Task Sequence over Internet

Task Sequence over Internet

The deployment of a task sequence to customers can be done via the Internet. This scenario, which has already been present for several versions of Configuration Manager, has been improved with the 2010 version.

It is now possible to start the update or installation of a Windows 10 workstation from a boot media.

Prerequisites

Before to configure deployment of task sequence over internet, you need to configure Cloud Management Gateway.

The content can be obtained from the cloud management gateway, however the device needs a connection to the management point.

From the task sequence, you need to configure the task Apply network settings to join computer on the workgroup. You can’t configure connection to the Active Directory domain, Domain Controller is unavailable.

The WinPE environment does not support Wifi networks, the workstation must have a wired network card.

Create SCCM Task Sequence

From the Configuration Manager console, open Software Library tab and expand Operating Systems. Click on Task Sequences then on Create Task Sequence.

Task Sequence over Internet - Create Task sequence

Leave the default value and click on Next.

Task Sequence over Internet - Create Task sequence

Enter Task sequence name and click on Browse. Select the desired Boot Image and click on Next.

Task Sequence over Internet - Select Boot Image

With Browse button, select Image package. You can choose Image Index and configure ot²her option.

Configure Image Package

Enter the name of the Workgroup and click on Next.

Select Workgroup that the computer is joined

With Browse button, select the Configuration Manager client.

Configuration Manager Client is selected

Repeat the same operation with USMT package.

Select USMT operation

Configure the next windows and click on Next on Summary.

Configure the settings

Task sequence has been created. Click on Distribute Content in the ribbon.

Distribute content

All content needed for the Task sequence has distributed.

Distribute content

With Add button and choose Distribution point, select the distribution point present on the Cloud Management Gateway.

Select the distribution point
Select Distribution point

Click on Next and begin the distribution.

Distribute content

Deploy task sequence

Select the task sequence and click on Deploy in the ribbon.

Deploy task sequence

With the Browse button, select the desired collection. I choose the collection who contain all of my Windows 10 workstation.

Select Collection

Select Only media and PXE and click on Next.

Select Media and pxe

On User Experience, check Allow task sequence to run for client on the internet.

Select allow ts to run run for client on the internet

Click on Next on other windows. Task Sequence has been deployed.

TS has been deployed

Create Certificate templates

Before to create the media, you need configure certificate. From the Certification authority console, right click on Certificate Templates and click on Manage.

Manage certificate templates

Right click on Workstation Authentification and click on Duplicate Template.

Duplicate template

Enter the name of the template and configure Validity period.

Configure name of the template

Select Request Handling tab and check Allow private key to be exported.

export private key

Open Cryptography tab and check Microsoft Enhanced RSA and AES provider. Click on OK.

Check cryptography option

From the Certification authority console, right click on Certificate Templates and select New then Certificate Template to Issue.

Add certificate template to issue

Select the template previously created and click on OK.

Select template

Request certificate

From the Configuration Manager server, open MMC console and add Computer Certificates snap-in. Expand Personal then Certificates. Right click on Certificate then click on All Tasks / Request New Certificate.

Request new certificate

Select template previously created and click on Enroll.

Select template

Click on Finish, certificate has present on the console.

Certificate has been issued

Right click on the certificate and select All Tasks / Export. A new wizard appear, select Yes, export the private key and click on Next.

Select Yes to export the private key

Check Password and enter the desired password. This password is used when you create media.

Enter the password

With Browse button, select path and File name.

Configure path and filename

Certificate has been exported.

Create Media

From the Configuration Manager console, click on Task Sequence then on Create Task Sequence Media.

Create Task Sequence Media

Select Bootable media and click on Next.

Select Bootable Media

Select Site-based media and click on Next.

Sekect site for the media

I want to create a ISO file. Click on Browse button and select path and file name for the iso file.

Create media

Enter the password that you want for protect media. This password is asked after the boot. Select the certificate previously exported.

Configure security settings

Select Boot Image, Distribution point and Management point then click on Next.

Configure Boot Image

Click on Next on other Windows. The media is created.

Create media

Install Windows 10 Workstation

From the workstation, boot on the media and enter the password previously configured.

boot on media

Select the desired Task sequence and click on Next

Select Task Sequence

All file is downloaded by the CMG.

Download file on CMG

You can deploy OS over CMG.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.