Jump to content


Established Members
  • Posts

  • Joined

  • Last visited

Contact Methods

  • Website URL

Profile Information

  • Gender

devtrends's Achievements


Newbie (1/14)



  1. After working on this for quite some time, I determined that I had a few things incorrect. One issue was that I starting the provisioning process from AMT/BIOS as that was the only way I could get the network card to enable when not in Windows, and I thought this was necessary. This is not a step you want to take, instead you must leave it ready for provisioning, and the provisioning process is actually performed by the SCCM agent. The other issue I had was I put in the wrong HASH because I wasn't thinking clearly. I documented my entire process and will post it online when I have the time.
  2. The USMT migration is encrypted with a key that is apparently generated by a variable associated with the source computer system (Mac address?). Every time a successful capture is performed in a task sequence (Request State Store, Capture, Release Store) a computer association is created in the "User State Migration" section of Assets and Compliance. If you right click on the computer association and choose "Recovery Information" you can view the store location and the recovery key used to decrypt the capture. Using that information you can manually run a loadstate command that restores the user data. To assist with this, I wrote an application that my technicians will use to map a drive to the store location and generate the loadstate command line for the restore. If anyone is interested in my approach, I may have a blog post online at some point.
  3. Hi Rikimaru, Did you ever figure out how to get the AMT status to go from "Not Provisioned" to "Provisioned". I find it odd as well that the Out of Band Management drop down options for the client system are all greyed except the "Discover".
  4. What type of problems are you experiencing and at what point in the TS? The scenario you mention sounds possible, especially since you are capturing the user data in the existing OS. The CheckPoint encryption should only affect you if you were trying to capture user settings in WinPE. I would imagine that if you cannot disable the boot prompt for CheckPoint that you will need to manual enter the credentials. I am starting on a similar scenario soon as well, however, we use McAfee Endpoint. I'll let you know how it goes.
  5. Although not necessarily a solution, I have noticed that checking the "When no local distribution point is available, use a remote distribution point." box under the Distribution Points tab for the deployment of the task sequence resolves the error that no SMPs are found. My initial thought is to be careful with that check box though, as you may find your systems using a DP that is across a slow link.
  6. Hi, I have a scenario that I need to figure out a solution to, in the event that it happens in the real world. I have created a few task sequences in SCCM for zero/lite touch imaging using the built in "Capture User State" and "Restore User State" actions. The TS performs the typical set of actions, capture, image, and restore (along with other custom commands). The TS works great in the lab and in a controlled production environment; however, I foresee an issue that I do not know how to resolve. What happens when a technician runs the TS on some workstations and one workstation fails half way through the imaging piece or fails during the restore state? How do I get the user's files back from the successful scanstate? I know how to locate the .MIG files; however, they are encrypted per SCCM's default scanstate/loadstate command line options. Any thoughts? -Aaron
  • Create New...