The next logical step for the windows-noob.com FrontEnd HTA which I released back in April 2011 was to add support for BitLocker, and I’ve added it along with some bugfixes, a new clean look, and some new functionality.
What does it do ?
first of all what does this HTA do ? it allows you to PXE boot into
Windows PE (yes, PE) and do three types of common scenarios for
migrating your computers to Windows 7 with BitLocker.
backup old computer (full WIM backup locally, full wim backup to network, chkdsk, offline scanstate to Network folder
reinstall computer (reinstalls/refreshes
Windows 7 on an Windows XP or Windows 7 computer and supports the
following scenarios: where BL=BitLockered and UBL=Not BitLockered
- XP>7 BL
- XP>7 UBL
- 7BL>7UBL
- 7UBL>7BL
- 7BL>7BL
- 7UBL>7UBL
New Computer (new installation of Windows 7 with or without BitLocker).
In addition to the above you can do the following:-
- computer associations in WinPE
- auto-computername (using Michael Niehaus RIS style naming web service)
- select a language to install during New Computer deployment
- select regional settings during New Computer deployment
- see the current computername and change it
- Input a username and that user becomes the local administrator
- show
info relating to Computername, computername in SCCM, Serial Number,
Model, IP address, Mac Address, UUID, Client Identity (GUID), Assigned
Site Code, Resource known/unknown, Resource ID - supports SMP backup in addition to full wim local, full wim network, and offline mode in WinPE
- detects if the hardware is Lenovo or Dell and has driver steps included for some common models (you have to download the driver packages yourself however)
- detects and interogates the TPM/Bios on Dell and Lenovo hardware to prepare it for BitLocker
- if no TPM found it disables the BitLocker Capability in the HTA
- if virtual hardware detected, it disables BitLocker capability (however you can enable this just for testing)
- has the ability to Notfiy the end user if the task sequence was successful or unsuccessful
- creates a REG key to add succesful task sequence, creates a text file in c:\ to demonstrate successful task sequence
cool, yep, very cool.
Requirements:-
This is not for the faint hearted, you’ll need to have the following working before attempting this:-
- For the reinstall BitLockered computer scenario we need to get our BitLocker recovery key from an MBAM database described here
- A good understanding of BitLocker, here’s some guides i’ve written about it
- MDT 2010 update 1 integrated with ConfigMgr Maik Kosters Web Services 7.2 installed – quick quide here
- SCCM 2007 SP2 R2 or later
- Implement Offline scanstate in WinPE as shown here
- Install Language packs Offline using SCCM 2007 sp2
ok enough already give it to me !
Download the ZIP
here it is, download this and import the task sequence XML file, copy
the WNB and BitLocker folders as sub-directories of a newly created MDT
Files package. Update your MDT Files package and get started
The BitLocker HTA.zip (1.68MB)
Number of downloads: 1
Show me some screenshots
here’s some screenshots:-
The Backup computer screen
The Reinstall Computer screen with BitLocker checkbox enabled
The New Computer Screen with the BitLocker checkbox unchecked
Show Info Screen
I’ll post bugfixes and known issues shortly as they roll in, if you are in any way struggling with this then read the windows-noob.com Frontend HTA guide here please as it explains how to get this all working.
cheers !
niall.
original post here on windows-noob.com
