AgendaWindows Deployment ServicesBackgroundRequirementsInstallationImaging VLANMotivationAdvantagesCreating ImagesSetting up a reference machineSysprepUploading the imageDeploying ImagesOn the imaging VLANOff the imaging VLANConclusionsThings that work wellThings that don't work so wellReferences
What is Windows Deployment Services?
• Updated version of Remote Installation Services• Added as a role in Windows 2008• Uses the Windows Imaging Format to handle images• Free!
WDS Requirements
• Must be a member of an AD DS domain or be a domain controller• DHCP - WDS uses PXE booting which requires DHCP capability. • DNS• NTFS volume for the image store• Windows Server 2003 or 2008
Installing and Configuring WDS
• Add the role to the server• Configure through MMC snap-in• Create an image group• Add an install image• Add a boot image
Imaging VLAN Motivation and Advantages
• Some segments of our network don't have DHCP available• Allows us to segregate some of the services• Machines can be configured on the Imaging VLAN
Setting up the reference machine
• First install performed using the default install image• Add applications• Boot into Audit mode to configure default user profile and
perform final customizations• Run sysprep on machine
Sysprep Phases
• windowsPE - disk configuration• offlineServicing - applies settings and packages• specialize - applies system specific information• generalize - removes system specific information• auditSystem - used in Audit mode• auditUser - used in Audit mode• oobeSystem - Out of Box Experience
Our unattend.xml<servicing> <package action="configure"> <assemblyIdentity name="Microsoft-Windows-Foundation-Package" version="6.1.7600.16385" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="" /> <selection name="InboxGames" state="true" /> <selection name="Chess" state="true" /> <selection name="FreeCell" state="true" /> <selection name="Hearts" state="true" /> <selection name="Minesweeper" state="true" /> <selection name="More Games" state="true" /> <selection name="PurblePlace" state="true" /> <selection name="Shanghai" state="true" /> <selection name="Solitaire" state="true" /> <selection name="SpiderSolitaire" state="true" /> </package> </servicing>
Our unattend.xml
<settings pass="generalize"> <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipRearm>1</SkipRearm> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DoNotCleanTaskBar>true</DoNotCleanTaskBar> <OEMInformation /> </component> </settings>
Our unattend.xml
<settings pass="specialize"> <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipAutoActivation>true</SkipAutoActivation> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <ComputerName>*</ComputerName> <CopyProfile>true</CopyProfile> <DoNotCleanTaskBar>true</DoNotCleanTaskBar> <ShowWindowsLive>false</ShowWindowsLive> <TimeZone>Eastern Standard Time</TimeZone> </component> </settings>
Our unattend.xml
<settings pass="oobeSystem"> <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <InputLocale>en-us</InputLocale> <SystemLocale>en-us</SystemLocale> <UILanguage>en-us</UILanguage> <UserLocale>en-us</UserLocale> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <AutoLogon> <Password> <Value>cwBBAHQARwByAHQANwAzAFAAYQBzAHMAdwBvAHIAZAA=</Value> <PlainText>false</PlainText> </Password> <Enabled>true</Enabled> <LogonCount>5</LogonCount> <Username>itconsult</Username> </AutoLogon>
Our unattend.xml
<FirstLogonCommands> <SynchronousCommand wcm:action="add"> <CommandLine>cscript //b c:\windows\system32\slmgr.vbs /ipk [License Code]</CommandLine> <Order>1</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <CommandLine>cscript //b c:\windows\system32\slmgr.vbs /ato</CommandLine> <Order>2</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <CommandLine>net user temp /delete</CommandLine> <Description>Delete Temp User Account</Description> <Order>3</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> </FirstLogonCommands>
Our unattend.xml <OOBE> <HideEULAPage>true</HideEULAPage> <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>1</ProtectYourPC> </OOBE> <RegisteredOrganization>Dickinson College</RegisteredOrganization> <RegisteredOwner>LIS</RegisteredOwner> <ShowWindowsLive>false</ShowWindowsLive> <UserAccounts> <AdministratorPassword /> <LocalAccounts> <LocalAccount wcm:action="add"> <Password> <Value>dABlAG0AcABQAGEAcwBzAHcAbwByAGQA</Value> <PlainText>false</PlainText> </Password> <Description>Temp Account</Description> <DisplayName>temp</DisplayName> <Group>Users</Group> <Name>temp</Name> </LocalAccount> </LocalAccounts> <DomainAccounts></DomainAccounts> </UserAccounts> </component> </settings>
Uploading Images
1. Once the reference machine is prepared copy the unattend.xml file to the drive
2. Run sysprep /generalize /oobe /shutdown /unattend:unattend.xml
3. PXE boot machine to WDS server4. Select volume to upload5. Give image a name6. Select option to upload to server7. Login8. Wait9. Associate the unattend.xml file with the image10.Create multicast session
Deploying Images
• On the Imaging VLANo PXE boot machine to WDSo Select the image to applyo Wait
• Off the Imaging VLANo Create a "Discover Image"o Boot machine with Discover Imageo Select the image to applyo Wait
Multicasting Images
Multicasting can be setup in two modes• Auto-Cast
o Session is initiated whenever a client requestso Additional clients are joined to session as they request
• Scheduled-Casto Set a specific time for session to completeo Clients wait until designated time to begin
A recent multicast session imaged 10 computers in about 45 minutes. Our old setup would take 4 hours and machines still needed to be configured manually.
Things that don't work so well
Changing the taskband for the default user profileActivation can be a painForgetting to setup a multicast session for an image tends to upset network engineersAutomating image deployment
ReferencesTechnet -Windows Deployment Serviceshttp://technet.microsoft.com/en-us/library/cc772106(WS.10).aspxHow Configuration Passes Workhttp://technet.microsoft.com/en-us/library/cc749307(WS.10).aspx
Brian Lee Jackson - Sysprep a Windows 7 Machine – Start to Finish V2http://blog.brianleejackson.com/sysprep-a-windows-7-machine-–-start-to-finish-v2
The Deployment Guys - Pin Items to the Taskbar and Start Menuhttp://blogs.technet.com/b/deploymentguys/archive/2009/04/08/pin-items-to-the-start-menu-or-windows-7-taskbar-via-script.aspx
Standard Unattend File -http://users.dickinson.edu/~steelc/resnet/wds%20presentation/Unattend.xml
Top Related