The _SMSTSORGNAME value does not work with ZTI and SMS 2003, only with SCCM 2007 or Lite Touch.

Background:
The problem happens because with ZTI and SMS 2003, Microsoft Deployment call the task sequencing engine TSMbootstrap directly from the DP.  Since it is running from the DP the variables.dat file would also need to be on the DP to pick up the variables.  Microsoft Deployment store the variables in the OSDENV.INI and synch up the variables after the task sequencer starts but by then it is too late to set the _SMSTSORGNAME variable.

Here is the workaround (gracely provided by Tim Mintner)

Create a variables.dat file in your package source and distribute that to your DP’s.  The contents of that variables.dat file should be the following:

My CorpName

If you attended the Microsoft Deployment labs this year in Barcelona (IT-Forum) you might have seen that you could configure a lot more roles in the pre-release version that was used in the labs, compared with the RTM version.

Well those roles are still there, you just need to enable them by renaming actions_full.xml to actions.xml in the Bin directory 

Note:
There are bugs in the other roles that haven’t been fixed and won’t be fixed until the next release (R2)
There is no compatibility guarantee between the R1 “hidden” actions and the R2 “no longer hidden” actions.
Use at your own risk.

 

GUI for setting timezone and keyboard layout in WinPE. Just download and copy the files to same location as the bootimage (LiteTouchPE_X86.wim in this example)

Download from:
http://www.deployvista.com/Repository/WindowsPE20/tabid/73/EntryId/37/DMXModule/399/ctl/EntryDetails/mid/399/Default.aspx

 

One of the most common issues with MDT 2008/2010 and BDD 2007, LiteTouch and ZeroTouch, is leftover junk from a previous installation preventing a second installation to continue… The solution… Get rid of the junk…

Note: Make sure to do these changes only to the winpe images used for bare metal installations… (wiping the disk in the middle of a refresh installation might lead to , ehh, unexpected, results)

LiteTouch
Create a script that removes the MININT and _SMSTaskSequence folders (if present).

CleanSetupInProgress.cmd

If Exist C:\MININT\nul rd C:\MININT /s /q
If Exist C:\_SMSTaskSequence\nul rd C:\_SMSTaskSequence /s /q

Call the script from unattend.xml (in WInPE)

Unattend.xml



   
        http://schemas.microsoft.com/WMIConfig/2002/State“>
           
                16
                1024
                60
                768
           
           
               
                    Lite Touch PE
                    1
                    cmd /c CleanSetupInProgress.cmd
               
               
                    Lite Touch PE
                    2
                    wscript.exe X:\Deploy\Scripts\LiteTouch.wsf
               
           
            Restart
       
   

ZeroTouch (SMS 2003 OSD FP)
Just add a winbom.ini that will wipe and format the disk… se below example…

winbom.ini

[Factory] WinBOMType=WinPE
Reseal=No
[WinPE] Quiet=Yes
Restart=No
[PnPDriverUpdate] [PnPDrivers] [NetCards] [UpdateInis] [FactoryRunOnce] [Branding] [AppPreInstall]

[DiskConfig]
Disk1 = Disk1.Config

[Disk1.Config]
WipeDisk = Yes
Size1 = *
PartitionType1 = Primary
FileSystem1 = NTFS
QuickFormat1 = Yes
SetActive1 = Yes

BDD 2007 ZTI by default will break on less than 512 MB RAM

The error you get in the ZTIValidate.log is ERROR – 255MB of memory is insufficient.  At least 448MB of memory is required. However, the fix is easy:

1. Make sure you reduce the WinPE size per step 4 in the below article:

Adding a Windows PE 2005 image to WDS (boot-in RAM) 
http://www.deployvista.com/Blog/tabid/70/EntryID/20/Default.aspx

2. Configure customsettings.ini with the ImageMemory value

[Settings] Priority=Default
Properties=ImageMemory

[Default] ImageMemory=256

Summer 2007 in Sweden is one for the record books, for being the rainiest one in a long time… So if you can’t hit the beach, what do you do?  Some serious coding of course! 🙂

So today I have released a Frontend for ZTI (BDD 2007) to the web…

Credits goes to Morgan Hjalmarsson, Sami Lehtonen, Martin Hultstrom and Kristoffer Lindblad for their efforts and continuous support…

Best Regards / Johan Arwidmark
Microsoft MVP – Setup & Deployment

The name: Pretty Good Frontend

Download link
http://www.deployvista.com/Repository/BDD2007/tabid/74/EntryId/36/DMXModule/400/Download/attachment/Default.aspx

Features
– Only appears if computer is not in the BDD Database already
– Allows for entering a computer name
– Allows for Selecting target OU (Selection list is from live Actice Directory data)
– Allows for entering UDDIR folder (for replace scenarios)
– Allows for OSD/ZTI Image selection (Selection list is from live SMS data)
– Allows for role selection (Selection list is from live BDD database)
– Configured from rules in bootstrap.ini, no hardcoded values in the Frontend
– Started as a userexit (no scripts on the winpe image)

The screenshot

System Requirements
– A Windows PE 2005 image generated from the BDD 2007 Deployment Workbench
– Added support for ADSI (not terribly hard, just copy activeds.tlb and adsldp.dll from Windows Server 2003 SP1 to System32)

Configuration
– From the download, copy the following files to ZTI$ Share: Z-Frontend.vbs and Z-Frontend.hta
– From the \distribution\scripts folder, copy the following files to ZTI$ Share: wizard.css and wizard.ico
– Using Deployment Workbench, update bootstrap.ini using info from the sample files and update the Deployment Point (Update files only)
– I’m assuming your are running the BDD database on the SMS SiteServer (SMS Database)

The following values need to be configured in bootstrap.ini (sample for single and multiple locations included)

SMSSiteDatabaseServer:  The Server name of the SMS SiteServer (database)
SMSSiteDatabaseName:  The SMS database name
DomainController1:  A domain controller to bind to
BDDDataBaseName:  The BDD dataabase name
StartingOU:   OU to list subOUs from (1 level only)
ListADUserName:  User to Bind with AD
ListADPassword:  Password for AD user

Note 1: Minimum Memory requirement is set to 256, you shouldn’t deploy windows XP or higher versions with less, nor use WinPE 2005… 🙂

Note 2: If you have used Microsoft sample file (SERVERSP1-REMOVELIST.TXT) to reduce WinPE 2005 size, make sure you configure it to not delete the following

files

system32\mfc42.dll
system32\odbc32.dll
system32\odbcint.dll
system32\urlmon.dll
system32\security.dll
System32\scecli.dll
System32\shdocvw.dll
System32\msls31.dll

Note 3: As for usual I recommend configuring winbom.ini to always wipe the disk (otherwise leftover junk may prevent the setup)

Sample winbom.ini

[Factory] WinBOMType=WinPE
Reseal=No
[WinPE] Quiet=Yes
Restart=No
[PnPDriverUpdate] [PnPDrivers] [NetCards] [UpdateInis] [FactoryRunOnce] [Branding] [AppPreInstall] [DiskConfig]
Disk1 = Disk1.Config

[Disk1.Config]
WipeDisk = Yes
Size1 = *
PartitionType1 = Primary
FileSystem1 = NTFS
QuickFormat1 = Yes
SetActive1 = Yes

 

If you want to run applications or are dealing with large driver sets in WinPE 2.0 it might be useful to increase the scratch space size. Credit goes to Paul Foty…

Here is the registry key and the settings for adjusting the size.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FBWF] “WinPECacheThreshold”=dword:00000010

;dword:00000010 = 16
; 0x10 = 16Mb
; 0x18 = 24Mb
; 0x20 = 32Mb
; 0x30 = 48Mb
; 0x40 = 64Mb
; 0x48 = 72Mb
; 0x60 = 96Mb
; 0x80 = 128Mb
; 0x100 = 256Mb 

Most times it’s useful to add a reboot as the final step in the LiteTouch Sequence…

First we need to get rith of the BDD Wizard Summary Window, this is done by adding SkipFinalSummary=YES to cs.ini

Second we need to reboot, this is done by adding a custom reboot task as the final step in the sequencer.

C:\windows\system32\shutdown.exe -r -t 10 -c “Rebooting the PC to complete the Build”

Welcome

This explains the necessary steps for configuring certificate based IPSec in Win PE 2.0.

For improvement suggestions (or bugs) in this guide, please drop a note to johan [dot] arwidmark [at] truesec [dot] com, or at myitforum.com (alias jarwidmark).

You might also find me in the public Microsoft desktop deployment newsgroups (microsoft.public.deployment.desktop)

Regards,

Johan Arwidmark
Microsoft MVP – Setup & Deployment

The guide covers the following steps

o   Create the IPSec Policy

o   Installing the certificate in WinPE

Step 1 – Creating the IPSec Policy

1. On the deployment server, create a IPSec Policy
2. Using Regedit, export the assigned IPSec policy to a text file  (*.reg). The policy is stored in  (HKLM\Software\policies\Microsoft\windows\ipsec\policy\local
3. On a client, install the IPSec certificate and then using the certificates mmc, export the IPSec certificate, and include the Root CA in the export

Step 2 – Install the Certificate in WinPE

1. From a Vista machine, copy the certutil.exe and  en-US\certutil.exe to system32 of your WinPE Image
2. Using Regedit.exe import the previously exported IPSec policy to the Registry
3. Using an undocumented switch to certutil, -ImportPFX, import the previously exported certificate into WinPE
4. Start the IPSec Policy Agent in WinPE

 

 

In BDD 2.5 there was included a stiored procedure for naming computer from a prefix + sequence. Here is one for BDD 2007 and MDT 2008/2010

IdentifyComputer for BDD 2007 and MDT 2008/2010
http://www.deployvista.com/Repository/tabid/71/EntryId/34/DMXModule/396/ctl/EntryDetails/mid/396/language/en-US/Default.aspx