310 likes | 628 Views
Windows Deployment Services Sysprep and You . Imaging Windows 7 Systems. Agenda. Windows Deployment Services Background Requirements Installation Imaging VLAN Motivation Advantages Creating Images Setting up a reference machine Sysprep Uploading the image Deploying Images
E N D
Windows Deployment ServicesSysprep and You Imaging Windows 7 Systems
Agenda Windows Deployment Services Background Requirements Installation Imaging VLAN Motivation Advantages Creating Images Setting up a reference machine Sysprep Uploading the image Deploying Images On the imaging VLAN Off the imaging VLAN Conclusions Things that work well Things that don't work so well References
Background Our old imaging process • Used DOS based tools from Altiris • Slow • Driver support getting harder What is Windows Deployment Services? • Updated version of Remote Installation Services • Added as a role in Windows 2008 • Uses the Windows Imaging Format to handle images • Free!
WDS Requirements • Must be a member of an AD DS domain or be a domain controller • DHCP - WDS uses PXE booting which requires DHCP capability. • DNS • NTFS volume for the image store • Windows Server 2003 or 2008
Installing and Configuring WDS • Add the role to the server • Configure through MMC snap-in • Create an image group • Add an install image • Add a boot image
Imaging VLAN Motivation and Advantages • Some segments of our network don't have DHCP available • Allows us to segregate some of the services • Machines can be configured on the Imaging VLAN
Setting up the reference machine • First install performed using the default install image • Add applications • Boot into Audit mode to configure default user profile and perform final customizations • Run sysprep on machine
Using sysprep Sysprep Phases Creating Answer Files
Sysprep Phases • windowsPE - disk configuration • offlineServicing - applies settings and packages • specialize - applies system specific information • generalize - removes system specific information • auditSystem - used in Audit mode • auditUser - used in Audit mode • oobeSystem - Out of Box Experience
Creating answer files Windows Automated Installation Kit Windows System Image Manager
Our unattend.xml <servicing> <package action="configure"> <assemblyIdentity name="Microsoft-Windows-Foundation-Package" version="6.1.7600.16385" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="" /> <selection name="InboxGames" state="true" /> <selection name="Chess" state="true" /> <selection name="FreeCell" state="true" /> <selection name="Hearts" state="true" /> <selection name="Minesweeper" state="true" /> <selection name="More Games" state="true" /> <selection name="PurblePlace" state="true" /> <selection name="Shanghai" state="true" /> <selection name="Solitaire" state="true" /> <selection name="SpiderSolitaire" state="true" /> </package> </servicing>
Our unattend.xml <settings pass="generalize"> <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipRearm>1</SkipRearm> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DoNotCleanTaskBar>true</DoNotCleanTaskBar> <OEMInformation /> </component> </settings>
Our unattend.xml <settings pass="specialize"> <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipAutoActivation>true</SkipAutoActivation> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <ComputerName>*</ComputerName> <CopyProfile>true</CopyProfile> <DoNotCleanTaskBar>true</DoNotCleanTaskBar> <ShowWindowsLive>false</ShowWindowsLive> <TimeZone>Eastern Standard Time</TimeZone> </component> </settings>
Our unattend.xml <settings pass="oobeSystem"> <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <InputLocale>en-us</InputLocale> <SystemLocale>en-us</SystemLocale> <UILanguage>en-us</UILanguage> <UserLocale>en-us</UserLocale> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <AutoLogon> <Password> <Value>[encoded password]</Value> <PlainText>false</PlainText> </Password> <Enabled>true</Enabled> <LogonCount>5</LogonCount> <Username>itconsult</Username> </AutoLogon>
Our unattend.xml <FirstLogonCommands> <SynchronousCommand wcm:action="add"> <CommandLine>cscript //b c:\windows\system32\slmgr.vbs /ipk [License Code]</CommandLine> <Order>1</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <CommandLine>cscript //b c:\windows\system32\slmgr.vbs /ato</CommandLine> <Order>2</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <CommandLine>net user temp /delete</CommandLine> <Description>Delete Temp User Account</Description> <Order>3</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> </FirstLogonCommands>
Our unattend.xml <OOBE> <HideEULAPage>true</HideEULAPage> <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>1</ProtectYourPC> </OOBE> <RegisteredOrganization>Dickinson College</RegisteredOrganization> <RegisteredOwner>LIS</RegisteredOwner> <ShowWindowsLive>false</ShowWindowsLive> <UserAccounts> <AdministratorPassword /> <LocalAccounts> <LocalAccount wcm:action="add"> <Password> <Value>dABlAG0AcABQAGEAcwBzAHcAbwByAGQA</Value> <PlainText>false</PlainText> </Password> <Description>Temp Account</Description> <DisplayName>temp</DisplayName> <Group>Users</Group> <Name>temp</Name> </LocalAccount> </LocalAccounts> <DomainAccounts></DomainAccounts> </UserAccounts> </component> </settings>
Uploading Images • Once the reference machine is prepared copy the unattend.xml file to the drive • Run sysprep /generalize /oobe /shutdown /unattend:unattend.xml • PXE boot machine to WDS server • Select volume to upload • Give image a name • Select option to upload to server • Login • Wait • Associate the unattend.xml file with the image • Create multicast session
Deploying Images • On the Imaging VLAN • PXE boot machine to WDS • Select the image to apply • Wait • Off the Imaging VLAN • Create a "Discover Image" • Boot machine with Discover Image • Select the image to apply • Wait
Multicasting Images Multicasting can be setup in two modes • Auto-Cast • Session is initiated whenever a client requests • Additional clients are joined to session as they request • Scheduled-Cast • Set a specific time for session to complete • Clients wait until designated time to begin A recent multicast session imaged 10 computers in about 45 minutes. Our old setup would take 4 hours and machines still needed to be configured manually.
Things that work well • Deploying images is fairly painless • Multicasting • Some hardware independence
Things that don't work so well • Changing the taskband for the default user profile • Activation can be a pain • Forgetting to setup a multicast session for an image tends to upset network engineers • Automating image deployment
References Technet - Windows Deployment Services http://technet.microsoft.com/en-us/library/cc772106(WS.10).aspx How Configuration Passes Work http://technet.microsoft.com/en-us/library/cc749307(WS.10).aspx Brian Lee Jackson - Sysprep a Windows 7 Machine – Start to Finish V2 http://blog.brianleejackson.com/sysprep-a-windows-7-machine-–-start-to-finish-v2 The Deployment Guys - Pin Items to the Taskbar and Start Menu http://blogs.technet.com/b/deploymentguys/archive/2009/04/08/pin-items-to-the-start-menu-or-windows-7-taskbar-via-script.aspx Standard Unattend File - http://users.dickinson.edu/~steelc/resnet/wds%20presentation/Unattend.xml
Thank you ResNet Symposium Infrastructure Systems at Dickinson College You Please remember to fill out the survey http://www.resnetsymposium.org/rspm/evaluation/