Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Zero Touch" Deployment with PSD #176

Open
jimbeam128 opened this issue Sep 12, 2024 · 22 comments
Open

"Zero Touch" Deployment with PSD #176

jimbeam128 opened this issue Sep 12, 2024 · 22 comments

Comments

@jimbeam128
Copy link

jimbeam128 commented Sep 12, 2024

Hello,

I want to realize a "zero touch deployment" with PSD and I already managed to tweak all steps from the assistant away.

The only screen I still get is this here:

grafik

So I still have to click on "Begin" to start the deployment. I filter the auto-deployment by mac-address...

Is there any chance to auto-start the deployment, when all questions are already answered (in the customsettings.ini file)?

Regards

@GeoSimos
Copy link
Collaborator

Hello @jimbeam128,

You have to add this in the rules tab (CustomSettings.ini file) of the properties of your deployment share:

  1. Add in the Properties this: SkipDeployReadiness
  2. Then you can use this property below in other sections e.g. in the [Default] section add this: SkipDeployReadiness=YES

This setting will skip the page of "Deployment Readiness".

Because these are referenced when the boot image connects to the Deployment Share, you don't have to rebuild your boot image(s).

@jimbeam128
Copy link
Author

jimbeam128 commented Sep 13, 2024

Hi @GeoSimos

I´ve added the Parameter to the configuration - and something changed...

Now it looks like this:

grafik

When I click on Next the deployment starts with the provided task-sequence.

Do you have any clue?

I´ve attached the customsettings.ini for troubleshooting...

Regards
cs.txt

Additionally I also added
SkipPSDWelcome=YES

to the file, unfortunately same behaviour...

@GeoSimos
Copy link
Collaborator

Hi @jimbeam128,

For the PSD Wizard settings in CustomSettings.ini file you can refer to the documentation here

- **SkipPSDWelcome**: YES or NO. Toggles the Welcome splash screen.
.

To use the PSD properties, you need to include them first in the Properties section of the customsettings, clicking on the link, takes you to the list of those properties.
To use the SkipPSDWelcome, you must add it as a property, as you did for the SkipDeployReadiness.

@jimbeam128
Copy link
Author

Hi @GeoSimos ,

thanks again for your reply and the hint for the documentation.

I´ve added it to properties, but then I got the same screen.

I´ve tested several combinations after all and now the conclusion is that it seems not to be necessary that "SkipPSDWelcome" is set (it doesn´t make a difference with the blank screen)

After I set the Parameter PSDWizard=Native, the Wizard got completly bypassed.
So changing this parameter did the trick.
I don´t know why and I don´t know if it´s a desired behaviour.
From my point of view it should also work to completly bypass if the PSDWizard is set to "PSDWizardNew"...

@GeoSimos
Copy link
Collaborator

That's great news!
But I have to hail @PowerShellCrack to take a look at this as it is a bit non-expected behavior and the Wizard is his brainchild.

@PowerShellCrack
Copy link
Contributor

PowerShellCrack commented Sep 17, 2024

Yes, yes, it is...

Here is how you do a Zero Touch Deployment with PSD:

The PSDWizard, like the old MDT wizard, uses an XML to define what is displayed using a conditions statement. This statement is a string context form, aka CDATA, within the XML, that was meant for VB scripts to parse, but I use the same format for PowerShell. The file is located under the PSDWizardNew folder but you can view it here: PSDWizard_Definitions_en-US.xml.

NOTE: I don't recommend change anything in here unless you know what your doing

in this file, you should see something like <Condition><![CDATA[UCASE(Property("SkipDeployReadiness")) <> "YES" ]]></Condition>. This means if SkipDeployReadiness is NOT set to YES, display that page. So ultimately SkipDeployReadiness=YES will hide that page. With that, besides the global section (my goal is to set one property to control all but that is still in testing), if all of them are found, you would get a list:

SkipBDDWelcome=YES; or SkipPSDWelcome=YES
SkipDeployReadiness=YES
SkipTaskSequence=YES
SkipDiskSelection=YES
SkipDomainMembership=YES
SkipComputerName=YES
SkipRoleSelection=YES
SkipIntuneGroup=YES
SkipAdminPassword=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipApplications=YES
SkipSummary=YES 

However, there is one outside the Wizard that is new that I forgot to document 😞. This will skip the splash screen while the Wizard is loading.

SkipPSDWizardSplashScreen=YES

If you don't you will get this (it's a bug):
image
BUT the PSD wizard will get bypassed and continue the task sequence.

The next step, of course, is to make sure you set the correct items such as

  • TaskSequenceID
  • ComputerName
  • DomainJoin or Workgroup
  • Admin Password
  • Applications (optional)
  • Locale and Timezone

Something to also consider. Currently there is no property to set a default value for the two new pages: IntuneGroup and DeviceRole. You must use the wizard to set it for now.

oh and BTW, in the PSDWizardGuide, it mentions SkipWelcome which is a typo and shouldn't be in there.

When writing all this, I did do a dispart clean and tested these settings, and it worked. Send me feedback on this.

If this is still not working, I would check to make sure you have the latest ZTIGather.xml file. This file defines what properties are allowed in PSD. If you don't have the latest file, then the properties must be declared in the [Settings] section.

I will also add it to the PSDWizard Guide on how to set up a "Zero Touch Deployment with PSD"

@jimbeam128
Copy link
Author

jimbeam128 commented Sep 18, 2024

Hi @PowerShellCrack,

again, I´ve tested several things with PSDWizard=PSDWizardNew, but I still get the same behaviour with blank Page and Buttons „Next“ and „Cancel“.
I´ve checked the PSDWizard_Definitions_en-US.xml and the section for SkipDeployReadiness is there.
I´ve added the properties to ZTIgather.xml – in Order not to declare the properties in the [Settings] Section.
I´ve added all the properties you mentioned in my [ZeroTouch] Section.
Can you have a look on the attached customsettings file? – I don´t think that there is something wrong in that file…
cs.txt
From my point of view it seems that the Page „Deployment Readiness“ gets correctly skipped by setting the property „SkipDeploymentReadiness“, but instead it seems that something other page gets displayed…
When I use the same settings and Switch to PSDWizard=Native it´s working. So I think there must be something wrong in the PSDWizardNew….

@PowerShellCrack
Copy link
Contributor

Again, don't declare the PSD custom properties to the cs.ini; they were needed in previous versions but not this one. They are now part of ZTIGather.xml so there is no need to declare them. And since these are not overwritable it will ignore the property (at least this is what I find is happening). I outlined the ones for PSD wizard in red but all of them should be removed.

I also don't understand the Priority logic (in green). It states to run _SMSTSORGNAME, then Default, but yet the skips are in a ZeroTouch section. That section won't be processed.

image

It should look something like this:

[Settings]
Priority = Default, ZeroTouch
Properties=

[Default]
OSInstall=Y
PSDDebug=YES
_SMSTSPackageName=PC wird vorbereitet
TimeZone=110
TimeZoneName=W. Europe Standard Time
KeyboardLocale=0407:00000407
UserLocale=de-DE
SystemLocale=de-DE
FinishAction=NONE
HideShell=NO
AdminPassword=abcxyz

EventService=http://<Servername>:9800

[ZeroTouch]
_SMSTSORGNAME=MyOrgName
TaskSequenceID=50
Computername=abcd1234

SkipBDDWelcome=YES
SkipDeployReadiness=YES
SkipTaskSequence=YES
SkipDiskSelection=YES
SkipDomainMembership=YES
SkipComputerName=YES
SkipRoleSelection=YES
SkipIntuneGroup=YES
SkipAdminPassword=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipApplications=YES
SkipSummary=YES
SkipPSDWizardSplashScreen=YES

Try this out and see if it works

@jimbeam128
Copy link
Author

Hi @PowerShellCrack,

again, I´ve tested several things…
The properties are included in ZTIgather.xml – as mentioned in my last post.
I´ve removed the PSD-Properties in the Properties section as you adviced, but when I do it, I get the Native wizard even if I set the properties in the default or the ZeroTouch section. (PSDWizard=PSDWizardNew; PSDWizardTheme=Classic). – So it seems that the declaration in the Properties section is still needed.
Maybe skipping on your side works, because you did not declare the properties and therefore uses „Native“ wizard as kind of „fallback“. I´ve checked both configurations in my boot-images and can say they are ignored.
Here is what I used and did not work
Properties=LogUserDomain,LogUserID,LogUserPassword,DriverPath,GenericDriverPath,FallBackDriverPath,_SMSTSORGNAME

Regarding the Priority:
I can promise that the Priority Order „Priority = Default, _SMSTSORGNAME“ is working.
I am using two Winpe-WIM-Boot-Images. One for default (where the Org name is „default“) and anotherone for Zero-Touch (where the Org name is ZeroTouch) so that it applies the ZeroTouch Section.
When I do it the other way round then I do not get the desired behaviour…

Again, it seems to me that there is still something wrong with the PSDWizardNew…

@PowerShellCrack
Copy link
Contributor

for the ZTIGather.xml. Is the latest copy located in the _Tools\Modules\ZTIGather_ folder and/or Scripts folder?

@PowerShellCrack
Copy link
Contributor

PowerShellCrack commented Sep 18, 2024

I'm not trying to be confrontational, but I think something is weird going on. I decided to take your copy of cs.ini and set it in my PSD.

I only updated what is in green

image

and this is what I got when I booted up my VM:

image

It defaulted too classic. However, if I remove PSDWizard from the properties:
image

...and reboot my VM, it boots up to the new theme.
image

This is expected: I wonder what is different in your PSD environment than mine

@jimbeam128
Copy link
Author

Regarding your 1st Question: No, the file wasn´t updated... - I ran an update on the PSD Share to the current version 2.3.0 from yesterday. All Files are updated.

When I Test, same behaviour.

I agree that this is really weird. It seems that the behaviour of your environment is the opposite of mine...

Right now, I also get a "Debug Console" Button which does nothing when I click on that

grafik

The Version is displayed v2.3.3 as yours.

When I ran the test in my environment selecting the default values I got the "issue" that the Option "Disk Selection" came up.
For the Lite-Touch this shouldn´t be displayed - and was not displayed in the previous version I used (2.2.8)
I added "SkipDiskSelection=YES" in the Default Section and tested. - Disk Selection still displayed in the Assistant.
Then I added it again to the Properties and after that the Disk Selection disappeared...
The blank screen when booting with ZeroTouch still persists.

By the way: Did you also add "_SMSTSOrgName=ZeroTouch" to the bootstrap.ini and rebuilded your PE-Image?
As I mentioned, I use two Images for selecting ZeroTouch and Lite-Touch

@PowerShellCrack
Copy link
Contributor

PowerShellCrack commented Sep 19, 2024

that looks to me the PSDWizardNew module is not updated. That displayed version actually comes from the CHANGELOG.md in the Scripts\PSDWizardNew folder, but I'm starting to think a dynamic version is not the best idea. The actual module is 2.3.5.

I can see now CHANGELOG from my development repo was never moved over.
That will be another bug I will fix next go around. @GeoSimos can you mark that too for me?

The debug button should not show; that is an ALWAYS HIDDEN button. I removed the code the enabled it, PSDDebug=True, a few versions back. However, if you hit F11, it will toggle a PowerShell debug window, but if you close it, it will close the entire PSDWizard as well. ....i am still working that bug out...

To confirm this, even though the debug button exists in the UI design files (xaml), here is the code that hides that button and that is the only instance of it (besides a newer UI I am writing...)
image

BTW, what I demonstrated in the last response IS how it supposed to react. However, I did not set _SMSTSOrgName=ZeroTouch. I will test that soon.

With that, I have a few asks:

  • Can you copy the module from the repo to Tools\Modules\PSDWizardNew and update your boot media one more time?
  • Also check the Scripts\PSDWiardNew\Themes folder. There should only be TWO theme folders here: Classic and Dark.

This does bring up a concern though. If that module is not updated, what other modules have not updated...and if that is the case, then we may need to relook at the Install-PSD script.

@GeoSimos
Copy link
Collaborator

Ok done and added you as an assignee of this issue.

@jimbeam128
Copy link
Author

Ok, I will do the things adviced at the beginning of the next week and will report the results then. Thanks

@jimbeam128
Copy link
Author

So, I´ve done another round and compared the repo-file PSDWizardNew and that one on my local installation. They are exactly the same. -
I had a look on the Themes folder. There are more than the two you mentioned:

grafik

I´ve update the PE-Image. After I´ve booted the PE I get an Error right now:

grafik

The Servername is not displayed right now. - I think therefore it cannot connect to the deployment share any more.
Network drivers are there. connection is generally possible...

I made a snapshot before the update. Will roll back right now...

@PowerShellCrack
Copy link
Contributor

PowerShellCrack commented Sep 26, 2024

I really think this has to do with the cs.ini. Can you send logs and Cs.ini? Instead of trying to fix what is missing in the current deployment share have you tried creating a COMPLETELY NEW PSD share?

@jimbeam128
Copy link
Author

OK, so I´ve created a complete new deploymentshare from the scratch with PSD-master Version 2.3.0 and I get the same behaviour...

"LiteTouch" is working as expected and shows Classic PSD-Theme.

"ZeroTouch" shows the empty window again:

grafik

I can post config and logs next week...

@jimbeam128
Copy link
Author

jimbeam128 commented Sep 30, 2024

Hello again,

I´ve tested the constellations again in all directions.
I think it has to do with the PSDWizard "Parameter". Here are the declared Properties I use:
Properties=LogUserDomain,LogUserID,LogUserPassword,DriverPath,GenericDriverPath,FallBackDriverPath,_SMSTSORGNAME

To make it more visible here the behaviour:

PSD-Parameter "PSDWizard" included in Properties:
Lite-Touch Config: -> Classic PSD-Wizard comes up
Here the log entries of PSDStart.log:
Invoke-PSDRules: Adding custom property PSDWizard
Get-PSDSettings: Changing property PSDWizard to PSDWizardNew, was Empty
PSDStart.ps1: Determine which PSDWizard to use
PSDStart.ps1:Property PSDWizard is now = PSDWizardNew ]LOG]!......
PSDStart.ps1: Running the command Import-Module PSDWizardNew

Zero-Touch Config: -> Classic PSD-Wizard comes up (with blank Screen and "Next / Cancel" Buttons)

When I define PSDWizard=Native in the ZeroTouch Section, I can achieve to have a ZeroTouch deployment without an Assistant.

PSD-Parameter "PSDWizard" not included in Properties:
Lite-Touch Config: -> Native PSD-Wizard comes up
Here the log enties of PSDStart.log:
PSDStart.ps1: Determine which PSDWizard to use
PSDStart.ps1:Property PSDWizard is now = ]LOG]!......
PSDStart.ps1: Running the command Import-Module PSDWizard

Zero-Touch Config: -> Zero-Touch starts directly without Assistant - I think because of "Default Native Assistant "Fallback""

In the Default-Section PSDWizard is set to PSDWizardNew, but the Native Wizard comes up.
So again I the Parameter PSDWizard must be defined in Properties, so that the System uses it...
This is proofed through the log entries. When the Variable is defined, it´s picked up.
When not defined, the Variable is empty...

So I think there mus be a problem with the PSDWizardNew when all Parameters are defined to skip the pages of the Assistant to achieve a Zero-Touch deployment...
When everything is defined, the empty page with Buttons " Next and Cancel" shouldn´t come up...

@jimbeam128
Copy link
Author

Hello again,

I just went through the logs and did a more couple of tests and now I have a working config....

Bootstrap.ini looks like this:

Priority=PSDRoots,Default
Properties=_SMSTSORGNAME

Customsettings.ini looks like this:

[Settings]
Priority = _SMSTSORGNAME, Default
Properties=LogUserDomain,LogUserID,LogUserPassword,DriverPath,GenericDriverPath,FallBackDriverPath,SkipDeployReadiness,_SMSTSORGNAME,SkipPSDWelcome

In the ZeroTouch - Section the parameters are all defined and PSDWizard is configured for PSDWizardNew.

Now the LiteTouch is working with the PSDWizardNew and the ZeroTouch does not come up with the blank Window...

I could see in the logs that the properties are "double-delared" like this:
Get-PSDSettings: Changing property _SMSTSORGNAME _SMSTSOrgName to ZeroTouch, was Empty

It seems that I had the same Issue with "PSDDeployRoots" due to the fact that there was a Whitespace in front...

I looked up all "errors" where the properties were "doubled", now it runs as desired and expected...

@PowerShellCrack
Copy link
Contributor

So, is everything GTG? was the root cause a space? That has to be frustrating. 🤯

What is interesting in your last comment is you still needed to add SkipDeployReadiness and SkipPSDWelcome, these are in the ZTIGather.xml and shouldn't need to be called out. Same for the other properties you have.

Overall, I think the outcome is we need to add the trim to each property value when the module reads them.

@jimbeam128
Copy link
Author

Yes, everything works as desired including set the property PSDWizard=PSDWizardNew in the ZeroTouch-Section.

As you adviced before, I´ve created a complete new deploymentshare with "Install-PSD". I had a look a the ZTIGather.xml´s in that new folder. I could see that the PSD-Properties are missing in that file.
I had a look at the ZTIGater.xml File in the PSD-master installation-folder from where I installed and I can see that the properties are in that file.

So I think there must be still something wrong with the installer then...

Yes, trimming the strings would be a good idea... :-)

Furthermore would be good if there would be a check if the property is already declared in customsettings.ini or bootstrap.ini.
Then we would overcome "doulbe-declared" issues like this:

Get-PSDSettings: Changing property _SMSTSORGNAME _SMSTSOrgName to ZeroTouch, was Empty

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants