The Deployment Guys

Helping to deploy your world automagically...

Location Deployment Wizard for ConfigMgr 2007

Location Deployment Wizard for ConfigMgr 2007

  • Comments 15
  • Likes

When working on deployment projects, there is often a requirement for a workstation to be customised on a location by location basis. Common workstation customisations which are applied in this manner include:

  • Localisation settings (locales, keyboard settings, time zones, Windows (Windows Vista/Windows 7) language injection
  • Domain membership/organisational unit join information
  • Location based applications to be installed
  • Site or location based administrator groups or accounts that need to added to the local administrators group

The Microsoft Deployment Toolkit (MDT) and its accompanying database offers features to tailor a workstation based on its location during a deployment. The MDT Database allows locations to be defined and a set of location specific settings can be stored against each entry. When a workstation is been deployed, an MDT database lookup determines its location and collects the relevant build settings for that location. The location is determined by carrying out a lookup of the default gateway on the target workstations assigned NIC against default gateways assigned to locations in the MDT Database. To learn more about the Microsoft Deployment Toolkit and the database supplied with MDT see http://technet.microsoft.com/en-us/solutionaccelerators/dd407791.aspx

During a mass deployment it is quite common for workstations to be built in central locations and then to be shipped to other sites for use. In these circumstances, the MDT Database location functionality may not be as useful as any database location lookups will return settings for the site at which the workstations are being built and not the site to which the workstation will be eventually shipped.

A solution to this is to use a location deployment wizard when using the MDT Database along with System Center Configuration Management (ConfigMgr) 2007 Operating System deployments (OSD) in zero touch scenarios. A location deployment wizard is an HTA that is displayed to the user/build engineer at the start of the workstation deployment process to display the location in which they are currently situated. If the location is the site at which the workstation will be based they can click next and the deployment will continue applying all the deployment settings for that site. However, the wizard allows an “override” for the detected location and allow the user/build engineer to select another location from the MDT Database. Overriding the detected location will apply all of the selected location deployment settings from the MDT Database to the workstation despite it not being at that location. This solution allows workstations to be built in a central location whilst being fully customised for their destination locations.

The location deployment wizard is an HTA that is stored in a customised ConfigMgr OSD boot image and is executed before a ConfigMgr task sequence starts. The HTA uses Operating System Media Pre-Execution Hooks (http://technet.microsoft.com/en-us/library/bb694075.aspx) to place itself before the task sequence window. The location deployment wizard allows inputs that are stored as a ConfigMgr task sequence variable. The location variable can then be used by a ConfigMgr deployment task sequence to recover settings from the MDT Database throughout the deployment (During ZTIGather phase).  

Location Wizard 01 Location Wizard 02     

Pre-Requisites

The following pre-requirements should be configured in your deployment environment:

  • System Center Configuration Management 2007 (RTM, SP1, R2 or SP2 beta) environment configured for OSD deployments.
  • Microsoft Deployment Toolkit 2008 / MDT 2010 Workbench + Database hosted on Microsoft SQL 2005 or 2008 (Express / Standard / Enterprise)
  • ConfigMgr 2007 console with integrated MDT console functions
  • The MS SQL Database hosting the MDT Database should be configured to allow NamedPipes
  • A share should be setup on the MDT Database server for authentication when using NamedPipes from a WinPE environment by using the SQLShare$ method.
  • ConfigMgr “Network Access Account” should have db_datareader access to the MDT SQL Database
  • Another AD account should be created which is assigned db_datareader access to the MDT Database. Note This account will be stored in a plain text file in the ConfigMgr OSD Boot image. This account should be limited to just db_datareader access on the MDT SQL Server and denied all other rights on the domain

Location Deployment Wizard Setup Steps

Download the location deployment wizard attached to this post and extract the files to a temporary location on the computer/server which has a ConfigMgr 2007 Console with integrated MDT console functions. There are 4 components which need to be configured in your environment for this solution to operate:

  1. Configure the Bootstap.ini file
  2. Create a custom boot image
  3. Configure Location settings in the MDT Database
  4. Configure CustomSettings.ini file
1. Configure the Bootstrap.ini file

The Bootstrap.ini file contains the settings required by the Location Deployment Wizard to make the initial connection to the MDT Database. These settings need to be configured for your environment:

  • Edit the Bootstrap.ini file in the Location Deployment Wizard\LocationDeploymentWizard folder. This file is used by the location deployment wizard HTA to connect to the MDT Database for the first time:
    • Replace <USERNAME> with the AD account created for reading the MDT Database in the pre-requirements e.g. CONTOSO\MDTDBReader
    • Replace <PASSWORD> with the password of the account entered above
    • Replace <SQL SHARE FOR AUTHENTICATION> with the name of a shared folder on the MDT Database server e.g. \\MDT01.contoso.com\SQLShare$
    • Replace <MDT DATABASE SEVER> with the fully qualified domain name of the MDT Database server e.g. mdt01.contoso.com
    • Replace <MDT DATABASE NAME> should be replaced with the instance name of the MDT Database in SQL e.g. MDTDB
2. Create a custom boot image

During OSD deployments a WinPE boot image provides the environment for deploying a workstation. ConfigMgr 2007 provides default boot images in the Operating System Deployment -> Boot Images node in the console. A new custom boot image needs to be generated containing the location deployment wizard HTA and its supporting files – this will execute when the boot image first loads on a workstation:

  • Create a new custom boot image in the ConfigMgr console using the “Create Boot Image Using Microsoft Deployment” wizard:

Location Wizard 03

  • Follow the wizard, selecting the default options. On the Image Options page set the Extra Folder to Add as the Location Deployment Wizard folder which is found in the root of the files extracted earlier
  • Complete the wizard selecting the default options. ConfigMgr/MDT will now create a new customised boot image with the location deployment wizard included.
  • Assign the boot image to the OSD deployment task sequence that you wish to use the location deployment wizard with:

Location Wizard 04

3. Configure location settings in the MDT Database

Locations and their associated settings need to be configured in the MDT SQL Database, these are typically configured through the interface in the MDT workbench. In the MDT workbench go to the Database >> Locations Node. Here you can add as many different locations as are required for your environment.

  • For a location to be available to the location deployment wizard it must be assigned at least one default gateway. This can be found in a locations properties on the Identity tab.
  • If no default gateways for a site are initially known then assign 0.0.0.0 as the default gateway for that location. Although this site will never be automatically detected by the location build wizard, it can be manually selected.
  • In the Details tab of a locations properties use the SERVERA property to populate sites or country e.g. UK. This is used by the location deployment wizard to break down the locations so there is not just one long list:
  • Populate any other deployment site settings as required for your deployment including locales, time zones, keyboard settings, UI Language, location specific apps and location specific admins.
4. Configure CustomSettings.ini file

The CustomSettings.ini (http://technet.microsoft.com/en-us/library/bb977690.aspx) is a rules file which is used to automate deployments and setup how to query settings from the MDT Database. The location deployment wizard has its own CustomSettings.ini which is used during Gather phases in a ConfigMgr task sequence to retrieve location settings from the MDT Database. The CustomSettings.ini file included in the supplied location deployment wizard must be customised to your environment:

  • Edit the CustomSettings.ini file located in the root of the extracted files. The customsettings.ini file is a rules file is used by the MDT script ZTIGather.wsf to gather all of the location based settings from an MDT database:
    • All instances of <FQDN MDT DATABASE> should be replaced with the fully qualified domain name of your MDT Database server e.g. mdt01.contoso.com
    • All instances of <MDT DATABASE NAME> should be replaced with your MDT Database name in SQL e.g. MDTDB
    • All instances of <AUTHENTICATION SHARENAME> should be replaced by your shared folder name on the MDT Database server e.g. SQLShare$

Once the customsettings.ini file has been updated it should be wrapped up into a ConfigMgr package (typically this is the MDT Settings package) and sent to all distribution points on your network which will be used for OSD. This rules package must be used by all Gather phases in your MDT integrated deployment task sequence to gather location settings from the MDT Database.

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use.

This post was contributed by Mark Hooks and Richard Smith, consultants with Microsoft Services – U.K.

Attachment: Location Deployment Wizard.zip
  • Nice one guys, this will sure come in handy!

    You guys might want to take a look at: http://www.ithastobecool.com/2009/08/17/zerotouch-for-mdt-2010-without-sccm/ as well :)

  • This is great!  I'm having a little trouble though and hope you can help.  Upon PXE-booting into WinPE, I see the "Windows is starting up..." message and then "Preparing network connections. I type in my password (password-protected PXE Service Point) and that's when the "Contoso Build Wizard" screen should appear allowing me to specify a computername and location. Instead, I see a flash (possibly the "Contoso Build Wizard" appearing and then closing) and get the window "Initialising connection to MDT Build Database" (with the Task Sequence Wizard underneath). The database initialization screen goes away after about 30 seconds and then all I see is my Task Sequence Wizard for selecting the advertised deployment task sequence for my image. I've tried hitting F8, navigating to where the LocationHTA.hta file resides and rerunning it from the WinPE command prompt, but the "Contoso Build Wizard" just appears for a second or two and then disappears again. It appears I am experiencing a login failure to SQL as I can get the following error to appear by commenting out the "On error Resume Next" command on line 113 in the LocationHTA.hta file.

    *******************************************

    An error has occurred in the script on this page.

    Line: 116

    Char: 3

    Error: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

    Code: 0

    URL: file:///X:/LocationDeploymentWizard/LocationHTA.hta

  • For non-config manager usage of similar functionality, you can utilize a modified version of Schuff's Role Selection wizard here:  http://myitforum.com/cs2/blogs/jscheffelmaer/archive/2008/06.aspx

    By duplicating location information into your Roles database, and utilizing this, you can create a similar functionality for MDT based LTI deployments.

    With some custom modifications to this i have very similar functionality in my MDT environment for LTI, allowing "Depot Sites" to image systems for multiple locations, while still maintaining their site specific setups in the database.

    Also, by kicking this off via a userexit, you can remove the need to modify your boot media for this same functionality, and everything is kept serverside. (simply reduces boot media updates)

    -D

  • You Guys Rock!

    cdrider,

    I received the same error until forcing it to connect using the Named Pipe protocol.

    On line 117 in the LocationHTA, add np: in front of the server name.

    Data Source=np:

  • cdrider, did you have any luck resolving your error?  I am encountering the same issue.

  • Hi guys-thank you for this post on SCCM and LDW - it's been very helpful. Question for you though: I get the Location Deployment Wizard screen to popup  right after I enter the password for the task sequence. It runs through connecting to the database and all that, gets to 100%, then just continues with the task process.

    The login audits on the SQL side say that the MDT user successfully connected to the database, so not sure why I'm not receiving prompts to change the locations, language, etc.....

    Any guidance would be helpful. Thanks very much.

  • Looks like one issue we couldn't get around was making sure that the sccm SQL server was installed locally on the SCCM  07 server.  Once we did that and did the named pipes change, everything worked perfectly...

    Not sure why the SQL location matters...

  • Can you still use the defaultgateway in customsettings.ini. I am setting location as an SCCM variable which works great if I change customsettings.ini to search on location as your example. Thing is for a "normal" install I would leave this variable blank and therefore want ztigather to pick up the location based on defaultgateway. I've tried putting BOTH Default Gateway and Location into the customsettings.ini and this works but SQL returns 2 records one for your "home" office gateway settings, then the variable you set for the other office. I can't get it to pick up just the one record. Any ideas ??

  • I had an issue with Windows PE connecting to the database after I had upgraded to SCCM 2007 SP2.  The error was "Safety settings on this machine prohibit accessing a data source on another domain."

    I have a post in my blog with the details to fix it:

    http://joshuasmueller.spaces.live.com/blog/cns!39ED2989E824DC77!343.entry

  • I'm working on a similar setup and followed the steps outlined above. I see the same error as cdrider mentioned above if I dont modify the code Data Source=np: i.e.,

    *******************************************

    An error has occurred in the script on this page.

    Line: 116

    Char: 3

    Error: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

    Code: 0

    URL: file:///X:/LocationDeploymentWizard/LocationHTA.hta

    *******************************************

    If I update the code with Data Source=np:, I see a different error which is as follows-

    An error has occured in the script on this page.

    Line: 132

    Char: 3

    Error: [DBNETLIB][ConnectionOpen (Connect())]SQL Server does not exist or access denied.

    Code: 0

    URL: file:///X:/LocationDeploymentWizard/LocationHTA.hta

    *******************************************

    My SQL server is ver 2008 and have ensured that Named Pipes are enabled under network configuration. I can also ping the server from the client end when I see this message. Not sure what I'm missing here. Can anyone help me with you valuable inputs?

    Thanks in advance.

  • Encountering the same kind of error as cdrider and Sridhar.

    Error: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

    While connecting to SQL database using a HTA which is ran in WinPE during the OSD deployment.

    "Provider=MSDASQL;Driver=SQL Server;Trusted_Connection=Yes;SERVER=SERVERNAME;DATABASE=DB;UID=domain\user;PWD=secretWord;"

  • I followed the instructions to the letter and I can't get the Location page to load before the Task Sequence

  • Hi "am I missing something",

    Here are a couple of things that could be causing this issue:

    1)      If you are not seeing the location selector page at all, it suggests that the WinPE boot image with customized pre-execution hooks has not been created correctly. The Pre-execution hooks in the TSConfig.ini file force WinPE to launch the location HTA before running the ConfigMgr Task Sequence wizard.

    2)      If the HTA is firing but not connecting to the SQL Database, a few people have posted about having this issue (Named Pipes v’s TCP) and there is a solution for this issue in the comments above.

    Thanks Ben (via Mark)

  • I am connecting to the share, everything is fine but I get Unable to connect to MDT Database. Same user credentials I use for everything else MDT

  • is LDW available for SCCM 2012 yet ?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment