Build and Import your perfect WIM file to SCCM with powershell

There are literally so many ways to inject patches to your WIM file nowadays, I’ve been done a little research and I find this way the most appropriate.
This guide is based on this blog:
but with a final touch on how to do almost everything with PowerShell, even import it to SCCM. Ok, lets go!

  1. Make a folder on the Site server example: “C:\WIM-Servicing”

  2. Download and unzip this file, WIM-Servicing (Includes two scripts

  3. Copy these two scripts to the ServerCapture.PNG
  4. Now its time to Mount the .ISO file to this server

  5. Copy the “D:\sources\install.wim” to this folder “C:\WIM-Servicing”
    D: is the mounted .ISO

  6. Now we need to download the .MSU files to your server, this step need some manually, unfortunately.

    In my enviorment, I want to patch the 1803 version with Cumulative, Stack update and Adobe Flash
    1. November 2018 – KB4467702 Cumulative Update for Windows 10 Version 1803 for x64-based Systems
    2. November 13, 2018 – KB4465663  Servicing stack update for Windows 10, version 1803
    3. November – KB4462930 Update for Adobe Flash Player for Windows 10  Version 1803
    To find these patches you go to

  7. After you download them, make another folder in that WIM-Servicing folder, and name it to the month with first 3 letters.

  8. One important thing is to rename the stack update with a “1-” in the name. like this
    Because if the Cumulative patch injects before the stack update, it could cause problems. So make sure you change this. So the stack comes first!
  9. Now we have everything settle to start the progress, Open up the Service_WIM_Proper_Way.ps1, right-click and Edit.
  10. Change variables to match your wishes.
  11. Run the script.
  12. What’s happening now is
    * Injection of patches
    * Moving the .wim file to your location
    * Importing the operating system image to sccm

  13. So now you can distribute your .wim file, and ready to Test.

Good luck!

KB4343900 – Failed to resolve package [HRESULT = 0x80070490 – ERROR_NOT_FOUND]

Hey! Just got a problem in the service window this Sunday, I’m just in need to share this with everyone.

The platform that has the problem.
Server 2008 SP1

The real problem
KB4343900 just not installing, Error code: 0x80070490

When I’m digging the C:\Windows\Logs\CBS\CBS.log, find some interesting stuffs.

Exec: Package: Package_533_for_KB4343900~31bf3856ad364e35~amd64~~ is already in the correct state, current: Installed, targeted: Installed
2018-08-23 14:58:44, Info CBS Exec: Skipping Package: Package_533_for_KB4343900~31bf3856ad364e35~amd64~~, Update: 4343900-1784_neutral_LDR because it is already in the correct state.
2018-08-23 14:58:44, Error CBS Failed to resolve package ‘Package_424_for_KB4103718~31bf3856ad364e35~amd64~~′ [HRESULT = 0x80070490 – ERROR_NOT_FOUND]

And Solution was to Install this patch
KB4103718 –

Look in this post if you want a script to run this on more computers than just one –

If you have another KB but still have ERROR_NOT_FOUND line, you´ll just install that patch instead.



MDT – Check if the model is certified, with mail flow.

Hey Again! Long time no seen, just had an amazing vacation. How are you guys?
Now with some new pieces of stuff that I´ve been working on.

In our company, we have a lot of different models, and sometimes they deploy them without me knowing. And therefore I didn’t put in any drivers.


  • A pop-up box prompt while deploying a machine in MDT (this could work in SCCM also, not tested), So the installation doesn’t continue
  • A mail with the model name, computer name, and deployment share name, So i can put the correct model drivers into the MDT workbench.


I made a PowerShell script that solves this. You need to fill the parameters to make it work in your environment.

Like this2018-08-13 14_01_16-Administrator_ Windows PowerShell.png
.\ComputerNotCertfied.ps1 -SMTPServer -SMTPPort 25 -From -To

Little explanation of the parameters
-SMTPServer (To send an email without putting any credentials, I’m I using a SMTP relay)
-SMTPPort (And I need to specify the ports as well for the relay)
-From (From which address I want to specify )
-To (To which address I want to specify)

#    ComputerNotCertfied.ps1
#Make a step in MDT, and a popup will promt the user, that the "Computer is not certified, #a mail have been sent to the system administrator"
#Then the script is sending a email to the system-admins.
#And after that, Shuts down the computer.

#Created: 2018-08-13
##Version: 1.0

#Author : Pontus Wendt
#Twitter: @pontuswendt
#Blog   :

#Disclaimer: This script is provided "AS IS" with no warranties, confers no rights and
#is not supported by the author
#ComputerNotCertfied.ps1 -SMTPServer -SMTPPort 25 -From -to

[parameter(mandatory = $True, HelpMessage = "Name of the SMTP server?")]

[parameter(mandatory = $True, HelpMessage = "Name of the SMTP relay port?")]
[parameter(mandatory = $True, HelpMessage = "Which adress are you sending from?")]
[parameter(mandatory = $True, HelpMessage = "Which adress are you sending to?")]
$wshell = New-Object -ComObject Wscript.Shell
$wshell.Popup("Computer is not certified, a mail have been sent to the system administrator.", 0, "Error", 0x0 + 0x1000)

#Gather computer information
$log = get-content "C:\MININT\SMSOSD\OSDLOGS\BDD.log"
foreach ($line in $log) {
    if ($line -like "*DeployRoot is now =*") {
        $Deploymentshare = "Deploymentshare " + "$($line.split("=")[1].split(']')[0])"

$Model = wmic computersystem get model
$Make = wmic computersystem get manufacturer

#Send mail with gathered information
$Subject = "New Model to certify"
$Body = "$Model `n $Make `n $Computername `n $Deploymentshare"
Send-MailMessage -From $From -to $To -Subject $Subject -Body $Body -SmtpServer $SMTPServer -port $SMTPPort

#Shutting down computer


  1. Copy this script (  zip it up first 😉 ) into the script folder in your Deployment share.
  2. Make a new step in your MDT task sequence, Choose PowershellScript
    2018-08-13 14_39_30-Photos.png
  3. Put this script into an MDT Step, and specify the parameters you want to use.
    PowerShell script: ComputerNotCertified.ps1
    Parameters: -SMTPServer -SMTPPort 25 -From -To
    2018-08-13 14_41_04-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  4.  Go to Options tab and click on Add button.
  5. Add then “If statement“, then choose “none
    2018-08-13 14_45_15-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
    2018-08-13 14_45_56-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  6. Mark “if none of the conditions are true, then Add Query WMI2018-08-13 14_47_14-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  7. Now we need to specify the models that are already certified.
    (Put in following text (in this example I put in the Virtual machine, in your case it could be “HP 820 G3”:
    SELECT * FROM Win32_ComputerSystem WHERE Model Like “Virtual Machine”
    2018-08-13 14_49_56-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
    2018-08-13 14_55_06-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  8. Click Ok, then Apply, close the Task Sequence.
  9. Then “Update Deployment Share”
  10. Done

How does it looks like when we run a computer that is not certified?

When the computer run the “Check If the computer is certified” step.
This will pop-up

When you click “Ok“, the computer stops and shuts down.

Then you check your mail inbox.
2018-08-13 14_57_44-mdt - Inkorg - mdt - Outlook.png

Voila! Now you got an email that they tried to run a un-certified model.

Thanks for reading


Whats new in Windows 10 Spring Creators update 1803?

I’ll bring some things up that are new in 1803, that I think it will be useful in daily work

Diagnostics & Feedback

In Europe its a lot of talk about GDPR and security about the personal information. So when they are focusing on this part, I think many companies are very happy about this feature.
In Settings\Privacy\Diagnostics & Feedback you can see that they added Basic

It means that they dont send anything about your personal information and so on.

They even added an app “Diagnostic data viewer” that you can see what information sends to microsoft and the information that stays on the machine. So now they trying to be as transparancy as posible.
You can find the app just “Settings\Privacy\Diagnostics & Feedback aswell”, just scroll down.
2018-04-26 09_30_08-Windows 10 Spring Creators Update.flv - VLC media player.png

2018-04-26 09_31_29-Windows 10 Spring Creators Update.flv - VLC media player.png

Fun fact with this is that they are live data for example go and google something and go back here and you see what’s happening on the machine.

Focus Assist

If you are working very deep with something, like writing a blog post or just want not to get interrupted by colleagues.
You can set automatic rules, let say every morning from 08.00 – 09.00 I don’t want to get notifications and so on.
If you duplicating your display, let say you have an important presentation that you don’t wanna get spammed by colleagues, also possible to make a rule like this.2018-04-26 09_41_41-Windows 10 Spring Creators Update.flv - VLC media player.png

If you go to the Priority list, you can specify people that you wanna let through even you are on “focus assist mode”
2018-04-26 09_44_47-Windows 10 Spring Creators Update.flv - VLC media player.png

Task View

They have rebuild this button totally, you can find this in the left corner of your screen

The new one is working like this: It remembers what windows you have opened for as long as one month, so if you accidentally closed something you can go back here, and quickly find it.
On the right side you see a Timeline, so you can easily scroll down to a specific date.

That was all, for now, then its a bunch of other features but I think these three sticks out from the rest

Thank you for reading


Create a Hyper-V Machine with one click

Hey there!

If you working with Client Management, you probably have some test-pc´s on your machine, Hyper-V machines maybe?

So Ive made a script that creates Hyper-V machines pretty sweet actually.

Let me go through the script here.

1. First, you need to modify the script, Go to the #Modify part of the script, change it so it fits your computer.

2 If you dont know what NetworkSwitch that you uses, you can find it Here
(In my case im using “Bridge”
2018-01-23 11_30_39-Hyper-V Manager.png
2. Then save it and run the script.

[Parameter(mandatory=$True,HelpMessage="Whats the name of the VM?")]

[parameter(mandatory=$True,HelpMessage="How much memory do you want in GB?(Example 4)")]

[parameter(mandatory=$True,HelpMessage="How large HD in GB (Example 80)")]

Function Select-FolderDialog
    param([string]$Description="Select a Folder that you wanna save your vhdx files",[string]$RootFolder="Desktop")

 [System.Reflection.Assembly]::LoadWithPartialName("") |

   $objForm = New-Object System.Windows.Forms.FolderBrowserDialog
        $objForm.Rootfolder = $RootFolder
        $objForm.Description = $Description
        $Show = $objForm.ShowDialog()
        If ($Show -eq "OK")
            Return $objForm.SelectedPath
            Write-Error "Operation cancelled by user."

# You can modify here if you always want to save your machines to a specific folder.
$Folderpath = Select-FolderDialog
$Path = "$Folderpath\$VM_name.vhdx"

#Change $NetworkSwitch to your standard switch in hyper-v, mine is Bridge
$NetworkSwitch = "Bridge"

#Creating Virtual machine
New-VM -Name "$VM_Name" –MemoryStartupBytes ([int64]$VMMemoryinGB*1024*1024*1024) -NewVHDPath $Path -NewVHDSizeBytes ([int64]$HDsizeinGB*1024*1024*1024) -Generation 2 -SwitchName $NetworkSwitch

#Change boot Order 'Network THEN Hardrive'
$vmNetworkAdapter = get-VMNetworkAdapter -Name "Network Adapter" -VMName "$VM_Name"
$vmHardDiskDrive = get-VMHardDiskDrive -VMName "$VM_Name"
Set-VMFirmware "$VM_Name" -BootOrder $vmNetworkAdapter, $vmHardDiskDrive

Start-vm $VM_name

& vmconnect.exe localhost $VM_name

Write-host "Succefully Created VM, Starting.."  -ForegroundColor Green

( You can also download the script here New-VM )

3. When you running the script, you gotta answer some questions. (Type !? for help)

4 (Optional) If you want you could just run the script with some parameters like this or you could run the script in the console
2018-01-22 10_41_34-Administrator_ Windows PowerShell ISE.png

5. Answer all of them like this.
2018-01-22 10_27_28-Administrator_ Windows PowerShell ISE.png

6. Then the Machine will start, and you are good to go.
2018-01-22 10_28_49-Edit Post ‹ PONTUSWENDT.BLOG - Client Management —

7. Done

Good luck


Add a language pack to your Reference image

Add a language pack these days can be done in different ways, I recommend do it by DISM. Here´s a guide how you can do it

What you need
* Powershell 3.0 or later.
* Windows 10 Pro 1703 or later

Ok, Now we need to put some files on the right place to begin, Start to create a folder structure like this.
2017-11-21 10_56_21-Add-Language-pack.png

1. Start with ISO folder.
1.1 Download the ISO from Voluming Licensing Service Center or a Windows 10 EVAL (
1.2 Just right click on the ISO and Mount
1.3 Copy all the files from the Mounted ISO to your ISO folder.
1.4 Now it gonna look like this.
2017-11-21 11_07_49-ISO.png

2. Language_files
2.1 Download the CAB file here:
2.2 Copy the CAB file the the “Language_files” folder.
2.3 Now its gonna look like this.
2017-11-21 11_16_16-Language_files.png

3. Scratch its just a empty folder.
2017-11-21 11_17_24-Scratch.png

4. temp_ISO also is a emtpy folder
2017-11-21 11_17_54-temp_ISO.png

5. Lets start the scripting. Open up the Powershell script.
You can find it Here:Add-Language-pack

6. Open up the script and we need to do some Editing.

7. Edit the variables so it fits your environment.
2017-11-21 11_23_12-Administrator_ Windows PowerShell ISE.png

8. Run your variables
2017-11-21 11_25_20-Namnlös - Paint.png

9. Now in Windows 10 1709 its same ISO for PRO, PRO N, Enterprise, Enterprise N etc. So we need to figure out what Index we want to modify
2017-11-21 11_27_07-Kalkylatorn.png
2017-11-21 11_27_31-Administrator_ Windows PowerShell ISE.png

10. In my case, I want to modify Windows 10 Enterprise N, Run the variable
2017-11-21 11_28_23-Kalkylatorn.png

11. Now its time for some Action, Run the next line, to “#Mount your ISO with that specific index and put it in a temporary folder.”
2017-11-21 11_29_35-Kalkylatorn.png
2017-11-21 11_30_42-Administrator_ Windows PowerShell ISE.png
2017-11-21 11_33_52-Administrator_ Windows PowerShell ISE.png

11. Then run the next one, #Time to Add the language pack
2017-11-21 11_35_13-Administrator_ Windows PowerShell ISE.png
2017-11-21 11_35_48-Administrator_ Windows PowerShell ISE.png
2017-11-21 11_37_58-Administrator_ Windows PowerShell ISE.png

12. Time to run the next one. “#Do changes in the mounted Image”
2017-11-21 11_39_16-.png
2017-11-21 11_40_47-Administrator_ Windows PowerShell ISE.png
2017-11-21 11_41_04-Administrator_ Windows PowerShell ISE.png

13. Ok, Now the last command, #Unmounting the ISO file and saving it..
2017-11-21 11_41_44-Kalkylatorn.png
2017-11-21 11_45_56-Administrator_ Windows PowerShell ISE.png
2017-11-21 11_46_37-Administrator_ Windows PowerShell ISE.png

14. The language pack is now into the .ISO file, and you have succeeded to do your mission.


15. We need to modify the answer file, if you want to deploy this with MDT/SCCM, otherwise, it will choose EN because its “standard” on the ISO file

16. Open Windows System Image Editor on your machine ( you need ADK to have this program installed)

17. Right click on Select a Windows image or catalog files – Select Windows Image..
2017-11-21 11_51_21-Namnlös - Paint.png

18. Choose the .ISO file that you just modified.
2017-11-21 11_52_33-Windows System Image Manager.png

19. Choose the Index that you wanna modify, In My case Windows 10 Enterprise N
2017-11-21 13_09_55-Untitled_ - Windows System Image Manager.png

20. Rightclick “Create or open an answer file” then New Answer file.
2017-11-21 13_11_05-Namnlös - Paint.png

21. Click on Components then “amd64_Windows-International-Core_10.0.16299.15_neutral then Add Settings to Pass 4 specialize
2017-11-21 12_57_54-Namnlös - Paint.png

21. Change Settings like below
InputLocale sv-SE
Systemlocale sv-SE
UILanguage sv-SE
UILanguageFallback en-US
UserLocale sv-SE
2017-11-21 12_59_35-Untitled_ - Windows System Image Manager.png

22. Click on Components then “amd64_Windows-International-Core_10.0.16299.15_neutral then Add Settings to Pass 7 OOBesystem
2017-11-21 13_17_38-Namnlös - Paint.png

22. Change Settings like below
InputLocale sv-SE
Systemlocale sv-SE
UILanguage sv-SE
UILanguageFallback en-US
UserLocale sv-SE
2017-11-21 13_02_49-Untitled_ - Windows System Image Manager.png

23. Save the file and name it like answer.xml or something like that.

24. Now we are done, You have a proper ISO to work with, and a answer file that will change the language while deploying your machines.


ZTIWindowsupdate has run And Failed too Many Times. Microsoft – Printer 6/21/2006 12:00:00 AM 10.0.15063.0

Recently I discovered a really annoyoing issue when:
Error message: ZTIWindowsupdate has run And Failed too Many Times. Microsoft – Printer 6/21/2006 12:00:00 AM 10.0.15063.0
Deploying with MDT
Both Windows 10 1703 and Windows 10 1709

Here´s the issue, when running the Windows update step in the MDT, it hangs on some Updates
2017-11-06 16_05_17-TEST F12 på PONWEN-LAP01 - Anslutning till virtuell dator.png

2017-11-06 16_11_41-TEST F12 på PONWEN-LAP01 - Anslutning till virtuell dator.png

Biggest question, What it is?
Its two drivers,
Microsoft to PDF
XPS Services

And somehow it causes the Windows update to retry, retry and retry. Its simply cant succeed. These updates are not in the WSUS just when you going to

My solution is to “Disable” the feature before the updates, and “Enable” them after the updates. Because of bad drivers from Microsoft.

The solution:
1. First, Open the Task Sequence that you are deploying.

2. Add a Step into the task sequence. (Make sure you add it After Windows is Installed, Add it just before Windows update is running.)
Add\Roles\Uninstall Roles and Features
2017-11-06 15_39_59-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

3. Check Microsoft Print to PDF
2017-11-06 15_42_39-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

4. Check XPS Services
2017-11-06 15_48_20-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

5. Then We add a new step in the task sequence. Pretty down in the task sequence. Just before “Apply Local GPO Package”
Add\Roles\Install Roles and Features
2017-11-06 15_51_07-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

6. Check Microsoft Print to PDF
2017-11-06 16_12_58-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

7. Check XPS Services
2017-11-06 16_17_41-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

8. Then apply

9. Update your Deploymentshare and try again. On my machine, it solved the issue. Good luck!