Using PowerShell scripts with MDT

To have a nice solution, create a PowerShell wrapper for your commands, and then run that as an application or run command line action in MDT. In the wrapper I also do some additional logging for good measure.

Example: Here is a PowerShell script I use to create sites and subnets in Active Directory. As you can see below, I'm tapping into MDT variables to read the log path MDT is using, but you can obviously access any MDT property.

Solution: Hydration
 Purpose: Used to create AD Sites and Subnets
 Version: 1.2 - January 10, 2013

This script is provided "AS IS" with no warranties, confers no rights and
 is not supported by the authors or Deployment Artist.

Author - Johan Arwidmark
    Twitter: @jarwidmark
     Blog   :

 # Determine where to do the logging
 $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment
 $logPath = $tsenv.Value("LogPath")
 $logFile = "$logPath$($myInvocation.MyCommand).log"

# Start the logging
 Start-Transcript $logFile
 Write-Output "Logging to $logFile"

# Start Main Code Here

# Create Empty AD Sites (sites with no domain controllers, for lab purpose only)
 Write-Output "Creating AD Sites"
 New-ADReplicationSite -Name Stockholm
 New-ADReplicationSite -Name Liverpool

# Create AD Subnets
 Write-Output "Creating AD Subnets"
 New-ADReplicationSubnet -Name "" -Site NewYork
 New-ADReplicationSubnet -Name "" -Site Stockholm
 New-ADReplicationSubnet -Name "" -Site Liverpool

# Stop logging

To run this script via the task sequence, I simply create a run command line action, with the following command line:

Powershell.exe -ExecutionPolicy ByPass -File "%SCRIPTROOT%\Configure-CreateADSubnets.ps1" 

Here is another example with parameters:

 Powershell.exe -ExecutionPolicy ByPass -File "%SCRIPTROOT%\TestScriptWithParameter.ps1" -Message "Testing Parameters"

You can also create more complex commands. Here is running the script as an application, but also copy it locally first.

Powershell.exe -ExecutionPolicy Bypass -Command "Copy-Item '%DEPLOYROOT%\Applications\Configure - Create AD subnetsConfigure-CreateADSubnets.ps1' -destination C:\Windows\Temp; C:\Windows\Temp\Configure-CreateADSubnets.ps1; Remove-Item C:\Windows\temp*.ps1 -Force"

The above line runs Powershell.exe with the ExecutionPolicy set to bypass, then and a series of PowerShell commands run that does the following:

1. Copies the Configure-CreateADSubnets.ps1 script locally

2. Runs Configure-CreateADSubnets.ps1

3. Deletes the script

After the wrapper has completed you can review the log file in the MDT standard locations.

The logging from the PowerShell wrapper.
The application in MDT.

Written by Johan Arwidmark

About the author

Johan Arwidmark

0 0 votes
Article Rating
Notify of
Oldest Most Voted
Inline Feedbacks
View all comments
8 years ago

Hi Speedbird186, thanks for the improvement tips, I have updated the article… As for running the PowerShell script over the network, I prefer to copy it locally first. 🙂

/ Johan

8 years ago

Thanks for sharing!
I would suggest the following improvement:
powershell.exe -ExecutionPolicy Bypass -Command ". '%DEPLOYROOT%….ps1'"
In other words, use the ExecutionPolicy parameter to run the powershell.exe instance instead of a separate command, set it to Bypass instead of Unrestricted (= no warnings) and then execute the PowerShell script directly from the network share.
I am actually taking this a small step further and using a .wsf wrapper for these calls.

9 years ago

Man this is fantastic. I've been looking for a way to set up a PowerShell script as an application in MDT for some time now BUT (per usual Johan) you are way ahead of me. That command line string looks really complex. I typically use just ' MyScript.cmd ' for my Batch application scripts or ' cscript.exe //nologo "MyScript.vbs" ' for my VBScript application scripts. Also I try to keep the complex part of the script in the script itself for the sake of simplicity. Maybe thats just not possible with PowerShell (It may be "King" but right now I… Read more »