Several years ago I started to use Jason Sandys’ OSDInfo Script. I liked the idea of having a script run during OSD that would write information to WMI, which made it easy to inventory. Now I do IPU (In Place Upgrade) so much more than OSD, and I wanted to do the same, gather important information from IPU and be able to use it for Reporting or creating collection queries.
I’ve taken Jason’s script and modified it… a lot. All of his plumbing is still in place (functionality to add information to WMI & Registry), but I’ve added a lot of logic around using the script for different functions.
The script is now broken into 3 sections, OSD (Operating System Deployment), CS (Compatibility Scan), IPU (In Place Upgrade). Using TS Variables, the script will run different sections of the script. This allows me to use the same script in numerous scenarios.
First, I’ll show you results, and then go into details about how it’s done. But I feel it’s easier to understand the script and process if you can see the end product.
Bonus: Learn to use Gmails SMTP service.
Updated 3/6 - added auto close feature, so if user ignores the window, it will auto close allowing the TS to continue. (Updated the 3rd Form image below to reflect the change)
Or if some of you awesome PowerShell guys want to make my code pretty and add that feature... 🙂
As I try to improve the user experience for in-place upgrades, notifications came to mind, and how to incorporate that into the process. Using the TS variable _SMSTSUserStarted = true, I launch a powershell driven “front end” to collect the user’s email, cell number & provider, then use that to notify user when process is complete.
If (You Enjoy Reading)
I thought that was a clever title, but it seems more confusing the longer I look at it… anyway, this is the follow up post to take BGinfo from MDT, and add it’s capabilities to the ConfigMgr In-Place Upgrade Task Sequence Process. If you’ve been working with in-place upgrade task sequences, you’ll know they are a different beast than regular OSD. You can’t just call an application and expect it to show up on the screen.. like in OSD, you can say Command Line Step: notepad.exe… and guess what, a notepad.exe window opens during the TS.. freaking amazing! Read more
If you use MDT, then you’re familiar with their use of changing the background and adding system information during the OSD process. This is pretty handy to get some basic info, but with a little tweaking, you can add additional data that can be very useful to make visible during OSD.
Basics, the required files used during this process are stored here: MDT Package\Tools\x64 & x86
Update 2017.11.29 - Thanks to @MrPRSmith for the idea, I was able to get FDE working using a pass-through disk, see bottom of post for more info.
Short post to go over something I found while researching Bitlocker Full Disk Encryption on Hyper-V virtual machines.
I was testing Enabling Bitlocker during our Task Sequence, and I didn’t have any physical machines to test on, no problem right? With Hyper-V, you can now enable virtual TPM on Gen2 VMs, and have all the yummy goodness of UEFI, Secureboot, Bitlocker, Credential Guard all on your VM! So I started testing, everything worked! But when I checked the Bitlocker Status (manage-bde –status), it showed I was only encrypting Used Space. While this would be fine for a Virtual Machine, I was confused because I told it to use Full Disk, NOT used space. I ran many tests, trying several different things, but in the end, it never came out as I expected, with Full Disk. Even post OSD, if I decrypted, ensured policy was set for Full Disk, it would only encrypt Used Space. Finally, I gained access to a physical test machine, ran the exact same Task Sequence, and there it was, Full Disk Encryption. – Testing done on Hosts: Win 10 1607, 1709 & Server 2016. VM’s running 1703 and 1709. Security settings were set to Enable Secure Boot & Enable TPM, tested Dynamic expanding & fixed disks. (Not Pass-through)