anyweb

and check the domain/user/share you specified make sure they are all correct

Introduction I guess this could be called version 3.0 of the original windows-noob FrontEnd HTA, and this time it has evolved to support System Center 2012 Configuration Manager. I've been meaning to migrate this to Configuration Manager 2012 for quite a while now but time was not on my side between work and family. This works on both Configuration Manager 2012 RTM and Configuration Manager 2012 SP1 so that you can deploy Windows 7 or Windows 8 depending on the version (of Configuration Manager) you are currently running. Before starting, please make sure you can fulfill the requirements otherwise some or all of the features may not work. The HTA requires the following: * Patience * Configuration Manager 2012 * MDT 2012 Update 1 integrated with Configuration Manager 2012 * Language packs for the Appropriate Operating System * Dell CCTK files and Lenovo SMBIOS/SMBUS files * Maik Kosters Web Services (version 7.3) [optional but recommended] * MBAM Server to store and manage the BitLocker encryption recovery keys, if you are planning on deploying Windows 8 with BitLocker use the Microsoft BitLocker Administration and Monitoring (MBAM) 2 0 Beta Refresh Release [required for the REFRESH action unless you suspend the disc in Windows first] * Michael Niehaus' Webservice for RIS like autonaming [optional] What does it do ? The HTA allows you to PXE boot into WinPE and use an easy interface for migrating your computers to Windows 7 or Windows 8 using Configuration Manager 2012 Service Pack 1 with MDT 2012 Update 1 integrated. Not only does this HTA now work with Configuration Manager 2012 but it has additional functionality added such as being able to choose the BitLocker Encryption Algorithm, install the System Center 2012 Endpoint Protection client and the ability to install Multi Language options. On the left we have Backup, in the middle it's Reinstall and to the right it's New Computer as denoted by the cool unopened box. In the lower left corner you'll notice two new lines of information, one is the Task Sequence name (handy when you are changing versions) and the other is the current USMT ruleset version (it points to a text file which you maintain, and you can use it to keep track of your internal changes to any custom XML files contained in your USMT ruleset, the name of the file is usmt_rulesets_version.txt and a sample is included, this helps you keep track of changes you make to your migration ruleset and is useful for troubleshooting failed migrations with helpdesks using USB or Standalone media which may be out of date...). clicking on the Info button in the lower left corner brings up even more details about the deployment, the following new items have been added to the Deployment Information window Make Memory Is on Battery Is UEFI Is VM Virtual Platform AssetTag some of the above are new data gathered via the enhanced Gathering ability from MDT 2012 Update 1. and clicking on the CMTrace button will open the current SMSTS.log file in CMTrace so that you can monitor the deployment A closer look at the functionality There are three main choices in the HTA, and they are detailed below: Backup old computer Backup old computer allows you to backup your data in WinPE either locally or to a network share using a mixture (or combination) of ZTIbackup.wsf (for full WIM backups) or scanstate.exe (for file backups). Lastly, you can choose to run a CHKDSK on the disk to check for file corruption. It's all automated, all you have to do is to decide how you want the backup to take place from the options below:- full WIM backup locally full wim backup to network chkdsk offline scanstate to Network folder Once a backup is complete you'll get a popup message notifying you and clicking ok will shutdown the computer. Reinstall computer This option reinstalls Windows 7 or Windows 8 (and retains the users data using hardlinking) on Windows XP or Windows 7 computers and supports the following BitLocker specific scenarios, in the table below anywhere it mentioned 7 you can do the same with Windows 8 if that is the OS you are deploying:- Note: BL=BitLockered and UBL=Not BitLockered, the reinstallation (keep users data, wipe Windows, reinstall Windows, restore data) of already BitLockered computers requires a MBAM backend in order to provide the needed key. XP>7 BL XP>7 UBL 7 BL>7 UBL 7 UBL>7 BL 7 BL>7 BL 7 UBL>7 UBL In addition to the above, you can do the following:- full WIM backup locally full wim backup to network chkdsk Auto Computername Enable (or disable) BitLocker (if the computer has a TPM detected, if not the option is greyed out) Enter a Username (get's added to the Local Administrators group) New Computer This option allows you to perform a new installation of Windows 7 or Windows 8 with or without BitLocker full disc encryption enabled, in addition you can select the type of Advanced Encryption Standard algorithm you want via a drop down menu. Note: The Diffuser option is no longer available to be added to the Advanced Encryption Standard (AES) encryption algorithm for Windows 8. You can also select to Enable SCEP which will install the System Center 2012 Endpoint Protection client during the task sequence so that you are protected and ready to do business. In addition to the above, you can do the following:- specify Regional settings for one or more countries specify Language settings for one or more countries change the computername, or choose to use Auto Computername Enable (or disable) BitLocker (if the computer has a TPM detected, if not the option is greyed out) Restore from a previous backup to network, or State Migration Point Enter a Username (this user get's defined as the User Device Affinity user and get's added to the Local Administrators group, if you don't want them being a local admin simply disable that group in the task sequence.) What else does it do ? In addition to the above the HTA has the following functionality:- detects if the hardware is Lenovo or Dell (you have to add the driver package steps) detects and interrogates the TPM/Bios on Dell and Lenovo hardware to prepare it for BitLocker if no TPM is found it disables the BitLocker capability in the HTA if virtual hardware detected, it disables BitLocker capability (however you can enable this just for testing) allows you to Notify the end user if the task sequence was successful or unsuccessful creates a REG key upon successful task sequence completion and adds it to the registry creates a text file in c:\ with the DATE and TIME to demonstrate successful task sequence copies CMTrace.exe to the Windows\ of the OS drive. The task sequence will check if the computer is connected to power, and if not it will inform the user via a popup, this is done via the new IsOnBattery variable. Once you launch Backup, Reinstall or New Computer, the computername is automatically checked and if it matches MININT- then you'll be prompted to change it manually. In addition there are some debug steps in the task sequence (they are disabled, simply enable them to see the functionality) to allow for things like pausing the task sequence, this is great for troubleshooting. Recommended Reading The BitLocker FrontEnd HTA - http://www.windows-noob.com/forums/index.php?/topic/4811-introducing-the-bitlocker-frontend-hta The windows-noob.com FrontEnd HTA - http://www.windows-noob.com/forums/index.php?/topic/3476-introducing-the-windows-noobcom-frontend-hta-ver-10/ How can I create a boot image with HTA support using MDT - http://www.windows-noob.com/forums/index.php?/topic/1995-how-can-i-create-a-boot-image-with-hta-support-using-mdt/ Introduction to Web Services - http://www.windows-noob.com/forums/index.php?/topic/3247-introduction-to-web-services/ How can I install a Web Service - http://www.windows-noob.com/forums/index.php?/topic/3249-how-can-i-install-a-web-service/ Deploying Language packs offline using MDT - http://www.windows-noob.com/forums/index.php?/topic/3251-customising-windows-7-deployments-part-4/ Deploying Multiple Language Packs offline using MDT - http://www.windows-noob.com/forums/index.php?/topic/5155-customising-windows-7-deployments-part-6-adding-multiple-keyboard-layouts-and-multiple-languages/ Advanced Encryption Standard - http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Operating System Deployment and Endpoint Protection - http://blogs.technet.com/b/configmgrteam/archive/2012/04/12/operating-system-deployment-and-endpoint-protection-client-installation.aspx How to change the default BitLocker encryption method and cipher strength when using the Enable BitLocker task - http://blogs.technet.com/b/configurationmgr/archive/2010/08/10/how-to-change-the-default-bitlocker-encryption-method-and-cipher-strength-when-using-the-enable-bitlocker-task-in-configmgr-2007.aspx MBAM Beta 2.0 - http://windowsteamblog.com/windows/b/springboard/archive/2012/06/12/introducing-microsoft-bitlocker-administration-2-0-beta.aspx Configuring UDA during OSD - http://blogs.technet.com/b/inside_osd/archive/2011/06/20/configuration-manager-2012-user-device-affinity-and-os-deployment.aspx MBAM 2 Setup - http://msandbu.wordpress.com/2012/06/13/mbam-microsoft-bit-locker-administration-and-monitoring-beta-2-0/ BitLocker Overview in Windows 8 - Removed or deprecated functionality - http://technet.microsoft.com/en-us/library/hh831713.aspx Coming Soon Pre-Provision BitLocker ability, currently disabled UEFI ability not added yet Known Issues Stuff that's Fixed: The following issues have been identified and fixed since the last release of the code, if your deployment has any of these problems then download the task sequence and associated files again (files last updated 2013/3/8). included in the ZIP file below, are three custom XML files used in the scanstate/loadstate actions, unless you modify those actions to point to your own XML's you might get some errors like below'scanstate failed because the printer is out of paper (Error: 0000001C; Source: Windows)' error message. simply copy these XML files to the root of your amd64\x86 USMT directories and redistribute your USMT packages to your dp's. As Above you might get a Loadstate Error 27 which is directly related to not finding the XML files above, make sure to copy them to your USMT folders as specified above. Offline scanstate to network (when disc is BitLockered) fails with return code :11, basically there is a typo in the runscanstate-offline_no_hardlinking.bat file, locate the folllowing section and change /offlinewindir:%~2:\windows to /offlinewindir:%~2\windows State Restore (Network) doesn't restore anything due to an option mis-configuration, change Deploymenttype Equals Refresh to DeploymentType Not Equals Refresh State Restore (Network) doesn't restore anything due to a missing file and the file it was pointing to had a /hardlink option in, it shouldn't have ! Stuff that needs to be Fixed: The following Issues have been identified and the resolution is shown below however they have not been fixed in the code downloaded above, which means you have to make the corrections.:- 1. in deploymenu.js line 476 change arr[arr.length] = "USMTdropdown: " + usmtvalue; to arr[arr.length] = "Uddir: " + usmtvalue; 2. Change the options tab for the State Restore SMP to task sequence variable Uddir (was USMTDropdown) as per the screenshot below 3. Change the options tab for the State Restore Network to task sequence variable UDDIR not equals SMP as per the screenshot below 4. The dump variables for debugging has a typo change the command line to:- cscript.exe "%ScriptRoot%\wnb\DumpVars.wsf" 5. Local admin accounts are not migrated in network state store, add /lac:Password to the command line in runloadstatex64_no_hardlinking.bat like below "%~2\USMTbits\amd64\loadstate.exe" "%~1" /c /lac:Password /i:%~2\USMTbits\amd64\miguser.xml /i:%~2\USMTbits\amd64\migapp.xml /i:%~2\USMTbits\amd64\wallpaper.xml /i:%~2\USMTbits\amd64\printers.xml /nocompress /v:5 /l:%~2\Windows\CCM\logs\SMSTSLog\loadstate.log 6. Resolution is not set in WinPE change the Set Screen Resolution step to cmd /c "%scriptroot%\wnb\SETRES" h1024 v768 b32 The backup to network (full wim and scanstate) need some additional changes Add the Connect to Network step in RED in the below two places set the options like so and add an MD to the following line Download the Files In this ZIP you have an exported copy of the System Center 2012 Configuration Manager SP1 task sequence and associated files. Note: If you downloaded the ZIP before March 8th 2013, please download it again again as I've added some bugfixes in the scripts and task sequences. The CM12 BitLocker FrontEnd HTA.zip well that's it, please try this out and tell me what you think of it, I hope you like my efforts :-). Installation Instructions To use the downloaded files see the below instructions, if you need further clarification then please ask.

overlapping boundaries perhaps ?

just grant the account that you are logged on with the same rights as the installer account (which is basically a full administrator)

look for Matching DP location found X - in the above it lists two distribution points that match dp 0 and dp 1 (for your first package) and more dp's for your second package

have either of you looked at these settings yet ? http://technet.microsoft.com/en-us/library/hh825617.aspx#NewWindowsSettings

here's a list of fixes in SP1 http://support.microsoft.com/kb/2801420 This article lists System Center Configuration Manager public hotfixes and KB articles that are included in System Center 2012 Configuration Manager Service Pack 1 (SP1). KB article number KB title 2688247 SQL Server cumulative updates must be manually installed on secondary System Center 2012 Configuration Manager sites that use SQL Server Express 2688285 The Apply button is unavailable after clearing the "Enable PXE support for clients" option on a System Center 2012 Configuration Manager Distribution Point 2688288 Changing the SQL Service Broker port while performing a System Center 2012 Configuration Manager site recovery causes the site to remain in Maintenance Mode 2691550 Multiple error messages are logged in the System Center 2012 Configuration Manager Distmgr.log file when you update shared Distribution Points 2691560 The status of a failed upgrade to a shared Distribution Point may be displayed incorrectly as "Failed to upgrade distribution point" in System Center 2012 Configuration Manager 2691875 Different results are displayed for software updates when you use saved searches in non-English versions of System Center 2012 Configuration Manager 2691946 You cannot reinstall a System Center 2012 Configuration Manager SMS Provider on a server had the same provider previously uninstalled 2693122 A System Center 2012 Configuration Manager Distribution Point contains no deployment package after using the Download Software Updates wizard 2693920 An incorrect number of computers is displayed in the Antimalware Activity report in System Center 2012 Endpoint Protection 2693927 You cannot use the "New Account" option to reset the password on the Active Directory forest discovery account in System Center 2012 Configuration Manager 2712387 WDS does not start on a PXE enabled remote Distribution Point in System Center 2012 Configuration Manager 2713465 Changing a property of a deployment appears to not be saved in System Center 2012 Configuration Manager 2713467 A PXE enabled Distribution Point that uses a self-signed certificate will generate many files in System Center 2012 Configuration Manager 2716956 Using the System Center 2012 Configuration Manager CMTrace log viewer to review a log that contains a line exceeding 8000 characters causes the log to be truncated 2716965 Remote Control fails with error C000012 in System Center 2012 Configuration Manager 2756110 Issues with System Center 2012 Configuration Manager Application Evaluation if a third party deployment type is not registered properly on a client 2709082 After moving the System Center 2012 Configuration Manager SQL Site Database to another drive, creating a new Software Update package or a new application fails 2717295 Description of Cumulative Update 1 for System Center 2012 Configuration Manager 2780664 Description of Cumulative Update 2 for System Center 2012 Configuration Manager 2796086 Configuration Manager Management Points collocated with clients fail after installing Windows Management Framework 3.0 and running Client Health Evaluation Resolutions to the following issues are also included in System Center 2012 Configuration Manager SP1. Setting a schedule in the future for a Software Updates deployment is working now as intended fixing an issue where TSInstallSWUpdate would previously stall and time out. The table ClientModeReadiness is now fully replicated. This fixes a previous issue where the report "Count of clients capable of HTTPS communication” would not return data when run on the CAS or would only return data for a particular primary server the report was run from. Installing a remote distribution point and specifying a local site system installation account, as opposed to a domain account, now no longer creates an untrusted login error. File names with a hash mark (#) are now properly encoded during download. Configuration Manager sites can now be used to back up a Remote SQL Server using the UNC path. In System Center 2012 Configuration Manager RTM, large database modifications included in a single transaction sometimes caused the replication system to take a long time to extract the change and send it over to another site. In SP1, large modifications are no longer allowed in single transaction. When using a variable list to dynamically install a list of applications within a task sequence, if one of the applications cannot be installed because the content is unavailable, policy provider no longer blocks and prevents all other applications from being installed. Task Sequences no longer experience significant processing delays or time outs due to large numbers of install software steps within the sequence when clients have slow or poor connections to the management points.

sure, open a command prompt, type taskmgr, that'll bring up the task manager, you can then kill the current process (cscript ?) and it'll continue on with the next one, however this only works if you have continue on error on that group/step you can always run the USMT loadstate steps manually in the event of a failed migration.

have you configured any custom client settings to enable software and hardware inventory? have you followed the guides here ? if you do they'll explain how to get it working

are you deploying Windows 8 with the Configuration Manager 2012 SP1 ? the Sms\Mobile Client\Software Distribution registry key are safe to ignore, the failed to find suitable drivers are because you have not supplied driver packages containing drivers for the detected hardware, nothing too serious is the deployment failing ?

nope, but i can ask, can you elaborate on exactly what you need to know ?

Back in September, we announced our strategy around unified device management, and how the next releases of Windows Intune and System Center 2012 Configuration Manager will deliver on that vision. As part of today’s update to our Cloud OS vision, we’re pleased to announce that System Center 2012 Configuration Manager and Endpoint Protection Service Pack 1, as well as the latest Windows Intune service, are available today. Together, these releases deliver a unified device management solution for the enterprise, built on a “People-centric” model, where the user is the focus, not the device. IT is able to provide users with access to the corporate resources (applications and data) they need on the devices they choose. Administrators are able to address the unique challenges created by Bring Your Own Device policies by being able to identify and manage endpoint devices, including Windows PCs (physical and virtual), tablets, smartphones, Macs, and embedded devices all through a unified administration console. This blog post highlights new device management capabilities in Windows Intune and System Center 2012 Configuration Manager SP1. For information about new cloud and datacenter capabilities, please read the blog post located here. Windows Intune addresses new challenges IT departments face when managing devices, including: Providing management and software distribution across a range of mobile devices and platforms, including Windows RT, Windows Phone 8, Android, and iOS Through integration with Configuration Manager 2012 SP1, IT administrators will be able to manage both corporate- and personally-owned devices with a single console, making it easier to identify and enforce compliance A self-service portal for selecting and installing company apps With the latest release, the Windows Intune service is now expanded to 45 additional countries taking the total to 87 countries worldwide. Configuration Manager 2012 SP1 contains several enhancements, including: Support for Windows 8 and Windows Server 2012, including delivery of Windows 8 applications, the ability to limit downloads on 3G and 4G network connections to prevent unwanted data charges, and support for Windows To Go Native management of Windows Embedded devices Support for PowerShell for administrative tasks Windows Azure-based Distribution Points Support for Mac OS X devices and Linux and Unix servers Endpoint Protection 2012 SP1 contains enhancements, including: Ability to automatically deploy definition update three times per day Real-time administrative actions to update definitions, scan, and remediate issues quickly Client-side merge of antimalware policies For more information and to sign up for a free 30-day trial subscription to Windows Intune, click here. SP1 can be downloaded by MSDN and TechNet subscribers as well as through the Volume Licensing Software Center. via Technet Blogs > http://blogs.technet.com/b/windowsintune/archive/2013/01/15/delivering-unified-device-management-with-windows-intune-and-system-center-2012-configuration-manager-sp1.aspx

you can do it this way or using an Enable Bitlocker script and customize it to suit your encryption needs

and what version of the client is installed on that server ?

actually this post was originally about setting up the SUP (which involves WSUS) and Windows Deployment Services (WDS), so the Title is correct, however this post has since been superseded with this one.

no, but it takes only a couple of hours, it just has to be a basic CM07 environment and once setup you'll be able to test all the migration abilities, you'll thank yourself later if you do plan on migrating anything if you don't want to migrate anything then don't bother.

the HTA's which this boot image are created for can be found here

how about like so ?

hi Ben did you use media from the VLMS site or from Technet/MSDN ? did you uninstall the WAIK prior to installing the ADK ? did you reboot your server(s) prior to running setup ? did you review this ?

sure try -itanium and -ia64 in the title of your ADR like so

so which one has the old version ? your new site ? or your dp ? one of them has a client version install which is the RTM release of Configuration Manager 2012 (5.00.7711.0000), the other has the SP1 version of the client (5.00.7804.1000)

hi Ben sorry for the delay in responding, was this server running the RTM release of Configuration Manager 2012 prior to the upgrade, did it have any of the Cumulative Updates (cu1, cu2) installed ? can you (briefly) describe your upgrade process on that site server ?

can you show me a screenshot of your site settings for Automatically upgrade clients.... have you configured any Client Deployment methods ? (sup, client push or other ?)

you need to get the smsts.log file in order to find out what's gone wrong, enabled F8 command prompt support in your boot images and press F8 before the errror occurs during deployment, then capture the logs from c:\windows\ccm\logs and attach them here.

At the 11th Annual J.P. Morgan Tech Forum at CES 2013 today, Windows Chief Marketing Officer and Chief Financial Officer Tami Reller announced that Windows 8 has sold 60 million licenses to date. This represents the cumulative sales of Windows 8 including both upgrades and sales to OEMs for new devices. This is a similar sales trajectory that we saw with Windows 7. We have seen a significant increase in the number of Windows 8 certified systems since general availability at the end of October. There are now more than 1,700 certified systems for Windows 8 and Windows RT. I suggest reading this post from Nick Parker putting the spotlight on several very cool new Windows 8 PCs announced by our OEM partners this week at CES. This week we also highlighted strong growth in developers building for Windows 8. Since the opening of the Windows Store the number of apps has quadrupled and we passed the 100 million app download mark – just two months after general availability. via > http://blogs.windows...indows-noob.com