Jump to content




Sign in to follow this  
anyweb

How can I Deploy Applications based on AD security group membership for Computers using a Task Sequence



Recommended Posts

The following guide is based upon a post by Daniel Oxley on The Deployment Guys blog where he showed a MDT Task Sequence which could install applications based on Active Directory queries, I have modified the script provided and created a brand new Task Sequence for System Center Configuration Manager 2007. All you have to do is to import the Task Sequence into ConfigMgr and start dynamically installing applications.

 

Note: This post is reproduced as a Webcast here.

 

Ok first of all understand what this does and what you need done in the back-end.

 

What does this do ?

 

The task sequence will set some variables, make a call to Active Directory using a user you define within the task sequence, then based upon the results returned will set another variables value to True or False based on whether a COMPUTER is a member of an Active Directory Security Group. It can loop through this many times to install several applications 'on the fly' during an OSD task sequence, the advantage of this is that the Task Sequence becomes dynamic based upon where the COMPUTER is present in AD.

 

xp2 is a member.jpg

 

In the above Screenshot, the computer XP2 (amongst others) is a member of the FireFox Users Active Directory Security Group. Therefore if we run the Task Sequence (and thus the script) on that computer it will return a value of True for membership of the FireFox Users Active Directory Security Group and therefore the FireFox application will be installed during the Task Sequence dynamically.

 

 

 

 

What does it need ?

 


     
  • You must have created some Active Directory Security Groups in AD for the applications you are intending to dynamically install and you should add the computer account to these groups, if the computer is not a member of the Active Directory Security Group then the software will not be installed via the task sequence.
  • You must have some applications pre-created in SCCM which can install as part of a normal task sequence.
  • You will need an Active Directory user which we will use to connect to AD to get the info. (I have created a standard user called QueryAd, for security reasons you should only grant this user the appropriate access in Active Directory).
  • You will need full access to AD to add computers to the selected Active Directory Security Group(s) and to verify the Distinguished Names needed for the Task Sequence Steps.
  • You will need MDT 2010 integrated with SCCM and you will need to add the custom script CUSTOM_AppInstall.wsf to the scripts folder contained within the MDT2010Files package.
     
    custom_appinstall.wsf copied to scripts folder.jpg
     
    Once you have added the file you must update the Distribution Points for that package.

 

update dp for mdt2010 files.jpg

 

 

 

 

 

 

Editing the Task Sequence

 

Ok now that you have what is needed, let's put it into action.

 

Import the following task sequence into SCCM.

 

install APPS for COMPUTER via LDAP - multiapp.xml

 

the task sequence closeup.jpg

 

Ok let's go through the Task Sequence Step by Step. If you import the Task Sequence above you'll have all this work done for you and you'll just need to edit your application names/distinguished names/package/program location etc, but below is an explanation of how it all works and what it means.

 

 

 

Set DomUser

Here we set the username for the Active Directory User that we will use to connect to AD to verify if the Computer Account is a member of that Active Directory Security Group.

 

Set DomPassword

Password for the above user. As it's in clear text within the Task Sequence, you will want to set the users permissions accordingly in Active Directory.

 

Set FQDNDC

Set the Fully Qualified Distinguished Name for the Domain Controller, eg: ad1.server2008.lab.local

 

Set NetbiosDC

Set the Netbios name of your DC, eg: ad1

 

Use Toolkit Package

This step is copied from a standard Microsoft Deployment Toolkit Task sequence within SCCM, and as such merely points to the MDTFiles package.

 

FireFox

This is just a group name of the application we want installed.

 

Set ADGROUP

Here we set the Fully Qualified Distinguised Name of the Active Directory Security Group that we want to check in AD. eg: CN=Firefox Users,OU=Applications Group,OU=Inf,DC=server2008,DC=lab,DC=local. To find out how to obtain the Distinguished Name, please read this.

 

query LDAP

Here we actually call the CUSTOM_AppInstall.wsf script from within the previously downloaded MDTFiles package. It will return two possible values, false or true based on whether or not it can find the computer account in the Active Directory Security Group specified in the ADGROUP step above.

 

Install FireFox

This is a standard package installer step (Install a single application) which will point to your chosen application package and the program contained within. If no Program appears in the drop down menu then verify that the Program options below are set:

 

On the Environment tab of the program,

 

* Program can run: whether or not a user is logged on

* Run Mode: Allow users to interact with the program must be UNCHECKED (not selected).

 

On the Advanced tab of the program,

 

* select Allow this program to be installed from the Install Software task sequence without being advertised

 

Note: Click on the options tab and set it as follows, click on the Add condition drop down menu, select Task Sequence Variable, for Variable name enter InstallAPP for Value set True

 

This group step will run if the following conditions are met.jpg

 

 

Download the following:-

 

Here is the CUSTOM_AppInstall.wsf file zipped, Unzip and follow the instructions above to use..

 

CUSTOM_AppInstall.zip

Share this post


Link to post
Share on other sites


Getting the Distinguished Name info from AD

 

One of the big requirements of this task sequence is correctly identifying the Distinguished Names of your Active Directory User and the Active Directory Security Group. Our applications groups may look something like this in Active Directory Computers and Users.

 

active directory security groups.jpg

 

So how do we find that info, On your AD, open up Computers and Users. Click on the View option and enable Advanced Features.

 

enable advanced features in active directory users and computers.jpg

 

Now you can browse to the Applications respective Security Group and right click on it, in the example below we are looking at the Winzip AD Security Group. Double click on the group, choose the Attribute Editor tab and scroll down to Distinguished Name. The result is what we need for our task Sequence.

 

distinguished name for Winzip Users.jpg

 

While you are at it, verify the Distinguished Name of your Active Directory QueryAD user.

 

distinguished name for active directory QueryAD user.jpg

Share this post


Link to post
Share on other sites

Troubleshooting the MultiApp Task Sequence

 

Start the Task Sequence via RAP

 

install apps for computer via ldap multiapp via RAP in windows 7.jpg

 

and verify that your applications install as part of the Task Sequence.

 

The Custom_AppInstall.wsf script contains some debugging lines which will write to your SMSTS.log file during the task sequence being deployed,

 

below is a sample where it has correctly found that a computer account is in an Active Directory Security Group and therefore sets the InstallApp variable to True.

 

firefox true in mdt logs.jpg

 

and the following is an application install being skipped because the computer account was not found in AD and therefore InstallAPP was set to False.

 

install adobe reader 9.2 has been skipped because  false.jpg

Share this post


Link to post
Share on other sites

yes, you could use Collection variables or Computer Variables to define any variable set in the task sequence, and collection variables have the advantage of hiding the password value entered,

 

I'll raise that in another post if I have time.

Share this post


Link to post
Share on other sites

yes, you could use Collection variables or Computer Variables to define any variable set in the task sequence, and collection variables have the advantage of hiding the password value entered,

 

I'll raise that in another post if I have time.

 

I have a quick question. When dealing with many DC, is there a way to make it verify a list of DC instead of only one.

 

The guys here are used to make changes directly on their local DC so I cannot predict where the computer account will be created. The only solution I came with was to put that variable in a specific collection specially made for their location. Once again there, I have one location with 2 DC­.

 

If I write a list of DC in the FQDNDC variable, will it be ok?

 

Thanks for your help.

 

Mathieu

Share this post


Link to post
Share on other sites

it will probably fail (feel free to verify please and report back) as the back end WSF file (CUSTOM_AppInstall.wsf) isn't expecting that input, you'll have to talk to your scripter(s) and ask them to rewrite the back end script to take account of multiple dc's and once you have it working, post it here :)

 

cheers

niall

Share this post


Link to post
Share on other sites

This is a great idea! But, I'm receiving an error if the computer is not in a group that's causing the task sequence to fail. If the machine is in the AD group the script runs fine. I enabled the Set InstallApp step at the beginning of the sequence but it still fails.

 

Here's the section of the smsts.log that shows the error:

 

Property INSTALLAPP is now = False InstallSoftware 10/12/2010 4:09:09 PM 4008 (0x0FA8)

Process completed with exit code 1 InstallSoftware 10/12/2010 4:09:14 PM 4008 (0x0FA8)

C:\_SMSTaskSequence\WDPackage\Scripts\custom_appinstall.wsf(77, 3) Active Directory: The directory property cannot be found in the cache. InstallSoftware 10/12/2010 4:09:14 PM 4008 (0x0FA8)

InstallSoftware 10/12/2010 4:09:14 PM 4008 (0x0FA8)

InstallSoftware 10/12/2010 4:09:14 PM 4008 (0x0FA8)

Command line returned 1 InstallSoftware 10/12/2010 4:09:14 PM 4008 (0x0FA8)

Process completed with exit code 1 TSManager 10/12/2010 4:09:14 PM 1212 (0x04BC)

!--------------------------------------------------------------------------------------------! TSManager 10/12/2010 4:09:14 PM 1212 (0x04BC)

Failed to run the action: query LDAP. Incorrect function. (Error: 00000001; Source: Windows) TSManager 10/12/2010 4:09:14 PM 1212 (0x04BC)

Share this post


Link to post
Share on other sites

according to your error:

 

"The directory property cannot be found in the cache"

 

http://technet.microsoft.com/en-us/library/ee198836.aspx

 

 

If an attribute does not contain a value, the attribute does not exist according to LDAP specifications. This results in an ADSI error with an error code of &h8000500D.

 

You can avoid this error in the following ways:

 

*

 

Place the On Error Resume Next statement at the top of the script, as shown in line 1 of Listing 7.12.

*

 

Use the On Error Resume Next statement to test for the &h8000500D error code. If there is an error, display the attributes name and a message stating that there is no value. Otherwise, display the attributes name and value.

Share this post


Link to post
Share on other sites

according to your error:

 

 

 

http://technet.microsoft.com/en-us/library/ee198836.aspx

 

 

If an attribute does not contain a value, the attribute does not exist according to LDAP specifications. This results in an ADSI error with an error code of &h8000500D.

 

You can avoid this error in the following ways:

 

*

 

Place the On Error Resume Next statement at the top of the script, as shown in line 1 of Listing 7.12.

*

 

Use the On Error Resume Next statement to test for the &h8000500D error code. If there is an error, display the attributes name and a message stating that there is no value. Otherwise, display the attributes name and value.

 

Found out what was missing...a group member. In my testing I created a couple groups. One of them didn't have a member so I could see if the script would skip that app install if my test system wasn't in that group. Once I added in another system as a member of that group the script ran fine. Thanks for the quick reply to my question!

Share this post


Link to post
Share on other sites

because you want your computer(s) installed with applications dynamically as part of the operating system installation, or your just want a task sequence to dynamically install a list of applications in a set order on computers,

Share this post


Link to post
Share on other sites

I wanted to post this for a long time now, but always forgot it. I had to slightly modify the script because there is an design error in the objGroup.GetEx("member") function. THis causes the script to fail if the AD Group is empty. So here is the modfied part which will avoid this problem.

 

'

objGroup.getinfo

 

Set objComputer = CreateObject("WScript.Network")

Dim strComputer

strComputer = objComputer.ComputerName

On Error Resume Next

arrMemberOf = objGroup.GetEx("member")

'Loop through group members

If (Err.Number = 0) Then

On Error GoTo 0

For Each strMember In arrMemberOf

If InStr(UCase(strMember), UCase(strComputer)) > 0 Then

'Match found, edit variable and exit

oEnvironment.Item("INSTALLAPP") = True

WScript.Echo "Is a Member: " & strMember & " - " & oEnvironment.Item("INSTALLAPP")

WScript.Quit(0)

End If

Next

Else

oEnvironment.Item("INSTALLAPP") = False

WScript.Quit(0)

End If

 

'No match, just exit

 

 

Just by the way. Great Script. Using it for a good while now.

Share this post


Link to post
Share on other sites

Quick question regarding this script. Is it possible to search through a nested group and return true or false? Or do you have some tips on how to this could be accomplished. Thanks for this initial script it works great, but i'm running into a road block regarding searching through a nested group.

 

Thanks

Share this post


Link to post
Share on other sites

Hi great article, I'm just about to set this up, been battling trying to get a TS working that will upgrade existing software if TS finds a previous version already installed, this should do it. Oh and just found the file I needed CUSTOM_AppInstall.wsf

 

Cheers

Share this post


Link to post
Share on other sites

HI,

I tried following this and it seems to find every time the value at false ..

Gravité Type Code du site Date/Heure Système Composant ID de message Description

Informations Marque AST 2012-04-02 10:10:18 C-ST-LAB5-E02 Task Sequence Manager 11171 Le Gestionnaire des séquences de tâches a terminé l'exécution de la séquence de tâches.

Informations Marque AST 2012-04-02 10:10:18 C-ST-LAB5-E02 Task Sequence Engine 11143 Le moteur d'exécution des séquences de tâches a terminé une séquence de tâches.

Informations Marque AST 2012-04-02 10:10:18 C-ST-LAB5-E02 Task Sequence Engine 11127 Le moteur d'exécution des séquences de tâches a terminé le groupe (Configurer le système d'exploitation).

Informations Marque AST 2012-04-02 10:10:18 C-ST-LAB5-E02 Task Sequence Engine 11127 Le moteur d'exécution des séquences de tâches a terminé le groupe (Installer les logiciels).

Informations Marque AST 2012-04-02 10:10:18 C-ST-LAB5-E02 Task Sequence Engine 11127 Le moteur d'exécution des séquences de tâches a terminé le groupe (settings for fetching AD).

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11127 Le moteur d'exécution des séquences de tâches a terminé le groupe (LAB).

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Esobi) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Math app) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Math add-in) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Easyphp) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Firefox) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (cs 5.5) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (sketchup) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (google earth) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (chrome) dans le groupe (LAB) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:17 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (query LDAP) dans le groupe (LAB) avec code de sortie 0 Sortie de l'action : =======================[ smsswd.exe ] ======================= PackageID = '' BaseVar = '', ContinueOnError='' SwdAction = '0001' Command line for extension .exe is "%1" %* Set command line: Run command line Working dir 'not set' Executing commandline: Run command line.

Informations Marque AST 2012-04-02 10:10:16 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Set ADGROUP) dans le groupe (LAB) avec code de sortie 0 Sortie de l'action : Finished with error code 0.

Informations Marque AST 2012-04-02 10:10:16 C-ST-LAB5-E02 Task Sequence Engine 11124 Le moteur d'exécution des séquences de tâches a démarré le groupe (LAB).

Informations Marque AST 2012-04-02 10:10:16 C-ST-LAB5-E02 Task Sequence Engine 11127 Le moteur d'exécution des séquences de tâches a terminé le groupe (ADMIN).

Informations Marque AST 2012-04-02 10:10:16 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Pluripdf) dans le groupe (ADMIN) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:16 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Pervasive) dans le groupe (ADMIN) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:16 C-ST-LAB5-E02 Task Sequence Engine 11130 Le moteur d'exécution des séquences de tâches a ignoré l'action (Antidote) dans le groupe (ADMIN) car la condition a été évaluée à False.

Informations Marque AST 2012-04-02 10:10:16 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (query LDAP) dans le groupe (ADMIN) avec code de sortie 0 Sortie de l'action : =======================[ smsswd.exe ] ======================= PackageID = '' BaseVar = '', ContinueOnError='' SwdAction = '0001' Command line for extension .exe is "%1" %* Set command line: Run command line Working dir 'not set' Executing commandline: Run command line Microsoft ® Windows Script Host Version 5.8 Copyright © Microsoft Corporation 1996-2001. Tous droits r‚serv‚s. Microsoft Deployment Toolkit version: 5.1.1642.01 The task sequencer log is located at C:\WINDOWS\system32\CCM\Logs\SMSTSLog\SMSTS.LOG. For task sequence failures, please consult this log. User: CN=fetch,CN=Users,DC=academie,DC=ste-therese,DC=com FQDN DC: dc1.academie.ste-therese.com Netbios:dc1 Group: CN=admin_soft,DC=academie,DC=ste-therese,DC=com Property INSTALLAPP is now = Faux.

Informations Marque AST 2012-04-02 10:10:13 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Set ADGROUP) dans le groupe (ADMIN) avec code de sortie 0 Sortie de l'action : Finished with error code 0.

Informations Marque AST 2012-04-02 10:10:13 C-ST-LAB5-E02 Task Sequence Engine 11124 Le moteur d'exécution des séquences de tâches a démarré le groupe (ADMIN).

Informations Marque AST 2012-04-02 10:10:13 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Use Toolkit Package) dans le groupe (settings for fetching AD) avec code de sortie 0 Sortie de l'action : ' Executing command line: Run command line Microsoft ® Windows Script Host Version 5.8 Copyright © Microsoft Corporation 1996-2001. Tous droits r‚serv‚s. Property LogPath is now = C:\WINDOWS\system32\CCM\Logs\SMSTSLog Microsoft Deployment Toolkit version: 5.1.1642.01 The task sequencer log is located at C:\WINDOWS\system32\CCM\Logs\SMSTSLog\SMSTS.LOG. For task sequence failures, please consult this log. Property Debug is now = FALSE Property ScriptRoot is now = C:\_SMSTaskSequence\Packages\AST00012\Scripts ScriptRoot = C:\_SMSTaskSequence\Packages\AST00012\Scripts Property DeployRoot is now = C:\_SMSTaskSequence\Packages\AST00012 DeployRoot = C:\_SMSTaskSequence\Packages\AST00012 Property ToolRoot is now = C:\_SMSTaskSequence\Packages\AST00012\Tools\X86 ToolRoot = C:\_SMSTaskSequence\Packages\AST00012\Tools\X86 DeployRoot = C:\_SMSTaskSequence\Packages\AST00012 Property ResourceRoot is now = C:\_SMSTaskSequence\Packages\AST00012 ResourceRoot = C:\_SMSTaskSequence\Packages\AST00012.

Informations Marque AST 2012-04-02 10:09:13 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Set NetbiosDC) dans le groupe (settings for fetching AD) avec code de sortie 0 Sortie de l'action : Finished with error code 0.

Informations Marque AST 2012-04-02 10:09:13 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Set FQDNDC) dans le groupe (settings for fetching AD) avec code de sortie 0 Sortie de l'action : Finished with error code 0.

Informations Marque AST 2012-04-02 10:09:13 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Set DomPassword) dans le groupe (settings for fetching AD) avec code de sortie 0 Sortie de l'action : Finished with error code 0.

Informations Marque AST 2012-04-02 10:09:13 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Set DomUser) dans le groupe (settings for fetching AD) avec code de sortie 0 Sortie de l'action : Finished with error code 0.

Informations Marque AST 2012-04-02 10:09:13 C-ST-LAB5-E02 Task Sequence Engine 11134 Le moteur d'exécution des séquences de tâches a terminé l'action (Set InstallAPP) dans le groupe (settings for fetching AD) avec code de sortie 0 Sortie de l'action : Finished with error code 0.

Informations Marque AST 2012-04-02 10:09:13 C-ST-LAB5-E02 Task Sequence Engine 11124 Le moteur d'exécution des séquences de tâches a démarré le groupe (settings for fetching AD).

And here is the task sequence I created .. instead of querying the AD for each app, I created 2 folders and I query AD at the beginning of the folder.

 

<?xml version="1.0"?>

<SmsTaskSequencePackage xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

<BootImageID>AST0000D</BootImageID>

<Category />

<DependentProgram />

<Description />

<Duration>360</Duration>

<Name>Deploy Win7 - custom apps</Name>

<ProgramFlags>152084496</ProgramFlags>

<SequenceData>

<sequence version="3.00">

<referenceList>

<reference package="AST0000E" />

<reference package="AST00041" />

<reference package="AST00042" />

<reference package="AST00053" />

<reference package="AST00048" />

<reference package="AST00049" />

<reference package="AST0004B" />

<reference package="AST0004D" />

<reference package="AST0004C" />

<reference package="AST0004E" />

<reference package="AST00050" />

<reference package="AST0004F" />

<reference package="AST00020" />

<reference package="AST00039" program="c++ runtime" />

<reference package="AST00023" program="Office 2010" />

<reference package="AST00037" program="flash" />

<reference package="AST00036" program="java" />

<reference package="AST00038" program="quicktime" />

<reference package="AST00033" program="Lync" />

<reference package="AST00012" />

<reference package="AST00032" program="Antidote" />

<reference package="AST00034" program="Pervasive" />

<reference package="AST00035" program="pluripdf" />

<reference package="AST0003B" program="chrome" />

<reference package="AST0003C" program="google earth" />

<reference package="AST0003D" program="sketchup" />

<reference package="AST0003A" program="cs 5.5" />

<reference package="AST0003E" program="firefox" />

<reference package="AST0003F" program="easyphp" />

<reference package="AST00009" program="math add-in" />

<reference package="AST0000A" program="Maths APP" />

<reference package="AST0000B" program="esobi" />

</referenceList>

<globalVarList>

<variable name="OSDEnableTCPIPFiltering" property="EnableTCPIPFiltering">false</variable>

<variable name="OSDAdapterCount" property="NumAdapters">0</variable>

</globalVarList>

<group name="Installer le système d'exploitation" description="Actions pour installer et configurer l'image sous Windows PE">

<step type="SMS_TaskSequence_RebootAction" name="Redémarrer dans Windows PE" description="" runIn="WinPEandFullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">false</variable>

<variable name="Variable">_SMSTSInWinPE</variable>

</expression>

</condition>

<action>smsboot.exe /target:WinPE</action>

<defaultVarList>

<variable name="SMSRebootMessage" property="Message">Un nouveau système d'exploitation Microsoft Windows est en cours d'installation. L'ordinateur doit redémarrer avant de continuer.</variable>

<variable name="SMSRebootTimeout" property="MessageTimeout">10</variable>

<variable name="SMSRebootTarget" property="Target" hidden="true">WinPE</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_PartitionDiskAction" name="Partitionner le disque 0" description="Actions pour effectuer la partition et le formatage du nouvel ordinateur" runIn="WinPE" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">notExists</variable>

<variable name="Variable">_SMSTSClientCache</variable>

</expression>

</condition>

<action>osddiskpart.exe</action>

<defaultVarList>

<variable name="OSDDiskIndex" property="DiskIndex">0</variable>

<variable name="OSDDiskType" property="DiskType">Basic</variable>

<variable name="OSDDiskpartBiosCompatibilityMode" property="DiskpartBiosCompatibilityMode">false</variable>

<variable name="OSDGPTBootDisk" property="GPTBootDisk">false</variable>

<variable name="OSDPartitionStyle" property="PartitionStyle">MBR</variable>

<variable name="OSDPartitions" property="Partitions" hidden="true">1</variable>

<variable name="OSDPartitions0Bootable" property="Partitions0Bootable">true</variable>

<variable name="OSDPartitions0FileSystem" property="Partitions0FileSystem">NTFS</variable>

<variable name="OSDPartitions0QuickFormat" property="Partitions0QuickFormat">true</variable>

<variable name="OSDPartitions0Size" property="Partitions0Size">100</variable>

<variable name="OSDPartitions0SizeUnits" property="Partitions0SizeUnits">PERCENT</variable>

<variable name="OSDPartitions0Type" property="Partitions0Type">PRIMARY</variable>

<variable name="OSDPartitions0VolumeLetterVariable" property="Partitions0VolumeLetterVariable">

</variable>

<variable name="OSDPartitions0VolumeName" property="Partitions0VolumeName">Par défaut</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyOperatingSystemAction" name="Appliquer le système d'exploitation" description="Actions pour appliquer le système d'exploitation" runIn="WinPE" successCodeList="0">

<action>OSDApplyOS.exe /image:AST0000E,%OSDImageIndex%</action>

<defaultVarList>

<variable name="OSDImageIndex" property="ImageIndex">1</variable>

<variable name="ImagePackageID" property="ImagePackageID" hidden="true">AST0000E</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyWindowsSettingsAction" name="Appliquer les paramètres Windows" description="Actions pour appliquer les paramètres Windows" runIn="WinPE" successCodeList="0">

<action>osdwinsettings.exe /config</action>

<defaultVarList>

<variable name="OSDLocalAdminPassword" property="AdminPassword">

</variable>

<variable name="OSDComputerName" property="ComputerName">%_SMSTSMachineName%</variable>

<variable name="OSDProductKey" property="ProductKey">

</variable>

<variable name="OSDRandomAdminPassword" property="RandomAdminPassword">false</variable>

<variable name="OSDRegisteredOrgName" property="RegisteredOrgName">SCCM</variable>

<variable name="OSDRegisteredUserName" property="RegisteredUserName">Administrateur</variable>

<variable name="OSDServerLicenseConnectionLimit" property="ServerLicenseConnectionLimit">5</variable>

<variable name="OSDTimeZone" property="TimeZone">Eastern Standard Time</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyNetworkSettingsAction" name="Appliquer les paramètres réseau" description="Actions pour configurer les paramètres réseau" runIn="WinPEandFullOS" successCodeList="0">

<action>osdnetsettings.exe configure</action>

<defaultVarList>

<variable name="OSDDomainName" property="DomainName">academie.ste-therese.com</variable>

<variable name="OSDDomainOUName" property="DomainOUName">LDAP://OU=Ordinateurs,OU=ST,DC=academie,DC=ste-therese,DC=com</variable>

<variable name="OSDJoinPassword" property="DomainPassword">

</variable>

<variable name="OSDJoinAccount" property="DomainUsername">academie\administrateur</variable>

<variable name="OSDEnableTCPIPFiltering" property="EnableTCPIPFiltering" hidden="true">false</variable>

<variable name="OSDNetworkJoinType" property="NetworkJoinType">0</variable>

<variable name="OSDAdapterCount" property="NumAdapters" hidden="true">0</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_AutoApplyAction" name="Appliquer les pilotes de périphériques" description="" disable="true" continueOnError="true" runIn="WinPE" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">notEquals</variable>

<variable name="Value">FullMedia</variable>

<variable name="Variable">_SMSTSMediaType</variable>

</expression>

</condition>

<action>osddriverclient.exe /auto /bestmatch:%OSDAutoApplyDriverBestMatch% /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDAutoApplyDriverBestMatch" property="BestMatch">false</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">true</variable>

</defaultVarList>

</step>

<group name="DRIVERS" description="">

<group name="m81 drivers" description="">

<condition>

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "5032A63"</variable>

</expression>

</condition>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST00041 /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST00041</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST00042 /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST00042</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

</group>

<group name="m90z" description="">

<condition>

<operator type="or">

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "0870A4F"</variable>

</expression>

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "0800A2F"</variable>

</expression>

</operator>

</condition>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST00053 /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST00053</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST00048 /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST00048</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST00049 /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST00049</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

</group>

<group name="m55-57" description="">

<condition>

<operator type="or">

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "6073A2F"</variable>

</expression>

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "6072ASF"</variable>

</expression>

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "8808HBU"</variable>

</expression>

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "8808RW8"</variable>

</expression>

</operator>

</condition>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST0004B /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST0004B</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST0004D /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST0004D</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST0004C /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST0004C</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

</group>

<group name="m58p" description="">

<condition>

<operator type="or">

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "9964A1F"</variable>

</expression>

<expression type="SMS_TaskSequence_WMIConditionExpression">

<variable name="Namespace">root\cimv2</variable>

<variable name="Query">SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "M9964A1F"</variable>

</expression>

</operator>

</condition>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST0004E /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST0004E</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST00050 /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST00050</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_ApplyDriverPackageAction" name="Appliquer le package de pilotes" description="" runIn="WinPE" successCodeList="0">

<action>osddriverclient.exe /install:AST0004F /unsigned:%OSDAllowUnsignedDriver%</action>

<defaultVarList>

<variable name="OSDApplyDriverDriverPackageID" property="DriverPackageID" hidden="true">AST0004F</variable>

<variable name="OSDAllowUnsignedDriver" property="UnsignedDriver">false</variable>

</defaultVarList>

</step>

</group>

</group>

</group>

<group name="Configurer le système d'exploitation" description="Configurer le système d'exploitation">

<step type="SMS_TaskSequence_SetupWindowsAndSMSAction" name="Configurer Windows et ConfigMgr" description="Actions pour configurer Windows et le client ConfigMgr" runIn="WinPEandFullOS" successCodeList="0">

<action>OSDSetupWindows.exe</action>

<defaultVarList>

<variable name="SMSClientInstallProperties" property="ClientInstallProperties">SMSCACHESIZE=8000 FSP=sccm.academie.ste-therese.com SMSSLP=sccm.academie.ste-therese.com SMSMP=sccm.academie.ste-therese.com</variable>

<variable name="_SMSClientPackageID" property="ClientPackageID">AST00020</variable>

</defaultVarList>

</step>

<group name="Installer mises à jour" description="" disable="true">

<step type="SMS_TaskSequence_InstallUpdateAction" name="Installer les mises à jour logicielles" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<action>TSInstallSWUpdate.exe /target:%SMSInstallUpdateTarget%</action>

<defaultVarList>

<variable name="SMSInstallUpdateTarget" property="Target">All</variable>

</defaultVarList>

</step>

</group>

<group name="Installer les logiciels" description="Actions pour personnaliser le nouveau système d'exploitation">

<group name="ALL" description="">

<step type="SMS_TaskSequence_InstallSoftwareAction" name="c++" description="Nécessaire pour installer Antidote." continueOnError="true" runIn="FullOS" successCodeList="0">

<action>smsswd.exe /pkg:AST00039 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00039</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">c++ runtime</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Office 2010" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<action>smsswd.exe /pkg:AST00023 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00023</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">Office 2010</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Flash" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<action>smsswd.exe /pkg:AST00037 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00037</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">flash</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Java" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<action>smsswd.exe /pkg:AST00036 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00036</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">java</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="QT" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<action>smsswd.exe /pkg:AST00038 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00038</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">quicktime</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Lync" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<action>smsswd.exe /pkg:AST00033 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00033</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">Lync</variable>

</defaultVarList>

</step>

</group>

<group name="settings for fetching AD" description="">

<step type="SMS_TaskSequence_SetVariableAction" name="Set InstallAPP" description="Setting this to False makes sure that an application is not installed." runIn="WinPEandFullOS" successCodeList="0">

<action>tsenv.exe "InstallAPP="</action>

<defaultVarList>

<variable name="VariableName" property="VariableName" hidden="true">InstallAPP</variable>

<variable name="VariableValue" property="VariableValue" hidden="true">

</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_SetVariableAction" name="Set DomUser" description="The user we specify here is the user that we will be verifying Security Group membership of in AD." runIn="WinPEandFullOS" successCodeList="0">

<action>tsenv.exe "DomUser=CN=fetch,CN=Users,DC=academie,DC=ste-therese,DC=com"</action>

<defaultVarList>

<variable name="VariableName" property="VariableName" hidden="true">DomUser</variable>

<variable name="VariableValue" property="VariableValue" hidden="true">CN=fetch,CN=Users,DC=academie,DC=ste-therese,DC=com</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_SetVariableAction" name="Set DomPassword" description="" runIn="WinPEandFullOS" successCodeList="0">

<action>tsenv.exe "DomPassword=123456"</action>

<defaultVarList>

<variable name="VariableName" property="VariableName" hidden="true">DomPassword</variable>

<variable name="VariableValue" property="VariableValue" hidden="true">123456</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_SetVariableAction" name="Set FQDNDC" description="" runIn="WinPEandFullOS" successCodeList="0">

<action>tsenv.exe "FQDNDC=dc1.academie.ste-therese.com"</action>

<defaultVarList>

<variable name="VariableName" property="VariableName" hidden="true">FQDNDC</variable>

<variable name="VariableValue" property="VariableValue" hidden="true">dc1.academie.ste-therese.com</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_SetVariableAction" name="Set NetbiosDC" description="" runIn="WinPEandFullOS" successCodeList="0">

<action>tsenv.exe "NetbiosDC=dc1"</action>

<defaultVarList>

<variable name="VariableName" property="VariableName" hidden="true">NetbiosDC</variable>

<variable name="VariableValue" property="VariableValue" hidden="true">dc1</variable>

</defaultVarList>

</step>

<step type="BDD_UsePackage" name="Use Toolkit Package" description="" runIn="WinPEandFullOS" successCodeList="0">

<action>smsswd.exe /run:AST00012 cscript.exe Scripts\ZTISCCM.wsf</action>

<defaultVarList>

<variable name="BDDPackageID" property="PackageID" hidden="true">AST00012</variable>

</defaultVarList>

</step>

<group name="ADMIN" description="">

<step type="SMS_TaskSequence_SetVariableAction" name="Set ADGROUP" description="" runIn="WinPEandFullOS" successCodeList="0">

<action>tsenv.exe "ADGROUP=CN=admin_soft,DC=academie,DC=ste-therese,DC=com"</action>

<defaultVarList>

<variable name="VariableName" property="VariableName" hidden="true">ADGROUP</variable>

<variable name="VariableValue" property="VariableValue" hidden="true">CN=admin_soft,DC=academie,DC=ste-therese,DC=com</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_RunCommandLineAction" name="query LDAP" description="%scriptroot%\" runIn="WinPEandFullOS" successCodeList="0 3010">

<action>smsswd.exe /run: cscript.exe %scriptroot%\custom_appinstall.wsf</action>

<defaultVarList>

<variable name="CommandLine" property="CommandLine" hidden="true">cscript.exe %scriptroot%\custom_appinstall.wsf</variable>

<variable name="SMSTSDisableWow64Redirection" property="DisableWow64Redirection">false</variable>

<variable name="_SMSTSRunCommandLineAsUser" property="RunAsUser">false</variable>

<variable name="SuccessCodes" property="SuccessCodes" hidden="true">0 3010</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Antidote" description="if InstallAPP=True then run this step (see options)" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">True</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST00032 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00032</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">Antidote</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Pervasive" description="if InstallAPP=True then run this step (see options)" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">True</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST00034 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00034</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">Pervasive</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Pluripdf" description="if InstallAPP=True then run this step (see options)" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">True</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST00035 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00035</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">pluripdf</variable>

</defaultVarList>

</step>

</group>

<group name="LAB" description="">

<step type="SMS_TaskSequence_SetVariableAction" name="Set ADGROUP" description="" runIn="WinPEandFullOS" successCodeList="0">

<action>tsenv.exe "ADGROUP=CN=lab_soft,DC=academie,DC=ste-therese,DC=com"</action>

<defaultVarList>

<variable name="VariableName" property="VariableName" hidden="true">ADGROUP</variable>

<variable name="VariableValue" property="VariableValue" hidden="true">CN=lab_soft,DC=academie,DC=ste-therese,DC=com</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_RunCommandLineAction" name="query LDAP" description="%scriptroot%\" runIn="WinPEandFullOS" successCodeList="0 3010">

<action>smsswd.exe /run: cscript.exe %scriptroot%\custom_appinstall.wsf</action>

<defaultVarList>

<variable name="CommandLine" property="CommandLine" hidden="true">cscript.exe %scriptroot%\custom_appinstall.wsf</variable>

<variable name="SMSTSDisableWow64Redirection" property="DisableWow64Redirection">false</variable>

<variable name="_SMSTSRunCommandLineAsUser" property="RunAsUser">false</variable>

<variable name="SuccessCodes" property="SuccessCodes" hidden="true">0 3010</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="chrome" description="" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0003B /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0003B</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">chrome</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="google earth" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0003C /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0003C</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">google earth</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="sketchup" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0003D /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0003D</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">sketchup</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="cs 5.5" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0003A /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0003A</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">cs 5.5</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Firefox" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0003E /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0003E</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">firefox</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Easyphp" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0003F /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0003F</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">easyphp</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Math add-in" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST00009 /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST00009</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">math add-in</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Math app" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0000A /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0000A</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">Maths APP</variable>

</defaultVarList>

</step>

<step type="SMS_TaskSequence_InstallSoftwareAction" name="Esobi" description="" continueOnError="true" runIn="FullOS" successCodeList="0">

<condition>

<expression type="SMS_TaskSequence_VariableConditionExpression">

<variable name="Operator">equals</variable>

<variable name="Value">TRUE</variable>

<variable name="Variable">InstallAPP</variable>

</expression>

</condition>

<action>smsswd.exe /pkg:AST0000B /install /basevar: /continueOnError:</action>

<defaultVarList>

<variable name="PackageID" property="PackageID" hidden="true">AST0000B</variable>

<variable name="_SMSSWDProgramName" property="ProgramName">esobi</variable>

</defaultVarList>

</step>

</group>

</group>

</group>

</group>

</sequence>

</SequenceData>

<SourceDate>2012-03-27T10:49:31</SourceDate>

<SupportedOperatingSystems />

<IconSize>0</IconSize>

</SmsTaskSequencePackage>

 

Can you please help me ?

 

thanks ...

Share this post


Link to post
Share on other sites

Do you need to use MDT Toolkit to run wsf scritpts???

 

I have just packages the files for Custom_AppInstall.wsf and ZTIUtility.vbs

Are they the only files i need to run this script during a OSD task sequence???

 

Also will this work on sccm 12???

Share this post


Link to post
Share on other sites

you don't need a MDT task sequence but you do need those scripts yes,

I havnt tested it in Configuration Manager 2012 yet but I think it'll work

  • Like 1

Share this post


Link to post
Share on other sites

I can confirm it works in 2012. I did use MDT 2012 files in Config manager 2012.

 

I didn't need to install MDT 2012 just use the relevant files.

 

thanks for all your help

  • Like 1

Share this post


Link to post
Share on other sites

Hi,

 

Just thought I'd drop it in here. Another option might be to create a Collection that contains the specified AD group as member (or a query that gathers the members of the AD group) and set a collection variable. Because the Computer is member of the specified collection through it's AD group membership, it gets the specific variable available in the task sequence.

 

This way you can accomplish the same without having to do any custom scripting.

 

Just my 2 cents :)

Share this post


Link to post
Share on other sites

Hi,

 

Just thought I'd drop it in here. Another option might be to create a Collection that contains the specified AD group as member (or a query that gathers the members of the AD group) and set a collection variable. Because the Computer is member of the specified collection through it's AD group membership, it gets the specific variable available in the task sequence.

 

This way you can accomplish the same without having to do any custom scripting.

 

Just my 2 cents :)

Hi, Can you please explain it in more detail? I have a requirement to install applications during OSD task sequence based upon membership of users into AD groups. We have the user to computer UDA preconfigured. We also have ConfigMgr user collections querying AD groups. But the challenge is to install application based upon user membership of a AD group. Can this be done without scripting?

Share this post


Link to post
Share on other sites

Hi, thanks for great article. In your task sequence all the applications have to be pre-created as tasks and then you check whether to install or not install a particular application upon membership of the computer in AD group which is associated with application.

 

I have a requirement to install applications during OSD task sequence based upon membership of users into AD groups. We have the user to computer UDA preconfigured. We also have ConfigMgr user collections querying AD groups. But the challenge is to install application based upon user membership of a AD group. What do you suggest as best way of handling it?

 

Many thanks!

Share this post


Link to post
Share on other sites

you could prompt for the Username via a HTA frontend and use that username instead of computername to do the checking against.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


×