Installing and Configuring MDT for Windows 10 minimal touch deployments

Windows 10

On a side note not covered in the video, by accident, is the step to edit bootstrap.ini so that you aren’t prompted with a welcome screen and also the extra few lines to pre-fill the username and domain so only the password is required to login to the Deployment Share.

If you want to remotely upgrade clients Zero touch see here.

To add drop down boxes to the Computer Name screen see here

Edit your bootstrap.ini from Deployment Share Properties to include

[Settings]
Priority=Default

[Default]
DeployRoot=\\DC-01\DeploymentShare$
UserDomain=home.local
UserID=Admin
UserPassword=P@ssword!
SkipBDDWelcome=YES

Updated rules as of 01/03/2021 to perform ZeroTouch if required

  • Now also auto bit lockers the disk – need to test the outcome if not TPM is present.
  • To achieve ZeroTouch with the rules below you will need to set your machines to have PXE as their first boot device and configure WDS to always boot to PXE even without F12 or ENTER
[Settings]
Priority=Default
Properties=MyCustomProperty

[Default]
;LiteTouch or ZeroTouch
;Change SkipComputerName and SkipDomainMembership from NO to YES
;and uncomment OSDComputername and MachineObjectOU to make this ZeroTouch 
SkipComputerName=YES
SkipDomainMembership=YES
OSDComputername=PC-#Right("%SerialNumber%",5)#
MachineObjectOU=OU=Desktops,OU=Computers,OU=Home,DC=home,DC=local

;Set local admin details
SkipAdminPassword=YES
AdminPassword=LocalP@ssword!

;Specify the domain to join and credentials
JoinDomain=home.local
DomainAdmin=Admin
DomainAdminDomain=home.local
DomainAdminPassword=P@ssword!

;Set the task sequence
SkipTaskSequence=YES
TaskSequenceID=0001

;Set the name at the top dynamically
_SMSTSORGNAME=%TaskSequenceName% on %OSDComputername%

;Set the location and time zone
KeyboardLocale=0809:00000809
UserLocale=en-GB
UILanguage=en-GB
TimeZoneName=GMT Standard Time

;Skip screens that arent required
SkipComputerBackup=YES
OSInstall=YES
SkipAppsOnUpgrade=NO
SkipProductKey=YES
SkipUserData=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipApplications=YES
SkipSummary=YES
SkipCapture=YES
SkipFinalSummary=YES
HideShell=YES

;Apply best practice security policies onto the machine
ApplyGPOPack=YES

;Enable Bitlocker Config
SkipBitLocker=YES
BDEInstallSuppress=NO
BDEWaitForEncryption=FALSE
BDEInstall=TPM
BDERecoveryKey=AD

;Set the final action
FinishAction=REBOOT

See below for a quick demo on how the rules work in action.

Downloads used in the video
https://www.microsoft.com/en-us/download/details.aspx?id=54259
https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-install

If you found this article helpful, would you consider buying me a Coffee?

2 thoughts on “Installing and Configuring MDT for Windows 10 minimal touch deployments

Leave a Reply

Your email address will not be published. Required fields are marked *