Troubleshooting Operating System Deployment Failure in Custom Task Sequence

Discover how a custom Task Sequence deployment encountered a critical error during the “Install Application” step, causing domain joining and application installation to fail. Explore the solution involving the MDT toolkit package and the “Capture Network Setting Using MDT” step, which successfully resolved the issue. Gain insights into troubleshooting techniques and the importance of optimization for seamless operating system deployments.

Introduction:
In a recent project, I encountered a challenging issue while deploying an operating system using a custom Task Sequence in MCM (Microsoft Configuration Manager). Everything seemed to be going smoothly until I encountered an error in the middle of the deployment process. This post aims to share my experience and the solution I found to address the problem.

Problem Description:
During the deployment, after successfully applying the Windows 10 operating system and restarting WinPE (Windows Preinstallation Environment), I faced an error specifically related to the “Install Application” step. Upon investigating the SMSTS.log, I discovered an error message indicating “No adapters found in environment.” However, I knew that the correct NIC (Network Interface Card) adapter with the appropriate driver was present.

Investigation and Resolution:
To troubleshoot further, I ran the command “ipconfig /all” in the Command Prompt (CMD) to check the IP configuration. Unfortunately, I noticed that the static IP address was missing. As a result, the client machine couldn’t establish a connection with the Active Directory and the Management Point, leading to failures in domain joining and application installation.

To address this issue, I decided to include the MDT (Microsoft Deployment Toolkit) toolkit package in the Task Sequence. I utilized the “Capture Network Setting Using MDT” step, which allowed me to capture and store the static IP configurations. These settings could then be reused whenever needed. It’s important to note that when using this step, it is crucial to include the “/RestoreWithinWinPE” switch to ensure successful execution.

Successful Completion:
Implementing the MDT toolkit package and incorporating the “Capture Network Setting Using MDT” step in both the “Install Operating System” (WinPE) and “Setup Operating System” (post-install) processes proved to be the solution. With the static IP configurations captured and restored appropriately, the Task Sequence was able to complete successfully.

Conclusion:
In the world of operating system deployment, unexpected errors can occur at any stage. It is essential to analyze log files, perform thorough investigations, and employ appropriate troubleshooting techniques. In this case, the use of the MDT toolkit and the “Capture Network Setting Using MDT” step resolved the issue and ensured a successful deployment.

Why Every IT Engineer Should Have A Blog

Having a blog can be highly beneficial for IT engineers for several reasons:

Knowledge Sharing: Blogging allows IT engineers to share their knowledge, expertise, and insights with a broader audience. By writing about technical concepts, best practices, troubleshooting tips, or tutorials, engineers can contribute to the community and help others learn and grow. It also helps them solidify their own understanding of the subject matter by explaining it to others.

Professional Development: Maintaining a blog can enhance an IT engineer’s professional development. Writing about their experiences, challenges, and solutions can demonstrate their problem-solving abilities, critical thinking skills, and technical expertise to potential employers or clients. It can serve as a showcase of their abilities and contribute to their personal branding and professional reputation.

Networking and Collaboration: Blogging provides opportunities for networking and collaboration within the IT community. Engaging with readers, responding to comments, and participating in discussions can connect engineers with like-minded professionals, potential mentors, or collaborators. It opens doors to build relationships, exchange ideas, and stay updated on the latest trends and technologies in the industry.

Career Advancement: A well-maintained blog can be a valuable asset when seeking career advancement opportunities. Employers and recruiters often look for candidates who can demonstrate their expertise and thought leadership in their field. A blog can serve as a portfolio that showcases an engineer’s skills, knowledge, and problem-solving abilities, helping them stand out from the competition.

Learning and Growth: Blogging requires research and staying up-to-date with the latest industry developments. This commitment to continuous learning ensures that IT engineers stay current with new technologies, trends, and practices. It encourages them to delve deeper into their subject areas, explore new ideas, and broaden their knowledge base.

Personal Branding: Having a blog allows IT engineers to establish and build their personal brand. By consistently publishing high-quality content, they can position themselves as industry experts or thought leaders. This can lead to opportunities for speaking engagements, writing guest posts for other websites, or even consulting gigs.

Overall, maintaining a blog provides IT engineers with a platform to share their knowledge, enhance their professional development, connect with others in the industry, and advance their careers. It can be a fulfilling and rewarding endeavor that brings value both to themselves and the larger IT community.

Add a Device to AZURE Active Directory

Introduction

Modern trend, Organizations are using Cloud to manage their end user devices and BYOD (Bring Your Own Device) with secured manner. The question arises to me how to join a device to an Azure AD which forced me to create this article. The article describes how to add a device to AZURE AD with your organization user id. You can start as a fresher to create a new Tenant, User, Group and Join your Device. If you have existing users and groups, you can directly jump to Add device to Azure AD section.

Prerequisites

Before you start the process make sure you are meeting the prerequisites which helps you to complete the task and not stop you in between

  1. Need Azure Cloud account
  2. Windows 10 or Windows 11 Operating system client (This is your device to join Azure AD). You can use a VM or Physical device which connected to Internet.
  3. You can use existing Tenant Azure AD to join this device or follow the steps to create a new Tenant and join.

Create new Tenant

  1. Login to https://portal.azure.com  with a valid user ID and password
  2. AZURE portal will be opened, the page looks like below
  1. Click View button in Manage Azure Active Directory to open your Active Directory properties Page, the page shows your Default Directory details which belongs to your current user Azure login domain. An Azure Tenant is A dedicated and trusted instance of Azure AD. The tenant is automatically created when your organization signs up for a Microsoft cloud service subscription. Multiple organizations are considered multi-tenant. Each Azure tenant has a dedicated and trusted Azure AD directory. The Azure AD directory includes the tenant’s users, groups, and apps and is used to perform identity and access management functions for tenant resources. Our aim is to create a new Tenant Domain for our organization and add our device on it.
  1. From the Default Directory page, click Manage Tenants

Tenant Creation page

  1. Select Create in Manage Tenants and You will get a Tenant creation page, Select Basic
  1. Click Next: Configuration and Fill your new domain details
  1. You may get the domain name already in use by another directory, hence try few more options to create your domain successful. The error will be disappeared after a successful Initial Domain name selection.
  1.  Select your preferred Datacenter location, my case I selected Asia Pacific
  1. Click Next: Review + Create > Domain name validation process will be started, allow few mins and refresh the page you can see Validation Passed, If not please check your domain name is valid.
  1. Now you are ready to create the Domain by clicking Create button in the bottom, Type the letters to prove you are not robot, now you can see the tenant creation in progress
  1. Few mins later, the Tenant created successful,
  1.  You can click the Domain Name to open new domain, or You can come click Home button – Manage Azure Active Directory – Manage Tenants
  1. Click your newly created Tenant, you can see the properties of this Tenant, this is new domain hence the profile not setup, verify your domain details are correct and close.
  1. It’s time to switch your new domain, Tick the check box on your domain name and select Switch which will open your new domain,
  1. Now you are in new Tenant, Verify your new Tenant details, User details on the summary page.

Create New Group

  1. Before creating a user account, you should create a Group because part of the user account creation, the process will ask for a group. Follow the below steps to create a new group, In the new domain page -> Manage -> select Groups
  1. Groups Page will open, select New group
  1. Fill the information in the New Group page, Group Type – Security (for this case), Group Name – Give your desired group name, Group Description – Give appropriate description as per your convenient, Leave Membership default value Assigned.

Owners – No Owners selected (you can do it later), Members – No members selected because this is new group.

Select Create

  1. Allow few mins to create the group, Click Refresh in the Groups page, your group will be appeared

Create New User

  1. Create User Account, Go to Overview page and select Users
  1. Users Page, select a New User -> Create new User
  1. Fill the details of Username – Your user id depends on your standard, Name – Full Name, Password – I selected Let me create the password option and keyed in the password,

Group and Roles – Select the group you created in the previous group creation steps, my case “First Group”, Roles – select Users, Block Sign in – select No

Select Create

  1. Allow few mins to create the User, Click Refresh in the Users page, The user should be shown there,
  1. The user ID created successfully, and you are ready to setup Your device.

Add Device to Azure AD

  1. Login to your preferred device which you want to join to this new domain (Tenant). Make sure you have internet on that device, I am using windows 11 OS virtual machine running in Hyper-V.
  2. Login the device as Administrator, Go to Settings -> Accounts – Select Access work or School
  1. Access work or school page – select Connect
  1. Connect will show a pop-up window to use your email id to connect the device but we are not going to use Email id instead we will use Join this device to Azure Active Directory
  1. Provide The user Account we created earlier, my case Test1 and click Next – Enter Your password and Click Sign in
  1. Sign in windows showing you to change your password because of first time login, Change the password and sign in
  1. Your organization details will be shown, Verify the information are correct, if yes click Join and allow few mins to join the device to your specified domain
  1. Successfully the device joined to the domain,
  1. Click Done, the window returns to Settings menu, you can see there the Device connected to Azure AD
  1. Let us check our AZURE portal about the status of the new device, go to view overview of the new Tenant, Select Devices to go device page
  1. Devices page shows Total number devices – 1 and Unmanaged devices – 1
  1. Click the Total numbers Device and verify the new device details are correct, my case the device details are correct.
  1. Click your Device name and check the device properties
  1. Reboot your device and check your Azure login credentials are working, Select Other Users and enter your credentials
  1. After a successful login, go to Settings, you can see your Azure account

Conclusion

The article showed you how to create a new Tenant Azure AD, how to create a user account, group and how to join a device to Azure AD. The joined device is under Unmanaged Devices section. Moving forward you can start how to manage the device with your organization’s MDM solution, Microsoft Intune and Microsoft Endpoint Manager.

Active Directory Installation in Windows 2019 Standard Core Edition

Summary

The plan was to setup an Active Directory for my lab. You can find lot of articles from other experts website but this post will cover step by step procedure with necessary screen shots. I have installed windows 2019 Server as Standard Core edition. No graphic Desktop management available. Below are the steps for promoting a windows core server in to Active Directory server with necessary roles. This setup I am creating a new forest, within the forest created a new domain and DNS server. Continue reading “Active Directory Installation in Windows 2019 Standard Core Edition”

NetBackup Appliance 5230 Single-User Mode

This article is referring how to enter Single user Mode in NBU Appliance and reset admin & maintenance password. I was trying to reset by checking Veritas forum and Veritas NBU appliance documents, all showed only way to log a case with Veritas. I got a solution from Veritas support as well and successfully reset. I wanted to document this for future reference and help to others. Continue reading “NetBackup Appliance 5230 Single-User Mode”

SCCM2012R2 backup copy to different location.

After long time back I am starting to write a post. This is regarding SCCM 2012 backup. I have configured site server scheduled maintenance task to take site server regular backup everyday. After the backup completed the folder must be moved to correct destination to keep the retention.

Here, I have written a small copy script to copy the site server backup folder to preferred destination. The script is running everyday and copying backup folder and rename with today’s date. Also its removes the older backups which is more than 4days.

This is a small copy script but I am going to add few more items to take backup of registry, task sequences as well.

The scrip is below,

# =========================================================================
# NAME: AfterBackup.ps1
# COMMENT: This script will copy the Site server backup to Destination and rename it as per today's date and keep only 4 days of backup.
# This is a replacement to AfterBackup.bat
# =========================================================================

$Source = "Source path of SCCM 2012 Backup"
$Dest = "Destination path to copy"

copy-item $Source -Destination $Dest -Recurse

$Date= (Get-Date -f ddMMyyyy)

Rename-Item -Path "$Dest\SG2Backup" -NewName "$Dest\SG2Backup_$Date" -Force -PassThru

Get-Childitem $Dest | Where {$_.CreationTime -lt (get-date).adddays(-4)} | Remove-Item -Recurse -force -Confirm:$false

Symantec Endpoint Protection has detected that there are pending system changes that require a reboot.

Some times when you are trying to install the SEP you may recived failures with the below error “Symantec Endpoint Protection has detected that there are pending system changes that require a reboot.” The workaround is below,

Primary solution:

  1. In the registry, navigate to:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\

2. Back up the registry key.

3. Delete the PendingFileRenameOperations registry value from the right pane.

4. Install the software without restarting the computer first (Restarting the computer may result in the registry key being placed back in the registry before installation.)

Note: If you do not find the PendingFileRenameOperations registry value in the location above, this error message can be generated if the PendingFileRenameOperations registry value exists in the following location(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentSetXXX\Control\SessionManager\

If still you are getting failures with the same error use Cleanwipe utility to clean the exsiting symantec files.

Donwload Cleanwipe.zip (http://gluek.info/wiki/en/software/symantec-cleanwipe) utility and extract it in to temp folder.

Run the cleanwipe exe and accept all the files to clean with reboot action.

Once done reboot the machine and start the SEP installation. This time you will get successfull installation.

Backup Exec – Disable Auto clean

Actually there is no option to enable or disable the Autoclean from Backup Exec 2010. Instead we can avoid backup exec to use those tapes from inventory and checking the tape whether is it useful to take backup. For this go to the Devices and select the slot which has the cleaning media – right click and properties – check the box cleaning slot

Next time it wont see the tape inside the cleaning slot.