Introduction
The Microsoft Deployment Toolkit (MDT) has been used by many companies for the provisioning of operating systems. It does have a mature and powerful task sequencing engine. And while not really scalable to enterprise level environments, and being a firmly lite touch rather than a zero touch solution - it does have one major benefit. It is free.
Many thousands, if not millions of Windows operating systems will have been provisioned in build rooms throughout the world using MDT. Unfortunately the last client OS to be supported was Windows 10. Windows 11 is not supported, and in fact you cannot import the Windows 11 Operating system into the Deployment Share. Nevertheless Windows 11 can be deployed using MDT and in such a way as to be fully supported. Here is how it is done.
1) Create a task sequence to deploy Windows 10, or use your existing MDT Windows 10 task sequence. Configure the TS with your applications and settings.
2) Configure the TS to copy the Windows 11 source files to a location on the device being built.
3) Create a TS step to configure a Scheduled Task to run a Windows 10 to Windows 11 upgrade a few minutes after the completion of the Windows 10 Task sequence.
4) Autologon to the device and wait for the Windows 11 upgrade to complete.
The Windows 10 to Windows 11 upgrade is completed after the completion of the Windows 10 task sequence, and because it is started by a task scheduler job, and not MDT; it is a fully supported solution.
This article will cover steps 2,3 and 4.
Copy the Windows 11 Files
You will need to create a share on your network to contain the Windows 11 source files. For our purposes we shall call it \\mdtserver\software.
Under this share create a directory called Windows11Files and under this create a directory called Source. So we have:
\\mdtserver\software\Windows11Files\Source
Copy your Windows 11 source files into this directory.
You will then need to decide on where you will be copying these files on the device itself. In my case I will be copying these files to c:\support\Windows11.
Thus I create two task sequence steps to create this path. The first TS step runs the following command:
cmd.exe /c mkdir c:\support
The second TS step runs the following:
cmd.exe /c mkdir c:\support\Windows11
The next TS step will need to copy the Windows 11 files to the provisioning device. The command line I have used to achieve this is as follows:
cmd.exe /c robocopy \\<mdtserver>\software\Windows11Files c:\support\Windows11 /e
Note1: you may have to select the Run this step as the following account option and then supply an AD account with adequate permissions to access the software share.
Note2: All three of the above task sequence steps are of the type Run Command Line.
Note3: All TS steps detailed in this article should be positioned towards the end of the task sequence, and definitely after the Post Install group.
Create a Scheduled Task to upgrade to Windows 11
Now that we have configured the TS so that the Windows 11 Source files are available locally on the provisioned device, we need to create a Scheduled Task job to perform the upgrade itself. The script provided here will create a scheduled task to start five minutes after the time the script is executed. Therefore it should be configured to run as a Run Command Line TS step towards the end of your task sequence so that the task schedular job does not start while the TS is still running.
In this case I call the script win11ug.ps1 and I copy it to the MDT DeploymentShare's script directory, that is: \\<mdtserver>\DeploymentShare$\Scripts.
The Run Command Line TS step contains the following:
powershell.exe -executionpolicy bypass -file "%SCRIPTROOT%\win11ug.ps1"
In addition the Run Command Line step is configured to run under a Domain Admin account.
Here is the script:
#Get ST start time and ensure time format will work with schtasks syntax
$execdate=(get-date).addminutes(5)
$exectime=($execdate).timeofday
$hourchk=[string]$exectime.hours
$minutechk=[string]$exectime.minutes
if ($minutechk.length -lt 2) {
$minute="0"+$minutechk
}
else {
$minute=$minutechk
}
if ($hourchk.length -lt 2) {
$hour="0"+$hourchk
}
else {
$hour=$hourchk
}
$time=$hour+":"+$minute
#Run the schtasks command to create the task schedular job
schtasks /create /tn "Win10Upgrade" /tr "C:\support\windows11\source\setup.exe /Auto Upgrade /EULA accept" /ST $time /RL Highest /ru interactive /sc once
Autologon to the device
The last Run Command Line TS step is required to run a script that will perform an autologon. The command line that worked for my scenario was as follows:
Powershell.exe -executionpolicy bypass -noprofile -file "%SCRIPTROOT%\AutoLogon.ps1"
And here is the script itself. Obviously replace credentials accordingly.
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_SZ /v AutoAdminLogon /d 1 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_SZ /v DefaultPassword /d <password> /f
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_SZ /v DefaultUserName /d <local admin account name> /f
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_DWORD /v AutoLogonCount /d 1 /f
This script needs to be copied to a file called Autologon.ps1 and then copied to the DeploymentShare's script directory: that is, \\<mdtserver>\DeploymentShare$\Scripts.
The last step in your TS will be to perform a reboot. A few minutes after the reboot completes, and after the autologon completes, the upgrade to Windows 11 will commence.
To help you position each of the steps covered in this article, in the correct order, I have included a capture of the steps towards the end of my task sequence.
Now after your task sequence completes, and within five minutes, the Windows 10 to Windows 11 upgrade will commence and there will be no requirement for any user input.
Conclusion
It might be that your client is not in a position to install an OSD solution that will deploy Windows 11 - in which case this solution may help you. It is a Heath Robinson type workaround to MDT's limitation. It works well but you will have to decide if an upgrade solution, rather than a pure baremetal to Windows 11 solution, is something your organisation can accept.
I hope you have enjoyed reading this little blog.
