Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


clodhoppers18

Member
  • Content Count

    29
  • Donations

    $0.00 
  • Joined

  • Last visited

Community Reputation

0 Neutral

About clodhoppers18

Contact Methods

  • Website URL
    http://
  1. The only change I make is disabling the firewall on the client. The MAK Proxy activation does not require the client have access to the internet in order to activate. The computer with the VAMT must have access to the microsoft sites without the proxy in the way. The proxy isn't the issue at this point because as soon as I disable the Windows Firewall on the client computer, the MAK Proxy Activation is successful. Also, the web filtering that we use isn't robust enough to detect the OU that the computer is in and apply policies that way. We can only use IP address or username based filtering.
  2. I disable the windows firewall on the client. (The computer that needs to be activated but cannot because it's IP address requires credentials to access the internet)
  3. Even when I am initiating the activation from the Windows Deployment Server using the Volume Activation Management Tool? I can get to the web with no problem and I can ping the computer with no problem but when I try to do the MAK Proxy activation, it acts like it can't see the client.
  4. Yes, unfortunately we can only allow the primary domain name to not require authentication. so for http://www.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunications.crl we would have to allow www.microsoft.com to go through without authentication. This will allow all users to get to www.microsoft.com Unfortunately, this is not an option for our security folks. Right now we are using MAKproxy activation which allows the server IP to go through the proxy without authentication. This allows it to conduct the activation and pass the confirmation ID back to the client. The windows firewall on the client is preventing the server from connecting and activating the client. Hopefully this clarifies the issue.
  5. Issue: I am running into an issue with an image I have that is preventing me from efficiently activating the PCs that I have after deployment of a custom image. Whenever I attempt to do a MAK Proxy Activation, I have to disable the Windows Firewall on the client PC in order for the activation to take place. Prior to disabling it, I have been able to ping between the two computers without any problem. Scenario: Attempting to do MAK proxy activation on a Windows 7 Professional image with a Windows Server 2008 that has MDT 2010 and WDS using the Volume Activation Management Tool. The image is nearly perfect with the exception of two minor things, but aside from this and a password issue, it is golden. Research: I have done some research on line and it looks that WMI must be enabled and allowed through the Windows Firewall on the client in order for the MAK activation to occur. I am in the process of checking this right now, but I wanted to confirm that you do need WMI enabled and permitted before rattling my mind on what is preventing the access. Optimal Solution: One that doesn't require me to re-do the entire image. If at all possible, I would like to avoid re-doing the image just because I need to change one thing. Is it possible to insert the rule that may be needed using registry edits? I have found where I can add certain ports to the firewall profiles through netsh advfirewall command, but I'm not only unsure of what ports are needed, but also the scope and any other necessary parameters for this. I thank you all in advance. Just so it's clear, I have done some research all over the net on this but haven't found anyone with my issue. Also, I have looked through both the firewall addition and the WMI requirement prior to posting this. If I overlooked something, please let me know. Thanks! --Dustin
  6. Our deployment is set to automatically connect using supplied credentials, so we don't get prompted for that. Is there a log I could pull up within WinPE to see what point it got to when it couldn't "read the media"?
  7. Yes to the ping, no to the Wireless connection. On gigabit switches, even tried hooking up to the same switch that the deployment server is on and still nothing. For the ping thing, the CD has been used on the same model before without any issues so I don't suspect a driver problem.
  8. We are using MS Deployment Toolkit (who knows what it's called now, the name changes every 6 months) with WinPE 2.0. We have a CD that we use for booting into the deployment Wizard (Lite Touch PE ISO from the server that has the deployment toolkit installed) We have several CDs and they all work on our desktops and have been used on many of our laptops and netbooks. However about a week ago, we started having a problem where the laptops would start to boot from the disk, would get loaded into WinPE with the 2 command boxes up then we would get a "Media Not Found. Please reinsert the media (CD, DVD, or USB) needed to complete the deployment." message. We can remove and reinsert the CD as many times as we want but it goes no further in WinPE. We are getting an IP address through WinPE and can ping the deployment server. We know 100% that these disks (3 different ones) have been used on the exact model of notebooks and netbooks. We have tried switching out the CD/DVD modular drives in the affected notebooks, as well as using several different external drives with no success in getting past this message. After receiving this message on the notebooks, we used them on a desktop and they are able to pull up the deployment wizard and deploy the images, etc. We have tried re-burning the ISO, after doing the "update" on the deployment point and it still doesn't get past the message on the note/netbooks. What boggles my mind is that it works on the desktops; it is obviously able to read the disk because it boots most of the way through; and the disk worked previously on this model laptop. Please advise in any way you can, I appreciate the assistance.
  9. happy times with Windows Deployment Services!

    1. chadwork2001

      chadwork2001

      Clodhoppers, did you ever find a solution to this problem?

  10. My hardware is the same on the PCs I have deployed to before. I have tried 5 different CDs, and they all have slight changes in the drivers, the oldest is known to work on this model, and the latest is also known to work, but only once. The others in between have also worked. I have reburnt the CD several times with different sets of drivers (some older some newer, etc.) I have also removed the changes I have made to WinPE (The startnet.cmd I changed so that it would ping itself before it started WPEINIT so that it would have the time it needed. I am not aware of what version of WinPE I am using, but WAIK says that it is the latest version when I check for updates within the Deployment Workbench. Currently we are deploying from a small Windows XP machine, so PXE boot isnt an option at the moment. Before we deploy, we plan on migrating to a Server '08 box that we have. Any further ideas? At this point, I am ready to rebuild the deployment server.
  11. Something VERY interesting I noticed is this: I have an old CD (From May 15) that has been working for sometime. If I leave the network cable unplugged, Windows PE presents an error and says "Check Physical Connection" After this issue began lately, It now does the same wpeinit, however it seems like it is not checking the network connection as it was for the past several months. what is even MORE confusing is this is booting from a CD, so there could not have been any changes made to Windows PE on that disc. Any further ideas?
  12. I am having a heck of a time with Windows PE and Microsoft Deployment Toolkit. I do the following: I have had a working WDS/MDT configuration for about 4 months now. As I am testing, I decide to deploy to 5 PCs via booting to CD I boot to CD on one, kick off the install, and all is well I go to ANY of the other 4 PCs and it boots WinPE, but when it starts wpeinit it goes to the next line in command prompt, and refuses to start even if I attempt to start it manually. Additionally, when it completes wpeinit for the first time the custom background is shown, however after manually kicking it off, it shows a black background. Whats super confusing is that I conduct a repair of the WAIK and then the deployment works fine for another PC, however when I go to deploy it to the remaining 3 PCs, it does the same as after the first. I have made the following modifications to the Windows PE LiteTouchBootable wim file: I have changed the startnet.cmd so that it pings itself after initializing the network, so that I do not get a time out error and it say that it cannot connect to the deployment server. I have approximately 200 computers to deploy to, and refuse to reinstall the WAIK everytime I deploy. Does anyone have any ideas as to what is going on?
  13. That looks familiar. It also makes sense with all the WGA junk in there. I have another question. Should I just take an image of the factory image with imagex, and attach that to the WIM file OR should I use something like Acronis to make a sector based image of the PC?
  14. I got the idea of the gold image, that makes sense. The factory image is now clear in my mind. Sorry for any confusion. That makes sense enough. One little thing is that the sysprep.inf that will be used is generated by MDT, but I got the idea, as far as same sysprep configuration. The deployment tool kit is a bit confusing and VERY extensive, so it is rather hard and frustrating to search through it all. ------- Not what my experience shows. I have had sysprep die on me after the third time of sysyprepping it. we have had one image that was sysprepped once and it was fine, we resysprepped it 2 more times, and it kept at different points on the very same computer. See thats what confused me, is that it does the same thing to change the identity of the computer each time, why would it differ if it was the first time or the 5 time. I heard someone's definition of insanity is doing the same thing over again with the same variables and expecting different results. I guess that means sysprep is insane, since it seems like you can get different results from doing it over and over again.
  15. So with that process how would I modify an existing image? or is it a once you are done, you are done, theres no going back to make modifications except with something like Autoit? We have varying screen resolutions, it sounds like something that records keyboard input would be better. I will give the AutoIt macro recorder a try.
×
×
  • Create New...