Documentation for SCCM task sequence deployment orchestrator

USMT Data store encryption

USMT enables support for stronger encryption algorithms. The encryption process generates  cipher text that can only be viewed in its original form if decrypted with the correct key.

Select the encryption strength to be used for encryption of the migration store. The encryption algorithm you choose must be used both during capture (using sccmtspsi) and restore (using the sccmtspsi restore tool or your custom scripts).

Encryption key : Should be 8 – 20 alphanumeric characters long.

Encryption strength : AES, AES_128, AES_192, AES_256, 3DES or 3DES_112.


Suggest Edit

DCOM hardening issue.

This application fails to authenticate with WMI on the SCCM server because Microsoft has not yet hardened DCOM on their Windows Preinstallation Environment. We are working on a different approach, but it will only be released during the first quarter of 2024. But until that time, the only workaround will be to uninstall the update corresponding to KB5004442.