Showing posts with label Group. Show all posts
Showing posts with label Group. Show all posts

Wednesday, February 5, 2020

Modern Driver Management - Task Sequence

Modern Driver Management – Task Sequence

Problem

I wanted to update my drivers only once and have it update all my task sequences that use drivers.  Usually each of my task sequences for operating system deployments or operating system upgrades had their own driver sets in the sequences.

Solution

I created was a new task sequence that would hold all the drivers for all our known hardware models.  This TS would be called from our deployment or upgrade task sequences.  This sequence will utilize a TS variable to identify if the hardware model is known or not and Download Package Content tasks. You will need a separate Driver Package or Package with the driver files for each hardware model.  You will also need an “empty” Driver Package or Package so the OS Deployment and OS Upgrade sequences can work correctly.  In your empty package you will need to place something in it as it will not want to replicate unless it has something in it.  Either a small text file if you made a package or a small driver if it is a Driver Package.  Keep reading to see how this works. 

Inspiration

The below link seemed like it made this a lot harder to implement.  I did not try it so I cannot speak to the difficulty, but it was a lot of info. https://deploymentresearch.com/configmgr-driver-management-in-just-four-steps-by-matthew-teegarden/

Process

Create the new driver task sequence

1.      Create two task sequence variable tasks called OSDKnownModels

a.      The first TS variable should have a value of NO

b.      The second TS variable should have a value of YES and Options tab should have WMI queries

2.      The Known PC Model Upgrades group should have a condition of TS Variable OSDKnownModels = YES

3.      Each Driver model needs to be setup as a Download Package Content task along with a wmi condition for the driver model under the Known PC Model Group.  It also needs to have the following options selected

a.      Place into the following location: Task sequence working directory

b.      Check – Save path as a variable: Driver Pack

4.      Unknown PC Models group needs to have a TS Variable condition of OSDKnownModels = NO

5.      Place your Unknown Model driver package or package in the Unknown PC Models group.  This package does not need to have any conditions.  It also needs to have the following options selected

a.      Place into the following location: Task sequence working directory

b.      Check – Save path as a variable: Driver Pack

Operating System Upgrade Task Sequence

1.      Your OS Upgrade Task needs to have two tasks to work successfully.

2.      Create a new Run Task Sequence task and browse to your Model Drivers Task Sequence

3.      Create a new Upgrade Operating System task

a.      Select your Upgrade Package and Edition

b.      Check – Provide the following driver content to Windows Setup during upgrade

                                                    i.     Select Staged content: type %DriverPack01%

1.      DriverPack is the variable from the driver TS but 01 is because the driver was the 1st package in the Download Package Content task.

Operating System Deployment Task Sequence

1.      After the Apply Operating System Task and while still in Windows PE add a new task

2.      Create a Run Task Sequence task and browse to the Drivers Task Sequence you created above

3.      Create a Run Command Line task to inject the drivers into the Windows Install

a.      Command line should be: DISM.exe /Image:%OSDISK%\ /Add-Driver /Driver:%DriverPack01%\ /Recurse

b.      %OSDISK% is the variable we use in our Format tasks as well as Apply Operating System tasks

c.      %DriverPack01% is the variable that is created from the Driver Task Sequence

Conclusion

Please ask if there are any questions.  I will try to answer as time permits.

Monday, April 1, 2013

Step by Step: ConfigMgr 2012 SP1 CU1 Secondary Site w/ All Roles

ConfigMgr 2012 SP1 Secondary Site w/ All Roles Step by Step

Purpose

The reason my steps are a bit different than others may be that I upgraded to ConfigMgr 2012 SP1 mid-stream in my deployment and after I created a NEW secondary site with SP1 it installed SQL 2012 Express and stayed in a pending state for installation status.  One may argue that I could have upgraded everything to SQL 2012 at that point to resolve the issue but I didn’t want to take the chance of causing more issues.  If you are already on SQL Server 2012 on your primary site you can probably forgo my SQL installation steps and let ConfigMgr install SQL.

Secondary Site Server Prerequisites and Configuration

1.       Install Windows Server 2008 R2 SP1 and all Updates

a.       Install Features

                                                               i.      Open Server Manager

                                                             ii.      Navigate to Features

1.       Add Features

2.       Check .NET Framework 3.5.1 Features

a.       Click Add Required Role Services

3.       Check Background Intelligent Transfer Service (BITS)

a.       Click Add Required Role Services

4.       Click Next

5.       Click Next

6.       Click Next

7.       Click Install

8.       Click Close

b.      Install Microsoft Report Viewer 2008 SP1

                                                               i.      http://www.microsoft.com/en-us/download/details.aspx?id=3841

                                                             ii.      Click Next

                                                            iii.      Click I accept

                                                           iv.      Click Install

                                                             v.      Click Finish

c.       Install Roles

                                                               i.      Select File Services

                                                             ii.      Select Windows Deployment Services

1.       Click Next

2.       Click Next

3.       Click Next

4.       Click Next

5.       Click Next

6.       Click Install

d.      Install IIS Role Services

                                                               i.      Select ASP.NET

1.       Click Add Required Role Services

                                                             ii.      Select IIS Management Scripts and Tools

                                                            iii.      Select All IIS 6 Management Compatibility

1.       Click Next

2.       Click Install

3.       Click Close

e.      Create or Add to an AD group that has rights to the System\System Management Container in the ADUC and Assign the secondary site server to the group

f.        Assign the AD group to the local Administrators group of the Secondary Site Server

g.       Create an Allow Inbound Firewall Rule for TCP Ports 4022 and 1433 called ConfigMgr SQL Server Express Ports

h.      Create an Allow Inbound Firewall Rule for Ports 80,445,135,443,(80,8530,443, or 8531 for WSUS) called ConfigMgr Site Server Ports **These are all the default port numbers.  If you have changed the defaults you will have to add those.

i.         Install SQL Server 2008 R2 Express SP2

                                                               i.      Locate your install files (Probably have to download from Microsoft)

1.       http://www.microsoft.com/en-us/download/details.aspx?id=30438

                                                             ii.      From an administrative command line run  SQLEXPR_x64_ENU.exe /Q /ACTION=install /FEATURES=SQL /INSTANCENAME=CONFIGMGRSEC /SQLSVCACCOUNT="NT AUTHORITY\SYSTEM" /AGTSVCACCOUNT="NT AUTHORITY\SYSTEM" /SQLSYSADMINACCOUNTS="BUILTIN\Administrators" /ADDCURRENTUSERASSQLADMIN="True" /BROWSERSVCSTARTUPTYPE="Automatic" /IAcceptSQLServerLicenseTerms /SQLCOLLATION="SQL_Latin1_General_CP1_CI_AS"

1.       This is the same command the ConfigMgr Installer runs as found in the log file.

                                                            iii.      Install SQL Server 2008 R2 SP2 CU2  KB2740411

j.        Open SQL Server Configuration Manager

                                                               i.      Expand SQL Server Network Configuration

1.       Highlight Protocols for ConfigMGRSEC

a.       Named Pipes should be enabled

b.      TCP/IP

                                                                                                                                       i.      Protocol Tab

1.       Enabled – Yes

                                                                                                                                     ii.      IP Addresses Tab

1.       All Enabled boxes should be set to YES

2.       IPAll

a.       TCP Dynamic Ports – Blank

b.      TCP Port - 1433

                                                             ii.      SQL Server Services

1.       Restart SQL Server (CONFIGMGRSEC) service    

k.       Install Role

                                                               i.      Select Windows Software Update Services

1.       Add Required Role Services

                                                             ii.      Click Next

                                                            iii.      Click Next

                                                           iv.      Click Next

                                                             v.      Click Next

                                                           vi.      Click Install

                                                          vii.      WSUS 3.0 SP2 Setup Wizard

1.       Click Next

2.       License agreement

a.       I accept…

b.      Click Next

3.       Select Update Source

a.       Update as needed

b.      Click Next

4.       Database Options

a.       Use an existing database server on this computer

b.      Select CONFIGMGRSEC

c.       Click Next

5.       Connecting to SQL Server Instance

a.       Click Next

6.       Web Site Selection

a.       Create a Windows Server Update Services 3.0 SP2 Website

b.      Click Next

7.       Ready to install…

a.       Click Next

8.       Click Finish

                                                        viii.      Click Cancel

                                                           ix.      Click Close

l.         Install WSUS Updates

                                                               i.      KB2720211

                                                             ii.      KB2734608

m.    Install Microsoft .NET framework 4.5

n.      Install Windows Management Framework 3.0 – KB2506143

                                                               i.      After Install you will need to make a Registry Change

1.       HKLM\SOFTWARE\Microsoft\CCM\CcmEval\NotifyOnly to True

o.      Install Windows ADK

                                                               i.      Select Deployment Tools

                                                             ii.      Select Windows Preinstallation Environment (Windows PE)

                                                            iii.      Select User State Migration Tool (USMT)

                                                           iv.      Click install

Primary Site Server Config

1.       Launch Configuration Manager Console

a.       Navigate to Administration à Overview à Site Configuration à Sites

                                                               i.      From the Ribbon Click Create Secondary Site

b.      Create Secondary Site Wizard

                                                               i.      General

1.       Fill in server specific data

2.       Click Next

                                                             ii.      Installation Source Files

1.       Select what fits best in your environment

2.       Click Next

                                                            iii.      SQL Server Settings

1.       Use an Existing SQL Server Instance

2.       CONFIGMGRSEC

3.       Click Next

                                                           iv.      Distribution Point

1.       Check the Install and configure IIS… box if you plan on having your secondary site server as a distribution point

2.       HTTP

3.       Create Self Signed Certificate and push out the expiration date unless you have a PKI infrastructure and in that case import your certificate

4.       Depending on your Environment Check the enable this distribution point for prestaged content

**I leave this unchecked

5.       Click Next

                                                             v.      Drive Settings

1.       Drive space reserve (MB): 1024

2.       Content and package locations Set to what fits your environment

3.       ***Notice: You can still create a NO_SMS_ON_DRIVE.SMS file at the root of a drive if you want to exclude specific drives from being used as Content library

4.       Click Next           

                                                           vi.      Content Validation

1.       Enable Validate content on a schedule

2.       Accept Defaults

3.       Click Next

                                                          vii.      Boundary Groups

1.       Setup now or later depending on your environment and needs

2.       Clear check for Allow fallback source location for content

3.       Click Next

                                                        viii.      Summary

1.       Click Next

                                                           ix.      Completion

1.       Click Close

Verify Installation

1.       Open the ConfigMgr Console

a.       Navigate to Administration à Overview à Site Configuration à Sites

b.      Highlight the new secondary site and click Show Install Status from the Ribbon

                                                               i.      Ensure there are no Critical Errors

2.       Monitor hman.log on the Primary Site Server

3.       Monitor configmgrprereq.log and configmgrsetup.log on the new secondary site server

Primary Site Server Config 2

Distribution Point Setup

1.       Open the ConfigMgr Console

a.       Navigate to Administration à Overview à Distribution Points

b.      Highlight the new distribution point and click properties from the Ribbon

                                                               i.      Enable PXE

1.       Click Yes to the firewall prompt

                                                             ii.      Add to a Distribution Group

                                                            iii.      Add to a Boundary Group if needed

                                                           iv.      Click OK

c.       To validate software has been copied to the distribution point

                                                               i.      Navigate to Monitoring à Overview à Distribution Status à Content Status

1.       Ensure everything you expected to have copied has a 100% compliance.  If not you will have to view the status of the application or package.

Software Update and State Migration Point Setup

1.       Open the ConfigMgr Console

a.       Navigate to Administration à Overview à Site Configuration à Sites

b.      Highlight the new Secondary Site Server and click Add Site System Roles from the Ribbon

                                                               i.      Add Site System Roles Wizard

1.       General

a.       Click Next

2.       Proxy

a.       Add site information if needed

b.      Click Next

3.       System Role Selection

a.       Select Software Update Point

b.      Select State Migration Point

c.       Click Next

4.       State Migration Point

a.       Click the *

                                                                                                                                       i.      Add a storage folder

                                                                                                                                     ii.      Minimum Free Space : 1 GB

                                                                                                                                    iii.      Click OK

b.      Delete After: <What makes sense for your environment>

**I choose 3 days

c.       Click Next

5.       Boundary Groups

a.       Update or Add a boundary group if needed

b.      Click Next

6.       Software Update Point

a.       Select settings that may be needed for your environment

b.      Click Next

7.       Proxy and Account Settings

a.       Update As Needed

b.      Click Next

8.       Summary

a.       Click Next

9.       Completion

a.       Click Close

Secondary Site Configuration 2

1.       Verify Registry Change is still set correctly

a.       HKLM\SOFTWARE\Microsoft\CCM\CcmEval\NotifyOnly to True

2.       Install ConfigMgr2012 SP1 CU1

a.       Available from here http://support.microsoft.com/kb/2817245/en-us?sd=rss&spid=1060:Description&wa=wsignin1.0

b.      I do not have the exact steps but they are all pretty self-explanatory.  Ensure any primary servers are SP1 CU1 before installing CU1 on the secondary site servers.