The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How to install Agents with Windows Configuration Designer

Download Windows Speedup Tool to fix errors and make PC run faster

Setting up new workstations for end-users is a time-consuming task. With the help of automation and a structured approach, the hassle of workstation deployment can be reduced. To manage your Windows workstations and computers, you will first need to install the Windows agent.  In this post, we will see how you can install agents with Windows Configuration Designer and create custom settings, deploy scripts, and draft a provisioning file that can be deployed to various systems for automation purposes.

How to install Agents with Windows Configuration Designer?

To install agents with Windows Configuration Designer correctly, follow the steps below.

  1. Install Windows Configuration Designer
  2. Create a Provision Desktop Devices project
  3. Configure your project
  4. Deploy the created package

Let us talk about them in detail.

1] Install Windows Configuration Designer

First of all, we need to install Windows Configuration Designer. It is a no-cost software tool that helps in initiating workstation deployments. It allows users to customize settings, deploy scripts, and create a provisioning file that can be distributed to multiple computers. To get this tool, either go to microsoft.com or open the Microsoft Store and search for “Windows Configuration Designer”

2] Create a Provision Desktop Devices project

After downloading Windows Configuration Designer, you need to click on Provision Desktop Device from the Create options. Now, enter the name of the project, choose a destination, and add a description if you want. Finally, click on the Finish button to start creating.

3] Configure your project

Now, let us start configuring the project.

First of all, we need to set up the device. For that, you can use the format – CompanyName-%Serial%. This will add the company name in front of the device’s service tag or serial number.

Next up, you need to set up a wireless network on this page. However, the wireless network will not always be connected before installing the agent, so disabling this feature is a good option as of now. For that, just turn off the toggle that says Set up network.

Now, you can choose to join the domain at this point, but if the devices are not connected to a network that has access to the AD domain, you can just create a local admin account and join the domain later using a script. For that, just tick the Local Admin checkbox and enter your credentials.

Install agents with Windows Configuration Designer

Here comes to most important part, we are required to install a script that will do the automation part. For that, we are going with PowerShell. We will go with the following script.

Note: Following is a sample of the PowerShell script that you can use, make sure to make needful changes to the script before installing it.

param(
[string]$SSID="Put Your SSID Here",
[string]$PSK="Put Your Wifi Password Here"
)

#Test to see if folder $TempFolder exists
$TempFolder = 'C:\temp'
if (Test-Path -Path $TempFolder) {
"$TempFolder exists."
} else {
"$TempFolder doesn't exist, creating now."
mkdir $TempFolder
}

#Log this script.
Start-Transcript -Append $TempFolder\Install.txt

#Create a wireless profile file
$guid = New-Guid
$HexArray = $ssid.ToCharArray() | foreach-object { [System.String]::Format("{0:X}", [System.Convert]::ToUInt32($_)) }
$HexSSID = $HexArray -join ""
@"
<?xml version="1.0"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>$($SSID)</name>
<SSIDConfig>
<SSID>
<hex>$($HexSSID)</hex>
<name>$($SSID)</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA2PSK</authentication>
<encryption>AES</encryption>
<useOneX>false</useOneX>
</authEncryption>
<sharedKey>
<keyType>passPhrase</keyType>
<protected>false</protected>
<keyMaterial>$($PSK)</keyMaterial>
</sharedKey>
</security>
</MSM>
<MacRandomization xmlns="http://www.microsoft.com/networking/WLAN/profile/v3">
<enableRandomization>false</enableRandomization>
<randomizationSeed>1451755948</randomizationSeed>
</MacRandomization>
</WLANProfile>
"@ | out-file "$TempFolder\$guid.SSID"

#Import the wireless profile
netsh wlan add profile filename="$TempFolder\$guid.SSID" user=all
Start-Sleep -Seconds 5

#Delete the wireless profile file
remove-item "$TempFolder\$guid.SSID" -Force

#Connect to the new Wifi network
netsh wlan connect name=$SSID

#Check for connectivity so the agent can be downloaded
$timeout = New-TimeSpan -Minutes 2
$endTime = (Get-Date).Add($timeout)
$testSite = "download URL"

while (!(Test-Connection $testSite)) {
Start-Sleep -Seconds 5
if ((Get-Date) -gt $endTime) {
$connectivity = Test-Connection -TargetName $testSite
"$connectivity"
"Timeout exceeded. Network connectivity not established"
break
}
}

#Paste the installer command for your operating system

Senv:API_KEY = "fuARsf8hj6xTgtHctGSJzW4a"; Set-ExecutionPolicy RemoteSigned - Scope Process -Force; [Net.ServicePointManager] :: SecwrityProtocol = [Net.SecurityProtocolType] :: T1s12; iwr -useb https://download URL/instalation_windows.ps1 | iex

Stop-Transcript

Create a .PS1 file by copying the script to a notepad and saving it with the said extension.

Press the + button on the add application page, then give the application a name. Browse to the .ps1 script in the Installer Path field. Next, change the Command Line Arguments field to:

powershell.exe -executionpolicy bypass -file "install_agents.ps1"

Finally, go to Add > Enter certificate if you have one or just leave it unaltered> Create. 

Read: How to automate tasks with PowerShell?

4] Deploy the created package

To prepare a new computer for deployment, generate a .ppkg file and copy it to a USB stick. This file contains all the necessary information, including the .ps1 file created earlier.

When setting up a new computer, it will prompt for the language to be used. Do not answer any of the questions and simply insert the USB stick. The provisioning file will be read, and the computer will be renamed and rebooted. Additionally, an admin account will be created, the wireless network will be joined, and Level will be installed.  After all these steps are completed, the device will appear in Level, and you can start deploying automation scripts to finish the workstation deployment.

That’s it!

Read: CleanPC CSP: Remove pre-installed software during provisioning

What can you do with Windows Configuration Designer?

We can use the Windows Configuration Designer tool to create provisioning packages that will allow for the hassle-free configuration of Windows client devices. This tool is primarily utilized by IT departments of business and educational institutions that require the provisioning of both bring-your-own-device (BYOD) and business-supplied devices.

Read: Microsoft Flow or Power Automate: Automation Tool and IFTTT alternative

How do I install PPKG on Windows?

To apply a provisioning package to your device, first, insert the USB drive. Then, navigate to Settings, select Accounts, and choose Access work or school. From here, click Add or Remove a provisioning package, and select Add a package. You can then choose your preferred method, such as Removable Media. Next, select the .ppkg provisioning package that you want to apply, and click Add.

Also Read: Best free Automation software for Windows.

Yusuf@TWC

Yusuf is an Engineering graduate from Delhi. He has written over 1000 technical articles and has knowledge of programming languages including Java, and C++, and technologies such as Oracle 12C and MsSQL. Troubleshooting Windows is his favorite past-time.