Integrated MDT into SCCM for better OSD task sequence
When it comes to OSD (Operating System Deployment), Microsoft has a several tools can help IT pros to accomplish, which always caused people confusing
So what’s the difference between below 3 tools that Microsoft provided for us?
Let’s start with a TechNet article called A Case for a Layered Approach to Deploying Windows Desktops from Greg Shields who is a really good CBT Nuggets trainer (I’ve learnt a lot from him these years).
As you can see from the above diagram, in today’s world, deploy an operating system is not like the “Ghost” age: golden image, clone, .gho file. Microsoft did a lot to separate the operating system into different layers, so now is much much easier to maintain and update.
WDS (Windows Deployment Service)
WDS act as a data transmission tool that didn’t do that much on the other customization level of the image.
WDS using the PEX boot your bare metal machine with Windows PE (Pre-installation Environment), similar to Ghost application, and capture or deploy an image to the computer.
In the capture way, WDS will deploy a standard Windows to the computer, and then you can start doing the changes to the new/refresh computer, can capture it as your master image.
In the deploy way, WDS will deploy any standard image or captured image to the new/refresh computer
Another benefit for WDS is you can use WDS as the replacement for the traditional installation disc
MDT (Microsoft Deployment Toolkit)
MDT is an advanced tool can help people customize their image deployment. Such as inject the drivers into your image, install applications during the deployment, and even more
MDT can works together with WDS for either a new bare metal computer or refresh an existing computer with your customized image, in this senerio, what we need from WDS is just the PEX boot
MDT can only achieve what Microsoft called LTI (Lite Touch Installation), which means user still need to interact with the installation process.
SCCM (System Center Configuration Manager)
SCCM can go even further with ZTI (Zero Touch Installation), which means there’s no user interaction during the system deployment, everything is automated and just ready to go when it’s done.
Although you can always using unattended answer file to achieve the ZTI with WDS or MDT, but SCCM is still the most advanced tool can integrated with WDS and MDT to accomplish the most complicated deployment scenario.
Both WDS and MDT is free of charge, but SCCM need a whole SCCM infrastructure before you can start the OS deployment.
So What I’m going to show you today is integrate my SCCM environment with MDT so we can start using the powerful tool to deploy our image
1. An running SCCM 2012 R2 environment
2. Install MDT 2013
Download the Microsoft Deployment Toolkit (MDT) 2013 installation files from here
Install on the SCCM site management server
Install all the “Documents” and “Tools and templates”
3. Integrated MDT 2013 with SCCM 2012 R2
Run “Configure ConfigMgr Integration” component
Confirm your “Site server name” and “Site code”
4. Verify the MDT task sequence in SCCM 2012 R2
Navigate to SCCM console->Software Library->Operating Systems->Task Sequence
Now you should see the big “Create MDT Task Sequence” button like above
5. Install MDT 2013 and run “Configure ConfigMgr Integration” component” in all the computers that running the SCCM console with which you want to create MDT task sequence from.
I have a workstation that running Windows 8.1, has all the administrative tools and console installed, which is my primary work place in my lab
6. Start creating MDT task sequence
![clip_image003[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0035_thumb.png "clip_image003[5]")
![clip_image002[10]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image00210_thumb.jpg "clip_image002[10]")
![clip_image001[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0015_thumb.png "clip_image001[5]")
![clip_image002[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0025_thumb.png "clip_image002[5]")
![clip_image002[12]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image00212_thumb.jpg "clip_image002[12]")
![clip_image003[7]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0037_thumb.png "clip_image003[7]")
![clip_image001[7]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0017_thumb.png "clip_image001[7]")
![clip_image002[7]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0027_thumb.png "clip_image002[7]")
![clip_image003[9]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0039_thumb.png "clip_image003[9]")
![clip_image002[14]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image00214_thumb.jpg "clip_image002[14]")
![clip_image004[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0045_thumb.jpg "clip_image004[5]")
![clip_image032_thumb[3]_thumb](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image032_thumb3_thumb_thumb.png "clip_image032_thumb[3]_thumb")
![image_thumb[11]_thumb](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/image_thumb11_thumb_thumb.png "image_thumb[11]_thumb")
Advance OSD in SCCM with MDT
So what’s the difference between below 3 tools that Microsoft provided for us?
Let’s start with a TechNet article called A Case for a Layered Approach to Deploying Windows Desktops from Greg Shields who is a really good CBT Nuggets trainer (I’ve learnt a lot from him these years).
As you can see from the above diagram, in today’s world, deploy an operating system is not like the “Ghost” age: golden image, clone, .gho file. Microsoft did a lot to separate the operating system into different layers, so now is much much easier to maintain and update.
WDS (Windows Deployment Service)
WDS act as a data transmission tool that didn’t do that much on the other customization level of the image.
WDS using the PEX boot your bare metal machine with Windows PE (Pre-installation Environment), similar to Ghost application, and capture or deploy an image to the computer.
In the capture way, WDS will deploy a standard Windows to the computer, and then you can start doing the changes to the new/refresh computer, can capture it as your master image.
In the deploy way, WDS will deploy any standard image or captured image to the new/refresh computer
Another benefit for WDS is you can use WDS as the replacement for the traditional installation disc
MDT (Microsoft Deployment Toolkit)
MDT is an advanced tool can help people customize their image deployment. Such as inject the drivers into your image, install applications during the deployment, and even more
MDT can works together with WDS for either a new bare metal computer or refresh an existing computer with your customized image, in this senerio, what we need from WDS is just the PEX boot
MDT can only achieve what Microsoft called LTI (Lite Touch Installation), which means user still need to interact with the installation process.
SCCM (System Center Configuration Manager)
SCCM can go even further with ZTI (Zero Touch Installation), which means there’s no user interaction during the system deployment, everything is automated and just ready to go when it’s done.
Although you can always using unattended answer file to achieve the ZTI with WDS or MDT, but SCCM is still the most advanced tool can integrated with WDS and MDT to accomplish the most complicated deployment scenario.
Both WDS and MDT is free of charge, but SCCM need a whole SCCM infrastructure before you can start the OS deployment.
So What I’m going to show you today is integrate my SCCM environment with MDT so we can start using the powerful tool to deploy our image
1. An running SCCM 2012 R2 environment
2. Install MDT 2013
Download the Microsoft Deployment Toolkit (MDT) 2013 installation files from here
Install on the SCCM site management server
Install all the “Documents” and “Tools and templates”
3. Integrated MDT 2013 with SCCM 2012 R2
Run “Configure ConfigMgr Integration” component
Confirm your “Site server name” and “Site code”
4. Verify the MDT task sequence in SCCM 2012 R2
Navigate to SCCM console->Software Library->Operating Systems->Task Sequence
Now you should see the big “Create MDT Task Sequence” button like above
5. Install MDT 2013 and run “Configure ConfigMgr Integration” component” in all the computers that running the SCCM console with which you want to create MDT task sequence from.
I have a workstation that running Windows 8.1, has all the administrative tools and console installed, which is my primary work place in my lab
6. Start creating MDT task sequence
Today I’d like to talk about the OSD deployment in SCCM 2012 R2
Let’s get started
1. DHCP
PXE boot require the network adapter to get a local IP address from the DHCP server, so a working DHCP environment is required
In addition, if your DHCP server and WDS server are the same server, there’s some extra steps you need to enable DHCP option 60
If you need PXE broadcast to a different VLAN, you will need to allow the IP Helpers traffic on the router
You can find more details for the above two scenarios here
2. Create PXE boundaries
SCCM Console->Administration->Overview->Hierarchy Configuration->Boundaries
SCCM Console->Administration->Overview->Hierarchy Configuration->Boundary Groups
Since my lab default boundary is the Active Directory site, which means all of the computer in local domain is included. However, a new bare metal machine needed to be deployed is not a domain joint machine, so we have to manually create a boundary based on PXE boot IP address range from my DHCP server.
If you already have a IP address boundary included the PXE boot device, you can ignore this step
As you can see from above, I’ve created a new IP address range boundary (based on my DHCP IP address range) for my PXE boot computers, and add it into my boundary groups as well
3. Enable PXE support
SCCM console->Administration->Distribution Points
Enable PXE support for clients
Allow this distribution point to respond to incoming PXE requests
Enable unknown computer support (optional)
If you selected Enable unknown computer support, any unknown computer, like a new bare metal computer, can PXE boot and deploy the OSD image, which may has potential security rick
If you disable this option, you can using “Import Computer Information” to pre-stage your computer for the OSD deployment.
SCCM console->Assets and Compliance->Devices->Import Computer Information
4. WDS (Windows Deployment Service)
WDS server role is required for OSD, unlike SCCM 2007, start from SCCM 2012, Microsoft add the ability to install WDS server role for the Distribution Point server automatically, It is always recommended to let SCCM to install the WDS for you since I saw some people has problem when they manually installed the WDS role.
Once it’s installed, let’s check the option in WDS
Make sure “Respond to all client computers (known and unknown)” is selected. I had this issue when I enable the PXE boot, SCCM installed the WDS but leave here to “Do not respond to any client computer”
That’s all we need to do with WDS, and we can just let SCCM to handle it from now on.
5. Network Access Account
SCCM Console->Administration->Site Configuration->Site->Your Site->Configure Site Components->Software Distribution
The Network Access Account is the account used to access your shared folders and files on DP server which is a domain joint server, so we have to create a dedicated domain account with read privilege to access those shared folder
![clip_image003[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0035.png "clip_image003[5]")
6. Add Drivers (optional)
SCCM Console->Software Library->Operating Systems->Drivers
You can import drivers which can be injected into your boot image or system image later
7. Add Driver Package (optional)
A driver package is where all of the drivers files located
8. Add Operating System Images
This is the place where you can add the Operating System Image files (.wim) need to be deployed
Extract your Windows installation .iso file and located the install.wim (under sources\install.wim)
![clip_image002[10]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image00210.jpg "clip_image002[10]")
Distribute the OS image
![clip_image001[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0015.png "clip_image001[5]")
![clip_image002[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0025.png "clip_image002[5]")
9. Add Operating System Installers
This is the place where all of your OS files you extract to
![clip_image002[12]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image00212.jpg "clip_image002[12]")
Distribute the OS installer
![clip_image003[7]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0037.png "clip_image003[7]")
10. Boot Images
The default boot images came from SCCM can work well, but we still need to enable the command support for troubleshooting purpose, which means we can hit F8 key to call up the command line and using CMtrace.exe (Trace32.exe in SCCM2007) to read the logs during the deployment.
![clip_image001[7]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0017.png "clip_image001[7]")
Enable “Deploy this boot image from the PXE-enabled distribution point” as well
![clip_image002[7]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0027.png "clip_image002[7]")
Don’t forget to distribute the boot images out
![clip_image003[9]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0039.png "clip_image003[9]")
11. Configuration Manager client upgrade package
The default Configuration Manager client package is fine for a lab environment, but it’s not that flexible for hierarchy environment.
As you can see above, most of the settings are greyed out, which means you cannot "Copy the content in this package to a package share on distribution points"
So we have to create a configurable client package:
SCCM console->Software Library->Application Management->Packages->Create from Definition
Select "Configuration Manager Client Upgrade" and then choose "Always obtain source files from a source folder", locate the SCCM client folder
12. Create Task Sequences
So up until this point, everything is ready to create our first task sequence.
Some people always confused about why we have to create a “Build and Capture” task sequence first, and then build create the real OS deployment task sequence
This is because the “Build and Capture” will build a bare metal machine as a golden computer, you can make any changes you want on this OS and re-capture it to your SOE image, then update the OS deployment task sequence, deploy it out.
Build and Capture (optional)
SCCM Console->Software Library->Operating Systems->Task Sequences->Create Task Sequence
![clip_image002[14]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image00214.jpg "clip_image002[14]")
Name it and select a boot image
![clip_image004[5]](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image0045.jpg "clip_image004[5]")
I’m going to build and capture a Windows 8.1 reference computer
Do not join your reference computer to the domain since it’s your SOE
Install the SCCM client package we created earlier:Microsoft Configuration Manager Client Upgrade 6.0 ALL
Configure the MP (Management Point) server FQDN: SMSMP=SCCM.lab.RickyGao.com
Include Updates:
Do not install any software updates since we can inject the patches later in task sequence
Install Application:
Do not install any software updates since we can inject the application later in task sequence
Capture Image:
Specify the image path for your capture image
Distribute the task sequence out
Deploy the task sequence to a specific computer collection
Since I don’t have a computer account pre-stage in SCCM as I mentioned before, my bare metal computer will be in “All Unknown Computers” collection
Available and Required
Available means user either need to press F12 button during boot or run the task sequence from the software center
Required means when the computer boot up from the PXE, it start running the task sequence straight away.
Make available to the following
Only Configuration Manger Client: only available in software center
Configuration Manger clients, media and PXE: available in software center, boot media or PXE boot
Only media and PXE (hidden): available in boot media and PXE boot but hidden
13. PXE boot VM in Hyper-V
Only “Legacy Network Adapter” is supported in generation 1 VM
As you can see above, I got 2 NIC but only Legacy NIC is available for boot
If you have Windows Server 2012 R2 Hyper-v, you can use generation 2 VM which support PXE boot from the new NIC adapter with the support gigabyte NIC
Boot your computer
Hit F12
It’s loading my Boot image (x64) now
You can protect access the task sequence by password, just go back to step 2, PXE setting, and set the password there
Select the task sequence you want to deploy
Once it’s finished, you will see your captured image in your specified location
Import the captured image and distribute it out
14. Deploy your operating system images
Finally it’s time we can deploy the OS images.
The reason why I mentioned the “Build and Capture” process above is optional is that if we don’t want customize the operating system in that reference machine, just want to deploy a new OS via PXE like we install OS using the installation disc, we can just skip the “Build and Capture” stage, deploy the original Windows image straight away
Create a new task sequence->Install and existing image package
Here we can select either use the image we just captured, or just select the image from the original installation disk.
If you selected the image we just captured, then we will deploy our target machine based on our reference computer
If you selected the original install.wim from the installation disc, we will just deploy the target machine like factory default
I’m going to deploy an original image from the installation disc this time
15. Troubleshooting
When we are doing the troubleshooting in OSD, the most useful tool we are using is to use CMTrace.exe (Trace32.exe) to check the log file smsts.log in different locations
WindowsPE, before HDD format: x:\windows\temp\smstslog\smsts.log
WindowsPE, after HDD format: x:\smstslog\smsts.log
Windows, SCCM agent not installed: c:\_SMSTaskSequence\Logs\Smstslog\smsts.log
Windows, SCCM agent installed: c:\windows\system32\ccm\logs\Smstslog\smsts.log
Windows x64, SCCM agent installed: c:\windows\sysWOW64\ccm\logs\Smstslog\smsts.log
Task Sequence completed: c:\windows\system32\ccm\logs\smsts.log
Task Sequence completed x64: c:\windows\sysWOW64\ccm\logs\smsts.log
Unfortunately, we have to memorize all of the locations if you want to boost your efficiency
1). distmgr.log
Records details about package creation, compression, delta replication, and information updates.
When you distribute content, this log is really useful
2). SMSPXE.log
Records details about the responses to PXE boot clients and details about expansion of boot images and boot files
3). The specified UNC path does not contain a valid WIM file or you do not have permission to access it. Specify a valid path
![clip_image032_thumb[3]_thumb](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/clip_image032_thumb3_thumb.png "clip_image032_thumb[3]_thumb")
4). WINPE load failed and keep rebooting after it loaded up
This is probably because of low memory has been allocated if you are using VM, 512MB may cause this issue, usually at least 1GB, better 2GB for a VM
When you are using the dynamic memory, low startup memory may trigger this issue as well.
5). 0x800705AF error during the first time PXE boot
Failed to create shared environment)
Failed to create the Shared Environment object. Code(0x800705AF)
![image_thumb[11]_thumb](http://www.rickygao.com/wp-content/uploads/Deploy_12A67/image_thumb11_thumb.png "image_thumb[11]_thumb")
This is still because insufficient memory
Advance OSD in SCCM with MDT
Last time, we went through the whole basic OSD process in SCCM, PXE boot a bare metal machine, build and capture our reference computer, deploy the image
So this time, let’s play with some advanced OSD capability in SCCM with MDT
Once MDT integrated with SCCM, we can start using the more customizable and flexible functionalities OSD deployment, which is why it’s called “Solution Accelerators”
First of all, we need to create the MDT boot image in SCCM.
We have to create the MDT boot image on the server with Windows ADK installed, in my lab, I’m just using the management server.
SCCM Console->Software Library->Operating Systems->Boot Images->Create Boot Image using MDT
Choose an empty folder to store your new boot images
Fill in the basic boot image information
Select the platform and leave enough space for injecting the drivers later
Select the additional component, it’s totally up to you, in my case, I just need the Powershell support in the WinPE image.
Enable the pre-start command setting if you want which is a wizard you will see when you boot in to the WinPE like below
If you want to perform a ZTI, just un-tick the prestart command
I don’t have extra files so I just skip here
Enable command support (F8), this option is always extremely useful if you want to troubleshoot the issue you may face during the OSD
Kick out the build process, this may take a while.
Once it’s done, enable “Deploy this boot image from the PXE-enabled distribution point”
Right click on the newly created boot image->Properties->Data Source
Last, don’t forget to distribute the new image out.
Right click on the newly created boot image->Distribute content
Repeat above steps to create the x86 MDT boot image
Secondly: create advanced MDT task sequence
SCCM console->Software Library->Operating Systems->Task Sequences->Create MDT Task Sequence
Select the “task sequence template” , let’s just use the default “Client Task Sequence”
Fill in the task sequence name and next
Fill in the details:
Select the default “This task sequence will never be used to capture an image” and hit next
Select the “MDT Boot image x64” we just created
Select “Create a new Microsoft Deployment Toolkit Files package” and give it an empty folder
Fill in the details for the MDT package
Select the existing OS image we want to deploy
Select the OS Image Index
Choose the “Deployment Method”, in my case I’m just using the ZTI (Zero Touch Installation)
Select the SCCM client package we created in the whole basic OSD process in SCCM
We can just use the SCCM default USMT (User State Migration Package) as of now
Since we don’t have any “setting package” here, let’s just create a new one
Fill in “Settings Details”, if you are using this task sequence for server core installation, you should tick the box “This settings package is for a Server Core operating system installation”
Click on next on “Sysprep Package” since that’s the only option we have
Wait for a while until it’s completed
Don’t forget to distribute it out
Deploy it out to a collection, in my case, I’m just lazy so I just deploy it to the “All Unknown Computers”
Make it “Available” to the PXE boot devices, which means we have to hit F12 to call up the PXE boot
Wait for the new MDT boot image is ready
Thirdly, let’s try this task sequence out
As you can see above, we successfully boot into the new MDT boot image according to the file name
Select the new “MDT Client Task Sequence”
So this time, let’s play with some advanced OSD capability in SCCM with MDT
Once MDT integrated with SCCM, we can start using the more customizable and flexible functionalities OSD deployment, which is why it’s called “Solution Accelerators”
First of all, we need to create the MDT boot image in SCCM.
We have to create the MDT boot image on the server with Windows ADK installed, in my lab, I’m just using the management server.
SCCM Console->Software Library->Operating Systems->Boot Images->Create Boot Image using MDT
Choose an empty folder to store your new boot images
Fill in the basic boot image information
Select the platform and leave enough space for injecting the drivers later
Select the additional component, it’s totally up to you, in my case, I just need the Powershell support in the WinPE image.
Enable the pre-start command setting if you want which is a wizard you will see when you boot in to the WinPE like below
If you want to perform a ZTI, just un-tick the prestart command
I don’t have extra files so I just skip here
Enable command support (F8), this option is always extremely useful if you want to troubleshoot the issue you may face during the OSD
Kick out the build process, this may take a while.
Once it’s done, enable “Deploy this boot image from the PXE-enabled distribution point”
Right click on the newly created boot image->Properties->Data Source
Last, don’t forget to distribute the new image out.
Right click on the newly created boot image->Distribute content
Repeat above steps to create the x86 MDT boot image
Secondly: create advanced MDT task sequence
SCCM console->Software Library->Operating Systems->Task Sequences->Create MDT Task Sequence
Select the “task sequence template” , let’s just use the default “Client Task Sequence”
Fill in the task sequence name and next
Fill in the details:
Select the default “This task sequence will never be used to capture an image” and hit next
Select the “MDT Boot image x64” we just created
Select “Create a new Microsoft Deployment Toolkit Files package” and give it an empty folder
Fill in the details for the MDT package
Select the existing OS image we want to deploy
Select the OS Image Index
Choose the “Deployment Method”, in my case I’m just using the ZTI (Zero Touch Installation)
Select the SCCM client package we created in the whole basic OSD process in SCCM
We can just use the SCCM default USMT (User State Migration Package) as of now
Since we don’t have any “setting package” here, let’s just create a new one
Fill in “Settings Details”, if you are using this task sequence for server core installation, you should tick the box “This settings package is for a Server Core operating system installation”
Click on next on “Sysprep Package” since that’s the only option we have
Wait for a while until it’s completed
Don’t forget to distribute it out
Deploy it out to a collection, in my case, I’m just lazy so I just deploy it to the “All Unknown Computers”
Make it “Available” to the PXE boot devices, which means we have to hit F12 to call up the PXE boot
Wait for the new MDT boot image is ready
Thirdly, let’s try this task sequence out
As you can see above, we successfully boot into the new MDT boot image according to the file name
Select the new “MDT Client Task Sequence”
Courtesy Link : http://www.rickygao.com/step-by-step-configuring-and-troubleshooting-sccm-2012-r2-osd-deployment/
No comments:
Post a Comment