File and Folder Management with PowerShell

In this post, we will only focus on PowerShell cmdlets (commands) that uses to create, copy, move, delete files and folders etc. Let’s start with file creation cmdlet in PowerShell.

Create File-

New-Item cmdlet (command) is used to create file. Below command creates a text file named "Test.txt" in the “Data” folder of C: drive. 

New-Item -path "C:\Data\" -Name "Test.txt" -ItemType "File"

Or you can also create a file without using -Path and –ItemType parameters as these parameters are optional.

Central Administration Site

A Central Site is a Configuration Manager Primary Site that resides at the top of the Configuration Manager hierarchy. Purpose of using a central administration site is to configure hierarchy-wide settings and to monitor all sites and objects in the hierarchy. All Database information rolls from the child to the parent and is collected by the Central Site’s Configuration Manager Database. The Central Site can administer any site below it in the hierarchy and can send data down to those sites as well. 

A central administration site is suitable for large-scale deployments, provides a central point of administration, and provides the flexibility to support devices that are distributed across a global network infrastructure. Use this topology when you require more than one primary site to support management of all your devices and users. It's required when you need to use more than a single primary site. If you immediately need two or more primary sites, install the central administration site first. 

Standalone Primary Site Installation

Standalone site is a single primary site that uses to manage all devices without having to install additional sites. It is suitable for small to medium organizations. When you install System Center Configuration Manager for the first time, first site must be either a central administration site or a stand-alone primary site. Although a stand-alone primary site can limit the size of your deployment, it does support a scenario to expand your hierarchy at a later time by installing a new central administration site.

When to use a Standalone Site?

• When it can support management of all devices and users.
• When company’s geographic locations can be served by a single primary site.
• Less than 175,000 total clients and devices

Install SCCM Client manually through Command Prompt

There are multiple way to install SCCM Client however you should know how to install client through command prompt. Because it will help you to install client manually during SCCM client troubleshooting and also helpfully if you want to install clientt on workgroup machine. 

Before installing SCCM Client on targeted device, copy SCCM client on local drive or shared location. you can get this client source setup files from primary site server location.  

How To Install Fallback Status Point

Fallback status point role is required if you want to monitor windows client deployment and identifies windows clients that are unmanaged because they can't communicate with their management point. Because it is designed to be set up for state messages that are generated during client deployment. The settings aren't designed to be set up for client communication issues. This role is supported only at primary sites but you can install multiple instances of this role at a site, and at multiple sites in the same hierarchy. This fallback status point is vulnerable to attack particularly when it's used with internet-based client management because it always communicates with clients over HTTP which uses unauthenticated connections and sends data in clear text. To help reduce the attack surface, Microsoft recommends to use dedicated server to running the fallback status point. Don't install other site system roles on the same server in a production environment. 

How to set desktop wallpaper through Group policy

If you want to set the desktop wallpaper to all users or specific users and also you don’t want/allow user to change desktop wallpaper then group policy is the best way to apply desktop wallpaper.

We are using server 2019 as a domain controller to apply desktop wallpaper on Windows 10 devices.

Capture Windows 10 image using MDT

Before capture Windows 10 image, we must decide which applications need to add in captured image. Generally common applications which need to deploy on every machines like MS office, Acrobat reader, dependency applications like VC ++, Java runtime etc. and windows updates are included during build capture. In this topic we will cover below points which will help you to understand the build capture process.

• Import Windows 10 version 2004 Microsoft OS into MDT.
• Create Windows 10 capture build Task Sequence.
• Create Microsoft Visual ++ applications into MDT and add these applications into capture build Task Sequence.
• Add .NET 3.5 windows feature step into Capture build Task sequence.
• Modify MDT Deployment Share property to capture image.
• Deploy Capture Task Sequence on reference machine to captured Windows 10 image.

Step by step installation and configuration of Microsoft Deployment Toolkit (MDT)

Microsoft Deployment Toolkit (MDT) is a free tool published by Microsoft to allows to automate the process of deploying devices over network which includes Operating System, hardware device drivers, applications, customize configurations and settings, windows update etc. We can use this tool to build and capture windows images as well.

The Microsoft Deployment Toolkit (MDT) supports three types of deployments

1. LTI deployments require limited user interaction.
2. ZTI is a fully automated deployment scheme in which installation requires no user interaction whatsoever.
3. UDI deployments require full manual intervention to respond to every installation prompt, such as machine name, password or language setting.

Step by step installation of Active Directory Domain Service on Server 2019 and promote this Server as a Domain Controller

Open Server Manager Console.

OSD Interview Questions and Answers

1.  What is WinPE?

Ans: WinPE is a lightweight operating system with limited features used to boot a computer that does not have an operating system. Mostly, it is used to install, deploy, repair Windows operating system and recover data.

2.  What is PXE?

Ans:  PXE (Preboot Execution Environment (PXE) is an industry standard created by Intel that enables administrators to boot devices into the Windows Preinstallation Environment (WinPE) over network. To use PXE to deploy an OS, you must have both x86 and x64 PXE-enabled boot images distributed to one or more PXE-enabled distribution points.

3.  Explain PXE boot process?

Ans:

1. When client computer boots from the network by using the PXE protocol, it send broadcasts packet (discover message) to find out the address of the DHCP and PXE servers information.
2. The DHCP server responds with offer message. This packet is broadcast and contains a potential IP address for the client.
3. The PXE server responds to the client and reports that it's a boot server.
4. In response to the DHCP offer, the client replies with a DHCPREQUEST message, broadcast to the server, requesting the offered address
5. The DHCP server sends the IP address to the client.
6. The client sends a request to the PXE server to ask for the path to the Network Boot Program (NBP).
7. The PXE server responds, sending the NBP path.
8. The client downloads and runs the NBP.

4.  What is IP Helper and when its required for PXE boot?

Ans: IP helper is a network configuration that need to configure on a router to broadcast packet. It is required to broadcast package outside the local subnet or VLAN, if any of the DHCP server, the client computer, or PXE server are on separate subnets or VLANs.

5. What are the configuration required for IP Helper to successfully work PXE boot when they are on different subnets/VLANs?

Ans: PXE server and DHCP server IP address must be configured for IP Helper to successfully work PXE boot on different subnets.

6.  What is bare metal deployment?

Ans: This scenario occurs when you have a blank machine you need to deploy, or an existing machine you want to wipe and redeploy without needing to preserve any existing data. The setup starts from a boot media, using CD, USB, ISO, or Pre-Boot Execution Environment (PXE).

7.  What is Refresh deployment? 

Ans: A refresh deployment occurs when a new image/OS is being installed on an existing workstation. User data and settings are backed up and restored later as a part of the deployment process. This can include installing the same OS version or an upgraded to higher one, such as a Windows 7 to Windows 7 deployment, or a Windows 7 to Windows 10 deployment. The process is normally initiated in the running operating system.

8.  What is Replace deployment?

Ans: This scenario installs an OS on a new computer. An existing computer on the network is being replaced with a new computer. User data and settings are backed up from old computer and restored on new computer after OS deployment.

9.  What is USMT?

Ans: User State Migration Tool (USMT) is a backup and restore tool that allows you to migrate user state, data, and settings from one installation to another.

10.  Which log files will you check, if build migration task sequence failed during build capture steps?

Ans: Smsts.log and scanstate.log files.

11.  Which log files will you check, if build migration task sequence failed during restore steps?

Ans: Smsts.log and loadstate.log files.

12.  What is LTI, ZTI and UDI deployments?

Ans:

• LTI deployments require limited user interaction which can be required through MDT.
• ZTI is a fully automated deployment scheme in which installation requires no user interaction whatsoever.
• UDI deployments require full manual intervention to respond to every installation prompt, such as machine name, password or language setting. User Driven Installation would provide your organization with a highly customizable deployment method that allows deployment choices to be done by the user and also provides greater flexibility in the deployment process.

ZTI and UDI deployments both require a Microsoft System Center infrastructure.

13.  Which logs will you check if Windows 10 in-place upgrade task sequence failed during operating system installation?

Ans: Verify Setupact.log and Setuperr.log files

•         Setupact.log – primary log file created during the OS installation process
•          Setuperr.log – contains only error entries from the main Setupact.log

14.  What are the types of Task Sequence Media available in SCCM?

Ans:    

• Capture media- Capture media allows you to capture an OS image from a reference computer. Capture media contains the boot image that starts the reference computer and the task sequence that captures the OS image.
• Bootable media- Bootable media contains boot image which is used to deploy OS over the network. It retrieves the task sequence, OS image, and any other required content from the network. Because the task sequence isn't on the media, you can change the task sequence or content without having to recreate the media.
• Prestaged media- Pre-staged media deployments let you deploy an operating system to a computer that is not fully provisioned. The pre-staged media is a Windows Imaging Format (WIM) file that can be installed on a bare-metal computer by the manufacturer or at an enterprise staging center that is not connected to the Configuration Manager environment.
• Stand-alone media- Stand-alone media deployments used to deploy operating systems without network connection. It contains everything that's required to deploy the OS. This content includes the task sequence and any other required content. Because everything that's required to deploy the OS is stored on the stand-alone media, the disk space required for stand-alone media is larger than for other types of media

15.  What is Windows Autopilot?

Ans: Windows Autopilot is a new cloud base deployment service introduced by Microsoft that provides a zero touch experience for deploying Windows 10 devices. Windows 10 version 1703 or higher is required to use Windows Autopilot. It can be also used to reset, repurpose and recover devices. Leveraging cloud-based services, it can reduce the overall costs for deploying, managing, and retiring devices by reducing the amount of time that IT needs to spend on these processes and the amount of infrastructure that they need to maintain, while ensuring ease of use for all types of end users.

16.  Is it possible to upgrade from x86 Operating System to x64 Operating System using in-place upgrade task sequence?

Ans: No, we cannot upgrade from x86 Operating System to x64 Operating System using in-place upgrade task sequence

17.  Which log files will you check if drivers are failed during import in SCCM?

Ans: Smsprov.log and drivercatalog.log files 

18.  Which log files will you check if drivers are failed during operating system deployment?

Ans: Smsts.log, Dism.log and Setupapi.dev.log files 19.  

19. What is DISM? 

Ans: DISM is a command-line tool that is used to mount and service windows images (capture, modify .wim file etc). It can be also used to install, uninstall, configure and updates windows features, packages, drivers and international settings in a .wim file.

20. What is UEFI? 

Ans: UEFI stands for Unified Extensible Firmware Interface which is a replacement for BIOS.

21. What are the advantage of UEFI over BIOS?

Ans:

• Support for large disks. 
• Faster boot time. 
• Windows 8 and later can use the UEFI firmware validation process, called secure boot. Using this process, you can ensure that UEFI launches only a verified operating system loader and that malware cannot switch the boot loader.
• CPU-independent architecture. Even if BIOS can run both 32- and 64-bit versions of firmware, all firmware device drivers on BIOS systems must also be 16-bit, and this affects performance. One of the reasons is the limitation in addressable memory, which is only 64 KB with BIOS.
• CPU-independent drivers. On BIOS systems, PCI add-on cards must include a ROM that contains a separate driver for all supported CPU architectures. That is not needed for UEFI because UEFI has the ability to use EFI Byte Code (EBC) images, which allow for a processor-independent device driver environment.
• Multicast deployment. UEFI firmware can use multicast directly when it boots up. In WDS, MDT, and Configuration Manager scenarios, you need to first boot up a normal Windows PE in unicast and then switch into multicast. With UEFI, you can run multicast from the start.
• Flexible pre-operating system environment. UEFI can perform many functions for you. You just need an UEFI application, and you can perform diagnostics and automatic repairs, and call home to report errors.