anyweb

the windowsupdate.log in c:\windows will show you what updates are applied or not, how do you know it's patched ? have you verified by logging in and checking ? you could disable the capture part for testing and let the build complete, then login and have a look, are 97 updates installed or not ? are you sure the updates arnt installing AFTER you've captured the image, for example via windowsupdate itself instead of via Configuration Manager

if you want to start with all those things then checkout the CM12 BitLocker FrontEnd HTA, don't worry about the bitlocker part, all the data migration ability is contained in the task sequence and associated scripts, you can check it out here. CM12 in a Lab - The CM12 BitLocker FrontEnd HTA - video CM12 in a Lab - The CM12 BitLocker FrontEnd HTA

is your issue in the build and capture (for installing updates) or the deploy task sequence, if it's a build issue, it's in a workgroup therefore what boundary have you defined ? it needs to be an ip range boundary containing an ip that matches the machine you are building, if it's an AD based boundary it won't work as the machine is not in AD it's in a workgroup. what collection have you deployed these updates to ? is it a collection that the computer is in during build and capture ?

for most installs I'd recommend you select a standalone primary, the CAS guides are more up to date in terms of versions of software but you should only use a CAS if you are supporting 100,000 clients or more.

sorry can't read the text, can you either attach the log or show a better screenshot

a few errors from your earlier log have you defined your network access account ? have you made ANY change to the original HTA files i provided here ? if so can you try the ones i supplied instead, just as a test

correct it's not, you have some other issue, i've just booted from my standalone media and it displays just fine

i presume you are setting up a lab? hopefully, otherwise there's no real need for a CAS unless you are going to be managing 100,000 clients.

you shouldnt delete the deployment, just disable it (more info here) what you could try is removing the boot wim attached to the task sequence, that way those systems wont be able to boot if they have received the policy, also, consider changing the PXe Password or setting one if one is not already set. Many things you can do, but once the computers have the policy they'll try to act on it....

ok i will create some standalone media here and test it.

ok so initially you said you were setting up a primary, so are you infact installing a primary AFTER having setup a CAS first, is that correct ? having SQL remote from a primary is not recommended as it increases complexity and increases the likelihood of failure, always have SQL on box if possible.

ok there are manyerrors in the log above, such as these sql errors CSql Error: Cannot find data for connection type: CCAR_DB_ACCESS, cannot get a connection. $$<Configuration Manager Setup><08-14-2014 09:17:03.752-60><thread=4148 (0x1034)> INFO: SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure $$<Configuration Manager Setup><08-14-2014 09:17:03.752-60><thread=4148 (0x1034)> CSql Error: Cannot find data for connection type: CCAR_DB_ACCESS, cannot get a connection. $$<Configuration Manager Setup><08-14-2014 09:17:06.768-60><thread=4148 (0x1034)> INFO: SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure $$<Configuration Manager Setup><08-14-2014 09:17:06.768-60><thread=4148 (0x1034)> CSql Error: Cannot find data for connection type: CCAR_DB_ACCESS, cannot get a connection. $$<Configuration Manager Setup><08-14-2014 09:17:09.784-60><thread=4148 (0x1034)> INFO: SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure $$<Configuration Manager Setup><08-14-2014 09:17:09.784-60><thread=4148 (0x1034)> CSql Error: Cannot find data for connection type: CCAR_DB_ACCESS, cannot get a connection. $$<Configuration Manager Setup><08-14-2014 09:17:12.800-60><thread=4148 (0x1034)> INFO: SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure $$<Configuration Manager Setup><08-14-2014 09:17:12.800-60><thread=4148 (0x1034)> CSql Error: Cannot find data for connection type: CCAR_DB_ACCESS, cannot get a connection. $$<Configuration Manager Setup><08-14-2014 09:17:15.815-60><thread=4148 (0x1034)> INFO: SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure $$<Configuration Manager Setup><08-14-2014 09:17:15.815-60><thread=4148 (0x1034)> CSql Error: Cannot find data for connection type: CCAR_DB_ACCESS, cannot get a connection. $$<Configuration Manager Setup><08-14-2014 09:17:18.831-60><thread=4148 (0x1034)> INFO: SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Uns how did you install this primary and describe your setup please, is sql local or remote, is there a cluster, did you follow any of the guides here ?

i normally wait until all Setup tassk are complete and green in that wizard before clicking close, did you ?

looks ok for that step at least, what did you create exactly, standalone media ? is the boot image x86 or x64 ?

i'll need your smsts.log file to see why it's skipping the display hta

you can use reporting in configmgr to find out, check out the report category Status Messages - Audit, it will let you see what administrative users have done recently. like below

how long did you wait and what 'was not installed' ?

check Devices under assets and compliance, do you see a whole bunch of UNKNOWN objects (please do NOT delete the UNknown Computers collections) you can delete all the unknown devices (not the collections) then try again, 1 shown below but i've seen up to 91 in our production environment....

show me your display hta step

there you go ! so is this computer in a collection targeted by that depoyment above and is the deployment deployed with a purpose of hidden

smsts.log will tell you why, please attach it

did you redistribute the boot wim and then recreate the media after adding hta support to the boot wim ? the HTA component is shown below, is that the one you added ?

it's FVE, or Full Volume Encryption, so you can have one volume bitlockered and another not.

will this work from inside Windows PE? absolutely ! that's how it's designed to run, you probably have a spelling mistake or an other problem, attach your smsts.log and i'll be able to determine what the issue is my guess is you have no HTA support in your boot wim optional components and therefore it cannot display the HTA.

i do believe a .local will not work with iOS devices.