Jump to content


Established Members
  • Content Count

  • Joined

  • Last visited

Everything posted by smaunsell

  1. SUCCESS..... New task: Set Dynamic Variable IF Make equals "Microsoft Corporation" AND Model equals "Surface 3" THEN SET MyModel = "Surface 3" Update existing task: Format and Partition Disk (Surface) 100% of reamining space on disk. NTFS file system. Options: Task Sequence Variable MyModel equals "Surface 3" Update existing task: Format and Partition Disk (Standard) 100GB fixed size. NTFS file system. Options: Task Sequence Variable MyModel notequals "Surface 3" According to https://github.com/Microsoft/SCCMdocs/blob/master/sccm/osd/understand/task-sequenc
  2. I notice that task sequence variables have conditions 'exists, not exists, equals, not equals etc' whereas WMI queries can have eg 'like' and use '%'. It's not clear, that I can find, if task sequence variables can use '%' eg '%surface%' to cover all Surface models. I ran wmic csproduct get name from within Win10 and got Surface 3 so I added a task sequence variable of _SMSTSModel equals "Surface 3" and it failed. I also tried _SMSTSModel equals "%Surface%" and it failed. Also checked the BIOS and got the serial number and added a task sequence variable of _SMSTSSerialNumber equals "
  3. On a side note.......is it possible to use the 'Format and Partition Disk' task and specify a model ie Surface to apply it to? The current task sequence has: 2. Format and Partition Disk - BIOS This group/step will run if the following conditions are met: Task Sequence Variable _SMSTSClientCache not exists Task Sequence Variable _SMSTSMediaType not equals "OEMMedia" Task Sequence Variable _OSDMigrateUseHardlinks not equals "TRUE" Task Sequence Variable _SMSTSBootUEFI not equals "TRUE" Primary 350MB fixed Primary 100% of remaining space on disk 3. Format and Partition Disk - U
  4. It's taken a while pulling them out & putting them back in one by one but I can confirm that to get the touchscreen working on a Surface 3 in WinPE it requires the following drivers be put in the boot image: Surface TouchScreen Device Intel Serial IO GPIO Controller Intel Serial IO SPI Controller
  5. Progress........ I mentioned that I'd started with just the 'Surface TouchScreen Device' driver (you'd think the name would give away that it's what is needed!!) but that didn't work so I added any driver starting with "Surface" eg 'Surface Accessory Device", one by one but it still didn't work. The link from keilamym mentioned that on an HP device it need the "firmware and chipset" driver. There's nothing obviously listed as this for the Surface so I just added all 36 drivers and.....the touchscreen works. Now it'll be a process of removing them one by one to work out which one(s) a
  6. I'm not 100% sure as I didn't create it but I'd be pretty sure it's the Win10 1507 ADK. The version listed in SCCM is 10.0.10240.16384 which is 1507.
  7. Yes, my original post says that's how I've been able to image the Surface. But ideally I'd like to not have to have to do this. I'd like to plug in the USB NIC, boot and press 'next, next, next' on the touchscreen.
  8. I've downloaded the Surface 3 (not Pro) drivers and imported them into a Driver Package. I've edited a task sequence to add these drivers. I have configured the BIOS to boot from the official Microsoft USB NIC and have connected a USB hub with keyboard, mouse & NIC. I can successfully PXE boot and use the USB keyboard to start the process and it completes successfully. But......without the USB keyboard I'm unable to image the Surface. When booting from the NIC it provides and on-screen keyboard to start the PXE process and that works. Once it gets into WinPE and provides the SCCM scre
  9. Soooooooo, it appears that GPOs for Offline Files are all but useless in Win10. Computer Policy can enable/disable and that's about it. The User Policy does nothing - the settings for sync only apply to old OSs. I've had to use a logon script to add the locations that need to be synced:     The Computer Policy setting to 'Configure Background Sync' creates a scheduled task. Anther scheduled task is created (how??) to sync on logon (delayed by 4mins). But that's about all that can be done. #Get current username $username = [Environment]::UserName #Pin AppData $path = \\mydomain.
  10. Has anyone been able to configure this? Specifically via Group Policy. See full details of the issue at https://www.windows-noob.com/forums/topic/14390-windows-10-offline-files-gpo/
  11. After a LOT of Googling I finally came across this. Some call it a "bug", some call it a "feature". It has only just stopped working in build 1511. It appears that 'Offline Files' is not the way to go. It looks like the way forward is with 'Work Folders' so I'll need to do some reading on that. UPDATE: It doesn't look like this is the issue. The 'Continuous Availability' setting is on W2K12 but I've got W2K8R2. I've checked the shares anyway and the offline ability is enabled. The CA issue also says that offline files can't be enabled manually but I can do that - the issue is that I ca
  12. I'm trying to force offline files for laptops. I have 2x GPOs - one for computer and one for user. GPO settings are below. With this configured files are not automatically available offline. The users' folders are redirected via another GPO to \\domain.com\users\users\%username%\ and this is configured in the user GPO under 'Specify administratively assigned offline files'. When going to 'Sync Center' in Control Panel and clicking 'Manage Offline Files' it says 'Offline Files is currently disabled' and there is a button to 'Enable offline files'. Sure, if the user selects this then fil
  13. Interestingly there's no such option for 'operating system drives'. The ability to turn off BitLocker is controlled by local administrative privileges.
  14. Scratch that.....found the GPO setting. Computer Configuration/Policies/Administrative Templates/Windows Components/BitLocker Drive Encryption/Removable Data Drives/Control use of BitLocker on removable drives/ Allow users to suspect and decrypt BitLocker protection on removable data drives - untick It's a bit confusing because in Control Panel/Manage BitLocker it still shows the option to 'Turn off BitLocker' and when clicking it it still prompts if you want to do it and only then does it say that a GPO denies the ability. Removing the ability to access Control Panel/Manage Bi
  15. It appears that if there's a wired connection then the logon screen doesn't show the WiFi connected. If wired is disconnected then it does show the WiFi connected. Odd but not the end of the world. There's no settings in BIOS or Windows to disable WiFi is wired is connected.......but this isn't happening as the WiFi isn't disabled it's just not showing connected.
  16. I'm enabling BitLocker on enterprise Dell laptops and that is working fine. I'm now testing BitLocker To Go and have spotted a permissions issue. It appears that users can control their own BitLocker To Go settings. It is possible, via Group Policy, to enforce passwords on USB drives and the user can then use this to unlock the drive. They can even change the password if required (the Recovery Key is still stored in AD using a GPO if they forget their password). But there is still the ability in 'Manage BitLocker' to turn off BitLocker To Go completely. This seems absurd! The idea of having B
  17. I'm new to SCCM and have been tasked with configuring a WiFi profile for new Win10 laptops. I've created a WiFi profile with the required settings, deployed it to a device collection and confirmed that the laptop receives the config. The SSID is added/saved - in 'Manage WiFi Settings' it is listed under 'Manage known networks' - but it doesn't connect to the network. Multiple restarts fail to resolve this - it never connects automatically. From either the logon screen or once logged on the user can click the SSID and it will connect and work perfectly. It just won't connect automatically. On
  • Create New...