Connect to a Wireless network during Setup? To allow Azure Join via Provisioning Package (PPKG)

Hello everyone, first time poster here.

I have found NTLite to be an amazing antidote to our current imaging/deployment issues. I have successfully customised Win10 Enterprise to remove some components and features, configured Unattended settings and Post-setup app installs/script runs. I have also configured a Provisioning Package using Windows Config Designer to rename the device to a corporate naming format and then join AzureAD using a bulk enrollment token.

All of this works perfectly and the fresh installation at the end is perfect for our RMM tool to take over and complete the final configuration and setup.

This current process relies on the device being connected to the internet via ethernet so that the Azure join can happen at the appropriate time.

Whilst not technically an NTLite query or issue, my question to the forum is whether it is possible to have the installation connect to a pre-set/pre-defined wifi network so that this would be a completely wire-free deployment (except for the charger of course!)

Has anyone come across a similar situation or may know of any way to achieve the aim?

PS - I see that the Windows Config Designer has the option to join a Wireless Network and if you disable that, a message comes up that you MUST then have an ethernet connection.

Would this be the setting that would work?
If the pre-configured wireless network was not available but an ethernet cable was plugged in instead, would that still work?

Thanks in advance, and I look forward to the replies here to see if this can work.
 
Thanks garlin for the reply. I came across this article earlier but thought that was geared more towards having a Wireless network profile added "after" the installation phase so that an end user could login and begin using the device in production.

It wasn't immediately obvious whether this method will add the WiFi profile during that first boot where Windows shows the black loading screen (first boot) like "Getting ready..." etc.

I will try the method in the linked forum post and see if this works in the way I hope it will. I will reply once my testing is complete.

Thanks again for the reply/direction!
 

garlin

Moderator
Staff member
Post-Setup commands are executed before the first user logon. If you need WiFi access earlier, add the same commands to autounattend's specialize pass. For now, NTLite doesn't support adding specialize commands but it's under consideration.
 
Post-Setup commands are executed before the first user logon. If you need WiFi access earlier, add the same commands to autounattend's specialize pass. For now, NTLite doesn't support adding specialize commands but it's under consideration.

Thanks for the clarification garlin

I tried to add the commands into the Post-Setup (SetupComplete.CMD) and whilst it successfully connects to the WiFi network at the first ever logon screen, it doesn't connect during the pre-boot phase (where I believe the Azure-Join is trying to run.)

I am now trying to follow your 2nd suggestion of adding the details to the autounattend.xml, but I cannot find the right area within my autounattend.xml to add this.

Would you please help me with my code?

I guess I need to add the commands below, but not sure how to structure the code itself in XML format, and where to place the code itself. I don't currently have a specialize section in the autounattend...

Command 1 to add the profile:
Code:
netsh wlan add profile filename="%WINDIR%"\Setup\Files\WiFiNetworkName.xml user=all

Command 2 to initiate connection automatically:
Code:
netsh wlan set profileparameter name=WiFiProfileName connectionmode=auto

My current Autounattend.xml is attached

Thanks again
 

Attachments

  • autounattend.xml
    4.8 KB

garlin

Moderator
Staff member
Before sharing the updated autounattend.xml, I have to explain how specialize, OOBE and Post-Setup work.

When Windows detects $OEM$ folder on the install media, it copies the files right before Post-Setup tasks are run. Post-Setup has the benefit of having $OEM$ files copied into place. Specialize pass executes before that point, and no files are copied unless you specify them.

The problem is where to hide the WiFi profile? I decided the Default User's temp folder is a relatively safe and unobtrusive spot. This way we don't need to know the USB or CD's drive letter.

1. Mount the image in NTLite.
2. As Administrator, copy WiFiNetworkName.xml to the Default User's home folder. For example:
Code:
copy WiFiNetworkName.xml G:\NTLite\NLTmpMnt01\Users\Default\AppData\Local\Temp
3. Copy the new autounattend.xml to the root of the ISO folder.

Here's the specialize commands:
Code:
        <settings pass="specialize">
                <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                        <RunSynchronous>
                                <RunSynchronousCommand wcm:action="add">
                                        <Order>1</Order>
                                        <Path>netsh wlan add profile filename="C:\Users\Default\AppData\Local\Temp\WiFiNetworkName.xml" user=all</Path>
                                        <Description>WLAN add profile</Description>
                                </RunSynchronousCommand>
                                <RunSynchronousCommand wcm:action="add">
                                        <Order>2</Order>
                                        <Path>netsh wlan set profileparameter name=WiFiProfileName connectionmode=auto</Path>
                                        <Description>WLAN enable</Description>
                                </RunSynchronousCommand>
                        </RunSynchronous>
                </component>
        </settings>
 

Attachments

  • autounattend.xml
    5.6 KB
Before sharing the updated autounattend.xml, I have to explain how specialize, OOBE and Post-Setup work.

When Windows detects $OEM$ folder on the install media, it copies the files right before Post-Setup tasks are run. Post-Setup has the benefit of having $OEM$ files copied into place. Specialize pass executes before that point, and no files are copied unless you specify them.

The problem is where to hide the WiFi profile? I decided the Default User's temp folder is a relatively safe and unobtrusive spot. This way we don't need to know the USB or CD's drive letter.

1. Mount the image in NTLite.
2. As Administrator, copy WiFiNetworkName.xml to the Default User's home folder. For example:
Code:
copy WiFiNetworkName.xml G:\NTLite\NLTmpMnt01\Users\Default\AppData\Local\Temp
3. Copy the new autounattend.xml to the root of the ISO folder.

Here's the specialize commands:
Code:
        <settings pass="specialize">
                <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                        <RunSynchronous>
                                <RunSynchronousCommand wcm:action="add">
                                        <Order>1</Order>
                                        <Path>netsh wlan add profile filename="C:\Users\Default\AppData\Local\Temp\WiFiNetworkName.xml" user=all</Path>
                                        <Description>WLAN add profile</Description>
                                </RunSynchronousCommand>
                                <RunSynchronousCommand wcm:action="add">
                                        <Order>2</Order>
                                        <Path>netsh wlan set profileparameter name=WiFiProfileName connectionmode=auto</Path>
                                        <Description>WLAN enable</Description>
                                </RunSynchronousCommand>
                        </RunSynchronous>
                </component>
        </settings>

Thank you so much for this garlin

I was able to create a Provisioning Package that uses ETHERNET and joins Azure using a BPRT (Bulk enrollment token) and fed this into NTLite.

Coupling this with your assistance in creating a suitable autounattend.xml which joins a specified Wi-Fi network at the "earlier" stage, works perfectly. This allows our admins to build machines with an Ethernet OR Wi-Fi connection to faciliitate the automatic Azure-join during post install booting.

It may be a very niche use-case but I hope this may help others who have the need to AD/Azure-join devices (particularly laptops/Tablets) in an automated scenario so that at first boot the device is essentially ready for an end user to begin using right away.

Thanks again!
 
Top