ConfigMgr OSD FrontEnd

ConfigMgr OSD FrontEnd has been developed with the goal to function in any environment, making the native operating system deployment experience with System Center Configuration Manager more unified and easy to use. A frontend provides a graphical user interface for the common tasks that administrators and help desk personnel struggles with on a day to day basis using various custom made solutions.

This software requires the ConfigMgr WebService to function properly. For more information about how to download and install ConfigMgr WebService, visit the following page:

ConfigMgr WebService

New features and improvements

  • New Security section is now available that allows for setting a BitLocker PIN.
  • Re-ordering of sections / tabs is now supported and configured through the application setting called ApplicationTabsOrder. Read more about this new feature further down in this document.
  • A change has been made in the core structure of how the frontend is handling the TS Environment. From this version and onwards, whenever the frontend detects an event that changes or sets a desired value for a TS Environment variable, it’ll now be set immediately instead of like it was previously handled where all gathered TS Environment data would all be configured when the Apply button was clicked. This new change together with the section ordering, allows for a more dynamic and automated computer naming configuration using the ComputerNameFromScript application setting allowing the SetComputerName.ps1 script to tap into the TS Environment and read variable configuration data already set by for instance a selection made from the Regional section (assuming it’s been configured to be above the Computer section).
  • Harddisk section now includes a feature to completely clean a selected disk. Additionally, sorting by disk number is now default.
  • Logging in the frontend have been improved in this version and will continue to be improved in the future. Additionally, you can now open the log file directly from within the Admin panel.
  • Support for reading manufacturer and model data from Intel NUC hardware.
  • User section now support automatic user device relation configuration for existing relations between a computer and a device if there’s currently a single relation detected for the current device.
  • Directory section has been improved and now has its own DirectoryConfig.xml which supports multiple domain selection.
  • Roles section now supports default selection for type and selected role (if it’s available) all configurable with two new application settings.

Bug fixes

  • When ComputerNameLock was set to True and an existing computer name could not be detected from ConfigMgr or the MDT database, the computer name field would be left blank with no possibility to enter a name manually.
  • When ComputerNameLock was set to True and ComputerNameByScript set to True as well, clicking the Validate button would re-enable the computer name field.
  • User section data grid showing any existing user device relation would populate the same entries multiple times when switching section and entering the User section again.
  • Application would crash if SetComputerName.ps1 script returned an error instead of a string.
  • Selected OU field in the Directory section would not show the complete path as the text field was wrapping the content.
  • In a 32-bit boot image, cmtrace.exe would attempt to be opened from the x64 folder instead of the correct i386 folder.

New application settings

  • UserAutomaticallySetPrimaryUser
  • ApplicationTabOrder
  • SecurityBitLockerPINLength
  • IsSecurityEnabled
  • RoleSelectedRole
  • RoleSelectedType
  • DirectoryConfigFileLocation

Deprecated application settings

  • DirectoryDNRoot
  • DirectoryDomainName

Bug fixes

  • Fixed a bug when the ComputerNameFromCM application configuration setting was set to True, causing existing user relations in the User section not to load.
  • Improved the unknown computer object detection, that previously required the end user to enable a slider control, by now showing a message box with a remove button that’ll remove the object and allow for task sequences to be shown in the drop down menu.
  • New Harddisk section that allows for selecting what hard-disk the operating system image should be installed to. This section detects all available physical disks on the system and displays them in a datagrid.
  • Authenticate section has been improved to support an Enter keystroke that triggers the Log in button without manually clicking it. In addition, this section now includes a new feature that counts the amount of remaining login attempts. When the specified amount of failed login attempts is reached, the frontend will display a message and then shutdown causing the system to restart.
  • Authenticate group box is now called User authentication instead of previous Windows authentication, this change was introduced for a more convenient end user experience.
  • Preflight section has been improved and now features a datagrid showing either red or green depending on the state of each check that has been enabled. This change aligns better with the overall design of the frontend and supports for future additional checks to be added without a graphical change in the controls used. In addition, a new application configuration setting is added to allow for automatically bypassing the Preflight section if all checks passed.
  • Application section has been improved and now supports specifying if a whole group of applications should be pre-selected in the frontend. Additionally, configuring individual mandatory and/or pre-selecting applications is now included in the AppConfig.xml. This removes the requirement of specifying mandatory apps in the OSDFrontEnd.exe.config file and can more dynamically be handled like with the other XML configuration files on a remote server. With this change, the AppsMandatory and AppsMandatoryLock application configuration settings are now deprecated and should not be used from this version and onward.
  • A new application configuration setting named DirectoryDNRoot has been added to specify the starting distinguished root for the Directory section.
  • A Refresh button has been added to the Directory section to re-load the directory data from the domain controller.
  • Computer section label next to the computer name field has been changed to Name of the computer.
  • New computer details have been added to show status for TPM ownership, if the TPM chip is enabled and if it’s activated.
  • When the computer name is being validated against Active Directory, if an object with the specified name already exists, the description of that object is displayed in the message that appears.
  • The main progress bar is now shown when the frontend is loading task sequence details, this was not the case in previous versions.
  • Improved the button style layout for the fly-out admin mode to align with other button styles used in the frontend.
  • Added a Refresh button for the Regional section to re-load the XML configuration from RegionalConfig.xml.
  • Improvements to the XML load behavior of the frontend has been made. If there’s a parsing error or file missing or not found issue, an error message is displayed.
  • Fixed an issue where the frontend would crash if the Directory section was enabled and the user would click on the top-level domain name in the tree view.
  • Fixed an issue where the frontend would crash if the wrong password for an user was entered in the Authenticate section.
  • Fixed an issue where the computer name would not be retrieved from ConfigMgr when the computer entry was manually imported using the MacAddress identifier.
  • Fixed an issue where the Application section would show retired applications.
  • Fixed an issue where the keyboard layout was not loaded quick enough and would populate with a value a few seconds after the frontend was visible to the end user.
  • The following is a list of the new application configuration settings that have been added in this version:
    • IsHarddiskEnabled
    • HarddiskAutoContinue
    • PreflightCheckSuccessContinue
    • DirectoryDNRoot
    • DirectoryDomainName
    • AuthenticationMaxLoginAttempts
    • AuthenticationMaxAttemptsTitle
    • AuthenticationMaxAttemptsMessage
  • These application configuration settings have been deprecated in this version:
    • AppsMandatory
    • AppsMandatoryLock
  • New Directory section has been added with a tree view of all organizational units available in the domain where the ConfigMgr WebService is installed. Control whether this section is shown by setting IsDirectoryEnabled to True. Selecting an organizational unit in this section adds the distinguished name to the task sequence variable specified in DirectoryOUVariableName, default using the OSDDomainOUName variable.
  • When validating computer names, a message prompt with validation results are now shown instead of the previously colored outline of the text.
  • When validating a computer name, support for multiple domains are now available. This is handled backend in the ConfigMgr WebService.
  • Fixed a bug that would cause the Previous and Next buttons to be shown even though that the pre-flight checks were not successfully passed.
  • New Custom section is added to the frontend. This section is intended for building custom task sequence variables based upon either their existence or a value that is manually set in the frontend.
  • Computer name text field can now be locked using the ComputerNameLock application configuration setting with a value of True.
  • Fixed a bug in the Authenticate section that would give an error like “The server cannot handle directory requests.””. Extended PowerShell script for auth with [System.DirectoryServices.AccountManagement.ContextOptions]::Negotiate if failed without”.
  • Frontend will now show an error message if IsAuthenticationEnabled is set to False and DeployRestricTaskSequenceSelection is set to True. This is to prevent misconfiguration in the OSDFrontEnd.exe.config file when the frontend has been configured to restrict the shown task sequences, but authentication has not been enabled, which is a requirement for that feature.
  • Fixed an issue that would cause the frontend to crash when multiple elements existed in the RegionalConfig.xml file that contained the same Name attribute value.
  • You can now customize the text for the Apply button using ButtonApplyName.
  • The authenticated user in the Authenticate section is now stored in task sequence variable named OSDAuthUser.
  • A new data grid is added to the Deployment section showing the selected task sequence details like description and more.
  • Fixed an issue in the User section where the value of SMSTSUdaUsers was not set correctly.
  • User section text field now has an increased length of characters. This was previously 15 and has now been set to 20.
  • A new application configuration setting named AppsMandatoryLock has been added, allowing for applications specified in the AppsMandatory setting to be de-selectable. With this new feature you can automatically pre-select applications in the Apps section but allow for the end-user to deselect them.
  • You can now group select multiple applications in the Apps section with a single click in addition to that applications are alphabetically sorted. New icons have also been added to each item in the tree view.
  • Due to some minor design changes, the logo size has been modified and is now 353 x 136 px.
  • Combo boxes throughout the frontend has been limited to show within the bounds of the application.
  • This version brings a new user interface with many improvements that allows for instance the Regional header name to be 12 characters instead of 8. The overall layout of the frontend now has the menu on the left side instead of at the top. Sections now allow for more settings to be added including more menu sections for future releases.
  • For the Computer section there’s a new Validate button that performs an Active Directory computer object lookup to see if the specified name already exists.
  • A new section named Authenticate have been added providing the capability to authenticate a user in Active Directory. User name, password and domain name are used in combination to securely and encrypted validate the user if he or she is a member of a specific Active Directory group. Members of the group that is configured in the application settings for the frontend application are allowed access to continue with the deployment. Each login attempt through the frontend is logged in the event log for the frontend.
  • Visible task sequences in the drop-down menu for the Deploy section can now be restricted based upon Active Directory group memberships. This require additional configuration and only works when the Authenticate section is enabled, so see the detailed instructions further down in this document for how to use this new capability.
  • For the Apps section, there’s quite a few changes made in this version. Instead of requiring additional deployments for applications to show up in the frontend, applications being shown in the tree view are now based on a new XML file named AppConfig.xml that defines the folder structure and the administrative category in Configuration Manager associated with a folder. This change allows for a custom folder layout within the tree view and easier management of what applications are shown. Apps section is now also loaded directly when the frontend has started.
  • In the User section, it’s now automatically loads the existing UDA relations for the device when there are any available. They’re shown in a data grid similar to what’s used for the Roles section. It’s also possible to clear these existing relations, for scenarios like when the device is re-assigned to another user.
  • FirmwareType and BIOS version properties have been added to the Computer Details.
  • Aspect propertions for the logo.bmp file is now 160x90px.
  • There’s a new application setting named ComputerDetectionType that controls the property used from WMI when the frontend is attempting to identify the computer it’s running on. Previously, this was hard-coded for the UUID (SMBIOS GUID), but it can now be set to the MacAddress also, if needed.
  • xml file has been renamed to RegionalConfig.xml to follow the same naming standard as the rest of the XML files loaded by the frontend.
  • Sample code for running DaRT is now available in the PrestartCommand.ps1 file.
  • An error is now shown when the Apply button is clicked, but there’s no task sequences selected.
  • All referenced assemblies that previously was external to the frontend are now embedded in OSDFrontEnd.exe.
  • Removed application settings from the OSDFrontEnd.exe.config file:
    • AppCollectionID
    • HeaderText

Update 2017-09-27 – Download package updated to address the ‘Empty path name is not legal’ issue reported.

  • ConfigMgr OSD FrontEnd now supports running a single command while the splash screen is shown and before the frontend loads. While this prestart command may only seem to support a single command being executed, it’s designed to support executing PowerShell that could be leveraged to run additional commands inside a PowerShell script file.
  • When the splash screen is shown, a new functionality is added to this phase of loading the frontend. While loading, the frontend will now wait for an active network connection for any WiFi or Ethernet adapter.
  • In previous versions, you could not use ConfigMgr OSD FrontEnd as a prestart command for USB boot media. This has now been fixed, and the error that occurred when clicking the Apply button is now gone, and the frontend is now capable of logging correctly.
  • ConfigMgr OSD FrontEnd and ConfigMgr WebService version information is now shown in the flyout menu.
  • In addition to the check running after the splash screen is shown whether the ConfigMgr WebService is reachable, another check is introduced in this version that validates the minimum required version of ConfigMgr WebService is being used.
  • SerialNumber property from WMI is now shown in the details panel (expandable) under the Computer tab.
  • A bug to the control showing the operation details above the progressbar has been addressed. Some messages were cut off due to insufficient space set for the control.
  • The check that runs to verify that ConfigMgr WebService is reachable, used to have a timeout of 2 seconds. This timeout has been increased to 10 seconds from this version and on wards.
  • When using the frontend in a Configuration Manager hierarchy that contains a Central Administration Site with multiple Primary Sites, the hardcoded resource ids for Unknown Computer x64/x86 records caused the software to crash. This has been fixed in this version by querying the TSEnvironment for _SMSTSUnknownComputer[x64/x86]Guid variables to get the proper values.
  • 2 new application configuration settings, DebugUnknownComputerX64ResourceID and DebugUnknownComputerX86ResourceID have been added to support the debug operational mode to list task sequence deployments for unknown computers.
  • Required version of ConfigMgr WebService is now at least 1.3.0 or higher, for the frontend to fully function.
  • Fixed a bug when the ComputerNameFromScript application configuration setting failed to determine the location of the SetComputerName.ps1 script file.
  • Fixed a bug where no task sequence deployments would be listed for Unknown computers when using the ConfigMgr WebService 1.2.1.
  • From this version and onwards, the ConfigMgr OSD FrontEnd will be signed with a code signing certificate.
  • Latest supported version of the ConfigMgr WebService will from this version and onwards not be included in the package. A separate download of the web service is required.
  • Added an application manifest file to require elevated privileges when the application is executed.
  • Logo for executable changed to branding.
  • Improvements when setting the PowerShell execution during the splash-screen, now shows a message popup box with any errors or warnings that might occur when changing the execution policy (this message box will not cause the application to terminate once it has been acknowledged).
  • System.Management.Automation.dll is no longer a required file that needs to be in the working directory of the frontend software. Local assembly will now be referenced instead.
  • New Apps section for application installation, provides functionality to specify mandatory applications including optional.
  • Support for disabling Role, Regional, Apps and User sections. This will not disable the controls inside each tab-page, instead the disabled sections will not be shown at all.
  • Regional section header text can now be renamed by using RegionalTabHeaderText application setting, allowing for a maximum of 8 characters.
  • A welcome screen showing a title and message text, including Continue and Cancel buttons have been added. This message screen could also be utilized as a warning message that the computer is about to be deployed.
  • A splash-screen has been built for the frontend showing different loading stages before the main window appears.
  • Unknown computer objects can now be removed from within the frontend, if detected by the web service. This provides desktop technicians to be able to re-initiate a failed deployment.
  • New preflight check for supported computer models that compares the computer being deployed against a list of supported models located on a web server, configurable via TestSupportedHardwareFileLocation.
  • Frontend will not attempt to format the system volume when running in debug mode and FormatDiskWhenEncrypted is set to True, once the Apply button is clicked.
  • SQL Server related application settings in the frontend has been removed, as they were duplicate to what’s configure for the web service.

Initial release of ConfigMgr OSD FrontEnd.

ConfigMgr OSD FrontEnd provides a rich set of features and has been built with a focus on deployment of unknown devices, but also with the capability to support known devices for re-deployment.

An overview of the features ConfigMgr OSD FrontEnd provides are listed below:

  • Identification of hidden task sequence deployments based upon known or unknown device
    • Support to clear Unknown objects from Configuration Manager
  • Support for Unknown Computer mode in Configuration Manager
  • Computer name configuration
    • Manually enter a computer name
    • Generate computer name by serial number
    • Read computer name from external PowerShell script
    • Detect known device staged in Microsoft Deployment Toolkit and read the computer name
    • Detect known device from Configuration Manager
  • Associate a computer with multiple roles in Microsoft Deployment Toolkit
  • Set native or custom task sequence variables for regional configuration like keyboard layout, OU, time zone and more
  • Installation of mandatory applications and/or available applications
  • Associate a primary user with the device
  • Format hard drive if a volume is detected as encrypted
  • Pre-flight checks
    • Network connection type (not connected to WiFi)
    • ConfigMgr WebService accessibility
    • Power state (see if power adapter is connected)
    • Supported hardware models
  • Customizable color branding of the whole graphical user interface
  • Admin area for access to useful tools when troubleshooting
  • Welcome message with continue or cancel choices


Categories use cookies to ensure that we give you the best experience on our website.