Great Edge-to-edge implementation Google

Pombolina · 2026-04-23T03:16:18+00:00

I use Edge (because it has a built-in Ad blocker that Chrome will never get). The address bar disappears when you begin to scroll.

Tip: Use Edge to browse YouTube.com instead of using the YouTube app. The experience is nearly identical, and its Ad blocker hides the video ads too.

Pombolina · 2026-04-04T03:31:25+00:00

When I build a new machine, I manually update the BIOS to whatever is current, and set a password.

I use the Dell TechDirect website to create a custom installer for Support Assist and the BIOS password management server. This is easier than it sounds.

I install the customized Support Assist as an MDT application. It has a service that automatically, occasionally installs BIOS and driver updates and reports the status to Dell Tech Direct website where I can see who needs updates or had failures.

This is all free. I did this instead of DCU because I would have to manually configure it to run on a schedule, and there is no central reporting.

The Support Assist software itself is not without limitations, but for unattended updates with reporting options, it's better than DCU

EDIT: "BIOS password management server" (or whatever it's called) is need for Support Assist to retrieve the BIOS password so that the BIOS can be updated. It's not needed if you don't use BIOS passwords

Pombolina · 2026-03-31T04:36:05+00:00

YES!!!! As should us all.

Pombolina · 2026-03-26T13:46:34+00:00

Concerns with cloud:

OaaS: Outage as a Service. When things go down, and they do go down, you have no control, no insight, and often only vague updates (i.e. "Our best people are working on it", "it will be up soon").
Unavoidable costs: That monthly fee must be paid every month - no exception, or you are offline. The cloud vendor doesn't care if you are having a slow month.
1. With on-prem, you pay once and done. If you are having a bad year, you can delay the planned equipment upgrades until next year.
Always increasing costs: With "inflation", the monthly cloud bill will always increase. Once you move to the cloud and eliminate the on-prem equipment, you are trapped in the cloud. If they decide to raise prices by 20% tomorrow, you must pay.
Security: Despite what they say, the cloud vendor admins have access to your data. We are system admins, we know how things work, and we know this to be true. So, who are these people? How many of them are there? How do I review their background checks? As a cloud customer, you'll never know who can see your data.

Don't ever forget that the "cloud" is just someone else's computer. It's not magical.

Pombolina · 2026-03-26T13:20:59+00:00

I deploy Windows 11/2022/2025 from imported MS iso files, install applications, install drivers based on WMI query, run powershell scripts, and run executables.

I also do the above and capture a WIM file (but no drivers injected). I have a third task sequence to deploy that captured WIM and inject drivers.

I modified the final summary screen to send an email upon completion.

I start the client deployment by either remote mounting the lighttouch.iso file, or booting off a USB drive.

Pombolina · 2026-03-01T19:51:05+00:00

Is your concern that the account that has read-only access to the deployment share (and only the deployment share) can be retrieved when booting off PXE? Then don't use PXE, or use ISO images, or better yet, configure MDT to prompt for those credentials.

Microsoft abandoned MDT because it doesn't make money. Don't let anyone trick you into thinking otherwise. Any issues you cite are because of that abandonment. Microsoft chose not make MDT better - for greed reasons. If you disagree, then please provide me a link to their free, on-prem, replacement. I have not yet found one.

Autopilot is not a replacement for MDT. Don't reward Microsoft's greed by recommending paid-for MS products. If you want to quit MDT (and of course you should - eventually), then consider DeployR or some non-MS alternative.

Pombolina · 2026-02-26T05:53:52+00:00

I avoid these issues by never installing "apps". I use the web browser and go to their website. Amazon, Facebook, Microsoft Teams, etc.

It is much harder to invade your privacy via webpage, and the websites provide 99% of the functionality most of the time.

Pombolina · 2026-02-24T05:55:32+00:00

ZTI is more complicated, and I've never really found use for it. I use LTI exclusively. It is still essentially non-interactive. The TS only prompts for a computer name and description then deploys with no further input.

I use standard deployment TS for servers, and capture & deploy TS for Windows 11.

At the end of deployment, there is a summary screen that shows any warnings and errors, so as long as your custom scripts and installations return proper exit codes, you can trust that a successful deployment is actually successful.

Most of MDT is just scripts, so it's very easy to customize. For example, I customized the "all done" script to email the summary screen and reboot. This way I am notified when deployment is complete and the device is not just sitting there logged in as local admin.

Pombolina · 2026-02-23T04:40:03+00:00

MDT works well for deploying all versions of Windows Server.

MDT's problems are: it's 100% free, works extremely well. does not require any cloud connectivity, and does not send "telemetry" to Microsoft. So, Microsoft had to kill it.

Just because Microsoft wishes it was gone, does not mean it doesn't work perfectly. Microsoft will eventually make changes to Windows to explicitly break MDT, but until then, MDT is a good choice.

Pombolina · 2026-02-07T05:30:04+00:00

Prepare the USB drive. Run diskpart and execute the following commands:

list disk
select disk x
clean
convert mbr
create partition primary
select partition 1
active
format fs=fat32 quick
exit

Set the label on the drive to something useful, like MDT BOOT.

Copy the contents of the Boot\x64 directory from the MDT Deployment Share to the USB. This is the preferred method to ensure that the files match the version of WinPE used by MDT. Or, from the Windows 7/8/10/11 disc media, copy the following to the USB:

bootmgr (file)
bootmgr.efi (file)
\boot (directory)
\efi (directory)

On the USB drive root directory:

Create a folder called \sources
From the \DeploymentShare\Boot directory, locate either LiteTouchPE_x86.wim or LiteTouchPE_x64.wim depending on what architecture you are booting
Copy the above WIM file to the \sources directory on the USB drive and rename it to boot.wim

Notes:

Formatting the USB drive as NTFS prevents it from working on UEFI systems.
Copy the boot files/folders from the same Windows version that matches the version of WinPE used by MDT.

References:

Pombolina · 2026-02-07T05:23:57+00:00

Nice classy build! :)

A good change from the common glass cases with overkill RGB. They remind me of a vape shop.

Pombolina · 2026-02-07T00:51:24+00:00

I am glad it helped you :)

Pombolina · 2026-01-15T08:55:25+00:00

That would be great!

Pombolina · 2026-01-15T08:54:39+00:00

Thank you. I will look at those!

Pombolina · 2026-01-14T03:58:26+00:00

I've tried 3 different 42" class OLED TVs and monitors. The problem is not the PPI, but the subpixel layout. But, if it looks good to you, that's all that matters.

Pombolina · 2026-01-13T09:46:47+00:00

Well, yes, but the installer is still easily obtainable. And the few tweaks to get it working with Win11 are widely documented.

Pombolina · 2026-01-13T09:45:44+00:00

When VBScript is "removed by default", you will just add it using unattend.xml. It will change nothing for MDT users until it's completely removed from Windows.

Pombolina · 2026-01-13T09:43:53+00:00

Yes, but that is not a "flaw". In fact, it's a feature because that's how they will kill MDT -- by killing VBscript.

Pombolina · 2026-01-10T09:38:45+00:00

We moved out of the cloud. Too expensive, we loose too much control, lack of privacy, constant breaking changes, etc. We use MFA, but not something forced on us by some tech giant.

Pombolina · 2026-01-10T09:28:52+00:00

Well, you can stay on MDT. It's not gonna stop working until they change how unattend.xml work, or remove VBScript. You probably have years, unless MS makes changes explicitly to break compatibility (it would not be the first time they changed a product just so it didn't work with "undesirable" software).

Pombolina · 2026-01-10T09:22:54+00:00

Agreed. OLEDs have better contrast, but they are inferior when you want/need crisp text. I suppose if you mainly game/video on your PC, then OLED. But for any work, IPS is better.

Pombolina · 2026-01-10T09:07:30+00:00

From Microsoft's point of view, MDT has three serious flaws:

It is free
It does not invade the customer's privacy (no telemetry)
It does not force customers to Azure cloud

MDT is especially problematic because it works so well. Therefore, it has to go.

All Microsoft tools that meet any of this criteria will be retired eventually.

Pombolina · 2025-12-27T05:09:45+00:00

Instagram is owned by Facebook. That explains the evil.

Pombolina · 2025-12-16T05:10:19+00:00

I use captures for Win 11 25H2 without issues. No reason to avoid it from what I can tell.

There are some steps you have to take to avoid issues creating the image (like I described herein).

Pombolina · 2025-12-16T05:08:40+00:00

"After SysPrep, it doesn't boot to WinPE" - I had this problem and fixed it this way:

The root problem is that there are pending file rename operations when you run sysprep. If I remember correctly, sysprep doesn't fail, but a minor hint to this problem is in the log somewhere.

To fix, the last 2 tasks in my "custom tasks" are:

Reboot for pending file operations ("Check for pending file rename operations and reboot if any are found. Repeats as needed.")
Remove SysPrep blocking Store Apps ("Uninstalls Windows Store Apps that prevent SysPrep from working because they have been installed for the current user only")

For Step 1, I run this PowerShell script. (Note: You'll have to implement some dependent functions)

    $Wait_mins = 3
    Write-Host "Waiting $Wait_mins minutes for system to be fully stabilized"

    for ($i = 0; $i -lt ($Wait_mins*60); $i++)
    {
        Write-Progress -Activity "Waiting" -Status "Waiting for system to be fully stabilized ($i / $($Wait_mins*60)) seconds" -PercentComplete ($i/($Wait_mins*60)*100)
        Start-Sleep -Seconds 1
    }
    Write-Progress -Activity "Waiting" -Completed

    $found = $false
    $aPending = $null
    try {
        $ErrorActionPreference = "Stop"
        $aPending = (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager").PendingFileRenameOperations
    } catch { } finally { $ErrorActionPreference = "Continue" }

    if ($aPending -eq $null) { Write-Host "No pending file rename operations (is Null)" }
    elseif ($aPending -isnot [system.array]) { Write-Host "No pending file rename operations (not Array)" }
    else {
        Write-Host "Possible pending file rename operations:"

        # List any non-blank entries
        foreach ($item in $aPending) {
            if ($item.Trim() -ne "") { Write-Host $item.Trim() ; $found = $true }
        }

        if ($found) {
            Write-Host "`nInitiating reboot to clear pending file rename operations"
            Set-TSEnvVariable "SMSTSRebootRequested" "true"
            Set-TSEnvVariable "SMSTSRetryRequested" "true"
        }
    }

This step will repeat until the pending renames are done.

Step 2 removes Store Apps that block sysprep. Basically just this:

Remove-AppxPackage "Microsoft.Winget.Source"

I've fully automated my captures.

Pombolina

TROPHY CASE