18 July 2019

MDT Conditional Reboot

I wrote an article about three years ago on conditional task sequence reboots. It used the built-in reboot task sequence that was initiated only if any of the three conditions were met. The problem was a fourth condition that could not be tested for because a WMI query is the only way to test and MDT conditions do not incorporate WMI.

Recently, I revisited this, and it occurred to me how to incorporate the WMI query after going through the ZTIWindowsUpdate.wsf and seeing how it initiated reboots. I abandoned the built-in reboot and wrote a PowerShell script that can test all four conditions and then connect to the TSEnvironment object to start a reboot.

NOTE: The fourth test depends on the SCCM client already being installed.

The four conditions the script checks for are:

  • Component Based Servicing
  • Windows Updates
  • Pending Files Rename
  • Pending reboot from SCCM installs
The script will iterate through all four conditions. If a condition is met, it will then connect to the TSEnvironment object and request a reboot by setting SMSTSRebootRequested to true. Once the script is finished, the system will reboot and then proceed to the next task.

I also included the commented out SMSTSRetryRequested in the script. This command will cause the task sequence to rerun this script. I included it in here so if you want to take the code from this script and incorporate it into another script that will rerun it after the reboot, it is there. 

The first thing to do is to copy the script to the scripts (%SCRIPTROOT%) directory. As you can see in the screenshot below, I used a Run Command Line task sequence.



The command line is as follows:

 powershell.exe -executionpolicy bypass -file "%SCRIPTROOT%\ZTIConditionalReboot.ps1"  


Finally, here is the script. You can download it from my GitHub site.

 <#  
      .SYNOPSIS  
           Zero Touch Conditional Reboot  
        
      .DESCRIPTION  
           This script will check four flags on the system to see if a reboot is required. If one of the flags is tripped, then this script will initiate a reboot in MDT so that will come back up and start at the proceeding task. I have included the commented out SMSTSRetryRequested in the script so if you want to incorporate the code from this script into another one that will need to be rerun again once the reboot completes.   
        
      .NOTES  
           ===========================================================================  
           Created with:     SAPIEN Technologies, Inc., PowerShell Studio 2017 v5.4.142  
           Created on:       7/12/2019 2:53 PM  
           Created by:       Mick Pletcher  
           Organization:     Waller Lansden Dortch & Davis, LLP.  
           Filename:         ZTIConditionalReboot.ps1  
           ===========================================================================  
 #>  
 [CmdletBinding()]  
 param ()  
   
 function Enable-Reboot {  
 <#  
      .SYNOPSIS  
           Request MDT Reboot  
        
      .DESCRIPTION  
           A detailed description of the Enable-Reboot function.  
 #>  
        
      [CmdletBinding()]  
      param ()  
        
      $TaskSequence = New-Object -ComObject Microsoft.SMS.TSEnvironment  
      #Reboot the machine this command line task sequence finishes  
      $TaskSequence.Value('SMSTSRebootRequested') = $true  
      #Rerun this task when the reboot finishes  
      #$TaskSequence.Value('SMSTSRetryRequested') = $true  
 }  
   
 #Component Based Reboot  
 If ((Get-ChildItem "REGISTRY::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending" -ErrorAction SilentlyContinue) -ne $null) {  
      Enable-Reboot  
 #Windows Update Reboot  
 } elseif ((Get-Item -Path "REGISTRY::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired" -ErrorAction SilentlyContinue) -ne $null) {  
      Enable-Reboot  
 #Pending Files Rename Reboot  
 } elseif ((Get-ItemProperty -Path "REGISTRY::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" -Name PendingFileRenameOperations -ErrorAction SilentlyContinue) -ne $null) {  
      Enable-Reboot  
 #Pending SCCM Reboot  
 } elseif ((([wmiclass]"\\.\root\ccm\clientsdk:CCM_ClientUtilities").DetermineIfRebootPending().RebootPending) -eq $true) {  
      Enable-Reboot  
 } else {  
      Exit 0  
 }  
   


0 comments:

Post a Comment