Jump to content


Leaderboard


Popular Content

Showing content with the highest reputation since 03/20/2019 in Posts

  1. 1 point
    Fix for bootloops when a TS is initiated from Software Center and the script is detecting failures during the checks. Change Sub Reboot Set WshShell = WScript.CreateObject("WScript.Shell") WshShell.Run "wpeutil reboot" End Sub To Sub Reboot Set objFSO2 = CreateObject("Scripting.FileSystemObject") Set colDrives = objFSO2.Drives For Each objDrive in colDrives if objDrive.DriveType=2 then SMSTSDrive=objFSO2.FolderExists(objDrive.DriveLetter + ":\_SMSTaskSequence") if SMSTSDrive then BootDrive=objDrive.DriveLetter&":\" end if end if Next Set WshShell = WScript.CreateObject("WScript.Shell") PEFirmware="HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\PEFirmwareType" PeBoot = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\PEBootType" FirmwareType=WshShell.RegRead(PEFirmware) BootType=WshShell.RegRead(PeBoot) If lcase(BootType)="ramdisk:sourceidentified" then If FirmwareType=2 then BCD=BootDrive&"_SMSTaskSequence\BCD-EFI\BCD" else BCD=BootDrive&"_SMSTaskSequence\backup\boot\BCD" end if WshShell.Run("bcdedit /import " & BCD & " /clean"),1,true wscript.sleep(2000) end if WshShell.Run "wpeutil reboot" End Sub This will also cause the TS to continue in the full OS. If you want to prevent that add something like this after the first reboot. (Since checkfornetwork.vbs shouldn't fail if it succeeded the first time) Side note. The start cmd part is good but it's a LPE-exploit waiting to happen. All you have to do is start a TS from SC and then pull the cable and you're 'local system'. Don't bind it to cancel since the x in the corner returns the same thing. Detect if "command support" is enabled on the boot image and only give the choice to start a cmd.exe if so. Add the last 2 lines accordingly. ' updated 2015/4/26 logging folder creation fix ' On Error Resume Next DIM objShell, WshNetwork, sPingTarget, iNumberofFails, iFailureLimit, LogFileName, logfile, objFSO, objFile, outFile, CheckPartitions Set WshNetwork = WScript.CreateObject("WScript.Network") Set objShell = WScript.CreateObject( "WScript.Shell" ) sysDrv=objShell.ExpandEnvironmentStrings( "%SYSTEMDRIVE%" ) Buttons=vbOKOnly And this. function isDebug() FoundINI=objFSO.FileExists(sysdrv+"\Windows\System32\winpeshl.ini") If (FoundINI=vbTrue) then 'wscript.echo Cstr(bExists) & " " & bExists Set file = objFSO.OpenTextFile (sysdrv+"\Windows\System32\winpeshl.ini", 1, vbFalse, -1) row = 0 Do Until file.AtEndOfStream line = file.Readline 'WScript.Echo lcase(line) If (instr(lcase(line),"tsbootshell.exe")<>0) then TsBootShell=replace(lcase(line),"tsbootshell.exe","tsbootshell.ini") 'Wscript.echo TsBootShell TsINI=objFSO.FileExists(objShell.ExpandEnvironmentStrings(TsBootShell)) If (TsINI=vbTrue) then Set ReadTsINI = objFSO.OpenTextFile (objShell.ExpandEnvironmentStrings(TsBootShell), 1, vbFalse, -1) strTSINItext=ReadTsINI.readall If (instr(lcase(strTSINItext),lcase("EnableDebugShell=true"))<>0) then 'WScript.Echo "DebugMode" Buttons=vbYESNO end if ReadTsINI.Close end if end if row = row + 1 Loop file.Close end if end function Add a 'If' on the buttons shown and that's been taken care of as well. E.g. if (Buttons=vbOKOnly) then Message="Kunde inte hitta en hårddisk att installera Windows på." & vbCrLf & vbCrLf & " Meddela IT att detta kan vara orsaken:" & vbCrLf & vbCrLf & "* Saknar drivrutiner för hårddisken . " & vbCrLf & "* Hårddisken kan vara trasig. " & vbCrLf & vbCrLf & "Hårdvara: " & vbCrLf & vbCrLf & SataResult &"Dator: "& MakeModel & vbCrLf & vbCrLf & "Tryck [OK] när du är klar." Else Message="Kunde inte hitta en hårddisk att installera Windows på." & vbCrLf & vbCrLf & " Meddela IT att detta kan vara orsaken:" & vbCrLf & vbCrLf & "* Saknar drivrutiner för hårddisken . " & vbCrLf & "* Hårddisken kan vara trasig. " & vbCrLf & vbCrLf & "Hårdvara: " & vbCrLf & vbCrLf & SataResult &"Dator: "& MakeModel & vbCrLf & vbCrLf & "Tryck [YES] för att få installationen att misslyckas eller [NO] för att starta en CMD-prompt." end if result=MsgBox (Message, Buttons, "Warning: Unable to continue") 'result = MsgBox ("Unable to find a valid internal storage device." & vbCrLf & vbCrLf & "Possible causes can be: " & vbCrLf & vbCrLf & "* Missing Storage drivers. " & vbCrLf & "* Missing HDD/SSD. " & vbCrLf & vbCrLf & "Please inform the person supporting you that the following hardware was detected: " & vbCrLf & vbCrLf & SataResult &"Computer: "& MakeModel & vbCrLf & vbCrLf & "Press [OK] to exit and reboot or press [Cancel] to open a CMD prompt to troubleshoot further."_ ', vbOKCancel, "Warning: Unable to continue") Select Case result Case vbOK Set objShell = Nothing 'objShell.Run("x:\windows\system32\winpeshl.exe"),1,true Reboot Case vbNo Set objShell = WScript.CreateObject( "WScript.Shell" ) objShell.Run("cmd.exe /s") msgbox "When you are finished, press [OK]" Reboot End Select Edit: And of course calling the function early in the script.
  2. 1 point
    Introduction This multi-part guide will show you how to install the latest baseline version of Configuration Manager from Microsoft. The latest available baseline version is System Center Configuration Manager (Current Branch) version 1902 as of April the 10th 2019. I blogged how to upgrade to 1902 here. This guide is aimed a new installations of SCCM. Baseline media is used to install new ConfigMgr sites or to upgrade from supported versions, for more information about baseline media please see my blog post here. Note: The SCCM 1902 Current Branch media is not yet available on MSDN or VLSC. When the new baseline media is released I'll update this note. This series is broken down into the following parts:- Part 1 - Get the lab ready, configure ADDS Part 2 - Join CM01 to Domain, add users, create the Systems Management container, delegate permission Part 3 - Role and Feature installation, installation of WDS and ADK Part 4 - Configure and install SQL Server 2017 (This part) Part 5 - Configure and install SCCM 1902 Current Branch Part 6 - Post configuration You can use this multi-part guide to get a hierarchy up and running on Windows Server 2019 using SQL Server 2017. The concept behind this is to guide you through all the steps necessary to get a working Configuration Manager Primary site installed (for lab use) using manual methods or automated using PowerShell. This gives you the power to automate the bits that you want to automate, while allowing you to manually do other tasks when needed. You decide which path to take. PowerShell knowledge is desired and dare I say required if you are in any way serious about Configuration Manager. I will show you how to do most steps via two methods shown below, it's up to you to choose which method suits you best but I highly recommend automating everything that you can, using PowerShell. Method #1 - Do it manually Method #2 - Automate it with PowerShell Downloads The scripts used in this part of the guide are available for download here. Unzip to C:\Scripts. The scripts are placed in the corresponding folder (Part 1, Part 2 etc) and sorted into which server you should run the script on (DC01 or CM01). Scripts.zip Step 1. Install SQL Server 2017 Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator, I'd suggest you logon as the username matching your name. Method #1 - Do it manually In this section you will install SQL Server 2017 CU14 which is the latest supported version of SQL Server that is compatible with SCCM 1902 Current Branch as of 2019/4/16. For details about which versions of SQL Server are supported with different site systems in ConfigMgr, please see this page. Before starting, please configure the firewall as described in https://go.microsoft.com/fwlink/?linkid=94001 to allow access to SQL Server through the firewall. You can do this by executing the following command as local administrator on the CM01 (ConfigMgr) server. netsh advfirewall firewall add rule name = SQLPort dir = in protocol = tcp action = allow localport = 1433 remoteip = localsubnet profile = DOMAIN After configuring the firewall, browse to the drive where the SQL Server 2017 media is, and run setup.exe. The SQL Server Installation Center wizard will appear. Click on Installation and then choose New SQL Server standalone installation or add features to an existing installation. Enter the Product Key or use the evaluation version if that's what you want to use. Note: The product key will be automatically filled in for licensed media downloaded from Microsoft Volume Licensing Service Center. Accept the EULA Make your Microsoft Update choices and review your Install rules, as long as you've opened the correct port for SQL you'll be ok and can safely ignore the Warning about the Firewall. select the SQL server instance features you need (at least Database Engine Services) and if necessary change the drive letter where you intend to install it And configure the Instance Configuration or just leave it as default Verify the Service Accounts settings and for Collation (click on the Collation tab in Server Configuration), make sure the collation is set to SQL_Latin1_General_CP1_CI_AS For Database Engine Configuration, click on Add Current User After configuring Data Directories, TempDB and Filestream settings you are ready to install Click on Install to start the installation of SQL Server 2017, and once it's completed, click Close. Next download and install the following: SQL Server 2017 Cumulative Update 14. SQL Server 2017 SSMS here. SQL Server 2017 Reporting Services. Method #2 - Automate it with PowerShell Note: Make sure your SQL Server 2017 media is in the drive specified in the script or edit the script to point to the new location of the media. The script set's the installation path pointing at D:\MSSQL if you want to install SQL somewhere else please change the variables as appropriate. To install SQL Server 2017 use the Install SQL Server 2017.ps1 script. The script will create a ConfigurationFile.ini used to automate the installation of SQL Server 2017, and after it's installed the script will download the SSMS executable (Management Studio) and install it. Then it will download Reporting Services and install it. If either of the EXE's are in the download folder, it will skip the download and just install. SQL Server no longer comes with the Management Studio or Reporting Services built in, and they are offered as separate downloads, don't worry though, my PowerShell script takes care of that for you. 1. Extract the scripts to C:\Scripts on CM01 and load the Install SQL Server 2017.ps1 script located in C:\Scripts\Part 4\CM01 2. Edit the variables [lines 17-81] as desired before running. 3. Logon as the user specified in line 20. 4. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Done ! That's it for this part, please join me in Part 5 where we Configure and Install System Center Configuration Manager 1902.
  3. 1 point
    If anyone gets an access denied error at the last step (certutil -crl), then please reboot your Issuing CA server once and then issue the command again. I had this issue and apparently several other users had this too per various forums.
  4. 1 point
    just make sure your Apply Driver Package step references that, as shown here.
  5. 1 point
  6. 1 point
    In March 2017 I blogged a method to allow you to forcefully upgrade your Windows 10 (or Windows 7) computers to the latest version of Windows 10 using a popup (HTA) that gives the user some form of control (5 deferrals). This was very popular and spawned different versions of the same original concept by other MVP’s and the community at large. I always wanted to update mine, but never had time, however what I have done is incorporate bug-fixes and features, and rewritten the original VBS wrapper code to PowerShell. In the next version I’ll replace the HTA with a PowerShell gui. So how about listing the features of this solution. Designed to run as required Runs before the task sequence starts Shows the user a popup with options Can run on Windows 7 or Windows 10 Allows deferrals After deferrals run out, starts a 4 hour timer If the user ignores the popup, subtracts one deferral after 8 hours Checks for Power Checks for hard disc free space Checks for Supported Model Checks for VPN Is easy to Brand with your company details Has several checks to ensure it won’t run by accident So that’s enough of the features, here’s a look at what it will look like to the end user running either Windows 10 or Windows 7. Time to upgrade In the above screenshot, the user sees the popup daily at a time that you decide eg: 11am. The user has a number of choices: Upgrade now by clicking on the box ‘my files are backed up’, and then selecting Upgrade now Upgrade later by clicking on Defer Cancel, by clicking on the X in the top corner, this will remove one deferral. Note that this verifies how many deferrals are left and if there are none left, will start the task sequence Do nothing. The popup will auto close after 8 hours and remove one deferral. Kill it with Task Manager, this will remove one deferral. If the user runs out of deferrals the 4 hour timer will start. If the user still does nothing, when the 4 hours runs out the task sequence will begin. They can of course click the checkbox and select Upgrade now to start it at any time. Branding So how can you add your branding to it ? start with the banner.png. Open it in MSPaint and replace the windowsnoob logo with your own, try and keep it to 500×65 pixels otherwise you’ll need to edit the Upgrade.HTA code also. Next, open the wrapper.ps1 in PowerShell ISE. Edit CompanyName in line 15 to suit your Company Name. Save the changes, next, open upgrade.hta in Notepad ++. Edit CompanyName in line 50 to suit your company name. edit line 395, and put your company name in Troubleshooting The popup creates 3 log files in C:\ProgramData shown below Windows10RequiredUgradeHTA.log Windows10RequiredUgradeWrapper.log Windows10RequiredUpgradeStart-Upgrade.log The process creates registry keys (and deletes them upon successful closure of the HTA before starting the task sequence). For more details about how to set this up in your environment, please see the following blogpost. I’ve updated that blogpost to include the new files and the PowerShell wrapper.ps1. Note: To download the files included, you need to be a registered member of windows-noob.com cheers niall
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up
×
×
  • Create New...