I have read a lot of different blog posts, Microsoft documentations and attended several courses (including Microsoft’s ‘Deploying Windows 7′) to find out the most effective method to create a Windows 7 deployment image.
I now feel I have enough knowledge and experience to be able to share my process to a wider audience.
I’ve tried to keep this tutorial clear and concise to ensure that steps are in the correct order, as this matters!
Table of Contents: Section 1 : Install Windows 7 and programs Section 2 : Create an unattend.xml answer file Section 3 : Create a script to remove the unattend.xml file after deployment Section 4 : Image before sysprep Section 5 : Run sysprep and image Section 6 : Deploy image
Hint: In most cases throughout this tutorial, file names, script commands and the like are case sensitive.
Section 1 : Install Windows 7 and programs
- Install Windows 7 (Enterprise) from CD or USB flash drive
- Important: When you arrive at the Welcome Screen (where you are asked to create a username and account) press CTRL+SHIFT+F3 to enter into ‘audit’ mode. The computer should restart and automatically log you into a temporary built-in administrator account. Cool ‘ey!
- Warning: After system startup, a sysprep GUI box will appear. Close this box (DO NOT PRESS ANY BUTTONS as this will activate the sysprep process and you may need to reinstall!).
- Now install any Windows Updates and deployment wide programs (such as Microsoft Office, Adobe Flash Player, Java, printer drivers etc). You can restart if required because you will automatically be logged back into this temporary built-in administrator account. You will be stuck in this audit mode until sysprep is run later in the process.
- Remember to license and activate (except for Windows as sysprep will undo Windows Activation) any required software; as this will be remembered and you won’t have to perform it on each the deployed computers individually.
- Hint: Any modifications you make to this user profile will be automatically copied to the local system default user profile. So if you don’t use roaming profiles, this is a great time to adjust your start menu, desktop wallpaper and icons, and general profile modifications as these settings will apply to all newly created users on the system.
Section 2 : Create an unattend.xml answer file
- Head over to the Microsoft website to download Windows AIK for Windows 7, if you don’t have it already. Why?
- Install Windows AIK on any compatible system, this doesn’t need to be your base image system (in fact it is better not to, however you can uninstall it after creating your unattend.xml if you like).
- Once installed, open the Windows System Image Manager from the Start Menu. WSIM looks pretty boring:
- Under the ‘Windows Image’ heading (bottom left) right click on ‘Select a Windows image or catalog file’, you will be presented with a file open dialogue. Insert your Windows 7 (Enterprise) DVD/image and locate the following file: ‘D:\sources\install_Windows 7 ENTERPRISE.clg’
- In the File menu select to ‘Create a New Answer File’
- The overall idea of this utility is to create an unattend.xml file that the sysprep utility can utilise to preset settings during the Windows Setup process of the deployed image. Items like creating local user accounts, setting the Windows Product Key, setting the locale (language) information, setting network location settings and other items that you are normally presented with when installing Windows 7. As these settings are most often consistent across all of your deployment, it makes sense to set them automatically. These next few steps may seem daunting at first, however all we are doing is obtaining possible options from the ‘Windows Image’ that we have loaded from step 4 and importing these options into the answer file, then specifying these settings.
- In the ‘Windows Image’ area (bottom left) select ‘amd64_Microsoft-Windows-Security-SPP_6.1.7600.16385_neutral‘ (amd64 may also be x86 if you installed in 32bit) right-click it and select ‘Add to parse 3 generalize’. This moves this option into our answer file. Now select this item in the main window, this will show you the possible configuration options in the ‘Properties’ window on the right. Set ‘SkipRearm’ to 1. Hint: Technically this should overwrite the Windows 7 rearm limit from 3 to unlimited. Sometimes this hasn’t worked for me, and you could end up with a useless image after 3 sysprep’s. I will show you later how to ensure to overcome this.
- Now you have performed one setting and realised ‘it’s not that bad‘ you should be able follow these steps for the following items:
- amd64_Microsoft-Windows-Deployment_6.1.7600.16385_neutral into parse 4 specialize, right-click on RunSynchronous and add a command, then select ‘RunSynchronousCommand[Order="1"]‘ and in Properties add the following:
Order: 1 path: net user administrator /active:yes WillReboot: Never
- amd64_Microsoft-Windows-Security-SPP-UX_6.1.7600.16385_neutral into parse 4 specialize
SkipAutoActivation: false (false will ensure that if you have used a volume license key Windows will automatically activate for you)
- amd64_Microsoft-Windows-Shell-Setup_6.1.7600.16385_neutral into parse 4 specialize
Computer Name: Leave blank CopyProfile: true Registered Organization: Microsoft (you must leave this in this section) Registered Owner: AutoBVT (you must leave this in this section) Why AutoBVT? ShowWindowsLive: false TimeZone: AUS Eastern Standard Time (Must be spelt exactly according to TimeZone settings here from Microsoft’s website)
- amd64_Microsoft-Windows-International-Core_6.1.7600.16385_neutral into parse 7 oobeSystem
InputLocale: en-au SystemLocale: en-au UILanguage: en-au UserLocale: en-au
- amd64_Microsoft-Windows-Shell-Setup_6.1.7600.16385_neutral into parse 7 oobeSystem
RegisteredOrganization: Your Company Name RegisteredOwner: Your Name AutoLogonEnabled: true LogonCount: 5 (this will automatically log into the following account this number of times after setup so you can easily perform other software activations etc. Logging out will override this setting.) Username: administratorPassword: Administrator Password
FirstLogonCommands (right-click and add 2)
SynchronousCommand[Order="1"]CommandLine: cscript //b c:\windows\system32\slmgr.vbs /ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX (windows 7 license key) Order: 1 RequiresUserInput: false
SynchronousCommand[Order="2"]
CommandLine: cscript //b c:\windows\system32\slmgr.vbs /ato Order: 2 RequiresUserInput: false
OOBE
HideEULAPage: true NetworkLocation: (Home/Work/etc) ProtectYourPC: 1
UserAccounts
AdministratorPassword: Administrator Password On LocalAccounts, right-click and select action: AddListItem (this automatically creates a local Admin account) LocalAccount[Name="Administrator"]Description: Local Administrator DisplayName: Administrator Group: Administrators Name: AdministratorPassword: Administrator Password
Important Security Information
Any passwords you have set in the answer file are stored unencrypted. Ensure you protect this file, especially if you entered a local administrator account password.
Section 3 : Create a script to remove the unattend.xml file after deployment
- On the deployment base image computer open Notepad and enter in the following lines:
del /Q /F c:\windows\system32\sysprep\unattend.xml del /Q /F c:\windows\panther\unattend.xml
- These lines of code will delete the unattend.xml file from the computer once the Windows Setup is finished with them (this file is copied into the panther directory during setup hence the two lines)
- Save this file to the desktop called SetupComplete.cmd (ensure to change the file type from .txt to all types so the file doesn’t get saved as SetupComplete.cmd.txt)
- Now create a folder called Scripts in this directory: C:\Windows\Setup\ and drag this file into it (you may be prompted for Administrator authority). Hint: Windows will automatically check for the existence of this file and run it after Windows Setup has completed, feel free to add anything else into this file you think may be helpful at this stage.
Section 4 : Image before sysprep
- This is an optional step, however it is a lot easier down the track to restore an image of your current system to apply updates/modifications to before you run sysprep. This also ensures that you don’t run into any activation issues (as mentioned earlier Windows 7 has a maximum number of 3 rearms before the image can no longer be sysprepped, rendering your image useless for deployment).
- Use your preferred PE boot environment to upload the image to a server (I use DeployStudio as we are a majority Mac school, however it still supports Windows PXE boot and you can share the same Windows image on PCs as well as bootcamp partitions). Please let me know if you would like a blog post about this section in more detail!
Section 5 : Run sysprep and image
- Ensure your unattend.xml file is in: C:\windows\system32\sysprep
- Hold SHIFT and right-click on the sysprep folder and select ‘Open New Command Windows Here’
- Input the following command to initiate sysprep loading the unattend.xml file (this is all one line of code):
sysprep /generalize /oobe /shutdown /unattend:c:\windows\system32\sysprep\unattend.xml
- Once the computer has finished the sysprep process it will shutdown ready for imaging!
- Image the computer.
For further explanation on sysprep and all available switches visit this Microsoft Article.
Section 6 : Deploy image
- Once you have your sysprepped image, deploy it to your clients using your usual imaging processThe computer will restart twice after the image has been applied, installing device drivers and preparing the system for first boot
- You should be prompted for a computer name, enter a unique name and continue. You will notice you will not be prompted for any other information as this has all been supplied from the unattend.xml file
- You should then be automatically logged into the Administrator account that was created from the unattend.xml file to enable you to join the computer to Active Directory and run any other post-imaging tasks you may require.
- Hint: It is worth checking on one computer that the unattend.xml file has been deleted as well as any other testing you may wish to perform.
- Hint: If you need to update the base image, restore the pre-sysprep image and follow from Section 5.
Courtesy link : http://sybaspot.com/the-complete-guide-to-preparing-a-windows-7-deployment-image-using-audit-mode-and-sysprep-with-an-unattend-xml-answer-file/
No comments:
Post a Comment