Enhanced Application Deployment: Part 4
In part four of this series I want to share some screenshots of the setup an operation of this working. I have already had a fair bit of feedback basically saying, sounds good but does it actually work? Well after some further testing to this the answer is yes.
We start with an initial setup, this is how me and my customer are deploying the equipment in question and preparing it for deployment.
The first step is simple, we create or pre-stage the computer into Active Directory. On the OU you wish for machines to sit (don’t forget this potentially could change in the task sequence so it may not be the final resting place), right click the OU and select New > Computer. The following screen appears which you can populate.
In this screen you simply enter the computer name of the machine. In a large deployment scenario this information will come in electronic format from the vendor so no need to manually enter this information. You can simply loop through the CSV with PowerShell.
Once this information has been entered, switch to the ConfigMgr console and load the Import Computer Information wizard from the devices node. Select the CSV provided by the vendor, on ours I have added the username of the person who will own this device once it’s built.
You can see from the above screenshot (and my random arrows) that we change the “Assign As” column to match up with the three fields in our CSV. So as above; Name, MAC Address and the last one we set to a variable. What you enter in the text box below will be the name of the variable. This is used to pass into MDT for setting SMSTSUDAUsers later on.
I recommend adding these to a specific collection with your task sequence advertised. It keeps things clean and separate, something which is easier to cleanup later on once you have finished deploying.
Finally, before we start assign some applications from your security groups to the machine account or the username. In my case I assigned the free version of Soap UI which I setup as an application.
Remember the description field must be the exact name of the application as displayed in the ConfigMgr console. Once this is done, the initial setup is complete.
Task Sequence Steps
I don’t do a massive amount in the task sequence to get this to work. I don’t need to, 99% of the work is done at the back end meaning very little change up front.
In the above screenshot of the task sequence you can see the highlighted steps on the left, first of all I run Gather with local rules processing to make sure the default variables are processed. Secondly we run “Set Computer Name”, this step sets the variable CONComputerName (which you can see in the parameters box). In a live environment, this has additional tasks for naming laptops and desktops (client requirements).
On the right you can see the task sequence step “Set Dynamic Applications”, this is where we call the web service. All we are doing here is passing the computer name, MAC address of the first adapter and the username set on the device variable (just out of shot). This calls a PowerShell script in our Application Service Scripts package called Set-Applications.ps1 which invokes the SetApplications method by calling a New-WebServiceProxy command and loading in the parameters we have specified.
The next Gather step is where we go off to the MDT database and get the configuration that the web service has entered into the database.
Executing the Task Seqence
Here you can see ZTIPowerShell.log showing the command line getting built and executed, this proves everything is getting sent to the web service as it should and we have a zero return code.
Then in the following screenshot you can see part of ZTIGather which is executing a query for applications against the database. Once this has done Gather then loads them into the APPLICATIONS task sequence variable for processing later on.
If you had any packages you would also see the same happening later on in the processing of CustomSettings. Then, much later, after the image has dropped down you will see the “Install Dynamic Applications” task sequence step executing. This is where the list of applications is processed.
So as you can see in the above screenshot you can see Soap UI is now installing, just for some further clarification for you guys, here is part of AppEnforce.log which shows the installation (click for larger image).
Right at the top here you can see the enforcement started, then you can see that the application has not been discovered so can install, then the command line is prepared using information from the deployment type. Then at the bottom the first yellow line shows an exit code of zero from the install and then the yellow block showing the enforcement has completed.
One final step we run is to clean up the MDT database, you could leave this step out however if you wanted to rebuild this machine you would end up with the same configuration of applications from the first execution. Again this is just a PowerShell scripts calling a method in the web service and we pass the MAC address, as you can see.
So there you have a first screenshot walk through of the process. I am hoping to do a short webinar style recording of the process so it flows a little better. Hope you find it interesting and potentially useful. Feel free to reach out to me on Twitter or the comments section if you have and questions, comments or suggestions.