Jump to content


  • 0
anyweb

Introducing: The BitLocker Frontend HTA

Question

The next logical step for the windows-noob.com FrontEnd HTA which I released back in April 2011 was to add support for BitLocker, and I've added it along with some bugfixes, a new clean look, and some new functionality.

 

the bitlocker frontend HTA.png

 

What does it do ?

 

first of all what does this HTA do ? it allows you to PXE boot into Windows PE (yes, PE) and do three types of common scenarios for migrating your computers to Windows 7 with BitLocker.

 

backup old computer (full WIM backup locally, full wim backup to network, chkdsk, offline scanstate to Network folder

reinstall computer (reinstalls/refreshes Windows 7 on an Windows XP or Windows 7 computer and supports the following scenarios: where BL=BitLockered and UBL=Not BitLockered

  • XP>7 BL
  • XP>7 UBL
  • 7BL>7UBL
  • 7UBL>7BL
  • 7BL>7BL
  • 7UBL>7UBL

New Computer (new installation of Windows 7 with or without BitLocker).

 

 

 

 

 

 

 

In addition to the above you can do the following:-

  • computer associations in WinPE
  • auto-computername (using Michael Niehaus RIS style naming web service)
  • select a language to install during New Computer deployment
  • select regional settings during New Computer deployment
  • see the current computername and change it
  • Input a username and that user becomes the local administrator
  • show info relating to Computername, computername in SCCM, Serial Number, Model, IP address, Mac Address, UUID, Client Identity (GUID), Assigned Site Code, Resource known/unknown, Resource ID
  • supports SMP backup in addition to full wim local, full wim network, and offline mode in WinPE
  • detects if the hardware is Lenovo or Dell and has driver steps included for some common models (you have to download the driver packages yourself however)
  • detects and interogates the TPM/Bios on Dell and Lenovo hardware to prepare it for BitLocker
  • if no TPM found it disables the BitLocker Capability in the HTA
  • if virtual hardware detected, it disables BitLocker capability (however you can enable this just for testing)
  • has the ability to Notfiy the end user if the task sequence was successful or unsuccessful
  • creates a REG key to add succesful task sequence, creates a text file in c:\ to demonstrate successful task sequence

cool, yep, very cool.

 

 

 

 

 

 

 

Requirements:-

 

This is not for the faint hearted, you'll need to have the following working before attempting this:-

ok enough already give it to me !

 

 

 

 

 

 

 

Download the ZIP

 

here it is, download this and import the task sequence XML file, copy the WNB and BitLocker folders as sub-directories of a newly created MDT Files package. Update your MDT Files package and get started

 

Note: If you downloaded the ZIP before 12th of January then download it again as I fixed a few bugs in the task sequence.

 

The BitLocker HTA.zip

 

 

Show me some screenshots

 

here's some screenshots:-

 

The Backup computer screen

 

backup computer.png

 

The Reinstall Computer screen with BitLocker checkbox enabled

 

reinstall computer.png

 

The New Computer Screen with the BitLocker checkbox unchecked

 

new computer.png

 

Show Info Screen

 

show info.png

 

I'll post bugfixes and known issues shortly as they roll in, if you are in any way struggling with this then read the windows-noob.com Frontend HTA guide here please as it explains how to get this all working.

 

 

Known Issues

 

* BitLocker doesn't get enabled if you use the Microsoft supplied EnableBitLocker.vbs script when also selecting a Language pack.

 

Solution. Replace the script with EnableBitLocker_Multi.vbs instead or use the built in Enable BitLocker step (note that step doesn't have as much customization built in as the script does).

 

* Regional And Language settings may not be applied properly causing task sequence failure.

 

Solution, make sure that you are using the correct architecture XML file in the Apply Operating System Step otherwise it will fail., in addition your Language Pack files packages must match the architecture you are deploying, for example, if you are deploying Windows 7 X64 then your language packages must also be X64 or the task sequence will fail to add languages and additionally fail to add the custom local administrator if one is specified. This is not a bug in the task sequence ! Add the correct architecture Language pack files and unattend.xml and all is good.

 

* All Loadstate functions are hard coded for X64 OS.

 

Solution, the task sequence assumes you are deploying Windows 7 X64 OS, if you want to deploy Windows 7 X86 you can enable the X86 steps in the task sequence and add some logic to detect if the os is x86 or x64 and act accordingly, if i have time i will re-release a version of this with the logic in it.

 

* Icons not displaying or red X appearing where the icons should be on bare metal (new computer) scenarios ....

 

Solution, make sure that the hard disc is partitioned and formatted before testing the HTA.

 

cheers !

 

niall.

Share this post


Link to post
Share on other sites

Recommended Posts

  • 0

Hi Niall,

 

When I select one of the options the other two icons (I think they are supposed to be "greyed-out") are actually missing the icons and display with the red X. Is this particular to my setup or is this something with the HTA? I am going to dig into the html and see if I can figure it out.

 

Thanks!

 

FYI - I'm still working on a USMT process that goes direct from PC to PC :( . I'm doing it manually with a batch USMT script that I had written like 2 years ago - I supply variables like so - "usmt.bat pc1234 pc5678 username" and it moves all of the user data that I have specified in the xml.

Share this post


Link to post
Share on other sites

  • 0
"When I select one of the options the other two icons (I think they are supposed to be "greyed-out") are actually missing the icons and display with the red X. Is this particular to my setup or is this something with the HTA?"

 

 

that's a known issue, just diskpart your hard disc, make sure its got a partition and is formatted and then try again, it'll display correctly

Share this post


Link to post
Share on other sites

  • 0

hmm that shouldnt happen, can you take a screenshot/photo of what you are seeing please, and include diskpart info for me also (bring up a command prompt and run diskpart, select disk 0, list par

Share this post


Link to post
Share on other sites

  • 0
Microsoft Deployment Toolkit version: 6.0.2058.0

 

 

 

you are using MDT 2012 beta, i have NOT tested that version with this HTA,

 

try mdt toolkit 2010 update 1 please

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.