Deploy Image from Stand-Alone USB on SCCM 2012 R2


This deploy will be done via USB and connect to a domain through a WPA2-Personal wireless connection. It then needs to connect to the WPA2-Enterprise connection once completed. The reason we needed to do this was because we were deploying to devices with no LAN port, only WLAN. We could have purchased a bunch of USB to LAN adapters but that required manufacturer-only adpaters and it would have been more expensive than USB drives.

Adding an action to run a script after Task Sequence is completed

Early in the sequence (any where after “Restart in Windows PE”) you need to set a Task Sequence Variable for SMSTSPostAction. This allows you to run a command or script once the Task Sequence is completed. I have set this up with a script to run gpupdate and delete our hidden wireless network profile.¬†Because I have used a script I have had to use DISM to add the script into C:\Temp on the image. Here is instuctions¬†on how to modify the image. The type is a Set Task Sequence Variable. In the Task Sequence Variable name you set it as SMSTSPostAction and the Value to C:\Temp\<script name> My batch script is simple and looks like this:

timeout 60
timeout 60
netsh wlan delete profile name=<profilename>
netsh wlan connect ssid=<SSID>

Naming the computer automatically

The next step is to do with naming. I have a Run Command Line sequence to set the computer’s name. This is a simple command that calls a script that I have added to a package. The script is as follows:

Set env = CreateObject("Microsoft.SMS.TSEnvironment")
Set ProgressUI = CreateObject("Microsoft.SMS.TsProgressUI")
Set SWBemlocator = CreateObject("WbemScripting.SWbemLocator")
Set objWMIService = SWBemlocator.ConnectServer(strComputer,"root\CIMV2",UserName,Password)
Set colItems = objWMIService.ExecQuery("Select * from Win32_BIOS",,48)

For Each objItem in colItems
env("OSDComputername") = objItem.SerialNumber

Connecting to hidden wireless network

The next part was connecting to the domain over wireless. We had to create an extra SSID, which we hid, and protected with WPA2-Personal security. This required creating a connection to this network on another machine and then exporting the profile for that connection.

To export the XML after creating the connection is simple. In a command prompt you run

netsh wlan export profile key=clear

This will save it to the directory your command prompt is running from. Note that this saves your wireless network with the passphrase in clear. With this I created a new Package in SCCM which contained the XML (which I rename domainjoin.xml) and a batch script. In the batch script I had the following:

netsh wlan add profile filename=domainjoin.xml user=all
netsh wlan connect name=<SSID>
timeout 60

The timeout is required; I haven’t tested for a shorter time than 60 seconds.

Task sequence completion

After that a domain join is completed and a restart.
Once the Task Sequence completes, the script set with SMSTSPostAction will run. Sometimes it takes a few minutes before it connects to the wireless but have yet had one to fail.