anyweb

did you add the clientinstall account as a local administrator of that computer ?

all i can say is ensure you followed the guides exactly as i laid out, in addition look at your component status logs, they will probably hint at your issue.

The next logical step for the windows-noob.com FrontEnd HTA which I released back in April 2011 was to add support for BitLocker, and I've added it along with some bugfixes, a new clean look, and some new functionality. What does it do ? first of all what does this HTA do ? it allows you to PXE boot into Windows PE (yes, PE) and do three types of common scenarios for migrating your computers to Windows 7 with BitLocker. backup old computer (full WIM backup locally, full wim backup to network, chkdsk, offline scanstate to Network folder reinstall computer (reinstalls/refreshes Windows 7 on an Windows XP or Windows 7 computer and supports the following scenarios: where BL=BitLockered and UBL=Not BitLockered XP>7 BL XP>7 UBL 7BL>7UBL 7UBL>7BL 7BL>7BL 7UBL>7UBL New Computer (new installation of Windows 7 with or without BitLocker). In addition to the above you can do the following:- computer associations in WinPE auto-computername (using Michael Niehaus RIS style naming web service) select a language to install during New Computer deployment select regional settings during New Computer deployment see the current computername and change it Input a username and that user becomes the local administrator show info relating to Computername, computername in SCCM, Serial Number, Model, IP address, Mac Address, UUID, Client Identity (GUID), Assigned Site Code, Resource known/unknown, Resource ID supports SMP backup in addition to full wim local, full wim network, and offline mode in WinPE detects if the hardware is Lenovo or Dell and has driver steps included for some common models (you have to download the driver packages yourself however) detects and interogates the TPM/Bios on Dell and Lenovo hardware to prepare it for BitLocker if no TPM found it disables the BitLocker Capability in the HTA if virtual hardware detected, it disables BitLocker capability (however you can enable this just for testing) has the ability to Notfiy the end user if the task sequence was successful or unsuccessful creates a REG key to add succesful task sequence, creates a text file in c:\ to demonstrate successful task sequence cool, yep, very cool. Requirements:- This is not for the faint hearted, you'll need to have the following working before attempting this:- For the reinstall BitLockered computer scenario we need to get our BitLocker recovery key from an MBAM database described here A good understanding of BitLocker, here's some guides i've written about it MDT 2010 update 1 integrated with ConfigMgr Maik Kosters Web Services 7.2 installed - quick quide here SCCM 2007 SP2 R2 or later Implement Offline scanstate in WinPE as shown here Install Language packs Offline using SCCM 2007 sp2 ok enough already give it to me ! Download the ZIP here it is, download this and import the task sequence XML file, copy the WNB and BitLocker folders as sub-directories of a newly created MDT Files package. Update your MDT Files package and get started Note: If you downloaded the ZIP before 12th of January then download it again as I fixed a few bugs in the task sequence. The BitLocker HTA.zip Show me some screenshots here's some screenshots:- The Backup computer screen The Reinstall Computer screen with BitLocker checkbox enabled The New Computer Screen with the BitLocker checkbox unchecked Show Info Screen I'll post bugfixes and known issues shortly as they roll in, if you are in any way struggling with this then read the windows-noob.com Frontend HTA guide here please as it explains how to get this all working. Known Issues * BitLocker doesn't get enabled if you use the Microsoft supplied EnableBitLocker.vbs script when also selecting a Language pack. Solution. Replace the script with EnableBitLocker_Multi.vbs instead or use the built in Enable BitLocker step (note that step doesn't have as much customization built in as the script does). * Regional And Language settings may not be applied properly causing task sequence failure. Solution, make sure that you are using the correct architecture XML file in the Apply Operating System Step otherwise it will fail., in addition your Language Pack files packages must match the architecture you are deploying, for example, if you are deploying Windows 7 X64 then your language packages must also be X64 or the task sequence will fail to add languages and additionally fail to add the custom local administrator if one is specified. This is not a bug in the task sequence ! Add the correct architecture Language pack files and unattend.xml and all is good. * All Loadstate functions are hard coded for X64 OS. Solution, the task sequence assumes you are deploying Windows 7 X64 OS, if you want to deploy Windows 7 X86 you can enable the X86 steps in the task sequence and add some logic to detect if the os is x86 or x64 and act accordingly, if i have time i will re-release a version of this with the logic in it. * Icons not displaying or red X appearing where the icons should be on bare metal (new computer) scenarios .... Solution, make sure that the hard disc is partitioned and formatted before testing the HTA. cheers ! niall.

you shouldnt' be using beta 2, use the release candidate version instead, i have a new set of guides already posted for that here

good stuff, check your personal message i sent you cheers niall

that's only the index of updates, ie: whats available, so unless you downloaded everything you've nothing to be concerned about if you want to verify that look at whether each update is downloaded or not, also, to sort the updates use the Search ability and add criteria, for example type in definition updates in the search field and click search

well i dont know how you can boot into winpe to the sccm 2007 server and switch to another server mid install, it doesnt work like that, it's either one or the other, how would the cm12 server know that you pxe booted ? how would it know that you selected an advertisement/deployment, what i'd suggest you do is pxe boot on the CM12 side and install your computers there, or is there a reason not to do this ?

Configuration Manager 2012 is still in release candidate so unless you are a TAP customer you shouldn't have it installed in production, so are you ?

MDOP requires a specific license from Microsoft, you need to talk to your Microsoft Technical Account Manager for assistance with that, cheers

nice post, i'll pin it ! keep it up

did you do anything differently in relation to the lab setup ?

strange, in your configmgr status logs do you see any clues as to what the failure is ?

if you restart that server does it work then ?

well for bitlocker the system reserved partition contains the boot info for the disc so you need it intact,

reimage as in refresh ? or reimage as in new computer, please explain which you mean

and you definetly added the hyperv role to this server ?

it's been renamed to Create Microsoft Deployment Task sequence (from memory, havnt got access to a lab at the moment), did you integrate MDT with SCCM ?

click on See Details, what does it say ?

you didn't answer my question properly, are you starting Internet Explorer, by right clicking on it, and choosing Run As Administrator ?

are you starting internet explorer by right clicking it and choosing 'run as administrator' ?

Today we are sharing our plan to automatically upgrade Windows customers to the latest version of Internet Explorer available for their PC. This is an important step in helping to move the Web forward. We will start in January for customers in Australia and Brazil who have turned on automatic updating via Windows Update. Similar to our release of IE9 earlier this year, we will take a measured approach, scaling up over time. As always, when upgrading from one version of Internet Explorer to the next through Windows Update, the user’s home page, search provider, and default browser remains unchanged. Good for Consumers, Developers and Enterprises The Web overall is better – and safer – when more people run the most up-to-date browser. Our goal is to make sure that Windows customers have the most up-to-date and safest browsing experience possible, with the best protections against malicious software such as malware. For consumers, the safety benefits are one of the key reasons that the industry has been moving towards automatic updates as the norm. This is increasingly important since the biggest online threat these days is socially engineered malware, which typically targets outdated software like Web browsers. The latest Microsoft Security Intelligence Report, which is based on data from over 600 million systems in over 100 countries, is good reading to give you a sense of risks that stem from outdated software. We want to make updating to the best protection possible as fast and simple as we can for Windows customers. IE is how millions of Windows customers connect to the Web, so keeping that part of Windows updated at all times is critical to keeping them safe online. With automatic updates enabled through Windows Update, customers can receive IE9 and future versions of Internet Explorer seamlessly without any “update fatigue” issues. Wider deployment of the most up-to-date browser benefits the Web in other ways as well. Developers and online businesses can rely on better browsers to deliver richer and more capable Web experiences. We built IE9 with a focus on modern web standards and interoperability so that developers could spend less time coding for specific browsers and spend more time building the next big thing on the Web. More of the Web running an HTML5 capable browser, vs. something built ten years ago, is a great thing for developers and the businesses they support. Respecting Customer Choice and Control While the benefits of upgrading are numerous, we recognize that some organizations and individuals may want to opt-out and set their own upgrade pace. One of the things we’re committed to as we move to auto updates is striking the right balance for consumers and enterprises – getting consumers the most up-to-date version of their browser while allowing enterprises to update their browsers on their schedule. The Internet Explorer 8 and Internet Explorer 9 Automatic Update Blocker toolkits prevent automatic upgrades of IE for Windows customers who do not want them. Of course, we firmly believe that IE9 is the most compelling browser for business customers, and we want them to make the decision to upgrade at their convenience. Commercial customers can learn more about how this auto upgrade affects them here. Similarly, customers who have declined previous installations of IE8 or IE9 through Windows Update will not be automatically updated. Customers have the ability to uninstall updates and continue to receive support for the version of IE that came with their copy of Windows. And similar to organizations, consumers can block the update all together and upgrade on their own. Finally, future versions of IE will provide an option in the product for consumers to opt out of automatic upgrading. Peter Clarke, Chief Technology Officer for the Isle of Man government, recently talked about the importance of approach in moving the Web forward, while respecting customer choice: “Getting people to use the latest browser version has many benefits, chief among them is that newer browsers have better security features and keep users safer. The Internet Explorer team’s balanced approach to helping people move to the latest version is a good idea. Not only does it help individual users, it also takes into consideration the needs of enterprises.” Jeremiah Grossman, Chief Technology Officer and founder of WhiteHat Securityagrees as well, saying… "Automatic updates are a very good idea based on every piece of security research I've seen. Keeping software up to date - particularly Web browsers - is critical for online security. With that in mind, I'm pleased that Microsoft is moving toward an automatic update model, particularly since their approach balances the needs of enterprise customers who still need a mechanism to manage software updates." We are excited to help make the Web better by upgrading Windows customers to the latest version of Internet Explorer. Ryan Gavin General Manager, Internet Explorer Business and Marketing via > http://windowsteambl...-windows-7.aspx

1. I select this option as license files can be downloaded and stored in the WSUS local store. 2. yes you can run a WSUS cleanup monthly, I haven't tested the exact scenario you are asking about but if you beat me to it then please share your experiences

have you verified DNS is working first of all, try nslookup does that work for you ?

hi are you testing with Beta 2 or Release Candidate 1 ? RC1 is the current release and i have guides for it here

yes, no problem at all to advertise several task sequences to the All Unknown Computers collection and to use them like this the error you are seeing (if it occurs during applying the wim image) is network related, is it dropping the IP address ? try a different switch/location