UDI (MDT Update 1) Tech Driven User State Capture
Assumptions / Requirements MDT 2012 Update 1 is installed An MDT 2012 Update 1 Toolkit package exists The UDI XML configuration in use is based on the default configuration and does not significantly differ. Other UDI configurations necessary to make UDI functional have been (or will be) completed separately. Network shares exist to store captured data; the network access account must have full permissions to these shares. Configuration There are three separate sets of configurations/changes that must be made: UDI, task sequences, and an MDT script. UDI 1. Launch the UDI Wizard Designer 2. Open the desired UDI XML configuration file, most likely UDIWizard_Config.xml from the MDT 2012 Update 1 Toolkit package. 3. Expand the New Computer StageGroup and double-click the Select Target page in the REFRESH stage. 4. Under the Capture/Restore Location heading, expand the Lock Radio Buttons section. 5. In the expanded Lock Radio Buttons section, click the Unlocked button next to Local Radio Button and USB Radio Button to lock these and prevent them from being selected during the wizard. Note that once clicked, the buttons will change to Locked. 6. Under the Network Combo Box heading, expand the Network Capture/Restore Behavior section. 7. In the Network Shares area select Add Item. If an item already exists in the list box, right-click the list-box and select Add Item. 8. In the resulting Add Network Share dialog, enter an appropriate Display Name and a valid UNC for the Share. 9. Repeat steps 7 and 8 for each network share. 10. In the Network Username area (still in the Network Capture/Restore Behavior section under Network Combo Box), enter %_SMSTSReserved1%. In the Network Password area enter %_SMSTSReserved2%. These variables store the username and password of the network access account which will be used to connect to the share. 11. Under the Credentials Text Box heading, expand the Credentials Behavior section. 12. In the User Name Text Box area, select the RegEx validator in the List of validators assigned to this control list box and delete it. 13. In the Password Text Box area, enter %_SMSTSReserved1%. This could actually be anything as the password isn’t actually used to access anything; it’s used along with the name entered when the wizard is run to generate a hash that is used to store and encrypt the state capture data. Thus, as long as this password matches during the restore, it can be anything stored in a valid task sequence variable. 14. Click the Flow tab near the top of the UDI Wizard Designer. 15. Save the configuration file and close it in the UDI Wizard Designer. 16. Open the XML configuration file in your favorite XML editor – notepad will do. 17. Paste the following after the last Stage element: <Stage Name="REPLACE.FullOS" DisplayName="Replace, in full OS"> <PageRef Page="WelcomePageReplace" /> <PageRef Page="ConfigScanPage" /> <PageRef Page="UserCapturePageOldPC" /> <PageRef Page="ProgressPage" /> </Stage> 18. Save the file and re-open it in the UDI Wizard Designer. 19. Scroll down and expand the Replace StageGroup. 20. Under the Replace.FullOS stage, double-click the Select Target page. 21. Repeat steps 6 through 14 for this page. Note that for step 7 and 8, you can directly edit the XML and simply copy the appropriate section without having to retype everything. Save your work in the designer and make a backup before you do this; also, open it in the UDI designer after you make the changes to verify that you performed the copy correctly. 22. Under the Replace.FullOS stage, double-click the Capture Data page. 23. Select the Run USMT task in the Add/Edit Tasks list box and then push the edit button on the right. 24. Add /noprogress to the end of the Parameters line and click OK. 25. Save the configuration file and update the package containing the file in ConfigMgr. Task Sequences The following task sequence must be created and deployed for capturing the user state from an existing system that is encrypted. Once the state is captured, an existing UDI deployment task sequence can re-image the system and restore the user state. State Capture This task sequence is run on the existing system to capture its state. It is run from within the existing OS. 1. Create a User Driven Installation Replace Task Sequence using the Create MDT Task Sequence wizard in the ConfigMgr console. Complete the wizard; choose existing or create packages as necessary. 2. Edit this newly created task sequence. a. Disable the Windows PE and second Current OS groups. b. Move the following tasks from the Windows PE group to the first Current OS group immediately after the Disable Bitlocker task and maintain their order: Copy App Disc Files to Temp Copy Printer Files to Temp Copy Product List to Temp Capture Computer Name Copy SMS Logs Rename Log Copy Logs c. Disable the Restart Computer task at the end of the first Current OS group. 3. Update the UDI Wizard task. Add /FullOS to the end of Command line. 4. Deploy this task sequence as needed. Deploy There’s nothing special to do as long as the deployment TS was created from the Client Task Sequence MDT template. Simply deploy it and run it on the target system via PXE or boot media – do not start it from within the existing OS instance. MDT Script 1. Copy the attached, slightly modified ZTIUserState.wsf and UDIWizard.wsf script files to the Scripts folder of the MDT 2012 Update 1 package source directory. 2. Update the package in ConfigMgr. Test Run 1. Open Software Center on the system and initiate the Capture/Replace task sequence. 2. Select the Network radio button and choose the desired location from the drop-down. Enter any unique identifier in the User name field; e.g., the computer’s name. Do *not* change the Password or Confirm Password fields. As mentioned above, a hash is generated from the values entered in the User name field and the Password field. This hash is then used as the directory name where the user data is captured. The value entered in Password field is also used to encrypt the data. If you enter the same value in the User name field as was used for a previous capture, the following dialog will be displayed: 3. Reboot the system and initiate the deployment task sequence on the system. 4. Select Network and the desired location to restore data from. Enter the same unique identifier used in step 2 above. Do not change the values in the Password or Confirm password fields. If you enter an identifier that does not correspond to any captured state data, a warning message will be shown at the bottom of the wizard after the Next button is clicked. 5. Finish the wizard. From: [email protected] [mailto:[email protected]] On Behalf Of Niall Brady Sent: Tuesday, June 17, 2014 12:35 PM To: [email protected] Subject: Re: [MDT-OSD] Editing UDI Wizard thanks Todd i'll fix that and here's part 17 http://www.windows-noob.com/forums/index.php?/topic/5221-using-sccm-2012-rc-in-a-lab-part-17-using-mdt-2012-rc1-within-configuration-manager-2012/ On Tue, Jun 17, 2014 at 7:12 PM, Todd Hemsell <[email protected]<mailto:[email protected]>> wrote: I love your site! It has saved me quite a few times. Just an FYI, on this page http://www.windows-noob.com/forums/index.php?/topic/5250-using-sccm-2012-rc-in-a-lab-part-18-deploying-a-udi-client-task-sequence-with-mdt-2012-rc1-integrated-in-configuration-manager-2012/ The link that says " In Part 17 we configured MDT 2012 and used the UDI Wizard designer to configure the default Custom XML file used in a UDI task sequence. " The link actually points to part 16. I cannot find a link to part 17. Thanks, Todd On Tue, Jun 17, 2014 at 11:55 AM, Niall Brady <[email protected]<mailto:[email protected]>> wrote: Theres one on windowsnoob Sent from my phone, please excuse any typo's as a result. On 17 Jun 2014, at 18:36, Todd Hemsell <[email protected]<mailto:[email protected]>> wrote: Examples? Did you by chance make a how to for using UDI? On Tue, Jun 17, 2014 at 11:19 AM, Marcum, John <[email protected]<mailto:[email protected]>> wrote: BTW…. There are some that, if removed, will break things. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Todd Hemsell Sent: Tuesday, June 17, 2014 11:12 AM To: [email protected]<mailto:[email protected]> Subject: [MDT-OSD] Editing UDI Wizard I do not seem to be smart enough to figure out this UDI wizard thing. I want to remove some pages. <image002.jpg> And then I get this error. <image003.jpg> ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer.
