Using MDT 2010 in a Group Policy environment

by Mitch Tulloch [Published on 4 April 2012 / Last Updated on 4 Aug. 2011]

How to resolve common issues when deploying Windows 7 using MDT 2010 in a production environment where Group Policy will be applied to the target computers.

When you use MDT 2010 to deploy Windows 7 in a production environment where Group Policy is used, strange things can happen.  For example, if your environment uses Group Policy to enforce User Account Control (UAC) on client computers, then when you deploy a new computer using MDT to your environment it may happen that the Lite Touch wizard will fail to start after the autologon that occurs at the end of the deployment process.  To resolve this issue, you could configure your MDT task sequence to deploy the computer to a staging OU where such policies are not being applied. Then you could add a new task to the end of your task sequence that runs a script at the completion of the deployment process to move the computer accounts from the staging OU to the appropriate production OU so the policy can be applied.

Mitch Tulloch is a seven-time recipient of the Microsoft Most Valuable Professional (MVP) award and widely recognized expert on Windows administration, deployment and virtualization. For more tips by Mitch you can follow him on Twitter or friend him on Facebook.

 

Featured Links