How To Remediate An Incorrectly Deployed OSD Task Sequence In System Center Configuration Manager 2007

October 27, 2011, 9:50 am

≫ Next: Fix: ConfigMgr 2007 OSD deployments fail with error: 0x800700B7 in loadstate.log

≪ Previous: No Assigned Task Sequence when initiating deployments caused by duplicate SMBIOS GUIDs (System UUIDs) in System Center Configuration Manager 2007

The below article outlines the steps that should be taken if a Task Sequence is deployed to an incorrect set of computers. Since mistargeting a Task Sequence could result in total data loss on the computers that were mistargeted, time is of essense to...(read more)

↧

Fix: ConfigMgr 2007 OSD deployments fail with error: 0x800700B7 in loadstate.log

January 12, 2012, 9:05 am

≫ Next: When deploying Windows Server 2008 using a Configuration Manager OSD Task Sequence, additional disks may show as offline when the Task Sequence completes

≪ Previous: How To Remediate An Incorrectly Deployed OSD Task Sequence In System Center Configuration Manager 2007

Hi everyone, David Smith here. I’m a Senior Support Engineer here on the ConfigMgr team and I recently came across an interesting issue that I thought might be worth a mention here on our blog. In this case, an Operating System Deployment (OSD) using System Center Configuration Manager 2007 SP2 would fail and in the loadstate.log file we would see the following:

2011-12-13 13:40:19, Error [0x080000] There was an error while calling CreateProfile. Error: 0x800700B7
2011-12-13 13:40:19, Error [0x000000] Error 0 creating profile for user domain\user1 (source user domain\user1)
2011-12-13 13:40:19, Info [0x000000] Failed.[gle=0x00000006]
2011-12-13 13:40:19, Info [0x000000] A Windows Win32 API error occurred
Windows error 0 description: The operation completed successfully.[gle=0x00000006]
2011-12-13 13:40:19, Info [0x000000] USMT Completed at 2011/12/13:13:40:19.782[gle=0x00000057]

NOTE In your log you will see an actual User ID.

The issue would happen in a refresh scenario where, for example, you might be migrating from Windows XP to Windows 7 and repurposing the old hardware. It should also happen in all version of ConfigMgr 2007, not just SP2.

After doing a little troubleshooting we found that the WIM image contained a partial user profile named domain\user1, meaning that the reference computer had been joined to the domain and user1 had logged onto the machine. In this situation, when we refreshed the computer of domain\user1 it would fail with the above error but when we refreshed the computer of domain\user2 it would succeed.

To fix this issue, we rebuilt the reference computer ensuring that no partial user profiles existed, and then captured it again creating a new WIM image. Once we did this everything worked as expected.

To ensure that no profiles exist you should clean out all profiles through the control panel and then remove whatever is left in the registry key below:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Hope this helps!

David Smith | Senior Support Engineer

Get the latest System Center news onFacebookandTwitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

When deploying Windows Server 2008 using a Configuration Manager OSD Task Sequence, additional disks may show as offline when the Task Sequence completes

January 23, 2012, 11:10 am

≫ Next: KB2509007 does not install correctly when installed at the same time as KB977203 or KB977384

≪ Previous: Fix: ConfigMgr 2007 OSD deployments fail with error: 0x800700B7 in loadstate.log

The below article was first published over The Configuration Manager Support Team Blog site. However we recently discovered that the method described in the article would only work when deploying from an Operating System Install Package (deploying from...(read more)

↧

KB2509007 does not install correctly when installed at the same time as KB977203 or KB977384

February 3, 2012, 11:31 am

≫ Next: KB: When using prestaged media in Configuration Manager 2007, the partition name is set to the ID of the user who created it

≪ Previous: When deploying Windows Server 2008 using a Configuration Manager OSD Task Sequence, additional disks may show as offline when the Task Sequence completes

We recently discovered an issue that KB2509007 would not install properly if installed at the same time as either KB977203 or KB977384 via the PATCH= option in the " Setup Windows and ConfigMgr " task. We were able to reproduce the issue internally and...(read more)

↧

KB: When using prestaged media in Configuration Manager 2007, the partition name is set to the ID of the user who created it

May 10, 2012, 2:55 pm

≫ Next: PXE Cache Expire Behavior in Configuration Manager 2007 SP1 and SP2

≪ Previous: KB2509007 does not install correctly when installed at the same time as KB977203 or KB977384

Here’s a new Knowledge Base article we published this morning. This one discusses an issue where the partition name is set to the ID of the user who created it when using prestaged media in System Center Configuration Manager 2007.

=====

Symptoms

When creating and deploying prestaged media using System Center Configuration Manager 2007, when the WIM comes back from the OEM on a new target machine the label of the C: drive on the target machine is set to the ID of the user that created the media.

NOTE See the following for more information about prestaged media: http://blogs.technet.com/b/configurationmgr/archive/2011/01/11/how-to-stage-task-sequence-prestaged-media-on-a-hard-drive-in-configuration-manager-2007.aspx

Cause

This occurs because the media creation process manipulates the label of the C: drive by editing the label attribute in AutoRun.INF.

Resolution

Follow these steps to modify AutoRun.INF (which is inside the WIM) and remove the label attribute:

1. Run imagex.exe to mount the WIM (for example: WIM is e:\osd2\image3.wim):

C:
Cd\
Md mount
Cd\program files\windows aik\tools\x86
Imagex.exe /mountrw 1 e:\osd2\image3.wim c:\mount

2. Edit AutoRun.INF removing the lines containing Label= and Icon=:

Notepad c:\mount\autorun.inf

3. Run imagex.exe to unmount the WIM (make sure to exit out of c:\mount or a File in Use error may occur):

Imagex.exe /unmount /commit c:\mount

4. Update the WIM image on all Distribution Points with a new package source version.

5. Continue following the standard steps to create and deploy prestaged media per the article listed below in the More Information section.

More Information

How to stage Task Sequence Prestaged Media on a hard drive in Configuration Manager 2007 : http://blogs.technet.com/b/configurationmgr/archive/2011/01/11/how-to-stage-task-sequence-prestaged-media-on-a-hard-drive-in-configuration-manager-2007.aspx.

=====

For the most current version of this article please see the following:

2702735 - When using prestaged media in Configuration Manager 2007, the partition name is set to the ID of the user who created it

J.C. Hornbeck| System Center & Security Knowledge Engineer

Get the latest System Center news onFacebookandTwitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

PXE Cache Expire Behavior in Configuration Manager 2007 SP1 and SP2

June 1, 2010, 10:43 am

≫ Next: Solution: Boot images may be missing or unable to be imported through the ConfigMgr 2007 admin console

≪ Previous: KB: When using prestaged media in Configuration Manager 2007, the partition name is set to the ID of the user who created it

Looks like the ConfigMgr documentation team has been at it again, this time creating an awesome explainer for PXE cache expiration behavior in Configuration Manager 2007 SP1 and SP2. If you've ever encountered a situation where running a second OSD Task Sequences within an hour or so results in the second deployment being ignored and failing to start then this may explain what's going on. On the plus side, it also talks about a fix that's already documented in KB969113. You can read all the details of their post here.

J.C. Hornbeck | System Center Knowledge Engineer

↧

Solution: Boot images may be missing or unable to be imported through the ConfigMgr 2007 admin console

June 17, 2010, 9:01 am

≫ Next: OSD image creation via web page

≪ Previous: PXE Cache Expire Behavior in Configuration Manager 2007 SP1 and SP2

Here's an interesting issue I've run into a couple times and since I didn't see it documented anywhere I thought I'd give everyone a heads up here.

When using System Center Configuration Manager 2007 you may find that you have missing default boot images and that you're unable to import boot images through the administrator's console. When you try to import a boot image you get the following error:

System Events -
“{Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\TEMP\BootImages\{6488069C-63E9-44AA-8C47-BB2A3EDD6B75}\mount\Windows\system32\config\SYSTEM' was corrupted and it has been recovered. Some data might have been lost.”

You may also see these errors in the DISM.log:

<date-time>, Error CBS Failed to load offline store from boot directory: '\\?\C:\Windows\TEMP\BootImages\{3401126F-CE34-476A-9C70-535FC749FCEA}\mount\' and windows directory: '\\?\C:\Windows\TEMP\BootImages\{3401126F-CE34-476A-9C70-535FC749FCEA}\mount\Windows\' [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND]
<date-time>, Error CBS Failed to initialize store parameters with boot drive: C:\Windows\TEMP\BootImages\{3401126F-CE34-476A-9C70-535FC749FCEA}\mount and windows directory: C:\Windows\TEMP\BootImages\{3401126F-CE34-476A-9C70-535FC749FCEA}\mount\Windows [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND]
<date-time>, Error DISM DISM Package Manager: PID=14568 Failed initializing the session - CDISMPackageManager::RefreshInstanceAndLock(hr:0x80070002)
<date-time>, Error DISM DISM Package Manager: PID=14568 Failed doing internal initialization - CDISMPackageManager::Initialize(hr:0x80070002)
<date-time>, Warning DISM DISM Provider Store: PID=14568 Failed to call Initialize method on IDismServicingProvider Interface - CDISMProviderStore::Internal_LoadProvider(hr:0x80070002)
<date-time>, Warning DISM DISM Provider Store: PID=14568 Failed to Load the provider: C:\Windows\TEMP\3CE573A0-8E9B-4337-A1F1-4AF0E74A5E5F\CbsProvider.dll. - CDISMProviderStore::Internal_GetProvider(hr:0x80070002)

and

<date-time>, Error DISM DISM OS Provider: PID=14568 Failed to open the key Microsoft\Windows NT\CurrentVersion. - CDISMOSServiceManager::DetermineBootDrive(hr:0x80070002)
<date-time>, Error DISM DISM Driver Manager: PID=14568 Failed to getting the boot drive from the os services provider. - CDriverManager::Initialize(hr:0x80070002)
<date-time>, Warning DISM DISM Provider Store: PID=14568 Failed to call Initialize method on IDismServicingProvider Interface - CDISMProviderStore::Internal_LoadProvider(hr:0x80070002)
<date-time>, Warning DISM DISM Provider Store: PID=14568 Failed to Load the provider: C:\Windows\TEMP\3CE573A0-8E9B-4337-A1F1-4AF0E74A5E5F\DmiProvider.dll. - CDISMProviderStore::Internal_GetProvider(hr:0x80070002)
<date-time>, Warning DISM DISM Provider Store: PID=14568 Failed to Load the provider: C:\Windows\TEMP\3CE573A0-8E9B-4337-A1F1-4AF0E74A5E5F\TransmogProvider.dll. - CDISMProviderStore::Internal_GetProvider(hr:0x8007007e)
<date-time>, Error DISM DISM.EXE: No providers were found that support the command(add-package). HRESULT=0dsim cbs

So what was the cause? What we ultimately found was that if there's a disk management or maintenance service such as IntelliWrite by Diskeeper running on the disk then it can cause this type of issue.

In my case, we temporarily disabled the Diskeeper service and once we did that we were able to import the default boot images after manually copying the WIMS from a working server to the following folders:

C:\Program Files (x86)\Microsoft Configuration Manager\OSD\boot\x86

and

C:\Program Files (x86)\Microsoft Configuration Manager\OSD\boot\x64

So if you're running into an issue like the one I describe above, take a look and see what disk related services you have installed. There's a chance that simply disabling those services temporarily will let you import the images successfully.

Hope this helps,

Clifton Hughes | Senior Support Engineer

↧

OSD image creation via web page

August 23, 2010, 7:14 am

≫ Next: How to add a Known/Unknown Computer to a specified collection during OS Deployment in ConfigMgr 2007

≪ Previous: Solution: Boot images may be missing or unable to be imported through the ConfigMgr 2007 admin console

Steve Rachui has another great Configuration Manager post over on his blog, this time about how to create a web page that allows OSD users to setup imaging themselves without having to use the System Center Configuration Manager 2007 console:

OSD is a powerful imaging tool but setting up systems to be imaged may require a user have access to the SCCM console. This often means that the SCCM staff gets assigned the task of imaging. Wouldn’t it be cool if the OSD users could setup imaging themselves without having to use the SCCM console? Yeah, I thought so too.

I have just completed building a sample web page that allows users to choose their own imaging scenarios.

For all the details see OS Imaging via Web Page.

J.C. Hornbeck | System Center Knowledge Engineer

↧

How to add a Known/Unknown Computer to a specified collection during OS Deployment in ConfigMgr 2007

September 2, 2010, 2:35 pm

≫ Next: Announcing the new P2V Migration Tool for Software Assurance

≪ Previous: OSD image creation via web page

Just a quick heads up that our very own System Center Configuration Manager Support Engineer Vinay Pamnani recently published a great post about how to add a known/unknown computer to a specified collection during OS Deployment. If you haven't seen you'll probably want to check it out:

Have you ever wondered why a ConfigMgr client takes a long time to run the advertised programs after you deploy this client using ConfigMgr OSD? Well, this is because as soon as the machine is imaged, it gets added to the ‘All Systems’ collection and gets the advertisements/policies that are targeted to the All Systems collection. But what if your advertisements are not targeted to the default All Systems collection, and instead are targeted to a custom query based collection? In that case, the newly imaged machine doesn’t get added to the custom collection until it sends the inventory AND the collection updates based on its schedule and finds the machines that fulfill the query condition to add the machine(s) to the collection, and in turn triggering the creation of policies for these clients. Until this happens, there are no Advertisements for this newly imaged client to run(unless of course, they were targeted to the All Systems collection). This is why you may notice a delay of up to 24 hours or more until you see the newly imaged clients processing all the Advertisements that you expect them to execute.

To read more and see the solution visit the following:

http://blogs.msdn.com/b/vinpa/archive/2010/09/01/how-to-add-a-known-unknown-computer-to-a-specified-collection-during-os-deployment.aspx

J.C. Hornbeck | System Center Knowledge Engineer

↧

Announcing the new P2V Migration Tool for Software Assurance

September 7, 2010, 12:23 pm

≫ Next: Solution: After a ConfigMgr 2007 OSD Task Sequence completes, the client may not automatically pull down policy

≪ Previous: How to add a Known/Unknown Computer to a specified collection during OS Deployment in ConfigMgr 2007

Our pals over on the Nexus SC blog posted some great info on migrating users to Windows 7 while keeping the users previous Windows XP (or newer) environment available to them in the new OS. It's like having your cake and eating it too:

Hey everyone, if you are considering any type of client migration on you way to Windows 7 , and you have thought about how to manage the end user experience through the process, you may want to check this out.

P2V Migration for Software Assurance uses the Microsoft Deployment Toolkit and Sysinternals Disk2VHD to convert a user's existing Windows XP or newer client environment to a virtual hard disk then automates the delivery of an updated and personalized Windows 7 operating system containing virtual machine with the user's previous Windows environment, applications and Web browser. The user's previous virtual desktop retains its existing management components, domain membership and policies. The process also publishes applications and the browser for the user to access them seamlessly within Windows 7's start menu.

To continue reading and to get all the details on how this works see Announcing the P2V Migration Tool for Software Assurance.

J.C. Hornbeck | System Center Knowledge Engineer

↧

Solution: After a ConfigMgr 2007 OSD Task Sequence completes, the client may not automatically pull down policy

September 13, 2010, 12:35 pm

≫ Next: P2V Migration for Software Assurance Beta 2 now available, including ConfigMgr 2007 integration!

≪ Previous: Announcing the new P2V Migration Tool for Software Assurance

When a System Center Configuration Manager 2007 OSD Task Sequence completes, the ConfigMgr client may not seem to pull down policy. Inspecting the ConfigMgr client on the affected PC reveals that under the "Advanced" tab the client is assigned to a site, and the "Discover" button successfully discovers the site. However the following abnormalities are observed:

- Under the "General" tab, the property "Site Mode" is equal to "Unknown".

- Under the "Components" tab, most of the components are Installed but not Enabled. The only enabled components are "ConfigMgr Software Distribution Agent" and "ConfigMgr Software Updates Agent".

- Under the "Actions" tab, only a few actions are available, including "Machine Policy Retrieval & Evaluation Cycle", "Software Updates Deployment Evaluation Cycle", and "User Policy Retrieval & Evaluation Cycle".

- Inspecting the following registry key:

32bit Windows OS
HKLM\SOFTWARE\Microsoft\CCM\CcmExec!ProvisioningMode

64bit client Windows OS
HKLM\SOFTWARE\Wow6432Node\Microsoft\CCM\CcmExec!ProvisioningMode

reveals that it is set to true and that the ConfigMgr client is in provisioning mode.

- Inspecting the following registry key:

32bit Windows OS
HKLM\SOFTWARE\Microsoft\CCM\CcmExec!SystemTaskExclude

64bit Windows OS
HKLM\SOFTWARE\Wow6432Node\Microsoft\CCM\CcmExec!SystemTaskExcludes

reveals that it is not empty and has the following value instead:

SchedulerStartup;SchedulerShutdown;SchedulerLogon;SchedulerLogoff;ClientRegistrationStartup

Clicking on the "Machine Policy Retrieval & Evaluation Cycle" action may cause the PC to start receiving some policy, including additional components being enabled and additional actions being made available. It may also cause the client to show up as a valid client in the ConfigMgr console, however not all policy is received and certain items such as advertised programs and software updates are never made available. Additionally, in the ConfigMgr client control panel, under the "General" tab the property "Site Mode" remains "Unknown".

Reinstalling the ConfigMgr client or modifying the above registry keys usually resolves the issue, however this is not an ideal solution since the client should be fully operational when the Task Sequence completes.

Cause

During a ConfigMgr 2007 OSD Task Sequence, the ConfigMgr client is purposely placed in a provisioning mode. In this mode, the ConfigMgr client does not pick up policy from the MP. This is done so that advertised programs, software updates, and tasks targeted to existing client PCs do not run until the Task Sequence completes. If advertised programs, software updates, or tasks attempt to run while the Task Sequence runs it may interfere with the Task Sequence and cause it to fail.

Normally when the Task Sequence completes and exits cleanly, the ConfigMgr client is automatically taken out of provisioning mode. As soon as the ConfigMgr client is taken out of provisioning mode, it then proceeds to pull down policy from the MP and configure the ConfigMgr client appropriately.

If the Task Sequence does not exit cleanly, the ConfigMgr client may not be taken out of provisioning mode. This may lead to the ConfigMgr client not being configured properly and where it does not pull down policy from the MP. Manual attempts at trying to download policy will only partially succeed since the ConfigMgr client is in provisioning mode and not configured properly.

Please note that Task Sequence not exiting cleanly is not the same as the Task Sequence failing. When Task Sequences fail they usually still exit cleanly. A Task Sequence not exiting cleanly is usually caused by one of the following scenarios:

1. At some point after the "Setup Windows and ConfigMgr" task, a power failure or crash occurs on the PC. At this point the PC may be bootable and the user may be able to log into the PC. However because the Task Sequence never exited cleanly, the ConfigMgr client is left in provisioning mode, and the problem may exist.

2. A "Restart Computer" task at some point after the "Setup Windows and ConfigMgr" task that is accidentally set to restart into the WinPE boot image assigned to the Task Sequence instead of the full Windows OS. This will cause the Task Sequence to end in WinPE. Because the ConfigMgr client is actually installed as part of the full Windows OS and not WinPE, and because the Task Sequence ends in WinPE instead of the full Windows OS, it cannot properly take the ConfigMgr client out of provisioning mode.

This error is common because the "Restart Computer" task defaults to restarting into the WinPE boot image instead of the full Windows OS. The "Restart Computer" task option "The boot image assigned to this task sequence" will cause it to reboot into WinPE, while the option "The currently installed default operating system" will cause it to reboot into the full Windows OS being deployed by the Task Sequence. If the option is not specifically switched from the default setting when the "Restart Computer" task is added to the Task Sequence, then the issue will occur.

3. In Windows XP and Windows Server 2003, if an application is installed during the Task Sequence that installs a custom Gina, the problem will happen. In Windows XP and Windows Server 2003, the ConfigMgr OSD Task Sequence will install a custom Gina called OSDGina. This Gina is used for several reasons during a Task Sequence such as accomplishing automatic log ins between reboots, disabling all user interfaces such as Explorer, etc. If the OSDGina is replaced by another custom Gina, then the Task Sequence cannot end or exit cleanly and the ConfigMgr client will not be taken out of provisioning mode.
Note: Custom Ginas can only be used in Windows XP or Windows Server 2003. Custom Gina issues will not occur in Windows Vista or newer since custom Ginas, including OSDGina, are not used in Windows Vista or newer.

Resolution

To confirm the issue, inspect the registry key to see if it is set to True:

32bit Windows OS
HKLM\SOFTWARE\Microsoft\CCM\CcmExec!ProvisioningMode

64bit client Windows OS
HKLM\SOFTWARE\Wow6432Node\Microsoft\CCM\CcmExec!ProvisioningMode

Additionally, inspect the registry key:

32bit Windows OS
HKLM\SOFTWARE\Microsoft\CCM\CcmExec!SystemTaskExclude

64bit Windows OS
HKLM\SOFTWARE\Wow6432Node\Microsoft\CCM\CcmExec!SystemTaskExcludes

see if has the following value:

SchedulerStartup;SchedulerShutdown;SchedulerLogon;SchedulerLogoff;ClientRegistrationStartup

If either or both of the above is true then the ConfigMgr client is stuck in provisioning mode.

Setting the first registry value to False and blanking out the second registry value will resolve the issue on that particular client, however this will not resolve the issue from occurring again during the Task Sequence on another client.

To determine if one of the tasks in the Task Sequence is causing the problem, disable all tasks after the "Setup Windows and ConfigMgr" task and rerun the Task Sequence. If the Task Sequence completes successfully and the ConfigMgr client successfully processes policy then the problem is with one of the tasks in the Task Sequence after the "Setup Windows and ConfigMgr" task.

To resolve the issue, first determine what is causing the Task Sequence not to exit cleanly:

1. A misconfigured "Restart Computer" task after the "Setup Windows and ConfigMgr" task that finishes the Task Sequence in WinPE instead of the full Windows OS.

2. When deploying Windows XP or Windows Server 2003, an "Install Software" or "Run Command Line" task that installs a custom Gina.

Once the cause of the problem is determined, follow the appropriate section below to resolve the issue.

Note: Do NOT try and resolve the problem by trying to add tasks in the Task Sequence that change the registry keys that sets the ConfigMgr client to provisioning mode. Doing so can cause unexpected behavior and may cause the Task Sequence to fail.

To resolve the issue when caused by a misconfigured "Restart Computer" task:

1. In the ConfigMgr 2007 console, navigate to "Computer Management" --> "Operating System Deployment" --> "Task Sequences".

2. Right click on the affected Task Sequence and choose "Edit".

3. Locate any "Restart Computer" tasks that exist after the "Setup Windows and ConfigMgr" task and then click on them. Please note that the "Restart Computer" tasks may have been given a custom name.

4. In each "Restart Computer" task, verify that the setting "Specify what to run after restart:" is set to "The currently installed default operating system".

Note: If for some reason the intention is to actually restart the Task Sequence back into the WinPE boot image at some point after the "Setup Windows and ConfigMgr" task, an additional "Restart Computer" task needs to be added to the Task Sequence at some point after the original "Restart Computer" task with the "Specify what to run after restart:" setting properly selected to "The currently installed default operating system". In other words, for Task Sequence that have "Restart Computer" tasks after the "Setup Windows and ConfigMgr" task, the final "Restart Computer" task in Task Sequence should always have the setting "Specify what to run after restart:" set to "The currently installed default operating system". This will ensure that the Task Sequence complete in the full Windows OS and not in WinPE.

To resolve the issue when caused by an application installing a custom Gina:

1. On a PC that already has the custom GINA installed, take a look at the following registry key and record the name of the custom Gina:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon!GinaDLL

2. In the ConfigMgr 2007 console, navigate to "Computer Management" --> "Operating System Deployment" --> "Task Sequences".

3. Right click on the affected Task Sequence and choose "Edit".

4. Locate the "Install Software" or "Run Command Line" task that installs the application with the custom Gina.

If the task is a "Run Command Line", under the "Command line:" text box, modify the command line and add the appropriate switches or options to suppress reboots. Once done, move on to Step 5. Please note that the appropriate command, options, or switches vary with application installer. Please refer to the product documentation of the application installer for the appropriate command, option, or switch to suppress reboots.
If the task is an "Install Software" task, determine the Package and Program that installs the custom Gina.
1. In the ConfigMgr 2007 console, navigate to "Software Distribution" --> "Packages".
2. Locate the appropriate Package, expand it and then click on "Programs".
3. Right click on the appropriate Program and choose "Properties".
4. Under the "General" tab, next to the "Command line:" box, modify the command line and add the appropriate switches or options to suppress reboots. Please note that the appropriate command, options, or switches vary with application installer. Please refer to the product documentation of the application installer for the appropriate command, option, or switch to suppress reboots.
5. Click on the "OK" button.
6. Switch back to the affected Task Sequence.

5. Click on the “Install Software” or "Run Command Line" task that installs the application with the custom Gina, and then go to "Add" --> "General" --> "Run Command Line". This should create a "Run Command Line" task immediately after the “Install Software” or "Run Command Line" task that installs the application with the custom Gina.

6. In the newly created "Run Command Line" task from Step 5:

Next to the "Name:" text box, enter in: Set Custom Gina
Under the "Command Line:" text box, enter in:

REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v OSDOldGinaDLL /t REG_SZ /d <Custom_Gina> /f

where <Custom_Gina> is the value obtained from Step 1, i.e. CustomGina.dll. Do not include the brackets <> in the registry key value.

7. Click on the "Capture Custom Gina" Run Command Line task created in Steps 5 and 6 and then go to "Add" --> "General" --> "Run Command Line". This should create a "Run Command Line" task immediately after the "Set Custom Gina" Run Command Line task.

8. In the newly created "Run Command Line" task from Step 7:

Next to the "Name:" text box, enter in: Restore OSD Gina

Under the "Command Line:" text box, enter in:

REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v GinaDLL /t REG_SZ /d OSDGINA.DLL /f

9. Click on the "Apply" button to save the Task Sequence.

When the Task Sequence completes, it will use the value stored in the below registry key to restore the custom Gina:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon!OSDOldGinaDLL

Frank Rojas | System Center Support Escalation Engineer

↧

P2V Migration for Software Assurance Beta 2 now available, including ConfigMgr 2007 integration!

September 27, 2010, 2:01 pm

≫ Next: OSD: How to add a script to a ConfigMgr 2007 Boot Image

≪ Previous: Solution: After a ConfigMgr 2007 OSD Task Sequence completes, the client may not automatically pull down policy

Hey everyone, a few weeks ago we released a beta of the new P2V tool for OS Deployment. We are really pleased to update that information with a beta refresh, Beta 2. The P2V Migration for Software Assurance can now be implemented using System Center Configuration Manager 2007 Operating System Deployment as well as native Lite Touch Installation with the Microsoft Deployment Toolkit 2010. Computer refresh, replace and restore task sequence templates for Configuration Manager are included and documented in this Beta release.

For all the details see Jeff Wettlaufer's original post here.

J.C. Hornbeck | System Center Knowledge Engineer

↧

OSD: How to add a script to a ConfigMgr 2007 Boot Image

October 21, 2010, 11:27 am

≫ Next: UDI Task Sequence generates "No valid Windows directory found, data and settings will not be captured" error

≪ Previous: P2V Migration for Software Assurance Beta 2 now available, including ConfigMgr 2007 integration!

One of the components of System Center Configuration Manager 2007 (SCCM 2007) Operating System Deployment (OSD) is boot images. Boot images in SCCM are really just WinPE images and are used during the operating system deployment process to boot computers so that an operating system can be loaded.

For more information about boot images and WinPE, see the following links:

What is Windows PE?

Planning for the Boot Image

Background

Typically, the standard boot images included in SCCM will provide enough functionality needed to deploy an Operating System, (outside of possibly adding drivers). In some cases, it may be required for administrators to have a script or a command run when the boot image boots and WinPE is started. As an example, one customer, due to specific network restrictions, had to run a command when WinPE started so that a specific route could be added in order for the client to reach the server. The customer created a batch file to run the command and configured WinPE to execute it at every start time, before WinPE started the task sequencing process.

Out of the box, it is not very straightforward to add such customizations to your boot images, so the purpose of this article is to provide information on how to add a batch file or command so that it is executed when your boot image starts.

As a note, there was an article provided in TechNet which describes the process of modifying WinPE to add a script or batch file so that it would be executed when WinPE started. Unfortunately, in SCCM, when boot images are updated so that drivers can be injected or settings are modified, the update process is automated so there isn’t an opportunity to make other customizations. The article I am referring to is http://technet.microsoft.com/en-us/library/cc766521(WS.10).aspx, which provides three ways to add a command to WinPE. The first two methods, using Winpeshl.ini, or Startnet.cmd, don’t work in SCCM. The third method, creating an unattend.xml, will work fine.

This article describes how to create an unattend.xml so that specific commands or scripts can be executed every time your WinPE boot image starts.

Step One: Determine the Script or Command to be Run

The first thing you need to do is figure out if you need to run a command, batch file, or vbScript prior to WinPE executing. The unttend.xml is command based, and you can add multiple commands ordered in any way you like. If you have more than one command you want to run you can certainly add those to a batch file.

If you are going to reference a batch file create the file and copy it to the SCCM Site Server at: C:\Program Files\Windows AIK\Tools. In this example, I will name the batch file PrePE.cmd.

Step Two: Create the Unattend.xml

The easiest way to create an unattend.xml from scratch is to use System Image Manager. After you create your initial unattend.xml for use in this process, you may decide to edit the XML using notepad. Regardless, the below instructions will describe how to use Windows System Image Manager (SIM) to create an unattend.xml so that WinPE will execute a command or the PrePE.cmd file at WinPE startup.

1. Logon to your SCCM SP2 site server as the Windows System Image Manager utility will already be installed. Note: The reason it is already installed is because (SIM) is included in the WAIK which is installed with SCCM.

2. Open SIM by selecting Start – Programs - Microsoft Windows AIK – Windows System Image Manager.

3. In the SIM select File – Select Windows Image.

4. At the Select a Windows Image dialog, browse to the extracted contents of your Windows 7 DVD\Sources folder and select install_Windows 7 ULTIMATE.clg (Enterprise) and then click Open.

5. One an image catalog is selected, create a new answer file by selecting File – New Answer File.

6. Under the Windows Image section in the SIM, navigate to Components and right-click x86_Microsoft-Setup_6.1.x_neutral and in the context menu select Add Setting to Pass 1 windowsPE.

7. Now in the Answer File section of the SIM, you will see the component under windowsPE. Select x86_Microsoft-Windows-Setup_neutral and in the Properties pane, change the Enable Firewall value to True.

8. Right-click the RunSynchronous section and in the context menu, select Insert New RunSynchronousCommand.
In the Properties section, verify the following Properties are set.

Action: AddListItem
Description: Executes the PrePE.cmd
Order: 1
Path: PrePE.cmd

9. Once all the Properties are added you can delete all of the sub-components which were not edited.

10. To save the answer file select File – Save Answer File As and save the file under C:\Program Files\Windows AIK\Tools as unattend.xml.

11. If you open the XML in notepad you can make modifications.

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="windowsPE">
        <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <RunSynchronous>
                <RunSynchronousCommand wcm:action="add">
                    <Description>Executes the PrePE.cmd</Description>
                    <Order>1</Order>
                    <Path>PrePE.cmd</Path>
                </RunSynchronousCommand>
            </RunSynchronous>
            <EnableNetwork>true</EnableNetwork>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="catalog://labcm1/osdeploy/ossource/windows7x86/sources/install_windows 7 ultimate.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

Adding the PrePE.cmd and Unattend.xml to your Boot Images

The following technique is an easy way to add files to your boot images without having to mount and unmount your boot.WIMs. For background purposes, every time you select “Update Distribution Points” for you boot images in SCCM, the boot image is mounted, files are injected, unmounted, and distribution points are updated. One of the files SCCM uses to identify files to add is the osdinjection.xml. You can edit this file to reference custom files you want included in your boot image.

1. On your SCCM site server, navigate to <SCCM Installation Folder>\bin\i386.

2. Make a backup copy of the file osdinjection.xml.

3. Edit the original osdinjection.xml in Notepad and under the following section:

<?xml version="1.0" encoding="utf-8"?>
<InjectionFiles>
<Architecture imgArch="i386">
<FileList source="WAIK">

Add the following:

<File name="unattend.xml">
<LocaleNeeded>false</LocaleNeeded>
<Source>tools</Source>
<Destination>windows\system32</Destination>
</File>
<File name="prePE.cmd">
<LocaleNeeded>false</LocaleNeeded>
<Source>tools</Source>
<Destination>windows\system32</Destination>
</File>

Here is a sample:

4. As you can see, the two files we added to C:\Program Files\Windows AIK\Tools, unattend.xml and PrePE.cmd are referenced, and will be copied to the Windows\System32 folder in WinPE.

5. So that the files are also executed in the 64-bit boot image, find the section:

Add the following:

6. Save the osdinjection.xml file.

7. In Configuration Manager 2007, navigate to Site Database / Computer Management / Operating System Deployment / Boot Images and right-click your boot image and select “Update Distribution Points”. The boot images will be recompiled and sent to distribution points.

Summary

You can test the boot image right away if you are using PXE Boot or use the Create Task Sequence Media and create boot media. The next time the boot image boots, the batch file PrePE.cmd will run prior to the Task Sequence engine kicks off.

Gerry Borger | Senior System Center Support Engineer

↧

UDI Task Sequence generates "No valid Windows directory found, data and settings will not be captured" error

December 2, 2010, 8:27 am

≫ Next: Creating OSD USB deployment media in System Center Configuration Manager 2007 fails with "The parameter is incorrect"

≪ Previous: OSD: How to add a script to a ConfigMgr 2007 Boot Image

When running a User Driven Installation (UDI) Task Sequence on an x64 (64-bit or AMD64) Windows 7 machine, it shows the following warning under User Data and Settings:

No valid Windows directory found, data and settings will not be captured

Cause

This can occur when your 64-bit image is configured as a 32-bit image in the UDI Wizard Designer. When you add your image, the UDI Wizard Designer defaults to specifying a Windows 7 x86 (32-bit) image:

If using a 64-bit image you will need to change this to AMD64.

Resolution

Once you remove the x86 reference and added it back as AMD64 in the wizard it allows the Task Sequence to work as expected.

Clifton Hughes | Senior System Center Support Engineer

↧

Creating OSD USB deployment media in System Center Configuration Manager 2007 fails with "The parameter is incorrect"

December 13, 2010, 1:10 pm

≫ Next: Computers upgraded to Windows 7 using ConfigMgr 2007 OSD might generate a new SMS GUID

≪ Previous: UDI Task Sequence generates "No valid Windows directory found, data and settings will not be captured" error

Just a heads up on a new ConfigMgr 2007 Knowledge Base article we published today. If you do any work with Operating System Deployment (OSD) then you'll want to check this one out:

=====

Symptoms

When trying to create Stand-alone media, Bootable media, or Capture media on a USB Flash drive via the Microsoft System Center Configuration Manager 2007 (ConfigMgr 2007) console, the Task Sequence Media Wizard fails with the following message:

Error creating media. Error message is: The parameter is incorrect.. Please refer to CreateTSMedia.log to get details.

Inspecting the CreateTsMedia.log shows the following errors:

Beginning media generation CreateTsMedia
Failed to create media (0x80070057) CreateTsMedia
CreateTsMedia failed with error 0x80070057, details="" CreateTsMedia

Creating the USB media in a ConfigMgr 2007 console running on other PCs may be successful and may not reproduce the problem.

Cause

The problem is a known issue with ConfigMgr 2007 SP2 and older, including R2 and R3, when the following conditions exist on the PC running the ConfigMgr 2007 console:

1. A mapped network drive exists on the PC

2. The PC's hard drive has a partition with no drive letter attached to it

Condition #2 above is very common in Windows 7 and Windows Server 2008 R2 since the default installation of Windows 7 creates the boot partition as a "hidden" system partition with no drive letter attached to it. It is also a common configuration on PCs that have been encrypted with BitLocker. For this reason the issue is seen most often on Windows 7, Windows Server 2008 R2, and PCs that have drives encrypted with BitLocker.

Resolution

To work around the problem, take one of the following two actions before trying to create the USB media via the ConfigMgr 2007 console:

1. Temporarily disconnect mapped network drives.

2. Via the Computer Management console, temporarily assign a drive letter to the "hidden" partition.

Only one of the above two actions needs to be taken. Both do not need to be taken.

Once the USB media has been created, mapped network drives can be reconnected and/or the assigned drive letter can be removed from the previously hidden partition.

=====

For the latest version of this article see the link below:

KB2471018 - Creating OSD USB deployment media in System Center Configuration Manager 2007 fails with "The parameter is incorrect"

J.C. Hornbeck | System Center Knowledge Engineer

↧

Computers upgraded to Windows 7 using ConfigMgr 2007 OSD might generate a new SMS GUID

February 15, 2011, 10:06 am

≫ Next: New KB article: OSD and Task Sequences fail after restoring a Configuration Manager 2007 Central site from backup

≪ Previous: Creating OSD USB deployment media in System Center Configuration Manager 2007 fails with "The parameter is incorrect"

According to the System Center Configuration Manager Team Blog, if Windows hotfix KB974571 is installed on a Windows 7 reference image, then it is highly likely that you would see the following log entries in smsts.log when deploying this image to an existing client. Notice that because the client certificates were not found, the end result is that the client uses a new certificate to register itself, losing its own identity in the process.

Installing SMS client
Clearing existing client configuration.
Cleaning existing client certificates from SMS certificate store
Restoring SMS client identity.
The client certificates were not found. New certificates will be generated.
Successfully restored the client identity.

They have all the details, including a couple workarounds here.

J.C. Hornbeck | System Center Knowledge Engineer

↧

New KB article: OSD and Task Sequences fail after restoring a Configuration Manager 2007 Central site from backup

March 1, 2011, 7:31 am

≫ Next: Fix: Unable to delete the OSDStateStorePath folder in an OSD Task Sequence using USMT 4.0 with Hard Links in ConfigMgr 2007

≪ Previous: Computers upgraded to Windows 7 using ConfigMgr 2007 OSD might generate a new SMS GUID

When using System Center Configuration Manager 2007 and restoring from a backup created via the "Backup ConfigMgr Site Server" maintenance task, OSD and Task Sequences may no longer function if the restore was performed after a Windows OS reinstall on the server or restoration to new server hardware. Obtaining the SMSTS.log from a failing client PC reveals the following errors:

Parsing Policy Body. TSMBootstrap
(!sNetworkAccessAccount.empty()) && (!sNetworkAccessPassword.empty()), HRESULT=80040101 (e:\nts_sms_fre\sms\framework\tscore\tspolicy.cpp,1518) TSMBootstrap
Found empty NetworkAccessUsername/NetworkAccessPassword from NAAConfig CCM_NetworkAccessAccount TSMBootstrap
GetEncodedNetworkAccessAccount (sEncodedAccount, sEncodedPassword), HRESULT=80040101 (e:\nts_sms_fre\sms\framework\tscore\tspolicy.cpp,1544) TSMBootstrap
Network Access Account is not set TSMBootstrap
GetNetworkAccessAccount( sNetworkAccessAccount, sNetworkAccessPassword ), HRESULT=80040101 (e:\nts_sms_fre\sms\framework\tscore\tspolicy.cpp,1597) TSMBootstrap
pTSPolicyManager->GetContentLocations( m_sPackageID, m_lSourceVersion, m_dwContentSourceFlags, slistContentLocations, slistHttpContentLocations, slistMulticastContentLocations, m_dwContentPackageFlags ), HRESULT=80040101 (e:\nts_sms_fre\sms\framework\tscore\tspolicy.cpp,2330) TSMBootstrap
(*iTSReference)->Resolve( pTSPolicyManager, dwResolveFlags ), HRESULT=80040101 (e:\nts_sms_fre\sms\framework\tscore\tspolicy.cpp,2862) TSMBootstrap
m_pSelectedTaskSequence->Resolve( m_pPolicyManager, TS::Policy::TaskSequence::ResolvePolicy | TS::Policy::TaskSequence::ResolveSource, fpCallbackProc, pv, hCancelEvent), HRESULT=80040101 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,1208) TSMBootstrap
Failed to resolve selected task sequence dependencies. Code(0x80040101) TSMBootstrap
hrReturn, HRESULT=80040101 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediaresolveprogresspage.cpp,408) TSMBootstrap
ThreadToResolveAndExecuteTaskSequence failed. Code(0x80040101) TSMBootstrap
ThreadToResolveAndExecuteTaskSequence returned code 0x80040101 TSMBootstrap
Setting wizard error: Failed to read network access account from machine policy. For more information, please contact your system administrator or helpdesk operator. TSMBootstrap

Reviewing the above SMSTS.log seems to reveal that the Network Access Account (NAA) is not set. The Network Access Account is needed by the Task Sequence while in WinPE to access network resources since the client PC while in WinPE is the equivalent of a non-domain joined workgroup PC.

Note: For additional information see the following TechNet article:

About the Network Access Account
http://technet.microsoft.com/en-us/library/bb680398.aspx

Reviewing the properties of the Computer Client Agent in the ConfigMgr 2007 admin console under Site Settings --> Client Agents reveals that the Network Access Account is set. Resetting the Network Access Account in the properties of the Computer Client Agent by reentering the Network Access Account's username and password seems to resolve the error, but then causes a new error in the SMSTS.log.

Note: For information on resetting the Network Access Account see the following TechNet article:

How to Configure the Network Access Account
http://technet.microsoft.com/en-us/library/bb632397.aspx

Reviewing the SMSTS.log on the failed client PC reveals the following error:

Decompressing reply body. TSMBootstrap
::DecompressBuffer(65536) TSMBootstrap
Decompression (zlib) succeeded: original size 476, uncompressed size 2568. TSMBootstrap
CryptMsgControl (hMsg, 0, CMSG_CTRL_VERIFY_SIGNATURE, pCert->pCertInfo), HRESULT=8009100e (e:\nts_sms_fre\sms\framework\osdmessaging\libcrypt.cpp,351) TSMBootstrap
signature varification failed TSMBootstrap
ipCertContext != listpServerCertContext.end(), HRESULT=80004005 (e:\nts_sms_fre\sms\framework\osdmessaging\libsmsmessaging.cpp,2476) TSMBootstrap
signature check failed: <signature> TSMBootstrap
DoRequest (sReply, true), HRESULT=80004005 (e:\nts_sms_fre\sms\framework\osdmessaging\libsmsmessaging.cpp,5010) TSMBootstrap
Failed to get client identity (80004005) TSMBootstrap
ClientIdentity.RequestClientIdentity (), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,815) TSMBootstrap
failed to request for client TSMBootstrap
Exiting TSMediaWizardControl::GetPolicy. TSMBootstrap
pWelcomePage->m_pTSMediaWizardControl->GetPolicy(), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawelcomepage.cpp,280) TSMBootstrap
Setting wizard error: An error occurred while retrieving policy for this computer (0x80004005). For more information, please contact your system administrator or helpdesk operator. TSMBootstrap

Cause

This issue is caused by the backup restoring the srvacct folder from the original ConfigMgr 2007 installation instead of keeping the srvacct folder from the new ConfigMgr 2007 installation. The srvacct folder can be found at the root level of the directory where ConfigMgr 2007 is installed. Normally this folder has a text file in it with the name srvacct.<site_code>. The text file has the public keys that along with private keys stored in the Windows OS allow it to decrypt service account information (username/password) which includes the Network Access Account.

When a Windows OS is freshly installed, either via a reinstall of the OS or install on new hardware, new private keys are generated in the Windows OS when ConfigMgr 2007 is installed. The applicable public keys that match up with the private keys are then generated and stored in the srvacct folder in the file srvacct.<site_code>. If a backup restores the srvacct folder from another instance of the Windows OS, the public keys in the srvacct.<site_code> folder will no longer match up with the private keys in the Windows OS. This will cause the information for any service account used by ConfigMgr 2007, including the Network Access Account, to not be able to be decrypted and used.

This issue can also cause problems in other areas of ConfigMgr 2007 other than Task Sequences and OSD. Service accounts are not normally used in ConfigMgr 2007 since most operations use the SYSTEM/site server's computer account. The only exception to this rule is the Network Access Account which is needed by Task Sequences when running in WinPE and is the reason why this issue most prominently affects OSD.

Service accounts can be used instead of the SYSTEM/site server's computer account in other areas of ConfigMgr 2007 other than Task Sequences and OSD. For a list of the different areas in ConfigMgr 2007 that can be optionally configured to use service accounts and may be affected by this issue, please see the following TechNet articles:

Accounts Configured in the Configuration Manager Console
http://technet.microsoft.com/en-us/library/bb693849.aspx

How to Configure Configuration Manager 2007 Accounts
http://technet.microsoft.com/en-us/library/bb680323.aspx

The two other areas that would most likely be affected by this problem other than OSD would be the use of Site Address Accounts (leading to sites not being able to communicate with one another) and database access accounts (leading to site roles not being able to access the database). The issue is mostly seen with OSD since a service account (the Network Access Account) is always needed and used.

Resolution

To resolve the issue, the ConfigMgr 2007 site will need to be reinstalled from scratch. The current restored ConfigMgr 2007 site cannot be used since the original srvacct folder no longer exists.

Wipe the server and reinstall the Windows OS.
Install ConfigMgr 2007 using normal procedures. Do NOT restore from backup.
BEFORE restoring from the backup created via the "Backup ConfigMgr Site Server" maintenance task, manually copy and backup the srvacct folder located at the root level of the ConfigMgr 2007 install location to a location where it can be later restored.
Using normal procedures restore from the backup created via the "Backup ConfigMgr Site Server" maintenance task. For more information, see the following TechNet article:
How to Repair a Central Site : http://technet.microsoft.com/en-us/library/bb680474.aspx
Once the restore of the backup is complete, rename the restored srvacct folder located at the root level of where ConfigMgr 2007 is installed.
Copy the srvacct folder backed up in Step 3 to the root level of where ConfigMgr 2007 is installed.
Perform a site reset on the server using the following TechNet instructions:
How to Perform a Site Reset : http://technet.microsoft.com/en-us/library/bb694286.aspx
Once the Site Reset is complete, in the ConfigMgr 2007 Admin console, navigate to "Site Management" --> <Site_Code> --> "Site Settings" --> "Client Agents". In the right hand pane, right click on "Computer Client Agent" and choose "Properties".
In the "Computer Client Agent Properties" window, click on the "General" tab and examine the account being used under the "Network Access Account" section. Make sure that the account being used is noted and that the password for the account is known.
Once the Network Access Account information has been confirmed, in the "Computer Client Agent Properties" window under the "General" tab, click on the "Clear" button in the "Network Access Account" section and then click on the "Apply" button. Once the information for the Network Access Account has been cleared, click on the "Set..." button under the "Network Access Account" section.
In the "Windows User Account" window, enter the User name and Password for the Network Access Account as determined in Step 9, and then click on the "OK" button.
In the "Computer Client Agent Properties" window, click on the "OK" button.

Note: If the above solution is being used to resolve the issue for a component other than OSD (i.e., site address accounts or database connection accounts), in Steps 8-9, navigate to the appropriate section in the ConfigMgr 2007 Admin Console (i.e., Addresses or properties of the Site Systems roles) and reset the appropriate service accounts using the same same instructions listed in Steps 10-12.

=====

The information above was published today in the following Microsoft Knowledge Base article written by Frank Rojas:

KB2509330 - OSD and Task Sequences fail after restoring a Configuration Manager 2007 Central site from backup

J.C. Hornbeck | System Center Knowledge Engineer

↧

Fix: Unable to delete the OSDStateStorePath folder in an OSD Task Sequence using USMT 4.0 with Hard Links in ConfigMgr 2007

March 28, 2011, 8:15 am

≫ Next: Configuration Manager 2012 Offline Servicing for Operating System Images

≪ Previous: New KB article: OSD and Task Sequences fail after restoring a Configuration Manager 2007 Central site from backup

When using Hard Links for User State Migration, attempting to remove the OSDStateStorePath folder after restoring the users data in a Task Sequence may fail or appear to hang.

Note: This is in reference to the steps listed in this article: http://technet.microsoft.com/en-us/library/ee344267.aspx

The command .\%PROCESSOR_ARCHITECTURE%\usmtutils.exe /rd %OSDStateStorePath% may appear to hang unless you configure a timeout value on the Run Command Line step, and/or it may fail with one of the following errors or warnings depending on how the Task Sequence Advertisement is configured:

SMSTS.log may show one of the following errors or warnings.

Warning: This command is going to delete the following list of path(s).
Please review before continuing...
C:\UserState
Are you sure you want to proceed (Y/N)?

If you do not configure a timeout value, it will hang at this point, however, since you cannot see the prompt for user input you cannot continue.

Or, if you configure a timeout value on the Run Command Line step, you may see this error in the SMSTS.log

This operation returned because the timeout period expired. (Error: 800705B4; Source: Windows)

The amount of detail you see in the log will also depend on how you have configured the Advertisement for the Task Sequence. If the Advertisement is configured to Download content locally when needed by running the task sequence (commonly referred to as Download and run locally) then you will not see as much detail on the command line being run. However, if you select Access content directly from a distribution point when needed by the running task sequence (commonly referred to as Run from DP), then you will get more details on the command line being run, and it may show the prompt "Are you sure you want to proceed (Y/N)?" in the SMSTS.log. If you tried adding the cmd.exe /c echo Y | in front of the command and still try to use the Run from DP option, the command will fail with a Path not found error.

Cause

There are two things we are trying to overcome with this issue when running the USMTUTILS.EXE command from a ConfigMgr 2007 OS Deployment Task Sequence:

1. This command requires user input in order to delete the OSDStateStorePath folder and does not seem to support any command line switches to bypass this prompt.

2. Although we are able to use the echo command to pass the Y for yes to the command line step using cmd.exe /c echo Y | "command", this will only work if the Advertisement is configured to Download content locally when needed by running the task sequence (commonly referred to as Download and run locally). If you select Access content directly from a distribution point when needed by the running task sequence (commonly referred to as Run from DP) this step will fail. This is due to the echo command we are needed to pass, it is a built in command in the command interpreter, cmd.exe, so that is why we must specify the cmd.exe /c in the beginning of the command line, as this is not present in the package on the DP.

Resolution

Note: This will only work if the Advertisement is configured to Download content locally when needed by the running task sequence (commonly referred to as Download and run locally). If you select Access content directly from a distribution point when needed by the running task sequence (commonly referred to as Run from DP) this step will fail. This is because the echo command we need to pass is a built in command in the command interpreter, cmd.exe, We must specify the cmd.exe /c in the beginning of the command line since this is not present in the package on the DP.

NOTE: Data Loss Warning, do not select Continue on error on the Restore User Files and Settings! It is also important to not select “Continue on error” on the Options tab, or “Continue if some files cannot be restored” on the “Properties” tab of the “Restore User Files and Settings” task sequence step, Selecting these options will allow the next task sequence step to delete the User Files and Settings even if they are not successfully restored.

This resolution assumes you have already successfully configured and tested an OS Deployment with ConfigMgr 2007 SP2 using Hard Links with USMT 4.0 . If not, follow the steps to configure the OSDStateStorePath, OSDMigrateAdditionalCaptureOptions, and OSDMigrateAdditionalRestoreOptions variables for using Hard Links with USMT 4.0 in ConfigMgr 2007 SP2:

http://technet.microsoft.com/en-us/library/ee344267.aspx

To add a step that should successfully remove the User State folder after the User Files and Settings are restored, follow these steps:

1. In the Task Sequence Editor, after the Restore User State step, click Add, navigate to General, and then click Run Command Line action. Type the following in the Run Command Line action:

2. Type the following in the Command line field:

cmd.exe /c echo Y | ".\%PROCESSOR_ARCHITECTURE%\usmtutils.exe" /rd "%OSDStateStorePath%"

3. Select the Package check box.

4. In the Select a Package dialog box, browse to the USMT 4.0 package, and then click OK.

Although we are able to use the echo command to pass the Y for yes to the command line step using the command line step:

cmd.exe /c echo Y | ".\%PROCESSOR_ARCHITECTURE%\usmtutils.exe" /rd "%OSDStateStorePath%"

Clifton Hughes | Senior System Center Support Engineer

↧

Configuration Manager 2012 Offline Servicing for Operating System Images

April 18, 2011, 9:52 am

≫ Next: How to do a ConfigMgr 2007 Bare Metal Windows 7 Task Sequence Deployment with the Enable BitLocker step

≪ Previous: Fix: Unable to delete the OSDStateStorePath folder in an OSD Task Sequence using USMT 4.0 with Hard Links in ConfigMgr 2007

Microsoft’s very own John Vintzel recently posted another fantastic article discussing Configuration Manager 2012 offline servicing for Operating System Images and how it can be used to apply updates to operating system images while they are in the Configuration Manager library:

In Configuration Manager 2012 there is a new feature for applying updates to operating system images while they are in the Configuration Manager library. This means any operating system image you see in the Operating Systems > Operating Systems Images node from the Software Library wunderbar can be updated with Component Based Servicing (CBS) updates. By updating an image in the Software Library instead of performing a new build and capture of the operating system image you will gain a few distinct advantages. You will be able to reduce the risk of vulnerabilities during operating system deployments and reduce the overall operating system deployment to the end user. You will also reduce the administrative effort to maintain your operating system images….

You can continue reading this one here.

Enjoy!

J.C. Hornbeck | System Center Knowledge Engineer

↧

How to do a ConfigMgr 2007 Bare Metal Windows 7 Task Sequence Deployment with the Enable BitLocker step

May 4, 2011, 10:09 am

≫ Next: How to create offline or standalone USB media for OS Deployment in ConfigMgr 2007

≪ Previous: Configuration Manager 2012 Offline Servicing for Operating System Images

Have you ever wanted to know a simple step by step process for creating a Task Sequence with the Enable BitLocker step included? I walk you through these steps, and also include some additional links to more information, including screen shots of the entire process on the TechNet Wiki:

http://social.technet.microsoft.com/wiki/contents/articles/configmgr-2007-bare-metal-win7-task-sequence-deployment-with-the-enable-bitlocker-step.aspx

Clifton Hughes | Support Escalation Engineer

↧