Windows 7 Deployment Deep DiveWindows 7 Deployment Deep Dive

WDS Deployment TricksWDS Deployment TricksYou Didn’t Know…You Didn’t Know…

Greg Shields, MVP, vExpertGreg Shields, MVP, vExpertConcentrated Technologywww.ConcentratedTech.com

Your Deployment VMYour Deployment VM

deploy1.autodeploy.pri– Username: Administrator– Password: P@ssword

NAT Network– Need to reconfigure VMnet4 to NAT and 222-net.– IP: 192.168.222.10– Subnet: 192.168.222.0– Gateway: 192.168.222.2

No license key, unactivated.– Use yours, or use “slmgr -rearm”

Windows 7 Deployment Deep DiveWindows 7 Deployment Deep Dive

Automatically Deploying W7 Automatically Deploying W7 without the Alphabet Soupwithout the Alphabet Soup

Greg Shields, MVP, vExpertGreg Shields, MVP, vExpertConcentrated Technologywww.ConcentratedTech.com

Loves the ToolsLoves the ToolsHates the NamesHates the Names

“Microsoft wants you to PXE your machine to WDS, using an Unattend.XML file built from WSIM in the WAIK after pre-staging your GUID inside the ADUC. Oh, and don’t forget MDT (formerly BDD!), who’s Deployment Workbench wraps around all this ridiculousness.”

Automating Windows 7 Installation for Desktopand VDI Environments

http://nexus.realtimepublishers.com

It’s Alphabet Soup!It’s Alphabet Soup!

“Microsoft wants you to PXE your machine to WDS, using an Unattend.XML file built from WSIM in the WAIK after pre-staging your GUID inside the ADUC. Oh, and don’t forget MDT (formerly BDD!), who’s Deployment Workbench wraps around all this ridiculousness.”

Automating Windows 7 Installation for Desktopand VDI Environments

http://nexus.realtimepublishers.com

Windows Deployment’sWindows Deployment’sBiggest ProblemBiggest Problem

Windows Deployment’sWindows Deployment’sBiggest ProblemBiggest Problem

The Internet.

Windows Deployment’sWindows Deployment’sBiggest ProblemBiggest Problem

The Internet.– Each tool evolved through many different

versions.

– Older versions had numerous shortcomings.

– Resolving those required some oddball hackery.

– Bloggers report hacks that are no longer timely.

– You’ll find solutions to problems that no longer exist.

– Confusion abounds!

Windows Deployment’sWindows Deployment’sBiggest ProblemBiggest Problem

The Internet.– Each tool evolved through many different versions.

– Older versions had numerous shortcomings.

– Resolving those required some oddball hackery.

– Bloggers report hacks that are no longer timely.

– You’ll find solutions to problems that no longer exist.

– Confusion abounds!

The Solution.– Don’t trust what you read.

– You don’t need the command lineas much as you used to.

Greg’s Easy 11 StepsGreg’s Easy 11 Stepsto Deployment Automation!to Deployment Automation!

1. Installing Windows Deployment Server

2. Configuring Image Deployment

3. Deploying your First Image

4. Dealing with Drivers

5. Automating WinPE Boot Image

6. Automating the “Set Up Windows” Phase

7. Creating a Thick Image w. Applications

8. Installing Microsoft Deployment Toolkit

9. Silent Installations & Repackaging

10. Layering Applications atop Windows

11. Preserving User Data

Our Job Today…Our Job Today…

1. Installing Windows Deployment Server

2. Configuring Image Deployment

3. Deploying your First Image

4. Dealing with Drivers

5. Automating WinPE Boot Image

6. Automating the “Set Up Windows” Phase

7. Creating a Thick Image w. Applications

8. Installing Microsoft Deployment Toolkit

9. Silent Installations & Repackaging

10. Layering Applications atop Windows

11. Preserving User Data

Step 1: Installing Windows Step 1: Installing Windows Deployment ServerDeployment Server

WDS is a Windows 2008 R2 role.– Remote Installation Folder location

– PXE Server Initial Settings

– Add Image Wizard

Stepping Back: WIM Files?Stepping Back: WIM Files?

.WIM files are Microsoft’s image file format.– Two files are most important, right off DVD media.

\sources\boot.wim

\sources\install.wim

You may create more .WIM files as you create custom images down the road.– However, your goal is to not create more.

– Highest goal: One WIM per processor architecture.

Step 2: Configuring Image Step 2: Configuring Image DeploymentDeployment

WDS can deploy images via USB stick I’m showing you network deployment

today.

– Caution: Network deployment can use multicast.

– Multicast consumes bandwidth.

– Multicast is often not passed between subnets.

– Thus, YMMV.

– Secret Trick:Multicast isn’t automatically the best answer.

LAB 1: CONFIGURING WDSLAB 1: CONFIGURING WDS

How to Name the Computer?How to Name the Computer?

Requiring Administratorapproval enables thename-at-installfunctionality of WDS.

– Boot via PXE

– Approve & Name in WDS

– Enjoy!

How to Name the Computer?How to Name the Computer?

One small permissions change is required.– In Active Directory Users and Computers, right-click

the domain and then select Delegate Control.

– Change the object type to include computers and add the computer object of the Windows Deployment Services server into the dialog box. Click Next.

– When prompted, select Create a custom task to delegate. Select Only the following objects in the folder. Then select the Computer Objects check box, and then Create selected objects in this folder. Click Next.

– In the Permissions box select Write all Properties and click Finish.

Step 3: Deploying a ComputerStep 3: Deploying a Computer

This lookssuspiciouslysimilar to Ghost.

However,Auto-Cast can bevery useful. Willset up an always-on deployment.

LAB 2: DEPLOYMENT!LAB 2: DEPLOYMENT!

Stepping Back: Layering the OSStepping Back: Layering the OS

A Case for the Layered Approach to Deploying Windows Desktopshttp://technet.microsoft.com/en-us/magazine/ee835710.aspx

Microsoft Assessment& Planning Toolkit

Windows Automated Installation Toolkit & Windows Deployment Services

Windows Update Services

Group Policy Software Installation

Group Policy& Group Policy Preferences

Windows Profiles& User State Migration Toolkit

Core Operating System

Drivers

OS Updates

Applications

Configuration Changes

Planning & Analysis

Personality

Step 4: Dealing with DriversStep 4: Dealing with Drivers

Plug and Play eliminates the need to create multiple images because of driver differences.– WDS presents a driver database to the

deployment.

– Plug and Play detects and installs those it needs.

Step 4: Dealing with DriversStep 4: Dealing with Drivers

Plug and Play eliminates the need to create multiple images because of driver differences.– WDS presents a driver database to the

deployment.

– Plug and Play detects and installs those it needs.

Secret Trick: Finding and unpacking the right drivers to add to WDS.– EXEs/MSIs must be unpacked to INFs.

– WDS will import all INFs in a file path.

LAB 3: INJECTING DRIVERSLAB 3: INJECTING DRIVERS

Boot Image DriversBoot Image Drivers

Sometimes WinPE needs extra drivers to boot.– This is not common.

– …but you’ll know when you need it!

When it does, those drivers must be specially injected into your boot image.– This is done within WDS before a deployment.

– Be careful! You can corrupt the little guy!

– If you do, get a new one from the DVD.

LAB 4: INJECTING DRIVERS LAB 4: INJECTING DRIVERS INTO BOOT IMAGESINTO BOOT IMAGES

Step 5: Automating WinPEStep 5: Automating WinPE

Next Step: Automating installation prompts.– We want this installation to complete from start to

finish without asking any questions.

– Two areas need automating:The WinPE half.The Set Up Windows half.

Step 5: Automating WinPEStep 5: Automating WinPE

Next Step: Automating installation prompts.– We want this installation to complete from start to

finish without asking any questions.

– Two areas need automating:The WinPE half.The Set Up Windows half.

Automate by pre-answering their questions using Windows System Image Manager.– This tool is hard (unless you have me!).

Step 5: Automating WinPEStep 5: Automating WinPE

The Right Questions?The Right Questions?The Right Answers?The Right Answers?

Windows Image Pane (Question) Upper-Right Pane (Answer) Explanation

amd64_Microsoft-Windows-International-Core-WinPE_{version}_neutral

InputLocale = en-usSystemLocale = en-usUILanguage = en-usUILanguageFallback = en-usUserLocale = en-us

This item configures the WinPE language to US English.

amd64_Microsoft-Windows-International-Core-WinPE_{version}_neutral\ SetupUILanguage

UILanguage = en-us  

amd64_Microsoft-Windows-Setup_{version}_neutral\ WindowsDeploymentServices\ Login\Credentials

DomainUsernamePassword

Enter here the domain, username, and password of the user that connects to your WDS share. This is the same user as in Chapter 1, Figure 1-10.

amd64_Microsoft-Windows-Setup_{version}_neutral\Disk Configuration\Disk

DiskID = 0 This item begins working with the first disk in the computer.

amd64_Microsoft-Windows-Setup_{version}_neutral\Disk Configuration\Disk\Create Partitions\CreatePartition

Extend = trueOrder = 1Type = Primary

This item creates a single primary disk to install Windows.

amd64_Microsoft-Windows-Setup_{version}_neutral\Disk Configuration\Disk\Modify Partitions\ModifyPartition

Active = trueFormat = NTFSLabel = WindowsLetter = COrder = 1PartitionID = 1

This item modifies that partition to create the C: drive as the first NTFS drive and partition.

amd64_Microsoft-Windows-Setup_{version}_neutral\ WindowsDeploymentServices\ ImageSelection\InstallTo

DiskID = 0PartitionID = 1

This item installs Windows to the disk and volume created in the rows above.

amd64_Microsoft-Windows-Setup_{version}_neutral\ WindowsDeploymentServices\ ImageSelection\InstallImage

FilenameImageGroupImageName

See the note below for information about the settings for this question.

LAB 5: AUTOMATING WINPELAB 5: AUTOMATING WINPE

Unattend-ing WDSUnattend-ing WDS

Validate and createyour XML file.

Save it toC:\RemoteInstall.

Point to it in WDS.

Important: One file perprocessor architecture.– Be smart here…– Secret Trick:

Don’t over-configure….

Step 6: Automating Set Up Step 6: Automating Set Up WindowsWindows

Next Step: Automating installation prompts.– We want this installation to complete from start to

finish without asking any questions.

– Two areas need automating:The WinPE half.The Set Up Windows half.

Now, for the second half!

More Questions!More Questions!More Answers!More Answers!

Windows Image Pane (Question) Upper-Right Pane (Answer) Explanation

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral (Pass 4)

ComputerName = %MACHINENAME%TimeZone

Setting ComputerName to %MACHINENAME% will pass through the name you set in WDSs Name and Approve. Set TimeZone to your correct time zone, such as Mountain Standard Time.

amd64_Microsoft-Windows-International-Core_{version}_neutral(Pass 7)

InputLocale = en-usSystemLocale = en-usUILanguage = en-usUserLocale = en-us

This item configures the Windows language to US English.

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral\ oobe(Pass 4)

HideEULAPage = trueHideWirelessSetupIn OOBE = trueNetworkLocation = workProtectYourPC = 1

Hides the EULA and wireless setup screens, sets the network location to work, and enables Automatic Updates.

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral\ UserAccounts\LocalAccounts\ LocalAccount(Pass 7)

DisplayName = LocalAdminGroup = AdministratorsName = LocalAdmin

This item adds a local administrator account named LocalAdmin.

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral\ UserAccounts\LocalAccounts\ LocalAccount\Password(Pass 7)

Value = {Password} This item configures the password for the administrator account created above.

More Questions!More Questions!More Answers!More Answers!

Windows Image Pane (Question) Upper-Right Pane (Answer) Explanation

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral (Pass 4)

ComputerName = %MACHINENAME%TimeZone

Setting ComputerName to %MACHINENAME% will pass through the name you set in WDSs Name and Approve. Set TimeZone to your correct time zone, such as Mountain Standard Time.

amd64_Microsoft-Windows-International-Core_{version}_neutral(Pass 7)

InputLocale = en-usSystemLocale = en-usUILanguage = en-usUserLocale = en-us

This item configures the Windows language to US English.

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral\ oobe(Pass 4)

HideEULAPage = trueHideWirelessSetupIn OOBE = trueNetworkLocation = workProtectYourPC = 1

Hides the EULA and wireless setup screens, sets the network location to work, and enables Automatic Updates.

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral\ UserAccounts\LocalAccounts\ LocalAccount(Pass 7)

DisplayName = LocalAdminGroup = AdministratorsName = LocalAdmin

This item adds a local administrator account named LocalAdmin.

amd64_Microsoft-Windows-Shell-Setup_{version}_neutral\ UserAccounts\LocalAccounts\ LocalAccount\Password(Pass 7)

Value = {Password} This item configures the password for the administrator account created above.

Visit technet.microsoft.com/en-us/library/cc

749073(WS.10).aspx for a list of applicable time zone strings.

Further Unattend-ing WDSFurther Unattend-ing WDS

Validate and createyour XML file.

Save it toC:\RemoteInstall.

Point to it in WDS.

Important:This XML file isper-image not per-server.

Step 7: Creating a Thick ImageStep 7: Creating a Thick Image

Secret Trick: You don’t want to do this!– At least…not much…

– Thick is bad. Does this image make me look fat?

Creating thin images that layer applications over the OS is much more flexible.– Only go thick for core applications everyone

needs.

– Examples: Office, Adobe, WinZip, Elf Bowling

Step 7: Creating a Thick ImageStep 7: Creating a Thick Image

Your steps to capturing an image…– Create that image, configure as needed.

– Run c:\windows\system32\sysprep\sysprep.exe

– Shutdown after Sysprep.

– Create a WDS capture image.

– PXE boot and connect to capture image.

– Choose capture volume, name, description.

– Upload image to WDS server.

LAB 6: CREATING A LAB 6: CREATING A CAPTURE IMAGECAPTURE IMAGE

Step 7: Capturing an ImageStep 7: Capturing an Image

Phase 1: Configure and Sysprep

Step 7: Capturing an ImageStep 7: Capturing an Image

Phase 2: PXE Boot

Step 7: Capturing an ImageStep 7: Capturing an Image

Phase 3: Select Stuff to Capture

Step 7: Capturing an ImageStep 7: Capturing an Image

Phase 4: Choose Where to Send Stuff

Step 7: Capturing an ImageStep 7: Capturing an Image

Phase 5: Get Coffee! Marvel in GUIness.

Previous versions required the nasty command line ImageX tool.– Complex. Unfriendly. Bad breath.

– WDS today can do most everything with GUIs.

– Some advanced file/driver/stuff injection can still be done with ImageX, but…meh…

LAB 7: CAPTURING A LAB 7: CAPTURING A CUSTOM IMAGECUSTOM IMAGE

Steps 8 thru 11+, Coming Up: Steps 8 thru 11+, Coming Up: Things Get Things Get Awesome-rAwesome-r

1. Installing Windows Deployment Server

2. Configuring Image Deployment

3. Deploying your First Image

4. Dealing with Drivers

5. Automating WinPE Boot Image

6. Automating the “Set Up Windows” Phase

7. Creating a Thick Image w. Applications

8. Installing Microsoft Deployment Toolkit

9. Silent Installations & Repackaging

10. Layering Applications atop Windows

11. Preserving User Data

Windows 7 Deployment Deep DiveWindows 7 Deployment Deep Dive

WDS Deployment TricksWDS Deployment TricksYou Didn’t Know…You Didn’t Know…

Greg Shields, MVP, vExpertGreg Shields, MVP, vExpertConcentrated Technologywww.ConcentratedTech.com