giving something back after taking a lot :-)

Maik Koster at myITforum.com

Using a custom Boot wizard to boot known and unknown computers in SCCM and choose a Task Sequence to run – Step by Step

January 13, 2010

In some recent posts I wrote about how to create a custom boot wizard. During these posts I used an example which would be able to boot any known and unknown computer from SCCM, reads a list of available Collections having an OSD Task Sequence advertised to choose from, then drop the computer into one of these collections on the fly and wait until the Advertisement would be available for the computer before handing over to the Task Sequence engine which would then query the SCCM Server for an advertised Task Sequence and if available execute it. (See the links at the end of this post for reference)

This was actually meant as an example but during the last couple of months I got regular requests asking to take this example, make some minor adjustments and just be able to use it without digging deep into the complete background as they don’t want to code their own, just make use of the existing one as it did exactly what they wanted to have.

And as I have to admit, that it takes a lot of reading and some time to create your own, here is a (hopefully) simple guide on what it requires to get this running in your environment. As I wanted to create this as comprehensive as possible it is almost only text but it references other more detailed guides which also include screenshots.

 

Set up the webservice

- Download the most recent version of the webservice from Codeplex (the webservice has been updated recently to Version 6)

- Extract the content of the zip file into a folder on your webserver

- Create a new application in IIS pointing to this folder

- Create a new application pool with the security context of a User that has appropriate permission to SCCM to query for collections/Task Sequences/Advertisements, create new computers and be able to add them to collections. (If this User isn’t member of the local Admin Group which is probably the easiest way to avoid most security related problems, it needs to be at least member of the IIS_IUSRS Group (IIS_WPG on IIS6) and then this Group also needs additional Read permission on the web.config file in your root Web folder)

- configure the webservice to run within this new application pool

- configure the application Settings

(see Deployment Webservice - Installation Guide for more detailed information including some screenshots of the before mentioned steps.)

 

 

Prepare your Boot Image

- Download the most recent Custom Boot Wizard files from Codeplex (the files have been updated for this article)

- extract them to a temporary folder

- Customize the file SCCM_Bootstrap.ini:

     * replace YourWebserver/YourWebserviceDirectory with the server and path created above

     * Set the default AssignedSite (The wizard will overwrite this value if it gets a more appropriate AssignedSite for the client it is running on, based on the boundaries)

     * Optionally use a built-in feature to enable the support to prestage the target Collection for specific computers, using the MDT Web FrontEnd. See MDT Web FrontEnd - How To handle Custom Settings/Properties for more Details.

     * save your changes

- Create a new folder which will be used to store all additional files and folders we would like to add to the Boot image. Beneath create a folder called “Deploy” and beneath that a folder called “Scripts”. Now copy all your files from the temporary folder above into the “Scripts” folder.

Tip: On the Root of the Folder which stores the additional files and folders we just created above, create a subfolder “Windows” and beneath that “System32”. Copy your favorite Troubleshooting tools like Trace32 into the System32 folder. After creating the new MDT Boot image all these tools will be available out of the box when doing some troubleshooting.

image

Tip 2: Jason Scheffelmaer just posted a smart way to store all the Wizard files on a network share and just load them on-the-fly. This way you don't need to update your Boot images every time you need to make changes to your scripts. So I really recommend having a look on Moving the MDT Wizard off your boot disk.

 

- Create a new MDT Boot image using the ConfigMgr console and make sure you enable the “Add media hook files to enable the Deployment Wizard for this boot media” option and also add the path to the Directory we just created for our additional files as an “Extra directory to add:”

image

 

Make it available

- First, if you don’t have them, create (at least) one collection per OS you would like to deploy and advertise an OSD Task Sequence. Preferably set the Advertisement to mandatory and make sure you check the “Make this task sequence available to boot media and pxe”. You need to do this per Primary Clients are assigned to.

- Hide additional Collections with advertised OSD Task Sequences (testing, etc) from the wizard by adding the word “Hidden” to the Comment of the Collection.

Later the wizard will query for all Collections with an OSD Task Sequence assigned and show them as a list you can choose from. So make sure you give it a useful name.

 

The following steps are only necessary if you want to use PSP to boot the computers. You can skip it if you use a Boot CD/DVD/USB Stick

- Create a new “Custom” Task Sequence called “Boot Wizard only

- Add a single “Apply Operating System” step

- Disable this newly added step!

- Configure the Task Sequence to use the Boot Image from the last section and limit it to run only on Windows 2000, XP 64Bit or any other OS which isn’t used within your environment.

(We now have a OSD Task Sequence we can use to PXE-boot a computer but it is not able to actually do anything.)

 

- Advertise the “Boot Wizard only” Task Sequence to the “Unknown computers” collection (you don’t have an unknown computer collection? Upgrade to SCCM R2 ;-) ). Don’t make it mandatory. Add the word “Hidden” somewhere to the Comment. This ensures that the wizard will not recognize this Advertisement as a valid OSD Advertisement.

- Advertise the “Boot Wizard only” Task Sequence to the “All Systems” collection. Don’t make it mandatory. And again add the word “Hidden” somewhere to the Comment of the Advertisement to “hide” it from the webservice. (The word “Hidden” ensures that the webservice function “HasOSDAdvertisement” does not recognize these advertisements as valid OSD Advertisements. This function is called by the wizard during the initialization and it will stop the wizard from showing up if a valid OSD Advertisement has been found as it assumes that a valid OSD Advertisement has precedence over choosing an additional one.)

 

You fear advertising something to All Systems? You are right, everybody will tell you to never advertise something to All Systems. It is not recommended and can be very dangerous. And I totally agree, it can become very funny if you make a mistake. But the Task Sequence we advertise isn’t able to do anything. It does not contain any valid step and it can also only run on Windows 2000 machines (or whatever you configured before). You can also use the “All Workstations” or something similar. Beside this slightly dangerous way, there are two more options which enable you to PXE boot known computers in SCCM. You can either delete the computers from SCCM before booting (actually making them “unknown” ;-) ) or using a different PXE Server (or WDS without the PSP Role). Not using the PSP Role is working quite well, I favorite this solution as it gives you far more flexibility on PXE Booting (you can add additional Boot images like Recovery images or Virusscanning, etc), but it works only well if you have only very few sites as it takes some additional handwork to get those images running and even more to keep them updated. This guide assumes a certain scenario so it’s up to you choosing a different way as it is just one possible way to achieve the required result. The presented solution will work in most environments and has been used and tested in small to large environments. But as always, you are doing this on your own risk.

Please don’t hesitate to send me any problem or question you might have implementing this. Also suggestions for improving or any other feedback is highly appreciated even if commenting on MyITForum Blogs is a bit restricted ;-)

 

If you want to dig a bit deeper into this topic or need some more details, here some links to former posts about the custom boot wizard:

- Create your custom Boot Wizard - some advanced stuff

- Create your custom Boot Wizard - Display dynamic data

- Create your custom Boot Wizard - Execute the Wizard, process the results and create the Boot image

- Create your custom Boot Wizard - Make it available for all known and unknown Computers

 

Some of the information in these posts are targeted for MDT 2008. With MDT 2010 there are some changes you should be aware of or might need to use and extend your wizards:

- Upgrading your custom wizard panes to MDT 2010 - Database and Webservice calls

- Making custom Database and Webservice scripts work again in MDT 2010

 

Also have a look on two CodePlex projects which you can use to extend your current MDT solution:

- MDT Customizations

- MDT Web FrontEnd

Filed under: , , , , ,

Comments

  • No Comments

Recent Posts

More about MDT

Projects

Copyright - www.myITforum.com, Inc. - 2010 All Rights reserved.
Valid CSS & XHTML
Skin adapted from Arcsin by Kyle Beyer