Skip to main content

Shopping 6.1

Creating a Wipe and Load (Destructive) WSA Deployment Application

Who can do this? Shopping administrators with the privileges to create WSA applications in Shopping. What is it for? To enable users to self-service their OS deployments using the Windows Servicing Assistant. Before you start You must create the deployment task sequence in Configuration Manager – you'll need this for the General Details screen.

A Wipe and Load (Destructive) Deployment should be used when the task sequence includes steps to partition or format the disk (hence the deployment is destructive as all data and content on the disk is lost). For remote users, an NTFS format USB disk will be required to perform this type of deployment. The USB disk will be used to store all the content required for the task sequence to complete, and will also store the captured user data and settings.

For an office based user with the default settings, if all required content is available on local peers, it will be sourced from those peers when the task sequence runs. If there is any content required by the task sequence that is not available on any local peers at the time the WSA runs its readiness checks, the user will be required to insert an NTFS format USB disk. Alternatively, the option to download content if not available on the local network can be unchecked, in which case the machine will download the required content from the Distribution Point as required when the task sequence executes.

User data will always be stored on USB in a Wipe and Load (Destructive) Deployment if the user is remote. If the user is in the office, by default the WSA will attempt to find a local peer on which the user data can be stored. If no local peers are available, the user will be required to insert an NTFS format USB disk to store the content.

Preparation

Before creating a Wipe and Load (Destructive) Windows Servicing Assistant Deployment Application in Shopping, ensure you have completed the following in Configuration Manager

  1. Create a Task Sequence following the guidelines for creating a WSA Wipe and Load Destructive Task Sequence.

  2. Create an empty Collection that will be targeted with a deployment of the WSA Wipe and Load Destructive Task Sequence.

  3. Deploy the WSA Wipe and Load Destructive Task Sequence created in step 1 to the empty Collection created in step 2.

The deployment should be configured as Available (not Required), and scheduled to become available 10 years in the future as indicated below. This prevents the deployment from appearing in Software Center until the available date, thereby preventing the user from executing the task sequence outside of the Windows Servicing Assistant.

Specifying the settings to control your your deployment
Setting a schedule for your deployment
Creating the Wipe and Load Destructive WSA Deployment Application
  1. In the Shopping Admin Console, right-click the Applications node and from its context menu, choose New Windows Servicing Assistant Deployment.

    230740810.png
  2. On the Welcome screen, click Next.

  3. On the General Details screen:

    Populating the General Details screen for your deployment
    1. Select Wipe and Load Destructive from the Type of Windows Servicing Deployment drop-down.

    2. In the Name field, enter the name of this application as you want it to appear to the end-user in the wizard.

    3. Optionally enter a brief description in the Description field (note that the description, cost and icon are never displayed to the end-user for WSA Deployment Applications).

    4. Click Next.

  4. On the Config Mgr collection screen:

    The Config Mgr collection tab
    1. Select the Collection that the Wipe and Load Task Sequence was deployed to (see Preparation above).

    2. From the Deployment drop-down, select the deployment that was created to deploy the Wipe and Load Task Sequence to the Collection selected previously.

    3. Click Next.

  5. On the Permissions screen:

    Setting restrictions for the deployment in the Permissions screen
    • If you want this Wipe and Load Deployment to be available to everyone, click Next (i.e. do not restrict the deployment to any users or computers).

    • If you want to restrict this Wipe and Load Deployment to specific users, click Add to the right of the User Permissions list and add the user or group that you want to restrict access to. Repeat to add multiple users or groups.

    • If you want to restrict this Wipe and Load Deployment to specific computers, click Add to the right of the Machine Permissions list and add the computer or group that you want to restrict access to. Alternatively, click the Add OU button to add an OU that contains the computers that you want to restrict access to. Repeat as appropriate to add multiple computers, groups or OUs.

  6. On the Completing the Windows Servicing Assistant Deployment Wizard screen, click Finish.

Configuring the Wipe and Load (Destructive) WSA Deployment
Locating the WSA application you just created

Once the Wipe and Load (Destructive) WSA Deployment has been created, it may be necessary to configure additional properties that are applicable specifically to Wipe and Load (Destructive) deployments.

In the Shopping Admin Console, select the Applications node and double-click the Wipe and Load (Destructive) WSA application you just created (it will be listed under WSA as illustrated – use the search feature if necesary) to open the Properties dialog box.

We are going to walk you through the each of the tabs in the Properties dialog for the Wipe and Load (Destructive) Deployment and show you what the respective settings do and how they impact the behavior of the deployment in terms of the user experience. There is a masterclass on how to create the deployment at the end of this section.

The General tab

The General tab

The General tab is populated with the settings defined when the application was created. It controls what is displayed on the WSA Start screen. You can change the name of the deployment (changing the description, cost and icon has no effect as these are never displayed to the end-user). However, Type cannot be changed.

For example, if you change the name of the deployment from Install or reinstall Windows on this PC to Reinstall Windows on My PC (Change Disk Format), users see this on the Start screen.

Your browser does not support the HTML5 video element

The ConfigMgr Collection tab

Properties in the ConfigMgr Collection tab

The ConfigMgr Collection tab is populated with the selections made when the application was created. These can be modified if necessary, but not recommended unless it is to correct an error. If you do modify these, ensure you select a deployment of a Wipe and Load (Destructive) Task Sequence.

The Permissions tab

Properties in the Permissions tab

The Permissions tab is populated with the selections made when the application was created. You can modify the permissions from this tab to restrict access to specific users and/or computers.

The Application tab

Properties in the Applications tab

The Applications tab controls what users see on the Applications screen. The list of applications you add to the Applications in OS Image list is displayed on the left of the Applications screen.

Your browser does not support the HTML5 video element

  • If there are standard applications that are included in the OS image or installed by the task sequence, you can let the user know which applications are included by adding them to the Applications in OS Image list.

    Note

    This is simply a list of free text strings entered by the administrator. The user is shown the list as it appears in this dialog.

  • If 1E Application Migration is being used (specifically, if the Wipe and Load Task Sequence includes the 1E Application Migration steps):

    1. check the Migrate Applications check box.

    2. optionally, check the Display Application Migration list to WSA User option. When this option is selected, the user will see the applications that will be migrated on the Applications screen of the Windows Servicing Assistant.

      Note

      If Migrate Applications is unchecked, when the Task Sequence runs the WSA Initialize step will set the 1EWSA_AppMigrationEnabled task sequence variable to False. This variable should therefore be used in a condition on the Migrate Applications group in the task sequence so the group does not execute it if 1EWSA_AppMigrationEnabled=False. If this condition is not applied to the Migrate Applications group in the task sequence, Application Migration steps will be executed even though the Migrate applications option was unchecked in the WSA Deployment properties.

The Storage tab

The Storage tab

The Storage tab controls the options available to the user depending on whether they are in the office or are remote (connected via VPN with no local peers).

The USB Media screen
For Office based users:
  • Check the Download content if not available in local network option (default) to ensure the WSA downloads any reference content for the wipe and load Task Sequence that is not available on any peers on the local network. If users are prevented from using USB media you will need to uncheck this option.

    Note

    In a Destructive Wipe and Load Deployment where the disk is repartitioned or formatted before the OS image is applied, the WSA does not download content to the local Nomad cache in preparation as it will be lost when the disk is repartitioned or formatted. If you want content to be downloaded when the WSA prepares the machine, if the required content is not available on any local peers, the user will be required to insert an NTFS format USB drive to store the content, so the USB media required option will be checked and disabled (so it can't be changed). This enables the local disk to be repartitioned and formatted while the content remains available on the USB drive.

    If the Download content if not available in local network option is unchecked, no content will be downloaded when the WSA prepares the machine. When the task sequence executes, it will download any required content that is not available on local peers from the Distribution Point.

    Note

    If Download content if not available in local network option is checked, USB media required option will also be checked and if it is unchecked, USB media required option will also be unchecked. Download content if not available in local cache will be unchecked and disabled. Clean USB when finished option will be enabled only when USB media required option is checked. Disabled options cannot be changed.

    • Check the Clean USB when finished option to have the WSA remove any content it added to the USB media when the task sequence has finished.

For remote users:

Content will always be downloaded to the local Nomad cache, as the assumption is there will be no local peers:

  • The USB media required option is checked and cannot be changed.

    Note

    In a Destructive Wipe and Load Deployment, where the disk is repartitioned or formatted before the OS image is applied, if the user is remote they will be required to insert an NTFS format USB drive to store the content (even if there is sufficient space on the local disk to store it). This enables the local disk to be repartitioned and formatted while the content remains available on the USB drive.

    • Check the Clean USB when finished option to have the WSA remove any content it added to the USB media when the task sequence has finished.

Driver Packages:

  • Check the Download only applicable driver packages if the task sequence includes any Install Driver Package or Download Driver Package steps and you want to reduce the amount of content downloaded. By default, the WSA will download all driver packages referenced in the task sequence. With Download only applicable driver packages enabled, the WSA will parse the task sequence and only download drivers that meet the condition defined on the Install Driver Package or Download Driver Package step. If unchecked, the WSA will download all referenced driver packages and may therefore require more time and disk space.

    Note

    WSA is only able to evaluate single WMI conditions in the Install Driver Package steps. If multiple conditions are defined, only the first will be evaluated.

  • Check the Fail readiness check if no applicable driver package is found option to fail the readiness checks if the Task Sequence does not include any drivers applicable to the current device.

    Note

    Typically, virtual machines will not have any applicable drivers, so ensure the Fail readiness check if no applicable driver package is found option is not selected when testing with virtual machines.

Hash checking:

WSA will perform a content hash check on all downloaded content as part of the readiness checks. As the readiness checks may be run a second time (when the user actually starts the deployment), you can avoid the hash checks being repeated within the time period defined in the Do not repeat hash check within option. The value is defined in minutes between 0 and 480 minutes (8 hours) - 0 will result in hash checks always being performed.

The Data Capture tab

The Data Capture

The Data Capture tab controls the options available to the user on the User Backup screen.

Your browser does not support the HTML5 video element

Check Do not capture user files and settings if the users do not have local files or settings that must be preserved. If this option is checked the other options are disabled and the following documentation does not apply.

Note

When you select this option, WSA will not attempt to calculate space required for user data. When the WSA Actions - Initialize step runs in the task sequence, a variable named 1ESkipUserStateCapture will be created and set to true. If the task sequence includes steps to capture data, these should be conditioned to only execute if 1ESkipUserStateCapture is not true.

The message the user sees on the WSA User Backup screen (the default is Select the folders and files you want backed up) can be customized by modifying the contents in the text box under The following message will be displayed to users heading.

Note

If you are not allowing users to select folders to be backed up (see Allow user to backup folders below), you will need to modify this message, as the user will not be prompted to select folders and the wizard screen will be blank other than this message. It may also be useful to warn the user in this message that when they click Next, the wizard will calculate space required, which could take several minutes.

  • Check the Allow user to backup folders option to allow users to select which folders they want to be included in the capture. To prevent them from selecting certain folders, enter the name of the folders, separated with the pipe (|) character, in the text box under the Enter excluded folder path heading.

    The greyed-out text box lists the global folder exclusions defined in the WSA System Folder Exclusions setting in Shopping. These can be modified in the Shopping Admin Console as illustrated below.

    Global folder exclusions
  • Check the Encrypt user data option if you want the captured user data to be encrypted.

    Note

    In a Wipe and Load Deployment, if this option is enabled, an encryption key is generated locally by the 1E custom Get Migration Settings Task Sequence step and stored in a task sequence variable.

For the office location

For machines in the office (Office Location), select one of the following:

  • Nomad PBA only – user data will only be stored on a local peer using Nomad Peer Backup Assistant. If no local peers are available to store the user data, the WSA will prevent the user from executing the deployment.

  • USB Media only – user data will only be stored on USB media. The user will be required to insert NTFS format USB media to store the captured data and keep it connected for the duration of the deployment. If the user is unable to insert an NTFS format USB drive with sufficient space, the WSA will prevent the user from executing the deployment.

  • Use USB if PBA poll unsuccessful (default) – the WSA will attempt to find an available peer to store user data on. If that is unsuccessful, the user will be required to insert NTFS format USB media.

For the remote location

For machines in that are remote (Remote Location), select one of the following:

  • USB Media only – user data will only be stored on USB media. The user will be required to insert an NTFS format USB disk to store the captured data and keep it connected for the duration of the deployment. If the user is unable to insert an NTFS format USB drive with sufficient space, the WSA will prevent the user from executing the deployment.

  • Use USB if PBA poll unsuccessful (default) – the WSA will attempt to find an available peer to store user data on. If that is unsuccessful, the user will be required to insert NTFS format USB media.

User Backup exceptions and how to fix them

These must be resolved before the deployment can continue:

  • We've found something that prevents us from continuing at this time. Please retry later, or contact your administrator if the issue continues to occur.

    Error code

    Likely causes

    Remedial action

    0x00001001

    Communication error – failure to send a size estimation message to the Tachyon service.

    Ensure the Tachyon service is up and running.

    0x00001002

    Timeout duration exceeded – the Tachyon service was not able to send a size estimation message for over the 1 minute timeout duration.

    -1

    Task is cancelled.

    0x0100

    Failure to get task sequence references from the Shopping API

    1. Ensure that the Shopping Web is up and running.

    2. In Configuration Manager, ensure that the Shopping AppPool user is granted the Read-only Analyst role.

    0x0101

    1. Source machine does not exist in SLA platform.

    2. Missing or invalid SLA platform credentials under Settings in the Shopping Admin Console.

    1. Ensure that the source machine exists in the SLA platform. If it does not, run a synchronization to refresh the data.

    2. Ensure that the SLA platform credentials are correct under Settings in the Shopping Admin Console.

      Setting the SLA platform credentials in the Shopping Admin Console

    0x0102

    Unable to get USMT Capture step configuration.

    Ensure that the task sequence contains a Capture step.

    0x0103

    Unable to get the task sequence XML as:

    1. The Shopping server is unavailable.

    2. The Shopping AppPool user has not been granted the Read-only Analyst role in Configuration Manager.

    1. Ensure that the Shopping Web is up and running.

    2. In Configuration Manager, ensure that the Shopping AppPool user is granted the Read-only Analyst role.

    0x0204

    Missing details in the WSA order.

    Contact 1E Support for assistance.

    0x0300

    Unable to fetch Nomad cache size details.

    Ensure that the Nomad service is running and get the user to retry.

    0x0301

    Unable to get content location.

    Ensure that Nomad service is running, and the client machine is present in the required boundary groups, and get the user to retry.

    0x0302

    Unable to find PBA host.

    Ensure that the PBA hosts are responsive by running a ping, check the PBA configuration and get the user to retry.

    0x0400

    Unable to locate applicable driver package in the task sequence for this machine.

    Ensure that the task sequence contains driver package valid for that machine. Otherwise, modify the WSA application settings in Shopping Admin console such that it does not fail when drivers are not available.

    0x0406

    Unable to locate USMT Package in the task sequence references.

    Ensure that the USMT package is referenced in the task sequence.

    0x0602

    ScanState.exe unable to estimate user state data size.

    Ensure that the Tachyon service is up and running. If it is running, check scanstate.log (its location is found in TachyonAgent.log).

    0x0603

    Unable to locate a compatible version of Nomad.

    Ensure that you have Nomad 6.3.200 or later installed.

The Readiness Checks tab

The Readiness Checks tab

The Readiness Checks tab controls what is run on the Readiness screen when it checks for machine readiness.

The Readiness screen
    • Check Do not start the task sequence if this device is currently storing data captured from another device if you want the WSA to prevent the task sequence from executing if the Nomad agent on the local machine is currently storing user data from one or more peers.

    • Check Do not start the task sequence if this device is currently serving a boot image to another device if you want the WSA to prevent the task sequence from executing if the local machine is currently serving a boot image to a peer.

    • Check Do not start the task sequence if this device is currently running on battery if you want the WSA to prevent the task sequence from executing if the local machine is currently running on battery.

The Connection tab

The Connection tab

The Connection tab controls whether users can execute the deployment on a wireless connection and if they need to provide their VPN or wireless connection details.

The Connections screen

Note

From Shopping 6.0, WSA will attempt to prepopulate the Wifi password field from the user's Wifi profile. If the password cannot be retrieved the field will remain blank and the user will need to enter the password manually.

  • Check Require user enter VPN credentials if the task sequence includes a step to establish a VPN connection that requires user credentials.

    Note

    If this option is enabled, when the WSA runs, if the user selects remote location (i.e. not in the office) they will be required to enter their VPN credentials. When the task sequence executes the WSA Initialize step, these credentials are stored in the 1EWSA_VpnUserName and 1EWSA_VpnPassword Task Sequence Variables.

  • Check Allow deployments over WiFi if you want users to be able to execute the deployment over a wireless connection. This option requires the use of a USB device and is available whether you are connected remotely over WiFi or are in the office and connected to the network over WiFi.

  • The Require user enter SSID and password option is only enabled if Allow deployments over WiFi is checked. Check this option if the task sequence includes a step to establish a wireless connection that requires the SSID and password to be provided.

    Note

    If this option is enabled, when the WSA runs it will prompt the user to select a WiFi SSID (from those currently available) and enter the password. When the task sequence executes the WSA Initialize step, these credentials are stored in the 1EWSA_WifiSsid and 1EWSA_WifiPassword Task Sequence variables.

The Location tab

The Location tab

The Location tab controls is displayed for the user to tell us where they are initiating the deployment. If you choose to hide the Location page you must specify the location users will see, either Office or Remote.

The Location screen
Why can't I see the Location screen?

You will not see this screen if:

Other operational errors

Exceptions on Completion screen and how to fix them

Error code

Likely causes

Remedial action

0xA0070700

The task sequence failed to start.

This is not likely to happen happen unless the Windows Management Instrumentation (WMI) is corrupted. If this happens, get the user to rerun the deployment.

Error is displayed on the Completion screen as follows:

  • Something went wrong with the deployment. Please contact your local administrator.

0xA0070701

SCCM execution history is missing.

Check the status messages in Configuration Manager for the task sequence deployment as well as the ExitCode in the WSA execution history for the Task Sequence package id ( HKEY_LOCAL_MACHINE\SOFTWARE\1E\WSA\TSExecutionHistory\TSPkgID)

Error is displayed on the Completion screen as follows:

  • Something went wrong with the deployment. Please contact your local administrator.

0xA0070702

WSA execution history is missing – most likely cause is that the task sequence failed in WinPE.

Check the status messages in Configuration Manager.

Error displayed on the Completion screen as follows:

  • Something went wrong with the deployment. Please contact your local administrator.

0xA0070703

Unable to establish a WIFI connection.

Get the user to run the deployment again with the emphasis on providing their correct connection credentials – on the Connection screen, click Reveal to check the accuracy of the password they entered.

Error displayed on the Completion screen:

There was a problem connecting to the WiFi network. Please rerun the Assistant and ensure that the WiFi connection details are entered correctly

0xA0070704

Unable to establish a VPN connection.

Get the user to run the deployment again with the emphasis on providing their correct connection credentials – on the Connection screen, click Reveal to check the accuracy of the password they entered.

Error displayed on the Completion screen:

There was a problem connecting to the VPN. Please rerun the Assistant and ensure that the VPN connection details are entered correctly

0xA0070705

WSA execution history is invalid.

Contact 1E Support for assistance for assistance.

Error displayed on the Completion screen as follows:

  • Something went wrong with the deployment. Please contact your local administrator.

A masterclass in creating a Wipe and Load (Destructive) WSA Deployment Application

Your browser does not support the HTML5 video element