Share via

MDT with a different protocol

kwiateki 16 Reputation points
2022-02-21T16:09:33.883+00:00

Hi,

I noticed that MDT supports protocol 1.0 only. However, protocol 1.0 is deprecated and not recommended. Is there any way to use MDT with protocol tls 1.1 or 1.2 or SSL? When I start the deployment using a different protocol, I get an error like the following: "ZTI error opening SQL Connection: [DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error".

Windows for business | Windows Client for IT Pros | Devices and deployment | Set up, install, or upgrade
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Simon Ren-MSFT 40,386 Reputation points Microsoft External Staff
    2022-02-28T10:17:34.307+00:00

    Hi,

    ==>but how to install the driver in WinPE?
    Yes, we can import the drivers for WinPE. The main steps are as below:

    1, Import needed drivers to Out-Of-Box drivers.
    2, Create selection profiles.
    3, Then configure the deployment share properties to use the correct selection profile.

    Here are the detailed steps for your reference:
    MDT Lite Touch Driver Management
    Import Dell WinPE Drivers into MDT Litetouch
    Please note: The links are not from Microsoft, just for your reference. Thanks for your time.

    Best regards,
    Simon

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

    0 comments
  2. kwiateki 16 Reputation points
    2022-02-23T09:31:34.843+00:00

    Hi,

    Error comes from MDT script (ZTIDataAccess.vbs). The script uses SQLOLEDB provider that supports protocol tls 1.0 only. SQL is not a problem, because I;m using 2016 and 2019 version and the situation is the same.

    I found that I should switch provider from SQLOLEDB to MSOLEDBSQL and install a driver on the clients, but how to install the driver in WinPE?

    Was this answer helpful?

    0 comments
  3. Amandayou-MSFT 11,166 Reputation points
    2022-02-22T08:15:37.337+00:00

    Hi,

    Based on my experience, MDT may not support protocol 1.0 only. Back in 2016, Microsoft announced that TLS 1.2 would now be supported in specific builds of SQL Server 2008, 2008 R2, 2012, and 2014. Where we notice it? SCCM has no effect on TLS.

    This issue is not MDT specific. According to the error, it is related to SQL, where is the error? could we provide the detailed information?

    Here is the related post we could refer to:
    https://social.technet.microsoft.com/Forums/sqlserver/en-US/e5ac9ce5-aaad-493a-b5fe-22d2f9c4f843/mdt-support-with-tls-12

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.