Jump to content




Sign in to follow this  
anyweb

Introducing: The BitLocker Frontend HTA



Recommended Posts

The next logical step for the windows-noob.com FrontEnd HTA which I released back in April 2011 was to add support for BitLocker, and I've added it along with some bugfixes, a new clean look, and some new functionality.

 

the bitlocker frontend HTA.png

 

What does it do ?

 

first of all what does this HTA do ? it allows you to PXE boot into Windows PE (yes, PE) and do three types of common scenarios for migrating your computers to Windows 7 with BitLocker.

 

backup old computer (full WIM backup locally, full wim backup to network, chkdsk, offline scanstate to Network folder

reinstall computer (reinstalls/refreshes Windows 7 on an Windows XP or Windows 7 computer and supports the following scenarios: where BL=BitLockered and UBL=Not BitLockered

  • XP>7 BL
  • XP>7 UBL
  • 7BL>7UBL
  • 7UBL>7BL
  • 7BL>7BL
  • 7UBL>7UBL

New Computer (new installation of Windows 7 with or without BitLocker).

 

 

 

 

 

 

 

In addition to the above you can do the following:-

  • computer associations in WinPE
  • auto-computername (using Michael Niehaus RIS style naming web service)
  • select a language to install during New Computer deployment
  • select regional settings during New Computer deployment
  • see the current computername and change it
  • Input a username and that user becomes the local administrator
  • show info relating to Computername, computername in SCCM, Serial Number, Model, IP address, Mac Address, UUID, Client Identity (GUID), Assigned Site Code, Resource known/unknown, Resource ID
  • supports SMP backup in addition to full wim local, full wim network, and offline mode in WinPE
  • detects if the hardware is Lenovo or Dell and has driver steps included for some common models (you have to download the driver packages yourself however)
  • detects and interogates the TPM/Bios on Dell and Lenovo hardware to prepare it for BitLocker
  • if no TPM found it disables the BitLocker Capability in the HTA
  • if virtual hardware detected, it disables BitLocker capability (however you can enable this just for testing)
  • has the ability to Notfiy the end user if the task sequence was successful or unsuccessful
  • creates a REG key to add succesful task sequence, creates a text file in c:\ to demonstrate successful task sequence

cool, yep, very cool.

 

 

 

 

 

 

 

Requirements:-

 

This is not for the faint hearted, you'll need to have the following working before attempting this:-

ok enough already give it to me !

 

 

 

 

 

 

 

Download the ZIP

 

here it is, download this and import the task sequence XML file, copy the WNB and BitLocker folders as sub-directories of a newly created MDT Files package. Update your MDT Files package and get started

 

Note: If you downloaded the ZIP before 12th of January then download it again as I fixed a few bugs in the task sequence.

 

The BitLocker HTA.zip

 

 

Show me some screenshots

 

here's some screenshots:-

 

The Backup computer screen

 

backup computer.png

 

The Reinstall Computer screen with BitLocker checkbox enabled

 

reinstall computer.png

 

The New Computer Screen with the BitLocker checkbox unchecked

 

new computer.png

 

Show Info Screen

 

show info.png

 

I'll post bugfixes and known issues shortly as they roll in, if you are in any way struggling with this then read the windows-noob.com Frontend HTA guide here please as it explains how to get this all working.

 

 

Known Issues

 

* BitLocker doesn't get enabled if you use the Microsoft supplied EnableBitLocker.vbs script when also selecting a Language pack.

 

Solution. Replace the script with EnableBitLocker_Multi.vbs instead or use the built in Enable BitLocker step (note that step doesn't have as much customization built in as the script does).

 

* Regional And Language settings may not be applied properly causing task sequence failure.

 

Solution, make sure that you are using the correct architecture XML file in the Apply Operating System Step otherwise it will fail., in addition your Language Pack files packages must match the architecture you are deploying, for example, if you are deploying Windows 7 X64 then your language packages must also be X64 or the task sequence will fail to add languages and additionally fail to add the custom local administrator if one is specified. This is not a bug in the task sequence ! Add the correct architecture Language pack files and unattend.xml and all is good.

 

* All Loadstate functions are hard coded for X64 OS.

 

Solution, the task sequence assumes you are deploying Windows 7 X64 OS, if you want to deploy Windows 7 X86 you can enable the X86 steps in the task sequence and add some logic to detect if the os is x86 or x64 and act accordingly, if i have time i will re-release a version of this with the logic in it.

 

* Icons not displaying or red X appearing where the icons should be on bare metal (new computer) scenarios ....

 

Solution, make sure that the hard disc is partitioned and formatted before testing the HTA.

 

cheers !

 

niall.

Share this post


Link to post
Share on other sites


Hi Niall,

 

When I select one of the options the other two icons (I think they are supposed to be "greyed-out") are actually missing the icons and display with the red X. Is this particular to my setup or is this something with the HTA? I am going to dig into the html and see if I can figure it out.

 

Thanks!

 

FYI - I'm still working on a USMT process that goes direct from PC to PC :( . I'm doing it manually with a batch USMT script that I had written like 2 years ago - I supply variables like so - "usmt.bat pc1234 pc5678 username" and it moves all of the user data that I have specified in the xml.

Share this post


Link to post
Share on other sites
"When I select one of the options the other two icons (I think they are supposed to be "greyed-out") are actually missing the icons and display with the red X. Is this particular to my setup or is this something with the HTA?"

 

 

that's a known issue, just diskpart your hard disc, make sure its got a partition and is formatted and then try again, it'll display correctly

Share this post


Link to post
Share on other sites

does the diskpart/format need to be fresh? I am reloading a PC that was just OSD'ed so it does have an existing partition but I still see the missing icons.

Share this post


Link to post
Share on other sites

hmm that shouldnt happen, can you take a screenshot/photo of what you are seeing please, and include diskpart info for me also (bring up a command prompt and run diskpart, select disk 0, list par

Share this post


Link to post
Share on other sites

if you exit diskpart can you dir c:\ ?

Share this post


Link to post
Share on other sites

ok can you attach your SMSTS.log and any other logs in ZIP format here so that I can review them ?

Share this post


Link to post
Share on other sites
Microsoft Deployment Toolkit version: 6.0.2058.0

 

 

 

you are using MDT 2012 beta, i have NOT tested that version with this HTA,

 

try mdt toolkit 2010 update 1 please

Share this post


Link to post
Share on other sites

just click on the task sequence in the console, look at the references tab, you'll find your mdt toolkit files package there, locate the one that is the wrong version..

Share this post


Link to post
Share on other sites

hi yannara, do you mean you'd like a place to put a company logo in each window ?

Share this post


Link to post
Share on other sites

Hi , Thanks for excellent guides.

I have one questions - If the HDD is not formatted , will this task sequence still display HTA , I don't see a format step before HTA. There is one format and partition step but those conditions will bypass new unformatted disk

 

Could you please clarify ..? Thanks.

Share this post


Link to post
Share on other sites

I haven't checked this HTA for a while now as it's based on Configuration Manager 2007, I have a Configuration Manager 2012 version of this task sequence below

which does indeed partition a blank hdd when needed in the following group

 

partition.png

 

so, are you using CM12 or CM07 ?

 

 

 

 

Share this post


Link to post
Share on other sites

I haven't checked this HTA for a while now as it's based on Configuration Manager 2007, I have a Configuration Manager 2012 version of this task sequence below

which does indeed partition a blank hdd when needed in the following group

 

attachicon.gifpartition.png

 

so, are you using CM12 or CM07 ?

 

 

 

 

Thanks so much for replying Niall.

It turned it I was not using toolkit step in one of steps that was causing my failures.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


×