Jump to content




Sign in to follow this  
anyweb

How can I deploy a Hidden task sequence in Configuration Manager 2012 SP1



Recommended Posts

Configuration Manager 2012 SP1 provides several new features when it comes to OSD and one in particular that I like is the ability to deploy hidden task sequences, what this means is that you can target task sequences to a collection and they will be hidden from view in Software Center, Boot Media and PXE boot unless you know how to access them.

I will assume that you already have a Deploy Windows 8 X64 (or similar) task sequence created at this point and now want to avail of making one hidden. Why would you want to hide a task sequence ? well perhaps you are still testing features within the task sequence that you do not want readily available to your users so hiding it is a good idea indeed.

Step 1. Create a Hidden collection

We will be deploying our hidden task sequence to a specific collection, so to make this easy to understand we'll create a new collection called Deploy Windows 8 Hidden, right-click on Device Collections and choose Create Device Collection,

create device collection.png

give the collection a suitable name like Deploy Windows 8 hidden and limit it to All Systems

Deploy Windows 8 hidden.png

and click your way through the rest of the wizard, no need to configure any membership rules at this point as we will add computers to the collection later.

Step 2. Copy an existing task sequence

Locate a task sequence that you want to make hidden or create a new one from scratch, right click on the task sequence and choose Copy.

Copy a task sequence.png

once the task sequence is copied you'll get a message informing you.

copy operation has completed successfully.png

Locate the copied task sequence (the name was in the message above) and right click on it and rename it by choosing Properties, append the word Hidden. You can optionally add a category of Hidden and change the custom text to read Hidden Task Sequence as per the screenshot below.

Deploy Windows 8 X64 hidden task sequence.png


Step 3. Add a prestart file to a custom boot image

This step is important as in order to access the hidden task sequence we need to add a prestart command via a file added to a custom boot image. The boot image should be separately created from your default X86 and X64 boot images as we don't want our normal task sequence deployments to be prompted with the prestart script.

To create the custom boot image do as follows, right click on boot images and choose Add Boot Image.

add boot image.png

browse to the UNC path of your default X86 boot image (something like \\sccm.server2008r2.lab.local\SMS_P01\osd\boot\i386\boot.wim) and select that boot wim file

browse to the data source for the boot image.png

fill in some details about this custom boot image including it's version (x86)

hidden prestart boot.png

and click your way through to the end of the wizard.

custom boot done.png

Now that we have a custom boot image, let's right click on it and add some changes.

hidden prestart boot properties.png

select the Customization tab, and make sure to place a checkmark in the following options

  • Enable prestart command
  • Include files for the prestart command
  • Enable command support (testing only)

so that it is like the screenshot below

customization tab.png

Point the prestart command to the following script file by typing

cscript.exe get_SMSTSPreferredAdvertID_via_Prestart.vbs

here's the VBS

get_SMSTSPreferredAdvertID_via_Prestart.vbs.txt

Note: remove the .TXT extension on the file above before using it.

save get_SMSTSPreferredAdvertID_via_Prestart.vbs to \\sccm\sources\os\extrafiles

next click on the Deploy tab, make sure that Deploy this boot image from the PXE enabled distribution point is selected

click ok and answer NO when prompted to update to Distribution points as we have not selected any distribution points for this boot image yet.

Continue to the end of the wizard.

Step 4. Distribute our prestart boot image

Right click on our Prestart boot image and choose Distribute Content

Distribute Content.png

the distribute content wizard appears, add your distribution points and continue through the wizard until completion

distribute content wizard completed successfully.png

once done, right click on the Prestart Boot Image and choose Update Distribution Points, continue through that wizard.

update distribution points wizard.png


Step 5. Attach our prestart boot image to our hidden task sequence

In Task Sequences, select our hidden task sequence, right click and choose properties, select the Advanced tab and change the boot image from the X86 default boot image to our hidden prestart boot image as per the screenshot below

hidden prestart boot image selected.png

click apply and ok.

Step 6. Add a computer to the hidden collection

using direct membership (or whatever method you wish) add a computer to the hidden collection, verify the computer object exists in the collection before moving on to the next step.

w82 added to deploy windows 8 hidden.png

Step 7. Deploy the hidden task sequence

right click on our new Hidden task sequence and choose Deploy

Deploy.png

choose our previously created Deploy Windows 8 hidden collection and click next

deploy to hidden collection.png

and on the Deployment Settings screen click the down arrow beside Make available to the following and select Only media and PXE (hidden)

Only media and PXE (hidden).png

click your way through the rest of this wizard.

Step 8. Locate the Deployment ID of the hidden task sequence

In Task sequences, select our hidden task sequence and click on the Deployments tab below it

deployments tab.png

our Deployment is listed, click on the column in a blank space and right click to add new column options, select Deployment ID from the list.

add Deployment ID column.png

and now we can see our Deployment ID, take note of what it says (write it down).

deployment id.png


Step 9. PXE boot your client

Now that the hard work is done, PXE boot the computer you added to the hidden collection, note the boot WIM file listed is the Image ID of our Prestart Hidden boot wim

pxe boot.png

if you did everything above correctly you'll see the following immediatly after entering your PXE password (if you set one) and before the task sequences are normally displayed (assuming you have some available task sequences)

prestart popup.png

enter the Deployment ID we noted from above, that was P012001B or don't enter it and just get to see the normal list of available task sequences.

enter the deployment id.png

and if you entered the Deployment ID correctly you'll see your hidden task sequence kicking off, cool huh ? yup, cool.

hidden task sequence in action.png

until next time, adios !

 

Next Steps: Perform the above 'on-demand', if you want to learn how, click here.

Share this post


Link to post
Share on other sites


I havnt tried it but will later tonite and see what happens

Share this post


Link to post
Share on other sites

Hi,

 

This tutorial is fantastic and i am currently using this in my environment.

 

Is there any way that the cscript.exe cmd black window can be hidden or at least minimized ?

 

Cheers

Share this post


Link to post
Share on other sites

Nice post start to finish.

to: TheOverfiend

//nologo is the parameter that should hide the command windows when running cscript.

 

 

specfic example for this case:

before

cscript.exe get_SMSTSPreferredAdvertID_via_Prestart.vbs

after

cscript.exe //nologo get_SMSTSPreferredAdvertID_via_Prestart.vbs

Share this post


Link to post
Share on other sites

Alternatively, you can create Boot media and add the variable under the customization portion, with name / value pair being SMSTSPreferredAdvertID / DeploymentID. This way only those with the ISO will see the TS.

Share this post


Link to post
Share on other sites

Hello,

 

I'm having issues with this. It worked just fine for a bit. I imaged 2 machines using it. Then out of the blue I can't get the TS to run. The prestart VB script is running. I put the deployment ID in exactly as I see it in CM, click ok and after a few seconds I am brought to the regular TS wizard. Not sure what I'm missing. Is there a log somewhere I can check to see why it not running the hidden TS?

 

Ok so I found the entry in the smsts log from the tablet i'm trying to image, but I'm still not exactly sure why it thinks it can't find it. As you can see in the image my ID matches. Just a standard deployment set to pxe and media only (hidden).

 

post-10749-0-93013000-1407847444_thumb.png

 

Thanks,

Mike

Share this post


Link to post
Share on other sites
Is there a log somewhere I can check to see why it not running the hidden TS?

 

 

smsts.log will tell you why, please attach it

Share this post


Link to post
Share on other sites
<![LOG[Provided preferred deployment CR320028 is not found among the available deployments.]LOG]!><time="07:59:12.365+240" date="08-12-2014" component="TSPxe" context="" type="3" thread="964" file="tsmediawizardcontrol.cpp:1502">

 

 

there you go !

 

so is this computer in a collection targeted by that depoyment above and is the deployment deployed with a purpose of hidden

Share this post


Link to post
Share on other sites

I have it deployed to the "All Unknown Computers" collection. It is set to media and pxe only (hidden), purpose is available. The weird thing is it did work a few times before it stopped working and i changed nothing in CM.

Share this post


Link to post
Share on other sites

So I deleted the deployment to all unknown computers and created a new deployment pointing to the All Systems collection it's now working. Very weird since these devices are brand new out of the box and definitely unknown. Anyway working as I need it to now. Thanks.

Share this post


Link to post
Share on other sites

check Devices under assets and compliance,

 

do you see a whole bunch of UNKNOWN objects (please do NOT delete the UNknown Computers collections)

 

you can delete all the unknown devices (not the collections) then try again, 1 shown below but i've seen up to 91 in our production environment....

 

unknown.png

 

 

Share this post


Link to post
Share on other sites

I had done that already. What I found is that the two built in Unknown Computers (x64 and x86) are also in the All Systems Collection. Not sure if that collection is taking precedence or what. The machines are definitely unknown, brand new out of the box. Very strange but deploying to All unknown just won't work, only All systems.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×