Tuesday 25 November 2014

Using MDT to create an App Store

I thought I would share this as some people might find it useful. I maintain our deployment system and have recently overhauled it based on some excellent examples from John Arwidmark http://deploymentresearch.com and Mikael Nystrom http://deploymentbunny.com

Other I.T. staff need to deploy software to PC's and unfortunately we don't have access to SCCM or equivalent software so I combined an AutoIT script which runs the Litetouch.vbs with elevated rights and a specific customsettings.ini and TaskSequence to allow people to select applications available on MDT and install them with just a simple password. It works well for us.

If you don't have any licence issues with your software the same idea could be used to allow users to install software themselves.

Create the Task Sequence:

I created a task sequence with nothing other than State Restore and Install Applications enabled



Create the Customsettings.ini

Here you just need to specify anything you want to be automated.

[Settings]
Priority=Default,TaskSequenceID
[Default]
;SkipBDDWelcome=YES
UserDomain=domain.com
UserID=user with access to deployment share
SkipLocaleSelection=YES
SkipComputerName=YES
SkipComputerBackup=YES
SkipDomainMembership=YES
Skiptasksequence=Yes
SkipAppsOnUpgrade=YES
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipBitLocker=YES
KeyboardLocale=en-GB
InputLocale=en-GB
UserLocale=en-GB
UILanguage=en-US
SkipTimeZone=YES
TimeZoneName=GMT Standard Time
ApplyGPOPack=NO
KeyboardLocalePE=0809:00000809
KeyboardLocale=0809:00000809

[NAMEOFTASKSEQUENCE]
OSInstall=N
SkipCapture=NO
ComputerBackupLocation=AUTO

AutoIT Scripting:

This runs as an admin (If the user isn't already one) and picks the local deployment server based on subnet (3rd octet).

If Not IsAdmin() Then
  If $CMDLINE[0] = 0 Or $CMDLINE[1] <> "ReRun" Then
   If Not RunAs("username", "domain", "password", 1, """" & @ScriptFullPath & """ ReRun", @ScriptDir) Then Exit 1
   Exit 0
  Else
   Exit 1
  EndIf

;GET IP Subnet
$sVal = StringRegExpReplace(@IPAddress1, "\d+\.\d+\.(\d+).+", "$1")
 If $sVal > 0 Then
  Select
   Case $sVal = 135
    $Server = "server1"
   Case $sVal = 171
    $Server = "server2"
   Case $sVal = 2
    $Server = "server3"
 Case Else
    $Server = "defaultfailoverserver"
EndSelect

 run(@comspec & ' /c ' & @WindowsDir & '\system32\cscript.exe "' & $server & '\deploymentshare$\scripts\LiteTouch.vbs" "/TasksequenceID:|NAMEOFTASKSEQUENCE /rulesfile:\\pathtocustomsettings.ini""')

Non AutoIT:

If you aren't using AutoIT the key things to know are the variables to pass to Litetouch.vbs

/TasksequenceID - Name of Tasksequence
/Rulesfile - Path of Rules file to process (Instead of the server default)
Posted by at No comments:

Disabling UAC from the command line

This is a useful command for those of you creating task sequences, I turn UAC off early in the task sequence to prevent it causing problems. As we have a controlled environment (No users are administrators of their devices) I leave it off permanently as we use a lot of AutoIT scripts and UAC causes problems.

CMD /C REG.EXE ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

It will take effect after the next restart.
Posted by at No comments:
Subscribe to: Posts (Atom)