Share via

Microsoft Endpoint Configuration Manager Task Sequence broken after aplying revocations as discribed in KB5025885

dekac 1 Reputation point
2023-07-18T12:11:05.7766667+00:00

Once the revocation has been applied to a computer, it is impossible to reinstall OS by running a Task Sequence on the computer. We have tried to copy the files as described in KB5025885:

xcopy %systemroot%\Boot\EFI\bootmgfw.efi q:\EFI\Microsoft\Boot

xcopy %systemroot%\Boot\EFI\bootmgfw.efi q:\EFI\Boot\boot<arch>.efi

xcopy %systemroot%\system32\SecureBootUpdates\SKUSiPolicy.p7b q:\EFI\Microsoft\Boot

Unfortunately, the Task Sequence hangs at the "Setup Windows and ConfigMgr" TS-step. The Boot and OS-Image have been updated. Any idea how to resolve this issue would be greatly appreciated. Thanks.

Microsoft Security | Intune | Configuration Manager | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Simon Ren-MSFT 40,341 Reputation points Microsoft External Staff
    2023-07-19T06:33:58.9133333+00:00

    Hi,

    Thank you for posting in Microsoft Q&A forum.

    1,Please make sure you have updated all media and images with updates released on or after May 9, 2023. And then you have distributed the updated images and task sequence to your DPs.

    2,If the issue persists after step1, please help check the smsts.log, setupact.log and setuperr.log on the client to see if there is any error.

    Thanks for your time. Have a nice day!

    Best regards,

    Simon

    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.