Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
Windows 7

Zero Touch Installations : Creating and Capturing a Reference Image (part 1)

1/11/2013 3:55:38 PM

The reference image is a Sysprep-prepared build of a Windows installation that will be deployed to existing and new computers. There are a number of approaches to creating a reference image using the traditional Windows Sysprep and capture:

A Bare Operating System

A computer is prepared with just the operating system and nothing else. This is captured and deployed to all new computers. It requires patching and all software deployment, consuming more time during deployment. This will be done by Configuration Manager.

A Bare Operating System with Patches

An operating system is deployed to a reference computer. All available patches are deployed to the machine before a reference image is captured. All deployments of this image require all software to be deployed by Configuration Manager after the operating system image is installed.

Standard Computer Image

A common computer image is defined, typically consisting of the operating system, Microsoft Office, common utilities, management and security agents, and all patches. This definition is used to build a computer and this machine is captured as a reference image. The image is deployed and Configuration Manager deploys all other software that is assigned to the machine/user that is not contained within the image.

Specialized Computer Images

An image is built with all of the required software for serving a specific role. This image is not a generic one that can be deployed to everybody—it is appropriate where a large number of computers must be deployed with specialized software that might take a long time to deploy. The benefit of this solution is that the fully functional computer can be delivered in a short amount of time.

There are merits to the many approaches. The key to the decision-making process is finding a balance between the following:

  • Building and testing the image

  • Updating/replacing the image as updates to patches and software are released

  • The time it takes for a fully functional PC to be deployed

We are going to focus on the simpler process of creating an image that contains the operating system and the security updates. The ConfigMgr site server that has been built contains everything that is needed. The good news is that we can automate the entire operating system installation, patch installation, Sysprep, and capture process using a task sequence.

There are a number of prerequisite packages (a collection of files shared from a distribution point) that are used during a Configuration Manager task sequence to deploy or capture an operating system. You can create them by hand, but we are going to do this the quick way by letting the Create Microsoft Deployment Task Sequence Wizard do the work for us.

  1. Start this wizard (Figure 1) by navigating into Operating System Deployment and then into Task Sequences, and then clicking on the link in the Actions pane.

    Figure 1. Choose a template for the Reference Task sequence.
  2. On the Choose Template screen, choose from a number of task sequence templates. We will use the Client Task Sequence. If you expand the drop-down list box you will see there are more options, including the ability to work with servers. Operating system deployment isn't limited to PCs and laptops!

  3. On the General screen, shown in Figure 2, you assign a name to and describe the task sequence. Choose something that is as descriptive as possible. You might end up with a large number of task sequences after a while and you should make it easy to find the one you want when doing some work. You might append version numbers to the names as you start to customize your task sequences.

  4. On the Details screen, shown in Figure 3, leave the machine in Workgroup. Reference machines should not be joined to a domain. You should enter the product key (the one shown is not a real one); otherwise the installation will stop and wait for someone to enter one. That would not be very zero touch.

  5. On the Capture Settings screen (Figure 4), tell ConfigMgr where to store the captured installation image and what to call it. You must enter the UNC path to the folder and the desired name of the WIM file that will be created. The path of \\deploysrv\image$\Windows 7 Pro x64.wim is used in this example. You must define a capture account. This example is using deploy\configmgrnw, but you can use any account that has modify rights on the image$ share.

    Figure 2. The Reference Task sequence, General screen
    Figure 3. Details for the Reference Task sequence
    Figure 4. Reference Task sequence, Capture Settings
  6. You created a boot image earlier, and you want to add drivers to it. On the Boot Image screen, shown in Figure 5, select one. We are working with 64-bit hardware and we want to deploy a 64-bit copy of Windows 7, so we will use the 64-bit boot image that we created earlier and add drivers to it.

    Figure 5. Select a Reference Task sequence boot image
  7. On the MDT Package screen (Figure 6), either use an existing or create an MDT package. The package will be used to temporarily download the content of MDT to a machine while the task sequence is running. This allows the task sequence to do many complicated tasks while it runs. We will choose to create an MDT package in the packages share at \\deploysrv\packages$\MDT\MDT 2010. The wizard will know where to find the MDT installation on this machine to create the package.

    You should note how we are using a subfolder called MDT 2010. This will allow the single MDT folder to contain many future versions of MDT as they are released and will keep things easy to find.

    Figure 6. Create an MDT Package
  8. Name the package as Microsoft Deployment Toolkit 2010 in the following MDT Details screen.

  9. The OS Image screen (Figure 7) allows you to do a number of things. You can choose an existing captured image (OS image) that is managed by ConfigMgr, create a new OS image from a captured WIM file, choose an OS install package (containing the Windows installation media files), or create a new OS install package. For the purposes of this exercise, do the latter. The Windows 7 installation media is loaded or mounted (E:\) and the destination for the new package is \\deploysrv\packages$\Windows\Windows 7.

  10. Name the OS Image Windows 7 in the Install Source screen.

  11. On the next screen either select an existing package to install the Configuration Manager client or create a new package. We will select the Create A New ConfigMgr Client option.

  12. The User State Migration Toolkit (USMT) will be used for capturing user states and restoring them. It won't be necessary to do this during the build of a reference image, but it won't hurt us to create the package now. Do that in the USMT Package screen (Figure 8). The default location of USMT is detected by ConfigMgr and entered for you. This is in the WAIK installation location in a subfolder called \too1s\USMT. The package should be created in \\dep1oysrv\packages$\USMT\USMT 4.0.

    Figure 7. Create an OS installation package
    Figure 8. USMT Package screen
  13. Name the package as User State Migration Toolkit 4.0 in the following USMT Details screen.

  14. There are two files required for an MDT installation of Windows 7. Unattended installations require an answer file. It's the same XML file you might have created in WAIK, or used in WDS or MDT. MDT deployments also require some settings in the form of a file called CustomSettings.ini. We will supply these settings in a package. The package is created in the Settings Package screen (Figure 9). The files will be created in \\deploysrv\packages$\Settings\Build and Capture Settings. You will have to change the CustomSettings.ini file in a little while. You can optionally tweak the answer XML file to change the way that Windows 7 is installed.

    Figure 9. Custom Settings

    The package name can be called Build and Capture MDT Settings in the following Settings Details screen.

  15. The Sysprep screen is similar to the previous ones. Legacy operating systems such as Windows XP didn't come with Sysprep, so you would have to create a package if you were working with them. Sysprep has been included with Windows since the Vista release. This means we can choose the "No Sysprep package is required" option on the Sysprep Package screen.

    You accomplished a lot of work. The good news is that once these packages are created, you can just select them for reuse later. You might choose to use different settings packages, or maybe use a captured WIM file later on, but those involve minor amounts of work.

    The wizard will then start to create packages and the task sequence. This might take a while, thanks to the creation of the OS installation package, so it will be another of the many opportunities to check your email or to take a watercooler break.

    Task Sequence Template

    We are using a MDT 2010 task sequence template for the tasks in this exercise. The template will contain a number of ordered individual tasks. You can choose to create a native ConfigMgr template. Alternatively, you can choose to create a custom template and add each task or step in by hand.

  16. A couple of minor edits must be completed in the task sequence. You can find the task sequence in Computer Management\Software Distribution\Task Sequences. Launch the Task Sequence Editor (Figure 10) by right-clicking a task sequence and selecting Edit.

    Figure 10. The Task Sequence Editor
  17. Navigate to the Apply Operating System Image task in the left navigation pane. Change the Edition in the right pane to the edition of Windows that you want to install, such as Windows 7 Professional. By default the Task Sequence Editor installs the Home Basic edition of Windows 7, which would be of no use in an enterprise network.

  18. The Setup Windows and ConfigMgr task must also be edited. Click on this task in the left pane and change the entry in the Installation box to


    The operating system that this task sequence will build will be a workgroup member. Workgroup members cannot use Active Directory to figure out what their ConfigMgr site server should be. They must be told to use a Service Locator Point on a specific server. This ConfigMgr client installation parameter will tell them to use the site server role that was installed on DeploySrv.

    Install Software Using a Task Sequence

    You can use the Install Software action to install a software distribution package on the resulting machine. Doing so allows you to include ConfigMgr managed software in the reference image. You can add additional Install Software tasks to the task sequence.

    Any desired software distribution package must have the "Allow this program to be installed from the Install Software task sequence without being advertised" option enabled in the required program. This setting is not enabled by default. You can find instructions for changing this setting in all of your packages at once at http://blogs.technet.com/b/mniehaus/archive/2008/10/02/allow-this-program-to-be-installed-from-the-install-software-task-sequence-without-being-advertised.aspx.

    You need to return to the MDT settings package once the packages are created. This is your opportunity to change the unattended installation XML file. You should also change the CustomSettings.ini file.

  19. Navigate to D:\Packages\Settings\Build and Capture Settings and open CustomSettings.ini using Notepad. You should change the contents to the following:

    _SMSTSORGNAME=Deploy Inc. IT Department

    This will force MDT to capture the image and will change the default label of IT Organization on the task sequence progress bar to a label of your choosing, such as Deploy Inc. IT Organization.

  20. Save the changes, and then it will be time to make the packages available to the network.

Other -----------------
- Preparing and Configuring Boot Images (part 2) - Adding Drivers to a Boot Image
- Preparing and Configuring Boot Images (part 1) - Creating Boot Images
- Microsoft Access 2010 : Using Reports to Print Information - Printing a Report
- Microsoft Access 2010 : Using Reports to Print Information - Opening and Viewing a Report
- Programming Drivers for the User Mode Driver Framework - Driver Dynamic-Link Library and Exports
- Creating a Home Network : Setting Up a Wireless Network
- Creating a Home Network : Setting Up a Wired Network with a Router
- Creating a Home Network : Setting Up a Wired Network with an ICS Host
- Creating a Home Network : Creating a Wired LAN, Creating a Wireless LAN
- Microsoft Project 2010 : Setting Up a Project Budget - Assigning Accounting Codes
- Microsoft Project 2010 : Setting Up a Project Budget - Setting the Project Fiscal Year
- Microsoft Project 2010 : Setting Up a Project Budget - Reducing Project Costs
- Microsoft PowerPoint 2010 : Incorporating Motion Video - Placing a Video on a Slide
- Microsoft PowerPoint 2010 : Incorporating Motion Video - Understanding Video Types
- Microsoft Excel 2010 : Using Formulas - Using Names To Simplify References, Inserting Formulas into Tables
- Microsoft Excel 2010 : Using Formulas - Copying a Formula, Formula Operators
- Microsoft Word 2010 : Proofing a Document - Finding and Replacing Text
- Microsoft Word 2010 : Checking Your Spelling and Grammar
- Microsoft Visio 2010 : Finding and Managing Shapes (part 3)
- Microsoft Visio 2010 : Finding and Managing Shapes (part 2) - Searching for Shapes
Most view of day
- Microsoft Exchange Server 2007 : Leveraging the Capabilities of the Outlook Web Access Client - Using Contacts in OWA
- Zero Touch Installations : Creating and Capturing a Reference Image (part 1)
- Integrating Systems Management Server 2003 into Patch Management Processes (part 1) - Extending SMS 2003 Functionality for Software Updates
- SharePoint 2010 : Farm Governance - Configuring a Managed account
- Sharepoint 2013 : Service Application Fundamentals (part 2) - The Connection Structure - Tying It Up with an Example
- SharePoint 2013 : Health and Monitoring (part 3) - Analytics, The Health Analyzer
- Administering an Exchange Server 2013 Environment (part 3) - Exchange Management Shell
- Microsoft Systems Management Server 2003 : Configuring the Software Distribution Component
- Microsoft Outlook 2010 : Working with Tasks - Adding a Task
- Maintaining Dynamics GP : Speeding security setup with User Copy
Top 10
- Microsoft Lync Server 2013 : Director Troubleshooting (part 3) - Synthetic Transactions,Telnet
- Microsoft Lync Server 2013 : Director Troubleshooting (part 2) - DNS Records, Logs
- Microsoft Lync Server 2013 : Director Troubleshooting (part 1) - Redirects, Certificates
- Microsoft Lync Server 2013 : Administration of the Director Role (part 4) - Services Management, Client Version Filter
- Microsoft Lync Server 2013 : Administration of the Director Role (part 3) - Topology Status
- Microsoft Lync Server 2013 : Administration of the Director Role (part 2) - Ports,Firewall Rules
- Microsoft Lync Server 2013 : Administration of the Director Role (part 1) - Services
- Microsoft Lync Server 2013 : Configuring the Director (part 2) - Web Services Ports,Reverse Proxy
- Microsoft Lync Server 2013 : Configuring the Director (part 1) - SRV Records, Web Services FQDN Overrides
- Sharepoint 2013 : SharePoint Designer 2013 (part 2) - Locking Down SharePoint Designer
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro