MDT – Automated vDisk Imaging with BIS-F

Reading Time: 4 minutes

I thought the imaging of a vDisk via Microsoft Deployment Toolkit and BIS-F is a no-brainer. Unfortunately I was wrong and spend some hours until I got a fully automated setup . So when is the right moment to start BIS-F and seal the image? We can not tigger it during the task sequence otherwise the vDisk would be broken because:

– The auto-login is still enabled
– The deployment share drive  is still connected
– MININT directory on C:\ etc.

With the available information my plan was to write a script (last action in the TS) which should do the following things:

1.Change Auto-Login to my MDT Build Service Account
2.Add a RunOnce Key to trigger a custom script

Action of the custom script:
1.Disable Auto-Login
2.Remove Password (cleartext) of Service Account
3.Run BIS-F to start the sealing

Result: This was not working at all. The autologin for my build account was never applied to the registry.  Whats going on?

The problem with MDT and running BIS-F  is the following -> As soon a TS finishes the last step is always to run the cleanup script “LTICleanup.wsf” which is disabling the auto-login. You can not change this behavior.

Snippet of the LTICleanup.wsf:

2019-03-15 14_38_25-mRemoteNG - confCons.xml - MDT-01

Because I am not only deploying my Golden Images with MDT I did not want to edit the LTICleanup.wsf which would break my other machines from a sucesfull deployment. I was asking arround for a solution and Martin Therkelsen gave me a hint that I should have a look at the “Final Configuration for MDT 2013” from Johan Arwidmark. This was exactly I was looking for. Shout-Out to Johan. Thanks for providing the script 🙂 There is also an older blog post  from Eric Haavarstein who encountered the same problem. I slightly modified his version and put some more explanations whats going on under the hood of MDT.

With the help of the Final Configuration for MDT we can apply the default “LTICleanup.wsf” script AND we can run additional commands which is not possible with MDT out of the box. When you download the sources from Johans website you will find a “FinalConfig.hta” file which we need to edit for our needs. Replace the code starting in line 112.


2019-03-15 15_51_53-mRemoteNG - confCons.xml - MDT-01


Create the Application in MDT

If you are following Johans instructions to create the application in your MDT workbench he will suggest you to choose “Application with source files”. I don’t let MDT manage my folder structure  because I  simply just don’t like the structure (eveything is in the root directory) and have my own conecpt for that. Thats why I always create the applications “without source files” which gives me more control about the final location.


Johans Way – “C:\Hydration\Applications\Final Configuration 2013”
My Way – “C:\Hydration\Applications\Scripts\Final Configuration 2013″

If you are going to choose Johans way everything will work fine but as soon you go for a custom application directory this will break the Final Configuration script because it can’t find it’s way to default script directory where the “LTICleanup.wsf” is located.

Too solve this issue you need to edit the “Configure-FinalConfig.wsf” script and modify the source directory (Line 2).



Install command and Working Directory

2019-03-17 13_55_37-Window

Integrate into Task Sequence

2019-03-17 13_55_01-Window


Make sure the final action of the task sequence is NOT resulting in a reboot or shutdown of the system. This will break the Final Configuration script.

How does it look in action?

2019-03-17 13_12_18-Window

2019-03-17 13_13_27-Window

2019-03-17 13_16_30-Window


  1. Thanks for the article. Very helpful.
    Just wondering how you put the “PrepareMDTBaseImage.cmd” file on the disk during MDT TS.
    I am testing with BIS-F 7.1 I’ll just copy the file somewhere in TS

Leave a Reply

Your email address will not be published. Required fields are marked *