.
      1. It also checks for the Windows 10 Setup Engine and kills that.**
    4. Copies logs to Server (File Share)

** In many of my tests, I found that due to the place the "Snap Shot" it taken by Windows, when the machine rolls back, it is in the middle of the Task Sequence, on the Step "Upgrade Windows", which calls the Setup Engine.  After a rollback, and you fix the CM Client, it thinks it is running a TS and tries to pickup where it left off... triggering the Setup Engine... if you don't do anything, it will actually run the Windows 10 Upgrade, and perhaps the issue that broke the upgrade the first time is still present and now you're in a upgrade / fail loop.  In image below, if you look closely at the logging I've added, you see that it actually saw Windows 10 Setup Engine was running, and it then successfully killed it.  You can see the extra lines of code in the Remediation Script... do a search for "SetupHost"

1902 removes computer from Provisioning Mode within 24 hours.. which is great, but that doesn't get you nearly far enough.  If you have a client health script running, it should fix the client, however it will NOT kill the Task Sequence or Prevent the accidental relaunch of the Setup Engine... Plus it will take 1 to 2 days before you'd even be aware of the issue.  My script will resolve these issues and get you back up and running in 10 - 15 minutes after the failure.

UserVoice: OSUninstall - Make ConfigMgr Aware of going back to previous builds

OK... to the Solution I've built (Stand alone Version)

In Old Build (1803)
image
image

image

So now that all the “Stuff” is installed on the “old” build, you’re ready to upgrade, go ahead and run the upgrade to the new build.  Note, you can add this into your upgrade TS. At MMS we’ll present how we add this into our Upgrade TS, before the Upgrade Step, and how we clean it up after the upgrade step.

For now, this will work for you to make sure you’re protected if someone fails the upgrade or if someone chooses to OS Uninstall (Go back to previous version)

Image after Rollback … Rollback Registry Key is present, you can see the script logging, and software center is back to working.  It also shows the Upgrade TS as Failed, instead of Installing.  Everything is back up and working, so you could then try the upgrade again.

image

 

Application:
Content Tab: Location where you place the 3 Files:
Install Command: "LoadOSRollbackRecovery.cmd"
Uninstall: powershell.exe -command "Unregister-ScheduledTask -TaskName OSRollbackRecovery -Confirm:$false"
image
Detection: File  %Windir%\System32\Tasks OSRollbackRecovery  (AKA The Name of the Scheduled Task)
image

LoadOSRollbackRecovery.cmd

OSRollbackRecovery.xml

 

RollBackRecoveryStandAlone.ps1

 

Download (if Copy / Paste isn't your thing) : Rollback Recovery Stand Alone (53 downloads)

 

Posted on GARYTOWN.COM

2 thoughts on “Automated Client Recovery from Rollback or OS Uninstall”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.