This project is read-only.

MDT Administrator Release History



General recommendation regarding the settings.ini file

It is recommended to delete the settings.ini file every time you download and use a newer MDT Administrator and let the application recreate the file. There are plans to incorporate routines to handle different versions of settings.ini but it is unknown when this will be.


settings.ini

When the application is launched, it will look for the file settings.ini in the same folder where the application itself resides. If it is not found it will create it. If the application does not have write access to the folder e.g. you put it in Program Files (x86), it will be created in C:\Users\username\AppData\Local\VirtualStore\Program Files (x86)\ by design in Windows 7 and 8 but it will not be used by the application. In this case, to make use of the settings.ini file you will have to either:
  • Make sure your windows user has write access to the application directory.
  • Copy the settings.ini file created in the virtual store directory mentioned above, and put it in the application directory.
  • Run the application with Admin priviliges

Connection to the MDT Database

When clicking "Connect..." for the first time it will prompt you for a server name and MDT Database name. If you are using SQL Instances, then you should put "MDTServer.domain.com\SQLinstance" as server name.
This is saved in the registry under HKCU\Software\MDTAdmin\. Then it will try to connect to the database with your windows credentials. This is the most secure way to connect, as it doesn't expose any login credentials. This also means that the windows user that is running the application has to have write access to the MDT database. If it fails to connect it will prompt you again, next attempt to connect. It will also present you with a tip that you can edit settings.ini to make the application use sql authentication instead.

Using SQL Authentication

If, in settings.ini, the variable sqlauth is set to 1 the application will prompt you for a username and password when clicking the connect button. The application will then connect to the MDT Database using the SQL credentials provided instead in windows credentials. This is NOT secure. It's not encrypted and the username and password is stored in clear text in the registry. If this is not an issue for you, then go ahead and use it if you want.

Using Active Directory OU Validation

To avoid the hassle of broken deployments because of typos in the MachineObjectOU variables you can enable Active Directory OU Validation. Now, MDT Administrator will validate that the MachineObjectOU path that you type when you create a new role or edit a role. As an extra safety, it also validates the roles when you try to add a role to a computer. This ensures that MachineObjectOU variables typed in from before also gets validated and are correct.

All you have to do to activate this awesome feature is, in settings.ini specify the domainDCs variable, e.g "domainDCs mydc.mydomain.com". You can also specify multiple FQDN's towards multiple domains by separating the FQDN's with a semicolon. See example in settings.ini.

Using SCCM Operations

By specifying a few variables in settings.ini you can now do a few simple interactions with SCCM. You can check if a computer is in your OS Deployment collection in SCCM. If it's not, you can add it to that collection, or if you want to remove it, theres a button for that too :) Plain and simple.

Variables needed for SCCM Operations
  • sccmlogonmethod - default value is "sso". You can change it to "specific" if you don't want to use the logged in users credentials to connect to your SCCM server.
  • strsccmusername - specify the user you want to use to connect to your sccm server (if not using sso)
  • strsccmpassword - specify password (if not using sso)
  • strsccmserver - specify the FQDN to your SCCM server e.g. sccmsiteserver.mydomain.com
  • strsccmsitecode - specify the sitecode of the site you want to connect to
  • strosdcollectionid - specify the collectionID of your collection used for advertising OS Deployments

Notes on MS SQL Server Express

If you are using MS SQL Server Express, you may need to enable SQL Server Express communication over TCP/IP.

By default, the SQL Server 2008 Express® database is not configured to communicate over the TCP/IP protocol. If you installed the MDT database on an SQL Server Express, then you must enable the TCP/IP protocol for MDT Administrator to be able communicate with your database.

Procedure
  • On the Start menu, click All Programs > Microsoft SQL Server 2008 > Configuration Tools > SQL Server Configuration Manager.
  • Click SQL Server 2008 Services.
  • Expand the SQL Server 2008 Network Configuration node, and then select Protocols for MSSQLServer (SQL Instance Name).
  • Right-click TCP/IP, and then click Enable.
  • Select SQL Server 2008 Services in the tree.
  • Right-click SQL Server (SQL Instance Name), and then click Restart.

Multiselect functionality

When selecting multiple computers, the fieldsets "Computer Identification", "Computer Settings" and "SCCM OSD Collection" are disabled. The application does not support multicomputer-actions within these fields as of yet. The listbox "Computer Roles" changes label to "Computer Roles (Selection Common)" meaning that only roles that all of the selected computers have (in common) are displayed in the listbox.

Example:
We select two computers. "Computer1" have roles "Finance" and "H&R". "Computer2" have roles "HQ" and "Finance". Only the role "Finance" are displayed in the "Computer Roles" listbox.

Removing roles in multiselect
Removing a role from multiple computers is as simple as clicking the "Remove Role" button. It will remove the selected role from all of the selected computers.

Adding roles in multiselect
Adding a role to multiple computers is just as simple really. Select multiple computers, select the role you want to add to them, and click "Add Role". If some of the selected computers already have the role you selected, there is logic to handle that. It will ignore the computers that already have the role, and add it to the computers that don't have the role.

Deleting multiple computers
If you select multiple computers and click "Delete..." you will be prompted to confirm the deletion of multiple computers. The names (description field) of the selected computers is displayed in the prompt.

Last edited Nov 29, 2013 at 2:33 PM by chrisofsweden, version 18

Comments

No comments yet.