OSDCloud #10 – full automation flow

The title could be “cherry on the (OSDCloud) cake”. Using the previous blog posts, we are able to manage the OSD flow without any user interaction and having fully automation.

I am getting most of the time the same questions from the OSDCloud community, but even from my customers: “are we able to kick off the OSD process and do we can login after some reboots? Like having the similar MDT / ConfigMgr etc sequence?” Yes, we can.

In the last weeks I was able to the evaluate for a customer in a PoC this flow. You can see the big picture here:

Step 1: it was an easy step to create more or less a default OSDCloud WinPE boot image.

Keyboard layout for de-ch and the wallpaper have been changed. All “cloud drivers” has been imported and the startup script has been set.

Secondly, a PFX file for later use and a PSH script have been copied. Then the boot.wim file has been exported from the OSDCloud.iso and imported into the WDS server.

For more detailed info, check these previous posts:

Create WinPE Image

WDS Integration

Step 2: in the startup script the target OS has been defined:

$Params = @{
    OSVersion   = "Windows 11"
    OSBuild     = "22H2"
    OSEdition   = "Pro"
    OSLanguage  = "de-de"
    OSLicense   = "Retail"
    ZTI         = $true
    Firmware    = $true
}
Start-OSDCloud @Params

After these important settings, later steps have been prepared here like: create computer naming convention for Autopilot process, define unwanted app’x list and copy the PFX file and his required script into the system drive.

Step 3: during the first boot in the specialize phase three steps are running up.

  • create scheduled task to put OOBE into a “debug” mode, aka. send automatically “Shift+F10”
  • create a scheduled task where all of the OOBE scripts will be triggered
  • because these scritps are running in the SYSTEM context we can have here the ServiceUI.exe from the MDT tool. Using this tool is not recommended, just nice to have if you want to see what’s going on on the device. For having interaction between defaultuser0 and SYSTEM sessions.

These steps were implemented in the SetupComplete.cmd.

For more detailed info, check this previous post:

OOBE challenges

Step 4: next OSD stage is our lovely OOBE phase, where we are running our post customizations.

  • Import the copied PFX file using the Autopilot Microsoft Entra ID (Azure AD) service principle.
  • Set custom language key
  • Activate OEM product key
  • Update OS & drivers
  • Remove unwanted appx’s
  • Autopilot registration and assignments
  • Change BIOS settings
  • Remove OSD left-overs

Most of these script examples, you can find here.

Step 5: we are landing in the first login page, where we can start an Autopilot pre-provisioning phase. Then you are ready to go and the first employee is able to login.

Summary: persons who are responsible for OSD, they can force the PXE boot and then they can grab one or maybe two coffees. Depends on your network, HW model and first of all on your customizations, the devices are in approx. 2 hours ready to use without any interaction.

10 Comments


  1. Hello Ákos,
    when I run your W11_OOBEcmd.ps1 in my ScriptPad, the Deployment comes till the AutopilotGUI, but the Register Button don’t work.
    In the PS is message that the Button is only active when the defaultuser0 is logged in.

    Bernhard

    Reply

    1. Hello Bernhard

      In the OOBE phase when you press Shift+F10, you are “automatically” logged in as defaultuser0. So, this Autopilot registration with the register button only works in this phase.
      With a simple “whoami”, you can figure out, who you are 😉

      Cheers, Ákos

      Reply

  2. Hello Akos

    in the OOBE Phase a CMD and a PS Windows open automatically. When i write whoami in the cmd, i get defaultuser0.
    The ps scripts are running, the Autopilot GUI opens, but the Register Button don’t work. What I doing wrong? I take your “W11_OOBEcmd.ps1” for testing.

    Cheers, Bernhard

    Reply

    1. Hi Bernhard

      When you follow my instructions, my guess, that the OOBE scripts are running with SYSTEM credentials (aka. in Session 0). So, the script will skip this part.
      When you open a shell, you are with defaultuser0 credential in Session 1.

      If you need the register button, you have to work with defaultuser0 and/or you can fully automate this part of the OSD as well:
      https://akosbakos.ch/osdcloud-10-full-automation-flow/

      Cheers

      Reply

  3. Hello Akos,

    I don’t understand this part:
    “If you need the register button, you have to work with defaultuser0 and/or you can fully automate this part of the OSD as well”

    Do I need to make changes in the scheduled Task,? Both Scheduled Task run from Serviceui.exe.
    Do I need to make changes in your “W11_OOBEcmd.ps1” or in your “oobetasks.ps1”
    Thanks for your help!!

    Cheers

    Reply

  4. Hi Ákos

    I have the same problem. But how can I start AutopilotOOBE automatically as defaultuser0? 🙂

    Cheers
    Wasili

    Reply

    1. Hi

      You can try to start the scheduled task as ‘defaultuser0’, either as SYSTEM with ServiceUI.exe.
      Or just create a simple CMD into C:\Windows\System32 and click manually Shift+F10. Then you are ‘defaultuser0’ and can execute the previously created batch file.

      Cheer,Ákos

      Reply

    2. Did you manage to this working at all? I have the same problem.

      Reply

      1. You have to switch the account in the task scheduler. In my example, the OOBE scripts are running in a SYSTEM context.
        I don’t need the register button, because I am working with an offline Autopilot JSON file which is registering and assigning automatically.

        Reply

      2. You have to switch the account in the task scheduler. In my example, the OOBE scripts are running in a SYSTEM context.
        I don’t need the register button, because I am working with an offline Autopilot JSON file which is registering and assigning automatically.

        Reply

Leave a Reply

Your email address will not be published. Required fields are marked *