Deploy RSAT for Windows 10 1809 using SCCM

Starting Windows 10 1809 Remote Server Administration Tools (RSAT) is now included as a set of “Features on Demand”. In the following post we will show you how to deploy individual features with SCCM.

The RSAT tools are added using the “Add-WindowsCapability” cmdlet https://docs.microsoft.com/en-us/powershell/module/dism/add-windowscapability?view=win10-ps
Because we are deploying each feature with an appliction, we are going to use two parameters with the above cmdlet:-

1 . Online (Specifies we are adding the feature to the current Windows image
2 . Source (We need to specify the CCMCache as a source)

The challenge

The Features On Demand Pack is massive, 4.7GB. You can download it from the VLSC. You only need “Disk 1” for the RSAT features. Choose the correct version for the OS you are deploying the tools to.

After you have downloaded the ISO, extract the contents to a folder. If we used this as the source for our deployment, 4.7GB of content would make its way to the client. This will present lots of interesting challenges.

In the following steps, we will extract only the required files from the FOD pack for each RSAT feature. We will use the “DHCP” feature (language en-gb) for our example.

You will need the following:-

  1. The whole “metadata” folder
  2. FoDMetadata_Client.Cab
  3. Microsoft-Windows-DHCP-Tools-FoD-Package~31bf3856ad364e35~amd64~~.Cab
  4. Microsoft-Windows-DHCP-Tools-FoD-Package~31bf3856ad364e35~amd64~en-GB~.Cab
  5. Microsoft-Windows-DHCP-Tools-FoD-Package~31bf3856ad364e35~amd64~en-US~.Cab
Files in Explorer

You will need items 1 and 2 for every FOD application you build. Item 3 and 4 will be specific to the tool and the language of the OS.

Item 5 seemed to be a pre-requisite too, my assumption is the FOD media language cab has to be present when installing other languages.

Access to the Internet

When you use the “Add-WindowsCapability” cmdlet, if you do not specify a Source, the default location set by Group Policy is used. If that fails, Windows Update is also used for online images.

In this post, we will specify the Source as CCMCache using some PowerShell.

Scripts

As already mentioned, we will use the “Add-WindowsCapability” cmdlet to install the RSAT Feature. We will also use the “Remove-WindowsCapability” cmdlet for uninstalling the Feature and the “Get-WindowsCapability” cmdlet for the application detection method.

Add-WindowsCapability_DHCP.ps1

Remove-WindowsCapability_DHCP.ps1

Get-WindowsCapability_DHCP.ps1

Putting it all together

Our source directory (Content Location) for the DHCP RSAT Feature should now contain:-

  1. metadata (folder from the extracted ISO)
  2. FoDMetadata_Client.cab
  3. Microsoft-Windows-DHCP-Tools-FoD-Package~31bf3856ad364e35~amd64~~.cab
  4. Microsoft-Windows-DHCP-Tools-FoD-Package~31bf3856ad364e35~amd64~en-GB~.cab
  5. Microsoft-Windows-DHCP-Tools-FoD-Package~31bf3856ad364e35~amd64~en-US~.cab
  6. Add-WindowsCapability_DHCP.ps1
  7. Get-WindowsCapability_DHCP.ps1
  8. Remove-WindowsCapability_DHCP.ps1
Files in Explorer

1 . Create a new Application. Choose “Manually specify the application information” and click “Next”

Choose “Manually specify the application information

2 . Enter a name for the application (and any other information you need) and click “Next”

Specify an application name

3 . Enter a “Localized application name” (and any other information you need – including a nice icon!) and click “Next”

Choose a localized application name (and shiny icon)

4 . To configure a “Deployment Type”, click “Add”

Click “Add” to create a Deployment Type

5 . Choose Type “Script Installer” and click “Next”

Choose Type Script Installer

6 . Choose a Deployment Type Name and click “Next”

Choose a Deployment Type Name

7 . Set the following information and click “Next”

Content Location = \\server\packages\Microsoft FOD\1809 – DHCP

*Installation Program = Powershell.exe -ExecutionPolicy Bypass -File “Add-WindowsCapability_DHCP.ps1”

*Uninstall Program = Powershell.exe -ExecutionPolicy Bypass -File “Remove-WindowsCapability_DHCP.ps1”

*Assumes you are not already bypassing the client execution policy

Specify Content Information

8 . Choose to use a Custom Script for application detection and click “Edit”

Choose a custom application detection script

9 . In the Script Editor dialogue, choose Script Type “PowerShell” and click “Open”

Choose the Script Type

10 . Browse to “Get-WindowsCapability_DHCP.ps1” and click “Open” and then “Ok”

Choose Get-WindowsCapability_DHCP.ps1

11 . Click “Next” to complete the Application Detection method

Application Detection Method

12 . I like to specify an “Installation Requirement” to ensure the OS is Windows 10 1809. For this we can query the OS build to ensure it is “17763”. Click “Add”

Add an Application Requirement

13 . Click “Create”

Create Requirement

14 . Enter the following information and click “Ok”

Name: Windows 10 Build Number
Description: Windows 10 Build Number
Condition Type: Setting
Setting Type: Registry Value
Hive Name: HKEY_LOCAL_MACHINE
Key Name: SOFTWARE\Microsoft\Windows NT\CurrentVersion
Value Name: CurrentBuild

Global Condition for Windows 10 Build

15 . Choose the Global Condition that we just created and in the value field type “17763”. Click “Ok”

Specify the Windows 10 1809 Build Number

16 . Click “Next” to proceed to Software Dependencies

17 . Click “Next” to read the Application Summary

18 . Click “Next” to create the Deployment and click “Close”

19 . The Deployment Type has been created, click “Next”

Deployment Type Created

20 . Click “Next” to confirm the Application Settings

21 . Click “Close” to complete the wizard

Rinse and Repeat

We can follow the same steps to create Applications for DNS, DSLD, FS, GPO and RDS RSAT Features. I have created an application for each RSAT Feature because each will use a different Detection Method.

Repeat to create and Application for other RSAT Features

To help duplicating and modifying your installation, removal and detection scripts, the Windows-Capability Name for the other RSAT tools are:-

Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0
Rsat.BitLocker.Recovery.Tools~~~~0.0.1.0
Rsat.CertificateServices.Tools~~~~0.0.1.0
Rsat.DHCP.Tools0.0.1.0
Rsat.Dns.Tools~~~~0.0.1.0
Rsat.FailoverCluster.Management.Tools~~~~0.0.1.0
Rsat.FileServices.Tools~~~~0.0.1.0
Rsat.GroupPolicy.Management.Tools~~~~0.0.1.0
Rsat.IPAM.Client.Tools~~~~0.0.1.0
Rsat.LLDP.Tools~~~~0.0.1.0
Rsat.NetworkController.Tools~~~~0.0.1.0
Rsat.NetworkLoadBalancing.Tools~~~~0.0.1.0 Rsat.RemoteAccess.Management.Tools~~~~0.0.1.0 Rsat.RemoteDesktop.Services.Tools~~~~0.0.1.0
Rsat.ServerManager.Tools~~~~0.0.1.0
Rsat.Shielded.VM.Tools~~~~0.0.1.0 Rsat.StorageMigrationService.Management.Tools~~~~0.0.1.0 Rsat.StorageReplica.Tools~~~~0.0.1.0
Rsat.SystemInsights.Management.Tools~~~~0.0.1.0 Rsat.VolumeActivation.Tools~~~~0.0.1.0
Rsat.WSUS.Tools~~~~0.0.1.0

Deployment

The (Add/Remove/Get)-Windows-Capability cmdlets require elevation. Consider this when deploying to Devices or Users.

With this in mind, you need to ensure that you have chosen to “Install as System” on the User Experience tab of the Deployment Type we created earlier.

Once deployed as “Available”, and after the client has run a Machine/User Policy Refresh, the application appears in Software Center.

New Application in the Software Center

Our Application Detection method has worked if we peek in appdiscovery.log on the client

appdiscovery.log

Lets install the new Application

Installing the DHCP RSAT Feature

Appenforce.log on the client gives more information on the installation

appenforce.log

The application should be available from the Start Menu after installation

Application Installation Successful

Summary

Some points to remember:-

  1. The EN-US cab files for each feature must also be present in your source directory for each Application you create
  2. The Application must be deployed to “Install as System” because the *-WindowsCapability cmdlets require elevation

Happy Feature deploying 🙂

Leave a comment

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 thoughts on “Deploy RSAT for Windows 10 1809 using SCCM”