Archive for the ‘SCCM Operating System Deployment (OSD)’ Category

Why I think DISM is awesome…

August 5, 2011 2 comments

Have you ever run into a situation where a NIC driver just will not install from a driver package in a ConfigMgr task sequence? The NIC driver works when you use it in WinPE. It will install in the full OS outside of the imaging process without issue (i.e. via Device Manager). It just will not install from “Auto Apply Drivers” or a “Apply Driver Package” in the task sequence. I have to say this can be really frustrating. This happened to me with Windows 7 32-bit and some Intel drivers. No version difference would help.

But, I used DISM (Deployment Image Servicing and Management) to install the drivers in the image that I captured and the NIC drivers installed without issue using that new image in the same task sequence. In fact I used the same drivers from the driver package that didn’t work in the task sequence. Nothing different other than installing them into the offline .WIM file of the captured OS.

That is why I think DISM is awesome!



Does McAfee Endpoint Encryption support the Advanced Format Drives with Windows XP as the OS loaded?

Sure it does…just not the way some of the devices have their BIOS configured and not officially supported by McAfee of course (see link below). Specifically the Dell E6320 and E6420 laptops have this issue. They comes with “RAID on” selected in the BIOS. If you have Windows XP on the laptop, this RAID configuration, and load McAfee Endpoint Encryption you will not be able to use the laptop. You won’t even be able to log in…

However, if you change the BIOS configuration to “AHCI” it will work…of course you will need to reconfigure your ConfigMgr task sequence to specify a different driver and model and then reimage first.


Endpoint Encryption Advanced Format Drive support link:

Dell E6320, E6420, & E6520 mass storage drivers in ConfigMgr for Windows XP

May 16, 2011 7 comments


Unfortunately still need to drop a Windows XP SP3 image on our new Dell Latitude laptops (E6x20). I ran into some issues trying to determine the driver and model for the mass storage driver section in ConfigMgr. This was primarily due to the fact that the driver in the OEM image wasn’t as nice as other versions…it did not specify for some reason. Maybe it is Windows 7 SP1 in combination with the new drives?

Anyway, I checked the BIOS and found that the storage was set to “RAID on” and used the table found in the following link to determine that my Dell Latitude E6320 needed to be setup as follows for the Windows XP mass storage drivers:

Dell System


Vendor version

BIOS Setting for SATA Operation

OSD Driver Name

OSD Model Name

Latitude Exx20 R291722 ATA Intel® ESB2 SATA AHCI Controller

Intel(R) Mobile Express Chipset SATA AHCI Controller

Latitude Exx20 R291722 AHCI

Intel® ESB2 SATA AHCI Controller

Intel(R) Mobile Express Chipset SATA AHCI Controller
Latitude Exx20 R291722 RAID On Intel® ESB2 SATA RAID Controller

Intel(R) Mobile Express Chipset SATA RAID Controller


The selected driver is not applicable to any supported platforms

May 13, 2011 1 comment


Ever have one of those days where you think you are going crazy? I had one today related to an experience trying to import some Dell drivers for the new E6320 and E6420 laptops. The most important of the drivers for my ConfigMgr OSD task sequence are NIC drivers. The version that I needed for WinPE was But guess what? Every time I tried to import I got an error “The selected driver is not applicable to any supported platforms”. What?!?!?!

Apparently, if using Windows Server 2008 (not R2), you need to patch the OS for the import to work.

Per the KB:

Consider the following scenario:

  • On a computer that is running Windows Vista or Windows Server 2008, an application uses the SetupVerifyInfFile function to validate an.inf file.
  • The function uses the AltPlatformInfo parameter.
  • The version of the .inf file is newer than the version of the operating system.

In this scenario, the validation fails.
For example, assume that you install a Microsoft System Center Configuration Manager (SCCM) 2007 site server. Then, assume that you try to import a Windows 7 driver into an Operating System Deployment (OSD) image. In this scenario, the driver import fails. At the same time, you receive the following error message:

Error: Failed to import the following drivers:
<Driver file> The selected driver is not applicable to any supported platforms.

Note SCCM 2007 uses the SetupVerifyInfFile function to validate the .inf file.

KB979492 Link":

ConfigMgr OSD TS commands not working with Windows Server 2008 R2

May 4, 2011 6 comments

I ran into some inconsistency with commands working with my ConfigMgr task sequence when deploying Windows Server 2008 R2. I am creating a build for Citrix XA6. When I ran certain commands via the TS to do this in Windows Server 2008 R2 it did not work. In the full OS it worked just fine. So my good friend Chris Nackers gave me a couple of ideas. Basically Chris said to dig into what is being called, where it resides, and force the TS to work that way.

One of the applications that we need installed (HP Quality Center) requires that DEP is turned off.

The command I need to run is: bcdedit.exe /set {current} nx AlwaysOf
In the TS I need to run: cmd.exe /c "bcdedit.exe /set {current} nx AlwaysOff"

The next trick was to “Disable 64-bit file system redirection”. So, BCDEDIT.EXE is in C:\Windows\System32 in Windows Server 2008 R2 and it seems that when I combine the command in the TS and that checkbox things work. I also added “C:\Windows\System32” as the “Start in:” folder but I am not certain that this is necessary.


The Citrix XenApp install also had some issues using the following command prompt required a temporary disabling of driver integrity check. If you do not specify this it will give you a security warning and say that an unsigned driver is trying to install. So without this it will not install silently.

Installation: XenAppSetupConsole.exe /log:c:\XA6_Install.log /install:XenApp /Platinum
Command I had to run first: bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
How I need to use in the TS: cmd.exe /c "bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS"


Likewise I enabled the driver integrity check when done by using:

cmd.exe /c "bcdedit -deletevalue loadoptions"


Disabling the Windows Firewall in a SCCM Task Sequence

To do this you can add “Run Command Line” from “General” and add the following command.  I usually put a “Time-out (minutes):” value of “1”.

Netsh firewall set opmode disable


***UPDATE*** For Windows Server 2008 R2 you will want to use the following to disable the firewall for the current profile:

netsh advfirewall set currentprofile state off

If you have issues passing the command via the TS check this out:


ConfigMgr OSD & Citrix XenApp 6 Updates

So we have been working on automating Citrix XA6 server builds using ConfigMgr OSD. One of the challenges we had to overcome were the Citrix XA6 updates. For the most part they can install just fine with a “/qb /norestart”…but then there are XA600W2K8R2X64010 and XA600W2K8R2X64026.

Both of these updates require some applications to be stopped. While you can pass commands to kill the process or write a script to handle this you will still run into problems with XA600W2K8R2X64010. This update in particular caused me some headache. I wrote a script that killed all of the services that it was prompting me about. Then it said that Terminal Services needed to be installed for the update to apply…but wait…that was one of the processes I had to kill to get rid of the message. So, I removed that step in my script to leave Terminal Services running since it seemed to need it…then it prompted saying that it needed to the process/application to be closed. Sort of like a dog chasing it’s tail, huh?

Then I stumbled upon the following command line syntax. This works with all of the .msp files and in such a way that it will not care what is running or require any intervention. So no script required and I just created a package with the updates and associated programs.

msiexec /qb /passive /norestart /p filename.msp

This worked for sure with the following:


%d bloggers like this: