Dell World 2014

Optimizing K2000 Workflow

Charles C. Ruffino, Endpoint Systems Management Sales Engineer

Jayson Mounivong, Endpoint Systems Management Sales Engineer

November, 3, 2014

Dell WorldUser Forum

Dell World 2014

Agenda

• Introduction• Preparations

• Auditing the K2• Golden Image• Workstation Configuration• Preparing the Image

• Deployment• Test• Track• Re-Deploy

Dell World 2014

Preparations

Dell World 2014

Auditing the K2000

• Storage

• Review the amount of free space available on the appliance

• Keep a minimum of 20% free

• Images

• Backup and Remove un-used images

• Remove test images

• Remove outdated images

• Remove images that “don’t work right”

Dell World 2014

Golden Image

• Create

• Create your golden image in a virtual machine

• Test

• Deploy a single partitioned scripted install of the OS to a workstation

• Use only volume license media (OEM licenses cannot be reused)

• Update

• Deploy a non-sysprepped image back to the original workstation (updates)

• Repeat

• Update your images every couple of months to keep everything clean

Dell World 2014

Workstation Configuration

• KACE Provisioned• Script or Image Install – Delete %ALLUSERSPROFILE%\Dell\KACE

• Sysprepped• Delete sysprep_succeeded.tag from ..\Windows\System32\Sysprep

• Profiles• Create an Administrator Profile and Customize as Default

• Recommendations from KACE• Thin Image

− Use Post Installation Tasks

• Fat Image− Avoid Applications that Require Constant Updates

• Any Image− No Anti-Virus, Encryption, Virtual Device Emulators

Dell World 2014

Preparing the Image

• First Capture• Don’t Sysprep

• Back it up

• Be Descriptive

• Use Notes in K2

• Second Capture• Use sysprep_creator_wizard

• Copy “default” Account• <copyprofile>True</copyprofile

> in Unattend.xml

• /generalize /oobe /shutdown /unattend

• Capture

• Verify Mini Setup Runs Correctly

• Test Everything is Working as Desired

Dell World 2014

Deployment

Dell World 2014

Task It, Track It, Re-Deploy It

• Task It

• Pre-Installation

• Mid-Level

• Post-Installation

• Consistent Naming Scheme

− App-****, Script-****, OSConfig-****, Mid-****

• Clean-up

− Remove Unattend Files (%WINDIR%\Panther and %WINDIR%\System32\Sysprep)

• Task Order

− Place Prerequisites Before Dependencies

• Deploy to a Different Workstation

• Validate Everything Works as Desired

• Repeat

Dell World 2014

Preparations

Dell World 2014

Audit the K2000 Before you Begin

20% of space should remain clear on the appliance. Backup and remove images no longer needed and then copy and

remove them from the restore share. Remove images that were being tested, or that have been updated. Do not image or create a golden master of a machine that comes

directly from the manufacturer. Never run a purge or delete an image while capturing an image.

Dell World 2014

Network Requirements

• DHCP Options 66 and 67 must be configured or you

must use the onboard DHCP server

• Option 66 Value: IP address of your KACE Appliance

• Option 67 Value: k2000.0

• KACE Appliance must be on same subnet as target

machines or use an IP helper to direct TFTP and Netboot

traffic across subnet

Dell World 2014

Start Fresh

Deploy a single partition scripted install of the operating system you would like on the machine, only volume license media should be used, avoid using OEM media, or

Deploy a non-sysprepped image back to original machine to apply updates that occurred after capturing. Every couple of months is a good time frame to update an image.

Dell World 2014

Boot Environment Creation

Dell World 2014

Download and Install WAIK (Windows Automated Installation Kit)

The KBOX makes use of several tools that Microsoft has

bundled into the Windows Automated Installation Kit for

Windows 7 (WAIK). To perform several of the exercises below,

you will need to first download and install the WAIK onto your

computer. It is recommended that you use a Windows 7,

Windows Vista, or Windows Server 2008 machine to create the

boot environment. Windows XP Machines will not work to build

the boot environment

Dell World 2014

Download and Install WAIK

• Download the Windows AIK

from the Microsoft website.

• While WAIK is downloading, you

can continue below by installing

the Media Manager application.

• Burn the downloaded ISO file

(KB3AIK_EN.iso) to a DVD, or

use an ISO mounting utility to

access the files.

• Run the WAIK installer

(StartCD.exe).

Dell World 2014

Download and Install the K2000 Media Manager

The KBOX 2000 Media Manager is an application that can upload Windows media

to the KBOX for use in automation of OS installation, and also upload some

deployment tools that the KBOX requires in order to function. The Media Manager

can be downloaded from the KBOX on the Library > Overview page.

**NOTE: You will install the Media Manager on the same machine that you install

the WAIK on.

• Visit the Library page on the K2000.

• Click on the Download Media Manager link in the Source CDs section.

• Note that the Media Manager for Windows requires .Net 4.0 to be installed.

• Click on the Download for Windows link. Save the kmediamanagerwin.msi

file to the administrator computer.

• Run the kmediamangerwin.msi installer.

Dell World 2014

Download and Install the K2000 Media Manager

Dell World 2014

Add Driver Pack from KACE

Before creating the boot environment, we recommend adding the supplemental

KACE driver pack supplied on our support site. This driver pack contains many of

the NIC and mass storage drivers that are missing in WinPE 3.0. You can

download the driver pack by clicking on this link.

• Download and extract KBE_driver_pack to your desktop

• Browse to the folders kbe_windows_x64 and kbe_windows_x86

• Copy and replace the folders and files into the drivers directory on your KACE

appliance by mounting the driver share \\<yourk2000>\drivers

• If you cannot mount the driver share from Win7 or Vista, you must change your

local security settings.

Dell World 2014

Add Driver Pack from KACE

Re-cache all drivers from Library Manage Drivers

Dell World 2014

Building the Boot Environment

The KBOX Systems Deployment Appliance uses a customized version of Windows

Pre-installation Environment 3.0 (WinPE) as a network Boot Environment to

perform scripted operating system installation and system imaging. The Media

Manager utility can be used in conjunction with the WAIK to build the boot

environment and upload it to the KBOX.

This build process creates a version of WinPE 3.0 that is compatible with the

KBOX, and integrates any drivers that you have put into the kbox_winpe3_x86 and

kbox_winpe3_x64 libraries on the KBOX. You will only need to add the mass

storage and NIC drivers to the WinPE 3.0 folders. For more information on driver

management on the KBOX, click here.

Dell World 2014

Building the Boot EnvironmentBecause the integration of drivers into

the Boot Environment is performed at

build time, you will need to repeat this

build process whenever you add or

remove drivers to the libraries above.

• Launch Media Manager and select

‘Create K2000 Boot Environment’

• Enter KACE Appliance hostname

or IP address and share password

• Select architecture radio button

• Name your KBE (ie. KBE_30_x86,

KBE_x64, etc)

• Start upload

View the details in the UI under

Deployments > Boot Environments.

Dell World 2014

Create USB Bootable Flash Drive

Click into your created boot environment

and select ‘Create bootable USB flash

drive image for this Boot Environment’ and

then save. This will rebuild your boot

environment and create a downloadable

zip file that will be available the next time

you click into the detail of that environment.

If you are unable to use PXE to boot your workstations into the KACE Appliance,

you can create a bootable USB device. The USB drive then can be used to boot a

machine to KBE without enabling network booting. It is recommended that you use

a flash drive of at least 1 GB as the boot environment will grow in size as you add

more drivers.

Dell World 2014

Create USB Bootable Flash Drive (Continued)

Download file by clicking on the disk icon in the KACE UI. Once the download is complete, extract the files to the C:\ drive of your machine.

Dell World 2014

Create Bootable Flash Drive (Continued)

When finished, a dialog box saying ‘completed’ will appear and your USB flash drive should be ready to go. If you want to verify that the files were copied, you can browse the completed USB drive.

• Insert the USB flash drive into your machine and then open a command prompt and navigate to

C:\name_of_your_KBE\install.exe and launch.

Dell World 2014

Create Bootable CD

If you are unable to use PXE to boot your workstations into

the KACE Appliance, you can create a bootable CD. The CD

will be used to boot the workstation into the KACE appliance.

• Download the bootable ISO

• Mount ISO and burn the files to the disk

Dell World 2014

Scripted Installation Creation

Dell World 2014

Upload Windows Media

You can import the OS source from a

CD/DVD or use ISO mounting software

to mount an ISO and load it onto the

KACE K2000 Appliance. You transfer the

files onto the KACE Appliance using the

Media Manager. Once on the KACE

K2000 Appliance, you can use the OS

source in Scripted Installations without

having to use physical CDs. The KBOX

will not accept OEM media. The

Windows Media must be genuine in the

form of CD/DVD or ISO.

Dell World 2014

Define Pre/Post Installation Tasks

Pre/Post Installation tasks can be used to customize scripted installations both

before and after you deploy the operating system. There are a number of examples

that ship with the appliance. Some examples of pre-installation tasks are: create

partition and format C:\ as NTFS. Some examples of post-installation tasks are:

rename a machine, join to the domain, and install software.

Version 3.4 and above of the K2000 appliance added a more robust driver injection

engine that happens automatically after image deployment. Drivers can be pulled

from the Dell Driver Feed within the K2000, uploaded from the Driver Harvesting

Utility, or manually copied to the K2000. There may still be some cases when

drivers, including chipset, graphics, and sound, may need to be installed as post

installation tasks. Refer to this KB article as a guideline on how to set up a driver

installation post install task.

Dell World 2014

Define the Scripted Installation

To define or build the scripted installation, navigate to the Deployments > Scripted

Installation tab and click ‘Add New Scripted Installation’

You will give the scripted install a name, select the source CD to use for your build, and click next. The next screen will ask how you want to create the answer file.

Dell World 2014

Define the Scripted Installation (Continued)The KACE Appliance supports multiple methods for creating an answer file for the purposes of automating Windows Setup. The easiest way to create an answer file is to walk through the answer file wizard. KACE collects the information required, and formats an answer file for use in the Scripted Installation.

Alternately, you can upload existing answer

files that you may have on hand because you

have previously automated Windows setup.

Finally, you can choose to perform an

attended setup, in which case Windows Setup

will prompt you for every piece of information

as it progresses. This is identical to running

Windows Setup from the install media, but you

get the benefits of centralized deployment.

Dell World 2014

Define the Scripted Installation (Continued)

Once you have completed the answer file, you can choose which pre and post installation tasks you want to use with your build. The available tasks are on the right hand side and you add them to your build by dragging them over to the installation plan on the left.

Dell World 2014

Define the Scripted Installation (Continued)

Once you have selected your appropriate tasks, click next and KACE will build your scripted installation. From there, you can stage a deployment (deploy the scripted installation to a system), create another scripted installation, or view the scripted installation details.

Dell World 2014

Scripted Installation DeploymentThere are two options for deployment of a scripted installation. One method would entail setting the boot actions via the scripted installation details through the UI. The other method is to boot the machine into KBE and choose the installation you want from there.

Dell World 2014

Configure the Workstation

Install all patches and updates. Create an administrator profile and customize the profile you want to set up as

default, if desired. We recommend creating just a base image, using post installation tasks to deploy

your software at a later time when possible, and thereby making your images more flexible when deploying to numerous departments, or different types of users.

If you are making a "full" image, avoid installing software that is updated regularly (flash, reader, etc.), make these into post install tasks and leverage the K1000 for updates.

Do not install applications such as anti-virus, encryption, security, virtual CD software, any software that emulates hardware, or the K1000 agent in your image.

Dell World 2014

Image Capture and Deployment

Dell World 2014

Image Capture

To start the image capture, you must boot a machine into the KACE 2000 using PXE or Netboot depending on your image. Once you boot the machine into KBE, you should navigate to the KBE UI for image capture.

Note: If you want to capture an image and deploy to multiple machines you will have to use sysprep before you capture the image.

The KACE 2000 Appliance uses a proprietary image format called a K-Image. This image is a file based image instead of a sector based image where you copy and store the entire disk. It gives us flexibility* when capturing, deploying, and storing images.

*WIM will be faster to deploy but K-Image can be easier to use if just repairing an install

Dell World 2014

Capture your Image Without Sysprepping

Capture a non-sysprepped version of your golden image first. Sysprep issues happen often, and if there is an issue it is best to restore a non-sysprepped image to the original machine, which will also avoid rearm issues.

Be descriptive in your naming of captured images, including if the machine is sysprepped, a version or date of capture, this will allow system administrators in your environment to choose the best image to deploy from the drop-down list in KBE. In addition, use your notes field in the K2000 UI as a change/audit log.

Dell World 2014

Manipulating the ImageImages are accessible in the UI from the Deployments > System Images tab. You can modify the images you capture directly through the UI of the KACE 2000. Only K-Images can be manipulated in this way. To browse through the files:

Click into the image name Click ‘Browse Files’

Dell World 2014

Sysprep your Image

Use sysprep_creator (Tools menu) if you don't have an unattend.xml file.

If you configured a "default" account, then make sure that <copyprofile>True</copyprofile> is set in the unattend file.

When running sysprep make sure to use /generalize /oobe/shutdown and the /unattend switch.

*Shutdown is preferred so that pxe boot isn't missed on a reboot. If using the <copyprofile> option, sysprep must be run from the customized account.

Dell World 2014

Capture you Sysprepped Image

Capture the sysprepped image to the K2000 (follows the same process as capture without sysprep), verifying that enough space exists for the capture (first step).

After capture, reboot the sysprepped machine to make sure that mini setup runs correctly.

Test to make sure everything in the image works as desired.

Dell World 2014

Image Deployment

Image deployment is very similar to deployment of a scripted installation. You can stage the image deployment by setting boot actions as well as deploy from the boot environment UI (same method as capturing an image). You also have the ability to deploy images from a USB drive.

Dell World 2014

USB Image Deployment

To create the USB image, click on the ‘Create bootable USB flash drive image for this System Image’ from the system image detail

Dell World 2014

USB Image Deployment (Continued)

This will take you to an instruction page where the file will be created. Once the file is compiled, you can download the file and follow the instructions for image build. The USB image build will be very similar to the USB boot environment creation.

NOTE: The USB image process is much slower than the network based image deployment.

Dell World 2014

Common Post Installation Tasks

Post installation tasks are a way of customizing your image or scripted installation deployment. These tasks can include scripts, applications, etc. Some of the common installation tasks that you will use with your deployments are join domain, rename workstation, install product key, and activate Windows.

Dell World 2014

Join Domain

You can choose to join a workstation to the domain as a part of your image or scripted installation. If you choose to join outside of the actual OS installation, you will have to use a post install task to join the systems to the domain. We have an example task that you can use to join the systems to the domain. The example can be found in the post installation task tab.

Dell World 2014

Rename Workstation

To rename workstation, we leverage the application wsname.exe. The application has multiple commands that you can use to rename workstations. The tool will allow you to use variables as well as create custom names read from a file. Here is an example of a task that renames the workstation using variables

Dell World 2014

Rename in Domain

The wsname tool can also be used to rename the machine in the domain. The command line for that would look similar to the following:

Wsname.exe /N:$SERIALNUM /RCID mydomain.com /USER:myuser /PASS:mypass/DELETEEXISTING /RESPACE

**NOTE: Even though the KBOX 2000 has both join domain and rename computer post install tasks, they will not work when run in tandem. When the computer is renamed using WSNAME, it has to reboot before the Domain_Join routine can run in order for the new name to take effect. Failure to reboot the computer means the computer will join the domain but with the old name rather than the one intendedKACE created a new routine that will allow you to run the domain join and rename the computer at the same time. Click here for instructions on how to apply this.

Dell World 2014

Installing the Windows Product Key and Activating Windows

The product key you use will depend on how your licensing is setup.For information on using KMS, please see this Microsoft article for information on what key to use and other information.

If you are using MAK then you can use the information below to load the key and activate the client:

To activate Windows 7 as a post installation task using your companies MAK, create a new batch script and copy the following information, substituting the "x"s for your product key.

cscript C:\Windows\System32\slmgr.vbs /IPK xxxxx-xxxxx-xxxxx-xxxxx-xxxxxcscript C:\Windows\System32\slmgr.vbs /ato

Dell World 2014

Installing the Windows Product Key and Activating Windows

If you are using OEM or retail media then you will need to activate the machine with the product key that is on the computer or with your media. You can either change this task for each machine you deploy or just enter it manually on each machine.

Note: You may need to install the Windows 7 Activation Patch as a post installation prior to this batch file. You can find the Microsoft patch here.Upload the file as an application item, and in the command line, put the name of the file with the switches /quiet /norestart

Dell World 2014

Post Installation Best Practices

Be consistent with naming tasks, like adding "App-" or "Script-", "OSConfig-" "Mid-" as a prefix to help keep tasks organized.

Create a task to remove both unattend files to keep sensitive data safe. These files are usually in %windir%\panther and %windir%\system32\sysprep

Consider the ordering of your postinstallation tasks in terms of placing prerequisites before the applications that require them.

Dell World 2014

Post Installation Best Practices (Continued) If using 3.5 SP1 or earlier

o Use the "start /wait" command when deploying software via K2000 Postinstallation Tasks

o Use "call" when utilizing .bat scripts in application tasks; call myscript.bato Use "cscript" with vb scripts; cscript myscript.vbso When zipping up an application task, make sure you select the contents to be

zipped so that the file you call is in the root of the zipped fileo For .msi deployment, use the install switch last, as in: msiexec /qn /norestart /i

agent.msio Use CLONEPREP=1 on the .msi agent install if you don’t want the agent to

check in and create a kuid until the next reboot; msiexec /i agent.msi

HOST=yourK1 CLONEPREP=1

Dell World 2014

Links

KKE Recordings for the Gold Image Week sessions: http://www.kace.com/support/training/kke/archive?tag-system%20imaging&language=en

Microsoft Golden Image Reference: http://goo.gl/FTkkVg

KACE KB for System Imaging Best Practices: https://support.software.dell.com/kb/121734

Americas KKE - Gold Image Week: Factory to Custom Image

Americas KKE - Gold Image Week: Deployment Considerations

Americas KKE - K2000 Useful Scripts (this is your deployment workbench on the K2 > Tools)

Dell World 2014

Q & A