Installing "Applications" during the task sequence and installation enforcement

Similar Messages

• Does 2012 OSD get around requirements to get to the MP during the task sequence?

  Currently right now I am working in an environment where we are on SCCM 2007, but will be going to 2012 next year. We are in the process of trying to make it so we can build on a secure network that cannot route to any other network. I am prepared to put
  a DP out on this same network, but the problem I am running into is that during the task sequence starting, it downloads the task sequence from the MP, not the DP as it is not associated with the package. The MP is not on the same un-routable network. We will
  need to have about 6 or so of these, so we do not want to setup 6 MP because now you are looking at not only 6 primary site licenses, but 6 SQL installs (Our environment will not let me get away with doing SQL express for support reasons) which adds up quickly.
  Below is a link to exactly what I am speaking about:
  http://blogs.technet.com/b/configurationmgr/archive/2009/04/16/configmgr-2007-primary-site-mp-is-used-for-the-task-sequence-even-when-deploying-osd-images-to-secondary-sites.aspx
  What I am wondering is if SCCM 2012 OSD was structured differently in a way that access to the MP is no longer necessary during the task sequence process (say for example the task sequence xml is replicated to DPs too)?
  Thanks. 

  My apologizes. I was meaning to say Primary, Secondary Sites. Not MPs. I brought this up to give reference to idea about the boundaries that I am going to have to use to prevent these clients from contacting DPs they they can't route to.
  The idea behind getting off the build network and onto a prod is that security requirements from my companies Infosec require that we limit the amount of traffic on production networks. The idea is that the server be built on the build network, disconnected
  and brought into prod. The whole time the MP would be the same, but the DP would switch based on the prod network they were brought into as DP will reside in these prod networks which will get flipped over by the boundary for the prod subnets. Once on the
  prod network they would be able to contact the MP. 
  I would love to do stand-alone media, this is one of the first roads I started looking down as I have done them in the past for offline builds, but I need the machine to auto assign its hostname from a external servers that will script the build. The build
  process we are trying to put into place will be started from an external website. My first thought was to have it add the machines to a collection and add a variable that would be turned into a task sequence variable during the TS and use it for the hostname
  when it attempt to apply the Windows settings. The only way I think I could get this to work would be to write a script that is executed during the task sequence that would match the MAC address of the machine and assign the hostname by calling on another
  share that is written to by the external website with the MAC and hostnames. The only problem that I cannot get around is that this build process needs to be fully automated and this is for both virtual and physical. I have no problems mounting a stand-alone
  build ISO using a script for VMWare, but the problem starts when I look at the physical and limitations of scripting for both iLo and iDRAC for performing this step. iLo can be done, but iDRAC is limited. 
  As for a reverse-proxy I will not be able to look at that. They have specific requirements against using reverse-proxies in only specific situations and this it not allowed. I got turned down on this one. This requirement is created by a federal regulation
  my company has to follow. 

• Install application step on task sequence - application does not appear in the application list

  Hi,
  I am trying to create a build and capture task sequence and add some application installation steps in the process.
  On Install the following applications step when I click the star to choose which applications I want to install, Office 2010 application is not listed there, even though it is available in software library
  and and I've been installing it successfully from application catalog.
  I tried changing the setting "Allow this application to be installed from the Install Application task sequence action instead of deploying it manually", but it had no effect.

  See http://technet.microsoft.com/en-us/library/hh846237.aspx:
  The applications that are installed must meet the following criteria:
  It must run under the local system account and not the user account.
  It must not interact with the desktop. The program must run silently or in an unattended mode.
  It must not initiate a restart on its own
  Torsten Meringer | http://www.mssccmfaq.de

• Using a environment variable that was created during the Task Sequence process - SCCM 2012 R2

  Hi,
  I'm triyng to use a environment variable that is create in the beginning of the Task Sequence.
  1. I'm using a VBScript that get the Exit Code of an application, and create the environment variable "iReturn" with the value of the exit code. (This is working)
  2. I add this variable in the CustomSettings.ini, like this "iReturn=%iReturn%
  3. After the step that I run the VBScript I put the "Gather" step to get the variables, but looking in the BDD.log the iReturn variable appears the same as the CustomSettings.ini configuration "iReturn=%iReturn%". (But, if I put a "Restart
  Computer" step after the VBScript, the BDD.log shows the iReturn variable with the right code.)
  Question: How can I update the environment variable of Windonws XP to use in the Task Sequence without restart.
  OR
  How can I configure autologon in SCCM 2012 (if have no way to update withou restart computer).
  I already tried the autologon with registry settings and a specific user, If I starts the process with this user works, but If I starts the process with other user, after the autologon the process doesnt continue, I have to do logoff and login with the user
  that I started the process.
  PS: All this steps have to be executed before the WinPE phase. 

  Environment variables must be explicitly set every time a system boots so unless you have a process to repopulate it after the reboot, it won't persist automatically.
  Why not store the value in a task sequence variable so that it persists after a reboot?
  Jason | http://blog.configmgrftw.com | @jasonsandys

• Non-Deployed Applications in OSD Task Sequence Are Deployed To Collection Members where OSD TS is deployed

  Hello,
  I have a situation where an application (which is not deployed) that is part of an OSD Task Sequence is being deployed to computers that are in the same collection my TS for OSD is deployed.
  For OSD I have created an application to check the BIOS version and upgrade the BIOS if there is a newer one available. The application has numerous deployment types (13) due to various hardware models and the requirement to go to several intermediary BIOS
  versions to reach the current newest version. There are dependencies configured to handle these incremental bumps.
  The OSD TS is deployed to a collection that contains all windows desktop class operating systems. What I have seen happen once is that one users workstation somehow discovered and installed the BIOS Upgrade package and their BIOS was upgraded on their workstation.
  I've checked the logs on several other machines and this same application has been run as well.
  The application is configured "Allow this application to be installed from the Install Applications
  task sequence action without being deployed" which allows it to be ran from a TS even though it is not deployed.
  I have verified the application is not deployed. I have verified there are no superceedence rules configured. As I stated, there are dependencies, but all dependencies are within this one application.
  What I do not understand is, how can an application that is not
  deployed and is only referenced in an Operating System Deployment Task Sequence able to be ran outside the task sequence?
  This is/has occurred with computers imaged with cm2012 and with computers imaged with cm2007 who have now been migrated to cm2012.
  I'm fairly sure that it is due to the task sequence and where it is advertised. Computers that are not in this collection do not show the application being applied in the AppEnforce.log. If it is the TS that is causing this, how can something that is designed
  to be a "sequence of tasks", allow something to occur out of that sequence?
  Current environment is CM2012R2.
  Any thoughts to what might be happening?
  Thanks

  Hello,
  After working with Microsoft Support, we were able to resolve the issue.
  Turns out there was something (old policies) "stuck" in the SCCM database that was causing this to be advertised outside the task sequence and not visible on the console. While they didn't call this "a bug" since it has happens with CM2007 as well, it definitely
  was not normal behavior. Still not sure how that could happen as I'm 99.99% sure I never deployed this to any collection, but that's what they said.
  It took several hours of support rooting through the database to figure out what was going on but after some SQL magic it was fixed. Sorry I don't have more specifics regarding the fix. MS basically said "If it happens again you can do this this and this
  in the db and voila its fixed". Since I'm likely to cause more damage (messing with the database) then good if it were to happen again I'd contact them.
  Anyway, this odd behavior has spooked me and I've reverted back to deploying the TS to the unknown computer collection. As much as it disappoints me to take a step back and cause more work for the guys doing the imaging, the extra safety this grants (if
  something like this or worse were to happen) I think is better than an OSD task sequence gone wild.
  Thanks,
  Mark

• How to fail the task sequence if an MDT variable is not populated?

  We are deploying Windows 7 using ConfigMgr 2012 SP1 CU3 integrated with MDT 2012 Update 1 using the MDT database locations table to populate the MachineObjectOU MDT variable.
  Currently the "Apply Network Settings" task will read the MachineObjectOU variable and add the computer account to the OU returned by the MDT database query.  If no value is returned it will not domain join the computer, instead it continues
  the task sequence and configures the machine as a workgroup machine.
  I would like the task sequence to fail if the MachineObjectOU variable is not populated by the MDT database query instead of continuing as a workgroup build.  What is the easiest way to do this?
  Thanks!
  FP

  I agree. 
  I would write a script that reads the Variable and checks that it has a valid content. 
  If it doesnt i would return an exitcode from my script and have the TS fail on that

• "The task sequence has been suspended. LiteTouch is trying to install applications. This cannot be performed in Windows PE."

  MDT 2012 Server is up and running. I mistakenly deleted a Task Sequence step called "Install Application" that I thought was not needed (I know I should have disabled it and tested).
  I have a problem now, when I went to image a computer I did not get application list (This used to work before I deleted the above TS step) with items to check and uncheck for installation.  "Install Application" TS was readded but now when I try to
  image I get this error:
  "The task sequence has been suspended. LiteTouch is trying to install applications. This cannot be performed in Windows PE."
  I've tried moving it to different positions on the list (Higher and lower) to no avail, I always get the same error. Please advise.
  -Thanks in advance!

  On the computer you are deploying to "the client", boot into WindowsPE just like you are going to image and before you authenticate or
  get any dialogue boxes, press F8 in WindowsPE to get command prompt and type the following:
  diskpart
  list disk
  select disk 0
  list part
  select part 1
  clean
  create part primary
  assign
  active
  exit
  Please mark this as the answer if it works.
  You are awesome this worked for me I didn't see how I was going to get my new computer to reimage again Thank you sooooooooooooo much!!!

• Orchestrator and SCCM 2012 integration: run task sequence and install assigned applications/packages?

  Dear,
  We do not have Orchestrator running in our SCCM 2012 R2 environment. Though I wonder if we could accomplish the following scenario with it:
  Task sequence Windows 7 => Orchestrator step which queries assigned installations to the computer object and installs them one by one.
  Could you advise?
  Kind regards,
  Stev.
  SteveWonB

  > > Define "assigned to computer objects". How is this done technically?
  Well, computer objects are members of collections via AD memberships, like the collection "W7-Google-Chrome" (exists of 100 computer objects).
  Deploy of packages is done to these collections. So a computer member of  "W7-Google-Chrome"  will automatically get Google Chrome.
  Some computers are member of 30 collections, some of 80.
  Goal is to have the task sequence run all applications/packages assigned (with their reboots if needed).
  Kind regards,
  Steven
  SteveWonB

• Whats the best way to apply office updates during OSD task sequence with Software Update Agent disabled?

  I am trying to update office via the SCCM 2012 R2 OSD task sequence. I know offline updating only updates the core components in the WIM and I'm trying to figure out how to add office updates as well. I am aware of using powershell to try and kick off
  a WU scan as seen here:
  http://myitforum.com/myitforumwp/2012/01/24/use-powershell-commands-to-assist-with-patching-during-sccm-image-build/
  But the kicker is we don't use SCCM to update the workstations (Solo WSUS install). Is there a way to do this (maybe set the client in the TS to switch on SUP, then off again when it goes off into production) rather than have to build a new image every month?

  You could use the ZTI_WindowsUpdates.wsf script from MDT.
  http://scriptimus.wordpress.com/2012/03/22/mdt-2012-automating-updates-in-lite-touch-deployments/
  How does it work?
  The task sequence steps run a script called ZTIWindowsUpdate.wsf. The script uses the
  Windows Update Agent API to manage the downloading and installation of updates. All audit information is written to the
  ZTIWindowsUpdate.log file. If you find any unusual error codes in your log returned from the API (although I never have)  you can compare the codes
  here. The script will also check and update the
  Windows Update Agent(WUA) as needed at the start.
  In its default state, the ZTIWindowsUpdate.wsf script will connect to Microsoft Update then search for and download all available updates including Security Patches, Drivers, Browser Updates and Service Packs. This is essentially the same
  as opening the GUI and selecting check for updates.
  Daniel Ratliff | http://www.PotentEngineer.com

• Install CS6 Applications via SCCM Task Sequence

  Hi
  We have an SCCM 2012 R2 infrastructure on our network, and want to deploy Adobe CS6 applications using Windows Installer Packages created with Adobe Application Manager Enterprise Edition 3.1
  We created individual packages for each application (for flexibility) following the instructions provided at this address: http://wwwimages.adobe.com/content/dam/Adobe/en/devnet/creativesuite/pdfs/AdobeApplication ManagerEnterpriseEditionDeploy…
  When we go to install the packages via an SCCM Task Sequence, the following occurs:
  1     The application is installed
  2     The application is not installed
  We have followed the instructions provided by Adobe for the deployment, and cannot get any consistency with the installers. For example, when we run the task sequence, the following applications will be installed:
  1     Dreamweaver
  2     Fireworks
  3     Flash Professional
  4     Illustrator
  5     InDesign
  6     Photoshop
  When we run the same task sequence again, the following applications are installed:
  1     Dreamweaver
  2     Fireworks
  3     Illustrator
  4     Photoshop
  The task sequence first images the computer with Windows 7, and reboots the computer between each application being installed
  I have also attempted packaging all the applications together, in a Design and Web Premium style package, with the same, unfortunate results
  Please, can you help with this?

  The error means RPC server unavailable. TS needs to invoke Execution Manager by RPC. This may be caused by the issue of RPC starting. I suggest you check the RPC service availability first. Another try is to add a restart computer step before installing
  SQL. If still no avail, add a Delay "cmd.exe /c timeout /t 900".
  Regarding the connecting network share issue, seems the network services has not been initializing or ready. Another possibility is the DHCP time out. Check the Event log and this may give you some clues of why the network is not ready or DHCP cannot get
  IP address. Network Monitor can also be used to monitor the IP helper when the Client try to send DHCP request after reboot.
  Juke Chou
  TechNet Community Support

• Nvidia (Quadro K2000) Driver isn't installed during OSD (Task Sequence succeeded) - HP Z620

  Hi everyone,
  I have added a driverset (HP Z620) in SCCM for the first time using our internal procedure (Importing Drivers to SCCM, Create Driver package with specific category, apply driver package in TS using WMI to query for the model).
  The Task Sequence succeeded, but the NVIDIA K2000 Graphics driver isn't installed (only HD Graphics 4000 driver).
  Looking at the drivers in the Driver Package, this should normally apply since the driver is compatible with this specific GPU.
  At the forums, I can see that some people have created a seperate package for the GPU driver installation using command line switches.. But looking at the environment at the customer, we have never done this and in the past, we have succesfully installed
  the driver for this GPU before.
  PS: The driver for the GPU in my new driver package (HP Z620) isn't the same as for previous models (HP Z220, Z230, Z600).
  Could you please advise me what to do? Should I have added something in the driver sources before importing the driver to SCCM?
  Thanks in advance!
  Kind regards

  Hi 
  I m installing Nvidia (Quadro K2000) Driver during OSD (Task Sequence succeeded) - HP Z420 
  Remove the Graphics driver for NVIDIA from the current driver database
  Added below task in the existing task sequence as invidual installation based on the Condition (WMI query)
  Command Line
  HP_Z420_Graphics_x64\Win64_332_50\setup.exe -s -k -clean -noeula
  This will install the desired driver and related configurable components 
  WMI Query
  select * from win32_ComputerSystem where manufacturer like '%hewlett%' and model like '%z420%'
  Currently I m looking out for the Errors codes needed to add to this task . Success codes 3010 and 0 already added

• Installing applications with new application model in task sequence - unstable?

  I've heard that installing applications with new application model in task sequence is not as stable, as installing applications as packages in task sequence? What do you think? 

  The deployment type issue was resolved in R2 CU1 :
  http://support.microsoft.com/kb/2938441/en-us
  Benoit Lecours | Blog: System Center Dudes

• Is there a pre-installed application on the iMac that would allow me to crate documents, presentations and spreadsheets or do I have to buy iWork for this?

  Is there a pre-installed application on the iMac that would allow me to crate documents, presentations and spreadsheets or do I have to buy iWork for this?
  Thank you.

  No pre-installed app that will do all that, and yes, you could buy iWork - or you could download the free (although they do seek donations) LibreOffice: http://www.libreoffice.org/ or OpenOffice: http://www.openoffice.org/porting/mac/

• My computer crashed and I cant reload firefox.. I have tried the task manager and deleting uninstalling and installing program again. I click on icon and nothing appears although is running in task manager

  My computer crashed and I cant reload firefox.. I have tried the task manager and deleting uninstalling and installing program again. I click on icon and nothing appears although it appears to start and is running in task manager, but the browser wont open.

  See:
  *http://kb.mozillazine.org/Browser_will_not_start_up
  A possible cause is security software (firewall) that blocks or restricts Firefox or the plugin-container process without informing you, possibly after detecting changes (update) to the Firefox program.
  Remove all rules for Firefox from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox and the plugin-container process and the updater process.
  See:
  *https://support.mozilla.com/kb/Server+not+found
  *https://support.mozilla.com/kb/Firewalls

• "The task sequence has been suspended" when using a conditional task sequence

  I'm getting the dreaded "The task sequence has been suspended. LiteTouch has encountered and Environment Error (Boot into WinPE!)" when using a conditional task sequence. 
  I've created a "Install Application" task  right before the "Restart Computer" in the postinstall phase. The task installs a Dell Bios update.  I've added two WMI conditions on the task, to match it with the correct model and to check that the
  bios not current.  This works very well, except for a strange issue.  When the computer reboots into WinPE, I get the error above.  The message stays for about 30 second and then disappears.  After that the computer reboots into Windows
  7, runs the Bios Update and throws up a similar message but with the addition of Use the desktop shortcut to resume.  (however there is no shortcut).  The message disappears after a while and the process stops there. If I reboot
  manually, the installation will continue and finish without any error. It's as if a LTIsuspend.wsf was inserted.
  Does anyone have any clue what's happening?

  Thanks for the answers, but I finally figured it out.  The problem was due to where I had inserted it during the deployment sequence.  The bios update task sequence was attempting to run in WinPE.  I moved the sequence to the state restore
  section and now it's working perfectly.  I was trying to run the update earlier during the installation sequence, as was recommened by Dell, but that doesn't appear to be feasible.  This will have to do.