Category: Deployment

Configure Bitlocker during deployment

Set X256 AES Encryption Cipher reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE” -t REG_DWORD -v EncryptionMethodWithXtsFdv -d 7 -f Set Full Disk Encryption reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE” -t REG_DWORD -v OSEncryptionType -d 1 -f Set Bitlocker PIN manage-bde -add C: -TPMAndPIN 123456 Enable Bitlocker manage-bde -on C: -rp




Basic Unattend for SCCM

The below xml is a very basic unattend file for SCCM OS deployments. It solves the issue where ‘Just a moment…’ covers the deployment status window so you can’t see the progress of the deployment. <?xml version=”1.0″ encoding=”utf-8″?> <unattend xmlns=”urn:schemas-microsoft-com:unattend”> <settings pass=”oobeSystem”> <component name=”Microsoft-Windows-Shell-Setup” processorArchitecture=”amd64″ publicKeyToken=”31bf3856ad364e35″ language=”neutral” versionScope=”nonSxS” xmlns:wcm=”http://schemas.microsoft.com/WMIConfig/2002/State”> <OOBE> <HideEULAPage>true</HideEULAPage> <ProtectYourPC>1</ProtectYourPC> <HideLocalAccountScreen>true</HideLocalAccountScreen> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>…




Speed up TFTP on SCCM DP

Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\DP Name: RamDiskTFTPWindowSize Type: REG_DWORD The default value is 1 (1 data block fills the window) I used 8 which gave good speeds. We can also tweak the TFTPBlockSize which has been around for many versions of Configuration Manager. Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\DP Name: RamDiskTFTPBlockSize Type: REG_DWORD Value: <customized block size> Test with values: 4096, 8192,…