Jump to content

Manual restart required to apply all GPOs after MDT deployment

kagstrom2100
By kagstrom2100
in Windows
 Share
Posted

So been working with MDT for a while now at work and every time I deploy a new Windows installation (both 7/10) some of the GPOs gets applied after the computer joins my domain, but not all of them. Applocker for example and the software deployment program we use gets left out.

To get all of them to install a manual reboot is required, which is kinda annoying. I have tried adding FINISHACTION=RESTART to the default section to customsettings.ini but this doesn't help as a manual reboot still seems to be required. I've also tried adding two restart steps to the end of the TS, but that breaks it as it can't log in again after being restarted. 

 

I have the latest ADK and the latest MDT version.

Anyone encountered this before and have any suggestions?

Link to post
Share on other sites
Posted
18 minutes ago, kagstrom2100 said:

So been working with MDT for a while now at work and every time I deploy a new Windows installation (both 7/10) some of the GPOs gets applied after the computer joins my domain, but not all of them. Applocker for example and the software deployment program we use gets left out.

To get all of them to install a manual reboot is required, which is kinda annoying. I have tried adding FINISHACTION=RESTART to the default section to customsettings.ini but this doesn't help as a manual reboot still seems to be required. I've also tried adding two restart steps to the end of the TS, but that breaks it as it can't log in again after being restarted. 

 

I have the latest ADK and the latest MDT version.

Anyone encountered this before and have any suggestions?

Does a scheduled restart work (Via task scheduler)? If not, my guess is that it's related to needing an initial user sign-in before it can apply those GPOs. 

Fine you want the PSU tier list? Have the PSU tier list: https://linustechtips.com/main/topic/1116640-psu-tier-list-40-rev-103/

 

Stille (Desktop)

Ryzen 9 3900XT@4.5Ghz - Cryorig H7 Ultimate - 16GB Vengeance LPX 3000Mhz- MSI RTX 3080 Ti Ventus 3x OC - SanDisk Plus 480GB - Crucial MX500 500GB - Intel 660P 1TB SSD - (2x) WD Red 2TB - EVGA G3 650w - Corsair 760T

Evoo Gaming 15"
i7-9750H - 16GB DDR4 - GTX 1660Ti - 480GB SSD M.2 - 1TB 2.5" BX500 SSD 

VM + NAS Server (ProxMox 6.3)

1x Xeon E5-2690 v2  - 92GB ECC DDR3 - Quadro 4000 - Dell H310 HBA (Flashed with IT firmware) -500GB Crucial MX500 (Proxmox Host) Kingston 128GB SSD (FreeNAS dev/ID passthrough) - 8x4TB Toshiba N300 HDD

Toys: Ender 3 Pro, Oculus Rift CV1, Oculus Quest 2, about half a dozen raspberry Pis (2b to 4), Arduino Uno, Arduino Mega, Arduino nano (x3), Arduino nano pro, Atomic Pi. 

Link to post
Share on other sites
Posted
  • Author
31 minutes ago, BrinkGG said:

Does a scheduled restart work (Via task scheduler)? If not, my guess is that it's related to needing an initial user sign-in before it can apply those GPOs. 

Haven't actually tried that. You mean I should try add it via MDT? But the problem is that I don't need to sign it. After the MDT it done it restart acoring to "FINISHACTION=RESTART", but then after that a second restart is necessary for it to start applying all the GPOs, I just need to find a way to do that second restart automatically.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Windows

×