Deploy Windows 7 Using Microsoft's FREE Deployment Tools

Deploy Windows 7 Using Microsoft’s FREE Deployment Tools Rhonda J. Layfield Sr. Deployment Architect Deployment Done Right

Rhonda Layfield •I live in Washington DC in the States… •Been in the IT industry for 30 years •US Navy for 7 years •Write for Windows IT Pro magazine •Setup and Deployment MVP •Desktop Deployment Product Specialist (DDPS) •I am self employed •The name of my company is Deployment Done Right

Get In Touch With Me… •Let me know how your deployments are going: •[email protected]

•Follow me on Twitter •[email protected]

•Sign up for one of my hands-on deployment classes •September 2011 in Washington DC •Contact me for details

•Bring me into your organization to hear more about deployment •For short term consulting and in-house training

The Goal For This Session •To help you decide which tool is right for you •All tools deploy both Server and Desktop Operating Systems (OSs) •All tools are either FREE or In-The-Box

•The tools are: •Microsoft Deployment Toolkit 2012 (MDT 2012) •Windows Deployment Service (WDS)

•The One Tool Not Covered is System Center Configuration Manager (SCCM) •But first…

Overview •Image Formats and Scenarios •MDT •Installation •Configuration •Network deployments •XP migrations •MDT advanced features

Overview •WDS •Installation •Configuration •Multicast traffic

•MDT & WDS integration •Differences between MDT & WDS

Windows Image Formats •There are two • Windows Image • .Wim

•Virtual hard disk • .Vhd

.Wim Compared to .Vhd •.Wim •Contain a single volume (c: d: e:) •Multiple images may be stored in a single .wim file •Single instancing •No redundant file storage •Service image offline •Apply patches quick and easily

•.Vhd •Contain an entire hard drive (multiple volumes) •Service image offline

Three Types of Images: Thick, Thin, Hybrid •Thick images contain an OS and all applications •More difficult to make changes to later

•Thin images usually contain only the OS •Applications are deployed after the OS • Group Policy deployment • MDT 2010 U1 • Manually

•Hybrid images contain OS and corporate approved applications •Like line of business (LOB) applications created in-house

4 Deployment Scenarios Scenario Bare Metal

Description New machines

Refresh

Keeping the old hardware installing a new OS on the existing machine

Replace

Replacing existing computer with a new computer while maintaining user’s settings and data

Upgrade

Unless your upgrading from Vista there is no direct upgrade path

MICROSOFT DEPLOYMENT TOOLKIT 2010 UPDATE 1 (MDT 2010 U1)

Setting Up MDT 2010: as easy as 1-2-3 1

Install WAIK

2

Install MDT

3

Create a Deployment Share

Operating Systems: Server 2008 R2 Server 2003 R2 Vista Windows 7

MDT 2010 U1 Deployment Server

Create a Deployment Share Open Deployment Share

1 Add an OS

W7W7 DVD DVD Windows Server 2003 R2 Windows Server 2008 & R2 XP SP3 Vista SP1 Windows 7 & SP1

MDT 2010 U1 Deployment Server

2

SYSPREP

Deploy OS

3 Store Image

Create A Reference

Add Components •Applications •Office 2010 •Adobe Reader

•Drivers •3rd party

•Packages •OS patches •Language packs

Over Time You Will Have Multiple Images To Deploy: •Multiple OSs •Windows 7 SP1 base DVD •Windows 7 custom Hybrid .wim image •Windows Server 2008 R2

•Drivers for different models of machines •Applications for different groups of users •So you will need a way to group components together for a specific deployment •This is called a Task Sequence

Then You Need To Update The Deployment Share •Updating the deployment share creates a custom MDT Windows Pre Installation Environment (WinPE) •This WinPE is very intelligent •Pre-configured to know who the MDT server is and the name of the Deployment Share

Add an OS, Application, Drivers Create a Task Sequence Update the Deployment Share

Then, Get MDT Ready To Deploy The Custom .wim Image •Import the Custom .wim •Create a task sequence •Deploy

1 MDT WinPE

MDT 2010 U1 Deployment Server

Copy WinPE

2

Boot Target

Connect to MDT Server and Download Image

3

Boot Client With WinPE Walk Through The Deployment Wizard

Automate The Client

Automate the Clients Experience •When you run the Deployment Wizard •Choose which screens are displayed during the deployment •Suppress the ones you don’t want anyone to see or change like: • Product Key • Administrator’s password

•Customize the words displayed on the pages

Automate The Client Deployment •BootStrap.ini •CustomSettings.ini •If you make changes to the Boostrap.ini you will need to update the deployment share again to reflect those changes •For Help on variables to add to these files: •Help •Microsoft Deployment Toolkit Reference • Properties • Property Definitions

Automate A Deployment Share

XP Migration “Refresh” Scenario

XP SP2/SP3

Gather Application Information

1

Configure MDT and Application Information

2

Begin MDT Deployment Wizard

3

Get list of Applications Configured

4

List & Registry Scan = New list “Pre Selected”

5

USMT Gathers User and Application Settings (local store)

6

MDT 2010 U1 Deployment Server

XP Migration “Refresh” Scenario

XP SP2/SP3 7 Windows

Boots to WinPE - Win 7 is Installed

7

Applications are Installed from MDT Deployment Share

8

USMT Applies User and Application Settings (local store)

9

MDT 2010 U1 Deployment Server

MDT Network Deployment

Get MDT Deployment Server Ready •Add an Operating System •Windows 7

•Add Drivers •Create a Task Sequence

Get MDT Deployment Server Ready

XP Migration With Applications •Performing Refresh scenario •Currently running XP •Migrate to Windows 7

•Applications that are currently installed on XP should automatically be re-installed on Windows 7

1

Gather Application Information

• Log on as a standard user for read only mode • HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall

Uninstall key name

1

Gather Application Information

• .Exe’s are easy – the application name is obvious • .Msi’s are displayed as GUID’s – look for the DisplayName

.MSI

EXE

1

Copy Key Name to Notepad

1

•This is what you will get: •HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio n\Uninstall\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}

•This is the piece you want: •HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio n\Uninstall\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}

•If your doing a lot of applications at one time: XMLNotepad = {FC7BACF0-1FFA-4605-B3B4-A66AB382752D} NetMon 3.3 = {365C5A10-6561-454F-B975-56EA878D0A06} Office 2007 = {90120000-002A-0000-1000-0000000FF1CE}

Gather Application Information

2

Configure MDT Server: With Application Information

• Performed on the MDT deployment server • Within the Deployment Workbench • Add an application • Open the properties of the application • Go to the Details tab • Input the Uninstall registry key name from your Notepad file

Add Application data to MDT Server

2

•Create the script that will search for applications •Create LTIAppDetect.vbs script •Download LTIAppDetect.vbs from • http://www.deploymentdr.com/Download.html

•Copy the LTIAppDetect.vbs script to your deployment share’s Scripts folder

2

•Configure MDT to look for applications - edit the properties of your deployment share • From within the Deployment Workbench / Properties of your deployment share / Rules tab [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y SkipAppsOnUpgrade=YES SkipCapture=YES SkipAdminPassword=NO SkipProductKey=YES

2 • Add LTIAppDetect.vbs [Settings] Priority=Default Properties=MyCustomProperty [Default] UserExit=LTIAppDetect.vbs OSInstall=Y SkipAppsOnUpgrade=YES SkipCapture=YES SkipAdminPassword=NO SkipProductKey=YES

Configure Deployment Workbench With Script

3

Begin MDT Deployment Wizard

•Launch LiteTouch.vbs from the XP workstation • Map a drive to your deployment server: • Net use P: \\ServerName\DeploymentShareName\Scripts • Deployment server = DeploySrv • Deployment share = DeploymentShare$ • Net use P: \\Deploysrv\DeploymentShare$\Scripts • Then from the P: drive double click on LiteTouch.vbs

•OR • Start / Run /

Steps 4 and 5 – You won’t see these 4

Get a list of Applications Configured These are the applications you configured on the deployment server in the deployment workbench

5

List & Registry Scan = New list “Pre Selected” The list of configured applications on the deployment server and the list of applications from the XP registry are compared to create a third list The third list is the list of applications displayed as pre selected during the deployment process

6

USMT Gathers User and Application Settings

•User State Migration Tool v4.0 gathers existing user data, settings and application settings •This is called “Users State” •User State is stored locally scanstate.exe C:\MININT\StateStore /v:5 /o /c /hardlink /nocompress /efs:hardlink /i:C:\MININT\USMT\MigApp.xml /i:C:\MININT\USMT\MigDocs.xml /l:C:\MININT\SMSOSD\OSDLOGS\USMTcapture.log /progress:C:\MININT\SMSOSD\OSDLOGS\USMTcapture.prg

Steps 7 and 8 – Task Sequence Performs These: 7

Boots to WinPE - Windows 7 is Installed Windows 7 is installed

8

Applications are Installed from MDT Deployment Share Applications selected from the “Select one or more applications to install” page (Windows Deployment Wizard) are installed

USMT Applies Locally Stored Settings 9

•USMT applies previously gathered user data, settings and application settings loadstate.exe /v:5 /c /lac /hardlink /nocompress /i:C:\MININT\USMT\MigApp.xml /i:C:\MININT\USMT\Migdocs.xml /l:C:\MININT\SMSOSD\OSDLOGS\USMTrestore.log C:\MININT\StateStore /progress:C:\MININT\SMSOSD\OSDLOGS\USMTrestore.prg

Mandatory Applications

Make Applications Mandatory •If you don’t want a person to be able to de-select an application during deployment… •Edit LTIAppDetect.vbs script •Set oApplications = oEnvironment.ListItem("Applications") To:

•Set oApplications = oEnvironment.ListItem("MandatoryApplications")

Clean Up Active Directory Users and Computers •If you rename your newly migrated machine the old name still exists in AD •So, you might want to clean that up by deleting the old machine name

What We Covered •4 Deployment Scenarios •Migrated an XP machine to Windows 7 while also maintaining: •User’s data •User’s Settings • IE Favorites • Desktop settings

•Application Installations and Settings

Selection Profiles

MDT Components •The MDT components are: •Operating Systems •Applications •Drivers •Packages •Task Sequences

•To use some of the Advanced Features of MDT you will need to group MDT components together •The way you group MDT components is by creating a “Selection Profile”

MDT’s Selection Profiles •The MDT components you group will determine what you can do with the selection profile: •Group drivers and packages to inject into the MDT generated Windows Pre Installation Environments (WinPEs) •Group drivers to inject into an OS task sequence •Control which MDT components are included in “Media” •Group MDT components to replicate (and keep in sync) to linked deployment shares

Branch Offices

Dubai MDT Deployment Server

Good WAN Link

London

Unreliable WAN Link

New York

MDTs Media Feature •Media allows you create a fully deployable image •OS •Applications •Drivers •Packages •Task sequences

MDT Media Deployment

Bare Metal

Pro Con

No Network Connectivity

No Version Control

Storage Options •If you choose a DVD burn the .ISO file to the DVD •If you choose: •External hard drive •UFD (USB flash drive) •You will need to prepare the media first

Steps For Media •Create a selection profile •Run the New Media Wizard •Update the Media •Prepare the media •Deploy

Create a Selection Profile Create Media

Preparing Media •Open an elevated command prompt •DISKPART • List disk (record the number of the external device) • Select disk N (N is the disk number • Select disk 2 • Clean • create partition primary • select partition 1 • Active • format fs=ntfs • Assign • exit • Close the command prompt

Preparing Media Completed •Open Windows Explorer •Turn on show hidden files •Navigate to the Media “Content” folder •Copy the entire Content folder •Boot folder •Deploy folder •EFI folder •Autorun.inf •Bootmgr •Bootmgr.efi

Linked Deployment Shares (LDS)

Branch Offices

Dubai OS Application Drivers Task Sequences

MDT Deployment Server

Good WAN Links

London

New York

Linked Deployment Shares (LDS) •LDS allows you to copy a subset (or all if you choose) of components to another machine •Even Windows 7 can host a LDS •To create a LDS •Begin on the target computer

On The Target Computer •This is the computer you want to copy the LDS to… •Create a folder •Ensure there is enough hard drive space •MDT will not check this for you

•Share the folder •Now you are ready to create the LDS on the MDT server

Create A LDS on The MDT Server •Create a selection profile containing all the MDT components you would like copied (replicated) to the target computer •Create a new LDS •Type in the UNC path to where you want the new LDS • Example \\server\share • \\W7\LondonDS

•Choose your selection profile

Create A LDS on The MDT Server - Continued •Select one of the options: •Merge the selected contents into the target deployment share •OR •Replace the contents of the target deployment share folders with those selected

•Rename the LDS •R-click the LDS and choose Replicate Content •The contents you selected in your selection profile will be copied to the new LDS via ROBOCopy

Create a LDS

When You Make Changes •The changes need to be replicated to the target computer •You can either right-click the LDS and choose “Replicate” •This will replicate EVERYTHING again even things that have not changed

•OR •Change the replication technology to use Distributed File SystemReplication (DFS-R) •Create a scheduled task that will replicate changes whenever you want them replicated •Only what has changed will be replicated

MDT Database

MDT Database •Automate what gets installed on a computer •Imaged and re-imaged

•How it works: •When a client begins the Deployment Wizard a script runs: ZTIGather.wsf • Gathers all kinds of information from the client like: • Universally unique ID (UUID) • Serial number • Asset tag • MACAddress • Queries the MDT database for a match • Applies the configured settings

Set Up MDT Database •SQL is not supported on DCs •You’ll need a member server •Install SQL (Express will work) •Configure the database with the computer identifier •The computer will check in with the database and perform whatever steps you choose

Johan Arwidmark mikael nystrom

What We Covered: Create a Master image Automate the Deployment Group MDT Components Put a complete deployment on a USB flash drive Create multiple deployment shares and keep them current MDT Database feature

Windows Deployment Service (WDS)

Windows Deployment Service •WDS replaces Remote Installation Services (RIS) •Provides both boot and installation images from the WDS server •Supports .WIM and .VHD technology

WDS Requirements DHCP

1

AD/DNS

2 3

BareMetal

WDS

Installing WDS •In the box with Server products, well kind of •Install WDS on a 2003 SP1 Server •Install RIS •Install patch from the WAIK: windows_deployment_services_update.exe

•Install WDS on a 2003 SP2 Server • Control Panel / Add/Remove Programs / Windows Components / WDS

•Install WDS on a 2008 (& R2) server •Server Manager •Add Roles •Select Windows Deployment Services from the list of roles

Configuring WDS WDS snap-in Right-click Servers Add Server – defaults to local server Right-click your server and choose Configure Server.

Store Your Images

Store your images on a drive other than where the OS resides

WDS Server also a DHCP Server?

WDS server responds to…

Known clients are Prestaged in Active Directory

Prestaging and The GUID

564D49219C768546A956C310ED7D2BF6

Use a Specific WDS Server

Add a Boot Image •A boot image is a Windows Pre Installation Environment (WinPE) •The most current will always be best •Windows 7 SP1 Boot.wim can deploy •Vista SP1 – Windows 7 – Windows 7 SP1 •Windows Server 2003 R2, 2008 and 2008 R2

•Use an older WinPE will produce undesired results

Add an OS Image •Both .wim and .vhd are supported •Adding a .wim •Right–click Install Images • Add Install Image • Image Groups

•Adding a .vhd •Elevated command prompt •WDSUTIL /Add-Image /ImageFile:\\Server\Share \Win7.vhd /Server:WDSServer /ImageType:Install /ImageGroup:Windows7 /Filename:"Windows7.vhd"

Add Drivers & Applications •3rd party drivers only •No Applications can be deployed from WDS •Only a Thick image containing your applications

From The Client •Perform a Network Boot •Sometimes called a Pre Execution Boot Process •OR •PXE Boot

WDS And Network Deployments

Multicast Transmissions Server1 sends packet 1 to client1 Server1 sends packet 1 to client2 Server1 sends packet 1 to client3

Server1 sends packet 1 to all clients

Server1 sends packet 1 to client1, client2, client3

Windows Deployment Services Multicast Enhancements Multiple streams of traffic Optimized rates based on client connection

Fast

Client Auto Removal Slower clients can be dropped to unicast or entirely (only in standard multicast)

Medium Slow

Boot Image Multicast Windows PE boot images can use multicast (clients with EFI)

Multicast

WDS Server

First client joins “transmission”

Multicast

WDS Server

Fast

Medium

Slow

Medium

Multicast

WDS Server

Medium

Slow

Medium

Fast

Medium

Fast

Medium

Multicast

WDS Server

Slow

Medium

Medium

Multicast

WDS Server

The Best of Both Worlds

Integrating MDT & WDS Together

MDT & WDS Together WDS Server

MDT 2010 U1 Deployment Server MDT WinPE

MDT WinPE

Win 7 Image Download Image

PXE Boot

Targets

Feature Comparison

MDT

WDS

Supports .wim images

YES

YES

Supports .vhd images

NO

YES

Requires Infrastructure

NO

YES

Manage images easily

YES

NO

Driver management

Easy

Difficult

Provides PXE capabilities

W/ WDS

YES

Provides Multicast

W/ WDS

YES

Creates offline or stand alone media

YES

NO

Automate Deployments

YES

YES

Corporate Deployment Share replicates DS to Branch Offices

YES

NO

What We Covered •Image Formats and Scenarios •MDT •Installation •Configuration •Network deployments •XP migrations •MDT advanced features

•WDS •Installation •Configuration •Multicast traffic

•MDT & WDS integration •Differences between MDT & WDS

Thank you for attending my session! •Let me help•[email protected] •WWW.DeploymentDr.Com •AND TrainSignal Deployment Training DVD Set

•I’ll tweet about new products as they are released: •[email protected]