To run a PowerShell script on multiple computers via Group Policy, you can work with an Immediate Scheduled Task. The main advantage over logon scripts is that you can execute your script with admin rights.
The PowerShell function Write-LogEntry described in this post allows you to integrate logging in your scripts in a standardized way. This will help you and your script users to troubleshoot and understand the output. Read More
Recently I gave a presentation at MORENet’s 2015 Annual Conference about “Securing Windows with Group Policy”. This presentation was part of their “Advanced” technology track, and really focused on looking at the current permission levels of your users and deciding if they really need those rights/permissions.
I hope some people find these slides useful or at least a good reference point. If you have any questions about these slides then please do not hesitate to contact me by leaving a comment below.
Slides can be downloaded here: Securing Windows with Group Policy
NOTE: MORENet’s conference is focused on technology and educational initiatives affecting K-12 & Higher Education within the State of Missouri.
Now we are going to install MDT 2013. This is a simple process but I wanted to show you anyways.
After you have downloaded MDT 2013 from Microsoft (See This Post)
When you first Launch the MDT 2013 Installer, you should see the following screen:
Click Next to Continue
Accept the License Agreement and click Next:
Choose the Location that you want MDT 2013 to be installed. This is typically left alone but you are more than welcome to install it on a separate partition/drive. Once you’ve chosen the appropriate location, Click Next:
I typically choose not to join their CEIP but it’s up to you. Click Next:
Now, Click Install
That’s It! It’s pretty straight forward…. Now onto the good stuff! We will be setting up our MDT 2013 Deployment Share in the next post.
Also, I am in the process of making a video that will explain and show all of these steps
Once you have all of the necessary files downloaded and saved on your Windows Server 2012 R2 box, then begin by installing the “adksetup.exe”.
The first screen that should pop-up is this one:
The Following Screenshots are all based on your own needs but these are the options that I have chosen for this setup:
I choose to download the ADK instead of installing it. The reason I do this is because I like to keep a backup of the original file, just in case the server crashes or something else happens.
I typically choose to not accept the CEIP, mostly because it adds a little database file in AppData that i’ve seen become corrupt and cause log in issues. If you choose to, it should be fine.
Wait until the adksetup has been downloaded then proceed to the location that you save it to.
Click Close and then run the downloaded ADK
Specify the location that you want to install the ADK files. I personally like to store them on a separate drive than the OS but it’s up to you.
Again, it’s up to you but I always select No.
Below are the features that I install but you could install all of them. Here is why I choose why I install the following.
Deployment Tools: You need to install Deployment Tools as this holds DISM and other tools that are needed by MDT
Windows PE: You need to install this for MDT to work
USMT: This is User State Migration Toolkit. Think of this as a tool to migrate user data (Migwiz)
SQL Server: I mostly install this because you can use it to setup a backed database for MDT, it’s not necessary unless you plan on using it.
Once the installation is complete, click Close
Congratulations, you’ve installed ADK on your Windows Server 2012 R2 box. Next we will install MDT 2013.