Download presentation
Presentation is loading. Please wait.
1
MDT and PowerShell, Volume 2
Michael Niehaus Director of Product Marketing Microsoft Andreas Hammarskjöld Co-Founder 2Pint Software
2
Michael Niehaus Andreas Hammarskjöld @mniehaus @AndHammarskjold
Recovering developer Coding addictive Deploying Windows for 21 years Deploying 19 years Cookies Wine
3
Back to the stone ages Remember “state of the art” for deployment in 2004? Business Desktop Deployment 1.0 Third-party imaging tools Other random command-line tools Kixtart scripts, batch files as “glue” Windows 3.1, Windows 95, Windows NT 4.0, Windows 2000 moving to Windows XP Needed minimal runtime footprint
4
Moving forward Shifting to new technologies in 2004-2005:
Business Desktop Deployment 2.0 and 2.5 Switched to ImageX (WIM) imaging tools Other random command-line tools VBScript as “glue” “Monad” beta released in 2005, released as PowerShell in 2006 Required Windows XP SP2 (2004), .NET Framework 2.0 (2005) Windows 95, Windows NT 4.0 to Windows XP
5
The Modern Age Solid foundation established in 2007:
Business Desktop Deployment 2007 PowerShell-based MMC console Task sequencing engine borrowed from SMS 2003 OSDFP Other random command-line tools VBScript as “glue” HTML-based Hypertext Applications (HTAs) for wizards Windows 2000 to Windows XP, Windows XP to Windows Vista, Windows Vista to Windows 7, Windows 7 to Windows 10
6
Dabbling in PowerShell
PowerShell features added in MDT 2012 “Run PowerShell Script” task sequence action Custom PowerShell host Automatically captures script output into a CMTrace-friendly file Uses the task sequencer progress dialog for first-level PowerShell progress Task sequence variable provider Exposes task sequence variables via TSENV: and TSENVLIST: PowerShell drives Long-term vision was to slowly replace VBScripts with PowerShell scripts…
7
“Stagnation”: The excuses
No architectural changes from BDD 2007 to MDT 2013 due to: Adding support for new operating system releases Requirements for new features (UEFI, BitLocker pre-provisioning, SecureBoot, in-place upgrade, DISM, etc.) Heavy use requires high quality, heavy testing About 39,000 lines of VBScript code (includes comments, blank lines) Limited personnel “It still works”
8
VBScript vs. PowerShell
Language robustness Minimal Great Extensibility COM (ActiveX controls) Cmdlets, COM, .NET components, dynamical code (C#) Useful extensions A handful built into Windows Scripting Host, a few available, fairly hard to create (e.g. Scripting.FileSystemObject) Many built into PowerShell, additional available, reasonable easy to create Debugging and diagnostics capabilities IT pro knowledge Declining Growing Windows PE footprint ~5MB ~125MB Client-side requirements A still-supported OS Windows Management Framework (20MB), .NET 4.5 (60MB) on Windows 7, built into Windows 10
9
Tools vs. Cmdlets Tool(s) PowerShell Module Concerns or issues
DISKPART.EXE Storage Unable to use PowerShell cmdlets to completely set up UEFI disks DISM.EXE DISM Somewhat fragile (e.g. must be loaded before MDT modules) SCANSTATE.EXE/ LOADSTATE.EXE (none) No module exists BCDBOOT.EXE BCDEDIT.EXE MANAGE-BDE.EXE BitLocker Don’t know yet… MSHTA.EXE .NET Framework Dynamically execute XAML PnpUtil.exe (MDT) PnpDevice Looks promising
10
Microsoft Deployment Toolkit: Components
Key Component Primary Purpose Suitability Workbench Gather all the content needed. Good, PowerShell-based tools for maintaining content support lots of automation possibilities (although on top of an aging MMC UI). Task Sequence Engine Orchestrate the process, tracking the state from old OS to Windows PE to new OS, across reboots. Good, overall capabilities meet the needs (with some enhancements, e.g. nested sequences, an easy possibility). Challenging use of state outside of task sequence. Task Sequence Templates Specify the steps to be performed to complete an OS deployment. OK, legacy carried forward from SMS 2003 underpinnings, somewhat risky to make significant modifications. Task Sequence Scripts Do the real work. VBScript with lots of Windows XP, SMS 2003, and other legacy “junk.”
11
Microsoft Deployment Toolkit: Theorems
Some pieces aren’t worth replacing (at least not yet) Workbench, Task Sequence Engine Some organizations want a fully-supported solution Continue providing current, fully tested and supported task sequences and scripts Some organizations are willing to use community content Create new task sequence templates, scripts, and wizards that work with MDT, Workbench, and Task Sequence Engine Maintained and tested by open source volunteers
12
Intro: PowerShell Deployment for MDT
Open source scripts, wizards, task sequence templates Available via Leverages Deployment Workbench, task sequence engine, and MDT PowerShell modules (task sequence variable, provider) Creates a new deployment share, completely separate from any other deployment shares Most definitely a work-in-progress Proof-of-concept starting point Enough to run simple task sequences, focusing on virtual machines (for now) Months of work still needed
13
Setting up PSD for MDT
14
Setting up PSD for MDT Simple process:
Download zip file from and extract the contents somewhere. Launch an elevated command prompt (or PowerShell ISE) and open the Install.ps1 file from the extracted Installer folder Make sure the path and share names are to your liking, edit if needed. Run the script to create a new PowerShell-only deployment share (no VBScripts used, although they are still there). Import an operating system (only Windows 10 will work right now). Create a task sequence using the “PSD Client” template. Populate CustomSettings.ini as desired. Update the deployment share to create an ISO. Boot the VM from the ISO, type in your task sequence ID in the wizard.
15
A new development: Using a web deployment share
MDT has always used a file share for accessing content (via SMB) But it doesn’t have to be that way – using HTTP/HTTPS could work too, and potentially opens up new options (e.g. peer-to-peer caching, cloud-based deployment shares, etc.) The current scripts on GitHub support this: Specify “DeployRoot= to use it. Content needed is downloaded using BITS (when in the full OS) or individual file downloads (when in Windows PE) All content-retrieval logic goes through one function, making it easier to add other methods too (if ever needed)
16
Using a web deployment share
Steps required: Create a web app in IIS, with the path pointing to the deployment share folder. Configure authentication as desired (Windows NTLM is suggested). Configure WebDAV, file extensions Configure CustomSettings.ini with the URL for the web site
17
Setting up PSD for MDT
18
Lots still to do Features Gather Partition and Format Apply Image
Configure (Unattend.xml) Capture User State Restore User State Enable BitLocker Inject Drivers Inject Patches Install Updates from WU/WSUS Branding Sysprep/Capture Suspend Static IP Wizard Orchestrator Runbook OS Roles Validate Operating Systems Windows 10 Windows 7 Windows 8.1 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2016 Nano Scenarios Bare Metal Custom Task Sequence Refresh Replace Media OEM Prestage LTI ZTI UDI
19
Bare Metal Deployment
20
So how does this work? Additional people can contribute
Set up a GitHub account. Create your clone. Make your changes. Submit pull requests to integrate changes into the main project. The theory: New features can be added faster Focus won’t be on migration/upgrade Just create a new deployment share and start over
24
Using Visual Studio 2017
33
Using Visual Studio Code
34
Ideas or Suggestions? Some potential items to consider:
Integrating PowerShell DSC into a task sequence Support for OneGet, Chocolately, etc. windows-10/ Remove built-in apps Simplify start menu and task bar customization
35
Q&A
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.