SCCMTSPSI
SCCMTSPSI

Documentation for SCCM task sequence deployment orchestrator

  1. Overview
  2. Realm setup
  3. Active Directory & SCCM setup.
    1. Active directory - Security group
    2. Active directory - Broker account
    3. SCCM - Deployment collection
    4. SCCM - Administrative category for applications
    5. SCCM - Administrative category for office
    6. SCCM - Limiting collection for collections
    7. AD - Parent AD group for AD group list
    8. AD - Staging OU
    9. SCCM - Configuration directory
    10. SCCM - WinPE boot image setup
  4. Configuration tool & File
    1. Realm secret key
    2. Allowed WinPE instances
    3. Network access account
    4. Notification account
    5. Hostname formatting
    6. Automatically identify hostname
    7. Overrides
    8. Active directory staging OU
    9. MBAM Server details
    10. SMTP server details
    11. Notification types
    12. User state migration (USMT)
      1. Data store encryption
      2. Migration types
      3. Free space
      4. Config XML
      5. Migration rules XML
      6. Ignore return error codes
      7. Migrating EFS files
      8. Move domain
      9. Move user
      10. Currupt user profiles
    13. Logs and Profiles location
    14. Disk setup
    15. Content availability check
    16. Error adding collection member
    17. Error adding AD group member
    18. Wait for Bitlocker decryption
    19. Approved hardware
    20. Extension Attributes
  5. Using sccmtspsi (Operator view)
    1. sccmtspsi login window content
    2. sccmtspsi controls
      1. Asset hostname
      2. Unlock bitlocker
      3. Get task sequence deployments
      4. Get operating system images and packages
      5. Get office application
      6. Get SCCM applications
      7. Get SCCM collections
      8. Get AD Groups
      9. sccmtspsi actions
      10. Data migration options
      11. Primary users
      12. AD / SCCM entry
      13. Extension Attributes
  6. Task sequence steps
    1. sccmtspsi-tasksequence.exe
    2. Task sequence variables
    3. Apply operating system image step
  7. Task sequence error codes
  8. sccmtspsi error codes

Unlock bitlocker

This control is used to unlock bitlocked drives [System, data and USB drives].

Clicking on the ‘Unlock bitlocker’ button will open a new panel.

Click the drive you want to UNLOCK first (Marked as 1)

If you have a recovery key file; import the file by clicking on the “Import from recover key” button. (Marked as 3).

Click “FROM CURRENT DOMAIN” to automatically get the recovery information from the current domain. (Marked as 4).

Click “FROM DIFFERENT DOMAIN” to automatically get the recovery information from a remote domain. (Marked as 5). Please provide credentials for remote domain. (Marked as 2).

Click “FROM MBAM DATABASE” to automatically get the recovery information from MBAM (Microsoft bitlocker administration and monitoring) server. (Marked as 6).

Click “FROM RECOVERY PASSWORD” (Marked as 6) after manually typing the recovery password in the area marked as 8.

USMT data capture options are only displayed in sccmtspsi if an active windows partition is identified.

When using the active directory options. If the machine was bitlocked using a different hostname, change the asset hostname text before using the active directory unlock controls.

« Asset hostnameGet task sequence deployments »
Suggest Edit

DCOM hardening issue.

This application fails to authenticate with WMI on the SCCM server because Microsoft has not yet hardened DCOM on their Windows Preinstallation Environment. We are working on a different approach, but it will only be released during the first quarter of 2024. But until that time, the only workaround will be to uninstall the update corresponding to KB5004442.