Deploy PC through USB adapter or USB/Thunderbolt Dockingstation

About USMTGUI versions
February 19, 2022
SCCM Slow at deploying applications
July 5, 2022

The challenges of deploying equipment without a physical Ethernet adapter..

Deploy PC through USB adapter or USB/Thunderbolt Dockingstation…
Seems simple though, right? Just plug in any USB adapter and support it with a driver in the Boot image and the Task Sequence (TS hereafter)..
So why does it not work, or not always work? Often represented by random join domain failures where no obvious cause can be found..
Well, the answer is timing!
The new “wonderful” USB-3/USB-C adapters are often frightfully slow to get mounted by the system. At the same time the good old Setup Windows and ConfigMgr step does not generate a visible error if network is missing when the join is attempted during boot..

A quick fix?

To fix this I decided to make the TS wait for the network to become ready.
Alas it wasn’t that simple as the Setup Windows and ConfigMgr step is running during a boot, and doing multiple other things, so I decided to just let it run (and perhaps fail) and then remedy a potentially failed join afterwards..

The basic functionality of the fix

Basically I have created two TS steps, placed right after the Setup Windows and ConfigMgr step.

A simple TestIP command line calling a batch file that checks if “something IP” is accessible on the network and waits until a valid answer is received. ( I use our SCCMs IP)
– The script is simple but messy (sorry). Most of the lines there is just writing a log.
An extra Join Domain step Join Domain or Workgroup
(part of standard Task Sequence functions: “Add”/”General”/”Join Domain or Workgroup”)
– I’ve supplied the Join Domain or Workgroup step with a condition too, so that it only attempts to join if the PC is in fact not joined, to prevent a TS error

I’ll start a bit higher up in the TS though

It turns out I cannot use a package for the batch file step as there may not be valid network access at this time. To get around this, I still did create a package (not application) containing just the batch file, and deploy it.
In the TS, right after Apply Operating System Image I run a command line copying over the testIP.bat file from the package to c:\temp
– I recommend you instead use C:\Windows\temp as you can then just leave testIP.bat there without having to tidy up..

OK and now back to step #1 – TestIP

The TestIP.bat file is available here
Save it as TestIP.bat. Then edit it and enter your SCCM’s IP address
To test it, right click TestIP.bat, Run as Admin and check C:\Windows\CCM\Logs\ipstat.txt
Now unplug network on your PC and run TestIP.bat again (still As Admin)
 – TestIP will now loop until a valid IP is present (plug in cable)

I run it from the TS like this:
cmd.exe /c c:\Temp\TestIP.bat

Step #2 – Join Domain or Workgroup

To setup the Join Domain or Workgroup step you need to
1. enter the Domain to join
2. the Organizational unit
3. Your Join Domain account and password
All this info is available in your Apply Network Settings step (not the password though 😉
Join Domain or Workgroup Options
One problem remains.
If the PC in fact did succeed in joining in the Setup Windows and ConfigMgr step, the Join Domain or Workgroup step will generate an error (and the TS fails)
To avoid that the Join Domain or Workgroup step fails, you need to add a WMI query that only lets the step run if the PC has not been joined.
SELECT * FROM Win32_ComputerSystem WHERE NOT Domain LIKE “%FQDN%”
– Replace FQDN with your full domain to join

That’s basically it


On a final note we have had the best success using a a USB-C Thunderbolt dock.
We therefore reuse the same Docks over and over, adding another issue. MAC addresses :-/

In our setup we only allow PC’s that has already been setup for installation (added to a deployment collection) to run (no unknown PCs can PXE)
In this scenario MAC addresses are best avoided as the MAC address from the dock/dongle will already be tied to some PC if used before.
– An existing PC, with a reused dongles MAC address registered, will have a lower Resource ID. SCCM will find it and conclude that it’s not setup for installation..
We therefore instead only use the computers name and UUID for registration.
Also note that when running the SCCM DP PXE without the Windows Deployment Service (DP PXE option) SCCM will ignore duplex MAC addresses
and accept to run the TS if there is a PC with a corresponding UUID in the Deployment collection.
Do not always trust the UUID you find in BIOS. HP, for instance, use a different notation..
wmic csproduct list full will give you UUID in the right format..
Phew- what a pile of crap. And all of that just to make the Labtop 1mm thinner .. 😃

Leave a Reply