Hey Again! Long time no seen, just had an amazing vacation. How are you guys?
Now with some new pieces of stuff that I´ve been working on.

In our company, we have a lot of different models, and sometimes they deploy them without me knowing. And therefore I didn’t put in any drivers.

Goal:

• A pop-up box prompt while deploying a machine in MDT (this could work in SCCM also, not tested), So the installation doesn’t continue
• A mail with the model name, computer name, and deployment share name, So i can put the correct model drivers into the MDT workbench.

Solution:

I made a PowerShell script that solves this. You need to fill the parameters to make it work in your environment.

Like this
.\ComputerNotCertfied.ps1 -SMTPServer relay.liverpool.com -SMTPPort 25 -From Home@liverpool.com -To Away@liverpool.com

Little explanation of the parameters
-SMTPServer (To send an email without putting any credentials, I’m I using a SMTP relay)
-SMTPPort (And I need to specify the ports as well for the relay)
-From (From which address I want to specify )
-To (To which address I want to specify)

#Synopsis
#    ComputerNotCertfied.ps1
#DESCRIPTION
#Make a step in MDT, and a popup will promt the user, that the "Computer is not certified, #a mail have been sent to the system administrator"
#Then the script is sending a email to the system-admins.
#And after that, Shuts down the computer.

#Created: 2018-08-13
##Version: 1.0

#Author : Pontus Wendt
#Twitter: @pontuswendt
#Blog   : https://pontuswendt.blog

#Disclaimer: This script is provided "AS IS" with no warranties, confers no rights and
#is not supported by the author
#EXAMPLE
#ComputerNotCertfied.ps1 -SMTPServer relay.liverpool.com -SMTPPort 25 -From liverpool@anfield.com -to
# liverpool@anfield.com

#Parameters
Param(
[parameter(mandatory = $True, HelpMessage = "Name of the SMTP server?")]
[ValidateNotNullOrEmpty()]
$SMTPServer,

[parameter(mandatory = $True, HelpMessage = "Name of the SMTP relay port?")]
[ValidateNotNullOrEmpty()]
$SMTPPort,
[parameter(mandatory = $True, HelpMessage = "Which adress are you sending from?")]
[ValidateNotNullOrEmpty()]
$From,
[parameter(mandatory = $True, HelpMessage = "Which adress are you sending to?")]
[ValidateNotNullOrEmpty()]
$To
)
#Popup-message
$wshell = New-Object -ComObject Wscript.Shell
$wshell.Popup("Computer is not certified, a mail have been sent to the system administrator.", 0, "Error", 0x0 + 0x1000)

#Gather computer information
$log = get-content "C:\MININT\SMSOSD\OSDLOGS\BDD.log"
foreach ($line in $log) {
    if ($line -like "*DeployRoot is now =*") {
        $Deploymentshare = "Deploymentshare " + "$($line.split("=")[1].split(']')[0])"
    }
}

$Model = wmic computersystem get model
$Make = wmic computersystem get manufacturer

#Send mail with gathered information
$Subject = "New Model to certify"
$Body = "$Model `n $Make `n $Computername `n $Deploymentshare"
Send-MailMessage -From $From -to $To -Subject $Subject -Body $Body -SmtpServer $SMTPServer -port $SMTPPort

#Shutting down computer
Stop-Computer

Guide:

1. Copy this script ( ComputerNotCertfied.zip  zip it up first 😉 ) into the script folder in your Deployment share.
   
2. Make a new step in your MDT task sequence, Choose PowershellScript
   
3. Put this script into an MDT Step, and specify the parameters you want to use.
   PowerShell script: ComputerNotCertified.ps1
   Parameters: -SMTPServer relay.liverpool.com -SMTPPort 25 -From Home@liverpool.com -To Away@liverpool.com
   
4.  Go to Options tab and click on Add button.
   
5. Add then “If statement“, then choose “none”
   
   
6. Mark “if none of the conditions are true, then Add Query WMI
7. Now we need to specify the models that are already certified.
   (Put in following text (in this example I put in the Virtual machine, in your case it could be “HP 820 G3”:
   SELECT * FROM Win32_ComputerSystem WHERE Model Like “Virtual Machine”
   
   
   
8. Click Ok, then Apply, close the Task Sequence.
   
9. Then “Update Deployment Share”
   
10. Done

How does it looks like when we run a computer that is not certified?

When the computer run the “Check If the computer is certified” step.
This will pop-up

When you click “Ok“, the computer stops and shuts down.

Then you check your mail inbox.

Voila! Now you got an email that they tried to run a un-certified model.

Thanks for reading

/Pontus

Recently I discovered a really annoyoing issue when:
Error message: ZTIWindowsupdate has run And Failed too Many Times. Microsoft – Printer 6/21/2006 12:00:00 AM 10.0.15063.0
Deploying with MDT
NO WSUS
Both Windows 10 1703 and Windows 10 1709

Here´s the issue, when running the Windows update step in the MDT, it hangs on some Updates

Biggest question, What it is?
Its two drivers,
Microsoft to PDF
XPS Services

And somehow it causes the Windows update to retry, retry and retry. Its simply cant succeed. These updates are not in the WSUS just when you going to microsoft.com

My solution is to “Disable” the feature before the updates, and “Enable” them after the updates. Because of bad drivers from Microsoft.

The solution:
1. First, Open the Task Sequence that you are deploying.

2. Add a Step into the task sequence. (Make sure you add it After Windows is Installed, Add it just before Windows update is running.)
Add\Roles\Uninstall Roles and Features

3. Check Microsoft Print to PDF

4. Check XPS Services

5. Then We add a new step in the task sequence. Pretty down in the task sequence. Just before “Apply Local GPO Package”
Add\Roles\Install Roles and Features

6. Check Microsoft Print to PDF

7. Check XPS Services

8. Then apply

9. Update your Deploymentshare and try again. On my machine, it solved the issue. Good luck!

/Pontus