Tag Archives: Osd

How to create Custom WIM-file as a SCCM Boot Image with HTA-support

Purpose: Create your own Operating System Deployment Wizard in SCCM

You have been deploying operating systems with SCCM and have noticed some of its flaws, right? You really cant alter the built-in deployment wizard as much as you would like to? Just about the only thing that you CAN do is to add Task Sequence variables into a predefined wizard window. To be able to modify the OSD more into your liking will require some web-coding skills (yes, you read right)

Continue Reading

Customize WinPE OSD Wizard in SCCM 2012

Purpose: Create your own Operating System Deployment Wizard in SCCM

You have been deploying operating systems with SCCM and have noticed some of its flaws, right? You really cant alter the built-in deployment wizard as much as you would like to? Just about the only thing that you CAN do is to add Task Sequence variables into a predefined wizard window. To be able to modify the OSD more into your liking will require some web-coding skills (yes, you read right)

Continue Reading

Create a bootable USB-drive for OS-installations

Purpose: Install an operating system with a USB-device.

This post has nothing to do with SCCM. You have an ISO file and want to install that ISO file MANUALLY with an USB-device without any automatisation (yeah, this might still be relevant after all).

Continue Reading

Read from an Active Directory computer object attribute (VBS)

Purpose: You have information that you need to read from an AD object attribute

Now that you have an attribute full of exiting new information, you need to get it down for business! From SCCM point of view – this usually is an AD computer object attribute (which value could be, for example, the physical location of the computer or the year the computer has been purchased, etc.). Yes well im glad if you also had read my previous article “Write to an Active Directory computer object attribute (VBS). You should know then that I really did not bother to come up with anything original to this description, its just a copy paste! But the script below really does what the topic claims it to do. With the script you can read the attribute value and continue your adventure with it anyway you want!

Usage: cscript.exe IT_OSD_VBS_ReadComputerADAttribute.vbs (no parameters exist)
Debugging: You can uncomment the msgbox rows, to see what values you are receiving.
Configuration: You need to change the AD Attribute that you want to read.

Continue Reading

Write to an Active Directory computer object attribute (VBS)

Purpose: You have information that you need to write to an AD objects attribute

Fancy stuff: you are in a dire need to automate AD object attribute writing. Usually (from SCCM point of view) this object is a computer object, and the attribute contains some additional information about the computer that your corporation has requested. This additional information could be, for example, the physical location of the computer or some specific owner details. The script below allows you to write to the current computer AD object (because it is used usually in a task sequence). Happy writing!

Usage: cscript.exe IT_OSD_VBS_WriteToComputerObjectAttribute.vbs (no parameters exist)
Debugging: You can uncomment the msgbox rows, to see what values you are receiving.
Configuration: You need to change the AD Attribute that you want to write to

Continue Reading

Show Workstation Name in Computer Icon and Start Menu (BAT)

Purpose: Show the Workstation name on Desktop and Start Menu (natively)

The case everyone is familiar with (more or less) is the case of getting a customer to tell the support personnel their computer name. This can be done with multiple different ways (tag the computer with stickers, link username and computer name in your management tool, or create something that helps the user to tell it). The way I’m going to demonstrate is suited for some cases: create something that helps the user to tell it. In this case it is going to be by renaming the “Computer” icon on the public desktop and forcing it to be shown there. This will also then rename the Start Menu “Computer”.

Requirements: SetACL.exe (http://helgeklein.com/setacl/) / included in the download
Usage: start “Configure” /wait IT_OSD_BAT_ShowWorkstationNameInMyComputer.bat
Debugging: The script must be ran as NT AUTHORITY/SYSTEM (ie. the installing force of SCCM).
Configuration: No need.
Continue Reading

Enable Remote Desktop from Command-line (BAT)

Purpose: Enable Remote Desktop on Workstations from Command-line

To gain access to the unsuspecting victims.. er.. customers, you can use the magnificent built-in tool of RDP! This even allows you to do your work hidden so the customer will not actually see what you are doing, how neat is that? (Well of course this is not neat in a situation where the customer wants to show you something but lets not go into that.) To enable RDP on a remote workstation, you can use the following registry change. Like many configuration options, this can be implemented through various ways. This script can be added to SCCM as an application and use the registry change as Detection Method. This way – if the setting is already as we want – SCCM will not do anything on the workstation.

Usage: start “Configure” /wait IT_OSD_BAT_EnableRemoteDesktop.bat

Continue Reading

Enable Remote Registry Service (BAT)

Purpose: Start the Remote Registry service during system startup

In corporate environments, administrative users and support personnel might need to be able to access the remote workstation registry. In these scenarios, the work can be done without disturbing the customer and then just informing the customer that the fix has been made. Unless this is set in the workstation image, you need to enable this afterwards. Luckily it can be done easily through SCCM application deployment. There are plenty alternative ways to do this (GPO, Login script, OS image, Packages, etc.). This method is just as straightforward as any of them and allows you to track its progress through the environment using the built-in tools of SCCM.

Usage: start “Configure” /wait IT_OSD_BAT_EnableRemoteDesktop.bat
Debugging: Occurs during next login. Should you need faster, start it instantly as well.
This can be done by running the following command: sc.exe start RemoteRegistry. The extra registry key is just for SCCM to be used as an application anchor (detection method).

Continue Reading

Move a Computer to an Active Directory Organizational Unit (VBS)

Purpose: During a SCCM 2012 Computer Deployment, troubleshoot your AD permissions

Ok – before you start with all the “Hey dude, there is a built-in action to do this!” -talks, hear me out first. Remember all those SCCM Task Sequence changes you made? And then tried the Task Sequence out by installing an operating system? You noticed that you had problems getting a computer to move to the correct Active Directory (AD) Organisational Unit (OU)? Made some troubleshooting changes and then tried again? Here is where this script will come in handy! You do not need to run through the Task Sequence just to see if your computer will now actually move to the correct OU (because this can take an hour, right?). You could do a new Task Sequence, with only one action, just to test if your workstation moves around AD  – but lets not stress that delicate System Center product with this. Most of the time problems with handling workstations in AD through SCCM are about permissions.

Usage: cscript.exe IT_OSD_VBS_MoveComputerADOU.vbs (no parameters exist)
Debugging: You can uncomment the msgbox rows, to see what values you are receiving.
Configuration: You need to change the AD OU location to suit your own environment.

Continue Reading

Join a Computer to an Active Directory Security Group (VBS)

Purpose: During a SCCM 2012 Computer Deployment, join the current computer to an AD SG

So you have been given a task to automate installations, welcome. More importantly,  there are several (… OK, one is enough) actions that occur to the desktop if it would be a member of an Active Directory (AD) Security Group (SG).  There is no automatic GUI to do this in System Center 2012 Configuration Manager (even SCCM 2012 SP1 wont save you on this one). Therefore you must script it. My example is straightforward. First you must know the LDAP of the SG you want the computer to join.  If you are new to this, in this case LDAP is a fancy word for “AD PATH”.  An example of AD PATH to a SG:

Continue Reading