The Holy Grail of Deployment

Download The Holy Grail of Deployment

Post on 24-Oct-2014




0 download

Embed Size (px)


<p>3/23/2010</p> <p>Presented by Rhonda J. Layfield Copyright 2010</p> <p>IT industry 25+ years Contribute articles to Windows IT Pro mag Setup and Deployment MVP Desktop Deployment Product Specialist (DDPS) Co-Author Windows Server 2003 R2 and Windows Server 2008 books NEW Microsoft Deployment Book Deployment class Vegas next week</p> <p>1</p> <p>3/23/2010</p> <p>Microsoft Assessment and Planning Tool (MAP) Manually creating and deploying imagesWindows Automated Installation Kit 2.0 Volume Activation and Key Management Service (KMS)</p> <p>Microsoft Deployment Toolkit 2010Deploy a bare metal Windows 7 client Migrate an XP client to Windows 7 Advanced features</p> <p>Windows Deployment Service (WDS)Installation Setup Common issues</p> <p>Application Compatibility Toolkit (ACT)</p> <p>Deployment Process Image FormatsWIM VHD</p> <p>Windows Automated Installation Kit (WAIK) 2.0Windows Pre-Installation Environment (WinPE) 3.0 Windows System Image Manager (WSIM) User State Migration Tool (USMT) 4.0 Deployment Image Servicing and Management (DISM)</p> <p>Volume Activation 2.0</p> <p>2</p> <p>3/23/2010</p> <p>3</p> <p>3/23/2010</p> <p>Agentless Finding your clientsThis is called discovery</p> <p>Getting information from your clientsInventory</p> <p>Windows 7 Windows Vista Windows XP Pro SP 2 or later Windows Server 2008 R2 Windows Server 2008 Windows Server 2003 R2 Windows Server 2003 SP 1 or later Runs on either x86 or x64 Itanium processors are not supported</p> <p>4</p> <p>3/23/2010</p> <p>Discovery MethodsActive Directory Domain Services (AD DS) Windows networking protocols Import names of your computers from a file IP address ranges Manually enter a computer name</p> <p>LDAP query to a DCAsking for information that is:Domain based Container based OU based</p> <p>Some clients may not show upComputers that have not been logged onto the AD domain in over 90 days will not be inventoried Supports up to 120,000 computer objects per domain User Account that performs the LDAP querymember of the Domain Users group</p> <p>5</p> <p>3/23/2010</p> <p>Windows Networking ProtocolsMachines that are connected to Workgroups or NT 4.0 domains Queries are sent to the Browser service Must be run on each subnet</p> <p>Text fileEach computer name should be on a new line No delimiters Supports up to 120,000 computer names to inventoryNetBIOS names Fully Qualified Domain Names (FQDN)</p> <p>Only one file at a time can be imported</p> <p>Hardware and Device Driver PlanningWindows 7 Windows Vista Windows Server 2008 Windows Server 2008 R2</p> <p>Microsoft Office 2007 Microsoft Application Virtualization Microsoft SQL Server 2008 Forefront Client Security and Network Access Protection.</p> <p>6</p> <p>3/23/2010</p> <p>Windows Management Instrumentation (WMI)Collects hardware, software and device information</p> <p>Remote Registry ServiceFinds the roles that are installed on a server</p> <p>VMWare WebserviceInventory hosts running VMWare ESX</p> <p>7</p> <p>3/23/2010</p> <p>1W7</p> <p>2</p> <p>Imaging ToolMDT ImageX WDS Capture</p> <p>3</p> <p>Targets</p> <p>4</p> <p>Deployment Server</p> <p>WimsContain a single volume (c: d: e:) Multiple images may be stored in a single .wim fileSingle instancing No redundant file storage</p> <p>Service image offlineApply patches quick and easily</p> <p>VhdsBrand new with Windows 7 Contain an entire hard drive (multiple volumes) Microsoft Deployment Toolkit (MDT) 2010 does not support .vhd Windows Deployment Service does support .vhd</p> <p>8</p> <p>3/23/2010</p> <p>ToolDeployment Tools Command Prompt CopyPE Deployment Image Servicing and Management (DISM) Imagex OSCDIMG Windows System Image Manager (WSIM) User State Migration Tool 4.0 (USMT 4.0)</p> <p>What it does for You!cmd that is aware of the path that contains the WAIK tools create a WinPE working environment mount, unmount and manage images, Add / Remove packages and drivers to an image Capture and apply images create an .ISO out of the contents of a folder create answer files (setup scripts) in .xml format migrates users profile, IE favorites and documents</p> <p>Volume Activation Management Tool 1.2 centrally manage volume activation</p> <p>Install an OSXP SP3 Vista SP1 or later Windows 7 Windows Server 2003 R2 (all SPs) Windows Server 2008 (all SPs) Windows Server 2008 R2</p> <p>Configure Settings Sysprep (Generalize switch) Capture an image using ImageX But you cant get an image of an OS up and running</p> <p>9</p> <p>3/23/2010</p> <p>So youll need to boot the reference machine into another OS Thats where Windows Pre Installation Environment (WinPE) comes in WinPE 3.0 that is</p> <p>Scaled down version of the Windows 7 KernelYou can think of it as W-7 Jr.</p> <p>Boots into and runs from RAMX: drive by default</p> <p>Not appropriate for production, day-to-day useReboots every 72 hours</p> <p>Command Line Interface Only Can be converted to a bootable .ISO and placed on:CD, DVD, USB Flash Drive, external hard drive</p> <p>Where can you find a WinPE?Boot.wim (from the sources folder on a DVD)</p> <p>10</p> <p>3/23/2010</p> <p>WPEUtil shutdown WPEUtil reboot WPEUtil enablefirewall</p> <p>Regedit.exe Netsh DiskPart</p> <p>You want to create an image You want to apply an image You want to troubleshoot an issue with the OS offlineRoot kit detectors</p> <p>11</p> <p>3/23/2010</p> <p>Create the WinPE structureCopype x86 C:\WinPEC:\WinPE folder cannot exist If it does youll get an error:Destination directory exists: C:\WinPE</p> <p>Copype amd64 C:\WinPE Copype ia64 C:\WinPE</p> <p>Copy winpe.wim c:\winpe\iso\sources\boot.wim Convert to an .ISO oscdimg -n h c:\winpe\iso c:\winpe\winpe.iso</p> <p>12</p> <p>3/23/2010</p> <p>XML scripting support is built-in Additional packages are not inside WinPENo more Prepping Now you will Profile</p> <p>You can put one on your system, add a .wim to it and tell bcdedit to boot that OS Mounting a .VHD in Win7 is called attaching" Un-Mounting a .VHD is called detaching Diskpart is the basic tool of choice to work with .vhds Of course, W-7 &amp; 2008 use them for backups now</p> <p>13</p> <p>3/23/2010</p> <p>Open elevated command prompt Diskpartcreate vdisk file=c:\W7Ultimate.vhd maximum=25000 type=fixed Select vdisk file=c:\W7Ultimate.vhd attach vdisk List disk (find your new disk number) Sel disk # Create part primary Sel part 1</p> <p>Still in DiskpartSel part 1 Active Format fs=ntfs quick Assign Detail partition (get the drive letter) Exit</p> <p>Mkdir f:\windows Imagex /apply c:\wims\install.wim 4 f:\ Edit Boot Configuration Database to boot from the new .vhd</p> <p>14</p> <p>3/23/2010</p> <p>15</p> <p>3/23/2010</p> <p>Allows you to service images offlineBoth .wim and .vhd</p> <p>Supports Vista SP1 and later images Enable / disable / configure Windows features Add and configure updates (MSUs) Gives you more functionality with consistent syntaxReplaced 3 toolsPackage Manager (Pkgmgr.exe) International Settings Configuration Tool (Intlcfg.exe) Windows PE command-line tool (PEimg.exe)</p> <p>No capture or apply feature</p> <p>Elevated command prompt Without image contextDism /? No image specified - your looking at the image that is currently running - called the HOST</p> <p>With Image ContextDism /online /?Dont try this on WinPE</p> <p>16</p> <p>3/23/2010</p> <p>Image Context DISM /? Vs DISM /online /?</p> <p>DISM has an awesome help file Pipe it to a text file Edit the text file and save it For example to mount an image:Dism /Mount-Wim &gt;C:\MW.txt Notepad C:\MW.txt Edit the command Paste it into a new doc Run it from the command prompt</p> <p>The WinPE we created earlier needs ImageX added</p> <p>17</p> <p>3/23/2010</p> <p>Mount WinPE.wimDism /Mount-Wim /WimFile:winpe.wim /index:1 /MountDir:C:\WinPE\Mount</p> <p>Add Imagex to WinPE.wimCopy C:\Program Files\WAIK\Tools\amd64 (or x86, ia64) \ Imagex.exe into C:\WinPE\Mount\Windows</p> <p>Un-Mount WinPE.wimDism /Unmount-Wim /MountDir:C:\WinPE\Mount /commit Or Dism /Unmount-Wim /MountDir:C:\WinPE\Mount /discard</p> <p>Un-Mount WinPE.wimDism /Unmount-Wim /MountDir:C:\boot\mount</p> <p>/commit</p> <p>/discard</p> <p>Oscdimg n h C:\WinPE\Iso C:\WinPE\Boot.iso</p> <p>18</p> <p>3/23/2010</p> <p>Its time to create the image from the C: volume Within WinPE type:imagex /capture c: c:\ name.wim description</p> <p>Across the networkI have a server named WDS and a shared folder Images Open a command prompt Net use W: \\WDS\Imagesimagex /capture c: w:\name.wim description Imagex /capture c: w:\Win7Ult.wim Windows 7 Ultimate</p> <p>19</p> <p>3/23/2010</p> <p>Windows\CSC (offline files) RECYCLER System Volume Information pagefile.sys hiberfil.sys $ntfs.log</p> <p>Compress your image fast (default), none or maximumimagex /capture /compress switch c: c:\mkt.wim Mkt Apps A Win7 image not compressed = 3.65 GB (35 mins) A Win7 image with fast compression = 2.32 GB (45 mins) A Win7 image with max compression = 2.24 GB (90+ mins)</p> <p>20</p> <p>3/23/2010</p> <p>Boot the target machine into WinPE Applying the imageCopy the image to the new C: partitionimagex /apply c:\imagename.wim 1 c:</p> <p>Apply the image from a mapped drive (W:)imagex /apply w:\imagename.wim 1 c:</p> <p>Must apply the image to the same partition it was created from</p> <p>21</p> <p>3/23/2010</p> <p>What happens if your not the one who created the image?How do you know what is in it?Drivers Packages Applications</p> <p>Getting information on .wims</p> <p>22</p> <p>3/23/2010</p> <p>In the past we had ImagexImagex /info For example: Imagex /info c:\wims\install.wim</p> <p>NOW we can use DISMDISM /Get-WimInfo /wimfile: Another example: Dism /get-wiminfo /wimfile:c:\wims\install.wim</p> <p>Document, document, document!</p> <p>23</p> <p>3/23/2010</p> <p>What you can do to a mounted imageDism /Image:c:\mount\win7 /?</p> <p>Add all drivers from a folder:Dism /image:C:\winpe\mount /Add-Driver /driver:C:\drivers\</p> <p>Add all drivers from a top level folder and all folders below:Dism /image:C:\winpe\mount /Add-Driver /driver:C:\drivers /recurse</p> <p>Add a specific driver:Dism /image:C:\winpe\mount /Add-Driver /driver:C:\drivers\mydriver.INF</p> <p>Get a listing of drivers:Dism /image:C:\winpe\mount /Get-Drivers Dism /image:C:\winpe\mount /Get-Drivers /format:table</p> <p>Get driver information:Dism /image:C:\winpe\mount /Get-DriverInfo /driver:C:\test\drivers\usb\usb.inf</p> <p>Remove drivers:Dism /image:C:\winpe\mount /Remove-Driver /driver:oem1.inf</p> <p>Remove multiple driversDism /image: C\winpe\mount/Remove-Driver /driver:oem1.inf /driver:oem2.inf</p> <p>24</p> <p>3/23/2010</p> <p>Mount Install.wimDism /Mount-Wim /WimFile:C:\wims\install.wim /index:5 /MountDir:C:\Mount Add drivers from C:\Drivers Dism /image:C:\mount /Add-Driver /driver:C:\drivers</p> <p>List your driversDism /image:C:\winpe\mount /Get-Drivers</p> <p>List your drivers in table formatDism /image:C:\winpe\mount /Get-Drivers /format:table</p> <p>Un-Mount Install.wimDism /Unmount-Wim /MountDir:C:\Mount /commit</p> <p>Check the status of your .wim Get mounted .wim informationDism /Get-MountedWimInfo OK good Needs remountDism /Remount-Wim /MountDir:</p> <p>If that doesnt work Youll need to cleanup the wimDISM /Cleanup-Wim</p> <p>Then Remount</p> <p>25</p> <p>3/23/2010</p> <p>No more setup monkeynext, next, next Answer files help to create consistent installations Remember unattend.txt and winnt.sif from Windows XP?W-7s autounattend.xml = XPs unattend.txt/winnt.sif</p> <p>Remember Setup Manager from Windows XPW-7s Windows System Image Manager (aka Windows SIM or WSIM) = XPs Setup Manager</p> <p>Add third party drivers and applications via the answer file</p> <p>26</p> <p>3/23/2010</p> <p>Open an image file (install.wim) OR Open an existing catalog file Choose to create a New Answer File Choose the components to configure Configure the components Validate the Answer fileFix any issues until no error messages</p> <p>Save the answer file</p> <p>Distribution Share Pane</p> <p>Answer File Pane</p> <p>Properties Pane</p> <p>Windows Image Pane</p> <p>Message Pane</p> <p>27</p> <p>3/23/2010</p> <p>Open the Windows System Image Manager (Windows SIM)Click the Start button -&gt; All Programs -&gt; Microsoft Windows AIK -&gt; Windows System Image Manager</p> <p>Opening the install.wim file you copied from the Windows 7 Product DVDIn the bottom left corner right-click Select a Windows image or catalog file and choose Select Windows Image (or from the File menu) Browse to the folder where you copied the install.wim to OR Open a catalog file directly from the Windows 7 DVD /Sources folder</p> <p>28</p> <p>3/23/2010</p> <p>This is expected, click Yes to create a catalog</p> <p>A Catalog is a binary file that contains all the component settings in a Windows image file (.wim), which can be customized in an answer file Create the catalog for the OS you are creating the answer file forYou wouldnt want to attempt to configure Bitlocker for Win7 Business</p> <p>The catalog will have a .clg extension and is created in the same directory as the .wim you opened Catalog files are typically 5 MB in size</p> <p>29</p> <p>3/23/2010</p> <p>Catalog</p> <p>Windows 7 Installations are performed in stages These stages are called Configuration Passes There are 7 but not all passes must be run</p> <p>30</p> <p>3/23/2010</p> <p>Windows PE Configuration Pass (1)</p> <p>31</p> <p>3/23/2010</p> <p>Windows PE Configuration Pass (1)</p> <p>Windows PE Configuration Pass (1)</p> <p>32</p> <p>3/23/2010</p> <p>Windows PE Configuration Pass (1)</p> <p>Windows PE Configuration Pass (1)</p> <p>33</p> <p>3/23/2010</p> <p>2 Reboots</p> <p>Specialize Configuration Pass (4) OR Oobe System Configuration Pass (7)</p> <p>34</p> <p>3/23/2010</p> <p>Specialize Configuration Pass (4) OR Oobe System Configuration Pass (7)</p> <p>Specialize Configuration Pass (4) OR Oobe System Configuration Pass (7)</p> <p>35</p> <p>3/23/2010</p> <p>Oobe System Configuration Pass (7)</p> <p>Specialize Configuration Pass (4) OR Oobe System Configuration Pass (7)</p> <p>36</p> <p>3/23/2010</p> <p>Specialize Configuration Pass (4) OR Oobe System Configuration Pass (7)</p> <p>There are three passwords that may be put in an answer file:Microsoft-Windows-Shell-Setup | AutoLogon | Password Microsoft-Windows-Shell-Setup | UserAccounts | AdministratorPassword Microsoft-Windows-Shell-Setup | UserAccounts | LocalAccounts | LocalAccount</p> <p>Passwords are hidden by defaultTools menu -&gt; Hide Sensitive Data</p> <p>37</p> <p>3/23/2010</p> <p>Validating the answer file compares the setting values you have input to a list of valid entries for the image If a setting you have input does not match one of the valid entries for the image an error message will be displayed in the bottom right corner under Messages</p> <p>Bottom Left corner in WSIM - Messages</p> <p>Double-click the Component Location to go directly to the setting with the error, correct until you see:</p> <p>38</p> <p>3/23/2010</p> <p>Windows could not parse or process the unattend answer file for pass [specialize]. The settings specified in the answer file cannot be applied. The error was detected while processing settings for component [Microsoft-Windows-Shell-Setup].</p> <p>39</p> <p>3/23/2010</p> <p>Upgrade Applications</p> <p>1 2Deployment Server</p> <p>XP SP2</p> <p>Run ScanState Store locally or across the network</p> <p>40</p> <p>3/23/2010</p> <p>Upgrade Applications Run ScanState Store locally or across the network Install Windows 7</p> <p>1 2</p> <p>Deployment Server</p> <p>XP SP2/SP3 Windows 7</p> <p>3 Install Applications 4 Run LoadState 5</p> <p>OS SupportedWindows XP Professional Windows XP Professional x64 Edition 32-bit versions of Windows Vista 64-bit versions of Windows Vista 32-bit versions of Windows 7 64-bit versions of Windows 7</p> <p>ScanState X X X X X X</p> <p>LoadState</p> <p>X X X X</p> <p>41</p> <p>3/23/2010</p> <p>Can - Migrate a 32-bit OS to a...</p>