I tried to run the USB creation from pwsh 7 but then I never get the AutoPilot / Intune sign-in and profile selection to work. It just skips the admin login and profile selection and continues reporting that the json file does not exist. But it works if I run the Publish-ImageToUSB from an admin Windows Powershell 5.1 prompt.
As this seems to differ from your clip running the process from pwsh 7 there must be something I am missing on my machine?

In my case, the fix for 'System.Security.Cryptography.SHA256Cng' error was not enough.

Luckily, when I installed all of the following modules it worked out.

• WindowsAutoPilotIntune
• Microsoft.Graph.Intune
• MSAL.PS

Yet still receiving an index error with install.wim.

Grabbing Autopilot config file from Azure..
WARNING: Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.

I've tried to research this a lot, but only found that AzureAD doesn't work with Core versions of Powershell. Is there any solution to this?

Hello,
The script run and pass the step "Grabbing Autopilot config file from Azure.." without any window to login and select profile.
Original command was:
Publish-ImageToUSB -winPEPath "https://githublfs.blob.core.windows.net/storage/WinPE.zip" -windowsIsoPath "C:\Users\me\Downloads\Windows10-Enterprise.iso" -getAutopilotCfg
Any clue ?
Thank you

Anyone managed to create a autopilot bootable USB on this new image?

Every time I create it and try boot It I get the below 4 options and none of them work options 3 and 4 destroy the USB and don't install anything.

IMAGE DEPLOY
1: Exit
2: Wipe USB
3: Install Windows 10 and KEEP USB ## !!! Destructive !!! ##
4: Install Windows 10 and DELETE USB ## !!! Destructive !!! ##

I get a Fatal Error message. Any help would be greatly appreciated.

Thanks,

Writing Autopilot to USB..

WARNING: You cannot call a method on a null-valued expression.

Grabbing provision script from GitHub..
WARNING: Could not find a part of the path 'D:\scripts\Invoke-Provision.ps1'.

Hi, I'm trying to automate the creation of new USBs in my company with your tool with a pipeline, but in order to do that, I need to pass the Image Index and the Partition as parameters. This is very useful to not be dependent on anyone's computer to build new USBs.

Hello, I'm getting this error when trying to boot a device from the provisioned stick.

"Error while getting DeviceId of potiential Windows target drives"

Any knowledge of this issue?

I've gotten this to work on some of our hardware, but I'm wondering if a 64 GB SSD isn't large enough to hold the image this creates, as I seem to be getting this message on those devices when imaging the drive:

Setting up partition table..
Fatal error. System.Runtime.InteropServices.SEHException (0x800004005): External component has thrown an exception.

After throwing this error, the USB drive is unusable and has to be recreated. That may not be related, but I found it interesting.

I'm new to this, but it seems to be working for my devices with newer devices with larger drives, but our environment has a mix of sizes.

Any insight is appreciated. This project is just what our team needs, so thanks for the great work.

Is it mandatory to have the enrollment restrictions set to allow personally owned devices to enroll for the autopilot enrollment part to work? Seems like it fails with an 80180014 error if personally owned devices are blocked.

Hi,

I still have the same issu #23 with the usb, after the script was updated in #22

is there anything i can do to help with the troubleshootng?

As pre may-23 windows will stop working when UEFI updates are applied (KB5025885), an updated winPE is needed.

https://learn.microsoft.com/en-us/windows-hardware/get-started/adk-install#download-the-adk-for-windows-11-version-22h2

I got the following error while trying to run Intune USB Creator on an Lenovo e14 ITL.
Error while getting deviceid of potential windows target drives

The Get-DiskToUse function is listing my main hard drive as an option. After digging in as to why, my hard drive bustype is set to RAID. The function only filters out SATA and NVMe. The line below should be changed.
//From
$diskList = Get-Disk | Where-Object { $_.Bustype -notin @('SATA', 'NVMe') }
//To
$diskList = Get-Disk | Where-Object { $_.Bustype -notin @('SATA', 'NVMe', 'RAID') }
//Or for USB only
$diskList = Get-Disk | Where-Object -FilterScript {$_.Bustype -Eq "USB"}

Thank you for your time.

We have Lenovo T14's and the network drivers do not load with Windows 10. Do I have to add the drivers to the .iso?

The code works fine on my old computer, however I get the following error on the new computer.

I have checked all the pre-req and execution policy is set to unrestricted.
Can you please help?

Hi,

we have an issue when we deploy the Windows 10 Image (21H1), 0x800705b4 securing your hardware, we have search for this ssue and it's appear that TPM issue, we are in TPM 2.0, the chip was cleared. If you have any idea to help us ?

Other asking, what king of profil we have to set in Intune, a SelfDeploy or User deploy, hybrid deploy will works ?

Thanks for helping us.

BR

Been trying to use the Intune USB Creator but every attempt on diferent systems and hardware fails after the message 'Install.wim found on drive E:' with a WARING: FAILED message

Using latest veersion

Here's the command used to built the USB on a 20Gb VHDX

Publish-ImageToUSB -winPEPath "https://githublfs.blob.core.windows.net/storage/WinPE.zip" -windowsIsoPath "M:\OSDBuilder\OSBuilds\Multilang NLUS 2009 NetFX3 19042.746\ISO\Win10 x64 2009 19042.746.iso" -getAutopilot
Cfg

Here's the recursive directory information for the image partition

Here's the error

I've tried different options...

HP EliteBook 820 G6 with a USB stick build with USB creator - Fail
Hyper-V virtual machine with two disk attached as per your example - Fail (running on Windows Server 2016)
Hyper-V virtual machine with two disk attached as per your example - Fail (running on Windows Server 2019)

Everything needed is on the two partitions and to rule out an error in my custom install.wim I also tried with the install.wim from the ISO's available from the Microsoft Visual Studio Download site. Used 1909 and 20H2 in UK English and both failed as well

Sort of a debug attempt

and the last part

content of imageIndex.json

{
"PSComputerName": "localhost",
"RunspaceId": "cbbe17e9-506e-4205-bc0f-e657f3b36412",
"PSShowComputerName": false,
"ImagePath": "C:\Users\MARCEL~1\AppData\Local\Temp\Win10\Images\install.wim",
"ImageName": "Windows 10 Enterprise",
"ImageIndex": 1,
"ImageDescription": "Windows 10 Enterprise",
"ImageSize": 17346414256,
"LogPath": "C:\Windows\Logs\DISM\dism.log",
"ScratchDirectory": null,
"LogLevel": "WarningsInfo"
}

Intune.USB.Creator was used on Windows Server 2016 and Windows Server 2019 both with the same results.

Hi When follow the instruction running this on hyperv as per the youtube video i keep getting the following error:

call c:\scripts\main.cmd
setting power policy to 'high performance'..
WARNING: The request is not supported.

Thanks in advance and I appreciate you creating this.

Hi,

After creating the USB and pluging it in to multiple laptops. i get a warning: The request is not supported.

this happens when setting the power policy , we have fixed this by editing the invoke-provision.ps1 file:

        switch ($powerPlan) {
            PowerSaver {
                Write-Host "Setting power policy to 'Power Saver'.." -ForegroundColor Cyan
                $planGuid = "a1841308-3541-4fab-bc81-f71556f20b4a"
            }
            Balanced {
                Write-Host "Setting power policy to 'Balanced'.." -ForegroundColor Cyan
                $planGuid = "381b4222-f694-41f0-9685-ff5bb260df2e"
            }
            HighPerformance {
                Write-Host "Setting power policy to 'High Performance'.." -ForegroundColor Cyan
                $planGuid = "8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c"
            }
            default {
                throw "Incorrect selection.."
            }
        }
        Invoke-CmdLine -application powercfg -argumentList "/s $planGuid" -silent
    }
    catch {
        Write-Host $_.Exception.Message -ForegroundColor Red

after this edit, the usb continued to the next step.

but at the setting install.wim location
we got the another Warning: The request is not supported.

USB has been built successfully

Hey This is great stuff! I really dig this!

Although i had this running at one point successfully (using vanilla ISO from Microsoft), I am now running into a weird issue here unfortunately when using a sysprepped version of a wim file.

I am getting a "Could not find a part of the path 'W:\Windows\Provisioning\Autopilot\AutopilotConfigurationFile.json' when trying to inject the AutoPilot Configuration File...

Error at Line 433 of the invoke-provision.ps1 script...

Any suggestions here?

Thanks!

I can't seem to figure out why I continue to get a warning when attempting to pull the install.wim from my windows iso. I have tried a few isos and different pcs and continue to get "waring: an error occured while downloading the resource"

Thank you so much for your help. I'm a powershell rookie and trying to pick this up.

When passing the diskNum flag to the Publish-ImageToUSB command, it still asks me to select which disk to use.
The following line in the "Get-DiskToUse" module should probably be updated
// From
$diskNum = Read-Host -Prompt "$table`Please select Desired disk number for USB creation or CTRL+C to cancel"

// To
If(!$diskNum){
$diskNum = Read-Host -Prompt "$table`Please select Desired disk number for USB creation or CTRL+C to cancel"
}

PowerShell 7.0.3
Intune.USB.Creator Module 1.0.1.312

When creating the USB, I am seeing the following warning message.

Grabbing Autopilot config file from Azure..
WARNING: Could not load file or assembly 'Microsoft.IdentityModel.Clients.ActiveDirectory, Version=5.0.5.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'. Could not find or load a specific file. (0x80131621)

After imaging the device, it looks as if it wasn't autopiloted. The sign in screen is the traditional "Sign in with Microsoft" instead of "Sign in with ORGNAME".

As there are no Discussions here I am asking that question as an issue. I hope that this is okay.

Your Tool works awesome for a USB Drive provisioning! Thanks for that.
I tried to use these WinPE files for provisioning windows via PXE Boot, unfortunatly the script ends because it "cant detect the USB Drive letter" which makes sense.
Do you have any plans for supporting a PXE setup? If not I will try to go through your powershell files and find my not beautiful way to do this 🗡️

Thanks in advance!

Hello,
Thank you for your hard work, it's a pretty nice tool !

As improvement, it could be great to check size of USB devices before letting select one,
So, we avoid errors due to USB device not meeting minimum space requirement.
An prevent us if it doesn't meet expectation :)

Thank you

I am now getting a warning every time i try to build the USB.. just started happening a few days ago..

Grabbing PWSH 7..
VERBOSE: Destination: I:\scripts\pwsh
VERBOSE: About to download package from 'https://pscoretestdata.blob.core.windows.net/v7-1-0-daily-20200709/PowerShell-7.1.0-daily.20200709-win-x64.zip'
WARNING: Response status code does not indicate success: 404 (The specified resource does not exist.).

Seems like w/o this part working, the USB is a dud...

Is this happening to anyone else?

any suggestions on a fix?

Thanks!

in the scripts directory invoke-provision.ps1 is missing in winpe.zip where can i find this script?

When grabbing Autopilot config file from Azure.., I get this.
WARNING: Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.

Hello,
I've downloaded an ISO (Win 10 Enterprise) via the tool Windows Media Creation Tool.
With the script, it fail with this error:

Getting image index from install.wim..
WARNING: Le fichier spécifié est introuvable.

Is there a log file somewhere to debug ?
Thank you

Hello,
im hoping you can help me. I ran the tool and chose a autopilot profile when the system boots up and i sign in it says wait while we configure then it sits there for a long time and then gets error "something went wrong. confirm you are using the correct sign-in information and that your organization uses this feature. you can try to do this again or contact your sys admin with error code 80070002.
we have A5 licenses, and i can see the device in enrolment manager.
when i look at hte event log on the device this is one of the few errors. I have been talking to MS but they have not helped with any actual troubleshooting yet, just listened to them complain for about an hour that using a usb is unusual.

Log Name: Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin
Source: Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider
Date: 8/24/2020 1:57:51 PM
Event ID: 404
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: DESKTOP-E43PIMM
Description:
MDM ConfigurationManager: Command failure status. Configuration Source ID: (196EB1CE-94DC-4FA0-9D15-EFEB3A15B8AD), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (Policy), Command Type: (Add: from Replace or Add), CSP URI: (./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Receiver/Properties/Policy/FakePolicy/Version), Result: (The system cannot find the file specified.).
Event Xml:



404
0
2
0
0
0x8000000000000000

510


Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin
DESKTOP-E43PIMM



196EB1CE-94DC-4FA0-9D15-EFEB3A15B8AD
MDMDeviceWithAAD
Policy
1
./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Receiver/Properties/Policy/FakePolicy/Version
0x80070002

No data is copied in the 'Writing WinPE to USB' section.
A folder is created on the 'Images' partition and the install.wim is copied.

Hey, I'm trying to build an USB without iso file, for what I'm trying to achieve:

1 A laptop is repaired
2 A customized version of windows is installed
3 After that instalation, apply AutoPilot configuration using a different pendrive (since it's done in different stages of repairement)

According to this documentation WindowsIsoPath is not required. However, if i don't put -WindowsIsoPath or if i leave it empty, I'm getting errors:

PS C:\Users\TestUsuario> Publish-ImageToUSB -winPEPath "C:\WinPE" -getAutopilotCfg

Publish-ImageToUSB: Parameter set cannot be resolved using the specified named parameters. One or more parameters issued cannot be used together or an insufficient number of parameters were provided.

PS C:\Users\TestUsuario> Publish-ImageToUSB -winPEPath "C:\WinPE" -windowsIsoPath -getAutopilotCfg

Publish-ImageToUSB: Missing an argument for parameter 'windowsIsoPath'. Specify a parameter of type 'System.String' and try again.

If i put anything else (fake routes) the process runs but ends up closing powershell. I don't have the screen long enough to see what's going on.

How can In achieve what I'm trying to?

This is an interesting tool that solves an important issue with Autopilot, that is devices that don't have the OS installed or its unbootable/corrupt.

One thing I was not clear on, when the USB image is created can I use this on multiple devices?

How about registration of new hardware hash to Intune? We have out-of-box devices that don't have the OS and don't have their hardware registered in Intune. Is this handled automatically (similar to what Get-WindowsAutoPilotInfo does)?

I've tried putting the PID.txt into the Sources folder, but it doesn't get applied. How can we slipstream the serial key into the image using your build method?

https://dellwindowsreinstallationguide.com/windows-8/windows-8-1-adding-the-ei-cfg-and-pid-txt/

I've Noticed the unatteded file didn't want to copy

1. folder did not exist.
2. typo in the looking for unattented.xml

#region Copying over unattended.xml
Write-Host "`nLooking for unattended.xml.." -ForegroundColor Yellow
if (Test-Path "$($usb.winPESource)scripts\unattended.xml" -ErrorAction SilentlyContinue) {
if(-not (Test-Path "$($usb.scRoot)Windows\Panther" -ErrorAction SilentlyContinue)){
New-Item -Path "$($usb.scRoot)Windows\Panther" -ItemType Directory -Force | Out-Null
}
Write-Host "Found it! Copying over to scratch drive.." -ForegroundColor Green
Copy-Item -Path "$($usb.winPESource)\scripts\unattended.xml" -Destination "$($usb.scRoot)Windows\Panther\unattended.xml" | Out-Null
}
else {
Write-Host "Nothing found. Moving on.." -ForegroundColor Red
}
#endregion

Hi, Getting the following error after connecting to our Azure environment

Grabbing Autopilot config file from Azure..
Write-Error: System.Management.Automation.CommandNotFoundException: The term 'Invoke-MgGraphRequest' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)

I've made sure that all required modules are installed. Apparently Microsoft has made some changes lately, not sure if that's caused it to break, or if theres something simple I'm missing.

If i'm trying to use this for Hybrid AD join its stuck on "Please wait while we set up your device"
i used all troubleshooting steps in link below, and noticed i didn't get the ODJ request.
https://oofhours.com/2020/07/19/troubleshooting-windows-autopilot-hybrid-azure-ad-join/

however if i use a boot stick made with media creation tool, then reset autopilot config & do a fresh start it works fine.

Kind Regards.