Had a situation this week where I needed to configure IP address, IP Gateway, DNS, Subnet Mask, and DNS Suffix from the command line. Not hard once you have the commands. Putting it here as a reference for myself and others. Here are the three commands for doing this…be careful of line wrapping.
netsh interface ipv4 set address name="local area connection" source=static address=10.10.0.100 mask=255.255.0.0 gateway=10.10.0.254
netsh interface ipv4 add dnsserver name="local area connection" address=10.10.1.1 index=1
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v "SearchList" /d "domain.com" /f
How many times have you worked with Task Sequence variables via either a script or CustomSettings.ini and really needed to know what the value of a particular variable was at a specific point in the task sequence? I really need to know what that variable is so that I can use it appropriately for some of the customization I have set around the variables.
One of the most helpful posts I have come across in the last several months was written by Daniel Oxley on the Deployment Guys blog. It was a post from a while ago that essentially shows how to easily log the variables. You simply download the VBS from his post and put it in the scripts folder of your MDT package. Then just call the script via a “Run command line” task. It dumps a log to the standard logs folder on the client with Variable/value for every variable that is currently in use. One cool thing is that it names the file based on date/time stamp, so you can run it multiple times in the same task sequence to see how the variables change as it walks through the process. I found it to be immensely helpful when working with some of the other MDT scripts that are customized heavily on variables.
Check out Daniel’s post and download the script here.
Fairly recently I was talking with someone who was in the midst of an XP to Windows 7 migration. They were replacing groups of computers and using a ConfigMgr task sequence to install Windows 7 on the new computers…with the USMT integration migrating the user state. Now…before that can be done, there are a few things that have to be set up:
- Create a Computer Association between the old computer and the new computer
- Add the old computer to a collection that will run a task sequence to capture the user state
- Add the new computer to a collection that will install Windows 7 and restore the user state
The guy I talked with was having a very slow time manually clicking through the ConfigMgr GUI to create these Computer Associations one by one. That is an awful lot of clicks and it was obviously slowing down his ability to move the migrations along at the speed he wished.
So…I did a little internet scavenging of scripts and put them together inside a different framework. I freely admit that my main contribution to this was pulling key components out of the other scripts and putting them into a framework that worked well for this purpose. The end result is that the task that was taking several hours for him to do by hand is now accomplished in a few seconds.
First there was a script that I found referenced by several people that was originally written by a guy named Mark Nunn. His website is now dead, but I found where his “Add to Collection” script was available on myITforum.com. From this I mainly pulled the command for adding to a collection along with how to equate a computer name to the SMS ResourceID.
Second was an excellent post by Donnie Taylor. His script will create the computer association one at a time via command line arguments. It does require that the command line argument be the SMS Resource ID of the computers. His script showed the command line for creating the computer association along with having a basic logging function.
I took those two and put logic around them to create a script that will read computer names from a CSV file, query ConfigMgr to find the SMS ResourceID, then create the association and add each computer to the appropriate collection. The list.csv file expects the first column to be the computer names of the “old” computers and the second column to the the “new” computers. The script does expect a command line argument of “import” before it will do anything. Read through it carefully…you will need to set the name of your server, the path to the CSV and the path to the log file, along with setting the Collection IDs of the Capture and Restore collections that the computers will be added to.
There are definite limitations to the script. If a computer name is in ConfigMgr more than once…I honestly don’t know what it will do. I think it will grab the first one that it finds, but I don’t know for sure. I’m sure there are others, but that is a glaring one. Feel free to download and use…but as always…use at your own risk…the script is free…you get what you pay for! You can download it from my SkyDrive.
I’ve had a vbscript that I wrote for setting a registry key that has been causing me problems today. It’s a pretty simple script…just writing a DWORD value to HKLM to disable the backup notification in the Windows 7 Action Center. The script works fine in my testing…both running as an admin and running as Local System. I had already deployed the script to numerous computers in a pilot group, and the advertisement status was reporting that the script was completing successfully. Then I got a call saying that the notification was still showing up. I checked the machine, and the registry entry was not there…even though the script ran successfully.
After beating on it for a while I discovered the problem…the 64 bit redirection is getting in the way. In a nutshell, if a 32bit program attempts to write to certain sections of the registry, the registry call is redirected to HKLM\Software\Wow6432Node instead. This is essentially the “32 bit section” of the registry. In this instance, the script is being run by the ConfigMgr client…which is a 32bit program. The script was completing successfully…writing to the Wow6432Node instead of where I needed it to write. I did a ton of research to try to find a way around it from within the script, but was unable to figure out how to do it from within the script. However…there is a way to accomplish what I am wanting to do in ConfigMgr…
- Set up a Custom Task Sequence and use a “Run Command Line” step.
- Point that step to use the ConfigMgr package containing your script.
- The command line should be “cscript.exe scriptname.vbs” (without the quotes of course)
- Ensure that the checkbox for “Disable 64-bit file system redirection” is checked.
- Advertise that Task Sequence to the computers that you need it to run on.
After doing that, it worked like a charm.
Rick emailed me asking the following question about the PowerShell script I wrote last year for adding a domain user to the local admin group on a computer.
How would I loop thru the script for multiple machines ? i.e how to add an account to the local admin groups to a list of systems in a csv
Short answer is you need to look using two PowerShell cmdlets in conjunction. They are:
Hope that helps.
Scott sent me this question via the contact form on my blog:
I saw a post you made about using PowerShell to add a domain user to a local administrator group during a task sequence (https://verbalprocessor.com/2008/04/08/add-domain-user-to-local-administrators-group/). I am trying to do the same thing, but don’t necessarily want to incorporate PowerShell at this time. I was hoping to use MDT and the Administrators1 task sequence variable, but this doesn’t seem to work. I have a vbscript that works when run manually, but it can’t connect to the domain to get the user account object when executed via the task sequence. I’ve tried a few different methods to run under a certain service account, but unless that account is an admin, it doesn’t seem to work. You had indicated that you have a VBscript that was doing this successfully. Can I by any chance get a copy of that script? If you have any other suggestions for me, I would welcome that as well. I look forward to hearing from you. Thank you!
I think Scott may have misunderstood what I did in that post. In the post that Scott references I wrote a PowerShell script for running manually after the task sequence is finished to add a domain user to the local admin group of a remote machine. In that post I actually mentioned that I had trouble getting it to work with VBS…even though I was using a Scripting Guys post to try to build the VBS version. I can’t locate the particular Scripting Guys article that I was looking at, but there are several posts related to this from community members at this link.
I did have a VBS that would do this as part of a task sequence that I used at a client earlier this year, however for some reason it stopped working in my demo environment…and I don’t know why. So unfortunately, I don’t have a working VBscript for this that I can share.