SCCMTSPSI
SCCMTSPSI

Documentation for SCCM task sequence deployment orchestrator

  1. Overview
  2. Realm setup
  3. Active Directory & SCCM setup.
    1. Active directory - Security group
    2. Active directory - Broker account
    3. SCCM - Deployment collection
    4. SCCM - Administrative category for applications
    5. SCCM - Administrative category for office
    6. SCCM - Limiting collection for collections
    7. AD - Parent AD group for AD group list
    8. AD - Staging OU
    9. SCCM - Configuration directory
    10. SCCM - WinPE boot image setup
  4. Configuration tool & File
    1. Realm secret key
    2. Allowed WinPE instances
    3. Network access account
    4. Notification account
    5. Hostname formatting
    6. Automatically identify hostname
    7. Overrides
    8. Active directory staging OU
    9. MBAM Server details
    10. SMTP server details
    11. Notification types
    12. User state migration (USMT)
      1. Data store encryption
      2. Migration types
      3. Free space
      4. Config XML
      5. Migration rules XML
      6. Ignore return error codes
      7. Migrating EFS files
      8. Move domain
      9. Move user
      10. Currupt user profiles
    13. Logs and Profiles location
    14. Disk setup
    15. Content availability check
    16. Error adding collection member
    17. Error adding AD group member
    18. Wait for Bitlocker decryption
    19. Approved hardware
    20. Extension Attributes
  5. Using sccmtspsi (Operator view)
    1. sccmtspsi login window content
    2. sccmtspsi controls
      1. Asset hostname
      2. Unlock bitlocker
      3. Get task sequence deployments
      4. Get operating system images and packages
      5. Get office application
      6. Get SCCM applications
      7. Get SCCM collections
      8. Get AD Groups
      9. sccmtspsi actions
      10. Data migration options
      11. Primary users
      12. AD / SCCM entry
      13. Extension Attributes
  6. Task sequence steps
    1. sccmtspsi-tasksequence.exe
    2. Task sequence variables
    3. Apply operating system image step
  7. Task sequence error codes
  8. sccmtspsi error codes

AD - Parent AD group for AD group list

A realms parent active directory group is the parent group for all the active directory groups that should be displayed for the sccmtspsi Realm instance.

The name of the active directory group should be similar to the below entry.

sccmtspsi-groups-XXX [Where XXX is the Realm name]

The Realm broker account should have permissions to add members into the above group.

The Realm broker account should have permissions to add members into the groups that are members of the “sccmtspsi-groups-r01” [where r01 is the Realm name] group.

View of the above active directory groups in sccmtspsi. The below is a GIF (Graphics in file) image (Turn on animation in Internet Explorer).

Image showing AD groups listed within the sccmtspsi application console.

« SCCM - Limiting collection for collections AD - Staging OU »
Suggest Edit

DCOM hardening issue.

This application fails to authenticate with WMI on the SCCM server because Microsoft has not yet hardened DCOM on their Windows Preinstallation Environment. We are working on a different approach, but it will only be released during the first quarter of 2024. But until that time, the only workaround will be to uninstall the update corresponding to KB5004442.