Hi,
Just wanted to share this here, as this site helped me a lot in finding solutions for all kinds of SCCM problems.
Recently, I reduced the number of applications in our environment, by merging several applications in 1 application with different deployment types. For some of them, I had set a "requirement" for membership of an Organizational Unit (OU). These applications failed to install as group policy is disabled when the task sequence is running, and the needed registry keys/values are not present yet.
I got around this problem by creating the keys and Distinguished-Name value manually, and populating is with ADSI. This avoids the need of installing the powershell AD module.
Just add a "powershell script" step in your task sequence, after OS installation and before you install applications and enter following script. No need to change anything for you environment. The script:
New-Item -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy' -Name State -Force
New-Item -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State' -Name Machine -Force
$Object = "(&(objectCategory=computer)(objectClass=computer)(cn=$env:COMPUTERNAME))"
$dn = ([adsisearcher]$object).FindOne().Properties.distinguishedname
New-Itemproperty -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine' -Name 'Distinguished-Name' –PropertyType String -value $dn
Enjoy!
Just wanted to share this here, as this site helped me a lot in finding solutions for all kinds of SCCM problems.
Recently, I reduced the number of applications in our environment, by merging several applications in 1 application with different deployment types. For some of them, I had set a "requirement" for membership of an Organizational Unit (OU). These applications failed to install as group policy is disabled when the task sequence is running, and the needed registry keys/values are not present yet.
I got around this problem by creating the keys and Distinguished-Name value manually, and populating is with ADSI. This avoids the need of installing the powershell AD module.
Just add a "powershell script" step in your task sequence, after OS installation and before you install applications and enter following script. No need to change anything for you environment. The script:
New-Item -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy' -Name State -Force
New-Item -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State' -Name Machine -Force
$Object = "(&(objectCategory=computer)(objectClass=computer)(cn=$env:COMPUTERNAME))"
$dn = ([adsisearcher]$object).FindOne().Properties.distinguishedname
New-Itemproperty -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine' -Name 'Distinguished-Name' –PropertyType String -value $dn
Enjoy!
