MDT – Automated vDisk Imaging with BIS-F

I thought the imaging of a vDisk via Microsoft Deployment Toolkit and BIS-F is a no-brainer. Unfortunately I was wrong and spend some hours until I got a fully automated setup . So when is the right moment to start BIS-F and seal the image? We can not tigger it during the task sequence otherwise the vDisk would be broken because:

– The auto-login is still enabled
– The deployment share drive  is still connected
– MININT directory on C:\ etc.

With the available information my plan was to write a script (last action in the TS) which should do the following things:

1.Change Auto-Login to my MDT Build Service Account
2.Add a RunOnce Key to trigger a custom script
3.Reboot

Action of the custom script:
1.Disable Auto-Login
2.Remove Password (cleartext) of Service Account
3.Run BIS-F to start the sealing

Result: This was not working at all. The autologin for my build account was never applied to the registry.  Whats going on?

The problem with MDT and running BIS-F  is the following -> As soon a TS finishes the last step is always to run the cleanup script “LTICleanup.wsf” which is disabling the auto-login. You can not change this behavior.

Snippet of the LTICleanup.wsf:

2019-03-15 14_38_25-mRemoteNG - confCons.xml - MDT-01

Because I am not only deploying my Golden Images with MDT I did not want to edit the LTICleanup.wsf which would break my other machines from a sucesfull deployment. I was asking arround for a solution and Martin Therkelsen gave me a hint that I should have a look at the “Final Configuration for MDT 2013” from Johan Arwidmark. This was exactly I was looking for. Shout-Out to Johan. Thanks for providing the script 🙂 There is also an older blog post  from Eric Haavarstein who encountered the same problem. I slightly modified his version and put some more explanations whats going on under the hood of MDT.

With the help of the Final Configuration for MDT we can apply the default “LTICleanup.wsf” script AND we can run additional commands which is not possible with MDT out of the box. When you download the sources from Johans website you will find a “FinalConfig.hta” file which we need to edit for our needs. Replace the code starting in line 112.

FinalConfig.hta

2019-03-15 15_51_53-mRemoteNG - confCons.xml - MDT-01

PrepareMDTBaseImage.cmd

REM  --- Disable the Auto Service Logon ---
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /d "0" /t REG_DWORD /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /f

REM --- Run BISF ---
PUSHD "%ProgramFiles(x86)%\Base Image Script Framework (BIS-F)"
CALL "PrepareBaseImage.cmd"

Create the Application in MDT

If you are following Johans instructions to create the application in your MDT workbench he will suggest you to choose “Application with source files”. I don’t let MDT manage my folder structure  because I  simply just don’t like the structure (eveything is in the root directory) and have my own conecpt for that. Thats why I always create the applications “without source files” which gives me more control about the final location.

Example:

Johans Way – “C:\Hydration\Applications\Final Configuration 2013”
My Way – “C:\Hydration\Applications\Scripts\Final Configuration 2013″

If you are going to choose Johans way everything will work fine but as soon you go for a custom application directory this will break the Final Configuration script because it can’t find it’s way to default script directory where the “LTICleanup.wsf” is located.

Too solve this issue you need to edit the “Configure-FinalConfig.wsf” script and modify the source directory (Line 2).

Before

 language="VBScript" src="..\..\scripts\ZTIUtility.vbs"/>

After

language="VBScript" src="..\..\..\scripts\ZTIUtility.vbs"/>

Install command and Working Directory

2019-03-17 13_55_37-Window

Integrate into Task Sequence

2019-03-17 13_55_01-Window

Customsettings.ini

Make sure the final action of the task sequence is NOT resulting in a reboot or shutdown of the system. This will break the Final Configuration script.

[00:0c:29:86:39:00]
OSDComputername = XA-02
TaskSequenceID = WRK-001
SkipDomainMembership = YES
SkipComputerName = YES
SkipTaskSequence = YES
SkipFinalSummary = YES
FinishAction=None

 

How does it look in action?

2019-03-17 13_12_18-Window

2019-03-17 13_13_27-Window

2019-03-17 13_16_30-Window

One thought on “MDT – Automated vDisk Imaging with BIS-F

Add yours

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: