OS Deployment Task Sequence VB Script

We have a Task Sequence which includes a VB script to add the computer account to an OU based upon the hostname.

For instance, if the hostname is SALES01 then the PC account will be created in (or moved to) the Sales OU. If the hostname matching fails then the PC account will be in the parent OU of the Department OUs (So there's Depts\Sales, Depts\Callcentre and so on and if there's a hostname pattern mismatch then the PC account will just go in to Depts)

The thing is, it doesn't work. Now, the script was provided to us by a consultant and he said it's one he's used before (presumably successfully) so I do expect it to work.

My question is how to I get it to log it's activity to a file? I've added code to create/append a text file on a network share but the file never gets created.

Now, I'm not trying to make this a VBS question since the logging code does work when then script is run outside of the Task Sequence but is there a safer (as in, most likely to work) location I should be creating the log file(s) other than the DFS share I've created for this purpose?

February 3rd, 2014 11:22am

Task sequence = system context => the computer account needs to be granted access to the share. This won't work in WinPE, but the full OS.
There's a task sequence step called "Connect to Network Folder" which can be used to connect to a shared folder though.
Free Windows Admin Tool Kit Click here and download it now
February 3rd, 2014 11:35am

To test you can REM out the "On Error Resume Next"  this should cause a pop up with the error.

Also like Torsten said it needs to be done after in full windows again and the device needs to be joined to the domain, I am not sure if the VBS is passing creds to AD but I am assuming it is if you are running from a TS because the system context is being used, but you might want to check on that.

If the script is not passing credentials then you need to add a run command line task step, the command line would be wscript ...(script name), and then the field "Run as this account"  needs to be a domain account with join domain priv.  

Again like Torsten said the computer account needs access rights for the share or if using the "Run as option" then that account needs access rights to the share.J

February 3rd, 2014 1:27pm

Don't do it with share, copy the .vbs file from the share and create a package to ConfigMgr that includes the .vbs. Create simple task sequence step "Run Command Line" with command: cscript.exe yourfile.vbs and make sure you have the package that has the file as "Package" option in the same TS step. For the username, use the username that has the rights to move computer objects in your AD.

Sample here:

http://ccmexec.com/2010/12/move-computer-to-the-correct-ou-during-deployment/

  • Proposed as answer by narcoticoo 17 hours 43 minutes ago
Free Windows Admin Tool Kit Click here and download it now
February 3rd, 2014 1:42pm

Don't do it with share, copy the .vbs file from the share and create a package to ConfigMgr that includes the .vbs. Create simple task sequence step "Run Command Line" with command: cscript.exe yourfile.vbs and make sure you have the package that has the file as "Package" option in the same TS step. For the username, use the username that has the rights to move computer objects in your AD.

Sample here:

http://ccmexec.com/2010/12/move-computer-to-the-correct-ou-during-deployment/

  • Proposed as answer by narcoticoo Monday, February 03, 2014 6:37 PM
February 3rd, 2014 9:37pm

Don't do it with share, copy the .vbs file from the share and create a package to ConfigMgr that includes the .vbs.

We're not running the script from a share. I was only trying to log from the script to the share.

The script in the TS is called as per this screenshot:

Free Windows Admin Tool Kit Click here and download it now
February 4th, 2014 6:46am

Just see my reply above. It explains why logging to a network share fails in your scenario.
February 4th, 2014 3:39pm

Even with the 'runas' credentials?

Sadly, at the moment I'm not even getting that far because SCCM isn't even responding with PXE (currently only getting a WDSNBP response).

Free Windows Admin Tool Kit Click here and download it now
February 4th, 2014 6:24pm

Now that I've got SCCM Deploying the OS image again I'm revisiting this. The script just doesn't seem to be running at all. Is there anyway I can check whether it is?
February 6th, 2014 6:53am

Check this for how to properly setup logging.

http://scriptimus.wordpress.com/2011/07/11/mdt-scripting-creating-custom-scripts-getting-started/

Free Windows Admin Tool Kit Click here and download it now
February 6th, 2014 7:53am

Check this for how to properly setup logging.

http://scriptimus.wordpress.com/2011/07/11/mdt-scripting-creating-custom-scripts-getting-started/

Nice one. Thanks.
February 6th, 2014 11:51am

OK, I've managed to find the log file that mentions the script we're trying to run. Here's the section that seems relevant (I've used Bold Italics and underlining to highlight the errors). It does appear as if the attempt to run the script fails (rather than the script itself failing), but I'm not sure. Can anyone shed any light?

Expand a string: smsswd.exe /run:LON0001D cscript.exe SetOUBasedOnName.vbs //NoLogo	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Expand a string: 	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Command line for extension .exe is "%1" %*	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set command line: smsswd.exe /run:LON0001D cscript.exe SetOUBasedOnName.vbs //NoLogo	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Start executing the command line: smsswd.exe /run:LON0001D cscript.exe SetOUBasedOnName.vbs //NoLogo	TSManager	14/02/2014 12:20:42	1108 (0x0454)

!--------------------------------------------------------------------------------------------!	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Expand a string: WinPEandFullOS	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Executing command line: smsswd.exe /run:LON0001D cscript.exe SetOUBasedOnName.vbs //NoLogo	TSManager	14/02/2014 12:20:42	1108 (0x0454)

[ smsswd.exe ]	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

PackageID = 'LON0001D'	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

BaseVar = '', ContinueOnError=''	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

ProgramName = 'cscript.exe SetOUBasedOnName.vbs //NoLogo'	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

SwdAction = '0001'	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

TS::Utility::IsWinPE()==false, HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\installsoftware\runcommandline.cpp,302)	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

running a command line under a user account is not supported in WinPE	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

cmd.Execute(pszPkgID, sProgramName, dwCmdLineExitCode), HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\installsoftware\main.cpp,372)	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

Install Software failed to run command line, hr=0x80004005	InstallSoftware	14/02/2014 12:20:42	1484 (0x05CC)

Process completed with exit code 2147500037	TSManager	14/02/2014 12:20:42	1108 (0x0454)

!--------------------------------------------------------------------------------------------!	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Failed to run the action: Run OU Script. Unspecified error (Error: 80004005; Source: Windows)	TSManager	14/02/2014 12:20:42	1108 (0x0454)

MP server http://LONHSCCM01.ttint.com. Ports 80,443. CRL=false.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Setting authenticator	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set authenticator in transport	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Sending StatusMessage	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Setting message signatures.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Setting the authenticator.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

CLibSMSMessageWinHttpTransport::Send: URL: LONHSCCM01.ttint.com:80  CCM_POST /ccm_system/request	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Request was succesful.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a global environment variable _SMSTSLastActionRetCode=-2147467259	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a global environment variable _SMSTSLastActionSucceeded=false	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Clear local default environment	TSManager	14/02/2014 12:20:42	1108 (0x0454)

The execution engine ignored the failure of the action (Run OU Script) and continues execution	TSManager	14/02/2014 12:20:42	1108 (0x0454)

MP server http://LONHSCCM01.ttint.com. Ports 80,443. CRL=false.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Setting authenticator	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set authenticator in transport	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Sending StatusMessage	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Setting message signatures.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Setting the authenticator.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

CLibSMSMessageWinHttpTransport::Send: URL: LONHSCCM01.ttint.com:80  CCM_POST /ccm_system/request	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Request was succesful.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Updated security on object D:\_SMSTaskSequence.	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a global environment variable _SMSTSNextInstructionPointer=75	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a TS execution environment variable _SMSTSNextInstructionPointer=75	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a global environment variable _SMSTSInstructionStackString=0 72	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a TS execution environment variable _SMSTSInstructionStackString=0 72	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Save the current environment block	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Successfully save execution state and environment to local hard disk	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Start executing an instruction. Instruction name: Gather. Instruction pointer: 75	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a global environment variable _SMSTSCurrentActionName=Gather	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a global environment variable _SMSTSNextInstructionPointer=75	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a local default variable GatherLocalOnly	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a local default variable RulesFile	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set a global environment variable _SMSTSLogPath=X:\WINDOWS\TEMP\SMSTSLog	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Expand a string: smsswd.exe /run:LON00018 cscript.exe "%DeployRoot%\Scripts\ZTIGather.wsf"	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Expand a string: 	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Command line for extension .exe is "%1" %*	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Set command line: smsswd.exe /run:LON00018 cscript.exe "%DeployRoot%\Scripts\ZTIGather.wsf"	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Start executing the command line: smsswd.exe /run:LON00018 cscript.exe "%DeployRoot%\Scripts\ZTIGather.wsf"	TSManager	14/02/2014 12:20:42	1108 (0x0454)

Free Windows Admin Tool Kit Click here and download it now
February 14th, 2014 8:52am

You are running a "run command line" step inside WinPE and not the full OS. That's why it fails.

If i were you i would build computers inside a Staging OU and run a script to move the machine to the correct OU at the end of the Task Sequence.

The staging OU will also prevent your computer from getting GPOs.

Or you could use this script to set a Task Sequence Variable (for exemple OSDDomainOUName) and in the Apply Network Settings use this Variable instead of a specific OU (%OSDDomainOUName%)

February 14th, 2014 9:05am

Actually, that is all the script does. The Task sequence step prior to the one running the script sets a default OU (using variable %OU%). The script then evaluates the PC name (as defined by the Device entry) and changes that variable value according to the Device name.

e.g.
Default = LDAP://ou=London PCs,DC=domain,dc-com. If the new Device is given the name Finance01 then the value of %OU% will be (should be!) set to LDAP://ou=Finance,ou=London PCs,DC=domain,dc-com.

Free Windows Admin Tool Kit Click here and download it now
February 14th, 2014 11:30am

You cannot run command lines with credentials under WinPE, so you have to run it in the Full OS.
February 14th, 2014 12:07pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics