MDT 2012 Update 1: Orchestrator support

Another new feature in MDT 2012 Update 1 is the ability to call System Center 2012 Orchestrator runbooks from within a task sequence.  This works with Lite Touch deployments, ConfigMgr 2007, and ConfigMgr 2012.  Using this capability, you can tie external processes into your task sequences, without needing to employ developers to create web services or stored procedures.  So this is yet another option for making your deployments more dynamic.

Unlike the setup in place for web services and stored procedures, the Orchestrator support is not tied to CustomSettings.ini.  Instead, it is designed to run at any point in the task sequence itself by adding a new “Execute Orchestrator Runbook” requests wherever you want them:


In each of those steps, you specify the name of the Orchestrator server, then browse for an available runbook:


If that runbook accepts input parameters, you can pass those from the task sequence either explicitly (type in the value you want, using variable substitution if necessary) or implicitly (if the runbook parameter name matches the name of a task sequence variable, the value of that variable will be passed automatically).

You can also specify to wait for the runbook to complete before allowing the task sequence to continue.  That makes the process synchronous, and also provides a way for the runbook to return values back to the task sequence:  Any return parameters from the runbook execution job will be set as task sequence variables so that subsequent task sequence steps can use those values.

You can include as many of these “Execute Orchestrator Runbook” steps in the task sequence as you would like, but keep in mind the potential time this may add to the deployment process, as well as the load it may place on your Orchestrator server if you deploy hundreds of thousands of machines at the same time.

The default MDT task sequences won’t contain any “Execute Orchestrator Runbook” steps, so this is provided entirely for customization.  Be creative Smile 

Some ideas for runbooks that you might want to try:

  • Moving a computer to a new OU.
  • Generating or retrieving a computer name.
  • E-mailing when a deployment fails.
  • Creating a trouble ticket/service request when a deployment fails.

One of these days I’ll get around to blogging about some samples…

Comments (5)
  1. Naadir Jeewa says:

    In terms of licensing, would this require us to have the System Center 2012 Client Management Suite?

    Also, does this mean that there's some OData support we could use (in admittedly unsupported ways).

  2. Noah says:

    This is an awesome addition. Speaking of samples, if anyone is looking for more I’ve added one that ties in a SharePoint request to dynamically deploy applications during the task sequence. You can take a look and download the full example here:

  3. Bobby says:

    I would like to create a runbook that will send an email when ever any runbook stops running. How can I achieve this?

  4. Bastien says:


    I am confused. We are getting a 401 Access Denied Http Status with Error 10801.

    I found documentation on MSDN which says that the Network Access Account is not used to execute Task Sequences. And we can confirm that the Execute Runbook Task Sequence is accessing the Orchestrator Web Service "Orchestrator.svc" with the local system account.

    This however leaves me stumped and do not know which user to give permissions to for running Runbooks in Orchestrator?

    The article on Technet:

    The Network Access Account is never used as the security context to run programs, install software updates, or run task sequences; only for accessing resources on the network.

    We are using ConfigMngr 2012 R2 SP1 with MDT 2012 SP1

    Kind Regards


  5. While task sequences don’t implicitly run tasks using the network access account, that account is available to the task sequence. In this case, MDT does use that account to call the Orchestrator web service, so that is the account that needs access.

Comments are closed.

Skip to main content