

On the Descriptive Name page, in the Deployment share description text box, type MDT Production and click Next. On the Share page, in the Share name text box, type MDTProduction$ and click Next. On the Path page, in the Deployment share path text box, type D:\MDTProduction and click Next.

In the Deployment Workbench console, right-click Deployment Shares and select New Deployment Share. The steps for creating the deployment share for production are the same as when you created the deployment share for creating the custom reference image:Įnsure you are signed on as: contoso\administrator. Create the MDT production deployment share Perform this procedure on the MDT01 server. You should not use the same deployment share that you used to create the reference image for a production deployment. Step 2: Set up the MDT production deployment share Validated write to service principal name.Scope: This object and all descendant objects.The following is a list of the permissions being granted: \Set-OUPermissions.ps1 -Account MDT_JD -TargetOU "OU=Workstations,OU=Computers,OU=Contoso" Run the following commands from an elevated Windows PowerShell prompt: Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force Next, run the Set-OuPermissions script to apply permissions to the MDT_JD service account, enabling it to manage computer accounts in the Contoso / Computers OU. This script configures permissions to allow the MDT_JD account to manage computer accounts in the contoso > Computers organizational unit.Ĭreate the MDT_JD service account by running the following command from an elevated Windows PowerShell prompt: New-ADUser -Name MDT_JD -UserPrincipalName -path "OU=Service Accounts,OU=Accounts,OU=Contoso,DC=CONTOSO,DC=COM" -Description "MDT join domain account" -AccountPassword (ConvertTo-SecureString -AsPlainText -Force) -ChangePasswordAtLogon $false -PasswordNeverExpires $true -Enabled $true In order for MDT to join machines into the domain you need to create an account and configure permissions in Active Directory.ĭownload the Set-OUPermissions.ps1 script and copy it to the C:\Setup\Scripts directory on DC01.

These steps assume you have The account is used for Windows Preinstallation Environment (Windows PE) to connect to MDT01.
#Microsoft toolkit for windows 10 how to#
These steps will show you how to configure an Active Directory account with the permissions required to deploy a Windows 10 machine to the domain using MDT. Step 1: Configure Active Directory permissions HV01 used to test deployment of PC0005 in a virtual environment.įor details about the setup for the procedures in this article, please see Prepare for deployment with MDT. MDT01 and PC0005 are members of the domain for the fictitious Contoso Corporation.
