Application Packaging Guide
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Application Packaging Guide as PDF for free.
More details
- Words: 275,952
- Pages: 1,138
Microsoft® Deployment Toolkit 2008 Application Packaging Guide
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Us ing T his Gu ide This guide describes the process of packaging applications for deployment in Lite Touch Installation (LTI) and Zero Touch Installation (ZTI) deployment scenarios using Microsoft® Deployment Toolkit (MDT) 2008. MDT 2008 is the next version of Business Desktop Deployment (BDD) 2007. Learn how to install applications using MDT 2008 and how to prepare applications for deployment using software repackaging tools. Use the examples provided in this guide as a basis for application preparation. Research the list of references provided to get detailed information on repackaging methodologies using various installer technologies. Note In this document, Windows applies to Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2003, and Windows Server 2008 unless otherwise noted.
Application Installation Overview For application automation to function effectively with MDT 2008, applications must be installable without user interaction. Typically, this is accomplished by using each application’s silent installation option. Applications using Windows Installer, for instance, often use the /passive or /quiet command option for unattended installation. Command options vary depending on the installer. Some command options are provided in this guide, but always check the installer reference documentation for a complete listing of command options.
How MDT 2008 Installs Applications MDT 2008 uses options and settings stored in the MDT 2008 configuration database or in the CustomSettings.ini configuration file. These settings control many aspects of MDT 2008 operation and also provide commands for application installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppl ic ation D ep lo yment wit h MDT 2008 MDT 2008 can install applications in several scenarios. Each scenario has its own unique challenges and requires different planning. Use this section to develop an understanding of each scenario and to gain an overview understanding of application-installation methodologies.
Lite Touch Deployment LTI deployments use the Microsoft System Center Configuration Manager 2007 Task Sequencer to manage deployments, basically by executing the application’s silent installation command. This section describes how to add applications to the task sequence by using the Applications list in Deployment Workbench, by inserting custom tasks in the task sequence, or by listing the application in one or more areas of the MDT 2008 database.
The System Center Configuration Manager Task Sequencer BDD 2007 for Windows Vista and the 2007 Microsoft Office system introduced a preproduction version of the System Center Configuration Manager Task Sequencer to automate deployment processing. This tool has been updated for MDT 2008; the latest Task Sequencer offers additional options. The task sequence is maintained using Deployment Workbench. Administrators can add, modify, reorder, and remove tasks from the task sequence. In addition, they can filter tasks based on Windows Management Instrumentation (WMI) criteria to further customize the sequence for varying system platforms. To maintain the task sequence in MDT 2008 1. In the Configuration Manager console, expand Site Database, expand Computer Management, expand Operating System Deployment, and then click Task Sequences. 2. In the Task Sequences pane, select the task sequence to modify. 3. In the Actions pane, click Edit. 4. Click to select the task to modify. 5. On the Properties tab, change the parameters for the task as necessary (for example, modify the commands for the task, change properties for the task). 6. On the Options tab, modify properties as required for the task (for example, type success codes that will appear in log entries, add conditions to be evaluated when this task runs). 7. When satisfied with the changes, click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
3
The Applications List When building the MDT 2008 deployment point, import applications into the deployment point using the Applications list in Deployment Workbench. Import applications directly into the deployment point itself or call them from shared folders on a network file server at installation time. The Applications list maintains references to each application. Team members can install multiple applications and group them as a single application bundle by using a combination of the application-deployment steps here and the application publishing and advertising procedures described in the MDT 2008 document, Workbench Image Guide. Note When installing applications using the Applications list, it is important to note that all applications on the list will be installed in the order they were imported into the list. If some applications are dependent on others, ensure that they are added to the list before the dependent applications.
To add an application to the Applications list 1. In Deployment Workbench, expand Distribution Share, and then select Applications. 2. In the Actions pane, click New to begin importing the new application. The New Application Wizard displays the Application Type page. 3. Select the appropriate response, and then click Next. (Applications without source files skip steps 5 and 6 regarding location and destination.) •
Application with source files. Copies source files for an application into the deployment point.
•
Applications without source files or elsewhere on the network. Uses application files where they are or specifies an installation script.
4. On the Details page, type any detailed information that will help manage this application, and then click Next. Keep in mind that some applications may have similar names, and the extra information may help to prevent confusion. 5. On the Source page, type or browse to a source directory for this application. Select Move the files to the distribution share instead of copying. Click Next to proceed to the next page. 6. On the Destination page, type a name for the application folder in the deployment point, and then click Next. 7. Use the Command Details page to type the silent commands for the application. On Working Directory, type the folder to be used as the working directory for the application. Click Finish to begin the import process. To assign dependencies for an application 1. In Deployment Workbench, expand Distribution Share, and then click Applications. 2. Right-click the application to be modified, and then click Properties. 3. Click the Dependencies tab. 4. Click Add, and then select the dependency from the list of available applications. Repeat this step as necessary if there are multiple dependencies. Note The applications must already be added to the Applications node of the distribution share to be available for this operation.
5.
Adjust the installation order of the dependencies by using the Up and Down buttons.
6. Click OK when finished. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Another way to install required applications regardless of whether they are listed in the LTI Wizard is to modify the CS.ini file. In this file, modify the MandatoryApplications property to include the globally unique identifier (GUID) of each mandatory application. Each entry is numbered to maintain uniqueness—for example: MandatoryApplications1=GUID of application1 MandatoryApplications2=GUID of application2 To obtain the GUIDs for the applications, examine the Applications.xml file, located in the Distribution\Control folder. To install multiple mandatory applications 1. In Deployment Workbench, expand Distribution Share, and then click Task Sequences. 2. Select the task sequence to be modified, and then in the Actions pane, click Properties. 3. Click the Task Sequence tab. 4. Expand State Restore, and then click Install Applications. 5. On the Properties tab, click Install multiple applications. Doing so instructs the task sequence to install all mandatory applications as configured in the CS.ini file and optional applications configured through rules or by using the Windows Deployment Wizard. 6. Click OK. To install a single application 1. In Deployment Workbench, expand the Distribution Share, and then click Task Sequences. 2. Select the task sequence to be modified, and then in the Actions pane, click Properties. 3. Click the Task Sequence tab. 4. Expand State Restore, and then click Install Applications. 5. On the Properties tab, click Install a single application. 6. In Application to install, select the application to install. 7. Click OK.
Custom Tasks At times, it may be helpful to have tighter control over application installation. By using custom tasks in an MDT 2008 task sequence, administrators can control how an application is installed. Administrators can reorder the steps in a task sequence in any way necessary, allowing for easy management of applications with strict installation orders. In addition, if deploying software updates to Windows XP or Windows Server 2003 during deployment, they must be installed as applications and will definitely benefit from tight control of the installation sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
5
To add an application as a custom task 1. In Deployment Workbench, expand Distribution Share, and then click Task Sequences. 2. Click a task sequence to select it. In the Actions pane, click Properties, or right-click the task sequence and select Properties. 3. Click the Task Sequence tab in the Properties dialog box. Navigate to the appropriate section of the task sequence, and then click Add to insert a new task. 4. Click Add to display a menu from which you can select applications added using the Applications list. Otherwise, select Task to insert a new custom task. Note Some users disable the Install Applications step in the task sequence and add all applications manually using the task sequence controls. The benefits of this approach are being able to use the Applications list to manage commands and the ability to easily select and insert applications into the task sequence in any order necessary. This simplifies management of a large number of applications.
5. On the Properties tab for the new task, type a name, description, and commands for the application. Type the application’s source directory for the value of Start in. Abbreviate this value for applications already stored in the deployment point—for example, ./Applications/Adobe Acrobat Reader. 6. On the Options tab, type any options associated with the application. Examples include exit codes that signal a successful installation (called success codes here) and criteria to control whether the application is selected for installation (using If...then logic). 7. Click Apply to accept the new task settings. When adding an application as an installation task within a deployment task, the application is installed without having to select the application in the Windows Deployment Wizard.
The MDT 2008 Database The MDT 2008 database is a collection of tables that administrators can use to simplify complex deployment tasks. By typing criteria such as machine type or operating system, administrators can manage individualized settings to cover a large number of deployment variables. As a deployment progresses, the ZTIGather.wsf script retrieves attributes from the system that can be used to match settings in the MDT 2008 database. These settings can include custom configuration options such as System Name, Time Zone, and even the list of applications that are to be installed. Applications added to the database are called when their database entry meets criteria collected by ZTIGather.wsf. They are installed in the order that they appear in the Applications list in the database record.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
To create a new database 1. In Deployment Workbench, expand Deploy, and then click Database. 2. In the Actions pane, click New. 3. On the SQL Server Details page, provide the connection information for the instance of Microsoft SQL Server® that will host the database. The required information is the name of the computer running SQL Server (or IP address) and the type of connection to use. Click Next. 4. On the Database page, select the action to perform. Select Create a new database, and then type the name to use for the new database. You can also use an existing database and recreate the MDT 2008 tables, or select the option to use an existing database that already contains the necessary tables and views. Click Next. 5. On the SQL Share page, in SQL Share, type the name of the shared folder on the computer running SQL Server that will be used to map a drive from the Windows Preinstallation Environment (Windows PE) if you want to enable Windows-integrated security during setup. This step is optional. 6. Click Finish to create the database. To add an application to a database entry 1. In Deployment Workbench, expand Deploy, and then expand Database. 2. Select the node that contains the item to modify. Possible choices include Computers, Roles, Locations, and Make and Model. 3. Add or select an entry in the relevant database. In the Actions pane, click Properties. 4. On the Applications tab, click Add to add an application. If the application is already registered, select it from a list. If adding more than one, adjust the order in which they will be installed using the Up and Down buttons. 5. Click OK.
Zero Touch Deployment ZTI deployments typically use the facilities of Microsoft Systems Management Server (SMS) 2003 or System Center Configuration Manager to deploy applications by directly executing programs already created in Systems Management Server or System Center Configuration Manager. The System Center Configuration Manager Task Sequencer is capable of installing packages directly from a Systems Management Server or System Center Configuration Manager distribution point and can use location logic to locate the nearest distribution point for this purpose. Use this section to learn more about deploying application packages using MDT 2008 in this environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
7
Systems Management Server/System Center Configuration Manager Packages and Programs Systems Management Server and System Center Configuration Manager use packages to store applications as replication units. These packages are replicated to deployment points throughout the enterprise by the Systems Management Server/System Center Configuration Manager infrastructure. Each package is typically dedicated to one application or application suite. Within each package stored in a Systems Management Server/System Center Configuration Manager site are one or more programs that are installable elements of the package. One package might have programs designed to install specific elements of the package, install the entire package, install the package silently, and even uninstall the package. Each program is referenced by Package ID and Program ID when distributed by Systems Management Server/System Center Configuration Manager to client computers. Client computers then execute the advertised program and receive the intended configuration.
Reference Applications by Program ID When using the MDT 2008 database to manage deployment configuration settings, use the Packages tab for each database record to list Systems Management Server/System Center Configuration Manager packages and programs to be installed. Doing so enables the Task Sequencer to locate and execute application installations from Systems Management Server and System Center Configuration Manager deployment points. This simplifies configuration management, leaving the responsibility of creating and managing the applications packages to the Systems Management Server/System Center Configuration Manager administrators—a process that is already mature in many organizations. To associate a Systems Management Server/System Center Configuration Manager Program ID with a database entry 1. In Deployment Workbench, expand Deploy, and then expand Database. 2. Select the node that contains the item to modify. Possible choices include Computers, Roles, Locations, and Make and Model. 3. Add or select an entry in the relevant database. In the Actions pane, click Properties. 4. On the Packages tab, click Add, and select the System Center Configuration Manager package to be added. 5. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Deploy Applications Based on Existing Application Inventories Administrators can control application installations by analyzing which applications already exist on a target system. Systems Management Server and System Center Configuration Manager both maintain comprehensive inventories for hardware and software configuration data on each client computer. By mining this data, administrators can evaluate which applications should be replaced on a target computer. By comparing applications listed in an inventory database with a list of approved applications, administrators can replace applications dynamically, even performing upgrades during this process. Use this section to learn the basics of dynamic application replacement using this process.
Systems Management Server Add or Remove Programs Database Systems Management Server stores the results of computer software inventories in inventory tables within the Systems Management Server database. The Add or Remove Programs database is stored in GS_ADD_REMOVE_PROGRAMS and exposed through SQL Server view, v_GS_ADD_REMOVE_PROGRAMS. This information can be used to dynamically map existing applications to replacement applications. A table (PackageMapping) is included in the MDT 2008 database to accomplish this process. This table maps the name of an application from the Add or Remove Programs database to a replacement Systems Management Server/System Center Configuration Manager package or program to replace the application. Tasks that can be accomplished using this process include replacing the application with the exact version in use, upgrading the application to the latest approved version, and replacing the application with an alternate application from the approved application list. Note For details on this process, see the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide.
System Center Configuration Manager Add or Remove Programs Database System Center Configuration Manager also maintains an Add or Remove Programs database that administrators can mine for replacement applications settings using MDT 2008. System Center Configuration Manager, like Systems Management Server, lets administrators dynamically map existing applications in the Add or Remove Programs database to replacement applications, enabling version management and replacement. Note For details on this process, see the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
9
Maintain the Approved Applications List The PackageMapping database table in the MDT 2008 database consists of two columns: ARPName and Packages. The ARPName field contains values found in ProdID0 in the ARP database in Systems Management Server or System Center Configuration Manager. The Packages field contains the package and program identifiers for Systems Management Server or System Center Configuration Manager. ZTI uses this value to automatically install the associated application during the State Restore Phase of the ZTI sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing A ppl ica ti ons f or Si lent Dep lo yment For best results, applications should be installed without user interaction. This is most easily accomplished by using the application’s silent installation option. Most business applications include options for unattended or silent installation. Often, this is accomplished by using specific command options; other times, it is done by calling a script to control the application installation. Occasionally, administrators may encounter legacy installers that have different command options. Although it is always best to consult the application designer regarding unattended installation, this section lists some of the more common unattended installation options.
Windows Installer Options Most applications that Microsoft distributes use Windows Installer technology. Several Independent Software Vendors (ISVs) also use Windows Installer to distribute applications. Windows Installer uses a set of command options to control installation processes. Among these are: •
/passive. Installs applications without user interaction but shows progress dialog boxes
•
/quiet. Installs applications with no visible prompts or dialog boxes
•
/q. Similar to /quiet but allows options to control the level of interaction: •
n. No user interface (UI)
•
b. Basic UI
•
r. Reduced UI
•
f. Full UI
Other options exist but are not relevant to this discussion. To use Windows Installer to deploy an application with MDT 2008, it must support an installation option that can be executed during an unattended installation. Test the application before deployment by executing Windows Installer with the appropriate option and verifying proper installation. To install an application using Windows Installer’s /quiet option 1. Execute the application’s Setup routing by calling Windows Installer: Msiexec path/application.msi /quiet 2. Verify proper installation of the application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Engineering Feature Team Guide: Developing
11
Setup.exe Command Options Several ISVs use installer technology that produces Setup.exe executable installers. These installers use a variety of command options but usually expose these options to the /? option. Many Setup.exe installers were created by earlier versions of the InstallShield application-packaging utility. Prepare these installers for unattended installation by recording an installation script to be used to control the installer. Common InstallShield Setup.exe options include: •
/s. Executes a recorded InstallShield (.iss) script
•
/f. Locates the .iss script file for silent installation
•
/r. Records the .iss script
•
/SMS. Ensures the system does not disconnect from a network share during installation
To record and use an .iss script with Setup.exe 1. Run Setup.exe with the /r option. 2. Install the application normally. 3. When the installation is complete, collect the script file (usually named Setup.iss) from the Windows directory. (Alternatively, use the /f1: option to designate a file name and location.) 4. To deploy the application silently, use the /s option in the Command Prompt window: Setup.exe /s /f1:path\filename.iss
Legacy Installers Some earlier versions of applications used several different installer technologies. Many of these were not designed for silent installation. To determine whether these applications can be automated for deployment using MDT 2008, research command options to use with the application. Test any options that appear to offer the ability to install unattended. If none exist, use the guidance in the section, “Repackaging Non-compliant Applications,” in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2007 Of fice Syste m/ Mi cr oso ft Of fice 2003 Depl oymen t Deployment Workbench has been designed to simplify the deployment of the 2007 Office system. Access to the Office Customization Tool has been included in Deployment Workbench to simplify the correct placement of Microsoft Office installation and control files. In addition, administrators can deploy Microsoft Office 2003 using standard silent installation methods. Integrate 2007 Office system installations with MDT 2008 in one of two ways: either as part of the desktop deployment image (known as a thick image) or after desktop image deployment (known as a thin image).
Thick Image Installations To preinstall the 2007 Office system on the desktop deployment image, execute the appropriate installation commands before collecting the deployment image. Microsoft Office will be installed on the image, allowing the deployment of a complete Windows Vista/2007 Office system image at one time. This increases the size of the desktop image but simplifies Deployment Workbench configuration. Note If automating the image-build process, use the instructions in the section, “Thin Image Installations,” in this guide to prepare the 2007 Office system for installation.
Thin Image Installations To integrate 2007 Office release programs into MDT 2008 as supplemental applications, use the Add Application feature of Deployment Workbench to point to the customized Microsoft Office distribution point. Deployment Workbench offers customized steps for the integration of the 2007 Office system, taking into account specific requirements of the 2007 Office system in the application settings used to deploy the package. Note To install multiple Microsoft Office programs, add each program separately to the applications list contained in Deployment Workbench.
To configure the 2007 Office system using Deployment Workbench 1. Expand Distribution Share. Right-click Applications, and then click New to start the New Application Wizard. Note See the MDT 2008 document, Computer Imaging System Feature Team Guide, for specific guidance on adding applications.
2. Complete the New Application Wizard, using the path and setup command for the 2007 Office system. Microsoft Office will be imported into the deployment point, preparing the correct folder structure for Microsoft Office deployment using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Engineering Feature Team Guide: Developing
13
3. Right-click the resulting package, and then click Properties to display the 2007 Office system properties sheet. 4. Click the Office Products tab to configure additional Microsoft Office settings. Note In addition to changing basic settings, administrators can edit the 2007 Office system Config.xml file from this location.
5. Complete configuration settings, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Repa cka ging N on- compl ian t A ppl ic ations Applications without documented unattended installation steps may require remediation to enable silent installation. Use this section to evaluate options for packaging applications. This section covers fundamentals of application packaging, introduces common repackaging tools, and details some specific guidance for using the most popular packaging applications.
Application-Packaging Fundamentals Application repackaging is the process of collecting files and registry changes made by an application installer and compiling them into a Windows Installer file that can be used to silently deploy an application. Vendors such as Wise and Macrovision produce excellent Windows Installer environments designed both to repackage applications and to be used for initial application packaging. Using an application packaging tool, administrators can run an installation, collect information about file system and registry changes, and use the features of the repackaging tool to manage these settings and create a Windows Installer deployment file. This process takes some time to perfect. Each application has different requirements, and some are more challenging to repackage than others. Most, however, can be repackaged successfully using one of these tools. Watch for the following during the repackaging process: •
Installers make decisions based on system configuration and user input. Be sure to examine all variables during package capture to ensure that unintended changes do not occur in the package output.
•
Ensure that any additional files required by the application are included in the package. Many tools allow administrators to include additional folders and files in the application package.
•
Each repackaging tool approaches the task in a different way. If unsuccessful with one tool, consider trying another. Administrators may have success with a tool that uses different repackaging methods.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Test Feature Team Guide: Planning
15
Application Repackaging Tools This section lists some of the repackaging tools that are available and provides an overview of their capabilities.
Macrovision AdminStudio Using Macrovision AdminStudio, administrators can manage repackaging projects distributed among several systems administrators and keep track of multiple repackaging projects simultaneously. Two related Macrovision products, InstallShield Professional and InstallShield Express, have limited repackaging functionality and focus instead on the packaging of new applications for developers.
Wise Package Studio The Wise Package Studio lets administrators repackage applications into .msi files for automated installation through Systems Management Server or System Center Configuration Manager. Wise Package Studio has features that allow for tracking conflicts between versions of applications, applying updates, and centralizing distribution of software packages. Use it both to package new applications and to repackage applications that otherwise do not support silent install options.
SMS Installer Originally distributed with Systems Management Server version 2.0, the SMS installer is a simple repackaging tool that captures “before” and “after” snapshots of a system during the deployment process. The differences are collected and compiled into a deployment package. Customization features in Systems Management Server allow some manipulation of the package but are not as sophisticated as the current versions available from other software vendors. Because this is a free download from Microsoft (see Installer with Installer Set-up Utility at http://www.microsoft.com/technet/sms/20/downloads/tools/installer.mspx), it is definitely worth a try before purchasing a more expensive tool.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Cha ll enging A ppl ic ations Occasionally, an application presents challenges to the best efforts at automation. Examples might include an application that is not installed using conventional installer technology, has difficult-to-replicate registry settings, or requires custom database configuration during the installation process. Use this section to explore various methods for deploying difficult applications.
Deploy Applications Using Scripting Scripting can sometimes automate a difficult application. Using Windows PowerShell scripts, administrators can take control of nearly any aspect of an installation. Microsoft Visual Basic® Scripting Edition (VBScript) also has powerful options for manipulating and managing the installation process. Deployment of applications using scripting requires substantial knowledge of scripting languages and a certain amount of patience to manage multiple iterations, but it can sometimes automate an application that cannot be deployed in any other way. For more information on scripting with Windows PowerShell, see the Scripting with Windows PowerShell Script Center at http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx.
Deploy Applications Using AutoIT When all else fails, a free software tool called AutoIT may be able to complete the packaging process for the most challenging applications. This utility has the ability to record mouse clicks, keystrokes, and even cut-and-paste operations. The results are compressed into a self-extracting AutoIT .zip executable file that can be deployed using MDT 2008. For more information on this tool and complete instructions, visit the AutoIT site at http://www.autoitscript.com.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2
Microsoft Deployment Toolkit 2008
Microsoft® Deployment Toolkit 2008 Deployment Concepts Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion If this is the first time computers have been deployed using any version of Microsoft® Deployment Toolkit (MDT), including Business Desktop Deployment (BDD) 2007, take a few minutes to learn important MDT 2008 deployment concepts. This document covers deployment methods and scenarios, imaging concepts, application deployment, testing, infrastructure security, and deployment capacity planning. For more information about deployment and MDT 2008, read the MDT 2008 document, Getting Started Guide.
Selec ting De pl oymen t M ethods MDT 2008 can be used to deploy computers with either of two techniques: •
Lite Touch Installation. Lite Touch Installation (LTI) deployment requires minimal infrastructure to operate. Operating systems can be deployed over a network using a shared folder or locally using removable storage such as a CD, DVD, USB flash drive (UFD), or other device. The deployment process can be initiated automatically (using Windows® Deployment Services) or manually. Configure LTI settings using Deployment Workbench, and then further customize CustomSettings.ini for the specific environment. Provide configuration settings for groups of computers. The configuration settings for each individual computer are usually provided manually during the deployment process. As a result, customizing LTI usually requires less effort than customizing a Zero Touch Installation (ZTI) deployment.
•
Zero Touch Installation. Zero Touch Installation (ZTI) deployment requires Microsoft System Center Configuration Manager 2007 or Systems Management Server (SMS) 2003 with Service Pack 2 (SP2) and the SMS 2003 Operating System Deployment (OSD) Feature Pack. Deploy operating systems from System Center Configuration Manager or Systems Management Server distribution points. The installation process can be initiated by System Center Configuration Manager, Systems Management Server, or Windows Deployment Services. The ZTI deployment process is always initiated automatically. As with LTI deployment, initially configure ZTI deployment using Deployment Workbench, and then further customize CustomSettings.ini for the environment. In a ZTI deployment, all configuration settings must be provided for each target computer being deployed. By definition, there is no manual configuration in ZTI deployment. As a result, customizing a ZTI deployment usually requires more effort than customizing LTI deployment.
In most instances, enterprises use a combination of both techniques to deploy operating systems to the target computers. LTI and ZTI deployments use the same common set of scripts and configuration files (such as CustomSettings.ini) for deploying the operating system. Table 1 compares LTI and ZTI deployments.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Table 1. Comparison of LTI and ZTI Deployments LTI deployment
ZTI deployment
Provides configuration settings common to Provides all necessary configuration a group of target computers settings for each target computer Requires less initial information technology Requires more initial IT administration (IT) administration configuration time configuration time Requires more user configuration time
Requires zero user configuration time
Can be used with slow connections or in instances where no network connectivity exists
Requires a high-speed, persistent connection
Requires little or no infrastructure to support deployment
Requires an infrastructure sufficient to deploy operating system images using either the SMS 2003 OSD Feature Pack or System Center Configuration Manager
Supports deployment over the network or locally
Supports only network deployments
Does not require target computers to be managed using System Center Configuration Manager or Systems Management Server (or other softwaremanagement tools)
Requires that target computers be managed using either System Center Configuration Manager or Systems Management Server
Supports security policies where automatic Supports only security where automatic software installation is prohibited software installation is allowed. Supports deployment to target computers isolated by firewalls
Requires remote procedure call (RPC) communication with target computers
Supports Upgrade Computer deployment scenarios
Does not support Upgrade Computer scenarios
For more information about: •
ZTI deployment, see the MDT 2008 documents, Preparing for Microsoft Systems Management Server 2003 or Preparing for Microsoft System Center Configuration Manager 2007.
•
LTI deployment, see the MDT 2008 document, Preparing for LTI Tools.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Selec ting De pl oymen t Scenar ios Table 2 lists the deployment scenarios and provides a brief description of each. Table 2. Deployment Scenarios and Descriptions Scenario
Description
Migrates user state
Uses existing target computer
Preserves file system
New Computer
A new installation of a Windows operating system is deployed to a new computer.
No
No
No
Upgrade Computer
The current Windows operating system on the target computer is upgraded to the deployed operating system. The existing user state migration data, user profile, and applications are retained.
Yes
Yes
Yes
Refresh Computer
A computer is refreshed, including computers that must be re-imaged for image standardization or to address a problem.
Yes
Yes
No
Replace Computer
One computer replaces another computer. The existing user state migration data is saved from the original computer. Then, a new installation of Windows is deployed to a new computer. Finally, the user state data is restored to the new computer.
Yes
No
No
Based on the existing environment, any combination of these scenarios can be selected in the deployment. For example, if the organization is only upgrading existing computers, only the Refresh Computer and Upgrade Computer scenarios may be used. If the organization is deploying new computers for some users and upgrading the remaining computers, the Upgrade Computer, Replace Computer, and Refresh Computer scenarios may be used.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Choos ing an Ima ge Str ate gy Most organizations share a common goal: to create a standard configuration that is based on a common image for each version of the operating system. Organizations want to apply a common image to any computer in any region at any time, and then customize that image quickly to provide services to users. In reality, most organizations build and maintain many images—sometimes up to 100 images. By making technical and support compromises, by making disciplined hardware purchases, and by using advanced scripting techniques, however, some organizations have reduced the number of images they maintain to approximately three or fewer. These organizations tend to have the sophisticated software distribution infrastructures necessary to deploy applications—often before first use—and to keep them updated. The following list describes costs associated with building, maintaining, and deploying disk images: •
Development costs. Development costs include creating a well-engineered image to lower future support costs and improve security and reliability. Higher levels of automation reduce development costs.
•
Test costs. These costs include the time and labor involved in testing the standard image and the applications that might reside inside it, in addition to applications applied after deployment. Test costs also include the development time required to stabilize disk images.
•
Storage costs. Storage costs include storing the distribution points, disk images, migration data, and backup images. Storage costs can be significant depending on the number of disk images, the number of computers in each deployment run, and so on.
•
Network costs. Network costs include moving disk images to distribution points and to computers. The disk imaging technologies that Microsoft provides do not support multicasting, so network costs scale linearly with the number of distribution points that must be replicated and the number of computers in the deployment project.
As the size of image files increases, costs increase. Large images have more updating, testing, distribution, network, and storage costs associated with them. Even if only a small portion of the image is updated, the entire image must be redistributed. Note Windows Vista® and Windows Server® 2008 do not require a separate image for each type of hardware abstraction layer (HAL). Different images are needed only for 32-bit and 64-bit versions of these operating systems.
Thick Image Thick images are monolithic images that contain core applications, language packs, and other files. Part of the image development process is installing core applications and language packs before capturing the disk image. The advantage of thick images is simplicity. When the organization creates a disk image that contains core applications and language packs, it performs only a single step to deploy the disk image and core applications to the target computer, with language support for all target locales. Also, thick images can be less costly to develop, because Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
7
they frequently do not require advanced scripting techniques to build. In fact, MDT 2008 can be used to build thick images with little or no scripting. Last, in thick images, core applications and language packs are available on first start. The disadvantages of thick images are maintenance, storage, and network costs. For example, updating a thick image with a new version of an application or language pack requires rebuilding, retesting, and redistributing the image. If thick images will be built that include core applications and language packs, install the core applications and language packs during the disk imaging process.
Thin Image The more an image contains, the less common and larger that image becomes. By including less in images, the number and size of images maintained are reduced, which in turn reduces the cost to build, maintain, and test images as well as storage costs. Ideally, a single, worldwide image would be maintained that is customized after deployment. Thin images contain few if any core applications or language packs. Applications and language packs are installed separately from the disk image, which typically takes more time at the computer and possibly more total bytes transferred over the network, but the transfer is spread out over a longer period of time. To mitigate the network transfer time, use trickle-down technology that many software distribution infrastructures provide, such as Background Intelligent Transfer Service (BITS). The primary disadvantage of thin images is that they can be more complex to develop initially. Deploying applications and language packs outside the disk image often requires scripting and a software distribution infrastructure. Another disadvantage of thin images is that core applications and language packs are not available on first start, which may be required in high-security scenarios. If choosing to build thin images that do not include applications or language packs, the organization should have a systems management infrastructure, such as Systems Management Server or System Center Configuration Manager, in place to deploy applications and language packs. Use this infrastructure to deploy applications and language packs after installing the thin image.
Hybrid Image Hybrid images mix thin and thick image strategies. In a hybrid image, the disk image is configured to install applications and language packs on first run, giving the illusion of a thick image but automatically installing the applications and language packs from a network source. Hybrid images have most of the advantages of thin images. However, they are not as complex to develop and do not require a software distribution infrastructure. They do require longer installation times, however, which can raise initial deployment costs. An alternative is to build one-off thick images from a thin image. Begin by building a reference thin image. Then, after the thin image is tested, add core applications and language packs, capture them, test them, and distribute a thick image based on the thin image. Testing the thick image is minimized, because the imaging process is essentially the same as a regular deployment. Be wary of applications that are not compatible with the disk imaging process, however. Hybrid images store applications and language packs on the network but include the commands to install them when deploying the disk image. This process is different from Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
installing the applications and language packs in the disk image, because the image deployment process installations that would typically occur during the disk imaging process are being deferred. Also, if a systems-management infrastructure is in place, it will likely be used to install supplemental applications and language packs after deployment.
Cr ea ting the Ima ge This section provides a conceptual overview of how to create images. For detailed instructions, refer to the MDT 2008 document, Workbench Imaging Guide.
Add Operating Systems All Windows Vista and Windows Server 2008 editions are included in a single image file, Install.wim, which is in the Sources folder on the distribution media. For more information about the Windows Server 2008 distribution media and Install.wim, see the Windows Automated Installation Kit User’s Guide. To build images based on Windows Vista or Windows Server 2008, add the Windows Vista or Windows Server 2008 media to the MDT 2008 distribution share. In addition to adding Windows Vista or Windows Server 2008 media to the distribution share, Windows Vista or Windows Server 2008 images can be added from Windows Deployment Services to the distribution share. When adding a Windows Deployment Services image to the distribution share, MDT 2008 uses the image file from the Windows Deployment Services server.
Sysprep Windows Automated Installation Kit (Windows AIK), which is available for download and installation through MDT 2008, includes the latest System Preparation Tool (Sysprep) for Windows Vista and Windows Server 2008. As a result, no other tools are needed to create custom Windows Server 2008 images. For Windows XP and Windows Server 2003, MDT 2008 copies the correct version of Sysprep from Deploy.cab, which is in the distribution media’s Support\Tools folder. MDT 2008 looks for Deploy.cab in Operating Systems\Destination\Support\Tools (where Destination is the name of the operating system), in the distribution share. If a custom $OEM$ folder structure, used only in LTI deployments, already includes Sysprep, MDT 2008 uses the instance of Sysprep in the $OEM$ folder instead of the instance of Sysprep that is in the Support\Tools folder. In this scenario, MDT 2008 copies Factory.exe, Sysprep.exe, and Setupcl.exe from the custom $OEM$ folder that contains Sysprep to the Operating Systems\Destination\$OEM$\$1\Sysprep folder.
Windows PE Windows AIK includes the correct version of Windows Preinstallation Environment (Windows PE) for deploying Windows Server 2008 and Windows Server 2003 for LTI deployments and creating custom operating system images. ZTI deployments require Windows PE version 2.0. For more information about installing the correct version of Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
9
Windows PE for ZTI deployments using System Center Configuration Manager, see the MDT 2008 document, Getting Started Guide. Windows PE media are not needed to create custom operating system images.
Add Device Drivers Depending on the type of computers in the environment and the hardware they contain, device drivers may be required from hardware vendors to make the system fully functional. For more information about managing drivers, see the MDT 2008 document, Workbench Imaging Guide.
Add Updates When developing an image, take care to ensure that all critical security updates are included in the image so that computers deployed with the image are as up to date as possible. Different approaches can be used to perform these updates, although the first option is recommended: •
Adding updates offline. Use MDT 2008 to install updates offline using a task sequence. In the Task Sequence Editor in MDT 2008, select the Install Updates Offline task.
•
Adding updates online. Use MDT 2008 to install updates online using a task sequence. In the Task Sequence Editor in MDT 2008, select the Install Updates Online task. Note For information about using System Center Configuration Manager and the built-in ConfigMgr Install Software Updates task sequence, see Install Software Updates at http://technet.microsoft.com/en-us/library/bb632402.aspx.
•
Adding updates to the master image. Download the security updates from the Microsoft Web site, and then install them as part of the image build process. This is relatively easy to perform, and additional updates can be added by placing the downloaded updates in the distribution share. However, the image is vulnerable before the updates are installed and the computer is restarted.
•
Adding updates using Windows Software Update Services (WSUS). Use WSUS, Systems Management Server, or System Center Configuration Manager to install the security update after deployment. Like the previous method, the image is vulnerable before the updates are installed and the computer is restarted. Depending on the configuration, it might take an hour or more before all updates are applied. Including the Systems Management Server or System Center Configuration Manager client in the image and setting it to communicate with a specific Systems Management Server or System Center Configuration Manager site might result in all computers built from the image communicating with only that site.
•
Slipstreaming updates to the installation source. Download the security updates from the Microsoft Update Catalog at http://go.microsoft.com/fwlink/?LinkId=8973, and then integrate them into the Windows installation source before beginning the unattended build process. While this method protects the image from known security exploits, integrating the security updates takes some effort.
The sections that follow provide details about how updates differ based on the target operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Windows Vista and Windows Server 2008 Microsoft provides Windows Vista and Windows Server 2008 operating system updates as packages. Packages include service packs, security updates, and other operating system changes. If using Deployment Workbench, add these updates to the OS Packages item of the distribution share, and MDT 2008 will install these packages during deployment.
Windows XP and Windows Server 2003 Add Windows XP and Windows Server 2003 updates as applications, and then add a task to the task sequence that installs the update. The MDT 2008 document, Image Customization Guide, describes how to add application installations to the task sequence. For security updates, create a subgroup called Security Updates in the State Restore group, and add security updates to it. Doing so installs security updates automatically, keeps them organized, and gives control over the installation sequence. To prevent users from seeing security updates in the applications list during deployment, in the Application Properties dialog box (where Application is the name of the update added to the distribution share), clear the Enable this application check box. For more information about command-line options for installing Windows Server 2003 updates, see the Guide for Installing and Deploying Updates for Microsoft Windows Server 2003 and Windows XP 64-Bit Edition Version 2003 at http://www.microsoft.com/technet/security/guidance/patchmanagement/hfdeploy.mspx. Optionally, integrate each update into Windows XP or Windows Server 2003 as described in the Microsoft Help and Support article, “How to integrate software updates into the Windows installation source files,” at http://support.microsoft.com/kb/828930/en-us. All updates released for Windows Server 2003 SP1 or later include the /integrate option described in the article. Most Windows Server 2003 core updates can be integrated, but updates to other components (such as Windows Internet Explorer®, Windows Script Host [WSH], and others) cannot. Do not include updates integrated into Windows Server 2003 in the task sequence.
Add Language Packs Language packs create a multilingual Windows environment. Windows Vista and Windows Server 2008 are language-neutral, and all language and locale resources are added through language packs (Lp.cab files). By adding one or more language packs to Windows Server 2008, those languages can be activated when installing the operating system. As a result, the same Windows Server 2008 image can be deployed to regions with different language and locale settings, reducing development and deployment time. Windows XP and Windows Server 2003 use Multi-user Interface (MUI) language packs, which require additional steps to integrate.
Add Language Packs Offline Using System Center Configuration Manager MDT 2008 or System Center Configuration Manager can be used to install language packs offline using a task sequence. In the Task Sequence Editor in MDT 2008 or System Center Configuration Manager, select the Install Language Packs Offline task. Note For additional guidance on this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
11
Add Language Pack Online Using System Center Configuration Manager MDT 2008 or System Center Configuration Manager can be used to install language packs online using a task sequence. In the Task Sequence Editor in MDT 2008 or System Center Configuration Manager, select the Install Language Packs Online task. Note For additional guidance on this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
Windows XP and Windows Server 2003 If installing Windows XP or Windows Server 2003 MUI language packs, add each language pack as an application to the distribution share. Then, install the language pack as part of the build’s task sequence, or allow the user to choose a language pack during deployment. The MDT 2008 document, Image Customization Guide, describes how to add application installations to the task sequence. For language packs, create a subgroup called Language Packs in the State Restore group, and add language packs to it. This installs language packs automatically, keeps them organized, and provides control over the installation sequence. To prevent users from seeing language packs in the applications list during deployment, in the Application Properties dialog box (where Application is the name of the language pack added to the distribution share), clear the Enable this application check box.
Windows Vista and Windows Server 2008 Windows Vista and Windows Server 2008 use language pack files. By adding one or more language packs to Windows Vista or Windows Server 2008, those languages can be activated where needed during the installation of the operating system, which provides the ability to deploy the same Windows Server 2008 image to different regions with different languages. The language packs can be installed offline or online. When using System Center Configuration Manager, add the language pack to the task sequence using the Install Language Packs Online task or the Install Language Packs Offline task.
Add Applications The first step in adding applications to a build is to add them to the distribution share. Deployment Workbench can install the application from its original network location, or it can copy the application source files to the distribution share. In either case, specify the commands for installing the application when adding it to the distribution share. Applications can also be installed as Systems Management Server packages or System Center Configuration Manager packages for ZTI deployments. Note For additional guidance on this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
After an application has been added to the distribution share, it can be installed in one of two ways: •
Add it to the task sequence. Application installations added to the task sequence— the sequence of tasks that occur during installation to prepare, install, and configure the build on the target computer—occur when MDT 2008 executes the task sequence on the target computer. Solution Accelerators microsoft.com/technet/SolutionAccelerators
12
•
Microsoft Deployment Toolkit 2008
Using Windows Deployment Wizard. The Windows Deployment Wizard presents the installer a list of applications that are available for installation. The installer can then choose which applications to install. CAUTION When using MDT 2008, do not allow an application to restart the computer. MDT 2008 must control restarts, or the task sequence will fail. Use the command-line property REBOOT=REALLYSUPPRESS to prevent applications, such as those based on Windows Installer, from restarting. To make MDT 2008 restart the computer after installing an application, in the Application Properties dialog box (where Application is the name of the application being installed) of Deployment Workbench, select the Reboot the computer after installing this application check box.
Configure Task Sequences A task sequence binds operating system source files with a configuration. The files include: •
Operating system. Choose an operating system or custom image to use for the build.
•
Unattended Setup answer file (Unattend.xml or Unattend.txt). Create an answer file that describes how to install and configure the operating system on the target computer. For example, the answer file can contain a product key, organization name, and information necessary to join the computer to a domain.
•
Task sequence. Each build has a default task sequence. This sequence can be customized.
Edit the Answer File An answer file contains settings that can be configured to perform an unattended installation of Windows. Windows Vista and Windows Server 2008 answer files are XML files that are commonly named Unattend.xml. Use Windows System Image Manager (Windows SIM) to edit Unattend.xml. The answer file associated with each task sequence added to a distribution share can be edited. Deployment Workbench loads the task sequence’s answer file in Windows SIM. Windows XP and Windows Server 2003 answer files are .txt files that are commonly named Unattend.txt. Use Windows Setup Manager or a text editor to edit Unattend.txt. As with Unattend.xml, the answer file associated with task sequences can be edited. For more information about editing both types of answer files, Unattend.xml and Unattend.txt, see the MDT 2008 document, Image Customization Guide.
Edit the Task Sequence The Task Sequencer runs the task sequence in the order specified. Each task in the sequence is a step, and steps can be organized into groups and subgroups. When creating a task sequence in Deployment Workbench, Deployment Workbench creates a default task sequence. Task sequences contain the following types of item: •
Tasks (steps). Within a task sequence, tasks do the actual work. Tasks are commands that the Task Sequencer runs during the sequence, such as partitioning the disk, capturing user state, and installing the operating system. In the default task sequence, most tasks are commands that run scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
•
13
Groups. The task sequence can be organized into groups, folders that can contain subgroups and tasks. Groups can be nested as necessary. For example, the default task sequence puts tasks in groups by phase and deployment type.
Tasks and groups, including the groups and tasks they contain, can be filtered based on specified conditions. Groups are especially useful for filtering, because an entire collection of tasks can be run based upon a condition such as the deployment phase or type of deployment. The MDT 2008 document, Image Customization Guide, provides detailed instructions for editing a task sequence.
Configure Deployment Points Whereas a distribution share contains the files necessary to install and configure a build on a target computer, a deployment point defines a subset of those files and how to connect to them. For example, the distribution share might contain multiple operating systems and hundreds of applications. A deployment point defines which of those files to distribute and how to access them through a network connection or removable media. MDT 2008 supports four types of deployment point: •
Lab. This is a basic, single-server deployment point. This deployment point references all the content in the distribution share. When building custom images, a lab deployment point is typically used.
•
Network. This is a subset of the distribution share that can be replicated to many servers based on the organization’s requirements. The builds, images, device drivers, updates, and applications that are replicated to a network deployment point can be chosen.
•
Media. This is a subset of the distribution share that can be put on a DVD, UFD, and so on to perform stand-alone, potentially network-disconnected deployments.
•
OSD. This is a copy of all the scripts, tools, and other files necessary to properly configure custom actions in the SMS 2003 OSD Feature Pack for performing a ZTI deployment. The images, applications, and device drivers are part of this replica. SMS 2003 OSD Feature Pack deployment points can only be used to deploy images created by the Systems Management Server 2003 Image Capture Wizard.
•
System Center Configuration Manager. This product includes the required scripts, tools, and other files necessary to create and configure custom actions for ZTI deployments. Images, applications, device drivers, and user state migration are part of the product offerings. Use System Center Configuration Manager to deploy images that LTI deployment, Systems Management Server, or Windows Deployment Services create.
For each deployment point, Windows Imaging Format (WIM) imaging files and International Organization for Standardization (ISO) Windows PE image files can be created that automatically connect to the deployment point and begin the installation. During the MDT 2008 deployment process, the user can choose which build to install from the deployment point. Note file.
The SMS 2003 OSD Feature Pack deployment point does not generate the Lite Touch .wim
Customize Windows PE Using MDT 2008, download Windows AIK (see the MDT 2008 document, Getting Started Guide), which comes with Windows PE. No additional files are necessary to create Windows PE images for MDT 2008. Deployment Workbench automatically customizes Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Windows PE WIM files when a deployment point is updated. Optionally, configure the deployment point to generate the following Windows PE images: •
LTI CD-bootable ISO image
•
LTI bootable RAM disk ISO image
•
Generic CD-bootable ISO image
•
Generic bootable RAM disk ISO image
When a deployment point is updated, Deployment Workbench generates the Windows PE WIM image and other optional ISO images. It stores these images in the distribution share’s Boot folder. Windows PE need not be manually customized to add network adapter device drivers to it. Deployment Workbench automatically adds network adapter device drivers to the Windows PE images that are added to the distribution share. An additional option is to automatically add video and system device drivers from the distribution share to the Windows PE images. After updating the deployment point and generated Windows PE images, the WIM image file can be added to Windows Deployment Services. Optionally, burn the Windows PE ISO images to DVDs using any commercial CD-burning software. Note The same platform edition of Windows PE must be used to start computers for installing each platform edition of Windows. In other words, start target computers using the x86 edition of Windows PE to install the x86 edition of Windows Server 2008. Likewise, use the x64 edition of Windows PE to install the x64 edition of Windows Server 2008. If mismatched editions are used, an error might occur, indicating that the image is for a different type of computer.
To learn more about customizing Windows PE, see the Windows Preinstallation Environment User’s Guide in Windows AIK.
Capture an Image Capturing an image based on a build is fundamentally an LTI deployment that ends with the Windows Deployment Wizard capturing an image of the target computer. When creating a deployment point, Deployment Workbench provides the option of prompting to capture an image. Select this option. When installing the build on a target computer, the Windows Deployment Wizard prompts to capture an image after installation is complete. The wizard also allows specification of a destination for the image. The default destination is the Captures folder in the distribution share, and the default file name is the name of the build. Capturing an image for deployment using ZTI methods is similar to capturing an image for deployment using LTI methods. However, use the Systems Management Server or System Center Configuration Manager Image Capture Wizard to capture the image instead of allowing Windows Deployment Wizard to capture the image. Note Disable antivirus programs on the lab computer before capturing an image of the lab computer’s disk. Antivirus programs can interfere with the configuration of the image and installation of applications during deployment. After deployment, reactivate the antivirus program. Test the interaction of antivirus programs with MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying A pp lic ations There are several reasons why an application written specifically for an earlier version of Windows—especially the versions of Windows preceding Microsoft Windows 2000 Professional and Windows 2000 Server—might manifest problems when run on Windows Vista or Windows Server 2008. Most problems fall into the following categories: •
Setup and installation
•
Kernel-mode drivers
•
Permissions
•
Heap management
•
Firewall
•
DCOM
•
Internet Explorer
For detailed information about common compatibility problems, see Application Compatibility and User Account Control at http://technet.microsoft.com/appcompat. That page provides access to tools and documents that provide the information needed to test application compatibility and resolve problems prior to deployment. In particular, download and use the Application Compatibility Toolkit (ACT) and related documentation. Note The Web site http://www.AppDeploy.com is a well-known resource for information about deploying applications. It includes a knowledge base that describes how to automate the installation or repackaging of most popular business applications.
Repackaging Applications To distribute supplemental applications without requiring administrators to manually install software on each client computer, identify a way to automate the installation. Most applications provide native support for automation. Recently published applications typically provide Windows Installer packages. Applications released before Windows Installer became a popular technology might instead use InstallShield response files for automation. If an application’s setup procedure does not support these automation technologies, automatic installation may be possible by using scripting to simulate keystrokes. If there is an application that is not designed for Windows Installer and does not support another native installation automation technique, consider repackaging it into a Windows Installer package. However, repackaged applications lack the flexibility to efficiently customize the application installation, which is a feature of applications designed to be deployed with Windows Installer. Repackaging is not a function or feature of Windows Installer. However, non-Microsoft vendors provide tools to facilitate repackaging applications in a variety of formats. Organizations have repackaged applications for years, largely for the purpose of customization. Transforms, however, eliminate the need to repackage applications based on Windows Installer for customization. In fact, repackaging an application that already
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
uses Windows Installer for installation and maintenance would be difficult and is not supported. Some organizations prefer to repackage existing applications to gain the benefits of Windows Installer and the software deployment technology based on Group Policy in Windows Server 2003 and Windows 2000 Server. Repackaging also requires a thorough knowledge of the application’s installation. The cost of repackaging in labor, time, and reliability is often underestimated. Repackaging a Windows Installer package typically involves taking a snapshot of a clean computer (including the registry settings, files, and system settings), installing the software, taking a post-installation snapshot of the computer, and cleaning the package. The repackaging software detects the difference between the two snapshots and creates the necessary installation instructions to reproduce the installation. Any changes to the registry settings, files, or system settings that occur during the capture process are included in the installation. Typically, 30 to 40 processes run on a Windows XP Professional or Windows Vista computer at any given time. Thus, any one of those processes can modify a system during the installation, and the modification appears in the repackaged application.
Dep lo yment In fr as tr uctur e Securi ty The sections that follow describe possible security risks so that they can be mitigated as part of the security risk-management process. For additional security considerations, see the section, “Evaluating Security for the Deployment Solution,” in the MDT 2008 document, Getting Started Guide.
Protect Deployment Staging Areas Staging areas where images are created, updated, and maintained pose a significant potential vulnerability. First, because computers in the staging area (including computers that have not been updated and would not meet the organization’s security requirements) are likely to run with varying degrees of security, there is an elevated risk of the computers’ being compromised. Help protect those computers from worms and viruses in particular by placing them on an isolated network segment. Using a perimeter firewall alone is not sufficient: Computers in the deployment staging area must be on a separate network that production computers cannot reach. If computers on the internal network can route traffic to the deployment staging area, there is a high risk that deployment staging servers will be infected with a worm. Worms are common on internal networks, because portable computers may become infected while connected to untrusted networks. Second, because these images form the basis for all new computers in the organization, a compromised image can have a widespread effect and a very high cost. Use the security risk-management process to evaluate this risk and assign resources to mitigate any vulnerability.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Infrastructure Security
17
Third, staging areas might contain credentials (user names and passwords) used to automatically authenticate computers during the setup process. Protect these credentials to reduce the risk of an attacker’s abusing them. For more information about protecting servers that host images and other infrastructure components in the staging area, refer to the Windows Server 2003 Security Guide at http://www.microsoft.com/downloads/details.aspx?FamilyID=8A2643C1-0685-4D89B655-521EA6C7B4DB and the Windows Server 2008 Security Guide at http://www.microsoft.com/downloads/details.aspx?FamilyID=fb8b981f-227c-4af6-a44bb115696a80ac. The risk of a security compromise cannot be completely eliminated. Therefore, plan to identify and track attacks. Security auditing, built into all recent versions of the Windows operating system, is a useful tool for recording user actions. For more information, see Auditing Security Events Best Practices at http://technet2.microsoft.com/WindowsServer/en/library/5658fae8-985f-48cc-b1bfbd47dc2109161033.mspx.
Protect Production Deployment Servers Deployment servers must be protected, as well. Like the servers in the staging environment, deployment servers typically store configuration files, which might include user credentials. Protect these servers with physical controls: Only authorized personnel should have physical access to production or development deployment servers. Even then, it is better to forbid a single user access to the server and instead always require collusion. Collusion requires two or more users to work together and greatly reduces the risk that authorized users will perform a malicious act. Reduce the attack surface of the server by limiting the services that are running. For example, although the File Server role is probably necessary, definitely do not install the Application Server role on a deployment server. For the roles not installed, including the File Server role, identify security guides, such as the Windows Server 2003 Security Guide at http://www.microsoft.com/technet/security/prodtech/windowsserver2003/W2003HG/SGC H00.mspx and the Windows Server 2008 Security Guide at http://www.microsoft.com/downloads/details.aspx?FamilyID=fb8b981f-227c-4af6-a44bb115696a80ac, which will help IT personnel harden the deployment server to meet security requirements. If possible, disallow remote logon entirely. If that is not possible, restrict remote access to the deployment server to a small group of trusted staff. Use network filtering (such as that included in Windows Firewall) to restrict network connections to those originating from client computers on local area networks (LANs). Again, consider reducing the risk of a single administrator making malicious changes or installing malicious software in operating system images by requiring collusion. One easy way to require collusion is to configure deployment servers to allow only a group of special user accounts to change images. For each of those user accounts, have two administrators each type half of the user account’s password, and then share that half of the password with at least one other employee. To successfully authenticate and change an image, two administrators must work together. In this way, the risk of a single disgruntled employee compromising the servers is significantly reduced. To reduce the risk of password-cracking attacks, consider implementing multifactor authentication by requiring use of a password in conjunction with a smart card or biometric authentication, such as a fingerprint scanner. Multifactor authentication need not necessarily be deployed to an entire enterprise; multifactor authentication can be Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
required only for the most critical computers on the network, such as staging and production deployment servers. At a minimum, use the Microsoft Baseline Security Analyzer (MBSA) to audit the security configuration of deployment servers. The MBSA is available for download from the Microsoft Security TechCenter at http://www.microsoft.com/technet/security/tools/mbsahome.mspx. The Microsoft Office Visio® 2007 Connector for MBSA 2.1, available at http://www.microsoft.com/technet/security/tools/mbsavisio.mspx, can help visualize the results of the audit. Windows Firewall with Advanced Security will automatically create exceptions for required services on deployment servers. If a network firewall is added between deployment client computers and servers, the network firewall must, at a minimum, allow the following communications to the appropriate servers in the deployment environment: •
Domain Name System (DNS). User Datagram Protocol (UDP) port 53.
•
Dynamic Host Configuration Protocol (DHCP). UDP port 67.
•
Key Management Service (KMS). TCP port 1688. KMS provides activation services for Windows Vista and Windows Server 2008 volume-licensed versions.
•
Windows Deployment Services. UDP port 69 (for Trivial File Transfer Protocol [TFTP]) and UDP port 4011 (for Pre-Boot Execution Environment [PXE]).
•
File sharing (required for the distribution share). TCP ports 139 and 445 and UDP ports 137 and 138.
•
Active Directory® Domain Services (AD DS) domain controller. For detailed information about AD DS firewall requirements, see the Microsoft Help and Support article, “How to configure Windows Server 2003 SP1 firewall for a domain controller,” at http://support.microsoft.com/kb/555381.
•
Systems Management Server. For detailed information about firewall requirements for Systems Management Server, see the Microsoft Help and Support article, “Ports that Systems Management Server 2003 uses to communicate through a firewall or through a proxy server,” at http://support.microsoft.com/kb/826852. For general security information, see Scenarios and Procedures for Microsoft Systems Management Server 2003: Security at http://www.microsoft.com/technet/prodtechnol/sms/smssp2/spsecurity/cbaf0e375aa9-415f-a3a5-1baf014faf14.mspx.
•
System Center Configuration Manager. For detailed information about firewall requirements for System Center Configuration Manager, see Firewall Settings for Configuration Manager Clients at http://technet.microsoft.com/enus/library/bb694088.aspx. For general security information, see Security and Privacy for Configuration Manager 2007 at http://technet.microsoft.com/enus/library/bb680768.aspx.
•
Microsoft SQL Server®. Systems Management Server or System Center Configuration Manager may require SQL Server. For detailed information about firewall requirements for SQL Server, see the Microsoft Help and Support article, “INF: TCP Ports Needed for Communication to SQL Server Through a Firewall,” at http://support.microsoft.com/kb/287932. For general security information, see the SQL Server security site at http://www.microsoft.com/sql/technologies/security.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ana l yzi ng Depl oymen t T ar get s The sections that follow describe how to assess the computers to which Windows will be deployed, including analyzing the scope of the deployment, gathering inventories, identifying the storage requirements, verifying target computer configuration, and providing sufficient network capacity and infrastructure.
Perform a Situation Analysis Answer the following questions to assess what must be done during the deployment: •
How many computers (client and portable computers) are in the organization?
•
What is the ratio of computers to users? Are there more computers than users, or are there more users than computers?
•
Does the possibility exist for rationalization or reduction of resources—computers, applications, and software—in this project? Effective rationalization reduces the level of effort required for a successful deployment.
•
How many computers can be upgraded without requiring additional hardware? How many will require hardware upgrades? Will there be a volume purchase of new systems?
•
Of the existing application sets used in the organization, how many will be updated to more recent versions? For example, many organizations choose to implement a current version of office productivity software at the same time as the upgrade of an operating system.
•
How fast can the migration be completed using the existing infrastructure?
•
If changes to the existing infrastructure are required, where are the largest returns gained by investing in additional resources?
•
Can this information help other current or future projects?
•
Is this a one-time gathering of infrastructure information, or can this information be reused?
Gather Inventories Gather an inventory for the organization before beginning deployment, including the following details: •
Structural description of the business. The structure of the business, including a geographical map with the location of each office (if there is more than one) and the number of users in each office. In addition, this information should include an organization chart of the business that outlines each functional area and the number of users it contains. It is also useful to include other organizational information, such as the vision and mission of the business. The latter is useful for bringing outside consultants rapidly up to date on the nature of the business.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xx
•
Microsoft Deployment Toolkit 2008
Hardware and software inventories. A geographic map outlining the number and function of computers by site, including specific information about each computer: •
Processor architecture
•
Basic input/output system (BIOS) or complementary metal-oxide semiconductor (CMOS) chip type and version, including whether the computer can start from a UFD or from the network
•
Number and capacity of hard disks
•
Removable media drives available, including CD or DVD drivers
•
System memory
•
Details of and drivers required for individual hardware components, including video cards, network adapters, modems, and other accessories
•
Current operating system and updates installed
•
Applications and any relevant updates that are installed.
•
Network infrastructure diagram. A network diagram outlining LAN and wide area network (WAN) links in addition to speeds and available bandwidth. This diagram should also include remote access connections and the number of remote users and their location. If common traffic patterns, such as peak loads, are identifiable, they should also be included. Finally, this diagram should include the network’s addressing scheme.
•
Service infrastructure documentation. A server diagram including a description of each server located in any site and the server’s function and role in the overall network, including:
•
•
Authentication and other security services.
•
Collaboration services, such as e-mail, team workspaces, and instant messaging.
•
File and print services, including server size and available disk space.
•
Replication services currently in use as much for authentication as for file services.
Management infrastructure documentation. A diagram outlining how network systems are managed within the organization, including: •
Client computer management, including portable and remote computers.
•
Management toolkit outlining application names, the number of servers involved in this management toolkit, and their role and capacity for growth.
•
Technical support structure outlining the roles and responsibilities of the staff involved in computer management and computer support.
•
Standards and procedures currently in use for the management of computers, ideally including information such as existing current system builds and build methodology as well as the application portfolio management and use practices.
•
ACT database. A database that includes not only application-specific data but also basic information concerning the computer hardware. In addition, it provides useful information about the compatibility of applications with both Windows XP with SP2 and Windows Vista. This database can double as an inventory tool if no other automated tool is in place.
•
Windows Vista Hardware Assessment (WVHA) tool information. Information gathered using the WVHA tool, including the current state of hardware in the organization as well as readiness for Windows Vista.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxi
Deployment Customization Guide: Contents
•
Help desk issues list. A list of issues related to operating systems and computer builds so as many as possible can be repaired during the preparation of the new operating system build. Involving the help desk early in the process helps both the help desk and users during the deployment.
Identify the Storage Requirements for Deployment Images Ensure that sufficient storage is available for storing the target operating system images that Deployment Workbench creates. These images are stored on the deployment points that Deployment Workbench designates. Determine the size of each image and the number of images required in the deployment. Create a unique image for the following: •
Each unique HAL required for the target computers when the target operating system is Windows XP or Windows Server 2003
•
A copy of the Windows operating system to be deployed
•
Each localized operating system language version required (such as Chinese simplified or Japanese)
For planning purposes, estimate the size of an image to be in the range of 500 megabytes (MB) to 4 gigabytes (GB), including applications. If there are five unique images, the total available disk storage on a deployment point is 20 GB (4 GB × 5). Ideally, each deployment point would have at least that much available disk storage.
Reduce Storage Requirements for Deployment Images If the available disk space cannot be increased on the deployment points, reduce the storage requirements. Reduce the storage required for the deployment points by using any combination of the following methods: •
Reduce the number of images. If few target computers have a specific HAL, consider another method of installing the Windows operating system on the target computers, such as deploying from a DVD-based image or from a removable hard disk.
•
Distribute the images to specific deployment points only. In some instances, the images may be specific to a geographic location. This is especially true for languagespecific images. Distribute only those images for a specific geography to the deployment points in the corresponding geographic locations.
•
Deploy MUI versions of Windows. When possible, deploy MUI versions of the Windows operating system to reduce the number of images required as a result of language differences. Avoid using the localized versions of Windows.
Provide Sufficient Storage for User State Migration Data Determine the amount of storage required for the user state migration data that the Windows User State Migration Tool (USMT) saved during the deployment process. When the amount of storage required is known, designate local storage on the target computers or shared folders that can be used as a temporary store for user migration data. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxii
Microsoft Deployment Toolkit 2008
Determine Storage Requirements for User State Migration Data For planning purposes, estimate the user state migration storage requirements by performing the following tasks: •
Running Scanstate.exe in the USMT with the /p command option to estimate the size of the user state migration data. By using the /p command option, the disk space requirements can be estimated without actually performing the migration. For more information, refer to the MDT 2008 document, User State Migration Guide.
•
Viewing the size of the contents of the folders in the user profile. Randomly sample targeted computers to determine a typical amount of storage required to back up the user state migration. Keep in mind that there may be several profiles (user name folders) on each target computer, so include each profile to be migrated.
•
Determining how long the user state migration data must be stored. Store the user state migration data in the event the deployment fails and the configuration must be rolled back. After verifying a successful deployment and backing up the computer, delete the user state migration data.
Calculate the storage requirements for user state migration data by multiplying the size of the user migration state by the number of computers being upgraded simultaneously (size of migration × number of computers).
Determine Where to Store User State Migration Data After determining the storage requirements for the user state migration data, determine where to store the data. Store user state migration data in these locations: •
On the local computer, to reduce the time to deploy Windows and reduce network utilization (recommended) Note
•
This option can be used only in a Refresh Computer scenario.
On a shared folder located on a local server to provide a consistent method of storing user state migration data or when local storage is not available
If user state migration data will be stored locally on the target computers, designate a shared folder in which the deploy process can store the data. By default, the process attempts to store user state data on the local hard disk for the Replace Computer and Refresh Computer scenarios. However, this behavior can be overridden with configuration settings in CustomSettings.ini. In the event that there is insufficient disk space for the user state data and new image, the deployment scripts attempt to store the information in a shared folder. Providing the shared folder as an alternate storage location makes the deployment process more reliable. Place the shared folder such that a high-bandwidth connection exists between the shared folder and the target computers.
Provide Sufficient Storage for Deployment Logs The deployment logs record the process for each target computer through the imagedistribution process. Determine the amount of storage required for the deployment logs saved during the deployment process. When the amount of storage required is known, designate shared folders that can be used as temporary stores for deployment logs.
Determine Storage Requirements for Deployment Logs To estimate for planning purposes the deployment log storage requirements for a single target computer, complete the following steps: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxiii
Deployment Customization Guide: Contents
6. Run the upgrade process in the test lab to determine the size of the deployment logs. 7. Determine how long the deployment logs must be retained. 8. Multiply the size of the deployment logs for one computer by the number of computers being deployed simultaneously.
Determine Where to Store Deployment Logs After determining the storage requirements for the deployment logs, determine where to store the deployment logs. Store them in a shared folder that is connected to the target computers by a high-bandwidth connection.
Provide Sufficient Storage for Computer Backup As an optional step in the deployment process for the Refresh Computer and Upgrade Computer scenarios, a backup can be performed of a target computer before deploying the target operating system. The purpose of this backup is for recovery of user state migration data. Perform the backup to one of the following: •
Local drives on the target computer
•
Network shared folders
The backup process in MDT 2008 is performed by using the Imagex.exe tool. The backup process creates an image of the disk volume where the user state migration data is stored. To estimate for planning purposes the computer backup storage requirements for a single computer 9. Run the Refresh Computer scenario process in the test lab to determine the size of the backup file. 10. Determine how long the backup file must be retained. 11. Multiply the size of the backup file for one computer times the number of computers being deployed simultaneously. Note The MDT 2008 backup process does not normally handle multiple partitions. If multiple partitions must be backed up, consider modifying the MDT 2008 backup process or using an alternative method to back up other partitions.
Provide Sufficient Storage for Application and Operating System Source Files Each deployment point in the environment needs access to the application and operating system source files to be used in the deployment process. Provide access to these source files by creating a copy of the source files on one of the following: •
A common network shared folder that is accessible to all servers hosting the deployment points. The advantage of this method is that storage is necessary for only one copy of the source files. The disadvantage is that the distribution points must access the source files over the network, which increases network use and is slower than accessing the source files locally.
•
Each server hosting the deployment points. The advantage of this method is that accessing the source files is faster than from a network shared folder. The
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxiv
Microsoft Deployment Toolkit 2008
disadvantage is that sufficient storage is needed for the source files on each server hosting the distribution points. To estimate for planning purposes the application and operating system source-file requirements for a single deployment point (or common shared folder) 12. Create a copy of each application and operating system source file on a shared folder. 13. Determine how much disk storage all the application and operating system source files require. If using one common network shared folder to be accessed by all distribution points, select a server with sufficient available disk storage for the source files. If providing a local copy to each distribution point, ensure that each server hosting one or more distribution points has sufficient available disk storage for the source files.
Verify an Adequate Target Computer Configuration Before deploying images to a target computer, ensure that the computer has the correct configuration. To deploy an image to a target computer, first complete these tasks: •
Verify that the target computer has the correct versions of necessary software.
•
Verify that the target computer has adequate system resources.
•
Identify the differences in 64-bit and 32-bit deployments.
Verify Correct Target Computer Software Versions Before running the rest of the MDT 2008 scripts, run ZTIPrereq.vbs to ensure that the target computer meets the requirements for running the remaining scripts. These script prerequisites include the following: •
Windows 2000 Professional with SP4, Windows XP with SP2, or a later Windows operating system is in use
•
WSH version 5.6 or later is installed and running
•
Microsoft XML Core Services (MSXML) version 3.0 (any service pack level) is installed and running
•
Microsoft Data Access Components (MDAC) version 2.0 or later is installed and running Note The version of MSXML must be 3.0. MSXML versions 4.0 and 6.0 are not compatible with the MDT 2008 scripts.
Verify Adequate Target Computer Resources After ZTIPrereq.vbs determines that the computer meets the requirements for running the remaining scripts, ZTIValidate.wsf determines whether the target computer has the appropriate resources to deploy the target operating system. These requirements include the following: •
The target computer has WSH 5.6 or later installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxv
Deployment Customization Guide: Contents
•
In any scenario except New Computer (which does not migrate user data), the existing operating system must be a client operating system if the new operating system is a client operating system. Similarly, only Windows Server 2003 or Windows Server 2008 can be deployed to a computer currently running a server operating system.
•
The OSInstall property, if defined, must be set to YES for the deployment to continue.
•
The target computer memory must meet the requirements of the operating system.
•
The target computer processor must meet the requirements of the operating system.
•
The target computer must have sufficient available disk space for the image being deployed to the target computer.
•
The current operating system on the target computer must be running on the C partition (Refresh Computer scenario only).
•
Drive C must be the first partition on the first disk of the target computer (Refresh Computer scenario only).
•
Additional available disk space is required when user state migration data and deployment logs are stored locally on the target computer.
•
The target computer must have sufficient free disk space (approximately 150 MB) to hold Windows PE log files.
•
The target computer must have sufficient total disk space to hold Windows PE and the image (expanded image size plus 150 MB).
•
The target computer must have a direct network connection to Windows Deployment Services servers and deployment points. (Unsupported network connections include virtual private network [VPN] and wireless connections.) Note Target computers that attempt to install an image over a VPN or wireless connection will not be able to connect to a deployment point after restarting in Windows PE, causing the deployment process to fail.
Although the minimum requirements for the Windows Vista operating system are highlighted in the Windows Vista TechCenter, hardware performance must be validated with the intended applications and user expectations before determining the organization’s standard hardware specifications. For example, when deploying Windows Vista with the Windows Aero® theme settings, the following computer resources may be required: •
At least 2 GB of RAM
•
At least a 2 gigahertz (GHz) processor
•
A compatible graphics adapter that provides improved performance
If deploying Windows Vista with the Windows Basic theme settings, these recommendations can be considerably reduced. Customize the hardware specifications and operating system configurations based on the user roles and operational needs in the organization. For more information about customizing the hardware specifications and operating system configuration, see: •
Windows Vista Enterprise Hardware Planning Guidance at http://technet.microsoft.com/en-us/windowsvista/aa905075.aspx.
•
Windows Aero at http://www.microsoft.com/windows/products/windowsvista/features/details/aero.mspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxvi
Microsoft Deployment Toolkit 2008
Use Systems Management Server, System Center Configuration Manager, or another software inventory tool to help determine whether any existing computers have inadequate system resources. Upgrade the system resources on these target computers prior to deploying Windows, if necessary. If it is determined that some computer system resources are inadequate for deploying Windows, perform one of the following actions: •
Upgrade the system resources on the existing computers.
•
Replace the existing computers with new computers.
•
Eliminate the existing computers from being part of the upgrade.
Identify Differences in 64-bit and 32-bit Deployment In most instances, deploying 64-bit versions of the Windows operating system is the same as deploying 32-bit versions of Windows. However, there are differences that affect how 64-bit versions of Windows are deployed and how MDT 2008 detects that the target computer has a 64-bit processor. Note MDT 2008 supports only Intel EM64T–enabled processors and the AMD64 family of processors. The Intel Itanium and IA64 family of processors are not supported in MDT 2008.
Most functions and features found in 32-bit versions of Windows are the same in 64-bit versions of Windows. However, take the following differences into consideration when deploying 64-bit versions of Windows: •
The version of Windows PE must match the version of Windows being deployed. If deploying a 64-bit version of Windows Vista, use a 64-bit version of Windows PE. Similarly, if deploying a 32-bit version of Windows Vista, use a 32-bit version of Windows PE.
•
Applications are installed in separate Program Files folders. On 64-bit versions of Windows, 64-bit applications are installed in the Program Files folder and 32-bit applications are installed in the Program Files (x86) folder. Check the appropriate folder structure when looking for previously installed applications.
•
Processor architecture discovery in Windows Deployment Services may need to be forced for 64-bit computers. Not all 64-bit computers properly report the processor type; therefore, MDT 2008 may not properly detect that the processor is a 64-bit processor. Force Windows Deployment Services to deploy 64-bit versions by using the following command: WDSUTIL /set-server /architecturediscovery:yes For more information, see the Windows Deployment Services Help files.
•
64-bit versions of Windows PE 2.0 do not run 32-bit applications. Ensure that any compiled applications used by a 64-bit version of Windows PE are 64-bit versions.
•
64-bit versions of Windows require 64-bit device drivers. 32-bit device drivers cannot be used in 64-bit versions of Windows.
Provide Adequate Network Capacity Because of the size of the images being distributed to the target computers (500 MB to 4 GB), computers must have a high-speed, persistent connection to the servers used in the deployment process. These servers include: •
Windows Deployment Services servers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxvii
Deployment Customization Guide: Contents
•
Servers hosting shared folders used to store deployment images (that is, deployment points).
•
Servers hosting shared folders used to store user state migration data.
•
Servers hosting shared folders used to store deployment logs.
These servers need to be on adjacent subnets to the target computers to ensure highspeed connectivity to the computers. If the organization cannot provide sufficient network capacity to deploy images, software, and migration data to computers, perform one of the following actions: •
Temporarily place the appropriate servers (for example, servers hosting the various shared folders or Windows Deployment Services server) closer to the target computers for the duration of the migration.
•
Temporarily move the target computers to a staging area where the computers can be deployed, and then return them to their original location.
•
Store user state migration data locally on the target computers.
•
Perform automated deployments locally by using a combination of a Windows Vista or Windows PE image CD.
•
In addition, when deploying computers through a firewall, ensure that the appropriate TCP and UDP ports are open on firewalls. If deploying images with ZTI deployment, see the Microsoft Help and Support article, “Ports that SMS 2003 uses to communicate through a firewall or through a proxy server,” at http://support.microsoft.com/kb/826852.
Determine the Required Infrastructure The deployment relies on several technologies for proper operation. Most of these are in the form of a file share somewhere on the network. Three of the four main deployment server roles are simple file shares: •
Deployment Server Role. This role is used to store all deployment information and toolkits to be used during the migration. It also stores operating system image files, including the required Windows PE images.
•
User State Migration Server Role. This role is used to store user profiles either temporarily or permanently, depending on the selected approach. As computers are being deployed, existing user profiles are captured to this server role and then drawn from this server to be restored to the updated computer. Note Roaming user profiles store user data on a file server to allow a user to access their desktop, documents, and settings from multiple computers. For detailed information about planning roaming user profiles, read the Managing Roaming User Data Deployment Guide at http://technet2.microsoft.com/WindowsVista/en/library/fb3681b2-da39-4944-93addd3b6e8ca4dc1033.mspx.
•
Application Installation Server Role. This role is used to store the prepackaged installation files for the applications to be redeployed after the operating system has been replaced.
•
Activation Server Role. To support Volume Activation 2.0, a KMS host may be required to automatically activate newly configured Windows Vista or Windows Server 2008 computers. For more information about Volume Activation 2.0 and KMS, see Volume Activation 2.0 Technical Guidance in the Microsoft Download Center at http://go.microsoft.com/fwlink/?LinkID=75674. If using a Multiple Activation Key (MAK) to activate computers, a separate server may not be required. However, the Volume Activation Management Tool (VAMT) can enable MAK activation without connecting hosts directly to the Internet. For more information about VAMT, see
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxviii
Microsoft Deployment Toolkit 2008
Microsoft® Deployment Toolkit 2008 Deployment Customization Guide Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This document guides the imaging process when using Microsoft® Deployment Toolkit (MDT) 2008 with Microsoft Systems Management Server (SMS) 2003 and Microsoft System Center Configuration Manager 2007. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
This guide describes how to customize reference images by customizing the task sequence; how to create custom scripts and customize existing scripts; how to configure and customize variables, location, role, and make and model; and how to configure and customize the imaging databases and custom images. The guidance presented here extends the guidance found in the MDT 2008 documents, Workbench Imaging Guide and Microsoft System Center Configuration Manager 2007 Imaging Guide. Table 1 provides additional information on the reference guides that are available to assist in configuring and setting up Deployment Workbench, Systems Management Server, and System Center Configuration Manager. Table 1. Related Guidance in MDT 2008 Guide
This guide offers assistance to help
Preparing for LTI Tools
Install LTI in the environment. The guide includes information about how LTI works.
Preparing for Microsoft Systems Management Server 2003
Install ZTI in the environment and perform deployments using Systems Management Server. The guide includes information about how ZTI and Systems Management Server work together.
Preparing for Microsoft System Center Configuration Manager 2007
Create a default installation of MDT 2008 for ZTI using System Center Configuration Manager.
Image Customization Guide
Guide the process of using MDT 2008, Systems Management Server, and System Center Configuration Manager during the imaging process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Revie wi ng t he D epl oymen t Pr ocess ing R ules Before the deployment processing rules that it wants to include in the deployment process can be identified, it must identify the components that MDT 2008 uses in ZTI and LTI deployments.
Identify the Deployment Components The ZTI and LTI deployment processes use a common set of deployment components, included in MDT 2008. To configure the deployment components properly, identify how the components interact in the ZTI and LTI deployment processes. The MDT 2008 components include: •
Task sequences
•
Scripts
•
Configuration files
•
Configuration databases
•
Environment variables
•
Log files
For a visual representation of how these components work together in the MDT 2008 LTI and ZTI processes, see the section, “Deployment Process Flowcharts,” in the MDT 2008 document, Troubleshooting Reference.
Task Sequences A task sequence is a combined series of steps that complete an action. Task sequences can operate across a computer restart, and task sequence steps can be organized into groups for more control over run-time behavior. A custom task sequence can be created that will automate and perform tasks on a computer without user interaction. Custom task sequence steps can be organized into groups so that multiple task sequence steps will run on a computer. By using task sequence steps in groups, error control can be organized and configured for each individual task sequence step and group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Reviewing Deployment Processing Rules
3
Some of the information that can be specified in task sequences includes: •
Task sequence name
•
Task sequence comment.
•
Task sequence template, which can be one of the following templates in Deployment Workbench or in the Import Task Sequence Wizard in Configuration Manager console: •
Standard Client Task Sequence
•
Standard Client Replace Task Sequence
•
Standard Server Task Sequence
•
Lite Touch OEM Task Sequence Template (LTI deployments only)
•
Preload OEM Task Sequence (Pre-OEM) (System Center Configuration Manager–based deployments only)
•
Preload OEM Task Sequence (Post-OEM) (System Center Configuration Manager–based deployments only)
•
Custom Task Sequence.
•
Operating system.
•
Product key
•
Operating system configuration settings
•
Password for local Administrator user account on target computer
Scripts Scripts are used to automate the deployment process. Scripts scan the configuration files, the configuration database, and environment variables to determine the rules to be used when deploying images to target computers. Scripts create log files while they automate the deployment process. The log files record the status of the deployment process and can be used to assist in troubleshooting the deployment process. For more information about each script used in the MDT 2008 deployment process, see the section, “Deployment Process Flowcharts,” in the MDT 2008 document, Troubleshooting Reference.
Configuration Files Scripts interpret the configuration files to ensure that the appropriate steps occur to deploy the correct operating system to the correct target computer. Various MDT 2008 wizards assist in creating and maintaining the configuration files. MDT 2008 can create and manage: •
Templates configuration files. After MDT 2008 creates the template file, the file is manually customized to include the appropriate processing rules. The CustomSettings.ini file is an example of this type of configuration file. After these template files are initially created, they should be maintained manually.
•
Completed configuration files. These files require no further customization. The Applications.xml file is an example of this type of configuration file. Maintain these files using MDT 2008. Although these files can be maintained manually, using MDT 2008 is recommended to avoid introducing human-caused errors.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
The MDT 2008 configuration files and a brief description of each are listed in Table 2. Table 2. Configuration Files in MDT 2008 Configuration file
Description
CustomSettings.ini
The primary configuration file for the MDT 2008 processing rules used in all scenarios.
BootStrap.ini
The configuration file used when the target computer is not able to connect to the appropriate deployment point. This situation occurs in the New Computer scenario and in the Replace Computer scenario.
For more information about additional configuration files, see the section, “Deployment Process Flowcharts,” in the MDT 2008 document, Troubleshooting Reference.
Configuration Database The configuration database is a logical extension of configuration settings that would typically exist in CustomSettings.ini. Create and manage the configuration database on the Database node in MDT 2008. The configuration settings can be centrally stored in a relational database using a configuration database. The configuration database is referenced in the CustomSettings.ini file. The MDT 2008 scripts query the database to retrieve values for properties. Using the configuration database is appropriate when the target computers have a high-speed, persistent connection to the server running Microsoft SQL Server® on which the configuration database is stored. Otherwise, make all configuration settings in CustomSettings.ini.
Environment Variables MDT 2008 scripts automatically retrieve appropriate environment variables. The variables are referenced like properties in the deployment processing rules. The environment variables can be referenced like any property in the configuration files or configuration database.
Log Files Because MDT 2008 scripts automatically create log files, no configuration settings are necessary. Each script creates a log file that matches the name of the script. For example, ZTIGather.wsf creates a log file named ZTIGather.log. Each script also updates a common log file (Deployment.log) that aggregates the contents of all the logs. For more information about each log file, see the section, “Deployment Process Flow Charts,” in the MDT 2008 document, Troubleshooting Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom iz ing T ask Sequences The following sections offer guidance on how to customize task sequences using Deployment Workbench, Systems Management Server, or System Center Configuration Manager.
Deployment Workbench Using Deployment Workbench, packages, languages, updates, and additional items can be added to task sequences.
Task Sequences Edit a task sequence to customize it for the deployment process. The following section describes the settings available in the Task Sequence Editor: •
Task sequence ID: An un-editable field assigned to the task sequence.
•
Task sequence name: The name assigned to the task sequence.
•
Task sequence version: The version assigned to the task sequence.
•
Comments: An area in which to identify the task sequence settings or add individual task sequence comments.
•
This can run on any platform: Defines the task sequence as able to run on any Windows platform.
•
This can run only on the specified client platforms: Defines the compatible platforms on which this sequence will run.
Enable or Disable a Task Sequence To enable or Disable a task sequence, perform the following steps: 14. Start Deployment Workbench. 15. In the console tree, click Task Sequences. 16. In the details pane, right-click the task sequence to be enabled or disabled, and then click Properties. 17. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Enable this Task Sequence check box to enable the selected task sequence.
•
Clear the Enable this Task Sequence check box to disable the selected task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Hide or Unhide a Task Sequence To hide or unhide a task sequence, perform the following steps: 1. Start Deployment Workbench. 2. In the console tree, click Task Sequences. 3. In the details pane, right-click the task sequence to be hidden or unhidden, and then click Properties. 4. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Hide this task sequence in the Deployment Wizard check box to hide the selected task sequence.
•
Clear the Hide this task sequence in the Deployment Wizard check box to unhide the selected task sequence.
Note For a complete description of enabling and disabling or hiding and un-hiding task sequences, see the MDT 2008 document, Workbench Imaging Guide.
Use the Task Sequence tab in the Task Sequence Editor to customize the individual tasks and change the order of their application to the target computer. The following section describes the task sequences that are available: •
New Group: Creates a new group listing using the name specified.
•
General: Contains the Run Command Line, Set Task Sequence Variable, Run Command Line As, Restart Computer, Gather, Install Updates Offline, Validate, and Install Application task sequence steps.
•
Disks: Contains the Format and Partition Disk; and Enable BitLocker task sequence steps.
•
Images: Contains the Install Operating System task sequence step type.
•
Settings: Contains the Apply Network Settings, Capture Network Settings task sequence steps.
•
Roles: Contains the Install Roles task sequence step type.
Each task sequence group and step has configurable properties on the Properties and Options tabs that are common to all task sequence groups and steps. For detailed information about these properties and options, see the MDT 2008 document, Toolkit Reference. For detailed information about task sequences in Deployment Workbench, see the MDT 2008 document, Workbench Imaging Guide. For detailed information about task sequences in System Center Configuration Manager, see About Task Sequences at http://technet.microsoft.com/enus/library/bb693631.aspx. For detailed information about task sequences in Systems Management Server, see Operating System Deployment Task Sequence Variables at http://technet.microsoft.com/en-us/library/bb632442.aspx.
OS Packages Before deploying operating system images to target computers, add any packages that must be installed after the operating system is installed. Add the packages to be installed using the New Package Wizard on the OS Packages node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
7
Deployment Customization Guide: Customizing Task Sequences
Following are examples of packages that are installed after the operating system is installed: •
Security updates
•
Service packs
•
Language packs
Note These packages are different from Systems Management Server packages and SMS 2003 OSD Feature Pack packages. The Deployment Workbench user interface (UI) refers to these packages as OS Packages to differentiate them from packages in Systems Management Server and the SMS 2003 OSD Feature Pack.
To add new OS packages 18. Start Deployment Workbench. 19. In the console tree, right-click OS Packages, and then click New. The New Package Wizard starts. 20. On the Select the location of the package files page, in the Package source directory box, type source_directory_name (where source_directory_name is the fully qualified path to the package source files), and then click Add. Note
Alternatively, click Browse to locate source_directory_name.
The New Package Wizard finishes, and the new package name appears in the details pane. Note Repeat this procedure for each package to be added except the packages located beneath source_directory_name.
Package groups can also be created to logically group packages together for ease of deployment. For example, if multiple operating systems will be deployed, create a package group for each operating system that includes the service packs or language packs for that operating system. Also, configure package groups by customizing the PackageGroup and LanguagePacks properties or by selecting a package group for a task sequence. If: •
A package group is specified in CustomSettings.ini or in the task sequence properties, only the packages (including language packs) that are in that package group as configured in Deployment Workbench are installed.
•
No package group is specified in CustomSettings.ini or in the task sequence properties: •
All packages (including language packs) defined in the OS Packages node in Deployment Workbench are installed.
•
All language packs specified in the LanguagePacks property are installed.
For more information on: •
Creating package groups, see the section, “Add a Package Group,” in the MDT 2008 document, Workbench Imaging Guide.
•
The PackageGroup property, see the section, “PackageGroup,” in the MDT 2008 document, Toolkit Reference.
•
The LanguagePacks property, see the section, “LanguagePacks,” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Select the Packages Group for a Task Sequence For each task sequence created in Deployment Workbench, select a packages group to be deployed with the task sequence. A package group is a logical grouping of one or more packages defined in the OS Packages node in Deployment Workbench. When the package group is selected for a task sequence, the packages are automatically copied to the deployment point and are available to the MDT 2008 scripts. The packages reside in the distribution_point\OS Packages\driver folder (where distribution_point is the name of the folder that is the root of the distribution point and driver is the name of the driver listed in Deployment Workbench). To select the package group for a task sequence 21. Start Deployment Workbench. 22. In the console tree, expand Distribution Share, and then click Task sequences. 23. In the details pane, right-click task_sequence_id (where task_sequence_id is the ID of the task sequence for which to select a package group), and then click Properties. 24. In the task_sequence_id Properties dialog box, on the Task Sequence tab, locate the Apply Patches task sequence step and on the Properties tab, in Package group, select package_group (where task_sequence_id is the ID of the task sequence selected and package_group is the name of the packages group to deploy), and then click OK. 25. Repeat steps 3 and 4 for each Apply Patches task sequence step in the task sequence. Note To deploy all packages with a task sequence, in the Package group box, click All Packages.
Languages Language packs enable a multilingual Windows environment. Windows Vista is language-neutral, and all language and locale resources are added to Windows Vista through language packs (Lp.cab files). By adding one or more language packs to Windows Vista, those languages can be enabled when installing the operating system. As a result, the same Windows Vista image can be deployed to regions with different language and locale settings, reducing development and deployment time. See the following references for additional information about language packs in Windows Vista: •
For instructions on installing language packs during deployment, see the section, “Running the Windows Deployment Wizard,” in the MDT 2008 document, Preparing for LTI Tools.
•
For the configuration properties for installing language packs automatically, see the MDT 2008 document, Toolkit Reference.
•
For more information about Windows Vista language packs, see “Manage Language Packs for Windows” in Windows AIK.
If installing Windows XP Multi-user Interface (MUI) language packs, add each language pack as an application to the distribution share. Then, install the language pack as part of the task sequence or allow the user to choose a language pack during deployment. For language packs, create a subgroup called Language Packs in the State Restore group, and then add language packs to it.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
9
Deployment Customization Guide: Customizing Task Sequences
Doing so installs language packs automatically, keeps them organized, and provides control over the installation order. To prevent users from seeing language packs in the list of applications during deployment, in the Application Properties dialog box (where Application is the name of the language pack added to the distribution share), clear the Enable this application check box.
Patches Apply patches to task sequences to keep the images up-to-date for security and additional software updates. Add the patches during the initial creation of the task sequence, or add them as a secondary process after the task sequence is created. To add patches to a task sequence 26. Start Deployment Workbench. 27. Click Task Sequences, right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 28. In the Task Sequence Properties dialog box, click the Task Sequence tab. Click the location to insert the patches, and then click Add. 29. Click General, and then click Run Command Line. 30. In the Properties dialog box, in the right pane of the Task Sequence tab, in the Name box, type Apply Patches. 31. In the Command line box, type cscript.exe “%SCRIPTROOT%ZTIPatches.wsf” (including the quotation marks). 32. Click OK.
Drivers Before deploying operating system images to target computers, add any device drivers that must be installed with the operating system. Add the drivers to be installed using the: •
New Driver Wizard in Deployment Workbench.
•
$OEM$ folder structure for original equipment manufacturer (OEM)–supplied drivers.
Add Drivers Using the New Driver Wizard in Deployment Workbench In Deployment Workbench, edit the Out-of-Box Drivers listing so it contains groups that help identify which drivers are associated with different platforms and computer types. This can help identify the drivers to associate with the different images in use. To add a group classification to an Out-of-Box Drivers listing 33. Start Deployment Workbench. 34. Expand Distribution Share, click Out-of-Box Drivers, click driver (where driver is the name of the driver to add to a group), and then click Properties. 35. In the Driver Properties dialog box, click the Groups tab. Click Add to open the New Driver Group dialog box. Type the new name of the driver group into the text box, click OK, and then click OK to close the Driver Properties dialog box. The New Driver Wizard finishes, and the new driver name appears in the details pane. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Note Repeat this procedure for each set of drivers to be added except the drivers that are located beneath source_directory_name.
Add Drivers Using the $OEM$ Folder Structure In addition to the drivers configured in Deployment Workbench, OEM-supplied drivers can be added by adding the $OEM$ folder structures to the deployment point. Include drivers that are typically installed during graphical user interface (GUI)–mode setup or post-setup by standard Plug and Play enumeration. Doing so permits preloading original equipment manufacturer (OEM) Plug and Play drivers that they can use later, when the associated hardware is introduced in the system. During the LTI deployment process, LTIApply.wsf scans for $OEM$ folders that contain drivers in the following order: •
The build of the target operating system
•
The version of the target operating system
•
The processor architecture of the target computer
•
Globally, for all target computers
Note In an instance where multiple $OEM$ folders have been defined, the first driver that LTIApply.wsf finds is deployed to the target computer.
Applications During the Developing Phase, the applications were repackaged or their installation automated. Core applications are common to most computers in the organization; supplemental applications are not. The first step in adding applications to an image is to add them to the distribution share. Deployment Workbench can install the application from its original network location, or it can copy the application source files to the distribution share. In either case, specify the commands for installing the application when it is added to the distribution share.
Enable or Disable an Application To enable or disable an application, perform the following steps: 36. Start Deployment Workbench. 37. In the console tree, click Applications. 38. In the details pane, right-click the application to be enabled or disabled, and then click Properties. 39. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Enable this application check box to enable the installation of the selected application.
•
Clear the Enable this application check box to disable installation of the selected application.
Note If an application intended for installation is added during the task sequence, that application can be disabled by clearing the Enable this application check box. The application will still be installed during the task sequence, but the user will not see it in the applications list.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
11
Deployment Customization Guide: Customizing Task Sequences
Hide or Unhide an Application To hide or unhide an application, perform the following steps: 1. Start Deployment Workbench 2. In the console tree, click Applications. 3. In the details pane, right-click the application to be enabled or disabled, and then click Properties. 4. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Hide this application in the Deployment Wizard check box to hide the installation of the selected application to the client.
•
Clear the Hide this application in the Deployment Wizard check box to unhide the installation of the selected application to the client.
Custom Images Custom images contain the minimum amount of information required. It is common to use custom images for applications that serve a specific purpose. In addition, a custom image might contain specific regional information; for example, language packs or specific security settings.
Create Custom Images The process for creating and deploying a custom image is identical to creating and deploying a standard image: install additional applications and updates, deploy the image, and so on. Using custom images, the process of deploying specific applications to a predefined group of computers can easily be simplified. For information on creating a custom image, see the MDT 2008 document, Image Customization Guide.
Deploy Custom Images For information on deploying custom images using Deployment Workbench, see the section “Running the Windows Deployment Wizard” in the MDT 2008 document, Preparing for LTI Tools.
Systems Management Server Using Systems Management Server, packages, languages, advertisements, drivers, custom images, and more can be added to task sequences.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Packages Systems Management Server packages contain the files and commands used to run the programs in the package in addition to other important information, such as which distribution points provide the package source files for target computers, and so on. To modify an existing package 40. In SMS Administrator Console, expand Site Database, and then expand site_code (where site_code is the name of the Systems Management Server site). 41. Expand Packages, right-click the package to edit, and then click Properties. 42. Use the Package Properties dialog box to change the settings. For additional information about packages, see the Systems Management Server 2003 Operations Guide at http://www.microsoft.com/technet/prodtechnol/sms/sms2003/opsguide/default.mspx?mfr= true.
Languages System Management Server distributes language packs as System Management Server packages. Create System Management Server packages that include the language packs, and then distribute the packages to the System Management Server distribution points. To modify an existing language for System Management Server 43. In SMS Administrator Console, expand Site Database, and then expand site_code (where site_code is the name of the Systems Management Server site). 44. Expand Packages, right-click the language to edit, and then click Properties. 45. Use the Package Properties dialog box to change the settings. For additional about modifying languages, see the section, “Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages,” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide.
Advertisements After creating and distributing the package, advertise a program associated with that package to a target collection in the Systems Management Server site. For more information about advertising packages, see the Systems Management Server 2003 Operations Guide at http://www.microsoft.com/technet/prodtechnol/sms/sms2003/opsguide/default.mspx?mfr= true.
Drivers During the ZTI deployment process, device drivers for target computers may have to be installed at the time the operating system is being deployed. Typically, device drivers are configured in Deployment Workbench and are available through the distribution point. However, multiple copies of device drivers might be created so that not all target computers are required to connect to the distribution point—for example, if packages will be deployed to branch offices and a local copy of the device drivers will be provided for each branch office. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
13
Deployment Customization Guide: Customizing Task Sequences
For ZTI deployments, create a Systems Management Server package that contains the device drivers, and then distribute the package to the distribution points. This way, the target computers can access the device drivers from a local Systems Management Server distribution point. Device drivers created in Deployment Workbench can also be distributed by using System Management Server. For more information, see “Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages” in the Microsoft Deployment Toolkit Samples Guide. For additional information about packages, see the Systems Management Server 2003 Operations Guide at http://www.microsoft.com/technet/prodtechnol/sms/sms2003/opsguide/default.mspx?mfr= true.
Custom Images Custom images contain the minimum amount of information required. It is common to use custom images for applications that serve a specific purpose. In addition, custom image might contain specific regional information; for example, language packs or specific security settings.
Create Custom Images The process for creating and deploying a custom image is identical to creating and deploying a standard image. Additional applications and updates must be installed, the image deployed, and so on. Using custom images, the process of deploying specific applications to a predefined group of computers is simplified. For information on creating a custom image, see the MDT 2008 document, Image Customization Guide.
Deploy Custom Images For information on deploying custom images using Systems Management Server, see the section, “Running the Deployment Wizard,” in the MDT 2008 document, Preparing for Microsoft Systems Management Server 2003.
SMS Installer Systems Management Server includes SMS Installer, a tool that creates software executable files. These packages are self-extracting files that contain everything necessary to install the software, including a script to control the installation. Although SMS Installer–generated executable files are created specifically to use on Systems Management Server client computers, they can also be posted to the Internet or packaged on a CD or on floppy disks. SMS Installer creates installation packages that can gather information about the current system, install and delete files, search for files, prompt users for information, and update system files and the Windows registry. The package can be customized to prompt the user for information, or it can run unattended. SMS Installer includes the Windows Installer Step-up Utility (ISU). ISU is a command-line tool that migrates setup packages from the SMS Installer format to the Windows Installer format. The resulting setup package is a Windows Installer setup package with an .msi file name extension.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
The new setup package can be run on any computer that supports Windows Installer. For more information about how to use SMS Installer, see SMS Installer Help. SMS Installer also creates Windows Installer packages and can open SMS Installer–generated executable files. For additional information about SMS Installer, see Installer Step-up Utility for MS Systems Management Server at http://www.microsoft.com/technet/sms/20/instlset.mspx.
System Center Configuration Manager Using System Center Configuration Manager, packages, advertisements, languages, drivers, and more can be added to task sequences.
Packages System Center Configuration Manager uses packages to distribute software to client computers. A package generally represents a software application to be installed on a target computer, but it might also contain individual files, updates, or even an individual command. Note Although System Center Configuration Manager can be used to easily install software on multiple computers, IT personnel must still agree to and follow the software license terms for any software installed using System Center Configuration Manager. Software metering can be used to help track license use. For more information about software metering, see Software Metering in Configuration Manager at http://technet.microsoft.com/en-us/library/bb694169.aspx.
Using packages, software can be delivered, installed, and configured to meet the individual needs of the organization’s users. This is done using programs, which identify the actions that must occur on the client computer, after the package is received. Each program defines for System Center Configuration Manager the client platform and environment within which the package can run and includes any and all appropriate references to script files or command switches. Each package must contain at least one program. For more information about programs, see About Programs at http://technet.microsoft.com/en-us/library/bb632775.aspx. Packages and programs are created and displayed in the Packages node in Configuration Manager console. They are then stored in the database for the site being administered. Packages often contain files in addition to the programs, particularly when installing a software application or update. If the package requires such files, also specify the following information: •
The source folder containing all the files needed for the package. If the package supports more than one platform, all files for all platforms are included in the source folder.
•
The distribution points for the package, on which the package files, programs, and scripts necessary for the package to run successfully will be stored. For more information about distribution points, see About Distribution Points at http://technet.microsoft.com/en-us/library/bb680614.aspx.
After creating a package with a source folder, System Center Configuration Manager sends the package source files to the distribution points specified. After programs have been defined for a package and the package data has been sent to one or more distribution points, create advertisements that make those programs available to the client computers in the specified collection. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
15
Deployment Customization Guide: Customizing Task Sequences
For more information about advertisements, see About Advertisements at http://technet.microsoft.com/en-us/library/bb694110.aspx. For additional information about package creation, property values, and using a package definition file as a template, see How to Create a Package at http://technet.microsoft.com/en-us/library/bb693627.aspx.
Advertisements After a software distribution package has been created, along with programs to tell client computers what to do with the package, advertise the program that the client computers are to run. Advertising the program makes a program available to a specified collection of client computers. System Center Configuration Manager evaluates advertisements to determine which client computers will receive a specific program to run. An advertisement specifies the following information: •
The program to run. (For more information, see About Programs at http://technet.microsoft.com/en-us/library/bb632775.aspx.)
•
The target collection of computers, users, or user groups to receive the program. (For more information, see About Collections at http://technet.microsoft.com/enus/library/bb694134.aspx.)
•
The schedule that specifies when the program is available. In the case of assigned— that is, mandatory—advertisements, additional options, such as Wake-on-LAN and ignoring maintenance windows can be used in conjunction with this schedule. (For more information, see How to Assign a Mandatory Advertisement at http://technet.microsoft.com/en-us/library/bb694124.aspx.)
The site’s client computers will not be able to receive advertised programs until the software distribution client agent on the site’s client computers is enabled. The Advertised Programs Client Agent performs the necessary software distribution–related tasks on these clients, primarily allowing the clients to receive and run the programs advertised. For additional information about advertisements, see About Advertisements at http://technet.microsoft.com/en-us/library/bb694110.aspx.
Languages System Center Configuration Manager distributes language packs as System Center Configuration Manager software distribution packages. Create software distribution packages that include the language packs, and then distribute the packages to the System Center Configuration Manager distribution points. Language packs created in Deployment Workbench can also be distributed by using System Center Configuration Manager. This process is similar to distributing language packs in System Management Server. For more information, see the section “Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages” in the MDT 2008 document Microsoft Deployment Toolkit Samples Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Deploy language packs to Windows Vista and Windows Server 2008 using one of the following methods: •
Online. Installs the language pack after the target operating system is deployed. This method is commonly used to add language packs to operating system editions that support multiple languages (such as Windows Vista Enterprise or Windows Vista Ultimate). This allows users to interactively select different operating systems. For this method, add the Install Language Packs Online action during the State Restore phase to deploy the language packs. Note When deploying a language pack to an operating system edition that does not support multiple languages when using the online method, the newly deployed language becomes the new default language and the existing default language is removed automatically within 24 hours.
•
Offline. Installs the language pack before the target operating system starts for the first time. This allows the language to be automatically selected by the MDT 2008 deployment process or by allowing the user to select the default language the first time the target operating system starts. For this method, add the Install Language Packs Offline action during the Postinstall phase to deploy the language packs.
When using either method, the language pack package must be created in System Center Configuration Manager prior to configuring the task sequence action. The only required configuration parameter for either action is to specify the language pack package to be deployed. To install a language pack using the online method 46. Create a System Center Configuration Manager package that contains the language pack(s) to be deployed to the target computers. 47. On the Task Sequences node, in the details pane, right-click task_sequence, and then click Edit (where task_sequence is the name of the task sequence to modify). 48. In the task sequence editor dialog box, in the State Restore task sequence group, click Add, click MDT, and then click Install Language Packs Online. This adds the Install Language Packs Online action to the task sequence. 49. On the Properties tab of the Install Language Packs Online action, click Browse. 50. In the Select a Package dialog box, click package (where package is the package created in step 1), and then click OK. 51. Click OK. To install a language pack using the offline method 52. Create a System Center Configuration Manager package that contains the language pack(s) to be deployed to the target computers. 53. On the Task Sequences node, in the details pane, right-click task_sequence, and then click Edit (where task_sequence is the name of the task sequence to modify). 54. In the task sequence editor dialog box, in the Postinstall task sequence group, click Add, click MDT, and then click Install Language Packs Offline. This adds the Install Language Packs Online action to the task sequence. 55. On the Properties tab of the Install Language Packs Online action, click Browse. 56. In the Select a Package dialog box, click package (where package is the package created in step 1), and then click OK. 57. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
17
Deployment Customization Guide: Customizing Task Sequences
Drivers The driver catalog helps manage the cost and complexity of deploying an operating system in an environment that contains different types of computers and devices. The driver catalog consists of two nodes in the Configuration Manager console: Drivers and Driver Packages. Storing device drivers in the driver catalog and not with each individual operating system image greatly reduces the number of operating system images that are required. When deploying an operating system image, each operating system image can install enabled device drivers that have been imported are available on a distribution point. Also multiple versions of Windows device drivers can be stored in the driver catalog. Maintaining multiple versions of device drivers provides an easy way to upgrade existing device drivers when hardware device requirements change on the network. For more information about the driver catalog, see How to Manage the Driver Catalog at http://technet.microsoft.com/en-us/library/bb693985.aspx.
Custom Images Custom images contain the minimum amount of information required. It is common to use custom images for applications that serve a specific purpose. A custom image might contain specific regional information—for example, language packs or specific security settings.
Create Custom Images The process for creating and deploying a custom image is identical to creating and deploying a standard image: Install additional applications and updates, deploy the image, and so on. Using custom images simplifies the process of deploying specific applications to a predefined group of computers. For information on creating a custom image, see the MDT 2008 document, Image Customization Guide.
Deploy Custom Images For information on deploying custom images using System Center Configuration Manager, see How to Deploy Operating System Images to a Computer at http://technet.microsoft.com/en-us/library/bb632559.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Scr ipt Custo mi za tions MDT 2008 is flexible and highly customizable. It includes several tools for getting started, but the ability to customize the deployment to fit the organization’s needs is the core of MDT 2008’s strength. In the following section are code samples that show how easily these scripts can be used to customize the deployment process. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Identify the CustomSettings.ini Syntax The syntax of the CustomSettings.ini file is similar to many .ini files. A CustomSettings.ini file includes: •
Sections
•
Properties
•
Settings
Listing 1 shows a CustomSettings.ini file that is customized for a ZTI deployment. For more information about the CustomSettings.ini file in Listing 1, see the section “Basic CustomSettings.ini File for ZTI” later in this guide. Listing 1. CustomSettings.ini File Customized for ZTI Deployment [Settings] Priority=Default, MACAddress Properties=CustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
19
OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
Sections in the CustomSettings.ini File Sections are identified by brackets that surround the section name (for example, [Settings]). In Listing 1, the sections include [Settings], [Default], [00:0F:20:35:DE:AC], and [00:03:FF:FE:FF:FF].
Required Sections Only the [Settings] section is required. All other sections are optional. The MDT 2008 scripts require the [Settings] section in CustomSettings.ini to locate the reserved properties (Priority and Properties).
Optional Sections The optional sections in the CustomSettings.ini file are used to assign a group of configuration settings to: •
A group of computers. In Listing 1, the configuration settings in the [Default] section are applied to more than one computer. For more information, see the section “Applying the Properties to Groups of Computers” later in this guide.
•
An individual computer. In Listing 1, the configuration settings in the [00:0F:20:35:DE:AC] and [00:03:FF:FE:FF:FF] sections are applied to the corresponding computer (in this case, identified by the media access control [MAC] address of the target computer). For more information, see the section “Applying the Properties to Individual Computers” later in this guide.
Properties in the CustomSettings.ini File Properties are variables to which values must be assigned. Properties are followed by an equal sign (=). The scripts scan the CustomSettings.ini file to locate the properties. The types of properties that can be used in deploying target computers include properties that are: •
Automatically declared in ZTIGather.wsf. These predefined properties are declared in the ZTIGather.wsf code and are documented in the MDT 2008 document, Toolkit Reference. In addition, the ZTIGather.wsf file automatically sets the values for these properties. These properties are not configured in CustomSettings.ini and should be treated as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
•
•
Microsoft Deployment Toolkit 2008
Declared in the ZTIGather.xml file. These predefined properties are listed in the ZTIGather.xml file and are documented in the MDT 2008 document, Toolkit Reference. The ZTIGather.wsf file retrieves these properties by scanning the ZTIGather.xml file. Divide the properties in this file into properties that: •
ZTIGather.wsf automatically assigns values. ZTIGather.wsf automatically sets the values for these properties, which must be treated as read-only.
•
Must be assigned values in CustomSettings.ini. Ensure that the value for any property to be used is set in CustomSettings.ini and is considered modifiable.
Declared in the Properties property. These are custom properties that can be declared, and they are in addition to the properties automatically declared in ZTIGather.wsf and in ZTIGather.xml.
The way properties are used for ZTI and LTI are identical. However, some properties are unique to ZTI or LTI deployment. Because ZTI deployments (in this Systems Management Server example) use Systems Management Server with the SMS 2003 OSD Feature Pack to deploy target operating system images, ZTI has properties that refer to SMS 2003 OSD Feature Pack values (such as OSDInstallPackage, OSDInstallProgram, and OSDNewMachineName). Like ZTI deployments, LTI deployments also have unique properties. Most of the LTIspecific properties relate to the Windows Deployment Wizard (such as SkipAdministratorPassword, SkipCapture, or SkipUserData). Although these properties use the same syntax as other properties, the reserved properties perform specific functions in the deployment processing rules.
Priority Reserved Property The Priority reserved property determines the sequence and section of where to find configuration values. Each section is searched in the order specified. When a property value is found, the remaining sections are not used for that property. In Listing 1, the [Default] section is parsed first, and then the section that corresponds to the MAC address of the target computer (in this case, [00:0F:20:35:DE:AC] or [00:03:FF:FE:FF:FF]). Table 3 lists the types of property value that can be assigned to the Priority property.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
21
Table 3. Priority Property Value Types and Their Descriptions Priority property value
Description
DefaultGateway
The scripts scan for a section that matches the default gateway IP address of the target computer; for example, a section named [10.1.1.1]. If the section is found, the script scans the section for properties. If the section does not exist, the script continues scanning based on the remaining values in the Priority property.
LocalDataName
Any property known to the scripts can be used to identify a section name in the configuration file. For example, specifying the HostName property causes the script to scan for a section with the target computer host name. Other properties, like MACAddress, can result in multiple section names being checked (because a computer can have multiple MAC addresses).
CustomSection
One or more specific section names can be specified, where CustomSection represents the section name. For example, if MySection were included in the Priority property, the [MySection] section would be searched for any properties not previously found.
Properties Reserved Property The Properties reserved property (shown in Listing 1) defines any custom, user-defined properties to be used in the deployment. These user-defined properties are located by ZTIGather.wsf script in the CustomSettings.ini file (or configuration database). These properties are in addition to the predefined properties in MDT 2008. In Listing 1, CustomProperty is a user-defined property, and ScanStateArgs is a predefined property. For a list of the predefined properties in MDT 2008, see the “Properties” section in the MDT 2008 document, Toolkit Reference.
Values in the CustomSettings.ini File Values are the configuration settings assigned to the properties. Values are preceded by an equal sign (=). The scripts scan the CustomSettings.ini file to locate the values. In Listing 1, the value assigned to the LoadStateArgs property is: /v:5 /c /lac
Basic CustomSettings.ini File for LTI For LTI deployments, Deployment Workbench uses a template version of the CustomSettings.ini file (stored in C:\Program Files\ Workbench\Templates) as a basis for a customized version of the CustomSettings.ini file. The template version of the CustomSettings.ini file is illustrated in Listing 2. The template version in Listing 2 does not contain sufficient settings to successfully deploy Windows Vista to a target computer. However, the file will be further customized using Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
Listing 2. Unmodified CustomSettings.ini File in the Templates Folder [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac The New Deployment Point Wizard in Deployment Workbench will modify this template of the CustomSettings.ini file based on the responses provided. Listing 3 shows the customized version of the CustomSettings.ini file after completing the New Deployment Point Wizard. Listing 3. Customized CustomSettings.ini File Modified by Deployment Workbench [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES The CustomSettings.ini file in Listing 3 contains the property values for all of the target computers to be migrated using this version of the file. This version of the file contains no values that are unique to a specific target computer. For LTI, the target computer–specific configuration values are manually provided during the installation process. Table 4 explains the properties and corresponding values used in Listing 3.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
23
Table 4. Explanation of CustomSettings.ini Properties in Listing 3 Line in CustomSettings.ini
Purpose
[Settings]
Indicates the start of the [Settings] section.
Priority=Default
Establishes the sequence in which the process parses subsections to locate values for the variables. In this example, the [Default] section is the only subsection that is parsed for variables.
Properties=MyCustomProperty Indicates any additional properties to locate. The properties listed here are in addition to the properties listed in ZTIGather.xml. ZTIGather.wsf parses ZTIGather.xml to obtain a list of the properties. [Default]
Indicates the start of the [Default] section.
OSInstall=Y
Indicates that the computer is supposed to perform an operating system deployment.
ScanStateArgs=/v:5 /o /c
Parameters passed to the Scanstate.exe tool in the USMT. These parameters are passed to Scanstate.exe during state capture.
LoadStateArgs=/v:5 /c /lac
Parameters passed to the Loadstate.exe tool in the USMT. These parameters are passed to Loadstate.exe during state restore.
UserDataLocation=NONE
Indicates where the user state migration data should be saved. The value NONE indicates that the user state migration data should not be saved.
SkipAppsOnUpgrade=YES
Indicates whether the Application to be installed during Upgrade page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
SkipCapture=YES
Indicates whether the Specify whether to prompt for image capture page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
SkipAdminPassword=YES
Indicates whether the Allow user to set Administrator Password page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
SkipProductKey=YES
Indicates whether the Allow user to specify a product key page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
For more information on the individual properties, see the corresponding reference section in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Basic CustomSettings.ini File for ZTI For ZTI deployments, Deployment Workbench uses a template version of the CustomSettings.ini file (stored in C:\Program Files\Workbench\Templates) as a basis for a customized version of the CustomSettings.ini file. The template version of the CustomSettings.ini file is illustrated in Listing 4. The template version in Listing 4 does not contain sufficient settings to successfully deploy Windows Vista to a target computer. However, the file will be further customized using Deployment Workbench. Listing 4. Unmodified CustomSettings.ini File in the Templates Folder [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac The New Deployment Point Wizard in Deployment Workbench modifies this template version of the CustomSettings.ini file based on the responses provided. Listing 5 shows the customized version of the CustomSettings.ini file after completing the New Deployment Point Wizard. Listing 5. Customized CustomSettings.ini File Modified by Deployment Workbench [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista The CustomSettings.ini file shown in Listing 5 contains the property values for all of the target computers to be deployed using this version of the file. This version of the file contains no values that are unique to a specific target computer. For ZTI, the target computer–specific configuration values are manually added after running the New Deployment Point Wizard before the installation process begins. Listing 6 shows the version of the CustomSettings.ini file after further customization to include target computer–specific settings. Listing 6. Customized CustomSettings.ini File Customized for Target Computer Settings [Settings] Priority=Default, MACAddress Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
25
Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista Table 5 explains the properties and corresponding values used in Listing 6. Table 5. Explanation of CustomSettings.ini Properties in Listing 6 Line in CustomSettings.ini
Purpose
[Settings]
Indicates the start of the [Settings] section.
Priority=Default, MACAddress
Establishes the sequence in which the process parses subsections to locate values for the variables. In this example, the [Default] section is parsed first, and then the section that corresponds to the MAC address of the target computer (MACAddress). The sections for the target computers ([00:0F:20:35:DE:AC] and [00:03:FF:FE:FF:FF]) contain computerspecific settings.
Properties=MyCustomProperty
Indicates any additional properties to locate. The properties listed here are in addition to the properties listed in ZTIGather.xml. ZTIGather.wsf parses ZTIGather.xml to obtain a list of the properties.
[Default]
Indicates the start of the [Default] section.
OSInstall=Y
Indicates whether the target computer is authorized to have the operating system installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Line in CustomSettings.ini
Purpose
ScanStateArgs=/v:5 /o /c
Parameters passed to the Scanstate.exe tool in the USMT. These parameters are passed to Scanstate.exe during the State Capture Phase.
LoadStateArgs=/v:5 /c /lac
Parameters passed to the Loadstate.exe tool in the USMT. These parameters are passed to Loadstate.exe during state restore.
UserDataLocation=NONE
Indicates where the user state migration data should be saved. The value NONE indicates that the user state migration data should not be saved.
OSDINSTALLSILENT=1
Controls the display of SMS OSD Feature Pack (OSD_wizards). When the property is set to a value of 1, no wizard pages are displayed.
[00:0F:20:35:DE:AC]
Section that contains all the properties and settings that are specific to the target computer with the matching MAC address. In this sample, the target computer has a MAC address of [00:0F:20:35:DE:AC].
[00:03:FF:FE:FF:FF]
Section that contains all the properties and settings that are specific to the target computer with the matching MAC address. In this sample, the target computer has a MAC address of [00:03:FF:FE:FF:FF].
OSDNEWMACHINENAME=HPD530-1 OSDNEWMACHINENAME=BVMXP
Specifies the new computer name to be assigned to the target computer by the SMS 2003 OSD Feature Pack. In this sample the computers names HPD530-1 and BVMXP are assigned to each respective target computer.
OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPACKAGE=NYC00002
Specifies the SMS 2003 OSD Feature Pack package to install on the target computer. In this sample the package names DAL00342 and NYC00002 are assigned to each respective target computer.
OSDINSTALLPROGRAM=CustomVista Specifies the name of the SMS 2003 OSD OSDINSTALLPROGRAM=SpecialVista Feature Pack program to run for the specified package (OSDInstallPackage). In this sample the package names CustomVista and SpecialVista are assigned to each respective target computer. For more information on the individual properties, see the corresponding reference section in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
27
Deployment Customization Guide: Configuration Property Customizations
Identify the BootStrap.ini Syntax In ZTI and LTI deployments, use the BootStrap.ini file to specify property settings before accessing the CustomSettings.ini file. Use the BootStrap.ini file to provide distribution point information, SMS 2003 OSD Feature Pack package and program information, logon credentials, and Windows PE keyboard locale settings. The properties configured in BootStrap.ini help the MDT 2008 scripts locate the appropriate: •
MDT 2008 distribution point.
•
SMS 2003 OSD Feature Pack package and program.
For example, in the New Computer scenario for ZTI, specify the SMS 2003 OSD Feature Pack properties in BootStrap.ini so that the scripts know which SMS 2003 OSD Feature Pack package to use (because CustomSettings.ini is in the package). The syntax of the BootStrap.ini file is identical to the CustomSettings.ini file. The BootStrap.ini file contains a subset of the properties that are used in the CustomSettings.ini file. Table 6 lists the common properties that are configured in BootStrap.ini. Table 6. Common Properties Configured in BootStrap.ini Property name
LTI
DeployRoot
SkipBDDWelcome
UserDomain
UserID
UserPassword
KeyboardLocale
ZTI
OSDInstallSilent
OSDInstallPackage
OSDInstallProgram
Deployment Workbench creates the BootStrap.ini file when a deployment point is created. After the initial creation, make all further customizations manually. Listing 7 shows the BootStrap.ini file that Deployment Workbench creates automatically for deployment point types other than SMS 2003 OSD Feature Pack (OSD), including the lab or single-server deployment (LAB), separate deployment share (Network), and Removable media (Media) deployment types. The BootStrap.ini file in Listing 7 might have to be customized (for example, to add the properties listed in Table 6). Listing 7. BootStrap.ini File As Created by Deployment Workbench for Deployment Point Types Other Than OSD [Settings] Priority=Default [Default] DeployRoot=\\NYC-BDD-01\Distribution$ Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Listing 8 illustrates the BootStrap.ini file that Deployment Workbench creates automatically for SMS OSD Feature Pack deployment points that have been customized to include the OSDInstallSilent, OSDInstallPackage, and OSDInstallProgram properties. Note
The DeployRoot property is not automatically added to an OSD deployment type.
Listing 8. BootStrap.ini File As Created by Deployment Workbench for OSD Type Deployment Points for ZTI-Based Deployments [Settings] Priority=Default [Default] OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=XXX00000 OSDINSTALLPROGRAM=Install
Con figu r ation Pr oper ty Cu stom iz ations MDT 2008 uses wizards to create and manage configuration files. For more information about the standard MDT 2008 configuration files, CustomSettings.ini and BootStrap.ini, see the section, “Configuration Files,” earlier in this guide. However, configuration files can be customized to meet the needs of the organization. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Select the Configuration Properties Before configuring the deployment process, select the properties to reference from the predefined or user-defined properties. The properties selected must include all the configuration settings to be supplied during the deployment process. For ZTI deployments, provide all configuration settings required to deploy the target operating system. For LTI deployments, provide a subset of configuration settings that are provided automatically; the remainder of the settings can be provided manually during the deployment process. The MDT 2008 process occurs in phases that are defined in the TS.xml file. Task Sequencer parses the TS.xml file to identify the appropriate sequence for performing the deployment process. The phases defined in the TS.xml file include: •
Validate Phase. Performs validation checks to make sure that the operating system installation can proceed; specifically blocks installation on server operating systems.
•
State Capture Phase. Gathers information from the configuration file, databases, and the local machine to determine how the image installation process should
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
29
proceed, including whether there is enough space to do a local USMT state backup. The scripts also invoke the USMT Scanstate.exe command as appropriate. •
Preinstall Phase. Confirms that the necessary information has been gathered in the State Capture Phase for the Refresh Computer and Upgrade Computer scenarios. In the New Computer and Replace Computer scenarios, the script gathers the necessary information in this phase because these scenarios do not perform the State Capture Phase. Also, a backup of the computer can be optionally performed for the Refresh Computer and Upgrade Computer scenarios.
•
Install Phase. Installs the target operating system on the target computers.
•
Post Install Phase. Updates the Sysprep.inf file, Sysprep.xml file, or Unattend.txt file with information gathered in the previous custom actions based on the operating system being deployed.
•
State Restore Phase. Invokes the USMT Loadstate.exe command to restore the user state that was previously backed up.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
The TS.xml file identifies the appropriate steps in each phase based on each type of deployment scenario (Upgrade Computer, Refresh Computer, Replace Computer, and New Computer). In addition, the TS.xml file identifies the steps that are run only for deployments based on the SMS 2003 OSD Feature Pack (used in ZTI only). Select the properties required during each phase of the deployment process. For more information on each of the properties used in each phase, see the section, “Properties,” in the MDT 2008 document, Toolkit Reference.
Select the Validate Phase Properties Currently, there are no properties that are specific to the Validate Phase.
Select the State Capture Phase Properties During the State Capture Phase, the user state migration information is captured and saved either locally on the target computer or to a network shared folder. The following properties are commonly used during the State Capture Phase: •
ScanStateArgs
•
UDShare
•
UDDir
•
UDProfiles
•
UserDataLocation
•
USMTMigFiles
Select the Preinstall Phase Properties During the Preinstall Phase, the scripts can initiate a backup of the target computer to a local drive or to a network shared folder. The following properties are commonly used during the Preinstall Phase: •
BackupDir
•
BackupShare
•
ComputerBackupLocation
•
DoCapture
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
31
Select the Install Phase Properties During the Install Phase, the appropriate operating system image is deployed to the target computer. The following properties are commonly used during the Install Phase: •
BackupDir
•
BackupShare
•
OSDInstallPackage
•
OSDInstallProgram
•
OSDInstallSilent
Select the Post Install Phase Properties During the Post Install Phase, the appropriate operating system image is deployed to the target computer. The following properties are commonly used during the Post Install Phase: •
BackupDir
•
ComputerName
•
OSDNewMachineName
Select the State Restore Properties During the State Restore Phase, the user state migration information is captured and saved either locally on the target computer or to a network shared folder. The following properties are used during the State Restore Phase: •
ScanStateArgs
•
UDShare
•
UDDir
•
UDProfiles
•
UserDataLocation
•
USMTMigFiles
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppl ying the Pr oper ti es t o Gr oups of C ompu ter s Whenever possible, use group-based rules to apply most computer configuration settings. Group-based rules allow the same configuration settings to be applied to a group of client computers. After applying group-based rules, computer-specific configuration settings can be supplied using computer-based rules. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Select the Method for Grouping Computers Different methods can be used to group client computers. After determining how to group the computers, select the appropriate properties to help group them. Using the processing rules in MDT 2008, group computers based on any property that might be applied to a group of computers (such as Make, Model, or DefaultGateway). Table 7 lists methods of grouping computers, a description of the method, and the properties that can be used to group the computers. Table 7. Methods for Grouping Computers Grouping method
Description
Properties
Geographically
Group configuration settings based on resources located within a geographic region (such as a shared folder on a computer within a geographic region).
DefaultGateway
Target computer hardware attributes
Group configuration settings based Architecture on hardware attributes (such as the CapableArchitecture make of the computer or processor architecture of the target computer). Make Model HALName
Target computer software attributes
Group configuration settings based on hardware attributes (such as the operating system version of the target computer).
OSVersion
Default attributes
Apply configuration settings to all target computers when the properties are not in other sections.
Default
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Applying the Properties to Groups of Computers
33
In most instances, computer groupings can be nested. For example, the DefaultGateway property can be used to designate the IP subnets on which a computer resides within a geographic location. Define locations using the user-defined properties in the [DefaultGateway] section, as shown in Listing 9. Note A variety of methods can be used to group computers by hardware configuration, and the script will search for the substituted value regardless. For instance, if a Priority=Make is specified, the script substitutes the value for Make that it determines through a Windows Management Instrumentation (WMI) call and will look for the corresponding section—for example, [Dell Computer Corporation].
Example: Computer Groupings Selected by Woodgrove Bank Listing 9 shows an example of how the fictional company, Woodgrove Bank, used [DefaultGateway] to designate the configuration settings for a specific location. Three subnets (172.16.0.3, 172.16.1.3, and 172.16.2.3) reside within the NYC location. A separate section, [NYC], includes the configuration settings that are specific to the NYC location. Similar sections exist for the DALLAS and WASHINGTON locations. This is a special case that allows multiple default gateways to point to the same section. In many environments, a one-to-one mapping might be expected between the [DefaultGateway] section and a corresponding section. Listing 9. Using [DefaultGateway] to Designate Location-Specific Configuration Settings [DefaultGateway] 172.16.0.3=NYC 172.16.1.3=NYC 172.16.2.3=NYC 172.16.111.3=DALLAS 172.16.112.3=DALLAS 172.16.116.3=WASHINGTON 172.16.117.3=WASHINGTON [NYC] UDShare=\\NYC-AM-FIL-01\MigData SLShare=\\NYC-AM-FIL-01\Logs Packages1=NYC00010-Install Packages2=NYC00011-Install Administrator1=WOODGROVEBANK\NYC Help Desk Staff [DALLAS] UDShare=\\DAL-AM-FIL-01\MigData SLShare=\\DAL-AM-FIL-01\Logs Administrator1=WOODGROVEBANK\DAL Help Desk Staff Note The complete source for the CustomSettings.ini file used in these examples can be found in the section, “Basic CustomSettings.ini File for ZTI,” earlier in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Apply the Properties to the Groups After identifying how to group configuration settings, determine which properties and corresponding configuration settings to apply to each group. Properties that can be grouped are properties that can be applied to multiple computers. Some examples of properties that are typically applied to groups of computers include: •
BackupDir
•
BackupShare
•
CaptureGroups
•
ComputerBackupLocation
•
Packages
•
SLShare
•
UDDir
•
UDShare
•
UDProfiles
Properties that are not applied to groups of computers are those specific to a particular computer. Examples of properties that are not appropriate to apply to groups of computers include: •
AssetTag
•
HostName
•
IPAddress
•
OSDNewMachineName
•
SerialNumber
Example: Group-Based Configuration Settings Selected by Woodgrove Bank Listing 9 showed an example in which Woodgrove Bank selects group-based configuration settings: •
In the NYC and DALLAS locations, UDShare, SLShare, and Administrator1 are specified for each location.
•
The servers that UDShare and SLSShare (NYC-AM-FIL-01 and DAL-AM-FIL-01) reference are within each respective location.
•
The Administrator accounts that Administrator1 (WOODGROVEBANK\NYC Help Desk Staff and WOODGROVEBANK\DAL Help Desk Staff) reference are unique to each respective location.
•
In NYC, location-specific packages are designated by Packages1 and Packages2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppl ying the Pr oper ti es t o Ind ivi dual Co mpute r s After determining the groupings of target computers and configuration settings to be applied to each group, determine the method for identifying individual computers and the configuration settings to assign to each computer. The rules for target computers allow the override or augmentation of group-based processing rules based on the priority of the computer-based rules. For more information about determining the priority of processing rules, see the section, “Priority Reserved Property,” earlier in this guide. Whenever possible, use group-based rules for most client computer configuration settings. Group-based rules allow the same configuration settings to be applied to a group of computers. After applying group-based rules, computer-specific configuration settings can be applied using computer-based rules.
Select the Methods for Identifying Computers As when grouping computers, more than one method is available for identifying individual computers. After selecting the method for identifying an individual target computer, select the appropriate properties. The processing rules allow the grouping of computers based on any property that might be applied to a group of computers (such as AssetTag, MACAddress, UUID, and so on). Table 8 lists the methods of identifying individual computers, a description of the method, and the properties that can be used to identify the individual computers. Table 8. Methods for Identifying Individual Computers Identification method
Description
Properties
Target computer hardware attributes
Identify the target computer using the hardware configuration.
MACAddress
Target computer software attributes
Identify the target computer using the software or firmware configuration.
Product (in conjunction with Make and Model)
Identify the target computer using attributes that are assigned to the computer but are not a part of the hardware or software configuration.
AssetTag
Target computer userdefined attributes
Solution Accelerators
UUID SerialNumber
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Example: Computer Identification Method Selected by Woodgrove Listing 10 shows an example of how Woodgrove Bank identified computer-based configuration settings. In this instance, Woodgrove used the MAC address of the computer to identify the corresponding configuration settings for the computer (for example, 00:03:FF:CB:4E:C2 and 00:0F:20:35:DE:AC). The configuration settings for each computer are listed immediately after the section that corresponds to the computer's MAC address. Listing 10. How Woodgrove Identified Client Computers [00:03:FF:CB:4E:C2] ComputerName=WasW2K OverRideProductKey= TTTTT-VVVVV-WWWWW-XXXXX-YYYYY [00:0F:20:35:DE:AC] ComputerName=HPD530-1 OverRideProductKey= AAAAA-BBBBB-CCCCC-DDDDD-EEEEE [00:03:FF:FE:FF:FF] ComputerName=BVMXP OverRideProductKey= 11111-22222-33333-44444-55555
Example: Computer-Based Configuration Settings Selected by Woodgrove Listing 10 also shows the computer-based configuration settings that Woodgrove Bank selected. Table 9 lists the computer-specific configuration settings applied to each computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Applying the Properties to Individual Computers
37
Table 9. Woodgrove Client Computers and the Corresponding Configuration Settings Target computer
Settings and description
[00:03:FF:CB:4E:C2]
ComputerName is the name of the computer after
deployment; in this case, WasW2K. OverRideProductKey is the product key to be assigned to
the computer; in this case, TTTTT-VVVVV-WWWWWXXXXX-YYYYY. [00:0F:20:35:DE:AC]
ComputerName is the name of the computer after
deployment; in this case, HPD530-1. OverRideProductKey is the product key to be assigned to
the computer; in this case, AAAAA-BBBBB-CCCCCDDDDD-EEEEE. [00:03:FF:FE:FF:FF]
ComputerName is the name of the computer after
deployment; in this case, BVMXP. OverRideProductKey is the product key to be assigned to
the computer; in this case, 11111-22222-33333-4444455555.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he D atabase Use the configuration database to store the configuration settings referenced by the CustomSettings.ini file. Using the configuration database is appropriate when the target computers have a high-speed, persistent connection to the server running SQL Server on which the configuration database is stored. Otherwise, make all configuration settings in CustomSettings.ini. For more information about the configuration database, see the section, “Configuration Database,” earlier in this guide. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu r ation Rule s MDT 2008 scripts configure computer settings based on rules and configuration settings stored in the CustomSettings.ini file. During the Microsoft Solutions Framework (MSF) Planning Phase, the appropriate processing rules to use in the organization were defined. Now, configure those rules in the CustomSettings.ini file or in the configuration database. To configure the processing rules 58. Configure the rules in CustomSettings.ini. 59. Configure the rules in the Deployment Workbench database (DWDB). 60. Modify the list of incompatible basic input/output system (BIOS) versions. 61. Modify the task sequence for a build. 62. Modify the driver groups included in a build. 63. Update deployment processing rules.
Configure the Rules in the CustomSettings.ini File Configure rules in the CustomSettings.ini file. Modify the CustomSettings.ini file based on the rules determined during the MSF Planning Phase. The template version of the CustomSettings.ini file, along with the organization’s rules, becomes the customized CustomSettings.ini file. Depending on the environment, the CustomSettings.ini template may need to be customized for LTI deployments only. For LTI deployments, configuring group-based settings might be sufficient. For ZTI deployments, add configuration settings unique to a specific client computer. These configuration settings can be in addition to or instead of the group-based rules.
Configure the Rules in the DWDB Use Deployment Workbench to configure the rules for LTI and ZTI deployments in the DWDB. The benefits of using the DWDB include: •
It has a more generic version of CustomSettings.ini. Storing the configuration settings in the DWDB removes most of the detail from the CustomSettings.ini file. This change helps make the CustomSettings.ini file more generic so that the same file can be used in multiple deployment points.
•
It is a centralized repository for all property configuration settings. Centralizing the configuration for all property settings ensures consistency across all deployment points.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
40
To configure the rules in the configuration database 64. Configure the property values in the DWDB on the Database node in Deployment Workbench. 65. Configure CustomSettings.ini to include the appropriate database queries for returning the property values stored in the DWDB.
Configure the Property Values in the DWDB The configuration of the property values in the database is organized by the method for applying the properties to the target computers. A node beneath the Database node in Deployment Workbench represents each method, as listed in Table 10. Table 10. Nodes Beneath the Database Node in Deployment Workbench Node
Use this node to define
Computers
Specific target computers based on the AssetTag, UUID, SerialNumber, and MACAddress properties. Associate property settings, applications, packages, roles, and Administrator-level accounts with a computer.
Roles
A group of computers based on the tasks performed by the users of the target computers (using the Role property). Associate property settings, applications, packages, and Administrator-level accounts with a role.
Locations
A group of computers using the DefaultGateway property of the target computers to identify a geographic location. Associate property settings, applications, packages, roles, and Administratorlevel accounts with a location.
Make and Model
A group of computers using the Make and Model properties of the target computers. Associate property settings, applications, packages, roles, and Administrator-level accounts with target computers that are of the same make and model.
Note Create the items on the Roles node before creating items beneath the other nodes (Computers, Locations, and Make and Model), because items on the other nodes can be associated with roles.
Create a New Roles Item To create a new Roles item, perform the following steps: 66. Start Deployment Workbench. 67. In the console tree, expand Deploy, expand Database, and then click Roles. 68. In the console tree, right-click Roles, and then click New. 69. In the Properties dialog box, on the Identity tab, in the Role name box, type role_name (where role_name is the name of the role). 70. Click the Details tab, and then configure the relevant property values identified earlier in the process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
41
71. Click the Applications tab, and then configure the applications to install and the order of the application installation. 72. Click the Packages tab, and then configure the packages to install and the order of the package installation. 73. Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Create a New Computers Item To create a new Computers item, perform the following steps: 74. Start Deployment Workbench. 75. In the console tree, expand Deploy, expand Database, and then click Computers. 76. In the console tree, right-click Computers, and then click New. 77. In the Properties dialog box, on the Identity tab, type the information listed in Table 11. Table 11. Information to Complete the Identity Tab for a New Computers Item In this box
Type
Description
The user-friendly description of the computer.
Asset tag
The asset tag or inventory control tag assigned to the computer.
UUID
The universally unique identifier (UUID) assigned to the target computer.
Serial number
The serial number assigned to the target computer.
MAC address
The MAC address assigned to the target computer.
For more information about the values for asset tag, UUID, serial number, and MAC address, see the AssetTag, UUID, SerialNumber, and MACAddress properties in the MDT 2008 document, Toolkit Reference. 78. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 79. Click the Applications tab, and then configure the applications to install and the order of the application installation. 80. Click the Packages tab, and then configure the packages to install and the order of the package installation. 81. Click the Roles tab, and then configure the roles to associate with the computer. 82. Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
42
Create a New Locations Item To create a new Locations item, perform the following steps: 83. Start Deployment Workbench. 84. In the console tree, expand Deploy, expand Database, and then click Locations. 85. In the console tree, right-click Locations, and then click New. 86. In the Properties dialog box, on the Identity tab, in the Location box, type location_name (where location_name is the user-friendly name to associate with the location) 87. In the Properties dialog box, on the Identity tab, in the Default gateways box, type the IP addresses for all default gateways that exist within the location. 88. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 89. Click the Applications tab, and then configure the applications to install and the order of the application installation. 90. Click the Packages tab and then configure the packages to install and the order of the package installation. 91. Click the Roles tab, and then configure the roles to associate with the computer. 92. Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Create a New Make and Model Item To create a new Make and Model item, perform the following steps: 93. Start Deployment Workbench. 94. In the console tree, expand Deploy, expand Database, and then click Make and Model. 95. In the console tree, right-click Make and Model, and then click New. 96. In the Properties dialog box, on the Identity tab, in the Make box, type make_name (where make_name is the user-friendly name to associate with the make of the manufacturer of the target computer). 97. In the Model box, type model_name (where model_name is the user-friendly name to associate with the model of the target computer). 98. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 99. Click the Applications tab, and then configure the applications to install and the order of the application installation. 100.Click the Packages tab, and then configure the packages to install and the order of the package installation. 101.Click the Roles tab, and then configure the roles to associate with the computer. 102.Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
43
Configure CustomSettings.ini for Database Queries After configuring the property values in the database, configure the CustomSettings.ini files to perform the appropriate database queries. Do so using the Configure DB Wizard in Deployment Workbench. Run the Configure DB Wizard for each deployment point defined in Deployment Workbench that will be updated. To configure CustomSettings.ini for database queries using the Configure DB Wizard in Deployment Workbench 103.Start Deployment Workbench. 104.In the console tree, expand Deploy, and then click Deployment Points. 105.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard starts. 106.Complete the Select computer query options page using the information in Table 12, and then click Next. Table 12. Information to Complete the Select Computer Query Options Wizard Page Select this check box
To
Query for computer-specific settings
Query the settings configured on the Details tab of the Properties dialog box of the computer item.
Query for roles assigned to this computer
Query the roles associated with the computer on the Roles tab of the Properties dialog box of the computer item.
Query for applications to be installed on this computer
Query the applications to be installed on the computer as configured on the Applications tab of the Properties dialog box of the computer item.
Query for Systems Management Server packages to be installed on this computer
Query the packages to be installed on the computer as configured on the Packages tab of the Properties dialog box of the computer item.
Query for administrators to be assigned to this computer
Query the accounts that are to be made members of the local Administrators group on the target computer as configured on the Administrators tab of the Properties dialog box of the computer item.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
44
107.Complete the Select role query options page using the information in Table 13, and then click Next. Table 13. Information to Complete the Select Role Query Options Wizard Page Select this check box
To
Query for role-specific settings Query the settings configured on the Details tab of the Properties dialog box of the role item. Query for applications to be installed for this role
Query the applications to be installed on computers that perform this role, as configured on the Applications tab of the Properties dialog box of the role item.
Query for Systems Management Server packages to be installed for this role
Query the packages to be installed on computers that perform this role as configured on the Packages tab of the Properties dialog box of the role item.
Query for administrators to be assigned for this role
Query the accounts that are to be made members of the local Administrators group on computers that perform this role as configured on the Administrators tab of the Properties dialog box of the role item.
108.Complete the Select location query options page using the information in Table 14, and then click Next. Table 14. Information to Complete the Select Location Query Options Wizard Page Select this check box
To do this
Query for location names based on default gateways
Query for location names based on the IP addresses of the default gateways configured on the Identity tab of the Properties dialog box of the location item.
Query for location-specific settings
Query the settings configured on the Details tab of the Properties dialog box of the location item.
Query for roles assigned for this location
Query the roles associated with the location on the Roles tab of the Properties dialog box of the location item.
Query for applications to be installed for this location
Query the applications to be installed on the target computers within the location configured on the Applications tab of the Properties dialog box of the location item.
Query for Systems Management Server packages to be installed for this location
Query the packages to be installed on the target computers within the location as configured on the Packages tab of the Properties dialog box of the location item.
Query for administrators to be assigned for this location
Query the accounts that are to be made members of the local Administrators group on the target computers within the location as configured on the Administrators tab the Properties dialog box of the location item.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
45
109.Complete the Select make and model query options page using the information in Table 15, and then click Finish. Table 15. Information to Complete the Select Make and Model Query Options Wizard Page Select this check box
To
Query for model-specific settings
Query the settings configured on the Details tab on the Properties dialog box of the make and model item.
Query for roles assigned to computers with this make and model
Query the roles associated with the make and model on the Roles tab of the Properties dialog box of the make and model item.
Query for applications to be installed on computers with this make and model
Query the applications to be installed on the target computers with the make and model as configured on the Applications tab of the Properties dialog box of the make and model item.
Query for Systems Management Server packages to be installed on computers with this make and model
Query the packages to be installed on the target computers with the make and model as configured on the Packages tab of the Properties dialog box of the make and model item.
Query for administrators to be Query the accounts that are to be made assigned to machines with this members of the local Administrators group on make and model the target computer with the make and model as configured on the Administrators tab of the Properties dialog box of the make and model item. When the Configure DB Wizard has finished, the CustomSettings.ini file is configured to perform the selected queries. Listing 11 provides an example of the CustomSettings.ini file after the Configure DB Wizard has finished. Listing 11. The CustomSettings.ini File After the Configure DB Wizard Has Finished [Settings] Priority=CSettings, CPackages, CApps, CAdmins, CRoles, Locations, LSettings, LPackages, LApps, LAdmins, LRoles, MMSettings, MMPackages, MMApps, MMAdmins, MMRoles, RSettings, RPackages, RApps, RAdmins, Default Properties=MyCustomProperty [Default] OSInstall=Y UserDataLocation=NETWORK SkipAppsOnUpgrade=YES SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
[CSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerSettings Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerPackages Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CApps] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerApplications Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerAdministrators Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
47
[CRoles] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [Locations] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=Locations Parameters=DefaultGateway [LSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationSettings Parameters=DefaultGateway [LPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationPackages Parameters=DefaultGateway Order=Sequence [LApps] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
SQLShare=SMSClient Table=LocationApplications Parameters=DefaultGateway Order=Sequence [LAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationAdministrators Parameters=DefaultGateway [LRoles] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationRoles Parameters=DefaultGateway [MMSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelSettings Parameters=Make, Model [MMPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelPackages Parameters=Make, Model Order=Sequence [MMApps] Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
49
SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelApplications Parameters=Make, Model Order=Sequence [MMAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelAdministrators Parameters=Make, Model [MMRoles] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelRoles Parameters=Make, Model [RSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RoleSettings Parameters=Role [RPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RolePackages Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
50
Parameters=Role Order=Sequence [RApps] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RoleApplications Parameters=Role Order=Sequence [RAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RoleAdministrators Parameters=Role For more information about: •
Customizing the configuration database, see: •
“Automating Deployment to a Specific Computer” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
“Automating Deployment by Location” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
“Automating Deployment by Computer Make and Model” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
“Automating Deployment by Role” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
Each property, see the corresponding section for each property in the section, “Properties,” in the MDT 2008 document, Toolkit Reference.
•
The tables and views in the configuration database, see the section, “Tables and Views in the Deployment Workbench Database,” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
51
Modify the List of Incompatible BIOS Versions The default task order for a task sequence includes the Check BIOS task in the NonReplace group in the Validation group. The Check BIOS task runs the ZTIBIOSCheck.wsf script. The ZTIBIOSCheck.wsf script checks the BIOS version of the target computers against the list of incompatible BIOS versions in the ZTIBIOSCheck.xml file. Modify the ZTIBIOSCheck.xml file to contain the list of BIOS versions that are incompatible with the target operating system in the operating system build. Modify ZTIBIOSCheck.xml for each task sequence created in Deployment Workbench. The ZTIBIOSCheck.xml file is stored in the distribution_point\task_sequence_id\TS.xml file (where distribution_point is the name of the folder that is the root of the distribution point, and task_sequence_id is the name of the task sequence ID listed in Deployment Workbench). Update the attributes in the ZTIBIOSCheck.xml file listed in Table 16 for each incompatible BIOS version. Table 16. Attributes to Update in the ZTIBIOSCheck.xml File Attribute
Description
Description
Text description of the target computer that has an incompatible BIOS version, including any references to possible updates to the BIOS version.
Computer Manufacturer
Manufacturer of the target computer with an incompatible BIOS version. This value must match the value stored in the BIOS.
Model
Model of the target computer with an incompatible BIOS version. This value must match the value stored in the BIOS.
Date
Date of the BIOS of the target computer with an incompatible BIOS version. This value must match the value stored in the BIOS.
The ZTIBIOSCheck.xml file contains the source for a script (ZTIBIOS_Extract_Utility.vbs) that can help extract the attributes listed in Table 17. To use the ZTIBIOS_Extract_Utility.vbs utility to extract attributes on a target computer 110.Start Notepad. 111.Copy the script source from ZTIBIOSCheck.xml file into Notepad. 112.Save the script source in Notepad as ZTIBIOS_Extract_Utility.vbs. 113.Run ZTIBIOS_Extract_Utility.vbs on a target computer that has an incompatible BIOS. 114.Update ZTIBIOSCheck.xml to include the BIOS based on the attributes retrieved in the previous steps.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
52
Modify the Task Sequence For each task sequence defined in MDT 2008, modify the sequence of tasks defined in Deployment Workbench. The Task Sequencer that MDT 2008 uses runs this task sequence. Using Deployment Workbench, the following tasks can be performed: •
Add new tasks.
•
Modify existing tasks.
•
Remove existing tasks.
•
Change the sequence of tasks.
•
Group one or more tasks together.
•
Specify conditions for running a task. Note Although the TS.xml file can be modified directly, it is recommended that the task sequence be modified using Deployment Workbench.
To modify the task sequence 115.Start Deployment Workbench. 116.In the console tree, expand Task sequences. 117.In the details pane, right-click task_sequence_id (where task_sequence_id is the task sequence to modify), and then click Properties. 118.Click the Task Sequence tab, and then modify the task sequence by performing the relevant actions listed in Table 17. Table 17. Actions to Modify the Task Sequence Action
Step
Add a new task
Click Add, and then click Task.
Add a new group
Click Add, and then click Group.
Add a reboot step
Click Add, and then click Reboot.
Add an application to be installed
Click Add, click Application, and then click name (where name is the name of the application to install).
Remove an existing task
Click task (where task is the task to remove), and then click Remove.
Remove a group
Click group (where group is the group to remove), and then click Remove. Note Removing a group removes all tasks and subgroups within the group.
Remove a reboot step
Click reboot (where reboot is the reboot step to remove), and then click Remove.
Remove an application Click application (where application is the application to to be installed remove), and then click Remove.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
53
Action
Step
Change the sequence
Click item (where item is the task, group, reboot step, or application to move to earlier or later in the sequence), and then click direction (where direction is Up or Down, with Up causes the item to occur earlier in the sequence, and Down causes the item to occur later in the sequence).
Modify the properties of a group
Click group (where group is the name of the group to modify), click the Properties tab, and then modify the following boxes as appropriate:
Modify the properties of a task
Modify the options of a group
•
Name. User-friendly name to be associated with the group.
•
Description. Text that describes the purpose of the group.
Click task (where task is the name of the task to modify), click the Properties tab, and then select the following check boxes as appropriate: •
Name. User-friendly name to be associated with the group.
•
Description. Text to describe the purpose of the task.
•
Command line. The program to be run by the task, including any parameters.
•
Start in. The default folder in which to run the program specified in the Command line box.
Click group (where group is the name of the group to modify), click the Options tab, and then select the following check boxes as appropriate: •
Disable this step. Select this check box to disable all the tasks within the group.
•
Continue on error. Select this check box to enable all tasks within the group to continue to run if a task encounters an error.
•
Conditions. Add criteria for determining when the group of tasks should (or should not) be run. Use the Add, Remove, and Edit buttons to modify the conditions under which the group of tasks is run. The criteria can be based on: •
An IF statement.
•
A task sequence variable.
•
The version of the target operating system.
•
A WMI Query Language (WQL) within a WMI namespace.
Note Any conditions configured for a group affect all of the tasks within a group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
54
Action
Step
Modify the options of a task
Click task (where task is the name of the task to modify), click the Options tab, and then select the following check boxes as appropriate: •
Disable this step. Select this check box to disable all tasks within the group.
•
Success codes. List of the return codes from the program (specified in the Command line box) that indicate the program completed successfully.
•
Continue on error. Select this check box to enable all tasks within the group to continue to run if a task encounters an error.
•
Conditions. Add criteria for determining when the group of tasks should (or should not) be run. Use the Add, Remove, and Edit buttons to modify the conditions under which the group of tasks is run. The criteria can be based on: •
An IF statement.
•
A task sequence variable.
•
The version of the target operating system.
•
A WQL within a WMI namespace.
119.When finished modifying the task sequence, click OK. For LTI deployments, any applications installed during the deployment process cannot restart the computer during the installation process. If the installation process for the application restarts the computer, the Task Sequencer returns a failure code, and the deployment process is terminated. For instances in which the computer must be restarted, use the Reboot task in the Task Sequencer instead of allowing the application installation process to perform a restart. For ZTI deployments, no restarts are allowed. Caution Do not allow an application to restart the computer. MDT 2008 must control restarts, or the task sequence will fail. Use the command-line property REBOOT=REALLYSUPPRESS to prevent some Windows Installer–based applications from restarting, for example. To cause MDT 2008 to restart the computer after installing an application, in the Deployment Workbench Application Properties dialog box, select the Reboot the computer after installing this application check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Disk Cu sto miz ations IT personnel can create multiple disks, formats, and partitions; convert to dynamic disks; and enable Windows BitLocker™ Drive Encryption on disks. These are just a few of the available options in Systems Management Server and System Center Configuration Manager.
Format and Partition Disks Using the Task Sequence Editor, disks can be added, edited, and deleted; new disks formatted and partitioned; conditions placed upon the task; and this step disabled. These tasks are set using either the Properties tab or the Options tab. Table 18 lists all Format and Partition Disks properties and their associated range of values on the Properties tab. Table 19 lists all options and their associated purposes on the Options tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
56
Table 18. Format and Partition Disk Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Disk Number
Selectable from 0 to 99.
Disk Type
Standard (MBR). A standard master boot record (MBR)–based hard disk can contain up to four primary partitions or three primary partitions and one extended partition. The extended partition can include additional logical drives. MBR begins with the Master Boot Code, which contains an executable binary for identifying and booting the active partition. In contrast, GUID Partition Table (GPT) relies on the extended capabilities of Extensible Firmware Interface (EFI) for these processes. An MBR entry begins the disk for protective and compatibility purposes; the GPT itself begins with the partition table header. GUID Partition Table. The GPT is a standard for the layout of the partition table on a physical hard disk. It is part of the EFI standard proposed by Intel as a replacement for the outdated PC BIOS, one of the few remaining relics of the original IBM PC. EFI uses GPT, and BIOS uses an MBR. GPT uses modern logical block addressing (LBA) in place of the cylinder-head-sector (CHS) addressing used with MBR. Legacy MBR information is contained in LBA 0, the GPT header is in LBA 1, and the partition table itself follows. In 64-bit Windows operating systems, 16,384 bytes (or 32 sectors) are reserved for the GPT, making LBA 34 the first usable sector on the disk. GPT also provides redundancy. The GPT header and partition table are written at both the beginning and the end of the disk. For additional information, see:
Volume
•
Windows and GPT FAQ at http://www.microsoft.com/whdc/device/storage/GPT_FAQ.ms px.
•
Using GPT Drives at http://www.microsoft.com/whdc/device/storage/GPT-onx64.mspx.
This property lists all available partitions. New partitions can be created or deleted, partitions can be sorted, and partition properties can be edited. At least one partition must exist.
Volume mount points have been supported since the introduction of NTFS file system version 5.0 in the Microsoft Windows 2000 operating system. They are specialized NTFS file system objects, which are used to mount and provide an entry point to other partitions. Mount points can be created in any folder and are surfaced as normal folders; accessing them provides a reference to the root folder of the mounted partition. Any empty folder can be converted to a mount point. The mounted partition is not limited to the NTFS file system but can be formatted with any file system that the Windows operating system supports.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Disk Customizations
57
For more information about volume mount points, see: •
The section “File System” in the Windows 2000 Professional Resource Kit at http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/prork/prdf_fls_ ogex.mspx?mfr=true.
•
The Microsoft Help and Support article “How to create and use NTFS mounted drives in Windows XP and in Windows Server 2003” at http://support.microsoft.com/kb/307889.
Table 19. Format and Partition Disk Options Tab Option
Purpose
Disable the Step
To disable the Format and Partition Disk task, select the Disable the Step check box. To enable the Format and Partition Disk task, clear the Disable the Step check box.
Continue on Error
To enable the Format and Partition Disk task to proceed in the event of an error, select the Continue on error check box. To stop the Format and Partition Disk task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Format and Partition Disk task.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
58
Convert Disks to Dynamic Using this task option, disks can be converted to dynamic, conditions placed upon the task, and this step disabled. These tasks are set using either the Properties tab or the Options tab. Dynamic disks offer advantages over basic disks. Basic disks use the original MSDOS®–style MBR partition tables to store primary and logical disk partitioning information. Dynamic disks use a private region of the disk to maintain a Logical Disk Manager (LDM) database. The LDM database contains volume types, offsets, memberships, and drive letters of each volume. The LDM database is also replicated, so each dynamic disk is aware of every other dynamic disk configuration. This feature makes dynamic disks more reliable and recoverable than basic disks. Table 20 lists all Convert Disks to Dynamic properties and their associated range of values on the Properties tab. Table 21 lists all options and their associated purposes on the Options tab. Table 20. Convert Disk to Dynamic Properties Tab Property
Value
Type
Not editable
Name
Name of the task; editable, 50-character limit
Description
Description of the task; editable, 125-character limit
Disk Number
Selectable from 0 to 99
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Disk Customizations
59
Table 21. Convert Disk to Dynamic Options Tab Option
Purpose
Disable the Step
To disable the Convert Disk to Dynamic task, select the Disable the Step check box. To enable the Convert Disk to Dynamic task, clear the Disable the Step check box.
Continue on Error
To enable the Convert Disk to Dynamic task to proceed in the event of an error, select the Continue on Error check box. To stop the Convert Disk to Dynamic task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Convert Disk to Dynamic task.
Enable Windows BitLocker Drive Encryption Use this task to enable the BitLocker task. Windows BitLocker Drive Encryption is a full disk encryption feature included in the Windows Vista and the Windows Server 2008 operating systems. It is designed to protect data by providing encryption for entire volumes. By default, it uses the Advanced Encryption Standard (AES), also known as Rijndael, a block cipher adopted as an encryption standard by the U.S. government. The AES algorithm in Cipher-block Chaining (CBC) mode with a 128-bit key is often combined with the Elephant diffuser for additional security. Windows BitLocker Drive Encryption is available only in Windows Vista Enterprise, Windows Vista Ultimate, and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
60
Enabling Windows BitLocker Drive Encryption Methods There are three ways to enable Windows BitLocker Drive Encryption: •
Enable the BitLocker task in the task sequence, as detailed in Table 22. Table 22. Enable BitLocker Task in the Task Sequence Steps to Enable the BitLocker Task in the task sequence q
Enable the task in the created task sequence, if this has not yet been done.
q
Make sure the BdeInstallSuppress property is set as NO (in upper case). This can be set in CustomSettings.ini or a new task sequence variable created.
q
Select the option for setting up Windows BitLocker Drive Encryption on the client computers: •
Trusted Platform Module (TPM)
•
StartupKey: Store key on a drive (hard disk or USB flash drive [UFD])
•
TPM with Startup key (hard disk/UFD)
q
Select the option to create a recovery key in Active Directory® Domain Services (AD DS), or to not create one.
q
Select the option to wait for Windows BitLocker Drive Encryption to complete before running other tasks in Task Sequencer, or to not wait.
q
Set the partition in the Format and Partition task. This is needed in NewComputer scenarios, and not in Refresh/Upgrade scenarios. The most common configurations are: •
One partition: 100%
•
One partition and some unallocated space
•
In the Windows Deployment Wizard, configure the BitLocker page. This requires that the Enable BitLocker task be enabled in the task sequence being used for deployment.
•
Windows BitLocker Drive Encryption can also be enabled within the CustomSettings.ini file by setting these properties: •
BDEInstall=TPM
•
BdeInstallSuppress=NO
•
BDeWaitForEncryption=False
•
BDEDriveSize=2000
•
BDEDriveLetter=S:
•
BDEKeyLocation=C:
For more information about enabling Windows BitLocker Drive Encryption, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide. Also see BitLocker Drive Encryption Frequently Asked Questions at http://technet2.microsoft.com/WindowsVista/en/library/58358421-a7f5-4c97-ab412bcc61a58a701033.mspx?mfr=true. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Disk Customizations
61
Disable Windows BitLocker Drive Encryption Windows BitLocker Drive Encryption provides low-level encryption of the contents of a disk volume. Use the Disable BitLocker task sequence step to disable the Windows BitLocker Drive Encryption on the current operating system drive or on a specific drive. For information about disabling Windows BitLocker Drive Encryption, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ne tw or k C us tom iza tion s The following section describes how to use the Task Sequence Editor in System Center Configuration Manager to configure the network settings of a target computer. The Task Sequence Editor network settings section is composed of two primary sections: •
Capture Network Settings. Use this setting to customize the capture of network settings from a target computer.
•
Apply Network Settings. Use this setting to customize the application of network settings to a target computer. Note Capture Network Settings always take precedence over the statically assigned values in Apply Network Settings.
Capture Network Settings Table 23 lists all Capture Network Settings properties and their associated range of values on the Properties tab. Table 24 lists all options and their associated purposes on the Options tab. Table 23. Capture Network Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Migration
In this section, select both options, either option, or neither option: •
Migrate domain and workgroup membership. Select this option to migrate domain and workgroup memberships. Otherwise, clear this option.
•
Migrate network adapter configuration. Select this option to migrate network and adapter configurations. Otherwise, clear this option.
Table 24. Capture Network Settings Options Tab Option
Purpose
Disable the Step
To disable the Capture Network Settings task, select the Disable the Step check box. To enable the Capture Network Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Capture Network Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Capture Network Settings task in the event of an error, clear the Continue on Error check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Network Customizations
63
Option
Purpose
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Capture Network Settings task.
Capture Windows Settings Table 25 lists all Capture Windows Settings properties and their associated range of values on the Properties tab. Table 26 lists all options and their associated purposes on the Options tab. Table 25. Capture Windows Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Migration
In this section, select all options, any combination of options, or no options:
Solution Accelerators
•
Migrate computer name. Select this option to migrate computer names. Otherwise, clear this option.
•
Migrate registered user and organization names. Select this option to migrate registered user and organizational names. Otherwise, clear this option.
•
Migrate time zone. Select this option to migrate time zone information. Otherwise, clear this option.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
64
Table 26. Capture Windows Settings Options Tab Option
Purpose
Disable the Step
To disable the Capture Windows Settings task, select the Disable the Step check box. To enable the Capture Windows Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Capture Windows Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Capture Windows Settings task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Capture Windows Settings task.
Apply Network Settings Table 27 lists all Apply Network Settings properties and their associated range of values on the Properties tab. Table 28 lists all options and their associated purposes on the Options tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Network Customizations
65
Table 27. Apply Network Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Domain or Workgroup Settings
In this section, choose between joining a valid domain or joining a workgroup: •
Join a workgroup. Select this option to join a valid workgroup. •
•
Network Adapters
Solution Accelerators
Workgroup. Editable text box, 31-character length.
Join a domain. Select this option to join a valid domain. •
Domain. Editable text box with an activated Browse button.
•
Domain OU. Editable text box with an activated Browse button.
•
Account. Un-editable text box with an activated Set button with to edit the account information needed to join a domain.
This data window lists all available network adapters. Create or delete adapters. The adapters can be sorted, and adapter properties can be edited.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
66
Table 28. Apply Network Settings Options Tab Option
Purpose
Disable the Step
To disable the Apply Network Settings task, select the Disable the Step check box. To enable the Apply Network Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Apply Network Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Apply Network Settings task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Apply Network Settings task.
Apply Windows Settings Table 29 lists all Apply Windows Settings properties and their associated range of values on the Properties tab. Table 30 lists all options and their associated purposes on the Options tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Network Customizations
67
Table 29. Apply Windows Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Username
Name of the user; editable, 50-character limit.
Organization name Name of the organization; editable, 50-character limit. Product key
Type the product key here.
Server licensing
Select one of three server licensing options from the box: •
Do not specify
•
Per seat
•
Per server
Maximum connections
Type the number of connections required. The connection number starts at five and this box is activated only when the Per server licensing option is selected.
Password
This section contains two options. Only one option can be selected, and selecting one clears the other option:
Time zone
Solution Accelerators
•
Randomly generate the local administrator password and disable the account on all supported platforms. (Recommended)
•
Enable the account and specify the local administrator password. Selecting this option will activate two additional text fields: •
Password
•
Confirm password
Click the preferred time zone.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
68
Table 30. Apply Windows Settings Options Tab Option
Purpose
Disable the Step
To disable the Apply Windows Settings task, select the Disable the Step check box. To enable the Apply Windows Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Apply Windows Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Apply Windows Settings task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Apply Windows Settings task.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng C ondi ti onal Task Sequence Steps In certain scenarios, consider conditionally running a task sequence step based on defined criteria. Configure task sequence step conditions on the Options tab of a task sequence step. Add any combinations of these conditions to determine if the task sequence step should run. For example, the value of a task sequence variable and the value of a registry setting could be used to determine if a task sequence step should run. Using MDT 2008, conditionally run a task sequence based on: •
One or more IF statements.
•
A task sequence variable.
•
The version of the target operating system.
•
The Boolean results of a WMI query.
•
A registry setting.
•
The software installed on the target computer.
•
The properties of a folder.
•
The properties of a file.
Configure a Conditional Task Sequence Step Configure conditional task sequence steps in Deployment Workbench on the Options tab of a task sequence step. Add one or more conditions to the task sequence step to create the appropriate condition for running, or not running, the step. Note
Every conditional task sequence step needs at least one IF statement.
To view the Options tab of a task sequence step 120.Start Deployment Workbench 121.In the console tree, click Task Sequences. 122.In the details pane, right-click task_sequence (where task_sequence is the name of the task sequence to configure), and then click Properties. 123.In the task_sequence Properties dialog box, on the Task Sequence tab, click step (where step is the name of the task sequence step to configure), and then click the Options tab. On the Options tab of a task sequence step, the following actions can be performed: •
Add. Click this button to add a condition to the task sequence step.
•
Remove. Click this button to remove an existing condition in a task sequence step.
•
Edit. Click this button to modify an existing condition in a task sequence step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
70
IF Statements in Conditions All task sequence conditions include one or more IF statements. IF statements are the foundation for creating conditional task sequence steps. A task sequence step condition can include only one IF statement, but multiple IF statements can be nested beneath the top-level IF statement to create more complex conditions. An IF statement can be based on the conditions listed in Table 31, which are configured in the IF Statement Properties dialog box. Table 31. Conditions Available in IF Statements Condition
Select this option to run the task sequence if
All conditions
All the conditions beneath this IF statement must be true.
Any conditions
Any the conditions beneath this IF statement are true.
None
None the conditions beneath this IF statement are true.
Complete the condition for running the task sequence step by adding other criteria to the conditions (for example, task sequence variables or values in a registry setting). To add an IF statement condition to a task sequence step 124.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click If statement. 125.In the If Statement Properties dialog box, click condition (where condition is one of the conditions listed in Table 31), and then click OK.
Task Sequence Variables in Conditions Create conditions based on any task sequence variable (including those defined by MDT 2008). These variables also include the environment variables available in the operating system. To configure a condition based on a task sequence variable, provide the following information in the Task Sequence Variable Condition dialog box: •
Variable. This is the name of the task sequence variable to include as a condition. This name must match the exact spelling of the variable, but it is not case-sensitive.
•
Condition. This can be one of the logical operators listed in Table 32: Table 32. Logical Operators for Conditions Logical operator
Select this option to base the condition on
exists
The existence of the variable, regardless of the value of the variable.
equals
The variable being equal to the value specified in Value.
not equals
The variable being not equal to the value specified in Value.
greater than
The variable being greater than the value specified in Value.
greater than or equals
The variable being greater than or equal to the value specified in Value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
•
71
Logical operator
Select this option to base the condition on
less than
The variable being less than the value specified in Value.
less than or equals
The variable being less than or equal to the value specified in Value.
Value. This is the value of the task sequence variable to use in the condition.
To add an Task Sequence Variable condition to a task sequence step 126.On the step Options tab (where step is the name of the task sequence step to configure), click Add, and then click Task Sequence Variable. 127.In the Task Sequence Variable Condition dialog box, in the Variable box, type variable (where variable is the name of the task sequence variable). 128.In the Task Sequence Variable Condition dialog box, in the Condition box, click condition (where condition is the logical operation to use in the condition as listed in Table 32). 129.In the Task Sequence Variable Condition dialog box, in the Value box, type value (where value is the value of the task sequence variable), and then click OK.
Operating System Version in Conditions Create conditions based on the operating system version. To configure a condition based on the operating system version, provide the following information in the Task Sequence OS Condition dialog box: •
Architecture. This is the name of the instruction set on which the operating system is designed. This could be one of the two architecture types listed in Table 33. Table 33. Available Architecture Conditions
•
Architecture
Select this option to base the operating system on
x86
The term x86 refers to an operating system which has a binary compatibility with the 32-bit instruction set.
x64
The term x64 refers to an operating system which has a binary compatibility with the 64-bit instruction set.
Operating System. This can be one of the operating systems listed in Table 34.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
72
Table 34. Available Operating System Conditions Architecture Selected
Select the operating system on which to base the condition
x86
•
X86 Windows 2000 original release
•
X86 Windows 2000 with SP1
•
X86 Windows 2000 with SP2
•
X86 Windows 2000 with SP3
•
X86 Windows 2000 with SP4
•
X86 Windows XP Professional original release
•
X86 Windows XP Professional with SP1
•
X86 Windows XP Professional with SP2
•
X86 Windows Server 2003 original release
•
X86 Windows Server 2003 with SP1
•
X86 Windows Server 2003 with SP2
•
X86 Windows Vista original release
•
X86 Windows Vista with SP1
•
X86 Windows Server 2008 original release
•
X64 Windows XP Professional original release
•
X64 Windows XP Professional with SP2
•
X64 Windows Server 2003 original release
•
X64 Windows Server 2003 with SP1
•
X64 Windows Vista original release
•
X64 Windows Vista with SP1
•
X64 Windows Server 2008 original release
x64
•
Condition. This can be one of the logical operators listed in Table 32.
To add an Operating System Version condition to a task sequence step 130.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Operating System Version. 131.In the Task Sequence OS Condition dialog box, in the Architecture box, click architecture (where architecture is the name of the operating system architecture). 132.In the Task Sequence OS Condition dialog box, in the Operating system box, click the operating system to use. 133.In the Task Sequence OS Condition dialog box, in the Condition box, click condition (where condition is the logical operation to use in the condition as listed in Table 32), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
73
WMI Queries in Conditions WMI queries can be used in a task sequence condition. WMI is the primary management technology for Microsoft Windows operating systems. It enables consistent and uniform management, control, and monitoring of systems throughout the enterprise. Based on industry standards, WMI allows system administrators to query, change, and monitor configuration settings on desktop and server systems, applications, networks, and other enterprise components. System administrators can write scripts that use the WMI scripting library to work with WMI and create a wide range of systems management and monitoring scripts. For more information about WMI, see the WMI Scripting Primer at http://www.microsoft.com/technet/scriptcenter/guide/sas_wmi_overview.mspx?mfr=true. To configure a condition based on a WMI condition, provide the following information in the Task Sequence WMI Condition dialog box: •
WMI namespace. The default namespace, \root\cimv2, refers to a specific WMI
•
WQL query. This dialog box contains the query that will run when the conditions are met. WMI is generally queried in two ways: by retrieving an entire WMI object or by using
namespace. These are grouped hierarchically, and are similar to the way folders are grouped in the operating system. Within each namespace is a collection of classes that correspond to a managed resource.
a Structured Query Language (SQL)–like query. In the query, system information or querying computers could be accessed across a network.
To add a WMI condition to a task sequence step 134.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Query WMI. 135.In the Task Sequence WMI Condition dialog box, in the WMI namespace box, type WMI namespace. 136.In the Task Sequence WMI Condition dialog box, in the WQL query box, type the query script to be run, and then click OK.
Registry Settings in Conditions Evaluate registry settings during the task sequence; based on defined criteria, choose either to run or not to run additional processes. The registry contains two basic elements: keys and values. •
Registry Keys are similar to folders. Each key can contain subkeys, which in turn can contain further subkeys, all of which might contain values. Keys are referenced with a syntax similar to Windows path names, using backslashes to indicate levels of hierarchy; for example, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey Windows of the subkey Microsoft of the subkey Software of the root key HKEY_LOCAL_MACHINE.
•
Registry Values are name/data pairs stored within these keys and are referenced separately from keys. Value names can contain backslashes but doing so makes them difficult to distinguish from their key paths.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
74
To configure a condition based on a registry setting condition, provide the following information in the Registry Setting dialog box: •
Root Key. The root key of the registry key. Base the condition on one of the following: •
HKEY_CURRENT_USER
•
HKEY_LOCAL_MACHINE
•
HKEY_USERS
•
HKEY_CURRENT_CONFIG
•
Key. This is the value of the registry key that to use in the condition.
•
Condition. This can be one of the logical operators listed in Table 32.
•
Value name. This is the name of the value to use in the condition.
•
Value type. The value type can be one of the following:
•
•
REG_SZ
•
REG_EXPAND_SZ
•
REF_DWORD
Value. This is the value of the value type for the provided registry key to use in the condition.
To add a Registry Setting condition to a task sequence step 137.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Registry Setting. 138.In the Registry Setting dialog box, in the Root key box, click Root key. 139.In the Registry Setting dialog box, in the Key box, type key (where key is the remainder of the registry key minus the root key). 140.In the Registry Setting dialog box, in the Condition box, click condition (where condition is the logical operation to use in the condition as listed in Table 32). 141.In the Registry Setting dialog box, in the Value name box, type the name of the Value name. 142.In the Registry Setting dialog box, in the Value type box, click Value type. 143.In the Registry Setting dialog box, in the Value box, type the value for which testing will occur, and then click OK.
Installed Software in Conditions Installed software can be evaluated based on the product information provided in the Microsoft Installer (MSI) file. This information can be used to match a specific product using both the product code and the upgrade code, or it can be used to match any version of this product using only the upgrade code. To configure a condition based on an installed software condition, provide the following information on the Installed Software dialog box: •
MSI file. The Microsoft Installer file associated with the installed software being tested in this condition.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
75
To add an Installed Software condition to a task sequence step 144.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Installed Software. 145.In the Installed Software dialog box, in the MSI file box, browse to the specific Microsoft Installer file associated with the installed software. The product information will be extracted from the MSI file and will populate the respective boxes. 146.In the Installed Software dialog box, select one of the two following conditions: •
Match this specific product (Product Code and Upgrade Code)
•
Match any version of this product (Upgrade Code only)
147.In the Installed Software dialog box, click OK.
Folder Properties in Conditions Folders can be evaluated based on folder properties. In addition to evaluating the path of the folder to be tested, test for its time stamp under a number of conditions. To configure a condition based on a folders property, provide the following information on the Folder Properties dialog box: •
Path. The path of the folder to test.
Optional conditions that can be tested for: •
Condition. This can be one of the logical operators listed in Table 35. Table 35. Logical Operators for Conditions Logical operator
Select this option to base the condition on
equals
The time stamp being equal to the values specified in the Date and Time dialog boxes.
not equals
The time stamp being not equal to the values specified in the Date and Time dialog boxes.
greater than
The time stamp being greater than the values specified in the Date and Time dialog boxes.
greater than or equals
The time stamp being greater than or equal to the values specified in the Date and Time dialog boxes.
less than
The time stamp being less than the values specified in the Date and Time dialog boxes.
less than or equals
The time stamp being less than or equal to the values specified in the Date and Time dialog boxes.
•
Date. The date of the file.
•
Time. The time stamp of the file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
76
To add a Folder Properties condition to a task sequence step 148.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Folder Properties. 149.In the Folder Properties dialog box, in the Path box, go to the folder to be tested. 150.In the Folder Properties dialog box, to check the time stamp of the file, select the Check the timestamp check box, set the condition of the value, set a date in the date dialog box, and set the time in the time dialog box. Otherwise leave the Check the timestamp check box cleared and the additional condition will not be tested for. 151.In the Folder Properties dialog box, click OK.
File Properties in Conditions Files can be evaluated based on the file properties. In addition to evaluating the path of the file to be tested, test for its version and time stamp under a number of conditions. To configure a condition based on a file property, provide the following information on the File Properties dialog box: •
Path. The path of the file being tested. Optional conditions for which testing can occur:
•
Version. Version of the file you being tested.
•
Condition. This can be one of the logical operators listed in Table 35.
•
Date. The date of the file.
•
Time. The time stamp of the file.
To add a File Properties condition to a task sequence step 152.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click File Properties. 153.In the File Properties dialog box, in the Path box, browse to the file to be tested. 154.In the File Properties dialog box, if you want to check the version of the file, select the Check the version check box, set the condition of the value, and type the version number to be tested for. Otherwise leave the Check the version box cleared and the additional condition will not be tested for. 155.In the File Properties dialog box, to check the time stamp of the file, select the Check the timestamp check box, set the condition of the value, set a date in the date dialog box, and set the time in the time dialog box. Otherwise leave the Check the timestamp check box cleared and the additional condition will not be tested for. 156.In the File Properties dialog box, click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng Se r ver Roles MDT 2008 can help automate the deployment of server roles in Windows Server 2008. Configure task sequence steps in MDT 2008 to deploy the server roles that are supported in MDT 2008. The Windows Server 2008 server roles supported by MDT 2008 include the following: •
AD DS
•
DNS Server
•
DHCP Server
Configure AD DS Server Role Settings This section describes the AD DS role and the process the task sequence uses to deploy the role to a destination server. This section also provides step-by-step guidance on configuring each of the multiple AD DS scenarios. AD DS stores directory data and manages communications between users and domains. This includes logon processes, authentication, and directory searches. An AD DS domain controller is a server that is running AD DS.
Requirements AD DS requires DNS services, such as those provided by the DNS Server server role, which can reside on the AD DS server or another server. This information will be provided in a subsequent release.
Automate Deployment This information will be provided in a subsequent release.
MDT 2008 Components AD DS uses the following MDT 2008 components: •
Scripts. This information will be provided in a subsequent release.
•
Properties. This information will be provided in a subsequent release.
•
Files. This information will be provided in a subsequent release.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
78
Microsoft Deployment Toolkit 2008
Deploy the AD DS Server Role The MDT 2008 AD DS deployment task sequence offers the following deployment scenarios: •
New forest. Deploys a domain controller that contains a new forest environment.
•
New domain controller replica. Deploys a replica domain controller.
•
New domain tree in existing forest. Deploys a domain controller that contains a new domain tree into an existing forest environment.
•
New domain in existing forest. Deploys a domain controller into an existing forest environment.
•
New read-only domain controller (RODC) replica. Deploys an RODC into an existing environment.
Deploy a Domain Controller with a New Forest Using this option, a domain controller can be deployed that contains a new forest environment. Use this option when deploying a new forest environment. To deploy a domain controller with a new forest 157.Start Deployment Workbench. 158.In the tree pane, expand Distribution Share. 159.In the details pane, click Task Sequences, and then click the task sequence to edit. 160.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 161.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
162.In the Create box, click New Forest. 163.In the New forest domain DNS name box, type a name for the new domain; for example, Woodgrove.com. The extension of the domain must be included—for example, .com, .net, .int, or whatever domain extension used in the organization. 164.In the NetBIOS name box, type a name for the network input/output system (NetBIOS). This is usually the domain name without .com or other type of extension. For example, the forest domain name Woodgrove.com might have the NetBIOS name woodgrove. 165.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 166.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
79
The following listing is an example of an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is rebooted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com NewDomain=forest NewDomainDnsName=woodgrove.com DomainNetbiosName=woodgrove DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=R3c0v3ry SiteName="Default_First_Site" ForestLevel=3 DomainLevel=3 RebootOnCompletion:yes
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy a Domain Controller As a New Domain Controller Replica Using this option, an existing domain controller can be deployed as a new domain controller by replicating it into an existing environment. Use this option when deploying a new domain controller into an existing environment if replication will obtain the existing domain information from AD DS. To deploy a domain controller as a new domain controller replica 167.Start Deployment Workbench. 168.In the tree pane, expand Distribution Share. 169.In the details pane, click Task Sequences, and then click the task sequence to edit. 170.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
80
Microsoft Deployment Toolkit 2008
171.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
172.In the Create box, click New domain controller replica. 173.In the Existing domain DNS name box, type the fully qualified domain name of an existing domain controller. 174.In the Replication source domain controller box, type the name of a domain controller the new server will replicate within the existing environment. The directory services database will replicate this domain controller. 175.In the Account box, type the name of an account that has permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 176.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 177.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an example of an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=replica NewDomainDnsName=child.woodgrove.com DomainNetbiosName=woodgrove DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 DomainLevel=3 RebootOnCompletion=yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
81
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy a Domain Controller with a New Domain Tree in an Existing Forest Using this option, a domain controller can be deployed that contains a new tree into an existing forest environment. Use this option when deploying a child domain into an existing forest environment. To deploy a domain controller with a new domain tree in an existing forest 178.Start Deployment Workbench. 179.In the tree pane, expand Distribution Share. 180.In the details pane, click Task Sequences, and then click the task sequence to edit. 181.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 182.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
183.In the Create box, click New domain in existing forest. 184.In the Existing forest (parent) domain DNS name box, type the name of an existing domain in the network. 185.In the NetBIOS name box, type the NetBIOS name of an existing domain in the network. This is usually the domain name without.com or other type of extension; for example, the domain Woodgrove.com might have the NetBIOS name woodgrove. 186.In the New domain tree (child) DNS name box, type a name for the child domain being created—for example, Child.Woodgrove.com (where Child is the name of the child domain). 187.In the Replication source domain controller box, type the name of the domain controller to which the new child domain will replicate. 188.In the Account box, type the name of an account with permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 189.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 190.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
82
Microsoft Deployment Toolkit 2008
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=child.woodgrove.com ChildName=child DomainNetbiosName=child DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 Domainlevel=3 RebootOnCompletion=yes
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy a Domain Controller with a New Domain in an Existing Forest Using this option, a domain controller can be deployed that contains a new domain into an existing forest environment. Use this option when deploying a new child domain into an existing forest environment. To deploy a domain controller with a new domain in an existing forest 191.Start Deployment Workbench. 192.In the tree pane, expand Distribution Share. 193.In the details pane, click Task Sequences, and then click the task sequence to edit. 194.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 195.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
196.In the Create box, click New domain in existing forest. 197.In the Existing forest (parent) domain DNS name box, type the name of an existing domain in the network.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
83
198.In the NetBIOS name box, type the NetBIOS name of an existing domain in the network. This is usually the domain name without.com or other type of extension; for example, the domain Woodgrove.com might have the NetBIOS name woodgrove. 199.In the New domain (child) DNS name box, type a name for the child domain being created; for example, Child.Woodgrove.com (where Child is the name of the child domain). 200.In the Replication source domain controller box, type the name of the domain controller to which the new child domain will replicate. 201.In the Account box, type the name of an account with permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 202.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 203.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=child.woodgrove.com ChildName=child DomainNetbiosName=child DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 Domainlevel=3 RebootOnCompletion=yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
84
Microsoft Deployment Toolkit 2008
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy an RODC in an Existing Domain Using this option, a domain controller can be deployed that contains a read-only replica of the existing domain into an existing forest environment. Use this option to deploy a domain controller that contains an un-editable replica of a domain structure into an existing forest environment. To deploy an RODC in an existing domain 204.Start Deployment Workbench. 205.In the tree pane, expand Distribution Share. 206.In the details pane, click Task Sequences, and then click the task sequence to edit. 207.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 208.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
209.In the Create box, click New read-only domain controller (RODC) replica. 210.In the Existing domain DNS name box, type the name of an existing DNS server. 211.In the Replication source domain controller box, type the name of the domain controller to be replicated within the existing environment. The directory services database will replicate this domain controller. 212.In the Account box, type the name of an account with permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 213.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 214.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
•
85
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=ReadOnlyReplica DomainNetbiosName=woodgrove DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 Domainlevel=3 RebootOnCompletion=yes
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Configure AD DS Advanced Properties To configure AD DS advanced properties, perform the following steps: 215.In the Properties dialog box (where Task Sequence is the task sequence to edit), click Advanced. 216.In the AD DS Advanced Properties dialog box, in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Options: •
Install DNS if not already present. Select this option when creating a new forest or new domain.
•
Make this domain controller a global catalog (GC) server. This is the default option, and should be selected for new domains or forests, and for domains without a GC server.
•
Wait for critical replication only. Select this option to populate only the directory services database using replication.
Functional levels: •
Forest Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008)
•
Domain Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008)
Folders: •
Database: The default location is %systemroot$NTDS.
•
Log Files: The default location is %systemroot$NTDS.
•
SYSVOL: The default location is %systemroot$SYSVOL.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
86
Microsoft Deployment Toolkit 2008
217.In the Site name box, type the name of the site in which to install the domain controller. The default name for a new forest or site is Default_First_Site; however, this value is not entered in the Site name box by default—it must be typed. Then, click OK to complete the configuration of the AD DS Advanced Properties dialog box, and then click OK in the Task Name Properties dialog box to complete configuration of the task.
Configure DNS with the AD DS Server Role Installation Using this option, DNS can be installed and configured the AD DS server role installation. DNS is required for AD DS and should be installed either before the AD DS role or during the Dcpromo process. To install and configure DNS with AD DS server role installation 218.In the Properties dialog box (where Task Sequence is the task sequence to edit), click Advanced. 219.In the AD DS Advanced Properties dialog box, in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Options: •
Install DNS if not already present. Select this option when creating a new forest or new domain installation on a server that requires DNS. (This option is highlighted in bold in the following Dcpromo answer file example.) [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure the Domain Controller as a GC Server Using this option, the newly installed AD DS server role can be configured as a GC server. A GC server contains a database of all the objects in an AD DS domain. For more information about global catalogs, see What Is the Global Catalog? at http://technet2.microsoft.com/windowsserver/en/library/24311c41-d2a1-4e72-a54f150483fa885a1033.mspx?mfr=true. 220.In the Properties dialog box (where Task Sequence is the task sequence to edit), click Advanced.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
87
221.In the AD DS Advanced Properties dialog box, in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Options: •
Make this domain controller a global catalog (GC) server. This is the default option, and should be selected for new domains or forests, and for domains without a GC. (This option is highlighted in bold in the following Dcpromo answer file example.) [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east ConfirmGc=Yes DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Critical Replication Before Restart Using this option, IT personnel can configure the AD DS server role and wait for critical replication before the computer is restarted. For additional information about this option, see Promotion Operation at http://technet2.microsoft.com/windowsserver2008/en/library/d2521765-9e7b-44b6-9021496908f4b9521033.mspx?mfr=true. 222.In the Properties dialog box (where Task Sequence is the task sequence to edit), click Advanced. 223.In the AD DS Advanced Properties dialog box, in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Options: •
Wait for critical replication only. Select this option when to populate only the directory services database using replication. (This option is highlighted in bold in the following Dcpromo answer file example). [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
88
Microsoft Deployment Toolkit 2008
NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east CriticalReplicationOnly=Yes DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Forest and Domain Functional Levels Using this option, the functional level of the forest and the domain levels of AD DS can be configured. For additional information about this option, see Appendix of Functional Level Features at http://technet2.microsoft.com/windowsserver2008/en/library/34678199-98f1-465f-9156c600f723b31f1033.mspx?mfr=true. 224.In the Properties dialog box (where Task Sequence is the task sequence to edit), click Advanced. 225.In the AD DS Advanced Properties dialog box, in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Functional levels: •
Forest Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008) (This option is highlighted in bold in the following Dcpromo example.)
•
Domain Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008) (This option is highlighted in bold in the following Dcpromo example.) [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
89
ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Location for Installation Folders Using this option, the location of the log, System Volume (Sysvol), and database paths can be configured during AD DS server role installation. 226.In the Properties dialog box (where Task Sequence is the task sequence to edit), click Advanced. 227.In the AD DS Advanced Properties dialog box, in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Folders: •
Database. The location of the AD DS database NTDS.dit file. The option /databasePath is listed in bold in the following Dcpromo example.
•
Logfiles. The location of log files used for recovery of the database, and for troubleshooting AD DS. The option /logPath is listed in bold in the following Dcpromo example.
•
Sysvol. The Sysvol is a shared directory that stores the server copy of the domain’s public files that are shared for common access and replication throughout the domain. For more information about Sysvol, see the Microsoft Help and Support article, “Best Practices for Sysvol Maintenance,” at http://support.microsoft.com/kb/324175. [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Site Name Using this option, the site name can be configured during the installation of the AD DS server role. The default name for the first site in a domain is Default_First_Site. 228.In the Properties dialog box (where Task Sequence is the task sequence to edit), click Advanced. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
90
Microsoft Deployment Toolkit 2008
229.In the AD DS Advanced Properties dialog box in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Site name: •
In the Site name box, type the name of the site in which to install the domain controller. The default name for a new forest or site is Default_First_Site; however, this value is not entered in the Site name box by default—it must be typed. Then, click OK to complete the configuration of the AD DS Advanced Properties dialog box, and click OK in the Properties dialog box to complete configuration of the task. [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com TeplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPasswordFH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure DNS Server Role Settings This section describes the DNS role and the process the task sequence uses to deploy the role to a destination server. Using the Configure DNS Role task sequence, IT personnel can manage forward, reverse, primary, secondary, stub, and AD DS-integrated zones.
Requirements •
An advanced understanding of DNS zones and the DNS hierarchy is required. For more information about DNS configuration, go to http://technet.microsoft.com/enus/library/bb726935.aspx.
•
A local DNS service must be configured to look at the DNS service on the local computer or an IP address of another DNS server.
Automate Deployment This information will be provided in a subsequent release.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
91
MDT 2008 Components DNS uses the following MDT 2008 components: •
Scripts. This information will be provided in a subsequent release.
•
Properties. This information will be provided in a subsequent release.
•
Files. This information will be provided in a subsequent release.
Deploy the DNS Server Role Using this option, the DNS server role can be configured and deployed to a new computer or a DNS server operating on an existing computer replaced. By assigning the DNS server role, standard DNS primary, secondary, and stub zones can be configured. In addition, AD DS-integrated primary and stub zones can be configured. There is also an the option to manage aging, updates, types, and multiple zones—all in an automated process. This is not a migration process from an existing DNS server; rather, it is a new installation of DNS zones of all types. 230.Start Deployment Workbench. 231.In the tree pane, expand Distribution Share. 232.In the details pane, click Task Sequences, and then click the task sequence to edit. 233.On the Task Sequence tab, click Add, click Roles, and then click Configure DNS. 234.On the Properties tab of the Configure DNS step, in Name, type name (where name is the name by which the task is identified in the task sequence). 235.In Description, type description (where description is the description of the task and its role in the task sequence). 236.In the Zones section, click the yellow Add button. 237.In the DNS Zone Properties dialog box, in DNS zone name , type a name for the zone; for example, woodgrove.com. 238.In Type, click Change. 239.In the Change Zone Type dialog box, select one of the following zone types: •
Primary zone
•
Secondary zone
•
Stub zone
240.In the Change Zone Type dialog box, select the Store the zone in Active Directory check box if DNS will be installed on a domain controller, and then click OK. 241.In the DNS Zone Properties dialog box, in Dynamic updates, select one of the following: •
None
•
Nonsecure and Secure
242.Select the Scavenge stale resource records check box to enable this feature. Click OK. 243.On the Properties tab of the Configure DNS step, click Server Properties. 244.In the Server Properties dialog box, in Server Options, select the appropriate server options to enable. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
92
Microsoft Deployment Toolkit 2008
245.In the Server Properties dialog box, in Name checking, select the appropriate name checking options to enforce, and then click OK. 246.In the task_sequence Properties dialog box (where task_sequence is the name of the task sequence being edited), click OK. 247.Close Deployment Workbench.
Configure DHCP Server Role Settings This section describes the DHCP role and the process the task sequence uses to deploy the role to a destination server. All of the options available in the standard Windows Server 2008 and Windows Server 2003 DHCP console can be configured using MDT 2008.
Requirements •
An IP subnet to use in the DHCP scope
•
Credentials for authorizing the DHCP service in AD DS (Typically, this is a domain Administrator or DHCP Administrator account, activated in AD DS.)
•
AD DS
•
An understanding of BOOTP, DHCP, DHCP scopes, DHCP superscopes, broadcast protocols, and IP subnetting For additional information about using and configuring DHCP, go to http://technet.microsoft.com/en-us/network/bb643151.aspx.
Automate Deployment This information will be provided in a subsequent release.
MDT 2008 Components DHCP uses the following MDT 2008 components: •
Scripts. This information will be provided in a subsequent release.
•
Properties. This information will be provided in a subsequent release.
•
Files. This information will be provided in a subsequent release.
Deploy the DHCP Server Role Using this option, the DHCP server role can be configured and deployed using MDT 2008. All the standard options that make up scopes can be configured similar to using the standard DHCP console in Windows Server 2008 and Windows Server 2003. To implement the DHCP server role, configure the Authorize DHCP task sequence in conjunction with the Configure DHCP Server Role task sequence. To configure and deploy the DHCP server role 248.Start Deployment Workbench. 249.In the tree pane, expand Distribution Share. 250.In the details pane, click Task Sequences, and then click the task sequence to edit. 251.On the Task Sequence tab, click Add, click Roles, and then click Configure DHCP. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
93
252.In the Properties dialog box, type the relevant information in the following boxes: •
Name. The name by which the task will be identified in the task sequence list.
•
Description. A description of the task; for example, DHCP scope information, scope names.
•
Scope details. Details about the IP address the DHCP scopes configured.
•
Server options. The options passed to DHCP clients; for example, default gateway, DNS server, and WINS server addresses.
253.Click OK.
Configure DHCP Scopes Using this option, configure the DHCP scopes that contain the rules and active scopes used on the DHCP server. For more information about DHCP scope configuration options, and for guidance on using each of the configuration options, see “Chapter 6 – Dynamic Host Configuration Protocol” of TCP/IP Fundamentals for Microsoft Windows at http://technet.microsoft.com/en-us/library/bb727003.aspx. To configure and deploy DHCP scopes 254.In the task sequence Properties dialog box, click the yellow Add scope button. 255.In the Scope Properties dialog box, configure the following options as required for the environment: •
Scope name. The name used to refer to the scope.
•
Start IP address. The beginning address of the scope; for example, 192.168.0.150.
•
End IP address. The ending address of the scope; for example, 192.168.0.250.
•
Subnet mask. The mask used for the IP address scope; for example, 255.255.255.0.
•
Scope IP address. The address of the scope itself; for example, 192.168.0.1.
•
Lease duration for DHCP clients. The maximum time a client can keep the IP address assigned by the DHCP server.
•
Description. A description of the scope, for administrative reference.
256.On the Advanced tab, in the Exclude IP Address Range section, type the following information to exclude addresses for the scope created on the General tab: •
Start IP address. The beginning address for exclusion from a scope; for example, 192.168.0.251.
•
End IP address. The ending address for exclusion from a scope; for example, 192.168.0.255.
257.On the Options tab, configure the following options for the scope created on the General tab: •
003 Router. The default gateway given to DHCP clients.
•
006 DNS Servers. The DNS server address given to DHCP clients.
•
015 DNS Domain Name. The DNS domain name given to clients; for example, woodgove.com.
•
044 WINS/NBNS Servers. The WINS server IP address; for example, 192.168.0.2. Solution Accelerators microsoft.com/technet/SolutionAccelerators
94
Microsoft Deployment Toolkit 2008
•
046 WINS/NBT Node Type. The WINS node type.
•
060 PXE Client. The address used for Pre-Boot Execution Environment (PXE) client Bootstrap code.
258.Click OK.
Configure DHCP Server Options Using this option, the DHCP server options given to DHCP clients can be configured. These options include router or default gateway designation, DNS server IP information, and WINS server information. To configure and deploy DHCP server options 259.In the Properties dialog box, in the Server Options section, click Configure, and then configure the following options as required for the environment. 260.Click 003 Router, and then do the following: •
In the Server Name box, type the IP address and resolve the name.
•
Click Add to type an IP address.
•
Click an IP address, and then click Remove to remove the highlighted IP address.
261.Click 006 DNS Servers, and then do the following: •
In the Server Name box, type the IP address and resolve the name.
•
Click Add to type an IP address.
•
Click an IP address, and then click Remove to remove the highlighted IP address.
262.Click 015 DNS Domain Name, and then do the following: •
In the String Value box, type the domain name; for example, woodgrove.com.
263.Click 044 WINS/NBNS Servers, and then do the following: •
In the Server Name box, type the IP address and resolve the name.
•
Click Add to type an IP address.
•
Click an IP address, and then click Remove to remove the highlighted IP address.
264.Click 046 WINS/NBT Node Type, and then type the following information: •
Type one of the following codes: 44, 46, or 47
For more information about how to determine the correct option for the environment, see the section, “DHCP Options for WINS,” in WINS Tools and Settings at http://technet2.microsoft.com/windowsserver/en/library/e71fac63-0521-4217-899f79802bfdb7481033.mspx?mfr=true. 265.Click 060 PXE Client, and then type the following information: •
In the String Value box, type the PXE client string; typically this is PXEClient.
Authorize the DHCP Server Role in Active Directory Authorizing the DHCP service within AD DS is imperative to successfully deploying and using DHCP services within a Windows-based network. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
95
Requirements •
Account credentials with permissions to authorize DHCP services in AD DS (Typically, this is either a domain Administrator account or a DHCP Administrator account.)
To authorize the DHCP server role in AD DS 266.Start Deployment Workbench. 267.In the tree pane, expand Distribution Share. 268.In the details pane, click Task Sequences, and then click the task sequence to edit. 269.On the Task Sequence tab, click Add, click Roles, and then click Authorize DHCP. 270.In the Properties dialog box, type the relevant information in the following boxes: •
Name. The name by which the task will be referred in the task sequence list.
•
Description. A description of the task.
271.In the Account box, type the name of an account with permissions to authorize the DHCP service in AD DS. Click Set, and then type the following information in the relevant boxes: •
Username. The account that can authorize DHCP, in the format of domain\user.
•
Password. The password for the account.
•
Confirm Password. Retype the password.
272.Click OK, then click OK again.
Getting Started Guide Contents Solution Accelerators
microsoft.com/technet/SolutionAccelerators
96
Microsoft Deployment Toolkit 2008
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 delivers end-to-end guidance for the efficient planning, building, testing, and deployment of Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. MDT 2008 provides proven tools and practices with which information technology (IT) personnel can: •
Create a software and hardware inventory to assist in deployment planning.
•
Test applications for compatibility with Windows operating systems and mitigate compatibility issues discovered during the process.
•
Set up an initial lab environment with imaging and deployment servers.
•
Customize, package, and deploy applications.
•
Automate image creation and deployment.
•
Manage processes and technologies to produce comprehensive and integrated Lite Touch Installation (LTI) and Zero Touch Installation (ZTI) deployments.
•
During deployment, migrate users’ documents and settings to their new computer configurations.
•
During deployment, support the installation of all roles, such as Active Directory® Domain Services (AD DS), Domain Name System (DNS) server, Dynamic Host Configuration Protocol (DHCP) server, Microsoft Internet Information Services (IIS), Windows Deployment Services, Windows SharePoint® Services, Windows Internet Naming Service (WINS) server, and Windows Server® 2003 Terminal Services. •
•
Additionally, MDT 2008 supports the configuration of the AD DS, DNS, and DHCP roles.
Ensure that computers are hardened to improve security within the environment.
MDT 2008 brings together time-honored and proven practices in addition to the following Microsoft technologies: •
Application Compatibility Toolkit (ACT) version 5.0 for gathering application inventory and for testing and mitigating application-compatibility issues.
•
Windows User State Migration Tool (USMT) for migrating user settings and data.
•
Windows Automated Installation Kit (Windows AIK) for configuring unattended Setup answer files (Unattend.xml) and capturing images.
•
Windows Deployment Services for starting Windows Preinstallation Environment (Windows PE) on target computers across the network.
•
Windows PE version 2.0 for starting computers.
MDT 2008 contains guidance, sample templates, and technology files (such as scripts and configuration files). MDT 2008 documentation discusses in detail required software that must be downloaded from the Internet. The documentation also discusses media that must be provided. The focus of MDT 2008 is computer deployment versus the integration that organizations can achieve on the platform by combining computers and domains. MDT 2008 supports deployment in Windows Server 2008 and Windows Server 2003 domains. Note For the latest information regarding MDT 2008, see Release Notes.doc in the documentation subfolder of the MDT 2008 installation folder. Note MDT 2008 combines abstract concepts that are sometimes difficult to follow without citing specific examples. To make these concepts easier to understand, this deployment project references a sample project at a fictional company named Woodgrove Bank. This deployment
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
97
project also provides sample job aids for Woodgrove Bank. The content in each planning template is specific to Woodgrove Bank; replace it with information specific to the organization. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server 2008, and Windows Server 2003 operating systems unless otherwise noted.
Ter mino log y Table 1 describes the terminology used throughout the MDT 2008 guidance. Understanding this terminology will help IT personnel better understand the guidance in this deployment project. Table 1. MDT 2008 Terminology Term
Description
answer file
A file that contains the settings and configurations to apply to a Windows image during installation. This file is commonly named Unattend.xml, Unattend.txt, or Sysprep.inf.
catalog file
A binary file that contains the state of all the settings and packages in a Windows image. When a catalog is created, it queries the Windows image for a listing of all settings in that image. Because the contents of a Windows image can change over time, it is important to recreate the catalog file whenever updating a Windows image.
component
A part of the Windows operating system that specifies the files, resources, and settings for a specific Windows feature or part of a Windows feature. Some components include Windows unattended installation settings, which can be used by original equipment manufacturers (OEMs) and corporations for customization.
configuration pass
A phase of Windows installation. Different parts of the Windows operating system are installed in different configuration passes. Team members can specify Windows unattended installation settings to be applied in one or more configuration pass.
deployment point
A folder that contains the files necessary to complete the image deployment to target computers.
distribution share
A folder that contains the source files for Windows products that the team installs. It may also contain additional device drivers and application files.
image-based setup
The mechanism used to install, deploy, and test the installation image.
operating system packages
A group of files that Microsoft provides to OEM customers to modify Windows features. Package types include service packs, security updates, language packs, and other software updates. Examples of packages include Product, Windows
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
98
Term
Microsoft Deployment Toolkit 2008
Description Foundation, and Feature Pack packages.
reference computer
The computer that contains the reference installation image.
reference image
A configured Windows image that contains a single reference installation that can be deployed onto many target computers.
reference installation
A configured Windows computer that includes additional software and updated drivers.
target computer
The computer on which the team preinstalls Windows to be distributed to customers. Team members can either run Windows Setup on the target computer or copy a master installation onto a target computer.
task sequence
A series of steps that perform a deployment. During LTI deployments, the task sequence is associated with an Unattend.xml (or Unattend.txt and Sysprep.inf) file.
Task Sequencer
Software used to execute a task sequence on the target computer.
technician computer
The computer on which MDT 2008 is installed. Typically, the configuration sets and the distribution share are also located on this computer.
Unattend.xml
The generic name for the Windows Vista Setup answer file. Unattend.xml replaces all of the answer files in earlier versions of Windows, including Unattend.txt and Winbom.ini.
Windows Imaging Format (.wim) file
A file format that contains one or more compressed Windows images.
Windows feature
An optional feature of Windows that can be enabled or disabled.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes for MDT 2008 This section describes the system requirements for the deployment server and target computer. Deployment server requirements apply to computers on which MDT 2008 is installed and used to configure distribution shares. Target computer requirements apply to computers on which the deployment scripts are run to install the Windows operating system. The guidance describes additional requirements. MDT 2008 can be installed on both the x86 and x64 versions of the following operating system platforms: •
Windows Server 2008 (Standard and Enterprise operating systems)
•
Windows Server 2003 (Standard and Enterprise operating systems) with Service Pack 1 (SP1) or later
•
Windows Vista (Business, Enterprise, and Ultimate operating systems)
•
Windows XP Professional with SP2 or later
In addition to the hardware, operating system, and software requirements described in the guides, the following hardware and software requirements must be met on the deployment server and target computers for the Deployment Workbench and deployment scripts to function properly.
Deployment Server Prerequisites LTI Deployment Prerequisites Hardware The following hardware requirements must be met on the deployment server: •
Free space of 4 gigabytes (GB) is required on the drive containing the %TEMP% folder if a media deployment International Organization for Standardization (ISO) image will be created. Otherwise, 1 GB of free space is required on the drive containing the %TEMP% folder.
•
A minimum of 5 GB of free space is required on the drive containing the distribution share.
•
Free space of 1 GB is required on the drive containing the MDT 2008 program files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
100
Microsoft Deployment Toolkit 2008
Software The following software requirements might need to be met on the deployment server. •
Windows AIK The version of Ximage.exe that is included in the Windows AIK versions 1.0 and 1.1 can be used to capture and deploy any Windows operating system (Windows XP SP2 through Windows Server 2008). However, MDT 2008 also uses Windows AIK to generate catalogs for creating Unattend.xml files and for offline servicing. For these operations, Windows AIK version 1.0 only supports Windows Vista release to manufacturing (RTM). LTI deployments of Windows XP or Windows Server 2003 are unaffected. Note Windows AIK version 1.1 must be installed on the deployment server if Windows Vista SP1 or Windows Server 2008 will be deployed to target computers.
To install the Windows AIK, use Deployment Workbench to perform the download and installation before or after installing MDT 2008. Note Windows AIK is automatically installed on computers running Microsoft System Center Configuration Manager 2007. Note Windows AIK helps in the installation, customization, and deployment of Windows. Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 RTM deployments. Use Windows AIK version 1.1 when deploying Windows Vista with SP1 and Windows Server 2008 RTM.
•
Windows Deployment Services
•
Windows Server Update Services (WSUS) version 3.0
•
Windows Update Agent (WUA) version 3.0 MDT 2008 supports deploying an updated version of WUA as part of the operating system deployment. This helps ensure that target computers are running the correct version of WUA when Windows is deployed. This also helps eliminate the need to connect to the Internet and download the latest version of WUA after deployment. MDT 2008 can configure WUA to collect updates from internal computers running WSUS instead of connecting to Microsoft Update over the Internet. Optionally, MDT 2008 can configure WUA to use a specific computer running WSUS server using the WsusServer property. For additional information about WUA and for deployment instructions, see the TechNet article, “How to Install the Windows Update Agent on Client Computers," at http://technet.microsoft.com/en-us/library/bb932139.aspx. Obtain the latest version of the WUA stand-alone installer for: •
The x86 version (WindowsUpdateAgent30-x86.exe) at http://go.microsoft.com/fwlink/?LinkID=100334.
•
The x64 version (WindowsUpdateAgent30-x64.exe) at http://go.microsoft.com/fwlink/?LinkID=100335.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Prerequisites for MDT 2008
101
Windows Vista and Windows Server 2008 include the most recent version of WUA, so no update is necessary for these operating systems. In Windows XP and Windows Server 2003, one of the following will occur: •
If the WUA version 3.0 stand-alone installer files are in the TOOLS\architecture folder (where architecture is either x86 or x64) on the deployment point, MDT 2008 will automatically install WUA on the target computer. When downloading the WUA 3.0 stand-alone installer files, save them in the distribution\TOOLS\architecture folder (where distribution is the folder where the distribution point is created).
•
If the WUA version 3.0 stand-alone installer files are not in the TOOLS\architecture folder on the deployment point and if the existing version of WUA is configured for a WSUS server, then WUA will attempt to update itself from a WSUS server. If the existing version of WUA is not configured for a WSUS server, then MDT 2008 will attempt to download and install WUA version 3.0 from the Microsoft Update site. In this case, Internet access is required for the target computer. Note
MDT 2008 does not support authentication with proxy servers.
For more information, see Updating the Windows Update Agent at http://msdn2.microsoft.com/en-us/library/aa387285.aspx. •
USMT The USMT .msi file must be made available in the deployment share folder for access by target computers when migrating user settings to new computers. This can be accomplished using Deployment Workbench to perform the download and copy. Or, the .msi file can be downloaded and the USMT301_Platform.msi file manually copied to the distribution share folder in the \Tools\Platform folder. Note
Platform is either x86 (for 32 bit) or x64 (for 64 bit).
Note
The USMT does not actually need to be installed on the deployment server.
Note There are known occurrences of the USMT not properly installing on target computers. Steps to work around this issue are contained in the MDT 2008 document, Troubleshooting Reference. Note USMT version 3.0.1 does not support state migration on any version of Windows Server. Note USMT must be run in elevated mode on Windows Vista to ensure that all users are migrated. This is required because of Windows Vista User Access Control (UAC) protections.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
102
Microsoft Deployment Toolkit 2008
Platform-Specific Requirements The following platform-specific requirements must be met when using MDT 2008 on one of the following platforms: •
Windows Server 2008: •
•
Windows Vista: •
•
•
•
No additional software requirements
Windows Server 2003 with SP2: •
•
No additional software requirements
Microsoft .NET Framework version 2.0
Windows Server 2003 with SP1: •
Microsoft Management Console (MMC) version 3.0
•
Microsoft .NET Framework version 2.0
•
Offline servicing kernel update
Windows XP Professional with SP3: •
Microsoft .NET Framework version 2.0
•
Offline servicing kernel update
Windows XP Professional with SP2: •
MMC version 3.0
•
Microsoft .NET Framework version 2.0
•
Offline servicing kernel update
•
Windows Installer version 3.1
Note See the section, “Appendix A: Software Download Locations,” later in this guide for software download locations. Note If the MDT 2008 documentation will only be installed and viewed using Deployment Workbench, the only software requirements are Microsoft .NET Framework version 2.0, Windows Installer version 3.1, and MMC version 3.0. The remaining software in the previous list is not required to view the documentation.
ZTI Deployment for System Center Configuration Manager Prerequisites When using MDT 2008 with System Center Configuration Manager, the following requirements might need to be met in addition to those listed in “LTI Deployment Prerequisites” earlier in this guide: •
System Center Configuration Manager
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Prerequisites for MDT 2008
103
ZTI Deployment for Systems Management Server Prerequisites When using MDT 2008 with Microsoft Systems Management Server (SMS) 2003, the following requirements might need to be met in addition to those listed in “LTI Deployment Prerequisites” earlier in this guide: •
Systems Management Server 2003 with SP2 or later
•
SMS 2003 Operating System Deployment (OSD) Feature Pack update MDT 2008 requires this update to be able to support Windows Vista, Windows Server 2008, and 64-bit (x64) operating system deployments. This update supports the newly released Windows Imaging Format (WIM) version 1.0. In addition, this update requires Systems Management Server with SP2. For more information about this update, see SMS 2003 Operating System Deployment Feature Pack Update at http://technet.microsoft.com/en-us/sms/bb676770.aspx. Note Images created using earlier versions of the SMS 2003 OSD Feature Pack were made using WIM version 0.9 and cannot be used with Deployment Workbench in MDT 2008. Instead, create new images using WIM version 1.0 to use with Deployment Workbench after installing the SMS 2003 OSD Feature Pack update.
•
Windows PE 2004, supplied with the SMS 2003 OSD Feature Pack for Windows XP deployments, or Windows PE 2005, provided with Windows Server 2003 with SP1.
Target Computer Prerequisites The target computer must be a new computer without an existing operating system or run one of the following operating systems (with the additional software listed for each operating system): •
Windows Server 2008: •
•
Windows Vista: •
•
•
Windows Script version 5.6 or later
Windows XP Professional with SP3: •
•
No additional software requirements
Windows Server 2003 with SP1: •
•
No additional software requirements
Windows Server 2003 with SP2: •
•
No additional software requirements
No additional software requirements
Windows XP Professional with SP2: •
Windows Installer version 3.1
•
Windows Script version 5.6 or later
Microsoft Windows 2000 with SP4: •
Microsoft XML Core Services (MSXML) version 3.0
•
Microsoft Visual C++® runtime
•
Windows Internet Explorer® version 5.0 or later
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
104
Microsoft Deployment Toolkit 2008
•
Windows Script version 5.6 or later
Note See the section, “Appendix A: Software Download Locations,” later in this guide for software download locations. Note The Visual C++ runtime is required to run the deployment scripts on target computers that are running the Windows 2000 operating system. See the section, “Appendix B: Preparing Windows 2000 Client Computers,” later in this guide for installation instructions.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Evalu ating Securi ty and P ri vac y for the Dep lo yment Solu tion The majority of MDT 2008 is script based, with the advantage of easy customization and requiring little or no infrastructure. As a result, several concerns must be considered and managed. For example, many of the Unattend files require unencrypted values or network connections must be made requiring user credentials or relaxed share permissions. Placing sensitive information in images or in answer files to achieve complete automation increases the security risk. Carefully consider areas such as: •
Storing user credentials, product identifier (PID) keys, company information and software, licensed materials, or other restricted or sensitive data in answer files, log files, and image (.wim) files on the target computers at deployment time. Minimize the need to store credentials in answer files by choosing to answer the prompts at the target computer at deployment time. Files, including the contents of .wim files, could be tampered with and not easily detected.
•
Storing user credentials, PID keys, company information and software, licensed materials, or other restricted or sensitive data in answer files, log files, user migration data, and image (.wim) files on the server (such as the host on which Deployment Workbench or its distribution folder shares reside). Access permissions to these storage resources should be reviewed and tightened as much as possible. Files, including the contents of .wim files, could be tampered with and not easily detected.
•
CD/DVD media, which may store information that could be misused or lost. System Center Configuration Manager provides password protection of full media. After media are distributed, it is difficult to change passwords stored on those media.
•
Database access permissions. They should be restricted to the minimum level required.
•
PID keys in answer files and image files. Because these could be exposed, volume license methods take advantage of Key Management Service (KMS) help with PID key management and key loss for Windows Vista deployments.
•
The Pre-Boot Execution Environment (PXE) network boot process, which is an inherently insecure process. When possible, procedures should favor servicing only known computers. In a fully automated scenario that includes joining the computer to a domain, doing so could provide a way for unauthenticated users to gain access to corporate resources.
•
Using the PXE filter script available within MDT 2008. By doing so, the default security behavior of the System Center Configuration Manager PXE provider is bypassed, exposing corporate images to unauthenticated or unknown computers. (Normal PXE security issues apply.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
106
Microsoft Deployment Toolkit 2008
•
The computer running Windows Deployment Services. An administrator can modify the PXE filter script on that computer to perform any action in System Center Configuration Manager. However, doing so could lead to tampering with the System Center Configuration Manager database.
•
The possibility of spoofing the download location for components that are downloaded with Deployment Workbench by tampering with the Deployment Workbench configuration files. Deployment Workbench downloads specific file names as directed by the Componentlist.xml file through the Background Intelligent Transfer Service (BITS) file-transfer service, and then verifies that certain parameters match what is expected. However, Deployment Workbench has no way to verify that the contents of the .xml file have not been tampered with and are pointing to intended files. The components that are downloaded can also be installed on operator approval (file-substitution risk). Control access permissions to the Deployment Workbench configuration files. Verify that all files downloaded are the files intended before installing them.
These security exposures can be improved by implementing the SMS 2003 OSD Feature Pack (with or without the Zero Touch Deployment Kit), which helps with some network access scenarios, or using System Center Configuration Manager, which extends security coverage much further and to full media. These products use agents, which are compiled programs designed to handle sensitive data and verify content (where possible). In any case, placing sensitive data in answer files reduces the default security configuration of the complete solution. Evaluate and weigh these risks against the costs and value of the desired automation goals. ZTI deployment considerations are much the same as for LTI deployments, except that the SMS 2003 OSD Feature Pack leverages its agent’s ability to use a machine account or network access account. See the SMS 2003 OSD Feature Pack for more information. The System Center Configuration Manager integration introduces many of the same issues from LTI and ZTI deployments, because answer files, external (non-deployment point) network connections, and database connections may exist. System Center Configuration Manager offers improvements in handling USMT backup data encryption keys, provides more secure storage processes, provides content verification, restricts PXE-booted computers to a known list, and leverages certificates in some scenarios. For information on configuring System Center Configuration Manager, see the System Center Configuration Manager documentation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Up g r ade and
Mig r ation Paths
The sections that follow describe the upgrade and migration paths with MDT 2008 for operating systems as well as upgrade and migration scenarios.
MDT 2008 MDT 2008 provides efficient upgrade and migration paths from BDD 2007 and the SMS 2003 OSD Feature Pack when based on the following scenarios: •
Upgrading from Business Desktop Deployment (BDD) 2007 LTI deployment to MDT 2008 LTI deployment.
•
Upgrading from BDD 2007 ZTI deployment to MDT 2008 ZTI deployment.
•
Migrating from BDD 2007 LTI deployment to ZTI deployment with System Center Configuration Manager.
•
Migrating, with limited support, from the SMS 2003 OSD Feature Pack to ZTI deployment with System Center Configuration Manager.
Operating Systems Table 2 describes the operating system upgrade and migration paths. As shown in the table, performing an in-place upgrade from Windows XP with SP2 or later to Windows Vista is supported, as is upgrading Windows Server 2003 to Windows Server 2008. Table 2. MDT 2008 Upgrade and Migration Paths From
Migrate to Upgrade to Windows Windows XP with Vista SP2 or later using USMT
Windows 2000 with SP4
Windows XP with SP2 or later
Windows Vista
Migrate to Windows Vista using USMT
Upgrade to Upgrade to Windows Windows Server 2003 Server 2008
(to more feature-rich edition)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
108
Microsoft Deployment Toolkit 2008
From
Migrate to Upgrade to Windows Windows XP with Vista SP2 or later using USMT
Migrate to Windows Vista using USMT
Windows Server 2003 Release 2 (R2)
Upgrade to Upgrade to Windows Windows Server 2003 Server 2008
(to more feature-rich edition)
Windows Server 2003 with SP1 or later
(to more feature-rich edition)
Windows Server 2008
(to more feature-rich edition)
= supported Note
The x64-based version of Windows XP cannot be upgraded to x64-based Windows Vista.
Note If deploying Windows XP SP3, be sure to obtain the updated Windows XP SP3 Deployment Tools, which can be downloaded from the Web page listed in “Appendix A: Software Download Locations,” later in this guide.
Scenarios Table 3 describes the supported deployment scenarios for each supported operating system. As shown in the table, deployment of Windows Vista with SP1 and Windows Server 2008 is fully supported for LTI deployments. Support for deployments based on Systems Management Server and System Center Configuration Manager will be supported when support is available from the respective product teams. Table 3. MDT 2008 Upgrade and Migration Paths Operating system
MDT 2008 LTI deployment
SMS 2003 OSD Feature Pack
System Center Configuration Manager
Windows 2000 with SP4 (upgrade only)
Windows XP with SP2 or later
Windows Vista
Windows Vista with SP1
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Upgrade and Migration Paths
Operating system
MDT 2008 LTI deployment
109
SMS 2003 OSD Feature Pack
System Center Configuration Manager
Windows Server 2003
Windows Server 2008
= supported
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Pr er equ isi te In fr ast r uc tur e The sections that follow describe how to prepare the prerequisite infrastructure when using MDT 2008 with System Center Configuration Manager or Systems Management Server.
Preparing the Prerequisite Infrastructure for System Center Configuration Manager For an example of how all these steps are performed, see “Step 1: Prepare the Prerequisite Infrastructure” in the MDT 2008 document, Quick Start Guide for Microsoft System Center Configuration Manager 2007. For more information about: •
System Center Configuration Manager, see Configuration Manager Supported Configurations at http://technet.microsoft.com/enus/library/bb680717.aspx#SiteServerSystemRequirements.
•
Microsoft SQL Server® 2005, see SQL Server 2005 System Requirements at http://www.microsoft.com/sql/prodinfo/sysreqs/default.mspx.
To prepare the prerequisite infrastructure for System Center Configuration Manager 273.Ensure the computer acting as the deployment server has at least one partition formatted with the NTFS file system. 274.Create a folder structure on an NTFS-formatted volume to store the software required by MDT 2008 and System Center Configuration Manager. 275.Obtain the required software, specifically: •
System Center Configuration Manager.
•
SQL Server 2005 with SP2.
•
Device drivers for all the reference and target computers.
•
MSXML version 6.0.
276.Ensure that an AD DS infrastructure exists with a forest functional level set to Windows Server 2003 or later. 277.Ensure that IP configuration occurs, typically from DHCP services within the infrastructure. 278.Ensure that IIS 6.0 is installed and configured correctly. The application server components listed in Table 4 are required for SQL Server and System Center Configuration Manager installation. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Preparing the Prerequisite Infrastructure
111
Table 4. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
Microsoft ASP.NET
Installed
Enable network COM+ access
Installed
Enable network Microsoft Distributed Transaction Coordinator (DTC) access
Not installed
IIS: BITS server extensions
Installed
Common files
Installed
File Transfer Protocol (FTP) Service
Not installed
Microsoft Office FrontPage® server extensions
Not installed
IIS Manager
Installed
Internet printing
Not installed
Network News Transfer Protocol (NNTP) service
Not installed
Simple Mail Transfer Protocol (SMTP) service
Not installed
World Wide Web service: Active Server Pages (ASP)
Installed
Internet data connector
Not installed
Remote administration (HTML)
Not installed
Remote desktop Web connection
Not installed
Server-side includes
Installed
Web-based Distributed Authoring and Versioning (WebDAV) publishing
Installed
World Wide Web service
Installed
Message queuing
Not installed
279.Install and configure WebDAV Internet Server Application Programming Interface (ISAPI) extensions. 280.Install MSXML version 6.0. 281.Create any necessary user and service accounts: •
Service account for use by SQL Server (if not already installed)
•
Service account for use by the System Center Configuration Manager Client Network Access account
282.Install USMT files. 283.Install SQL Server with SP2 (if not already installed). 284.Add the site server to the Administrators security group in the domain (if not already a member). 285.Install System Center Configuration Manager (if not already installed). Solution Accelerators microsoft.com/technet/SolutionAccelerators
112
Microsoft Deployment Toolkit 2008
286.Configure the network access account for the System Center Configuration Manager client (if not already configured). 287.Configure the System Center Configuration Manager site boundaries (if not already configured). 288.Configure the publishing of site information in AD DS and DNS (if not already configured). 289.Configure the drive for storing package source files (if not already configured). 290.Configure the distribution points to be BITS enabled (if not already configured).
Preparing the Prerequisite Infrastructure for Systems Management Server For an example of how all these steps are performed, see “Step 1: Prepare the Prerequisite Infrastructure” in the MDT 2008 document, Quick Start Guide for Microsoft Systems Management Server 2003. For more information about: •
Systems Management Server, see Systems Management Server 2003 R2 System Requirements at http://technet.microsoft.com/en-us/sms/bb676790.aspx#EKD.
•
SQL Server 2005, see Microsoft SQL Server: System Requirements at http://www.microsoft.com/sql/prodinfo/sysreqs/default.mspx.
To prepare the prerequisite infrastructure for Systems Management Server 291.Ensure that the computer acting as the deployment server has at least one partition formatted with the NTFS file system. 292.Create a folder structure on an NTFS-formatted volume to store the software that MDT 2008 and Systems Management Server require. 293.Obtain the required software, specifically: •
System Management Server with SP3.
•
SMS 2003 OSD Feature Pack.
•
SQL Server 2005 with SP2.
•
Windows Server 2003 SP1 Microsoft OEM Preinstallation Kit (OPK) (used to obtain Windows PE 2005).
•
Windows Server 2003 SP1 distribution files from product CD (required for Windows PE 2005).
•
Device drivers for all the reference and target computers.
•
MSXML version 6.0.
294.Ensure that an AD DS infrastructure exists with a forest functional level set to Windows Server 2003 or later. 295.Ensure that IP configuration occurs, typically from DHCP services within the infrastructure. 296.Ensure that IIS 6.0 is installed and configured correctly. The application server components listed in Table 5 are required for SQL Server and Systems Management Server installation. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Preparing the Prerequisite Infrastructure
113
Table 5. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
ASP.NET
Installed
Enable network COM+ access
Installed
Enable network DTC access
Not installed
IIS: BITS server extensions
Installed
Common files
Installed
FTP service
Not installed
Office FrontPage server extensions
Not installed
IIS Manager
Installed
Internet printing
Not installed
NNTP Service
Not installed
SMTP Service
Not installed
World Wide Web service: ASP
Installed
Internet data connector
Not installed
Remote administration (HTML)
Not installed
Remote desktop Web connection
Not installed
Server-side includes
Installed
WebDAV publishing
Installed
World Wide Web service
Installed
Message queuing
Not installed
297.Install and configure WebDAV ISAPI extensions. 298.Install MSXML version 6.0 299.Create any necessary user and service accounts: •
Service account for use by SQL Server 2005 (if not already installed)
•
Service account for use by the System Center Configuration Manager Client Network Access account
300.Install SQL Server with SP2 (if not already installed) 301.Install Systems Management Server (if not already installed) 302.Install the SMS 2003 OSD Feature Pack (if not already installed) 303.Install Systems Management Server SP3 (if not already installed) 304.Configure the network access account for the Systems Management Server Advanced Client (if not already configured) 305.Configure the drive for storing package source files (if not already configured) Solution Accelerators microsoft.com/technet/SolutionAccelerators
114
Microsoft Deployment Toolkit 2008
306.Configure the default management point (if not already configured) 307.Configure the distribution points to be BITS enabled (if not already configured)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ins tal ling MD T 2008 The sections that follow describe the MDT 2008 installation scenarios and process.
New Installation After all prerequisite software has been installed, complete the following steps to install MDT 2008 (MicrosoftDeploymentToolkit_platform.msi, where platform is either x86 or x64): 308.Right-click MicrosoftDeploymentToolkit_platform.msi, and then click Install. 309.Click Next to skip the welcome page. 310.On the End-User License Agreement page, review the license agreement. If the terms are agreeable, click I accept the terms in the License Agreement, and then click Next. 311.On the Custom Setup page, choose the features to install and the destination folder for the installation, and then click Next. To change a feature’s state, click the feature, and then choose a state. To change the destination folder, click Microsoft Deployment Toolkit, and then click Browse. In the Change current destination folder dialog box, specify the desired folder name, and then click OK. The following list describes each feature: •
Documents. This feature installs the guidance and job aids. By default, this feature is installed in C:\Program Files\Microsoft Deployment Toolkit\Documentation. The prerequisites for installing this feature and using Deployment Workbench to view the documentation are Microsoft .NET Framework version 2.0 and MMC version 3.0.
•
Tools and templates. This feature installs the wizards and template deployment files, such as Unattend.xml. By default, this feature is installed in C:\Program Files\Microsoft Deployment Toolkit.
312.Click Install to install MDT 2008; then, click Finish when the installation is complete.
Upgrade from or Coexist with BDD 2007 or a Previous MDT Version It is possible to upgrade a BDD 2007 distribution share directory for use by MDT 2008. However, consider the following guidelines and requirements when installing MDT 2008 in such a way that it coexists with or is an upgrade of BDD 2007. An existing BDD 2007 distribution share directory can be upgraded to MDT 2008 with the following limitations: •
The BDD 2007 Lab share (the Distribution folder) is updated for MDT 2008. All other deployment shares, including the Media, OSD, and Network shares, must be
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
116
Microsoft Deployment Toolkit 2008
manually deleted and then recreated using Deployment Workbench. When upgraded, the BDD 2007 distribution share directory is no longer valid for use with BDD 2007. •
BDD 2007 builds are converted to MDT 2008 task sequences.
•
MDT 2008 task sequences replace tasks associated with BDD 2007 builds.
•
Settings from BDD 2007 builds are carried forward to the new task sequence.
•
Customizations from the BDD 2007 task sequence are identified and moved to the new MDT 2008 task sequence using one of the following scenarios:
•
•
If a custom task sequence step specifies an application that is matched to an application defined in the distribution share and if there is also a match between the Command Prompt window of the step and the Command Prompt window of the distribution share application, that task sequence step is added to the Custom Task group.
•
If a custom task sequence step specifies an application that cannot be matched to an application defined in the distribution share, that task sequence step is added to the Unknown Tasks group, which is disabled. Administrative intervention is required to edit the task sequence and move the step to an appropriate location within the new task sequence.
If MDT 2008 is installed on a computer on which BDD 2007 is already installed and MDT 2008 upgrades the original BDD 2007 distribution share directory, uninstalling BDD 2007 may remove files that are common to MDT 2008 and BDD 2007. For this reason, if BDD 2007 is uninstalled, it must be uninstalled before MDT 2008 is installed by backing up the distribution share directory, uninstalling BDD 2007, restoring the distribution share directory, and then installing MDT 2008.
Coexist with BDD 2007 Prior to installing MDT 2008 on a computer on which BDD 2007 is already installed, understand that BDD 2007 and MDT 2008 cannot use the same distribution share directory. The BDD 2007 distribution share directory will not be upgraded so as to allow BDD 2007 and MDT 2008 to function independently. If the steps outlined below are properly followed, BDD 2007 and MDT 2008 can be used on the same computer. To install MDT 2008 in this scenario 313.Install MDT 2008. 314.Complete the following steps to create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory. Chose one of the following distribution share options: 1. Create new distribution share directory. If MDT 2008 will create and use a new distribution share directory for its base configuration, in the Specify Directory dialog box, click Create a new distribution share, and then type the path to the location in which the distribution share directory will be created. 2. Upgrade an existing distribution share. If MDT 2008 is to upgrade and use the existing BDD 2007 distribution share directory for its base configuration, a copy of the BDD 2007 distribution share directory must be created before proceeding. Then, in the Specify Directory dialog box, click Upgrade an existing distribution share, and type the path to the copy of the BDD 2007 distribution share directory. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Installing MDT 2008
117
CAUTION To understand the limitations of upgrading a BDD 2007 distribution share directory, see the topics mentioned in the section, “Upgrade from or Coexist with BDD 2007 or a Previous MDT Version.”
c.
Click Finish.
Upgrade from BDD 2007 The following points must be understood prior to installing MDT 2008 on a computer on which BDD 2007 is already installed. MDT 2008 installation upgrades the BDD 2007 distribution share directory. •
If MDT 2008 is installed on a computer on which BDD 2007 is already installed and MDT 2008 installation upgrades the original BDD 2007 distribution share directory, uninstalling BDD 2007 may remove files that are common to MDT 2008 and BDD 2007.
•
BDD 2007 distribution share directories that MDT 2008 has upgraded are no longer valid for use with BDD 2007.
To install MDT 2008 in this scenario 315.Create a backup of the BDD 2007 distribution share directory. 316.Uninstall BDD 2007. 317.Install MDT 2008. 318.Create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory. c.
In the Specify Directory dialog box, click Upgrade an existing distribution share, and then type the path to the BDD 2007 distribution share directory previously restored. CAUTION To understand the limitations of upgrading a BDD 2007 distribution share directory, see the topics mentioned in the section, “Upgrade from or Coexist with BDD 2007 or a Previous MDT Version.”
d. Click Finish. 319.When the distribution share has been created, use Deployment Workbench to respecify the deployment points and database connections.
Upgrade from a Previous Version of MDT Using LTI Deployment The following are the basic steps to upgrade from a previous version of MDT to MDT 2008 using LTI deployment: 320.Install MDT 2008. Doing so automatically upgrades the existing MDT installation to MDT 2008. 321.Create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory. Solution Accelerators microsoft.com/technet/SolutionAccelerators
118
Microsoft Deployment Toolkit 2008
c.
Select Upgrade an existing distribution share, provide the full path to the existing distribution share directory, and then click Finish. The existing scripts and tools in the distribution share directory will be upgraded to MDT 2008. After the wizard finishes, a console refresh may be required to refresh the nodes under the Distribution Share node.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Installing MDT 2008
119
322.Update the MDT 2008 deployment points: a. In Deployment Workbench, expand Deploy, and then click Deployment Points. b. Right-click each deployment point listed, and then click Update. Doing so updates each deployment point with the new MDT 2008 files and updated Windows PE images. a. MDT 2008 does not require Windows AIK 1.1 if only Windows Vista RTM, Windows XP, or Windows Server 2003 will be deployed. But if Windows Vista SP1 or Windows Server 2008 will be deployed, update to Windows AIK 1.1. To update to Windows AIK 1.1 323.Uninstall Windows AIK 1.0. 324.Restart the computer. 325.Install Windows AIK 1.1. 326.Update the MDT 2008 deployment points: a. In Deployment Workbench, expand Deploy, and then click Deployment Points. b. Right-click each deployment point listed, and then click Update. Doing so updates each deployment point with the new Windows PE 2.1 images.
Upgrade from a Previous Version of MDT Using ZTI Deployment with Systems Management Server If the environment runs a previous version of MDT using ZTI deployment with Systems Management Server, the following are the basic steps for upgrading to MDT 2008: 327.Install MDT 2008. Doing so automatically updates the existing MDT installation to MDT 2008. 328.Create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory to upgrade the scripts and tools in the distribution share directory. Back up the existing scripts as part of this process, if necessary. After performing this action, press F5 to refresh the nodes under the distribution share node. 329.Update each SMS 2003 OSD Feature Pack deployment point. 330.Modify the list of files needed in each SMS 2003 OSD Feature Pack program’s custom steps using SMS Administrative Console, then update the Systems Management Server distribution points. This step is necessary, because MDT 2008 includes some new files, and the upgrade removes some old files (related to servicing stacks). 331.If a ResourceRoot package or directory is used, make sure this directory contains a full copy of the Servicing directory in the distribution share directory. Be sure to update the distribution points if a package is used. This directory contains the servicing stack files for Windows Vista (RTM and SP1) and Windows Solution Accelerators
microsoft.com/technet/SolutionAccelerators
120
Microsoft Deployment Toolkit 2008
Server 2008. Without these files, MDT 2008 will be unable to inject drivers, updates, and language packs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Installing MDT 2008
121
MDT 2008 does not require Windows AIK 1.1 if only Windows Vista RTM, Windows XP, or Windows Server 2003 will be deployed. But if Windows Vista SP1 or Windows Server 2008 will be deployed, upgrade to Windows AIK 1.1. To upgrade to Windows AIK 1.1 332.Uninstall Windows AIK 1.0. 333.Restart the computer. 334.Install Windows AIK 1.1. Note The steps above are similar to those used for LTI deployment, because these two deployment methods share most of the MDT 2008 scripts and tools.
Upgrade from a Previous Version of MDT Using ZTI with System Center Configuration Manager If running a previous version of MDT using ZTI deployment with System Center Configuration Manager, the following are the basic steps for upgrading to MDT 2008: 335.Install MDT 2008. Doing so automatically upgrades the existing MDT installation to MDT 2008. 336.Integrate MDT 2008 with System Center Configuration Manager: a. Be sure Configuration Manager console is not running. b. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Configure ConfigMgr Integration. c.
Select Install the ConfigMgr extensions, provide the name of the site server and the site code, and then click Finish. The wizard copies the new MDT 2008 dynamic link libraries (DLLs) into the Configuration Manager console installation directory (for example, C:\Program Files\Microsoft Configuration Manager Console\AdminUI\bin) and updates the Windows Management Instrumentation (WMI) classes needed for the MDT 2008 custom task sequence steps.
b. All existing task sequences will continue to function and are unchanged. However, a new MDT 2008 tools package should be created for use with any new task sequences. If desired, update existing task sequences to use the new MDT 2008 tools package; however, a new task sequence must be created before doing so, because there is no way to create only a new MDT 2008 tools package. c.
MDT 2008 does not require Windows AIK 1.1 if only Windows Vista RTM, Windows XP, or Windows Server 2003 will be deployed. But if deploying Windows Vista SP1 or Windows Server 2008, upgrade to Windows AIK 1.1.
To upgrade to Windows AIK 1.1 337.Uninstall Windows AIK 1.0. 338.Restart the computer. 339.Install Windows AIK 1.1. Note When Windows AIK 1.1 is installed on the computer that will be used to run Configuration Manager console, the MDT 2008 Import Microsoft Deployment Task Sequence Wizard creates Windows PE 2.1 boot images (instead of the Windows PE 2.0 boot images created from Windows AIK 1.0).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
122
Microsoft Deployment Toolkit 2008
Note The System Center Configuration Manager team is working on instructions for installing Windows AIK 1.1 for use with System Center Configuration Manager. The basic steps above (uninstall, restart, install) should not cause any issues, but some additional steps are needed to replace the existing default boot images that System Center Configuration Manager created when it was first installed. (To move to System Center Configuration Manager SP1, Windows AIK 1.1— or more specifically, Windows PE 2.1—is required.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Sta r ting Dep lo yment Wor kbenc h To start Deployment Workbench, click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. Figure 1 shows Deployment Workbench.
Figure 1. Deployment Workbench As shown in Figure 1, the console tree contains the following items: •
Information Center. Expand this item to access breaking news about MDT 2008 and the components required for using it.
•
Distribution Share. Expand this item to view the operating systems, applications, operating system packages, and out-of-box drivers that the distribution share contains. Click any item beneath Distribution Share to view its contents in the details pane.
•
Task Sequences. Click Task Sequences in the console tree to see a list of task sequences in the details pane. To create a task sequence, right-click Task Sequences, and then click New. To configure a task sequence, right-click it in the details pane, and then click Properties.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
124
•
Microsoft Deployment Toolkit 2008
Deploy. Expand this item to see the Deployment Points and Database items. Click Deployment Points to see a list of deployment points in the details pane. To create a deployment point, right-click Deployment Points, and then click New. To configure a deployment point, right-click a deployment point in the details pane, and then click Properties. Click Database to edit the database. For more information about the database, see the MDT 2008 documents, Deployment Customization Guide and Microsoft Deployment Toolkit 2008 Samples Guide.
CAUTION Open only a single instance of Deployment Workbench. Opening two or more instances of Deployment Workbench can result in unpredictable behavior. Note When using Deployment Workbench on an operating system other than Windows Vista for tasks other than reviewing the documentation, log on to the computer using an account that is a member of the local Administrator group. Note When using Deployment Workbench on a computer that is running Windows Vista, always log on to the computer using an account that is a member of the local Administrator group. Tip The default Deployment Workbench view includes the Actions pane. Remove the Actions pane by opening MMC in Author mode. To open MMC in Author mode, open a Command Prompt window, and then run C:\Program Files\Microsoft Deployment Toolkit\Bin\DeploymentWorkbench.msc /a. Click View, and then click Customize. Clear the Actions pane check box, and then click OK. To save changes, from the File menu, click Save. When prompted to choose whether to display a single window interface, click Yes.
Program Folders Table 6 describes the subfolders in the MDT 2008 program folder (C:\Program Files\Microsoft Deployment Toolkit\) when installation is complete. Table 6. MDT 2008 Program Folders Subfolder
Description
Bin
Contains the Deployment Workbench MMC snap-in and supporting files.
Control
Contains configuration data for Deployment Workbench.
Documentation
Contains the documentation and job aids.
Downloads
Provides storage for components that Deployment Workbench downloads.
Management Pack
Contains the management pack files.
Samples
Contains sample task sequence scripts and Windows PE desktop background graphics.
SCCM
Contains task sequence templates and automation objects used during System Center Configuration Manager integration.
Scripts
Contains scripts that Deployment Workbench uses.
Templates
Contains template files that Deployment Workbench uses.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Starting Deployment Workbench
125
Distribution Share After the Distribution Share has been created, it contains the subfolders listed in Table 7. Table 7. MDT 2008 Distribution Folders Subfolder
Description
%OEM%
Provides storage for files to copy to the target computer during Windows installation.
Applications
Provides storage for application source files.
Boot
Provides storage for Windows PE boot images (.wim and .iso files); this folder does not appear until after updating a deployment point.
Captures
Provides storage for captured images.
Control
Contains configuration data for Deployment Workbench. The subfolders contain configuration data for each task sequence created in the workbench. Each subfolder is given a name that corresponds to the ID that was assigned to the task sequence when it was created in Deployment Workbench. Additionally, it contains folders for each deployment point. Each deployment point folder has a name based on a globally unique identifier (GUID).
Operating Systems
Contains source files for each operating system added to the distribution share using Deployment Workbench.
Out-of-Box Drivers
Provides storage for device drivers that do not ship with Windows.
Packages
Provides storage for packages to include in Windows.
Scripts
Contains deployment scripts.
Tools
Contains tools that MDT 2008 uses, including the Task Sequencer, for each supported platform (x86 and x64).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Upd ating R equ ir ed Co mponents After installing MDT 2008 and becoming familiar with Deployment Workbench, ensure that the following mandatory components are downloaded and installed: •
Windows AIK. Windows AIK is available from the Microsoft Download Center at the download location listed in the section, “Appendix A: Software Download Locations,” later in this guide. The component can be preinstalled if it is already downloaded. Also, Deployment Workbench can be used to download and install it. Note For information about which version of Windows AIK should be installed, see “Prerequisites for MDT 2008” earlier in this guide.
•
MSXML version 6.0. This component can be preinstalled, or Deployment Workbench can be used to download and install it. The Windows AIK distribution media include the MSXML version 6.0 installation file. Additionally, the installation file can be downloaded from the Web page listed in the section, “Appendix A: Software Download Locations,” later in this guide.
Deployment Workbench can download and install components. Perform the following steps to download and install components by using Deployment Workbench: 1. In Deployment Workbench, expand Information Center, and then click Components. 2. In the Available for Download section of the components pane, click a component; then, in the details pane, click Download. Deployment Workbench displays the download status in the components pane. When Deployment Workbench finishes downloading the component, it moves the component to the Downloaded section in the components pane. 3. In the Downloaded section of the components pane, click a downloaded component; then, in the details pane, click Install to install the component or click Browse to open the folder containing the component in Windows Explorer. Some components do not require installation or cannot be installed automatically by Deployment Workbench. After downloading a component that Deployment Workbench cannot install automatically, open the folder containing the component, and then install the component manually. Tip Check the Internet frequently for updated components. On the Deployment Workbench main menu bar, from the Action menu, click Check for Updates. On the Check for Updates page of the Check for Updates Wizard, select Check the Internet, and then click Check. Note The offline servicing kernel update, available with the Microsoft TechNet article, “When you use Windows Server 2003 or Windows XP to modify a Windows Vista registry hive, Windows Vista registry key flags are removed,” at http://support.microsoft.com/kb/926044, is required when using Deployment Workbench and Windows AIK on Windows XP with SP2 or Windows Server 2003 with SP1.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Team G ui dance MDT 2008 includes guides for the various teams that participate in a deployment project. The types of guides are: •
Technical guides. Focus on one particular technical area.
•
Reference guides. Contain reference content only and are formatted as lists (glossaries) and tables (properties). Reference guides do not contain narrative or step-by-step instructions.
Technical Guides MDT 2008 includes several technical guides: •
Application Packaging Guide. Provides guidance for repackaging applications.
•
Deployment Customization Guide. Describes how to customize LTI and ZTI deployments.
•
Microsoft Deployment Toolkit 2008 Samples Guide. Identifies deployment scenarios and corresponding configuration settings when deploying target computers using ZTI and LTI deployment. The sample configuration files in this guide can be used as a starting point.
•
Microsoft Deployment Toolkit 2008 Management Pack. Describes the installation and configuration of the management pack. The MDT 2008 Management Pack can provide detailed information about the MDT 2008 deployment process to IT Pros involved in the deployment and operations processes.
•
Image Customization Guide. Describes how to customize reference images by customizing the task sequence, developing custom scripts, customizing existing MDT 2008 scripts, working with SMS 2003 OSD Feature Pack variables, and so on. Includes information about customizing actions, such as disk, network, and role configuration.
•
Preparing for LTI Tools. Describes how to create a default installation of MDT 2008 for LTI deployment.
•
Preparing for Microsoft System Center Configuration Manager 2007. Describes how to create a default installation of MDT 2008 for ZTI deployment by using System Center Configuration Manager.
•
Preparing for Microsoft Systems Management Server 2003. Describes how to create a default installation of MDT 2008 for ZTI deployment by using Systems Management Server and the SMS 2003 OSD Feature Pack.
•
Microsoft System Center Configuration Manager 2007 Imaging Guide. Describes how to use System Center Configuration Manager to prepare for image creation and deployment.
•
User State Migration Guide. Describes key concepts and decisions regarding the use of USMT to migrate user state data from old configurations to the new configuration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
128
•
Microsoft Deployment Toolkit 2008
Workbench Imaging Guide. Describes how to use Deployment Workbench to prepare for image creation and deployment.
Reference Guides MDT 2008 also includes two reference guides: •
Toolkit Reference. Describes all customizable task sequence steps, properties that the customer can configure or use in scripts or in the Task Sequencer, and each script contained in the task sequence and customization points.
•
Troubleshooting Reference. Describes common error codes and failures. Where available, resolutions to certain issues are provided.
Other Documents MDT 2008 includes several templates that help teams manage the project. •
Quick Start Guide for Lite Touch Installation. This quick-start guide helps personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using MDT 2008 to install Windows operating systems by using LTI deployment.
•
Quick Start Guide for Microsoft System Center Configuration Manager 2007. This quick-start guide helps personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using MDT 2008 to install Windows operating systems by using System Center Configuration Manager.
•
Quick Start Guide for Microsoft Systems Management Server 2003. This quickstart guide helps personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using MDT 2008 to install Windows operating systems by using Systems Management Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix
A: Sof tw ar e D own load Loca ti ons
Software
Platform
Download location
MSXML version 6.0
Windows 2000; Windows Server 2003; Windows XP
http://www.microsoft.com/downloads/details.aspx?FamilyID=993C0BCF3BCF-4009-BE21-27E85E1857B1
MSXML version 3.0
Windows 2000; Windows Server 2003; Windows XP
http://www.microsoft.com/downloads/details.aspx?FamilyID=28494391052b-42ff-9674-f752bdca9582
MMC version 3.0
Windows Server 2003 x86
http://www.microsoft.com/downloads/details.aspx?FamilyID=4c84f80b908d-4b5d-8aa8-27b962566d9f
MMC version 3.0
Windows Server 2003 x64
http://www.microsoft.com/downloads/details.aspx?FamilyID=b65b9b175c6d-427c-90aa-7f814e48373b
MMC version 3.0
Windows XP Professional x86
http://www.microsoft.com/downloads/details.aspx?FamilyID=61fc1c6606f2-463c-82a2-cf20902ffae0
MMC version 3.0
Windows XP Professional x64
http://www.microsoft.com/downloads/details.aspx?FamilyID=1391d79c9699-487a-bbc5-f5471fae7169
Microsoft offline servicing kernel update
Windows XP; Windows Server 2003
http://support.microsoft.com/kb/926044/
Visual C++ runtime
Windows 2000
http://support.microsoft.com/kb/259403
Microsoft .NET Framework version 2.0
All x86
http://www.microsoft.com/downloads/details.aspx?FamilyID=0856eacb4362-4b0d-8edd-aab15c5e04f5
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
130
Microsoft Deployment Toolkit 2008
Software
Platform
Download location
Microsoft .NET Framework version 2.0
All x64
http://www.microsoft.com/downloads/details.aspx?FamilyID=b44a0000acf8-4fa1-affb-40e78d788b00
Windows Internet Explorer version 6 with SP1
All
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e1550cb5e5d-48f5-b02b-20b602228de6&displaylang=en
Windows AIK version 1.0
Windows Server 2003; Windows XP; Windows Vista
http://www.microsoft.com/downloads/details.aspx?FamilyID=C7D4BC6D15F3-4284-9123-679830D629F2
Windows AIK for Windows Vista SP1 and Windows Server 2008
Windows Server 2008; Windows http://www.microsoft.com/downloads/details.aspx?FamilyID=94bb6e34Server 2003; Windows XP; d890-4932-81a5-5b50c657de08 Windows Vista
Windows Installer version 3.1
Windows Server 2003; Windows XP; Windows 2000
http://www.microsoft.com/downloads/details.aspx?FamilyID=889482fc5f56-4a38-b838-de776fd4138c
Windows Script version 5.6
Windows XP; Windows 2000
http://www.microsoft.com/downloads/details.aspx?FamilyID=c717d9437e4b-4622-86eb-95a22b832caa
Windows Script version 5.6
Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyID=887fce82e3f5-4289-a5e3-6cbb818623aa
Windows XP SP3 Deployment Tools
Windows XP with SP2 or later
http://www.microsoft.com/downloads/details.aspx?familyid=673a10198e3e-4be0-ac31-70dd21b5afa7
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix B: Pr epar ing W indo ws 2000 Clien t Co mpute r s Complete the following steps to install the Visual C++ runtime on a computer running the Windows 2000 operating system. 340.Download the vc6redistsetup_enu.exe installation program. See the section, “Appendix A: Software Download Locations,” earlier in this guide for the download location. The installation program will not directly install in Windows 2000. 341.Extract the files by executing the command: Start /Wait <path>\vc6redistsetup_enu.exe /Q /C /T:%TEMP% && %TEMP%\vcredist.exe /C /T:%SYSTEMROOT%\Temp\KB259403 342.Copy the following extracted files from %SYSTEMROOT%\Temp\KB259403 to the %SYSTEMROOT%\System32 folder of the computer running Windows 2000: •
Asycfilt.dll
•
Atl.dll*
•
Atlu.dll
•
Comcat.dll*
•
Mfc42.dll*
•
Mfc42u.dll*
•
Msvcp60.dll*
•
Msvcirt.dll
•
Msvcrt.dll
•
Oleaut32.dll*
•
Olepro32.dll*
•
Stdole2.tlb.
Note
All files marked with an asterisk (*) require registration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix
C: Refer ences
The following educational and reference resources are available to assist in training deployment teams: •
Microsoft Help and Support article, “Description of Client Installation Wizard Screens for Remote Installation Services,” at http://support.microsoft.com/default.aspx?scid=kb;en-us;268325
•
Microsoft Help and Support article, “How to Add Third-Party OEM Network Adapters to RIS Installations,” at http://support.microsoft.com/default.aspx?scid=kb%3Benus%3B246184
•
Microsoft Help and Support article, “Ports that Systems Management Server 2003 uses to communicate through a firewall or through a proxy server,” at http://support.microsoft.com/default.aspx?scid=kb;en-us;826852
•
Microsoft Help and Support article, “‘The operating system image you selected does not contain the necessary drivers for your network adapter’ error message during the text-mode part of Setup when you deploy an operating system image by using RIS,” at http://support.microsoft.com/?id=823658
•
The white paper, “Deploying and Managing the Windows Deployment Services Update on Windows Server 2003,” at http://go.microsoft.com/fwlink/?LinkId=81031
•
Windows Deployment Services Update Step-by-Step Guide, which is included in the System Center Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx
•
Windows Server 2008 Security Guide at http://www.microsoft.com/technet/security/prodtech/windowsserver2008/default.mspx
•
Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included in the SMS 2003 OSD Feature Pack
•
Windows Vista Security Guide at http://go.microsoft.com/?linkID=5744573
Microsoft® Deployment Toolkit 2008
Template User Instructions
133
Image Customization Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, BitLocker, PowerShell, Visual Basic, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This guide describes how to customize reference images by customizing the task sequence, developing custom scripts, customizing existing scripts, adding applications, and customizing actions. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
This guidance extends the Microsoft® Deployment Toolkit (MDT) 2008 documents Workbench Imaging Guide and Microsoft System Center Configuration Manager 2007 Imaging Guide. Table 1 lists the reference guides that will assist in finding the correct information to configure and set up Deployment Workbench, Microsoft Systems Management Server (SMS) 2003, and Microsoft System Center Configuration Manager 2007. Table 1. Related Imaging Guide References Guide
This document
Getting Started Guide
Describes new MDT 2008 features, product supportability, installation prerequisites and procedures, and documentation
Workbench Imaging Guide
Describes how to use Deployment Workbench to prepare for image creation and the deployment process
Microsoft System Center Configuration Manager 2007 Imaging Guide
Describes how to use System Center Configuration Manager to prepare for image creation and the deployment process
Preparing for Microsoft System Center Configuration Manager 2007
Describes how to create a default installation of MDT 2008 for Zero Touch Installation (ZTI) using System Center Configuration Manager
Preparing for Microsoft Systems Management Server 2003
Describes how to create a default installation of MDT 2008 for ZTI using Systems Management Server and the SMS 2003 Operating System Deployment (OSD) Feature Pack
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom Ima ges In some limited situations, the new Windows Imaging Format (WIM) in Windows Vista and Windows Server 2008 can act as master images for deployment without further customization. However, most organizations will find that they must build custom images to satisfy their deployment requirements. Windows XP and Windows Server 2003 must be installed and then captured into an image format that can then be deployed using Lite Touch Installation (LTI) deployment, ZTI deployment, Systems Management Server, and System Center Configuration Manager. The most common requirements for building custom images fall into the following categories: •
Configuring common system settings for use by multiple users
•
Adding core applications to an operating system
•
Adding operating system updates or fixes
•
Adding device drivers needed to support different hardware
•
Adding additional language support for worldwide deployments
MDT 2008 provides technologies that enable all of these customizations and the choice of when to perform them.
Thick or Thin Images Image customization invariably brings up discussions of whether images should contain the operating system files only (thin image) or the application software as well (thick image). Thin images are primarily composed of the operating system files without additional applications already installed. Operating system settings may be configured as part of a thin image, but no additional files beyond those that are part of the operating system proper are included. It may be decided that the deployment process is robust enough to deploy required applications as a separate process rather than build those applications into the image. Thick images include the base operating system files and typically any core applications that the majority of the organization’s users employ. The addition of language resources, driver libraries, and (in many cases) source media for the operating system and certain applications increases the size of these images significantly. Windows Vista images are larger than their Windows XP base equivalents. Images that include Windows Vista as well as Microsoft Office images are larger still. Ultimately, the way the target computers are used may decide whether thick or thin images are used. Also, the infrastructure and tools used in the deployment process will influence whether thick or thin images are used. The same principles apply to server images. Windows Server 2008 images are larger than their Windows Server 2003 counterparts, unless the Server Core installation option of the Windows Server 2008 operating system is used.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Mod if ying Task Sequen ces This section describes the steps required to modify the default task sequences during the addition of an operating system to Deployment Workbench and System Center Configuration Manager. The Task Sequencer runs the task sequence top to bottom in the order specified. Each task in the sequence is a step, and steps can be organized into groups and subgroups. Deployment Workbench is used to create a new task sequence for that image deployment or performs similar functions in Configuration Manager console. Task sequences contain the following types of items: •
Tasks. Within a task sequence, tasks do the actual work. Tasks are commands that the Task Sequencer runs during the sequence, such as partitioning the disk, capturing user state, and installing the operating system. In the default task sequence, most tasks are commands that run scripts.
•
Groups. The task sequence can be organized into groups—folders that can contain subgroups and tasks. Groups can be nested as necessary. For example, the default task sequence puts tasks in groups by phase and deployment type.
Groups are especially useful for filtering, because an entire collection of tasks can be run based on given conditions. Note The Task Sequencer used in MDT 2008 requires that the Create Global Object right be assigned to credentials used in running Deployment Workbench and the deployment process. This right is typically available to accounts with administrative-level permissions (unless explicitly removed). The Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed through MDT 2008. For additional information, see the Windows Vista Security Guide at https://www.microsoft.com/downloads/details.aspx?familyid=A3D1BBED-7F35-4E72-BFB5B84A526C1565&displaylang=en.
Deployment Workbench Deployment Workbench uses task sequences to order tasks during the operating system deployment process. Task sequences can be customized for the needs of the imaging environment using Deployment Workbench. LTI is used to build master images for deployment with the Lite Touch Deployment Wizard and to capture them for use with the SMS 2003 OSD Feature Pack. System Center Configuration Manager has its own built-in image-build procedure that uses a task sequence in a similar fashion.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Operating System Packages To add operating-system packages, including language packs and operating system updates, to the distribution share, complete the following steps: 343.In Deployment Workbench, expand the Distribution Share node. 344.Right-click OS Packages, and then click New to start the New Package Wizard. 345.On the Select the location of the package files tab, type the path containing the package files to be added to the distribution share, and then click Add. Deployment Workbench adds all the packages it finds in the folder and subfolders. After packages are added to the distribution share, they appear in the OS Packages details pane. The packages also appear in the distribution share in the Packages folder. Note Deployment Workbench only supports the import of Windows Vista and Windows Server 2008 operating system packages.
By default, packages added to the distribution share are included as part of the LTI image-build process. But each package can be individually enabled or disabled and—in the case of language packs—hidden from the Lite Touch Deployment Wizard. Enabling a specific operating system package amounts to approving the installation as part of an image build. Note For silent installation of Windows Vista operating system updates that are natively delivered as .msu files, install the update available with the Microsoft Help and Support article, “When you run Wusa.exe together with the /quiet option to try to install certain software packages on a Windows Vista-based computer, the installation fails,” at http://support.microsoft.com/kb/929761 in all Windows Vista images. This update to the Windows Update Standalone installer fixes an issue in which updates with an embedded End User License Agreement (EULA) fail to install silently with the /quiet option.
Languages Operating system language packs are added in the same way as updates using the New Package Wizard in Deployment Workbench. Because each language pack can be hidden or disabled, it is easy to create images that have only a subset of the supported languages for delivery within a specific geographic region. Some language packs are large; therefore, it may not be the best practice to add all languages to a master image. At deployment time, the MDT 2008 database can be queried with location information to install needed language resources.
Updates Updates can be applied to task sequences to keep the images up to date for security and additional software fixes. Updates can be added during the initial creation of the task sequence or as a secondary process after the task sequence is created. The default Deployment Workbench task sequences will automatically install the needed updates when the image is deployed. This will normally be done while the system is booted into Windows Preinstallation Environment (Windows PE) by updating an Unattend.xml file with appropriate settings to allow Windows Vista or Windows Server 2008 Setup to inject the updates offline.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide
5
Some operating system updates may be considered additional features—for example, the update for Windows PowerShell™, which is available in the Microsoft TechNet article “Windows PowerShell 1.0 Installation Package for Windows Vista,” at http://support.microsoft.com/kb/928439. It may be decided that this particular update won’t be added to Windows Vista images but as a separate application. To add an operating system package such as this, create a new application in the distribution share, and then open a Command Prompt window to deploy the update through Windows Update Standalone installer (Wusa.exe) with the /quiet option.
Out-of-Box Drivers Out-of-box drivers contain drivers that either were not delivered as part of the Windows operating system itself or are later versions released since the original operating system release. It is also common for original equipment manufacturers (OEMs) to release specific versions of otherwise-generic drivers that enable particular features of their hardware implementation. The Out-of-Box Drivers listing can be edited to contain groups that help identify which drivers are associated with different platforms and computer types. Using the driver groups feature of Deployment Workbench can assist in building hardware-specific images as well as offer additional, deployment-time dynamic driver injection. In addition, the drivers will be available for use with Windows PE as well as operating system images. For Windows PE use, network drivers and storage controller drivers are needed most. To add a group classification to an Out-of-Box Drivers listing 346.Open Deployment Workbench, and then expand Distribution Share. Click Out-ofBox Drivers, select driver (where driver is the name of the driver to add to a group), and then click Properties. 347.In the Driver Properties dialog box, click the Groups tab. 348.Click Add to open the New Driver Group dialog box. Type the desired name of the driver group, click OK, and then click OK again to close the Driver Properties dialog box. Note Groups can also be created during the addition of drivers using the Add Group button on the Specify Directory page of the New Driver Wizard. For additional information about the New Driver Wizard, refer to the MDT 2008 document, Workbench Imaging Guide.
Good practice is to create a Windows PE group and add any storage controller or network adapter to this driver group to enable these drivers when customizing Windows PE.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Windows XP or Windows Server 2003 Storage Drivers Special consideration should be given to Windows XP and Windows Server 2003 drivers —especially storage-controller drivers. Create these legacy Windows images with any required storage-controller drivers present when first executing the System Preparation Tool (Sysprep). To ensure that this process works properly, complete the following steps: Note The $OEM$ structure mentioned below is a method of copying an intact folder structure from the distribution share onto the partition on which the Windows operating system is being installed. This process is thoroughly documented in the Setup documentation for every Windows operating system.
349.Download the most recent Windows Hardware Qualified drivers from the OEM. 350.Extract these drivers to the distribution share in an $OEM$ structure, such as \\Servername\Distribution$\Control\\$OEM$\$1\Drivers\StorageDriverName where is the name of the task sequence for Windows XP with Service Pack 2 (SP2) or Windows Server 2003 image deployment and StorageDriverName is a generic name for the driver, such as IASTOR for the Intel Matrix Storage Manager. 351.Open the .inf files included with the drivers to discover the Plug and Play IDs for the drivers. These IDs will appear in lines such as ExcludeFromSelect=PCI\VEN_8086&DEV_282A&CC_0104 and typically have multiple lines in a single storage-controller driver file. Each ExcludeFromSelect line must be translated into the format used for Sysprep.inf so that there is a single line for each Plug and Play ID that points to the location of the driver .inf file associated with the ID. For example: PCI\VEN_8086&DEV_2652&CC_0106="C:\DRIVERS\IASTOR\IAAHCI.INF" Good practice is to collect each individual line into a single text file in a text editor such as Microsoft Notepad, and then copy it into the Sysprep.inf file located in the \\Servername\Distribution$\Control\Task_Sequence folder. 352.Set the BuildMassStorage value to YES, and copy all the lines into the Sysprep.inf file under the [SysprepMassStorage] section, as follows: [Sysprep] BuildMassStorageSection = YES [SysprepMassStorage] PCI\VEN_8086&DEV_2652&CC_0106="C:\DRIVERS\IASTOR\IAAHCI.INF" PCI\VEN_8086&DEV_2653&CC_0106="C:\DRIVERS\IASTOR\IAAHCI.INF" PCI\VEN_8086&DEV_27C1&CC_0106="C:\DRIVERS\IASTOR\IAAHCI.INF" When the command sysprep –reseal –shutdown is run on the Windows XP or Windows Server 2003 computer, Sysprep locates the needed drivers and injects them into the prepared image. Note There is a known issue with deploying Windows XP and Windows Server 2003 images with Windows PE version 2.0. See the Microsoft Help and Support articles, “You cannot install Windows XP successfully after you use Windows Vista or Windows PE 2.0 to create partitions on a hard disk,” at http://support.microsoft.com/?id=931760, and “You cannot install Windows Server 2003 successfully after you use Windows Vista or Windows PE 2.0 to create partitions on a hard disk,” at http://support.microsoft.com/?id=931761, for available fixes and workarounds.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide
7
Applications The first step in adding applications to an image is to add them to the distribution share. Deployment Workbench can install the application from its original network location, or it can copy the application source files to the distribution share. In either case, the commands for installing the application are specified when the application is added to the distribution share. In addition, individual applications can be added as needed to an individual task sequence for more granular image builds. As mentioned earlier, an application such as Windows PowerShell, which is released as a Windows Vista update, could be added as an application by first adding it as a new application with the command WUSA.EXE /quiet to install the Windows6.0-KB928439-x86.msu file (or the Windows6.0-KB928439x64.msu file). To add Windows PowerShell 353.In Deployment Workbench, expand the Distribution share. 354.Right-click the Applications node, and then click New. 355.In the New Application Wizard, select Application with source files, and then click Next. 356.Complete the Details page appropriately with the Windows PowerShell name. (The other fields are optional.) 357.On the Source page, browse to the folder in which the Windows6.0-KB928439x86.msu file resides, and then click OK. Click Next. 358.On the Destination page, leave the default name of Windows PowerShell, and then click Next. 359.On the Command Details page, type wusa.exe /quiet Windows6.0-KB928439-x86.msu 360.Leave the Working directory field as is, and then click Finish. To hide the application in the wizard, right-click the new application, and then click Properties. In the Properties dialog box, select the Hide this application in the Deployment Wizard check box, and then click OK. To create a new task to install Windows PowerShell individually 361.In Deployment Workbench, right-click the task sequence to modify, and then click Properties. 362.On the General tab, select the Hide this task sequence in the Deployment Wizard check box to prevent the task sequence from appearing. 363.On the Task Sequence tab (which serves at the editor in Deployment Workbench), go to the State Restore phase. 364.If the task sequence has a Restore User State task, select this task, and then click Add. Beneath the general tasks, select Install Application. Note
Use the Up and Down buttons to order the added task as needed.
If the newly added application was selected, note that on the Properties tab, a single application can be installed and Windows PowerShell can be selected from the list. Note Use this method to install individual applications to give more granularity to the image customization.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
System Center Configuration Manager Unlike Systems Management Server, System Center Configuration Manager has the ability to create images natively without direct need of MDT 2008. However, the integration of MDT 2008 with System Center Configuration Manager combined with the ability to import task sequences from MDT 2008 provides additional granularity and functionality. System Center Configuration Manager does not use any of the application, operating system, or driver packages from Deployment Workbench. Instead, System Center Configuration Manager packages are defined for applications, operating system packages, and drivers as part of an image-customization process. By modifying the image-build task sequence in System Center Configuration Manager, the details of the build can be defined with significant granularity.
Use System Center Configuration Manager Packages with MDT 2008 Because System Center Configuration Manager maintains applications, operating system packages, and drivers in a fairly uniform fashion, it is easy to use the System Center Configuration Manager tools to create new packages and to add them as needed to an individual task sequence. Operating system packages (or updates) and language packs are installed as part of the new Software Update Point feature in System Center Configuration Manager. Individual updates or multiple updates or language packs are selected as needed and then individually installed as part of a task sequence.
Operating System Packages, Drivers, and Language Packs System Center Configuration Manager natively installs operating system packages, drivers, and language packs online after it has installed the operating system. For Windows Vista and Windows Server 2008, MDT 2008 can install these elements as part of a task sequence offline, while booted into Windows PE, and automate this installation in a just-in-time fashion. For example, the default MDT 2008 task sequence for import into System Center Configuration Manager has a task already configured named Auto Apply Drivers, which automatically installs all relevant drivers to an image offline. This offline driver management means that when the computer starts for the first time, all the drivers needed are already present on the computer, virtually guaranteeing a successful deployment. Language packs can be installed either offline or online by adding Install Language Packs Offline or Install Language Packs Online to the appropriate section of the task sequence used to create the master image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide
9
Add Applications to a Task Sequence Adding a specific application to a task sequence in Configuration Manager console is as simple as adding one in Deployment Workbench. To add an application to a task sequence 365.In Configuration Manager console, expand Operating System Deployment. Select the task sequence to modify, and then click Edit. 366.Locate the State Restore phase of the task sequence, and then find an appropriate location in which to add the Install Software task. Application installation should typically occur before the Restore User State step or a step such as Install Software Updates that may affect the installed application. 367.Click Add. In the General group, select the Install Software task. 368.Modify the properties, and then select the Install a single application option. Click Browse to select the application to install, and then select the associated program from the list. Note When making an addition or change to a task sequence, use the Up and Down buttons to move the task to the proper location.
369.When all necessary changes have been made, click Apply to save changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Scr ipt Use in MDT 2008 Scripts provide the automation of the image-build and overall deployment process. They scan the configuration files, query the configuration database, evaluate environment variables to determine the rules to be used when deploying the images to the target computers, and perform many other intricate deployment tasks. MDT 2008 uses both Microsoft Visual Basic® Scripting Edition (VBScript—.vbs) and Windows Script file (.wsf) scripts. Typically, there is no need to modify one of the delivered scripts. If a modification is necessary, instead of modifying one of the delivered scripts, copy the script to a new file, update it, and thoroughly test the effect of any change. The scripts create log files as the scripts automate the deployment process. The log files record the status of the deployment process and can be used to assist in troubleshooting this process.
Develop Custom Scripts New scripts can be developed for use in LTI and ZTI deployments. These scripts should be in the form of .vbs or .wsf files. For examples of scripts that Deployment Workbench uses, open the installation path of the distribution share and then open the Scripts folder. Microsoft does not support customized and custom scripts. Before describing how to create a script, it is best to review how the scripts included with MDT 2008 are constructed. The standard MDT 2008 script is a .wsf file, which allows references to be made to functions that are contained in other scripts. MDT 2008 scripts leverage this functionality by referencing a script called ZTIUtility.vbs, which is used to initialize the MDT 2008 environment and setup classes. The script defines several standard objects that need not be declared in the script: •
oFSO. File System Object
•
oShell. WScript Shell object
•
oEnv. Process Environment object
•
oNetwork. WScript Network object
Four classes are defined that perform several standard tasks: •
Environment. This class configures environment variables gathered through Windows Management Instrumentation (WMI) and MDT 2008 rule processing, allowing for direct reference from the script.
•
Logging. This class provides the logging functionality that all MDT 2008 scripts use, creating a single log file for each script and a consolidated log file of all scripts.
•
Utility. This class provides general utility functionality.
•
Database. This class performs functions such as connecting to databases and reading information from databases.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
11
Environment Class This class is referenced in scripts through the oEnvironment object. For example, change the computer name to Example by using the following command: oEnvironment.Item("ComputerName") = "Example" Or, to determine whether this is a 32-bit or 64-bit architecture, query the architecture by using the following command: oEnvironment.Item("Architecture")
Logging Class This class is referenced in scripts through the oLogging object. When creating an informational log entry, use the following command: oLogging.CreateEntry "Informational message", LogTypeInfo When creating an error log entry, use the following command: oLogging.CreateEntry "An error occurred",LogTypeError
Utility Class This class is referenced in scripts through the oUtility object. To determine the name of the current script, use the following command: oUtility.ScriptName To find the location of a file, use the following command: iRetVal = oUtility.FindFile("CustomSettings.ini", sIniFile)
Database Class This class is referenced in scripts through the oDatabase object. There is generally no need to use the database class directly; instead, use rule processing to perform database lookups.
Create New Scripts Scripts can also be created for use in the imaging process and called by adding them to the Task Sequence Editor and ultimately adding them to the TS.xml file. Listing 1 shows a template for creating custom scripts. Listing 1. Custom Script Template <job id="Z-Sample"> <script language="VBScript" src="ZTIUtility.vbs"/> <script language="VBScript"> ' //*************************************************************** ************ ' // ***** Script Header ***** ' // ' // Solution: Solution Accelerator for Microsoft Deployment Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
' // File: Z-Sample.wsf ' // ' // Purpose: Template ' // ' // Usage: cscript Z-Sample.wsf [/debug:true] ' // ' // Customer Build Version: 1.0.0 ' // Customer Script Version: 1.0.0 ' // Customer History: ' // ' // ***** End Header ***** ' //*************************************************************** ************ '//--------------------------------------------------------------------------'// '// Global constant and variable declarations '// '//--------------------------------------------------------------------------Option Explicit Dim iRetVal '//--------------------------------------------------------------------------'// End declarations '//--------------------------------------------------------------------------'//--------------------------------------------------------------------------'// Main routine '//--------------------------------------------------------------------------On Error Resume Next iRetVal = ZTIProcess ProcessResults iRetVal On Error Goto 0
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
13
'//-------------------------------------------------------------------------'// '// Function: ZTIProcess() '// '// Input: None '// '// Return: Success - 0 '// Failure - non-zero '// '// Purpose: Perform main ZTI processing '// '//-------------------------------------------------------------------------Function ZTIProcess() iRetVal = Success ZTIProcess = iRetval '!!!!!!!!!!!
INSERT YOUR CODE HERE
!!!!!!!!!!!!
End Function At a high level, complete the following steps to add a custom script: 370.Create the script based on the template. 371.Place the script in the \Distribution\Scripts folder. 372.Create an application in Deployment Workbench that references this script. 373.Add the application to the build-task sequence. Follow these guidelines when creating a script: •
Always declare variables.
•
Only create objects where required, because MDT 2008 includes most objects that are needed.
•
Verify that the ZTIUtility provides the functionality required before writing a function.
•
Script names should always start with a Z, because MDT 2008 replicates only those scripts beginning with Z to other deployment points.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Listing 2 shows an example of a script that checks for an Encrypting File System (EFS) key and beta 2007 Microsoft Office system code on the target computer. Listing 2. Script to Check for EFS Keys or Beta Versions of the 2007 Office System <job id="LTIGetFolder"> <script language="VBScript" src="ZTIUtility.vbs"/> <script language="VBScript" src="WizUtility.vbs"/> <script language="VBScript"> ' //*************************************************************** ************ ' // ' // Microsoft IT Verify ' // ' // Verify that the local machine is ready for installation.... ' // ' // Checks to see if you have any EFS Keys, or a beta version of Office 2007 ' // ' //*************************************************************** ************ Option Explicit '//--------------------------------------------------------------------------'// Main routine '//--------------------------------------------------------------------------Dim iRetVal On Error Resume Next iRetVal = ZTIProcess ProcessResults iRetVal On Error Goto 0
'//-------------------------------------------------------------------------'// '// Function: ZTIProcess() '// Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
15
'// Input: None '// '// Return: Success - 0 '// Failure - non-zero '// '// Purpose: Perform main ZTI processing '// '//-------------------------------------------------------------------------Function ZTIProcess() dim CheckForEFS, sError ZTIProcess = Success If oEnvironment.Item("DeploymentType") = "UPGRADE" then ' -------------------------------------------------------' Check for EFS keys in the registry. On Error Resume Next CheckForEFS = empty CheckForEFS = oShell.RegRead("HKCU\Software\Microsoft\Windows NT\CurrentVersion\EFS\CurrentKeys\CertificateHash") On Error goto 0 if not isempty(CheckForEFS) then sError = "Warning: Please backup your EFS certificate." & vbNewLine & "More info: http://go.microsoft.com/fwlink/?LinkId=79038" oLogging.CreateEntry sError, LogTypeWarning if MsgBox(sError & vbNewLine & "Press OK to continue", vbOKCancel) = vbCancel then ZTIProcess = Failure exit function end if end if ' -------------------------------------------------------' Ensure there are no old versions of Microsoft Office 2007 on the local machine. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
if HasOldOffice then sError = "Warning: Please Manually remove all Beta Office 2007 Components." oLogging.CreateEntry sError, LogTypeWarning if MsgBox(sError & vbNewLine & "Press OK to continue", vbOKCancel) = vbCancel then ZTIProcess = Failure exit function end if end if end if ZTIProcess = Success End Function
Function HasOldOffice DIM oApplications, oApplication DIM sQuery ' Enumerate through all applications installed on the local machine, Looking for pre-RTM Office versions. sQuery = "(Name LIKE 'Microsoft Office%2007' or Name LIKE 'Microsoft Expression Web') and Version <> '12.0.4518.1014'" set oApplications = objWMI.ExecQuery("SELECT * FROM Win32_Product WHERE " & sQuery) HasOldOffice = oApplications.Count > 0 for each oApplication in oApplications ' Filter out MUI and Proof Packages if instr(1, oApplication.Name, "MUI", vbTextCompare ) = 0 and instr(1, oApplication.Name, "Proof", vbTextCompare ) = 0 then
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
17
oLogging.CreateEntry "Old version of: '" & oApplication.Name & "' = " & oApplication.Version , LogTypeWarning end if next end function
To add a custom script to a task sequence 374.Open Deployment Workbench, and then expand Distribution Share. 375.Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Properties. 376.Click the Task Sequence tab. 377.Click Add, click General, and then click Run Command Line. Select the script to run in the task sequence by adding it to the Command Line box. Leave Start in blank, and then click OK to complete the procedure. Note To avoid excessive use of the Up and Down buttons to move the application installation task, select the appropriate section in the task sequence, and then add the task.
After completing this process, Deployment Workbench updates the TS.xml file with the changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
WM I Que ri es The Task Sequencer can filter tasks and groups based on WMI queries, which provide an efficient means to retrieve object instances or data about a computer. Use WMI Query Language (WQL), where the query string defines the specific data resulting in a successful match. For example, use a WMI query to query and return values of all the instances of a specific class. For more information about WQL, see “Querying with WQL” at http://msdn2.microsoft.com/en-us/library/aa392902.aspx. To add a WQL query to the Conditions list 378.On the Options tab, click Add, Query WMI to display the Task Sequence WMI Condition dialog box. 379.In the WMI namespace box, type the WMI namespace in which to run the query. The default namespace is root\cimv2. 380.In the WQL query box, type the WQL query. If the query returns at least one row, it evaluates to True. If it returns zero rows, it evaluates to False. Listing 3 shows an example of a WQL query that verifies at least one local fixed disk exists. Listing 3. Example of WMI Query that Verifies at Least One Local Fixed Disk Exists SELECT DeviceID FROM Win32_LogicalDisk WHERE MediaType = 12
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom iz ing A ct ions This section describes the customizable actions available for disks, network configuration, and role configuration in Deployment Workbench and System Center Configuration Manager. Using these customizations, multiple disks can be created in a task sequence and the network configuration information can be retrieved and input into the image. One reason these new capabilities are important is that the common use of larger hard disks on most new systems combined with a desire to separate data and operating system partitions brings a real need for disk management and customization. Deployment Workbench and System Center Configuration Manager gain feature parity in both disk configuration and network configuration. Another problem that has been seen in many environments is that they do not support Dynamic Host Configuration Protocol (DHCP) and thus need granular control of assigning static IP addresses. The new networking customizations give that necessary ability across the tools in a similar manner. This fixes the problems that administrators have seen with static addresses in Windows PE, as well.
Deployment Workbench Customizations Any of the task sequences used for LTI deployments and to build master images can be customized in the manner mentioned previously.
Disk Customization The primary interest in disk customization is expressed by the need for multiple partitions, typically to create secondary partitions for storing data. Custom disk partitions are only supported in New Computer scenarios, and MDT 2008 still installs the operating system to Disk 0 Partition 1 for all Windows operating systems. Automated imaging that expects to have free reign over the drive configuration is either unable to deal with such a partition in an automated fashion or fails its deployment because of this type of configuration. In addition, having coherent drive assignments when using Windows PE versus under the operating system proper has presented problems. As an example of these capabilities, this section shows how to modify the existing Format and Partition Disk action, which is part of the default LAB task sequence: 381.In Deployment Workbench, go to the Task Sequences node. 382.Right-click an operating system task sequence (such as the default LAB task sequence), and then click Properties. 383.Click the Task Sequence tab. Then, select Preinstall\New Computer Only\Format and Partition Disk. The Properties tab shows that the disk is laid out as a single primary partition with the label OSDisk. In addition, the drive is formatted as an NTFS file system.
20
MSDN 2.0
384.Click the description in the Volume box, and then click the Edit icon (the icon that shows a hand with a picture of a notepad). The Partition Properties dialog box appears. 385.To illustrate the possibilities, change the Use a percentage of remaining free space setting from the default 100% to 50%, and then click OK. 386.Click New settings (the star icon), complete the dialog box as follows, and then click OK: •
Partition name: Data
•
Partition type: Primary
•
Use a percentage of remaining free space: 50%
•
File system: NTFS
387.Select the Quick format check box. 388.Click Apply to save the changes to this task sequence. With this kind of control over the partitioning of the disk, imaging with MDT 2008 can be easily configured as needed.
Network Customization In a similar fashion to additional settings for disk configuration, the network-customization features offer increased capabilities. To modify network settings in Windows PE 389.In Deployment Workbench, go to Task Sequences. 390.Right-click an operating system task sequence, and then click Properties. 391.Click the Task Sequence tab. Then, select Preinstall\Gather Local Only. 392.Click Add, click Settings, and then click Apply Network Settings. 393.On the Properties tab in the right pane, click the yellow star to add new network settings. 394.In the Network Settings dialog box, on the General tab, type the name of the network adapter type. (This name should be one of the known network adapters on the computer—for example, Broadcom.) 395.Select Use the following IP address. Then, click the yellow star in the Network Settings group, complete the dialog box as follows, and click Add: •
IP Address: 10.10.10.100
•
Subnet mask: 255.255.248.0
396.Click the yellow star in the Gateway Settings group, type the IP address 10.10.10.1, and then click OK. 397.Click the DNS tab, and then select Use the following DNS Servers. Click the yellow star, type 10.10.10.200, and then click Add. In the DNS Suffix field, type woodgrove.com, and then click OK to save these settings. 398.Click Apply to save these task sequence settings. These are just a few of the configuration capabilities available for both disk and network configurations as part of the image-customization features.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
System Center Configuration Manager Customizations Disk customizations and network customizations can be made in System Center Configuration Manager.
Disk Customization Add and remove customized disk actions within a task sequence to meet specific organizational requirements for images. To add disk customizations in System Center Configuration Manager 399.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 400.Right-click the task sequence from the details pane, and then click Edit. 401.On the Sequence Editor tab, click Add, click Disks, select from the following options, and then click OK: Format and Partition Disk: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
In the Disk number box, type the disk to be formatted. The first disk number is 0.
•
From the Disk Type list, select MBR (Master Boot Record) or GPT (globally unique identifier [GUID] Partition Table) according to the type of partitioning system to be used. (For more information on MBR and GPT, see “Partition styles” at http://technet2.microsoft.com/windowsserver/en/library/4b35160a-4e27-42589e8b-e2088f8a757a1033.mspx).
•
Click New to create a new partition in the disk. Follow the directions in the Partition Properties dialog box.
Convert Disk to Dynamic: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
In the Disk number box, type the disk to be converted. The first disk number is 0. (For more information, see “Basic and Dynamic Disks” at http://msdn2.microsoft.com/en-us/library/aa363785.aspx.)
Enable BitLocker: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
Select Current operating system drive to encrypt the operating system drive, or select Specific drive to encrypt any other drive. (For more information on Windows BitLocker™ Drive Encryption, see the Windows Vista Products page at http://www.microsoft.com/windows/products/windowsvista/features/details/bitlock er.mspx.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
MSDN 2.0
Disable BitLocker: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
Select Current operating system drive to encrypt the operating system drive, or select Specific drive to encrypt any other drive.
To remove disk customizations from a System Center Configuration Manager task sequence 402.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 403.Right-click the task sequence from the details pane, and then click Edit. 404.On the Sequence Editor tab, click one of the following options in the left pane, click Remove, and then click Yes when prompted: •
Format and Partition Disk
•
Convert Disk to Dynamic
•
Enable BitLocker
•
Disable BitLocker
Network Customization Add and remove customized network actions in a task sequence to meet specific organizational requirements for images. To add network customizations in System Center Configuration Manager 405.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 406.Right-click the task sequence from the details pane, and then click Edit. 407.On the Sequence Editor tab, click Add, and then click Settings. Select from the following options, and then click OK: Capture Network Settings: •
Select Migrate domain and workgroup membership to maintain the current domain and workgroup settings of the target computer in the new operating system installation.
•
Select Migrate network adapter configuration to maintain the current network adapter settings of the target computer in the new operating system installation.
Capture Windows Settings: •
Select Migrate computer name to maintain the current computer name of the target computer after the new operating system installation.
•
Select Migrate registered user and organization names to maintain the current user and organization names used in the target computer in the new operating system installation.
•
Select Migrate Timezone to maintain the current time zone used in the target computer in the new operating system installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
23
Apply Network Settings: •
Use this option to set the domain or workgroup configuration for the new operating system installation.
Apply Windows Settings: •
Use this option to set the user, company name, and licensing information for the new operating system installation.
To remove network customizations in System Center Configuration Manager 408.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 409.Right-click the task sequence from the details pane, and then select Edit. 410.On the Sequence Editor tab, click one of the following options in the left pane, click Remove, and then click Yes when prompted: •
Capture Network Settings
•
Capture Windows Settings
•
Apply Network Settings
•
Apply Windows Settings
Microsoft® Deployment Toolkit 2008 Microsoft Deployment Toolkit Management Pack
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Solution Accelerators
MSDN 2.0
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack
xxv
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, SQL Server, Visual Basic, Windows, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Micr oso ft Depl oymen t T oolk it Mana gement Pac k The Microsoft® Deployment Toolkit (MDT) 2003 Management Pack (Management Pack) monitors the status of the MDT 2008 process, including automated deployment by using Lite Touch Installation (LTI), Microsoft System Center Configuration Manager 2007, and Microsoft Systems Management Server (SMS) 2003 operating system deployment processes. By detecting and alerting on and critical events and performance indicators, this Management Pack reduces the time required to resolve issues in deployments that MDT 2008 automates. As a result, when client computers are deployed using these methods, the Management Pack reduces the total cost of ownership (TCO). Note In addition to the reports in this Management Pack, the Microsoft System Center Operations Manager 2007 Operations Console or Web Console can be used to help resolve alerts, view events, view computer attributes, and so on.
Document Version This documentation was released in July 2008.
Get the Latest Management Pack and Management Pack Documentation The latest version of this Management Pack and the Management Pack documentation is included in the MDT 2008 .msi file. To obtain the latest version of this file, go to Solution Accelerators at http://microsoft.com/technet/SolutionAccelerators.
What’s New The Management Pack has been significantly updated and improved. Key improvements include: •
Full support of the System Center Operations Manager health model and other features. Note
The Management Pack is not compatible with Microsoft Operations Manager 2005.
•
Developed completely as a Microsoft .NET application (instead of Microsoft Visual Basic® scripts).
•
Writes tracing information to assist in debugging.
•
A service that runs on a Windows®-based computer and that collects monitoring information, then stores the information in the Operations Manager database.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2
Microsoft Deployment Toolkit 2008
•
A wizard to assist in deploying and configuring the service.
•
Collection of MDT 2008 events from multiple EventShare locations, including local folders or shared network folders.
•
Collection of status messages from multiple computers running either Systems Management Server or System Center Configuration Manager.
•
All MDT 2008 warning and error events generate alerts in System Center Operations Manager.
•
Performance counters that include: •
%Complete. Percentage of completion of a computer in the MDT 2008 deployment process
•
Is Active. Identifying as Active the deployment status of a computer in the MDT 2008 deployment process
•
Has Failed. Identifying as Failed the deployment status of a computer in the MDT 2008 deployment process
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Micr oso ft Depl oymen t T oolk it Mana gement Pack: Ge tt ing Sta r ted Before importing the Microsoft Internet Information Services (IIS) Management Pack for Microsoft Windows 2000 Server or Windows Server® 2003, evaluate the organization’s monitoring requirements for IIS.
Before Importing the Management Pack Before importing the Management Pack, evaluate the organization’s monitoring requirements for MDT 2008. During the Planning Phase, monitoring expectations can be clarified, escalation procedures defined, and the import and configuration of the Management Pack optimized.
Files to Download To monitor MDT 2008, download the Microsoft Deployment Toolkit Management Pack, which is a part of the MDT 2008 download. The Management Pack is contained in the MDT 2008 .msi file; it is installed in the Management Pack folder, which resides in the same folder in which MDT 2008 was installed.
Other Requirements The Management Pack has dependencies on the Management Packs that are installed by default with a System Center Operations Manager Management Server. Important Most optional Management Packs have dependencies on some of the default Management Packs. Therefore, do not remove the default Management Packs from a System Center Operations Manager Management Group. In case of removal, import the default Management Packs from the System Center Operations Manager installation directory.
Optional Management Packs To keep the MDT 2008 environment running smoothly and with high availability, maintain the overall health of the information technology (IT) environment. The overall health includes components specific to MDT 2008 along with components for the network, computer hardware, operating systems, and applications. It is a best practice to import the Management Packs for the operating systems, products, and technologies that are part of the MDT 2008 infrastructure. Although the Microsoft Deployment Toolkit Management Pack does not require these other Management Packs, they can help ensure the end-to-end availability and performances of the MDT 2008 infrastructure.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
To provide end-to-end monitoring of the MDT 2008 infrastructure, also consider deploying the Management Packs for the following elements (based on the environment): •
System Center Configuration Manager
•
Systems Management Server
•
Windows Server 2003
•
Windows Server 2008
•
IIS
•
Microsoft SQL Server® 2005
•
Active Directory® Domain Services (AD DS) management
•
Network hardware, such as routers Note Management Packs for hardware devices are provided by the manufacturer or third parties or can be created within the organization. For information about creating Management Packs, see the Microsoft System Center Operations Manager 2007 Management Pack Authoring Guide at http://go.microsoft.com/fwlink/?LinkId=82637.
Support for Agentless Monitoring The Management Pack gathers MDT 2008 information by using the Microsoft Deployment Management Pack Service. All features of the Management Pack are supported for agent-managed or agentless-managed systems.
Create the Service Account The Management Pack includes the Microsoft Deployment Management Pack Service, which collects events from shared folders on event collection servers, one or more System Center Configuration Manager databases, and one or more Systems Management Server databases. A domain-based user account must be created to be used as the identity for the Microsoft Deployment Management Pack Service. By default, the service runs with the LocalSystem identity. To use the LocalSystem identity to run the service, install the following elements on the same computer on which the service is installed: •
Shared folders that contain collected events, meaning that the computer is also an event-collection server
•
System Center Operations Manager
•
System Center Configurations Manager databases
•
Systems Management Server databases
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
5
To create the service account for the Microsoft Deployment Management Pack Service 411.Create a user account in AD DS by using Active Directory Users and Computers. For more information on how to create user account in AD DS in: •
Windows Server 2003, see “Create a new user account” in the Windows Server 2003 Help.
•
Windows Server 2008, see “Create a New User Account” in Windows Server 2008 Help.
412.Grant the user account created in the previous step the Log on as a service user right on the computer on which the Microsoft Deployment Management Pack Service will be installed by using the Local Security Policy Microsoft Management Console (MMC) snap-in. To configure the Log on as a service user right in: •
Windows Server 2003, edit the user right in Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment by using the Group Policy Object Editor. For more information, see “To edit the local Group Policy object” in Windows Server 2003 Help.
•
Windows Server 2008, edit the user right in Security Settings\Local Policies\User Rights Assignment by using the Local Security Policy MMC snap-in. For more information, see “Edit a Local Group Policy Object” in Windows Server 2003 Help.
Prepare the Event Collection Servers The MDT 2008 scripts write events to a shared folder on computers known as event collection servers. Specify the event collection servers by using the EventShare parameter in the CustomSettings.ini file. The EventShare parameter specifies a Universal Naming Convention (UNC) path to a shared folder in which the MDT 2008 scripts record events. The Microsoft Deployment Management Pack Service periodically collects the events from the event collection servers and creates corresponding events in the System Center Operations Manager database. The service enumerates the event collection servers configured in the Directories to Monitor setting in the Configure Management Pack Wizard to collect the events. To configure the event collection servers 413.Create the Events shared folder on the event collection servers. 414.Configure the Events shared folder permissions. 415.Configure the CustomSettings.ini file to use the appropriate event collection servers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Create the Events Shared Folder As the first step in configuring the event collection servers, create a shared folder in which to store the events. Typically, the event collection server is same server in which the user state migration data shared folder (MigData) and deployment logs shared folder (Logs) reside. For more information about these shared folders, see “Creating Additional Shared Folders” in the MDT 2008 documents, Preparing for LTI Tools, Preparing for Microsoft Systems Management Server 2003, and Preparing for Microsoft System Center Configuration Manager 2007. To create the Events shared folder 416.Identify an existing computer, or install a new computer as an event collection server. 417.Create a folder on the server identified in step 1 named EventsFolder (where EventsFolder is the name of a folder in which the log files reside), and then share the folder as Events. Note If the folder is created in any location other than C:\Events, modify the Generate ZTI Events and Discovery Data Management Pack rule to reference the location of the folder created.
Configure the Events Shared Folder Permissions After creating the Events shared folder, configure the appropriate shared folder permissions. Ensure that no unauthorized users can access user state migration information and the deployment logs. Only the computer creating the events should have access to these folders. To configure the shared folder permissions 418.In Windows Explorer, right-click EventsFolder (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), and then click Properties. 419.On the Security tab, click Advanced. 420.On the Permissions tab, clear the Allow inheritable permissions from the parent to propagate to this object and all child objects check box. 421.When the Remove when prompted to either Copy or Remove the permission entries that were previously applied from the parent dialog box appears, click Remove. 422.On the Permissions tab, click Add. 423.In the Enter the object name to select box, type Domain Computers, and then click OK. This action allows domain computers to create subfolders. 424.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), in the Apply onto list, select This folder only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
7
425.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), in the Permissions list, select Allow for the Create Files/Write Data permission, and then click OK. 426.Repeat steps 5–8, substituting Domain Users for Domain Computers. 427.On the Permissions tab, click Add. 428.In the Enter the object name to select box, type CREATOR OWNER, and then click OK. This action allows domain computers and domain users to access the subfolders they create. 429.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), in the Apply onto list, select Subfolders and files only. 430.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process, in which the log files are stored), in the Permissions list, select Allow for the Full Control permission, and then click OK. 431.Repeat steps 10–13 for the user account created as the identity for the Microsoft Deployment Management Pack Service, created earlier in the process. 432.Repeat steps 10–13 for each group to which administrative privileges will be granted. Note Examples of these groups include the credentials provided in the Systems Management Server or System Center Configuration Manager network access account and the credentials provided in the Windows Deployment Wizard.
The permissions set in these steps allow a computer to connect to the appropriate share and create a new folder in which to store user state information or logs, respectively. The folder permissions prevent other users or computers from accessing the data stored in the folder. Note The default permissions on the Systems Management Server or System Center Configuration Manager distribution point shares should provide the appropriate resource access by default.
Configure the CustomSettings.ini File Modify the CustomSetting.ini file in each respective image to include the appropriate values for the EventShare property (as show in Listing 1 and Listing 2). In the example in these listings, the [Default] section is used. However, the EventShare property could also be set in other sections (such as [DefaultGateway]). Listing 1. CustomSettings.ini File Before Adding the EventShare Values [Default] UDShare=\\NYC-AM-FIL-01\MigData SLShare=\\NYC-AM-FIL-01\Logs . . .
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Listing 2. CustomSettings.ini File After Adding the EventShare Values [Default] UDShare=\\NYC-AM-FIL-01\MigData SLShare=\\NYC-AM-FIL-01\Logs EventShare=\\NYC-AM-FIL-01\Events . . . Note For more information about adding the event collection servers, see “Manage the List of Event Collection Server Folders” later in this document.
Configure the OSDNewMachine Property When monitoring deployments performed by using Systems Management Server with MDT 2008, configure the OSDNewMachineName property in CustomSettings.ini and Bootstrap.ini. The value for the OSDNewMachineName should be set to the name of the target computer. If the OSDNewMachineName property is not configured, status messages from the Management Pack are displayed with Media Access Control (MAC) address, in addition to messages with the computer name. Configuring a value for the OSDNewMachineName property ensures only one entry is displayed for each status message. For more information on the OSDNewMachineName property, see “OSDNewMachineName” in the MDT 2008 document, Toolkit Reference.
Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases To collect status messages from the System Center Configuration Manager and Systems Management Server databases, grant the identity of the Microsoft Deployment Management Pack Service Read access to the respective databases. Collecting the status messages from the databases is optional; however, additional information can be gained about the deployment process by collecting the status messages. The service reads these databases to process the status messages recorded in the respective databases. The service requires only Read access to the databases. Note If the environment only includes System Center Configuration Manager or Systems Management Server, perform only the steps for the product deployed in the environment. If managing the environment by using both products, perform the steps for both products. If no status messages will be collected from either product, skip this step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
9
To grant the service access to the System Center Configuration Manager database 433.Start Configuration Manager console. 434.In the console tree, go to Site Database/Security Rights, and then click Users. 435.In the Actions pane, click Manage ConfigMgr Users. 436.Complete the ConfigMgr User Wizard by using the information in Table 1. Table 1. Information for Completing the ConfigMgr User Wizard On this wizard page
Do this
Welcome to the ConfigMgr Click Next. User Wizard User Name
Click Add a new user. In Add a new user, type user_name (where user_name is the user name of the account created earlier in the process in the format domain\username) or click Browse to browse for a user account, and then click Next.
User Rights
Click Add another right or modify an existing one, and then click Next.
Add a Right
In Class, select Advertisement. In Instance, select (All Instances). In Permissions, select the Read check box. Click Next.
User Rights (second time)
Complete the previous two wizard pages for each of the following classes, substituting the classes for Advertisement: •
Collection
•
Package
•
Site
•
Status Message
When all rights are assigned, click The listed rights are sufficient, and then click Next. Summary
Click Finish.
Wizard Completed
Click Close.
437.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
To grant the service access to the Systems Management Server database 438.Start SMS Administrator Console. 439.In the console tree, expand Site Database. 440.Right-click Security Rights, point to All Tasks, and then click Manage SMS Users. 441.Complete the SMS User Wizard by using the information in Table 2. Table 2. Information for Completing the SMS User Wizard On this wizard page
Do this
Welcome to the SMS User Wizard
Click Next.
User Name
Click Add a new user. In Add a new user, type user_name (where user_name is the user name of the account created earlier in the process in the format domain\username) or click Browse to browse for a user account, and then click Next.
Rights
Click Add another right or modify an existing one, and then click Next.
Add a Right
In Class, select Advertisement. In Instance, select (All Instances). In Permissions, select the Read check box. Click Next.
Rights (second time)
Complete the previous two wizard pages for each of the following classes, substituting the classes for Advertisement: •
Collection
•
Package
•
Site
•
Status Message
When all rights are assigned, click The listed rights are sufficient, and then click Next. Completing the SMS User Wizard
Click Finish.
442.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
11
Grant the Service Access to the System Center Operations Manager SDK Service Grant the identity of the Microsoft Deployment Management Pack Service access to the System Center Operations Manager SDK Service. The service collects information from the shared folders on event collection servers, the System Center Configuration Manager database, and the Systems Management Server database. The service then sends the collected information to the SDK Service running on a Root Management Server or a Management Server in the System Center Operations Manager Management Group. To record collected information the System Center Operations Manager database, the identity of the Microsoft Deployment Management Pack Service must be a member of the System Center Operations Manager Administrator role for the Management Group. Add the user account created earlier in the process to the System Center Operations Manager Administrator role in the System Center Operations Manager Operations Console. To grant the service access to the System Center Operations Manager SDK Service 443.In Operations Console, click Administration. 444.In the Administration pane, go to Administration/Security, and then click User Roles. 445.In the User Roles pane, right-click Operations Manager Administrators, and then click Properties. 446.In the Operations Manager Administrators – User Role Properties dialog box, on the General tab, click Add. 447.On the Select User or Groups page, type user_name (where user_name is the name of the user account created earlier in the process to be used as the identity of the Microsoft Deployment Management Pack Service), and then click OK. 448.In the Operations Manager Administrators – User Role Properties dialog box, click Apply, and then click OK. 449.Close all open windows and dialog boxes.
Import the Microsoft Deployment Toolkit Management Pack To import the Microsoft Deployment Toolkit Management Pack, import the Deployment.4.Managment.Pack.xml file in the ManagementPack folder beneath which MDT 2008 was installed (by default, C:\Program Files\Microsoft Deployment Toolkit\ManagementPack). For information about importing Management Packs, see the “About the Management Packs Node in Operations Manager 2007” topic in System Center Operations Manager Help.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Install the Microsoft Deployment Management Pack Service The Management Pack includes a new Microsoft Deployment Management Pack Service that must be installed and configured on a computer. Install the Microsoft Deployment Management Pack Service on a computer that is: •
A System Center Operations Manager Management Server. This computer can be a Root Management Server or a Management Server.
•
Not a System Center Operations Manager Management Server. This computer can be any other computer in the environment, such as one of the event collection servers or on the deployment server on which MDT 2008 is installed.
Perform the following steps to install the Microsoft Deployment Management Pack Service 450.If installing the service on a computer other than a Management Server, install version 3.0 of the Microsoft .NET Framework. Note To download and for information on how to install version 3.0 of the Microsoft .NET Framework, see “Microsoft .NET Framework 3.0 Redistributable Package” at http://www.microsoft.com/downloads/details.aspx?FamilyID=10CC340B-F857-4A14-83F525634C3BF043&displaylang=en.
451.Install MDT 2008 on the Management Server. Note For more information on installing MDT 2008, see the section, “Installing MDT 2008,” in the MDT 2008 document, Getting Started Guide.
452.Ensure that no other program is running on the computer. 453.Click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 454.On the General Settings page, in Management Server Name, type computer_name (where computer_name is the name of the computer that is a System Center Operations Manager Management Server). 455.On the General Settings page, in Directories to Monitor, type UNC_Paths (where UNC_Paths are the UNC paths to all the event collection servers created earlier in the process, separated with commas). 456.On the General Settings page, click Set. Note If no service account was created earlier in the process and the service will be run with the LocalSystem identity, skip this step.
The Windows User Account dialog box opens. Complete the dialog box by performing the following steps: d. In the Windows User Account dialog box, in User name, type user_name (where user_name is the user name of the user account created earlier in the process to be used as the identity for the service). e. In the Windows User Account dialog box, in Password and Confirm password, type password (where password is the password for the user account), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
13
457.On the General Settings page, click Next. 458.On the SMS/ConfgMgr Database page, click Add New. Note If no status messages will be collected from System Center Configuration Manager or Systems Management Server databases, skip this step.
A dialog box opens. Complete the dialog box by performing the following steps: a. In SQL Server name, type server_name (where server_name is the name of the computer on which the System Center Configuration Manager or Systems Management Server database resides). b. In Database, type database (where database is the name of the System Center Configuration Manager or Systems Management Server database), and then click OK. 459.Repeat step 9 for each System Center Configuration Manager or Systems Management Server database to be added. 460.On the SMS/ConfgMgr Database page, click Next. The Summary wizard page is displayed. The status of the installation and the configuration of the Microsoft Deployment Management Pack Service is displayed. This process can take a few minutes. If an error occurs: •
During the configuration process, view the contents of the Microsoft.BDD.MPService.InstallLog and Microsoft.BDD.MPService.InstallState files in the %Program Files%\Microsoft Deployment Toolkit\ManagementPack folder.
•
Starting the Microsoft Deployment Management Pack Service, view the contents of the Microsoft.BDD.MPService.log.txt file in the %Program Files%\Microsoft Deployment Toolkit\ManagementPack folder.
461.On the Summary wizard page, click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Uninstall the Microsoft Deployment Management Pack Service The Microsoft Deployment Management Pack Service can be uninstalled if the service is no longer needed. Optionally, remove any monitoring information collected by the service from the Operations Manager database. During the uninstall process, the Microsoft Deployment Management Pack Service is stopped and then removed from the list of installed services. Note: After the service is uninstalled, events are still collected and stored on the Events shared folder.
To uninstall the Microsoft Deployment Management Pack Service 462.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 463.On the General Settings page, click Remove the MDT Management Pack Service. 464.To remove the monitoring information collected by the service, select the Remove MDT Computers from System Center Operations Manager console check box. Note: If the Remove MDT Computers from System Center Operations Manager console check box is not selected, then existing monitoring information is retained in the Configuration Manager database.
465.Click Next. The Summary page appears and the status bar indicates the progress of the uninstall process. 466.On the Summary page, click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Micr oso ft Depl oymen t T oolk it Mana gement Pack: Op ti onal Con figu r ation After installing the Microsoft Deployment Management Pack Service, changes may be needed for the configuration of the service. Make changes to the configuration by running the Configure Management Pack Wizard or by making changes directly in the Microsoft.BDD.MPService.exe.config file. The Microsoft.BDD.MPService.exe.config file is located in the %ProgramFiles%\Microsoft Deployment Toolkit\ManagementPack folder. After making changes to the configuration of the service, restart the service for the changes to take effect.
Configure the Management Server That the Service Uses Specify the System Center Operations Manager Management Server that the Microsoft Deployment Management Pack Service uses. The service updates the System Center Operations Manager database by using the SDK Service running on the Management Server. To configure the Management Server that the service uses by using the Configure Management Pack Wizard 467.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 468.On the General Settings page, in Management Server Name, type computer_name (where computer_name is the name of the System Center Operations Manager Management Server), and then click Next. 469.On the SMS/ConfgMgr Database page, click Next. 470.On the Summary page, click Finish. 471.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
To configure the Management Server that the service uses by directly modifying the Microsoft.BDD.MPService.exe.config file 472.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and then open the Microsoft.BDD.MPService.exe.config file. 473.Modify the ManagementServerName attribute as follows: 474.Save the Microsoft.BDD.MPService.exe.config file. 475.Restart the Microsoft.BDD.MPService Service.
Manage the List of Event Collection Server Folders The Microsoft Deployment Management Pack Service collects events from shared folders on the event collection servers. MDT 2008 writes the events to the event collection servers. Configure the list event collection server folders anytime an event collection server is added or removed. If an event collection server folder is added or removed from this list, update the CustomSettings.ini file as well to reflect the changes. To configure the list of event collection server folders by using the Configure Management Pack Wizard 476.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 477.On the General Settings page, in Directories to Monitor, type UNC_Paths (where UNC_Paths are the UNC paths to all the event collection servers created earlier in the process, separated with commas), and then click Next. 478.On the SMS/ConfgMgr Database page, click Next. 479.On the Summary page, click Finish. 480.Restart the Microsoft.BDD.MPService service. To configure the list of event collection server folders by directly modifying the Microsoft.BDD.MPService.exe.config file 481.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and then open the Microsoft.BDD.MPService.exe.config file. 482.Modify the MonitoringFoldersList attribute as follows: 483.Save the Microsoft.BDD.MPService.exe.config file. 484.Restart the Microsoft.BDD.MPService service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
17
Modify the Duration for Detecting Hung Computers The Microsoft Deployment Management Pack Service detects computers on which the deployment process has halted, also known as hung computers. The service detects hung computers by determining how long it has been since a computer last received a status update from the computer. The service compares the length of time: If the length of time is greater than the value in Hang Time, the computer is identified as a hung computer. When the Microsoft Deployment Management Pack Service identifies a hung computer, the service generates hung computer events for that computer. If the service has not received a status update from a computer for eight hours or longer, it identifies the computer as inactive and no longer generates hung computer events. The eight-hour cutoff time for hung computer detection is imbedded in the service and cannot be configured. Tip Configure the total length of time for the values in Idle Time and Hang Time to be less than eight hours (Idle Time + Hang Time < 8 hours). This ensures that the Microsoft Deployment Management Pack Service accurately generates hung computer events.
To configure the duration for detecting hung computers by using the Configure Management Pack Wizard 485.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 486.On the General Settings page, in Hang Time, type hang_time (where hang_time is the length of time in minutes to wait before determining that the deployment process is halted; the default value is 60 minutes), and then click Next. 487.On the SMS/ConfgMgr Database page, click Next. 488.On the Summary page, click Finish. 489.Restart the Microsoft.BDD.MPService Service. To configure the duration for detecting hung computers by using directly modifying the Microsoft.BDD.MPService.exe.config file 490.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 491.Modify the HungComputersThreshold attribute as follows: 492.Save the Microsoft.BDD.MPService.exe.config file. 493.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Modify the Duration for Removing Monitored Computers After Deployment Is Complete The Microsoft Deployment Management Pack Service can automatically remove computer objects from the System Center Operations Manager database after the computer completes deployment. The service determines when to remove monitored computers by determining how long it has been since a computer completed deployment. The service compares the length of time since the computer completed deployment: If the length of time is greater than the value in Cleanup Time, the computer is removed from the System Center Operations Manager database. To configure the duration for removing monitored computers after deployment is complete by using the Configure Management Pack Wizard 494.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 495.On the General Settings page, in Cleanup Time, type cleanup_time (where cleanup_time is the length of time in days to wait before removing a monitored computer that has completed deployment; the default value is 1 day), and then click Next. 496.On the SMS/ConfgMgr Database page, click Next. 497.On the Summary page, click Finish. 498.Restart the Microsoft.BDD.MPService Service. To configure the duration for removing monitored computers after deployment is complete by directly modifying the Microsoft.BDD.MPService.exe.config file 499.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 500.Modify the CleanupComputersThreshold attribute as follows: 501.Save the Microsoft.BDD.MPService.exe.config file. 502.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
19
Modify the Duration for Collecting New Monitoring Information The Microsoft Deployment Management Pack Service collects monitoring information from shared folders on event collection servers, one or more System Center Configuration Manager databases, or one or more Systems Management Server databases. The frequency with which the service collects monitoring information from these sources can be configured by changing the value in Idle Time. The Idle Time value specifies the length of time in minutes that the service waits between collecting monitoring information. The service compares the length of time since the monitoring information was collected: If the length of time is greater than the value in Idle Time, the service collects monitoring information from all the sources. Tip Configure the total length of time for the values in Idle Time and Hang Time to be less than eight hours (Idle Time + Hang Time < 8 hours). This ensures that the Microsoft Deployment Management Pack Service accurately generates hung computer events.
To configure the duration for collecting new monitoring information by using the Configure Management Pack Wizard 503.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 504.On the General Settings page, in Idle Time, type idle_time (where idle_time is the length of minutes in days to wait before collecting monitoring information; the default value is 5 minutes), and then click Next. 505.On the SMS/ConfgMgr Database page, click Next. 506.On the Summary page, click Finish. 507.Restart the Microsoft.BDD.MPService Service. To configure the duration for collecting new monitoring information by directly modifying the Microsoft.BDD.MPService.exe.config file 508.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 509.Modify the IdleTime attribute as follows: 510.Save the Microsoft.BDD.MPService.exe.config file. 511.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
Change the Management Pack Service Log File Location and Name The Microsoft Deployment Management Pack Service writes information to a log file that can be used to diagnose potential problems with the service. The location and file name for the log file can be changed from the default of C:\Microsoft.BDD.MPService.Log.txt. To configure the Microsoft Deployment Management Pack Service log file location and name by using the Configure Management Pack Wizard 512.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 513.On the General Settings page, in Log File, type path\filename (where path is the fully qualified path to the folder in which to store the log file and filename is the name of the log file; the default value is C:\Microsoft.BDD.MPService.Log.txt), and then click Next. 514.On the SMS/ConfgMgr Database page, click Next. 515.On the Summary page, click Finish. 516.Restart the Microsoft.BDD.MPService Service. To configure the Microsoft Deployment Management Pack Service log file location and name by directly modifying the Microsoft.BDD.MPService.exe.config file 517.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 518.Modify the LogFilePath attribute as follows: 519.Save the Microsoft.BDD.MPService.exe.config file. 520.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
21
Change the Identity That the Microsoft Deployment Management Pack Service Uses The Microsoft Deployment Management Pack Service runs in the security context of the identity specified in the value in Logon Account. To change the account to a new account or change the password of an existing account, use the Configure Management Pack Wizard or directly modify the service in the Services MMC snap-in. If the identity that the service uses is changed to a new account, also grant the new account: •
Permissions to the shared folders on all the event collection servers. For more information, see the section, “Prepare the Event Collection Servers,” in this document.
•
Access to the System Center Configuration Manager and Systems Management Server databases. For more information, see the section, “Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases,” in this document.
•
Access to the SDK Service in System Center Operations Manager. For more information, see the section, “Grant the Service Access to the System Center Operations Manager SDK Service,” in this document.
To configure the identity that the Microsoft Deployment Management Pack Service uses by using the Configure Management Pack Wizard 521.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 522.On the General Settings page, click Set. The Windows User Account dialog box opens. Fill out the Windows User Account dialog box by completing the following steps: a. In the Windows User Account dialog box, in User name, type user_name (where user_name is the user name of the user account created earlier in the process to be used as the identity for the service). b. In the Windows User Account dialog box, in Password and Confirm password, type password (where password is the password for the user account), and then click OK. 523.On the SMS/ConfgMgr Database page, click Next. 524.On the Summary page, click Finish. 525.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
To configure the identity that the Microsoft Deployment Management Pack Service uses by using the Services MMC snap-in 526.On the computer on which the service is installed, click Start, point to Administrative Tools, and then click Services. 527.In the Services console, in the details pane, right-click Microsoft.BDD.MPService, and then click Properties. 528.In the Microsoft.BDD.MPService Properties dialog box, on the Log On tab, click This account. 529.In This account, type user_name (where user_name is the user name of the user account created earlier in the process to be used as the identity for the service) or click Browse to locate the user. 530.Restart the Microsoft.BDD.MPService Service.
Manage the List of System Center Configuration Manager or Systems Management Server Databases The Microsoft Deployment Management Pack Service can collect status messages from one or more System Center Configuration Manager and Systems Management Server databases. Collecting the status messages from the databases is optional; however, additional information can be gained about the deployment process by collecting the status messages. The service reads these databases to process the status messages recorded in the respective databases. The service requires only Read access to the databases. If a new database is added to the list, grant the service access to the database. For more information, see the section, “Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases,” in this document. To configure the list of databases by using the Configure Management Pack Wizard 531.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 532.On the General Settings page, click Next. 533.On the SMS/ConfgMgr Database page, perform one of the management tasks listed in Table 3.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
23
Table 3. Management Pack Reports To perform this task Add a new database connection
Do this On the SMS/ConfgMgr Database page, click Add New. A dialog box opens. Fill in the dialog box by completing the following steps 534.In SQL Server name, type server_name (where server_name is the name of the computer where the System Center Configuration Manager or Systems Management Server database is stored). 535.In Database, type database (where database is the name of the System Center Configuration Manager or Systems Management Server database), and then click OK.
Modify an existing database connection
On the SMS/ConfgMgr Database page, in the Add new or Remove existing SQL connection strings for SMS Server 2003/SCCM Server list, click connection_string (where connection_string is the connection string to remove), and then click Edit. A dialog box opens. Fill in the dialog box by completing the following steps 536.In SQL Server name, type server_name (where server_name is the name of the computer on which the System Center Configuration Manager or Systems Management Server database resides). 537.In Database, type database (where database is the name of the System Center Configuration Manager or Systems Management Server database), and then click OK.
Remove an existing database connection
On the SMS/ConfgMgr Database page, in the Add new or Remove existing SQL connection strings for SMS Server 2003/SCCM Server list, click connection_string (where connection_string is the connection string to remove), and then click Remove.
538.On the SMS/ConfgMgr Database page, click Next. 539.On the Summary page, click Finish. 540.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
To configure the list of databases by directly modifying the Microsoft.BDD.MPService.exe.config file 541.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 542.Modify the ConnectionString2008129205519 attribute as follows: 543.Save the Microsoft.BDD.MPService.exe.config file. 544.Restart the Microsoft.BDD.MPService Service.
Configur e R etention of Files After Pr ocessing
the .tmp
The Microsoft Deployment Management Pack Service processes .tmp files stored in the shared folders on event collection servers. The service can: •
Delete these files after processing.
•
Move the processed files to the Processed folder.
To retain the processed .tmp files, configure the service to move the processed files to the Processed folder. Otherwise, the .tmp files will be deleted as they are processed. Typically, the.tmp files would be retained to help diagnose problems with collecting status from computers during the deployment process. To configure this feature, modify the PreserveFiles attribute in the Microsoft.BDD.MPService.exe.config file. The default value is No, which indicates that the .tmp files are deleted after they are processed. Change this value to Yes to preserve the .tmp files by moving them to the Processed folder. Note: If the.tmp files will be retained by moving them to the Processed folder, the files must be manually when they are no longer necessary.
To configure retention of the .tmp files by directly modifying the Microsoft.BDD.MPService.exe.config file 545.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 546.Modify the PreserveFiles attribute as follows: 547.Save the Microsoft.BDD.MPService.exe.config file. 548.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
25
Configur e Fi ltering o f Ev ents Recor ded in the Oper ations Mana ger Da ta base The Microsoft Deployment Management Pack Service processes events, and then stores the events in the Operations Manager database. In some situations, specific events may be excluded from recording in the Operations Manager database. To prevent specific events from being recorded in the Operations Manager database, configure the service to exclude specific events by specifying the event IDs. Otherwise, all events are recorded. Typically, events that are unnecessary when troubleshooting any MDT 2008 deployment problems would be filtered. To configure this feature, modify the ExcludeEvents attribute in the Microsoft.BDD.MPService.exe.config file. The default value is an empty list, which indicates that all events will be recorded in the Operations Manager database. To exclude specific events from being recorded in the Operations Manager database, change this value to a list of the event IDs to be excluded. To configure the filtering of events recorded in the Operations Manager database by directly modifying the Microsoft.BDD.MPService.exe.config file 549.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and then open the Microsoft.BDD.MPService.exe.config file. 550.Modify the ExcludeEvents attribute as follows (where ID_1, ID_2, and ID_3 are the IDs of the events to be excluded, separated by commas): 551.Save the Microsoft.BDD.MPService.exe.config file. 552.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Unde r stand ing the Mi cr oso ft Dep lo yment Toolk it 2003 Mana gement Pack The Microsoft Deployment Management Pack Service collects the data for MDT 2008. Figure 1 illustrates how the service collects the MDT 2008 event information and System Center Configuration Manager or Systems Management Server status.
Figure 1. Overview of the Microsoft Deployment Toolkit Management Pack Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Understanding the Management Pack
27
In Figure 1, the MDT 2008 process writes MDT 2008–related events in shared folders on the event collection servers. The System Center Configuration Manager or Systems Management Server client stores operating system and package deployment status in the System Center Configuration Manager or Systems Management Server database. The Microsoft Deployment Management Pack Service, which is installed and configured on the System Center Operations Manager Root Management Server, collects the MDT 2008–related events from the event collection servers as well as the operating system and the package deployment status from the System Center Configuration Manager or Systems Management Server database. Then, the Microsoft Deployment Management Pack Service stores the collected information in the Operations Manager database and Data Warehouse database.
Objects That the Microsoft Deployment Toolkit Management Pack Discovers The Management Pack does not perform object discovery. Instead, the Microsoft Deployment Management Pack Service collects event files from the event servers and status messages from System Center Configuration Manager or Systems Management Server. For each individual computer that records events to one of these sources, the service creates an MDT Computer object and populates the associated computer attributes listed in Table 6 (shown later is this document).
How Health Rolls Up The health of the MDT 2008 deployment process is reported to the computer. The state of the deployment rolls up to cause a computer to change its state to match the state of the deployment. For example, an unhealthy deployment status rolls up and changes the state of a healthy computer to unhealthy.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Viewing Information in the System Center Operations Manager Operations Console The Management Pack monitors the status of the computers that MDT 2008 deploys. View this monitoring information in the System Center Operations Manager Operations Console. The information that the Management Pack collects is divided into the views listed in Table 4. Table 4. Management Pack Views View
Description
Alerts
This view lists all the alerts that the Management Pack generates. All events that the Management Pack generates that have an event type of Error or Warning generate alerts. For more information on events with event types of Error or Warning, see the section, “Events,” later in this document.
Events
This view lists all the event files and status messages from Systems Management Server and System Center Configuration Manager that the Microsoft Deployment Management Pack Service processes. As soon as event files or status messages are processed, they appear in this view. For more information on the events that the Management Pack processes, see the section, “Events,” later in this document.
State View
This view lists all computers currently being deployed. The state is automatically set to: •
Successful, if no warnings or errors exist for the computer.
•
Warning, if one or more events with severity levels of Warning exist. The Warning state takes precedence over the Successful state.
•
Error, if one or more events with severity levels of Error exist. The Error state takes precedence over the Successful and Warning state.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Understanding the Management Pack
29
Reports Table 5 lists the reports included in this Management Pack. For each report, the date range for information displayed in the report can be specified. Note The Management Pack regularly purges information from the Operations Manager database as a normal part of Management Pack operation. For more information, see the section, “Modify the Duration for Removing Monitored Computers After Deployment Is Complete,” in this document.
Table 5. Management Pack Reports Report
Description
Deployment Status and Summary Report
Displays a summary of the computers with Active, Completed, Failed, and Inactive states. For each of these states, the summary can be expanded to display the list of individual computers that are in each respective state. For each individual computer, the report displays the computer name, percent complete, alert count, event count, and deployment duration.
Computer Details Report
Solution Accelerators
Displays three tables of information about a specific computer. The first table displays all the computer properties for the computer selected as described in Table 6, later in this document. The second table displays all the alerts generated by the selected computer. The third table displays all the events generated by the selected computer.
microsoft.com/technet/SolutionAccelerators
Tec hnica l Refer ence The following sections describe the technical characteristics of the Microsoft Deployment Toolkit Management Pack, including: •
Computer attributes.
•
Rules.
•
Events.
MDTComputer Class Attributes The Management Pack defines a new object class, MDTComputer, which is derived from the Microsoft.Windows.Computer base class in the Windows Core Library Management Pack. This allows the Microsoft Deployment Toolkit Management Pack to store additional attributes for each computer that the Microsoft Deployment Management Pack Service identifies. Because the MDTComputer class is derived class, the MDTComputer class inherits all the attributes of the Microsoft.Windows.Computer base class. Table 6 lists the MDTComputer class attributes that are in addition to the attributes defined in the Microsoft.Windows.Computer base class. All the values for these attributes are automatically populated through MDT 2008, System Center Configuration Manager, and Systems Management Server events. Table 6. MDTComputer Class Attributes Computer attributes
Description
MDT Advertisement ID
The System Center Configuration Manager advertisement ID that started the operating system deployment process.
MDT Asset Tag
The System Management BIOS (SMBIOS) asset tag of the computer (available only if Windows Management Instrumentation [WMI] is included in Windows Preinstallation Environment [Windows PE]). Some vendors might not populate this value (requires SMBIOS version 2.0 or later).
MDT Log Path
The UNC path to where the MDT log files that the MDT 2008 scripts created are stored.
MDT MAC Address 1
The MAC address of the first network adapter in the computer.
MDT MAC Address 2
The MAC address of the second network adapter in the computer (if present).
MDT MAC Address 3
The MAC address of the third network adapter in the computer (if present).
MDT MAC Address 4
The MAC address of the fourth network adapter in the computer (if present).
Template User Instructions
31
Computer attributes
Description
MDT MAC Address 5
The MAC address of the fifth network adapter in the computer (if present).
MDT Package ID
The System Center Configuration Manager package ID for this operating system deployment
MDT Phase
This is the name of the current phase, as last reported by the scripts. Valid values are: •
NEWCOMPUTER
•
OLDCOMPUTER
•
VALIDATION
•
STATECAPTURE
•
PREINSTALL
•
POSTINSTALL
•
STATERESTORE
MDT User Data Directory
The directory on the MDT User Data share (below) in which user state information that the Windows User State Migration Tool (USMT) creates should be stored. (This will be used only if there is not enough space on the local computer or if this is an “OldComputer.”)
MDT User Data Share
The UNC path where user state information that the USMT created should be stored. (This will only be used if there is not enough space on the local computer or if this is an “OldComputer”.)
MDT UUID
The SMBIOS universally unique identifier (UUID) value from the computer (populated by the manufacturer; requires SMBIOS version 2.1 or later).
Deployment Status
Indicates the current deployment status of the computer being deployed. It can have one of the following values: •
In Progress. Indicates that deployment is in progress
•
Failed. Indicates that deployment has failed
•
Complete. Indicates that deployment has successfully finished
Deployment Start Time
Indicates the time relative to coordinated universal time (UTC) when the deployment starts.
Deployment End Time
Indicates the time relative to UTC when the deployment finished successfully or failed. When a deployment begins, this value will be set to the time when the deployment started. When the deployment finishes or fails, the value will be updated to reflect the time the deployment finished or failed.
Number of Warnings
Indicates the total number of events with an event type of Warning that occurred during the deployment.
Number of Errors
Indicates the total number of events with an event type of Error that occurred during the deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
MSDN 2.0
Computer attributes
Description
Total Steps
Indicates the total number of steps in a task sequence. If the total number of steps were not specified in the discovery event, a default value of 100 is used.
Rules Table 7 lists the rules included in this Management Pack. Table 7. Management Pack Rules Rule
Description
Percent Complete
This performance counter rule determines the percentage of completion for a computer being deployed using MDT 2008.
Is Active
This performance counter rule reflects a computer that is actively in the process of being deployed using MDT 2008.
Has Failed
This performance counter rule reflects a computer that has failed during the process of being deployed using MDT 2008.
Generate alerts for Events with Severity = Warning
This event rule generates an alert for any events that have an event type of Warning.
Generate alerts for Events with Severity = Error
This event rule generates an alert for any events that have an event type of Error.
Events The Microsoft Deployment Management Pack Service processes only events for MDT 2008, status messages from System Center Configuration Manager, and status messages from Systems Management Server. Events for other software packages or advertisements in the event logs will be ignored.
MDT 2008–Related Events Table 8 lists the MDT 2008 component events that the Management Pack references. Table 8. MDT 2008 Component Events Processed by the Management Pack Event
Description
ID: Component: Type: Text:
41000 ZTIGather.wsf Informational Processing the %1 phase.
The script was started as part of the specified phase (%1).
ID: Component: Type: Text:
41001 ZTIUtility.vbs Informational %1 processing completed successfully
The script processing for the specified phase (%1) was successfully completed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event ID: Component: Type: Text:
33
Description 41002 ZTIUtility.vbs Error ZTI ERROR - Unhanded error returned by %1: %2 (%3)
An error occurred while running the scripts. This situation is not normal; further investigation is required to identify the cause of the error.
- or ZTI ERROR - Non-zero return code by %1, rc = &2 ID: Component: Type: Text:
41003 ZTIUtility.vbs Informational ZTI Heartbeat: command has been running for %1 minutes (process ID %2)
The scripts run some commands that may take a long time to finish (for example, the USMT state capture). The Zero Touch Installation (ZTI) script generates this event to indicate that it is still alive and monitoring the specified process.
ID: Component: Type: Text:
41004 ZTIUserState.wsf Informational ZTI Beginning user state estimate/capture
The scripts are going to start the USMT state capture process; waiting for it to finish.
ID: Component: Type: Text:
41005 ZTIUserState.wsf Informational ZTI Scanstate estimate was successful.
The USMT state capture process was successful.
ID: Component: Type: Text:
41006 ZTIUserState.wsf Warning/Error ZTI ERROR - Unable to run Scanstate, Error = %1 (%2)
The scripts encountered an error while running the USMT Scanstate command. See the usmtcapt.log file for more information.
- or ZTI ERROR - Non-zero return code from Scanstate, RC = %1 ID: Component: Type: Text:
41007 ZTIUserState.wsfInformational / Error ZTI Beginning user state restore
The scripts are going to start the USMT state restore process.
- or ZTI ERROR - Unable to run Loadstate, Error = %1 (%2) - or ZTI ERROR - Non-zero return code from Loadstate, RC = %1
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
MSDN 2.0
Event
Description
ID: Component: Type: Text:
41008 ZTIUserState.wsf Informational ZTI User state restored successfully
The USMT state restore process finished successfully.
ID: Component: Type: Text:
41011 ZTIPackages.wsf Informational ZTI Successfully installed %1:%2.
The scripts successfully installed the specified Systems Management Server package and program combination.
ID: Component: Type: Text:
41012 ZTIPackages.wsf Error/Warning ZTI ERROR - Unable to execute command: %1 (%2)
The scripts were unable to install the specified Systems Management Server package and program combination because of an error executing the command.
- or ZTI WARNING - Non-zero return code from command, rc = %1 ID: Component: Type: Text:
41013 ZTIUtility.vbs Error ZTI error opening SQL connection: %1
The scripts were unable to connect to the specified SQL Server database.
ID: Component: Type: Text:
41014 LiteTouch.wsfError LTI deployment failed, rc = %1
An LTI-based deployment failed.
ID: Component: Type: Text:
41015 LiteTouch.wsf Informational LTI deployment completed successfully
An LTI-based deployment finished successfully.
ID: Component: Type: Text:
41016 LiteTouch.wsf Informational LTI beginning deployment
An LTI-based deployment began.
ID: Component: Type: Text:
41017 LiteTouch.wsf Informational LTI initiating task sequencerequested reboot.
An LTI-based deployment initiated a task sequence–requested restart of the target commuter.
ID: Component: Type: Text:
41018 LTIApply.wsf Informational LTI applying Windows PE
An LTI-based deployment initiated the startup of Windows PE on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
35
Description
ID: Component: Type: Text:
41019 LTIApply.wsf Informational LTI Windows PE applied successfully
An LTI-based deployment successfully started Windows PE on the target computer.
ID: Component: Type: Text:
41020 LTIApply.wsf Informational LTI applying image %1 using SETUP.EXE
An LTI-based deployment initiated an image installation by running setup.exe.
ID: Component: Type: Text:
41021 LTIApply.wsf Informational Setup completed successfully.
An LTI-based deployment successfully completed image installation by running setup.exe.
ID: Component: Type: Text:
41022 LTIApply.wsf Error Setup failed applying image %1, rc = %2
An LTI-based deployment failed to complete image installation by running setup.exe with the return code specified in the text of the event.
ID: Component: Type: Text:
41023 LTIApply.wsf Informational LTI applying image %1 using ImageX
An LTI-based deployment initiated an image installation by using ImageX.
ID: Component: Type: Text:
41024 LTIApply.wsf Error The image %1 was not applied successfully by ImageX, rc = %2
An LTI-based deployment failed to complete image installation by using ImageX with the return code specified in the text of the event.
ID: Component: Type: Text:
41025 LTIApply.wsf Informational The image %1 was applied successfully.
An LTI-based deployment successfully completed image installation by using ImageX.
ID: Component: Type: Text:
41026 LTIApply.wsf Informational Performing unattend install from %1
An LTI-based deployment initiated an image installation by using unattended installation.
ID: Component: Type: Text:
41027 LTIApply.wsf Informational Unattended install completed successfully.
An LTI-based deployment successfully completed image installation by using unattended installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
MSDN 2.0
Event
Description
ID: Component: Type: Text:
41028 LTIApply.wsf Error Unattended install failed, rc = %1
An LTI-based deployment failed to complete image installation by using unattended installation with the return code specified in the text of the event.
ID: Component: Type: Text:
41029 ZeroTouchInstallation.wsf Informational ZTI deployment completed successfully
A ZTI-based deployment completed successfully.
ID: Component: Type: Text:
41030 ZeroTouchInstallation.wsf Error ZTI deployment failed, rc = %1 (%2)
A ZTI-based deployment failed to complete image installation with the return code specified in the text of the event.
ID: Component: Type: Text:
41031 ZTIApplications.wsf Informational ZTI installing application %1
Installation of application initiated.
ID: Component: Type: Text:
41032 ZTIApplications.wsf Error Error installing application %1: %2
Installation of application failed.
ID: Component: Type: Text:
41033 ZTIApplications.wsf Informational Application %1 installed successfully
Installation of application completed successfully.
ID: Component: Type: Text:
41034 ZTIApplications.wsf Error Application %1 returned an unexpected return code: %2
Installation of application failed with the error return code specified in the text of the event.
ID: Component: Type: Text:
41035 ZTIBackup.wsf Informational Beginning backup of drive %1
Back up of drive specified in the text of the event is initiated.
ID: Component: Type: Text:
41036 Backup of the disk specified in the text ZTIBackup.wsf of the event failed with the error return Error code specified in the text of the event. Error creating an image of drive %1, rc = %2
ID: Component: Type: Text:
41037 ZTIBackup.wsf Informational Successfully created image of drive %1
Solution Accelerators
Backup of the disk specified in the text of the event finished successfully.
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
37
Description
ID: Component: Type: Text:
41038 ZTIGather.wsf Error Unable to establish database connection using [%1] properties.
The MDT 2008 script ZTIGather.wsf was unable to establish a connection to the database referenced in the text of the event.
ID: Component: Type: Text:
41039 ZTIGather.wsf Warning Unable to execute database query.
The MDT 2008 script ZTIGather.wsf was unable to run a database query.
ID: Component: Type: Text:
41040 ZTIPackages.wsf Error Unable to find OSDSWDEXEC.EXE, so SMS packages cannot be installed.
The MDT 2008 script ZTIPackages.wsf was unable to find the file osdswdexec.exe, which is required to install packages created in Systems Management Server.
ID: Component: Type: Text:
41041 ZTIPackages.wsf Error Unable to establish database connection to look up SMS program command lines, install of '%1:%2’ cannot be completed.
The MDT 2008 script ZTIPackages.wsf is unable to locate the Systems Management Server program Command Prompt window for the package and program specified in the text of the event.
ID: Component: Type: Text:
41042 ZTIPackages.wsf Error Unable to install %1:%2 because it was not found in the SMS database.
The MDT 2008 script ZTIPackages.wsf is unable to locate the package and program specified in the text of the event.
ID: Component: Type: Text:
41043 ZTIPackages.wsf Informational About to install %1:%2.
The MDT 2008 script ZTIPackages.wsf is initiating the installation of the package and program specified in the text of the event.
ID: Component: Type: Text:
41044 ZTIValidate.wsf Error ERROR - Attempting to deploy a client operating system to a machine running a server operating system.
The MDT 2008 script ZTIValidate.wsf identified that the target computer is running a server operating system, and the process is attempting to deploy a client operating system to the target computer, which is not supported.
ID: Component: Type: Text:
41045 ZTIValidate.wsf Error ERROR - Attempting to deploy a server operating system to a machine running a client operating system.
The MDT 2008 script ZTIValidate.wsf identified that the target computer is running a client operating system, and the process is attempting to deploy a server operating system to the target computer, which is not supported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
MSDN 2.0
Event
Description
ID: Component: Type: Text:
41046 ZTIValidate.wsf Error ERROR - Machine is not authorized for upgrading (OSInstall=%1), aborting.
The MDT 2008 script ZTIValidate.wsf identified that the target computer is not authorized for upgrade.
ID: Component: Type: Text:
41047 ZTIValidate.wsf Error ERROR - %1 MB of memory is insufficient. At least %2 MB of memory is required.
The MDT 2008script ZTIValidate.wsf identified that the target computer has insufficient physical memory resources to deploy the target operating system as specified in the text of the event.
ID: Component: Type: Text:
41048 ZTIValidate.wsf Error ERROR - Processor speed of %1 MHz is insufficient. At least a %2 MHz processor is required.
The MDT 2008 script ZTIValidate.wsf identified that the target computer has insufficient processor resources to deploy the target operating system as specified in the text of the event.
ID: Component: Type: Text:
41049 ZTIValidate.wsf Error ERROR - insufficient space is available on %1. An additional %2 MB is required.
The MDT 2008 script ZTIValidate.wsf identified that the target computer has insufficient available disk space to deploy the target operating system as specified in the text of the event.
ID: Component: Type: Text:
41050 ZTIValidate.wsf Error ERROR - the current OS is not running from the C: drive. This is not currently supported.
The MDT 2008 script ZTIValidate.wsf identified that the operating system on the target computer is running on a drive volume other than the drive C volume, which is not supported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
39
System Center Configuration Manager– Related Events Table 9 lists the System Center Configuration Manager client component events that the Management Pack processes. Table 9. System Center Configuration Manager Client Component Events Referenced by the Management Pack Event
Description
ID: Component: Type: Text:
11134 Configuration Manager 2007 Client TBD The task sequence execution engine successfully completed the action (%1)
The task sequence execution engine successfully completed the action.
ID: Component: Type: Text:
11135 Configuration Manager 2007 Client TBD The task sequence execution engine failed executing the action (%1). Error Code: %2
The task sequence execution engine failed to execute the action.
ID: Component: Type: Text:
11140 Configuration Manager 2007 Client TBD The task sequence execution engine started execution of a task sequence.
The task sequence execution engine successfully started execution of a task sequence.
ID: Component: Type: Text:
11141 Configuration Manager 2007 Client TBD The task sequence execution engine failed execution of a task sequence.
The task sequence execution engine failed to start execution of a task sequence.
ID: Component: Type: Text:
11143 Configuration Manager 2007 Client TBD The task sequence execution engine successfully completed a task sequence.
The task sequence execution engine successfully completed a task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
MSDN 2.0
Systems Management Server–Related Events Table 10 lists the Systems Management Server client component events that the Management Pack processes. Table 10. Systems Management Server Client Component Events Processed by the Management Pack Event
Description
ID: Component: Type: Text:
10002 SMS 2003 Client Informational A new advertisement %1 was received
The Systems Management Server client received the new Systems Management Server advertisement and will run it based on the advertisement’s schedule.
ID: Component: Type: Text:
10005 SMS 2003 Client Informational Program started for advertisement %1
The Systems Management Server client successfully started running the Systems Management Server program associated with the advertisement.
ID: Component: Type: Text:
10006 SMS 2003 Client Error Program failed, return code = %11
The program being executed as part of the Systems Management Server advertisement failed to run. At this point, the Systems Management Server process has not started. See the Systems Management Server logs for more information about the cause of this error.
ID: Component: Type: Text:
10007 SMS 2003 Client Error Program failed with status MIF
The program being executed as part of the Systems Management Server advertisement failed to run. At this point, the Systems Management Server process has not started. See the Systems Management Server logs for more information about the cause of this error.
ID: Component: Type: Text:
10008 SMS 2003 Client Informational Program successful
The program associated with the Systems Management Server advertisement finished successfully. This does not mean that the Systems Management Server process has finished successfully. Instead, it means that the Systems Management Server has successfully installed and started the OSDAgent Service that will drive the remainder of the process.
ID: Component: Type: Text:
10009 SMS 2003 Client Informational Program successful
The program associated with the Systems Management Server advertisement finished successfully. This does not mean that the Systems Management Server process has finished successfully. Instead, it means that Systems Management Server has successfully installed and started the OSDAgent Service that will drive the remainder of the process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
41
Description
ID: Component: Type: Text:
10018 SMS 2003 Client Warning Advertisement rejected due to platform restrictions
A computer received the Systems Management Server advertisement, but that computer rejected it because it was not running the correct operating system platform. This event typically occurs only on computers running the Microsoft Windows 98 operating system, because Systems Management Server advertisements support Microsoft Windows 2000 Professional and later operating systems.
ID: Component: Type: Text:
10019 SMS 2003 Client Warning Advertisement rejected because it is expired
The computer received the Systems Management Server advertisement, but it will not run because the expiration date configured on that advertisement has already passed.
ID: Component: Type: Text:
10020 SMS 2003 Client Informational Program will not be run due to a slow network connection
The Systems Management Server advertisement is configured not to run the program over a slow network connection, but a slow network connection was detected.
ID: Component: Type: Text:
10023 SMS 2003 Client Informational Content download has started
The Systems Management Server advertisement has been configured to use “Download and execute” and has started downloading the package content. The package cannot begin executing until the download is complete.
ID: Component: Type: Text:
10024 SMS 2003 Client Informational Content download has completed
The contents of the Systems Management Server package have been completely downloaded so that program can run as soon as the advertisement start time arrives.
ID: Component: Type: Text:
10030 SMS 2003 Client Error Content hash mismatch
The contents of the Systems Management Server package were downloaded, but the content hash (checksum) of the local content did not match the server content. This means that the local content is corrupt and unusable.
ID: Component: Type: Text:
10031 SMS 2003 Client Informational Content download cancelled
The Systems Management Server client cancelled the Systems Management Server package download.
ID: Component: Type: Text:
10034 SMS 2003 Client Informational Program cancelled by user request
The Systems Management Server client cancelled the Systems Management Server package download at the user’s request.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
MSDN 2.0
Event
Description
ID: Component: Type: Text:
10035 SMS 2003 Client Informational Waiting for package content
The Systems Management Server package cannot run, because the Systems Management Server client has not yet located or obtained the package content. If the package is configured for “Download and execute,” it will take some time for this download to finish. If the package is configured to run from a distribution point, this status message is still generated to indicate that it is looking for a distribution point, but one should be found quickly, enabling the package execution to continue.
ID: Component: Type: Text:
10037 SMS 2003 Client Informational Waiting for another program to complete
The Systems Management Server package cannot run, because the Systems Management Server client is busy running something else. As soon as that advertisement is complete, the Systems Management Server package should run.
ID: Component: Type: Text:
10040 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10041 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10042 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10043 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10045 SMS 2003 Client Warning Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
43
Description
ID: Component: Type: Text:
10050 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10051 SMS 2003 Client Error Content cannot be located, SMS 2003 client is giving up
The Systems Management Server client attempted to locate a distribution point containing the Systems Management Server package files but was unable to do so after several tries, so it gave up.
ID: Component: Type: Text:
10053 SMS 2003 Client Error Content download failed
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. No more attempts will be made.
ID: Component: Type: Text:
10054 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10057 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10058 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10060 SMS 2003 Client Warning Content download failed, will retry
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. More attempts will be made to complete the download.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
MSDN 2.0
Event
Description
ID: Component: Type: Text:
10061 SMS 2003 Client Warning Content download failed, will retry
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. More attempts will be made to complete the download.
ID: Component: Type: Text:
10062 SMS 2003 Client Warning Content download failed, will retry
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. More attempts will be made to complete the download.
Table 11 lists the SMS 2003 Operating System Deployment (OSD) Feature Pack Agent (OSD Agent) component events that the Management Pack processes. Table 11. SMS 2003 OSD Feature Pack Agent Component Events Processed by the Management Pack Event
Description
ID: Component: Type: Text:
11100 OSD Agent Informational OSD action '%1' started
The OSD Agent generates this event for each action started during the operating system deployment process.
ID: Component: Type: Text:
11101 OSD Agent Error OSD action '%1' failed with rc = %1
The OSD Agent detected that an action failed with a non-zero return code. This is a terminal error prior to the installation phase; after the installation phase, execution will continue. (The Management Pack will raise an alert for each action failure, regardless of the phase.)
ID: Component: Type: Text:
11102 OSD Agent Informational OSD deployment successfully completed
The OSD Agent successfully completed the SMS 2008 OSD Feature Pack imagedeployment process. The new operating system is fully installed and ready to use.
ID: Component: Type: Text:
11103 OSD Agent Error OSD did not receive a response from the management point
The OSD Agent attempted to contact a Systems Management Server management point to locate the closest Systems Management Server distribution point containing the specified package, but the management point did not respond, causing the operating system deployment process to fail.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
45
Description
ID: Component: Type: Text:
11104 OSD Agent Error OSD found no distribution points available at the site
The OSD Agent successfully contacted a Systems Management Server management point, but that management point reported that there were no suitable Systems Management Server distribution points available given the computer’s current network location. This causes the operating system deployment process to fail. (This may mean that the site is configured to use AD DS site boundaries and that the update associated with Microsoft Help and Support article, “Deploying an operating system by using the Operating System Deployment Feature Pack fails when Active Directory sites are used as site boundaries in SMS 2003,” at http://support.microsoft.com/kb/888311 has not been installed.)
ID: Component: Type: Text:
11105 OSD Agent Error OSD was unable to connect to a distribution point
The OSD Agent successfully obtained the name of a Systems Management Server distribution point from the Systems Management Server management point but was unable to connect to that distribution point. This causes the operating system deployment process to fail. (This may mean that the server is down, that there are firewalls or Internet Protocol Security [IPsec] configurations interfering, and so on.)
ID: Component: Type: Text:
11106 OSD Agent Informational OSD Validation phase started
The OSD Agent successfully started the validation phase, the first phase in the operating system deployment process.
ID: Component: Type: Text:
11107 OSD Agent Informational OSD State Capture phase started
The OSD Agent successfully started the state capture phase (running in the original, or “old,” operating system), the second phase in the operating system deployment process. This phase typically runs the USMT to capture user settings and files.
ID: Component: Type: Text:
11108 OSD Agent Informational OSD Preinstall phase started
The OSD Agent successfully started the preinstall phase. For an operating system refresh, Windows PE is placed on the hard disk, and the computer is restarted to continue the process. For a new computer, the pre-installation phase is initiated from the Windows PE image installation CD.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
MSDN 2.0
Event
Description
ID: Component: Type: Text:
11109 OSD Agent Informational OSD Install phase started
The OSD Agent successfully started the installation phase (running in Windows PE). This phase cleans the old operating system from drive C (if there is an existing operating system) and extracts the contents of the new operating system Windows Image Format (WIM) image, placing it on the drive.
ID: Component: Type: Text:
11110 OSD Agent Informational OSD Postinstall phase started
The OSD Agent successfully started the postinstallation phase (running in Windows PE). During this phase, the new operating system can be adjusted or modified before it runs for the first time (for example, editing the sysprep.inf configuration file or adding drivers).
ID: Component: Type: Text:
11111 OSD Agent Informational OSD State Restore phase started
The OSD Agent successfully started the state restore phase (running in the “new” operating system). During this phase, the user state information captured previously is restored, and any needed applications are installed.
Microsoft® Deployment Toolkit 2008 Microsoft Deployment Toolkit Samples Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
47
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, BitLocker, SQL Server, Visual Basic, Windows, Windows NT, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This guide is intended to serve as part of Microsoft® Deployment Toolkit (MDT) 2008, to guide a specialist team through deploying the Microsoft Windows® operating system and the 2007 Microsoft Office system. Specifically, this guide is designed to provide sample configuration settings for specific deployment scenarios. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
To use this guide 1. Review the list of scenario topics in the “Contents” section (starting on page iii of this guide). 2. Select the scenario that most closely represents the organization’s deployment goals. 3. Review the sample configuration settings for the selected scenario. 4. Use the sample configuration settings as the foundation for the configuration settings in the environment. 5. Customize the sample configuration settings for the environment. In many instances, more than one scenario might be necessary to complete the configuration settings for the environment. Because this guide contains only sample configuration settings, reviewing the guides listed in Table 1 can further assist in customizing the configuration settings for the environment. Table 1. Deployment Guidance in MDT 2008 Guide
This guide offers assistance to help
Preparing for LTI Tools
Install LTI in the environment. The guide includes information about how LTI works.
Preparing for Microsoft Systems Management Server 2003
Install ZTI in the environment and perform deployments using Microsoft Systems Management Server 2003. The guide includes information about how ZTI and Systems Management Server work together.
Preparing for Microsoft System Center Configuration Manager 2007
Install ZTI in the environment and perform deployments using Microsoft System Center Configuration Manager 2007. The guide includes information about how ZTI and System Center Configuration Manager work together.
Deployment Customization Guide
Further customize the configuration files used in ZTI and LTI deployments. This guide also provides generic configuration guidance and a technical reference for configuration settings.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t to a Speci fic Co mpute r In this scenario, a deployment team is automating the deployment to a specific target computer. The computer can be identified using the AssetTag, UUID (universally unique identifier), SerialNumber, or MACAddress properties associated with the computer. For example, Woodgrove Bank uses the media access control (MAC) address of the primary network adapter of each computer to uniquely identify each computer. Although the computer’s database queries can be configured directly in the CustomSettings.ini file, the recommended method is to use Deployment Workbench to perform the customization. Doing this helps eliminate configuration errors and reduce the effort required to maintain the configuration. To automate deployment to a specific computer 1. Configure a database for Deployment Workbench to use to store configuration settings for specific computers. 2. Select the method for uniquely identifying computers in the organization. 3. Create the computers and computer settings using Deployment Workbench. 4. Create the specific roles, locations, or makes and models of computers using Deployment Workbench. 5. Configure CustomSettings.ini to perform the appropriate database queries using Deployment Workbench.
Configure a Database for Deployment Workbench To configure a database for Deployment Workbench to use to store configuration settings 553.Start Deployment Workbench. 554.In the console tree, expand Deploy, and then click Database. 555.In the Options dialog box, click New. The New DB Wizard will start. 556.On the SQL Server Details page, in the relevant boxes, type the information listed in Table 2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Specific Computer
3
Table 2. Information to Complete the SQL Server Details Page In this box
Type
SQL Server Name
The name of the Microsoft SQL Server® server computer.
Instance
The SQL Server instance (optional).
Port
The port on which the SQL Server is listening (optional).
Network Library
Click one of the following network libraries: •
Named Pipes
•
TCP/IP
557.Click Next. 558.On the Database page, click one of three options: •
Create a new database.
•
Create (or recreate) the tables and views in an existing database.
•
Use an existing database that already contains the required tables and views.
559.In the Database box beside the selected database option, type the name of the new database or click the name of an existing database. 560.Click Next. 561.On the SQL Share page, type the SQL Share name (required when using the Named Pipes option). 562.Click Finish.
Select the Method for Identifying Computers After creating a database or selecting an existing database, select the method for uniquely identifying the computers in the organization. A combination of methods can be used to do this. The predefined properties for uniquely identifying a target computer are the AssetTag, UUID, SerialNumber, and MACAddress properties. After creating a computer, specify configuration settings for its properties. These configuration settings are stored in the database and are retrieved by ZTIGather.wsf. In addition to querying the computers directly using the AssetTag, UUID, SerialNumber, or MACAddress properties, a computer can be associated with: •
A group of computers that perform a specific role using the Role property. To do this, create a new role item on the Roles node in Deployment Workbench. Then, on the Roles tab in the Properties dialog box of a computer on the Computers node in Deployment Workbench, add the role to the target computer.
•
A group of computers within a specific location using the Location or DefaultGateway properties. To do this, create a new location item on the Locations node in Deployment Workbench.
•
A group of computers that are a specific make and model using the Make and Model properties. To do this, create a new make and model item on the Make and Model node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
After identifying the computers, identify the configuration settings to associate with them. Use Deployment Workbench to associate the following properties with a computer, based on the tabs in the user interface (UI): •
Details. Configure specific properties for the target computer.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computer.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computer.
•
Roles. Configure the roles (defined in Deployment Workbench) to be associated with the target computer.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computer.
Create the Computer Settings After selecting the method for identifying the computers and the configuration settings for each computer, use Deployment Workbench to create the computers and computer settings. Perform the following steps for each computer identified in the previous section. To create computers and computer settings in Deployment Workbench 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Computers, and then click New. 3. In the Properties dialog box, on the Identity tab, configure the information listed in Table 3. A combination of this information can be provided; however, the description of at least one box must be configured in addition to Description (Asset tag, UUID, Serial number, or MAC address). Table 3. Information to Complete the Identity Tab for a New Computers Item In this box
Type
Description
The user-friendly description of the computer.
Asset tag
The asset tag or inventory control tag assigned to the computer.
UUID
The UUID assigned to the target computer.
Serial number
The serial number assigned to the target computer.
MAC address
The MAC address assigned to the target computer.
The Asset tag, UUID, Serial number, and MAC address boxes correspond to the AssetTag, UUID, SerialNumber, and MACAddress properties. For more information about the values for the asset tag, UUID, serial number, and MAC address, see the AssetTag, UUID, SerialNumber, and MACAddress properties in the MDT 2008 document, Toolkit Reference. 4. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 5. Click the Applications tab, and then configure the applications to install and the order of application installation. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Specific Computer
5
6. Click the Packages tab, and then configure the packages to install and the order of package installation. 7. Click the Roles tab, and then configure the roles to associate with the computer. 8. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Create Other Items After creating the computers and computer settings, the option is available to create other items (including roles to be assigned to the computers, locations in which the computers reside, or the specific make and model of the computers). Perform the following steps for each association to be made. Note For specific information on roles, locations, or make and model, please see their specific sections later in this guide.
To create other items 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click node (where node is the Roles, Locations, or Make and Model node), and then click New. 3. In the Properties dialog box, on the Identity tab, configure the identity values identified for each item (where the items are Roles, Locations, or Make and Model). 4. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 5. Click the Applications tab, and then configure the applications to install and the order of application installation. 6. Click the Packages tab, and then configure the packages to install and the order of package installation. 7. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each role. Perform the following steps for each deployment point to be configured. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 4. Note For System Center Configuration Manager, also copy CustomSettings.ini to the Setting Source Package directory.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Table 4. Completing the Configure DB Wizard for Computers Only Wizard page
Purpose
Computer Options
•
Query for computer-specific settings.
•
Query for roles assigned to this computer. If the role is associated with a specific computer, select the check box.
•
Query for applications to be installed on this computer.
•
Query for Systems Management Server packages to be installed on this computer.
•
Query for members of the local Administrator group to be assigned to this computer.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 1 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 4. Listing 1. CustomSettings.ini File After Completing the Configure DB Wizard [Settings] Priority=CSettings,CPackages, CApps, CAdmins, CRoles, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [CSettings] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerSettings Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CPackages] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerPackages Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Specific Computer
7
Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CApps] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerApplications Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CAdmins] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerAdministrators Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CRoles] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Note The [Default] section typically is at the end of the list of sections in the Priority property. Note
If using named pipes, the SQLShare property should show the SQL share name.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 5 lists the sections created and a brief description of the purpose of each section.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Table 5. Sections in Listing 1 and Their Purpose Section
Purpose
CSettings
Queries the ComputerSettings view to identify a computer based on any combination of the UUID, AssetTag, SerialNumber, or MACAddress properties.
CPackages
Queries the ComputerPackages view to return all the packages associated with a computer.
CApps
Queries the ComputerApplications view to return all the applications associated with a computer.
CAdmins
Queries the ComputerAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computer.
CRoles
Queries the ComputerRoles view to return all the roles associated with a computer.
For more information about the database views and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t by Loca tion In this scenario, the deployment team is automating the deployment by a location assigned to the target computer by the default gateway of the target computer. The location can be any name associated with a location in the organization. In addition, a default gateway can be associated with more than one location, allowing the logical grouping of locations within locations. For example, Woodgrove Bank defined a location for each building that contains all the default gateway IP addresses within each building. Then the company defined a location for each floor within each building that contains all the default gateway IP addresses on each floor. Thus, each default gateway IP address is defined within a location for the floor and for the building. Although the location database queries can be configured directly in the CustomSettings.ini file, the recommended method is to perform the customization using Deployment Workbench. Doing this helps eliminate configuration errors and reduces the effort required to maintain the configuration. To automate a deployment using locations 1. Identify the locations in the organization. 2. Create the locations and location settings using Deployment Workbench. 3. Use Deployment Workbench to configure CustomSettings.ini to perform the appropriate database queries.
Identify the Locations To automate the deployment by location, begin by identifying locations in the organization and how they will be used to apply configuration settings to the target computers. The locations are based on the default gateway IP addresses of the target computers. After creating a location, specify configuration settings for properties of the computers that reside within the location. These configuration settings are stored in the deployment database and are retrieved by ZTIGather.wsf. In addition to querying the locations directly by the location name or by the default gateway IP address, a location can be associated with: •
A specific computer using the AssetTag, UUID, SerialNumber, or MACAddress properties associated with the computer. To do this, configure the Locations tab in the Properties dialog box of a computer on the Computers node in Deployment Workbench.
•
A group of computers that perform a specific role using the Role properties associated with the role within each location. To do this, configure the Roles tab in the Properties dialog box of a location on the Locations node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
After identifying the locations, also identify the configuration settings to associate with each location. Using Deployment Workbench, the following items can be associated with a location: •
Details. Configure specific properties for target computers within the location.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computers within the location.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computers within the location.
•
Roles. Configure the roles (defined in Deployment Workbench) to be associated with the target computers within the location.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computers within the location.
Create the Location and Location Settings After identifying the locations and configuration settings for each location, create locations and location settings using Deployment Workbench. Perform the following steps for each role identified in the previous section. To create the location and location settings in Deployment Workbench 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Locations, and then click New. 3. In the Properties dialog box, on the Identity tab, in the Location box, type location_name (where location_name is the name of the location). 4. In the Default Gateways box, type the IP addresses for all default gateways that exist within the location. 5. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 6. Click the Applications tab, and then configure the applications to install and the order of application installation. 7. Click the Packages tab, and then configure the packages to install and the order of package installation. 8. Click the Roles tab, and then configure the roles to associate with the location. 9. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers within the location, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Location
11
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each location. Perform the following steps for each deployment point to configure. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 6. Table 6. Completing the Configure DB Wizard for Locations Only Wizard page
Purpose
Location Options
•
Query for location names based on default gateways.
•
Query for location-specific settings.
•
Query for roles assigned for this location.
•
Query for applications to be installed for this location.
•
Query for Systems Management Server packages to be installed for this location.
•
Query for members of the local Administrator group to be assigned for this location.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 2 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 6. Listing 2. CustomSettings.ini File After Completing the Configure DB Wizard [Settings] Priority=Locations, LSettings, LPackages, LApplications, LAdmins, LRoles, CSettings, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Locations] SQLServer=W2K3-SP1 Instance= Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Database=DWDB Netlib=DBNMPNTW SQLShare= Table=Locations Parameters=DefaultGateway [LSettings] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationSettings Parameters=DefaultGateway [LPackages] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationPackages Parameters=DefaultGateway Order=Sequence [LApps] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationApplications Parameters=DefaultGateway Order=Sequence [LAdmins] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationAdministrators Parameters=DefaultGateway Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Location
13
[LRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationRoles Parameters=DefaultGateway Note The [Default] section typically is at the end of the list of sections in the Priority property.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 7 lists the sections created and a brief description of purpose for each section. Table 7. Sections in Listing 2 and Their Purpose Section
Purpose
Locations
Queries the Locations view to identify the locations that are associated with the IP address of a default gateway.
LSettings
Queries the LocationSettings view to return all the property values associated with a location.
LPackages
Queries the LocationPackages view to return all the packages associated with a location.
LApps
Queries the LocationApplications view to return all the applications associated with a location.
LAdmins
Queries the LocationAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computers within a location.
LRoles
Queries the LocationRoles view to return all the roles associated with a location.
CSettings
Queries the ComputerSettings view to return all the property values associated with a specific computer.
For more information about the database views and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t by Co mpute r M ak e and Mode l In this scenario, the deployment team is automating the desktop deployment by the make and model of the target computers—that is, by the names associated with the computers’ Make and Model properties. By automating deployment this way, the property settings can be configured based on the make and model of the target computers. For example, Woodgrove Bank defined a unique make and model combination for the computers within its organization. Then the bank associated property settings, packages, roles, and user accounts to be made members of the local Administrator group for each unique make and model combination. Although the make and model database queries can be configured directly in the CustomSettings.ini file, the recommended method is to perform the customization using Deployment Workbench. Doing this helps eliminate configuration errors and reduce the effort required to maintain the configuration. To automate deployment using make and model 1. Identify the make and model combinations in the organization. 2. Use Deployment Workbench to create the make and model combinations and corresponding settings. 3. Use Deployment Workbench to configure CustomSettings.ini to perform the appropriate database queries.
Identify Make and Model Combinations To automate deployment using make and model, begin by identifying the make and model combinations in the organization and how they will be used to apply configuration settings to the target computers. The make and model combinations are based on the Make and Model properties of the target computers. After creating the make and model combinations, specify configuration settings for properties for the computers that match them. These configuration settings are stored in the database and are retrieved by ZTIGather.wsf. In addition to querying the locations directly by the make and model combination, associate a combination with a group of computers that performs a specific role using the Role properties associated with the role within each location. Do this by configuring the Roles tab in the Properties dialog box of a make and model combination item on the Make and Model node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Make and Model
15
After identifying items on the Make and Model node, identify the configuration settings to associate with each item. Using Deployment Workbench, the following items can be associated with a make and model item, based on the tabs in the UI: •
Details. Configure specific properties to target computers that match the make and model.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computers that match the make and model.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computers that match the make and model.
•
Roles. Configure the roles (defined in Deployment Workbench) to be associated with the target computers that match the make and model.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computers that match the make and model.
Create Make and Model Combinations and Settings After identifying the make and model combinations and configuration settings for each combination, create the combinations and corresponding settings using Deployment Workbench. Perform the following steps for each make and model combination identified in the previous section. To create make and model combinations and settings 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Make and Model, and then click New. 3. In the Properties dialog box, on the Identity tab, in the Make box, type make_name (where make_name is an identifiable name to associate with the make of the manufacturer of the target computers). 4. In the Model box, type model_name (where model_name is an identifiable name to associate with the model of the target computers). 5. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 6. Click the Applications tab, and then configure the applications to install and the order of application installation. 7. Click the Packages tab, and then configure the packages to install and the order of package installation. 8. Click the Roles tab, and then configure the roles to associate with the target computers. 9. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each make and model combination. Perform the following steps for each deployment point to be configured. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 8. Table 8. Completing the Configure DB Wizard for Make and Model Only Wizard page
Purpose
Make/Model Options
•
Query for model-specific settings.
•
Query for roles assigned to computers with this make and model.
•
Query for applications to be installed on computers with this make and model.
•
Query for Systems Management Server packages to be installed on computers with this make and model.
•
Query for administrators to be assigned to machines with this make and model.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 3 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 8. Listing 3. CustomSettings.ini file After Completing the Configure DB Wizard [Settings] Priority=MMSettings, MMPackages, MMAppls, MMAdmins, MMRoles, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [MMSettings] SQLServer=W2K3-SP1 Instance= Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Make and Model
17
Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelSettings Parameters=Make, Model [MMPackages] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelPackages Parameters=Make, Model Order=Sequence [MMApps] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelApplications Parameters=Make, Model Order=Sequence [MMAdmins] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelAdministrators Parameters=Make, Model [MMRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelRoles Parameters=Make, Model Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Note The [Default] section typically is at the end of the list of sections in the Priority property.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 9 lists the sections created and a brief description of purpose for each section. Table 9. Sections in Listing 3 and Their Purpose Section
Purpose
MMSettings
Queries the MakeModelSettings view to return all the property values associated with a make and model combination.
MMPackages
Queries the MakeModelPackages view to return all the packages associated with a make and model combination.
MMApps
Queries the MakeModelApplications view to return all the applications associated with a make and model combination.
MMAdmins
Queries the MakeModelAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computers that match a make and model combination.
MMRoles
Queries the MakeModelRoles view to return all the roles associated with a make and model combination.
For more information about the database views and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t by R ol e In this scenario, the team is automating the deployment by a role assigned to the target computer. The role can be any name that is associated with a role in the organization. For example, Woodgrove Bank assigned a role of Tellers to the bank tellers who work there. Woodgrove uses this role to identify the supplemental applications that need to be installed for bank tellers after the operating system and core applications are deployed. Although the role database queries can be configured directly in the CustomSettings.ini file, the recommended method is to perform the customization using Deployment Workbench. Doing this helps eliminate configuration errors and reduce the effort required to maintain the configuration. To automate a deployment using roles 1. Identify the roles in the organization. 2. Use Deployment Workbench to create the roles and role settings. 3. Use Deployment Workbench to associate the roles with specific computers, specific locations, or specific makes and models of computers. 4. Use Deployment Workbench to configure CustomSettings.ini to perform the appropriate database queries.
Identify the Roles To automate deployment by role, begin by identifying the roles in the organization and how they will be used to apply configuration settings to the target computers. The roles can be based on the users or the actual target computers. After creating a role, specify configuration settings for properties for users or computers that perform that role. These configuration settings are stored in the database and are retrieved by ZTIGather.wsf. In addition to querying the roles directly by the role name, a role can be associated with: •
A specific computer using the AssetTag, UUID, SerialNumber, or MACAddress properties associated with the computer. To do this, configure the Roles tab in the Properties dialog box of a computer on the Computers node in Deployment Workbench.
•
A group of computers within a location using the Location or DefaultGateway properties associated with the location. To do this, configure the Roles tab in the Properties dialog box of a location on the Locations node in Deployment Workbench.
•
A group of computers that are a specific make and model using the Make and Model properties associated with the computers. To do this, configure the Roles tab in the Properties dialog box of a make and model on the Make and Model node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
After identifying the roles, identify the configuration settings to associate with them. Use Deployment Workbench to associate the following properties with a role: •
Details. Configure specific properties to target computers that perform the role.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computers that perform the role.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computers that perform the role.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computers that perform the role.
Create the Roles and Role Settings After identifying the roles and configuration settings for each role, create the roles and role settings using Deployment Workbench. Perform the following steps for each role identified in the previous section. To create roles and role settings 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Roles, and then click New. 3. In the Properties dialog box, on the Identity tab, in the Role name box, type role_name (where role_name is the name of the role). 4. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 5. Click the Applications tab, and then configure the applications to install and the order of application installation. 6. Click the Packages tab, and then configure the packages to install and the order of package installation. 7. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Associate the Roles After creating the roles and the role settings, the option is available to associate the role with a computer, a location, or a specific make and model of computer. Perform the following steps for each association to be made. To associate roles 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, and then click node (where node is the Computers, Locations, or Make and Model node). 3. In the details pane, right-click item (where item is the Computer, Location, or Make and Model to specifically associate with the role), and then click Properties. 4. In the item Properties dialog box, click the Roles tab, click the appropriate roles, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Role
21
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each role. Perform the following steps for each deployment point to be configured. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 10. Table 10. Completing the Configure DB Wizard for Roles Only Wizard page
Purpose
Role Options
•
Query for role-specific settings.
•
Query for applications to be installed for this role.
•
Query for Systems Management Server packages to be installed for this role.
•
Query for members of the local Administrator to be assigned for this role.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 4 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 10. Listing 4. CustomSettings.ini File After Completing the Configure DB Wizard [Settings] Priority=CRoles, RSettings, RPackages, RApps, RAdmins, LRoles, MMRoles, Default Properties=MyCustomProperty [Default] SkipCapture=NO SkipAppsOnUpgrade=NO UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution11$ OSInstall=Y ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c [CRoles] SQLServer=W2K3-SP1 Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [RSettings] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=RoleSettings Parameters=Role [RPackages] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=RolePackages Parameters=Role Order=Sequence [RApplications] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=RoleApplications Parameters=Role Order=Sequence [RAdmins] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Role
23
Table=RoleAdministrators Parameters=Role [LRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationRoles Parameters=DefaultGateway [MMRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelRoles Parameters=Make, Model Note The [Default] section typically is at the end of the list of sections in the Priority property.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 11 lists the sections created and a brief description of purpose for each section.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Table 11. Sections in Listing 4 and Their Purpose Section
Purpose
CRoles
Queries the ComputerRoles view to identify the roles that are associated with a computer based on any combination of the UUID, AssetTag, SerialNumber, or MACAddress properties.
RSettings
Queries the RoleSettings view to return all the property values associated with a role.
RPackages
Queries the RolePackages view to return all the packages associated with a role.
RApps
Queries the RoleApplications view to return all the applications associated with a role.
RAdmins
Queries the RoleAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computers associated with a role.
LRoles
Queries the LocationRoles view to return all the roles associated with a location.
MMRoles
Queries the MakeModelRoles view to return all the roles associated with a specific make and model.
For more information about the database view and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Running Micr osoft D epl oymen t Toolki t 2008 W ithout WIN S By default, MDT 2008 expects that the Windows Internet Naming Service (WINS) exists in the organization’s network infrastructure. Many organizations have removed all dependencies on WINS or are in the process of eliminating them. Some changes are required to support MDT 2008 in organizations without WINS. The MDT 2008 scripts connect to network resources during the deployment process. Examples of these resources include: •
Shared folders on MDT 2008 distribution points.
•
Systems Management Server or System Center Configuration Manager distribution points.
•
Computers running SQL Server.
In environments without WINS, Windows Preinstallation Environment (Windows PE) uses Domain Name System (DNS) for IP address resolution. Ensure that the DNS services include both forward and reverse lookups for MDT 2008 servers. Additionally, configure DNS to perform WINS lookups. For additional information, see WINS lookup integration at http://www.microsoft.com/windows/windows2000/en/advanced/help/sag_DNS_und_Wins LookupIntegration.htm. To ensure that MDT 2008 operates correctly in an environment without WINS 1. Configure Dynamic Host Configuration Protocol (DHCP) with appropriate DNS scope entries. 2. Configure Lmhosts files for the Windows PE CD images. 3. Configure Systems Management Server with Active Directory® directory service schema extensions.
Configure DHCP with Appropriate DNS Scope Entries The organization must have an existing DHCP infrastructure to support MDT 2008. Each DHCP scope must include primary and secondary pointers for DNS servers that support the domain in which MDT 2008 services and servers are hosted. Note In environments without WINS, the WINS settings in the DHCP scope are irrelevant and should be left blank.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Configure Lmhosts Files for the Windows PE CD Images In some environments without WINS, DNS might not be available to or configurable by the deployment team. Although using DNS for name resolution is recommended, Lmhosts files can be used to provide name resolution. Manually place the Lmhosts files into both Windows PE images. To configure Lmhosts files for the Windows PE CD images 1. Modify the Windows PE Startnet.cmd files to include WINS resolution support (necessary for versions of Windows PE earlier version 2.0 and ZTI deployments using Systems Management Server [SMS] Operating System Deployment [OSD] Feature Pack only). 2. Create the appropriate folder structure in the images. 3. Create the appropriate Lmhosts file.
Create the Appropriate Folder Structure The appropriate folder structure must be created to support Lmhosts files for Windows PE. Create the folder structure (\Drivers\Etc) in the Computer Imaging System folder, as shown in Listing 5, where InstallPath is the path where MDT 2008 is installed. Listing 5. Folder Structure to Be Created for Lmhosts Files InstallPath\Computer Imaging System\Boot Disks\WinPE\ExtraFiles\i386\System32\Drivers\Etc
Create the Appropriate Lmhosts File Create an Lmhosts file that contains entries for the organization’s servers and domain. Listing 6 shows an example of an Lmhosts file. Listing 6. Example Lmhosts File 10.10.10.10 DomainController 10.10.10.20 BDDServer 10.10.10.30 AppServer 10.10.10.40 IMGServer
#PRE #PRE #PRE #PRE
#DOM:DomainName #at least 1 DC #source server #holds apps #hosts XP images
To create the appropriate Lmhosts file 563.Use a text editor to create the Lmhosts file. 564.Place the Lmhosts file in the \Drivers\Etc folder created earlier in the process. 565.Create or refresh the Windows PE lab and deployment images using the MDT 2008 computer imaging system. Update the Lmhosts file and, subsequently, the Windows PE images, if the environment changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Running Without WINS
27
Configure Active Directory Schema Extensions Systems Management Server and System Center Configuration Manager Advanced Clients determine their appropriate assigned Systems Management Server sites and servers based on Active Directory and DNS, when available. These are determined from management point and server locator point registrations if Active Directory schema extensions are installed. Ensure that the Active Directory schema is extended.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom iz ing D ep lo yment Ba sed on Chas si s T ype The deployment can be customized based on the chassis type of the server. The scripts create local variables that can be processed in the CustomSettings.ini file. The local variables IsLaptop, IsDesktop, and IsServer indicate whether the computer is a laptop, desktop, or server, respectively. Note In earlier versions of Deployment Workbench, the IsServer flag indicated that the existing operating system is a server operating system (such as Windows Server 2003 Enterprise Edition). This flag has been renamed to IsServerOS.
To implement local variables in the CustomSettings.ini file 1. In the [Settings] section, on the Priority line, add a custom section to customize deployment based on the chassis type (ByChassisType in the example in Listing 7, where Chassis represents the type of computer). 2. Create the custom section that corresponds to the custom section defined in step 1 (ByChassisType in the example in Listing 7, where Chassis represents the type of computer). 3. Define a subsection for each chassis type to detect (Subsection=Laptop%IsLaptop%, Subsection=Desktop-%IsDesktop%, Subsection=Server%IsServer% in the example in Listing 7).
4. Create a subsection for each True and False state of each subsection defined in step 3 (such as [Laptop-True], [Laptop-False], [Desktop-True], [DesktopFalse] in the example in Listing 7. 5. Under each True and False subsection, add the appropriate settings based on the chassis type. Listing 7. Example of Customizing Deployment Based on Chassis Type in the CustomSettings.ini File [Settings] Priority=...,ByLaptopType,ByDesktopType,ByServerType [ByLaptopType] Subsection=Laptop-%IsLaptop% [ByDesktopType] Subsection=Desktop-%IsDesktop% [ByServerType] Subsection=Server-%IsServer% . . Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Customization Desktop Samples: Previous Application Versions
29
. [Laptop-True] . . . [Laptop-False] . . . [Desktop-True] . . . [Desktop-False] . . . [Server-True] . . . [Server-False] . . .
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying A pp lic ations Ba sed on Ear li er A pp li ca tion Ver sions Often, when installing an operating system on an existing computer, the same applications that were previously installed on the computer will be installed. Do this using MDT 2008 scripts (in particular, ZTIGather.wsf) to query two separate sources of information: •
The Systems Management Server or System Center Configuration Manager hardware inventory database. Contains one record for each application package— in this case, listings in Program and Features in Windows Vista and Windows Server 2008 or Add or Remove Programs in Windows XP and Windows Server 2003 —installed the last time Systems Management Server or System Center Configuration Manager inventoried the computer.
•
A mapping table. Describes which package and program need to be installed for each record (because the Program and Features or Add or Remove Programs records do not specify exactly which package installed the application, making it impossible to automatically select the package based on inventory alone).
To perform a dynamic computer-specific application installation 1. Use the table in the Deployment Workbench database to connect specific packages with applications listed in the target operating system. 2. Populate the table with data that associates the appropriate package with the application listed in Program and Features or Add or Remove Programs (as illustrated in Listing 8). Listing 8. SQL Query to Populate the Table use [DWDB] go INSERT INTO [PackageMapping] (ARPName, Packages) VALUES('Office8.0', 'XXX0000F:Install Office 2003 Professional') go In Listing 8, the inserted row connects any computer that has the entry Office8.0 with the Microsoft Office 2003 Professional package. This means that Microsoft Office 2003 Professional will be installed on any computer currently running Microsoft Office 97 (Office 8.0). Add similar entries for any other packages. Any item for which there is no entry is ignored (no package will be installed). 3. Create a stored procedure to simplify joining the information in the new table with the inventory data (as illustrated in Listing 9).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Customization Desktop Samples: Earlier Application Versions
31
Listing 9. SQL Query to Create a Stored Procedure to Simplify Joining the Information with Inventory Data use [DWDB] go if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[RetrievePackages]') and OBJECTPROPERTY(id, N'IsProcedure') = 1) drop procedure [dbo].[RetrievePackages] go CREATE PROCEDURE [dbo].[RetrievePackages] @MacAddress CHAR(17) AS SET NOCOUNT ON /* Select and return all the appropriate records based on current inventory */ SELECT * FROM PackageMapping WHERE ARPName IN ( SELECT ProdID0 FROM SMS_SMS.dbo.v_GS_ADD_REMOVE_PROGRAMS a, SMS_SMS.dbo.v_GS_NETWORK_ADAPTER n WHERE a.ResourceID = n.ResourceID AND MACAddress0 = @MacAddress ) go The stored procedure in Listing 9 assumes that the Systems Management Server or System Center Configuration Manager central primary site database resides on the same computer running SQL Server as the Deployment Workbench database (DWDB). If the central primary site database resides on a different computer, the appropriate modifications need to be made to the stored procedure. In addition, the name of the database (SMS_SMS in Listing 9) must be updated. Also consider granting additional accounts Read access to the v_GS_ADD_REMOVE_PROGRAMS view in the Systems Management Server database. 4. Configure the CustomSettings.ini file to query this database table by specifying the name of a section ([DynamicPackages] in the Priority list) that points to the database information (as illustrated in Listing 10). Listing 10. Excerpt from CustomSettings.ini That Illustrates the DynamicPackages Section in the Priority List [Settings] … Priority=MacAddress, DefaultGateway, DynamicPackages, Default … Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
5. Create a [DynamicPackages] section to specify the name of a database section (as illustrated in Listing 11). Listing 11. Excerpt from CustomSettings.ini That Illustrates the DynamicPackages Section with the Name of a Database Section [DynamicPackages] SQLDefault= DB_DynamicPackages 6. Create a database section to specify the database information and query details (as illustrated in Listing 12). Listing 12. Excerpt from CustomSettings.ini That Illustrates the Database Section [DB_DynamicPackages] SQLServer=SERVER1 Database=DWDB StoredProcedure=RetrievePackages Parameters=MacAddress SQLShare=Logs Instance=SQLEnterprise2005 Port=1433 Netlib=DBNMPNTW In the example in Listing 12, the DWDB on the computer running the SQL Server named SERVER1 will be queried. The database contains a stored procedure named RetrievePackages (created in step 3). When ZTIGather.wsf runs, a SQL SELECT statement is automatically generated, and the value of the MakeModelQuery custom key is passed as a parameter to the query (shown in Listing 13). Listing 13. Sample SQL Query Created Automatically Based on the Database Section EXECUTE RetrievePackages ? The actual value of the MACAddress custom key will be substituted for the corresponding ? in Listing 13. This query returns a record set with the rows entered in step 2. A variable number of arguments cannot be passed to a stored procedure. As a result, when a computer has more than one MAC address, not all MAC addresses can be passed to the stored procedure. As an alternative, replace the stored procedure with a view that allows querying the view with a SELECT statement with an IN clause to pass all the MAC address values. Based on the scenario presented here, if the current computer has the value Office8.0 inserted into the table (step 2), the one row is returned (XXX0000F:Install Office 2003 Profession). This indicates that package XXX0000F:Install Office 2003 Professional will be installed by the ZTI process during the State Restore Phase.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Ope r ating Syste ms Us ing the Do wnload and E xecute Fea tu r e The process and scripts described in this section show how to download operating system package files to a computer’s local hard disk in advance of actual installation of the new operating system. This allows the files to be pre-staged on the computers using standard Systems Management Server or System Center Configuration Manager Advanced Client download and execute capabilities, which allow for much greater scalability (given sufficient planning). Warning The steps described in this section, in addition to the changes made by the included scripts, are not supported by Microsoft Product Support Services (PSS). Deployment teams use them at their own risk.
Systems Management Server introduced a new software distribution capability called download and execute. This feature uses the Background Intelligent Transfer Service (BITS) capabilities, which were introduced in Microsoft Windows 2000 and continued in later operating systems, to enable files to be retrieved using the Hypertext Transfer Protocol (HTTP). These file transfers can be suspended and resumed, picking up where they left off, thereby allowing for improved resiliency, especially in low-bandwidth situations. These download and execute capabilities are also useful in other situations. For example, if a large package is being installed on many computers, the package contents can be pre-cached on the computer before running the package. This is done through the appropriate configuration of an advertisement. •
The advertisement start time must be set to an appropriate time in the future.
•
The mandatory execution date must be set to a time after the advertisement start time.
When the Advanced Client encounters an advertisement with a future mandatory execution time, it automatically begins downloading the files required for that advertisement as soon as the advertisement start time is reached. If enough time is allowed between the advertisement start time and the mandatory execution time, a large number of computers could be able to cache the full package content. This allows that same large number of computers to execute the package at the same time without any adverse effect on the network. Because operating system packages are significantly larger than most packages Systems Management Server and System Center Configuration Manager typically deploy, this capability could be extremely advantageous as long as the following limitations are acknowledged: •
The client computers must have enough disk space. The computers must be able to hold the original operating system files, the user state backup (optionally, because it could be stored on the network), and the complete operating system package. The Advanced Client cache size must also be increased so that it is large enough to hold the complete operating system package, which could be gigabytes (GB) in size.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
•
Microsoft Deployment Toolkit 2008
The impact on the network must still be considered. All Advanced Client computers will begin downloading the content as soon as the advertisement start time is reached. If too many computers are specified in the collection or an advertisement start time is specified that occurs at an inappropriate time (for example, in the middle of the work day), the network and servers could be overloaded. Although this would not cause any problems with the operating system deployment package, it would likely cause other operational problems (for example, slow e-mail access, slow Internet access, or slow delivery of other packages).
Note Proper testing and impact analysis are required. These activities are beyond the scope of this guide.
To use download and execute with operating system packages and advertisements, first make modifications to the operating system programs and advertisements directly using the Systems Management Server or System Center Configuration Manager application programming interfaces (APIs), because the applications’ administrative consoles specifically prohibit these modifications. The remainder of this section describes how to make those modifications.
Configuration Process Perform the following configuration activities before using download and execute: •
Define collections that contain only the computers that meet the requirements. For example, it might be appropriate to select only the computers running Windows 2000 or later with at least 2 GB of free disk space (assuming all of those computers meet the requirements for the operating system package being deployed, such as processor speed and memory).
•
Configure the Advanced Client cache size so that there is enough capacity to store the operating system package.
•
Configure the operating system program and advertisement being used to deploy the operating system package to the collection of computers defined in the previous activity.
Define Collections Because not all computers will have enough disk space to cache the complete operating system package, create a computer collection that contains only those that can. This can be done using the following steps within Systems Management Server or System Center Configuration Manager. To define a collection 1. Create a new collection called Deploy Windows XP with Download and Execute (or some other suitable name). 2. On the Membership tab of the collection properties, click the cylinder icon to create a new query rule named Windows 2000 with sufficient disk space (or some other suitable name). 3. Edit the query statement to select only the computers running Windows 2000 and that have more than 2 GB of free disk space. Note Assuming that the operating system package is at most 1.5 GB, allow about 500 megabytes (MB) for scratch space and day-to-day functionality.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
35
The query rule should look similar to that shown in Figure 1.
Figure 1. Example query rule Or, looking at the query language, the rule should look like that in Figure 2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Figure 2. Example query language The exact requirements will vary for each organization. Be sure to verify that the collection contains the appropriate results before continuing with the following steps.
Configure Advanced Client Computers Typically, an Advanced Client computer is configured with a cache size of 256 MB to 512 MB. This cache is not sufficient for most operating system packages, which can range in size from 500 MB to several gigabytes. To support these packages, the maximum size of the cache must be increased. To increase a computer's cache size 1. Create a directory that contains a Microsoft Visual Basic® Scripting Edition (VBScript) script that changes the cache size. 2. Use this directory to create a new package. In this package, create a program that runs the VBScript script. Push this package to all Systems Management Server distribution points. 3. Distribute this script to the collection of computers defined in the previous section by creating a mandatory advertisement for the new package. (This package must run before the operating system package.) The VBScript code shown in Listing 14 is required to change the cache size.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
37
Listing 14. VBScript Code Required to Change the Cache Size Set ui = CreateObject("UIResource.UIResourceMgr") Set cacheInfo = ui.GetCacheInfo cacheInfo.TotalSize = 2000 ' Change maximum size to 2GB (approx) Note that the script needs to make the cache size bigger than what is required for the operating system package alone. In this example, assume the previous cache size was 500 MB and the operating system package is 1,500 MB (or 1.5 GB); this script makes the new cache size big enough to hold the 500 MB of existing content and the new 1.5 GB operating system package. This allows other packages to reside in the cache at the same time, which might be required depending on how long the operating system package is present in the cache (which in turn depends on the difference between the advertisement start date and the mandatory advertisement date) and how many other mandatory packages have recently run or will soon run from the cache.
Configure Operating System Programs and Advertisements To enable an operating system package to support download and execute, first create the operating system package using standard steps: capture a Windows Imaging Format (WIM) file, create the package from that file, define an operating system program with the necessary settings and custom actions, and so on. Also create an advertisement for this package, but do not yet target the full collection. Instead, target an empty collection; this collection can be used for testing purposes. When testing is complete, a new advertisement can be created for the full collection (be very careful to specify the appropriate advertisement start time and mandatory advertisement time). Microsoft has provided two scripts to enable download and execute support: •
ZTICache.vbs. This script is used as an interface for the program executable, Osdlaunch.exe. It ensures that the cached package content is moved to a safe location, C:\Minint\PackageSource, before running Osdlaunch.exe. It also protects this content so that Osdlaunch.exe cannot remove it during its normal cleanup of the C:\Minint directory structure.
•
ZTICacheUtil.vbs. This script makes API calls to modify existing operating system program and advertisement objects to enable ZTICache.vbs, and to enable download and execute on the advertisement. Note that administrators cannot see these modifications in the administrator console; the console continues to show that Run from distribution point is enabled, even when Download from distribution point has been configured.
These files should be copied to an accessible location on the server (for example, \\Server1\ZTI) where the administrator console can access them using a Universal Naming Convention (UNC) path. To make the necessary changes, the ZTICache.vbs script must first be added as a required file to an existing custom action (for example, the MDT 2008 Zero Touch Installation—Validation custom action). Doing this causes the file to be included in the package directory (required, because this script is executed when the operating system program is first started by the advertisement). When the file is added, all distribution points for the package must be updated.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
After the ZTICache.vbs script has been added, the operating system program and advertisement objects can be modified using the ZTICacheUtil.vbs script. Listing 15 shows how to use the script to enable download and execute on advertisement XXX20001; this also causes the associated operating system program to be modified to run ZTICache.vbs. Listing 15. Command to Run ZTICacheUtil.vbs cscript.exe ZTICacheUtil.vbs /server:SERVER1 /advertisement:XXX20001 /enable:true Output similar to Listing 16 is produced. Listing 16. Example Output from Running ZTICacheUtil.vbs Microsoft (R) Windows Script Host Version 5.6 Copyright (C) Microsoft Corporation 1996-2001. All rights reserved. Connecting to SMS provider server SERVER1 and site MTN. Retrieving advertisement object for advertisement XXX20001. Enabled download and execute on advertisement XXX20001. Retrieving program object for package XXX00001 and program Install XP. Enabled ZTICache.vbs on package XXX00001 program Install XP. Be sure to include ZTICache.vbs in the OS package by including it as a required file on at least one custom action. OS Package ID: OS Package Name: OS Program Name: OS Program command line: OS Program cache enabled: OS Advertisement ID: OS Advertisement flags: Download enabled:
XXX00001 XP Master Install XP wscript //b ZTICache.vbs True XXX20001 48 True
Remember that modifying the operating system program affects all advertisements that use this program, so modify only a program that is being used solely for download and execute support. This might require creating a second program on the operating system package. To undo the changes made to support download and execute, reconfigure both the advertisement and the operating system program, as shown in Listing 17 (substituting the appropriate advertisement ID, package ID, and program name). Listing 17. Undoing Changes Made to Support Download and Execute cscript.exe ZTICacheUtil.vbs /server:SERVER1 /package:XXX00001 /program:"Install XP" /enable:false cscript.exe ZTICacheUtil.vbs /server:SERVER1 /advertisement:XXX20001 /enable:false
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
39
For more information about ZTICacheUtil.vbs, run the script with no parameters. It will display a usage statement, in addition to information about every operating system package, program, and advertisement currently defined on the specified Systems Management Server or System Center Configuration Manager server. When download and execute has been enabled on an operating system program and advertisement, it must be tested. This can be done by adding one or more computers (preferably test computers) to the empty collection previously created. When satisfied with the results, create an advertisement for the main query-based collection. Be careful to specify an appropriate future time for the advertisement start date; ideally, this is a time when clients would not notice the network impact (for example, Friday at midnight). Also, remember that clients do not begin downloading the content until the advertisement is mandatory, so add an appropriate mandatory assignment date.
Scripts Used in This Process Microsoft Corporation hopes that the following sample scripts (ZTICacheUtil.vbs in Listing 18 and ZTICache.vbs in Listing 19) are valuable. Use of the sample scripts, however, is at the deployment team's sole risk. The sample scripts are provided as is, without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title, or noninfringement. Microsoft Corporation shall not be liable for any damages that might be sustained by using the sample scripts, whether direct, indirect, special, incidental, or consequential, even if it has been advised of the possibility of such damages.
Source Code for ZTICacheUtil.vbs Listing 18 contains the source code to ZTICacheUtil.vbs. Copy and paste the code listed in Listing 18 to a text editor and save it as ZTICacheUtil.vbs. Listing 18. Source Code to ZTICacheUtil.vbs '//-------------------------------------------------------------'// '// '// File: ZTICacheUtil.vbs '// '// Input: none '// '// Return: 0 = Success, anything else indicates failure '// '// Purpose: By default, the OS Deployment Feature Pack does '// not support "download and execute" with OS packages. This '// script enables that support in two ways: '// '// 1. By modifying the OSD advertisement to enable "download '// and execute". By default, the Administrator Console '// will prevent this. (Even after the script changes this '// through the APIs, the GUI will still show that it is not '// enabled.) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
'// '// 2. By modifying the OSD program to run the ZTICache.vbs '// script which ensures that the locally-cached OSD package '// files are kept in a safe location, '// C:\MININT\PackageSource. (This can be done even without '// enabling "download and execute" on the OSD '// advertisement; in this case, the ZTICache.vbs script '// will copy the OSD package files from the distribution '// point directly to C:\MININT\PackageSource. See the '// ZTICache.vbs script for more details.) '// '// This script is driven by command-line parameters. It '// assumes that the script is being run by someone with the '// necessary permissions to modify package, program, and '// advertisement objects. It also assumes that the user '// knows the package ID, program name, and advertisement ID '// of the objects that they want to modify, as well as the '// server name of the site owning those objects. '// '// This script also requires Windows Scripting Host 5.6. '// '//-------------------------------------------------------------' Initialization Set sh = CreateObject("WScript.Shell") Set argsNamed = WScript.Arguments.Named Set oLocator = CreateObject("WbemScripting.SWbemLocator")
' Get parameters sServer = UCase(argsNamed("server")) sPackage = UCase(argsNamed("package")) sProgram = argsnamed("program") sAdvertisement = UCase(argsNamed("advertisement")) sEnable = UCase(argsNamed("enable")) If argsNamed.Count = 0 then WScript.Echo "" WScript.Echo "USAGE:" WScript.Echo "" Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
41
WScript.Echo WScript.ScriptName & " [/server:<serverName>] [/package:<packageID>]" &_ " [/program:<programName>] [/advertisement:] [/enable:<true|false>]"
WScript.Echo "" WScript.Echo "Options:" WScript.Echo VBTAB & "/server: (Default=This server)." WScript.Echo VBTAB & "/package: (Default=Null)." WScript.Echo VBTAB & "/program: (Default=null)." WScript.Echo VBTAB & "/advertisement: (Default=null)."
SMS/SCCM server name OS package ID OS program name OS advertisement ID
WScript.Echo "" WScript.Echo "Examples:" WScript.Echo "" WScript.Echo WScript.ScriptName & " /advertisement:XXX20001 /enable:true" WScript.Echo WScript.ScriptName & " /package:XXX00001 /program:""Install XP"" /enable:true" WScript.Echo "" End if
' Connect to SMS/SCCM provider Set oServices = oLocator.ConnectServer(sServer, "root\sms") Set oProviderLocation = oServices.ExecQuery("select * from SMS_ProviderLocation where ProviderForLocalSite = 1") For Each o In oProviderLocation sProviderServer = o.Machine sProviderSite = o.SiteCode Next Set oServices = Nothing WScript.Echo "Connecting to SMS provider server " & sProviderServer &_ " and site " & sProviderSite & "." Set oServices = oLocator.ConnectServer(sProviderServer, "root\sms\site_" &_ Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit 2008
sProviderSite)
' See what we need to do If sAdvertisement <> "" then ' Get the specified advertisement WScript.Echo "Retrieving advertisement object for advertisement " &_ sAdvertisement & "." Set oAdvert = oServices.Get("SMS_Advertisement.AdvertisementID='" &_ sAdvertisement & "'")
' Modify the program as appropriate. Select Case sEnable Case "YES", "TRUE" If oAdvert.RemoteClientFlags <> 48 then oAdvert.RemoteClientFlags = 48 oAdvert.Put_ WScript.Echo "Enabled download and execute on advertisement " &_ sAdvertisement & "." ' Force the package and program to be checked if no other values were specified. If sPackage = "" and sProgram = "" then sPackage = oAdvert.PackageID sProgram = oAdvert.ProgramName End if End if Case Else If oAdvert.RemoteClientFlags <> 40 then oAdvert.RemoteClientFlags = 40 oAdvert.Put_ WScript.Echo "Disabled download and execute on advertisement " &_ sAdvertisement & "." End if Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
43
End Select End if If sPackage <> "" and sProgram <> "" then ' Get the specified program WScript.Echo "Retrieving program object for package " & sPackage &_ " and program " & sProgram & "." Set oProgram = oServices.Get("SMS_Program.PackageID='" & sPackage &_ "',ProgramName='" & sProgram & "'")
' Modify the program as appropriate. Select Case sEnable Case "YES", "TRUE" If oProgram.CommandLine <> "wscript //b ZTICache.vbs" then oProgram.CommandLine = "wscript //b ZTICache.vbs" oProgram.Put_ WScript.Echo "Enabled ZTICache.vbs on package " & sPackage &_ " program " & sProgram & "." WScript.Echo "Be sure to include ZTICache.vbs in the OS package by including it as a" WScript.Echo "required file on at least one custom action." End if Case Else If oProgram.CommandLine <> "osdlaunch.exe" then oProgram.CommandLine = "osdlaunch.exe" oProgram.Put_ WScript.Echo "Disabled ZTICache.vbs on package " & sPackage &_ " program " & sProgram & "." End if End Select End if Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit 2008
' Finally, report on the current state Set oPackages = oServices.ExecQuery("select * from SMS_Package where ImageFlags = 1") For each oPackage in oPackages WScript.Echo " " WScript.Echo "OS Package ID: oPackage.PackageID WScript.Echo "OS Package Name:
" & " & oPackage.Name
Set oPrograms = oServices.ExecQuery("select * from SMS_Program where PackageID = '" &_ oPackage.PackageID & "'") For each oProgram in oPrograms WScript.Echo " OS Program Name: " & oProgram.ProgramName WScript.Echo " OS Program command line: " & oProgram.CommandLine If Instr(oProgram.CommandLine, "ZTICache.vbs") > 0 then bEnabled = true Else bEnabled = false End if WScript.Echo " OS Program cache enabled: " & bEnabled Set oAdverts = oServices.ExecQuery("select * from SMS_Advertisement where PackageID = '" &_ oProgram.PackageID & "' and ProgramName = '" & oProgram.ProgramName & "'") For each oAdvert in oAdverts WScript.Echo " OS Advertisement ID: " & oAdvert.AdvertisementID WScript.Echo " OS Advertisement flags: " & oAdvert.RemoteClientFlags If oAdvert.RemoteClientFlags = 48 then bDownloadEnabled = true Else bDownloadEnabled = false End if WScript.Echo " Download enabled: " & Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
45
bDownloadEnabled
' Sanity check If bDownloadEnabled and (not bEnabled) then WScript.Echo " " WScript.Echo "Warning: ZTICache.vbs must be enabled on " &_ oPackage.PackageID & " and " & oProgram.ProgramName WScript.Echo "in order for download and execute to be successful for advertisement " &_ oAdvert.AdvertisementID & "." WScript.Echo " " End if Next Next Next
' Cleanup Set oServices = Nothing
Source Code for ZTICache.vbs Listing 19 contains the source code to ZTICache.vbs. Copy and paste the code in Listing 19 to a text editor and save it as ZTICache.vbs. Listing 19. Source Code to ZTICache.vbs '//-------------------------------------------------------------'// '// '// File: ZTICache.vbs '// '// Input: none '// '// Return: Return code from OSDLaunch.exe (0 = Success) '// '// Purpose: By default, the OS Deployment Feature Pack does '// not support "download and execute" with OS packages. This Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
'// script is designed to enable this by moving or copying the '// OS package files to a safe location on the hard drive, '// C:\MININT\PackageSource, where they will not be removed when '// OSD cleans the hard drive. After doing this, it will run '// OSDLaunch.exe to kick off the normal OSD process. But '// because OSDLaunch "cleans" the C:\MININT directory when it '// starts, the script must also protect the contents of the '// C:\MININT\PackageSource directory. It does this by opening '// all the files in the directory, which prevents their '// deletion because they are in use. If the OSD advertisement '// has been set to enable "download and execute", the package '// files (and this script) will be in the SMS advanced client '// cache directory '// (typically %WINDIR\System32\ccm\cache\<package>"). '// In order to prevent there being two copies of the files on '// the hard drive, the files are moved to '// C:\MININT\PackageSource instead of copied. '// '// If this script is run on an NT 4.0 workstation (through the '// same OSD advertisement), "download and execute" is not '// available. However, the script will still copy the files to '// the hard drive before initiating the OSD process. This at '// least enables some of the benefits of download and execute '// for NT 4.0 client. '// '// This script is inserted into an existing OSD program by the '// ZTICacheUtil.vbs script. See that script for further '// information. This script must be added to one of the OSD '// custom actions as a required file so that it is included in '// the OSD package files. After doing this, the distribution '// points need to be updated. '// '//-------------------------------------------------------------' Initialization Set fso = CreateObject("Scripting.FileSystemObject") Set sh = CreateObject("WScript.Shell")
' Find the directory we are running from - that's the source. sCacheDir = fso.GetParentFolderName(WScript.ScriptFullName) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
47
' Create the OSD directory structure If not fso.FolderExists("C:\MININT") then fso.CreateFolder "C:\MININT" End if If fso.FolderExists("C:\MININT\PackageSource") then fso.DeleteFolder "C:\MININT\PackageSource", true End if fso.CreateFolder "C:\MININT\PackageSource"
' If we are running from a local path, move the contents to the PackageSource directory. ' Otherwise, just copy it. (When running from a local path, SMS must have already copied ' the files locally using BITS.) If Left(sCacheDir,2) = "\\" then fso.CopyFile sCacheDir & "\*.*", "C:\MININT\PackageSource\", True sh.LogEvent 0, "Copied files in " & sCacheDir For each f in fso.GetFolder(sCacheDir).Subfolders sh.LogEvent 0, "Copying folder " & f.Path fso.CopyFolder f.Path, "C:\MININT\PackageSource\", true Next Else fso.MoveFile sCacheDir & "\*.*", "C:\MININT\PackageSource\" sh.LogEvent 0, "Moved files in " & sCacheDir For each f in fso.GetFolder(sCacheDir).Subfolders sh.LogEvent 0, "Moving folder " & f.Path fso.MoveFolder f.Path, "C:\MININT\PackageSource\" Next End if
' Log the count of files in the folder sh.LogEvent 0, "Files in C:\MININT\PackageSource folder: " &_ fso.GetFolder("C:\MININT\PackageSource").Files.Count
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
' Because OSDLaunch will "clean up" the C:\MININT directory, we need to keep the package ' source files from being deleted in the process. Open each one of them and keep them open ' until OSDLaunch.exe completes. sh.LogEvent 0, "Opening C:\MININT\PackageSource files" Set oFiles = CreateObject("Scripting.Dictionary") For each f in fso.GetFolder("C:\MININT\PackageSource").Files Set oFile = fso.OpenTextFile(f, 1) oFiles.Add f, oFile Next For each s in fso.GetFolder("C:\MININT\PackageSource").SubFolders For each f in s.Files Set oFile = fso.OpenTextFile(f, 1) oFiles.Add f, oFile Next Next
' Run OSDLaunch.exe from the new directory. It will try to clean up C:\MININT, but the ' open files will keep that from causing problems. OSDLaunch will then install OSDAgent ' as a service and that will drive the rest of the process. sh.LogEvent 0, "Setting working directory" sh.CurrentDirectory = "C:\MININT\PackageSource" sh.LogEvent 0, "Running OSDLaunch" rc = sh.Run("OSDLaunch.exe", 0, true) sh.LogEvent 0, "Return code from OSDLaunch = " & rc
' Quit with the return code from OSDLaunch. automatically be closed.
The files will
WScript.Quit rc
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Ope r ating Syste ms Us ing Sys tem Cen ter Con figu r ation Mana ger System Center Configuration Manager provides the tools needed to create operating system images for deploying to computers managed by System Center Configuration Manager, and to unmanaged computers using bootable media such as CD or DVD. The deployment image, a WIM file, contains the version of the Windows operating system to be deployed and can include any applications that need to be installed on the computer. System Center Configuration Manager is designed to be the primary means to deploy operating systems for both server and client platforms. It builds upon the best features from the SMS 2003 OSD Feature Pack to enhance the way operating system deployments are managed. Another important deployment feature of System Center Configuration Manager is the integrated Task Sequencer. Although many similarities exist between Systems Management Server and System Center Configuration Manager, there is one major difference: using System Center Configuration Manager, administrators no longer need to write scripts for deploying or capturing operating system images. Additionally, by taking advantage of the Task Sequencer, the operating system deployment process becomes completely hands-off. For more information about operating system deployment and the Task Sequencer, see Overview of Operating System Deployment at http://technet.microsoft.com/en-us/library/bb694101.aspx.
Deploy Operating System Images to a Computer Use this procedure to deploy an operating system image to a target computer. When deploying an operating system, the target computer should have the same architecture as the boot image that is contained in the operating system image. To complete the operating system deployment successfully, also create a System Preparation Tool (Sysprep) directory on the reference computer hard disk. For specific guidance, see How to Deploy Operating System Images to a Computer at http://technet.microsoft.com/enus/library/bb632559.aspx.
Deploy an Operating System Image to a New Computer Using Boot Media Use System Center Configuration Manager to deploy an operating system image to a new computer or a computer that is new to the System Center Configuration Manager site. For specific guidance, see How to Deploy an Operating System Image to a New Computer Using Boot Media at http://technet.microsoft.com/enus/library/bb694215.aspx. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
50
Microsoft Deployment Toolkit 2008
Deploy an Operating System Image to an Offline Computer An operating system may have to be deployed to a computer that is not connected to the network or to a computer that is connected by a low-bandwidth connection. Use System Center Configuration Manager to create offline installation media that perform the installation. For specific guidance, see How to Deploy an Operating System Image to an Offline Computer at http://technet.microsoft.com/en-us/library/bb681017.aspx.
Create Stand-Alone Media Stand-alone media can be created from which to run an operating system image deployment. The stand-alone media will contain all necessary data to run the specified operating system deployment task sequences without requiring a connection to a System Center Configuration Manager site. Stand-alone media will operate regardless of whether a System Center Configuration Manager client is installed on the target computer, and they will operate without communicating with a System Center Configuration Manager server infrastructure, such as a management point or distribution point. For specific guidance, see How to Create Stand-alone Media at http://technet.microsoft.com/enus/library/bb632784.aspx.
Create a Computer Association for a Side-by-Side Migration A computer association creates a relationship between a source and destination computer for the side-by-side migration of user state data. The source computer is an existing computer that is managed by System Center Configuration Manager and that contains the user state data and settings to be migrated to a specified destination computer. Also a computer association can be created when importing new computers into the System Center Configuration Manager database using the Import Computer Information Wizard. For specific guidance, see How to Create a Computer Association for a Side-by-Side Migration at http://technet.microsoft.com/enus/library/bb680730.aspx.
Initiate Operating System Image Deployments Using PXE Use the Pre-Boot Execution Environment (PXE) protocol to initiate operating system deployments to System Center Configuration Manager computers and servers. Use the following tasks to perform PXE-initiated operating system deployments: •
How to Configure the PXE Service Point at http://technet.microsoft.com/enus/library/bb680668.aspx
•
How to Deploy an Operating System Image using PXE at http://technet.microsoft.com/en-us/library/bb694069.aspx
•
PXE Deployment Workflow at http://technet.microsoft.com/enus/library/bb693705.aspx
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment Scenari o The main purpose of LTI is to automate the deployment process as much as possible. Although ZTI provides full deployment automation using the MDT 2008 scripts, the SMS 2003 OSD Feature Pack, and Windows Deployment Services, LTI is designed to work with fewer infrastructure requirements. The Windows Deployment Wizard used in the LTI deployment process can be automated to reduce (or eliminate) the wizard pages that are displayed. The entire Windows Deployment Wizard can be skipped by specifying the SkipWizard property in CustomSettings.ini. To skip individual wizard pages, use the following properties: •
SkipAdminPassword
•
SkipApplications
•
SkipAppsOnUpgrade
•
SkipBDDWelcome
•
SkipBitLocker
•
SkipBitLockerDetails
•
SkipTaskSequence
•
SkipCapture
•
SkipComputerBackup
•
SkipComputerName
•
SkipDeploymentType
•
SkipDomainMembership
•
SkipFinalSummary
•
SkipLocaleSelection
•
SkipPackageDisplay
•
SkipProductKey
•
SkipSummary
•
SkipTimeZone
•
SkipUserData
For more information about these individual properties, see the corresponding property in the MDT 2008 document, Toolkit Reference. For each wizard page skipped, provide the values for the corresponding properties that are normally collected through the wizard page in the CustomSettings.ini and BootStrap.ini files. For more information about the properties that must be configured in CustomSettings.ini and BootStrap.ini, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” in the MDT 2008 document, Toolkit Reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment for Refr esh Co mpute r Scenario Listing 20 illustrates a CustomSettings.ini file used for a Refresh Computer scenario to skip all Windows Deployment Wizard pages. In this sample, the properties to provide when skipping the wizard page are immediately beneath the property that skips the wizard page. Note
The properties used to skip wizard pages are in bold type in the listing.
Listing 20. CustomSettings.ini File for a Refresh Computer Scenario [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac /lae SkipAppsOnUpgrade=Yes SkipCapture=Yes SkipAdminPassword=YES SkipProductKey=YES SkipDeploymentType=Yes DeploymentType=REFRESH SkipDomainMembership=Yes JoinDomain=DomainName DomainAdmin=Administrator DomainAdminDomain=DomainName DomainAdminPassword= SkipUserData=yes UserDataLocation=AUTO UDShare=\\Servername\Sharename\Directory UDDir=%ComputerName% SkipComputerBackup=yes ComputerBackuplocation=AUTO Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Fully Automated LTI Deployment
53
BackupShare=\\Servername\Backupsharename BackupDir=%ComputerName% SkipTaskSequence=Yes TaskSequenceID=Enterprise SkipComputerName=Yes ComputerName=%ComputerName% SkipPackageDisplay=Yes LanguagePacks1={3af4e3ce-8122-41a2-9cf9-892145521660} LanguagePacks2={84fc70d4-db4b-40dc-a660-d546a50bf226} SkipLocaleSelection=Yes UILanguage=en-US UserLocale=en-CA KeyboardLocale=0409:00000409 SkipTimeZone=Yes TimeZoneName=China Standard Time SkipApplications=Yes Applications1={a26c6358-8db9-4615-90ff-d4511dc2feff} Applications2={7e9d10a0-42ef-4a0a-9ee2-90eb2f4e4b98} UserID=Administrator UserDomain=DomainName UserPassword=P@ssw0rd SkipBitLocker=Yes SkipSummary=Yes Powerusers1=DomainName\Username
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment for Up g r ade C ompu ter Scenar io Listing 21 illustrates a CustomSettings.ini file used for an Upgrade Computer scenario to skip all Windows Deployment Wizard pages. In this sample, the SkipWizard property is used to skip all the Windows Deployment Wizard pages. The properties that follow the SkipWizard property are required by the LTI process to complete the upgrade. Note
The property that is used to skip the wizard pages is in bold type in the listing.
Listing 21. CustomSettings.ini File for an Upgrade Computer Scenario [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac /lae SkipWizard=Yes DeploymentType=UPGRADE
TaskSequenceID=Enterprise ComputerName=%ComputerName% LanguagePacks1={3af4e3ce-8122-41a2-9cf9-892145521660} LanguagePacks2={84fc70d4-db4b-40dc-a660-d546a50bf226} UILanguage=en-US UserLocale=en-CA KeyboardLocale=0409:00000409 TimeZoneName=Canada Central Standard Time Applications1={a26c6358-8db9-4615-90ff-d4511dc2feff} Applications2={7e9d10a0-42ef-4a0a-9ee2-90eb2f4e4b98} UserID=Administrator UserDomain=DomainName UserPassword=P@ssw0rd Powerusers1=DomainName\Username
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment for Ne w Co mpute r Scenar io Listing 22 illustrates a CustomSettings.ini file used for a New Computer scenario to skip all Windows Deployment Wizard pages. In this sample, the properties to provide when skipping the wizard page are immediately beneath the property that skips the wizard page. Note
The properties that are used to skip wizard pages are in bold type in the listing.
Listing 22. CustomSettings.ini File for a New Computer Scenario [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac /lae SkipAppsOnUpgrade=Yes SkipCapture=YES ComputerBackupLocation=\\ServerName\Backup$\ BackupFile=MyCustomImage.wim SkipAdminPassword=YES SkipProductKey=YES SkipDeploymentType=Yes SkipDomainMembership=Yes JoinDomain=DomainName DomainAdmin=Administrator DomainAdminDomain=DomainName DomainAdminPassword=P@ssw0rd SkipUserData=Yes UserDataLocation=\\ServerName\Sharename\Directory\usmtdata SkipTaskSequence=Yes Solution Accelerators
microsoft.com/technet/SolutionAccelerators
56
Microsoft Deployment Toolkit 2008
TaskSequenceID=Enterprise SkipComputerName=Yes ComputerName=%SerialNumber% SkipPackageDisplay=Yes LanguagePacks1={3af4e3ce-8122-41a2-9cf9-892145521660} LanguagePacks2={84fc70d4-db4b-40dc-a660-d546a50bf226} SkipLocaleSelection=Yes UILanguage=en-US UserLocale=en-CA KeyboardLocale=0409:00000409 SkipTimeZone=Yes TimeZoneName=China Standard Time SkipApplications=Yes Applications1={a26c6358-8db9-4615-90ff-d4511dc2feff} Applications2={7e9d10a0-42ef-4a0a-9ee2-90eb2f4e4b98} SkipBitLocker=Yes SkipSummary=Yes Powerusers1=DomainName\Username CaptureGroups=Yes SLShare=\\ServerName\Sharename\Logs Home_page=http://www.microsoft.com/NewComputer
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ca ll ing Web Se r vices i n MDT 2008 In earlier versions of Microsoft Deployment Toolkit, rules processing was supported through CustomSettings.ini and databases, from which values could be retrieved from the local computer, typically using Windows Management Instrumentation (WMI), to make decisions on what needed to be done on each computer during deployment. In addition, SQL queries and stored procedure calls could be made to retrieve additional information from external databases. There were challenges with that approach, though, especially with making secure SQL connections. To help with this problem, MDT 2008 has the ability to make Web service calls based on simple rules defined in CustomSettings.ini. These Web service requests do not require any special security context and can use whatever TCP/IP port is needed to simplify firewall configurations. Listing 23 shows how to configure CustomSettings.ini to call a particular Web service. In this scenario, the Web service is chosen at random from an Internet search. It takes a postal code as input and returns the city, state, area code, and time zone (as a letter) for the specified postal code. Listing 23. CustomSettings.ini File to Call a Particular Web Service Scenario [Settings] Priority=Default, USZipService Properties=USZip, City, State, Zip, Area_Code, Time_Zones [Default] USZip=98052 [USZipService] WebService=http://www.webservicex.net/uszip.asmx/GetInfoByZIP Parameters=USZip Executing this code produces output similar to Listing 24. Listing 24. CustomSettings.ini File to Call a Particular Web Service Output Added new custom property USZIP Added new custom property CITY Added new custom property STATE Added new custom property ZIP Added new custom property AREA_CODE Added new custom property TIME_ZONES Using from [Settings]: Rule Priority = DEFAULT, USZIPSERVICE ------ Processing the [DEFAULT] section -----Property USZIP is now = 98052 Using from [DEFAULT]: USZIP = 98052 ------ Processing the [USZIPSERVICE] section -----Using COMMAND LINE ARG: Ini file = CustomSettings.ini CHECKING the [USZIPSERVICE] section About to execute web service call to http://www.webservicex.net/uszip.asmx/GetInfoByZIP: USZip=98052 Response from web service: 200 OK Successfully executed the web service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
58
Microsoft Deployment Toolkit 2008
Property CITY is now = Redmond Obtained CITY value from web service: CITY = Redmond Property STATE is now = WA Obtained STATE value from web service: STATE = WA Property ZIP is now = 98052 Obtained ZIP value from web service: ZIP = 98052 Property AREA_CODE is now = 425 Obtained AREA_CODE value from web service: AREA_CODE = 425 ------ Done processing CustomSettings.ini ------
There are a few minor complications to watch for when running a Web service: •
Don’t do anything special with proxy servers. If there is an anonymous proxy present, use it, but authenticating proxies could cause problems. In most cases, a Web service will not be called.
•
CustomSettings.ini or ZTIGather.xml searches for properties defined in the XML that is returned as a result of the Web service call (just as with a database query or other rule). However, the XML search is case-sensitive. Fortunately, the Web service described here returns all uppercase property names, which is what ZTIGather expects. It is possible to remap lowercase or mixed-case entries to get around this.
•
A POST request to the Web service is recommended, so the Web service call needs to be able to support a POST.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Connec ting to Net wor k Resour ces During LTI and ZTI deployment processes, members of the deployment team might require access to a network resource on a server different from the server hosting the deployment point. Team members must be authenticated on the other server so that they can access shared folders or services there. For example, team members might want to install an application from a shared folder on a server other than the server hosting the deployment point that the MDT 2008 scripts use. Note To query SQL Server databases hosted on a server other than the server hosting the deployment point, see the Database, DBID, DBPwd, Instance, NetLib, Order, Parameters, ParameterCondition, SQLServer, SQLShare, and Table properties in the MDT 2008 document, Toolkit Reference.
Using the ZTIConnect.wsf script, connect to other servers and access resources on them. The syntax for the ZTIConnect.wsf script is as follows (where unc_path is a UNC path to connect to the server): Cscript.exe “%SCRIPTROOT%\ZTIConnect.wsf” /uncpath:unc_path In most instances, the ZTIConnect.wsf script is run as a Task Sequencer task. Run the ZTIConnect.wsf script prior to tasks requiring access to a server other than the server hosting the deployment point. To add the ZTIConnect.wsf script as a task to the task sequence of a build 1. Start Deployment Workbench. 2. In the console tree, browse to and then click Task Sequence. 3. In the details pane, right-click task_sequence (where task_sequence is the task sequence to modify), and then click Properties. 4. Click the Task Sequence tab, browse to group (where group is the group in which to run the ZTIConnec.wsf script), click Add, and then click Task. Note
Add the task before adding any tasks that require access to the target server.
5. Complete the Properties tab of the new task using the information listed in Table 12 (accept default values if none are specified), and then click Apply. Table 12. Completing the Properties Tab of the New Task In this box
Do this
Name
Type Connect to server (where server is the name of the server to which to connect).
Description
Type text that explains why the connection needs to be made.
Command
Type Cscript.exe “%SCRIPTROOT%\ZTIConnect.wsf” /uncpath:unc_path (where unc_path is the UNC path to a shared folder on the server).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
60
Microsoft Deployment Toolkit 2008
6. Complete the Options tab of the new task using the information listed in Table 13 (accept default values if none are specified), and then click OK. Table 13. Completing the Options Tab of the New Task In this box
Do this
Success codes
Type 0 3010. (The ZTIConnect.wsf script returns these codes upon successful completion.)
Conditions list box
Add any conditions that might be necessary. (In most instances this task requires no conditions.)
After adding the task that will run the ZTIConnect.wsf script, subsequent tasks can access network resources on the server specified in the /uncpath option of the ZTIConnect.wsf script.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dis tr ibu ting De vi ce D riv er s, Upd ates , and Langua ge Pac ks Us ing Sys tems Mana gement Ser ver Packa ges During the ZTI deployment process, device drivers, updates, and language packs may have to be installed for target computers at the time of operating system deployment. Typically, device drivers are configured in Deployment Workbench and are available through the MDT 2008 distribution point. However, consider creating multiple copies of the device drivers so that not all target computers are required to connect to the MDT 2008 distribution point—for example, if deploying packages to branch offices and wanting to provide a local copy of the device drivers for each branch office. For ZTI deployments, create a Systems Management Server package that contains the device drivers, and then distribute the Systems Management Server package to the Systems Management Server distribution points. This way, the target computers can access the device drivers from a local Systems Management Server distribution point. Use the same process for distributing updates and language packs. To distribute device drivers using Systems Management Server packages 1. Create a separate deployment share (Network type) deployment point using Deployment Workbench. 2. Click one application on the Applications node in Deployment Workbench. 3. Click one build on the Build node in Deployment Workbench. 4. Use Deployment Workbench to update the deployment point created in step 1. 5. Delete the folders that contain the application added in step 2 from the deployment point folder structure. 6. Delete the folders that contain the build selected in step 3 from the deployment point folder structure. 7. Create a Systems Management Server package using the UNC path to the deployment point share created in step 1. 8. Configure the ResourceRoot property in CustomSettings.ini and BootStrap.ini to use the UNC path to the Systems Management Server package created in step 7. 9. Set the value for the ResourceRoot property to be equal to the Systems Management Server package using the SMSDP environment variable as in the following example (where package_path is the UNC path to the package on the distribution point selected by the Systems Management Server Advanced Client): ResourceRoot=\\%SMSDP%\package_path For more information about the ResourceRoot property, see the section “ResourceRoot” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
62
Microsoft Deployment Toolkit 2008
When the target computer is installed, the MDT 2008 scripts use the Systems Management Server package on the distribution point to install device drivers on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying the Co r r ect Device Dri ver s t o Co mpute r s w ith Same Ha r dwar e De vices but Dif fer en t Mak e and Mode l Variations on model numbers and names can exist with virtually no difference in the driver set. These variations in model numbers and names can unnecessarily increase time spent making multiple database entries for a given model. The following procedure shows how to define a new property using a user exit function call that returns a substring of the model number. To create model aliases 1. Create aliases for hardware types in the Make and Model sections of the Deployment Workbench database. Truncate the model type at the open parentheses “(” in the model name. For example, HP DL360 (G112) becomes HP DL360. 2. Add the custom variable ModelAlias to each section. 3. Create a new [SetModel] section. 4. Add the [SetModel] section to the Priority settings in the [Settings] section. 5. Add a line to the ModelAlias section to refer to a user exit script that will truncate the model name at the “(”. 6. Create an MMApplications database lookup where ModelAlias is equal to Model. 7. Create a user exit script and place it in the same directory as the CustomSettings.ini file to truncate the model name. Listing 25 and Listing 26 show CustomSettings.ini and the user exit script, respectively. Listing 25. CustomSettings.ini [Settings] Priority=SetModel, MMApplications, Default Properties= ModelAlias [SetModel] ModelAlias=#SetModelAlias()# Userexit=Userexit.vbs [MMApplications] SQLServer=AHSL99 Database=YOURAdminDB Netlib=DBNMPNTW SQLShare=logs Table= MakeModelSettings Parameters=Make, ModelAlias Solution Accelerators
microsoft.com/technet/SolutionAccelerators
64
Microsoft Deployment Toolkit 2008
ModelAlias=Model Order=Sequence Listing 26. User Exit Script Function UserExit(sType, sWhen, sDetail, bSkip) UserExit = Success End Function Function SetModelAlias() if Instr(oEnvironment.Item("Model"), "(") <> 0 then SetModelAlias = Left(oEnvironment.Item("Model"), Instr(oEnvironment.Item("Model"), "(") - 1) oLogging.CreateEntry "USEREXIT – ModelAlias has been set to " & SetModelAlias, LogTypeInfo else SetModelAlias = oEnvironment.Item("Model") oLogging.CreateEntry " USEREXIT - ModelAlias has not been changed." , LogTypeInfo End if End Function
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting an I ma ge o f W indo ws Ser ver 2003 R2 MDT 2008 requires all operating systems to be deployed in one image. Most Windows operating systems are stored on one disc, so there is a one-to-one correlation between the operating system source disc and the MDT 2008 image. However, Windows Server 2003 Release 2 (R2) includes two discs. MDT 2008 requires that the contents of both these discs be included in one image to work properly with MDT 2008. Create an image that contains both discs by: •
Modifying the R2comp.inf file. Use this method to select the components to be automatically installed during the operating system installation.
•
Running R2 component installation when the operating system starts for the first time. Use this method to automate the components to be installed or to manually select the components the first time the operating system starts.
Creating a Windows Server 2003 R2 Image by Modifying the R2comp.inf File To create one image that includes both discs by modifying the R2comp.inf file, do the following: •
Create an image of Windows Server 2003 (Disc 1).
•
Create the R2comp.inf file and add the Windows Server 2003 R2 installation files (Windows Server 2003 R2 Disc 2) to the image created. To create an image of Windows Server 2003 (Disc 1)
1. To start the New OS Wizard, in Deployment Workbench, click the Distribution Share node, right-click Operating Systems, and then click Next. 2. On the OS Type page, click Full set of source files, and then click Next. 3. When prompted for the location of the source directory that contains the operating system installation files, insert Windows Server 2003 R2 Disc 1 in the CD-ROM drive, and then click Next. Note Microsoft supports only the use of Microsoft media when creating a client operating system image. The use of non-Microsoft media is not supported.
4. Type the path that contains the files to be added to the distribution share, and then click Next. 5. Type a description of the operating system image; for example, Windows-Server2003. 6. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
66
Microsoft Deployment Toolkit 2008
To create the R2comp.inf file and add the Windows Server 2003 R2 installation files (Disc 2) to the image 1. Go to the image created in the previous section. The image will be located in drive:\Distribution\Operating Systems\ImageName; for example, E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition. 2. In this folder, create two sub folders: $OEM$ and Cmpnents. For example, the following folders should exist: •
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition\i386
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \$OEM$
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \Cmpnents
3. In the $OEM$ folder, create the folder $OEM$\$1\R2. 4. In the $OEM$\$1\R2 folder, create a file named R2comp.inf. 5. In R2comp.inf, create a [Version] section, and then create a [Components] section that lists the components to install. For example, the code in Listing 27 installs Active Directory Application Mode (ADAM) and Common Log File System (CLFS). Listing 27. R2comp.inf Script Sample [Version] Signature = "$Windows NT$" [Components] ADAM=on CLFS=on Note For a complete list of the components that can be installed, see Deploy.chm, located in the \Docs folder of Windows Server 2003 R2 Disc 2.
6. Copy the contents of the Cmpnents folder from Disc 2 to the folder created in step 2. For example, E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \Cmpnents. 7. Create a task sequence that includes this operating system image.
Creating a Windows Server 2003 R2 Image by Running R2 Component Installation at Startup To create one image that includes both discs by running the R2 component installation the first time the operating system starts, do the following: •
Create an image of Windows Server 2003 (Disc 1).
•
Add the Windows Server 2003 R2 installation files (Windows Server 2003 R2 Disc 2) to the image created.
•
Create a batch file that runs the R2 component installation the first time the operating system starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Creating an Image
67
To create an image of Windows Server 2003 (Disc 1) 1. To start the New OS Wizard, in Deployment Workbench, click the Distribution Share node, right-click Operating Systems, and then click Next. 566.On the OS Type page, click Full set of source files, and then click Next. 567.When prompted for the location of the source directory that contains the operating system installation files, insert Windows Server 2003 R2 Disc 1 in the CD-ROM drive, and then click Next. Note Microsoft supports only the use of Microsoft media when creating a client operating system image. The use of non-Microsoft media is not supported.
568.Type the path that contains the files to be added to the distribution share, and then click Next. 569.Type a description of the operating system image; for example, Windows-Server2003. 570.Click Finish. To add the Windows Server 2003 R2 installation files (Disc 2) to the image 1. Go to the image created in the previous section. The image will be located in drive:\Distribution\Operating Systems\ImageName; for example, E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition. 571.In this folder, create two sub folders: $OEM$ and Cmpnents. For example, the following folders should exist: •
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition\i386
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \$OEM$
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \Cmpnents
572.In the $OEM$ folder, create the folder $OEM$\$1\R2. 573.Copy the contents of the Cmpnents folder from Disc 2 to the Cmpnents folder created in step 2—for example, E:\Distribution\Operating Systems\Windows-Server2003 Standard Edition\Cmpnents. To create a batch file that runs the R2 component installation the first time the operating system starts 1. In the $OEM$\$1\R2 folder, create a file named InstallR2.cmd that includes the following text: reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup /v SourcePath /t REG_SZ /d C:\Windows\Source\i386 /f reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup /v ServicePackSourcePath /t REG_SZ /d C:\R2\CMPNENTS\R2 /f C:\R2\CMPNENTS\R2\setup2.exe /q /a /sr When completed, the InstallR2.cmd file should contain three lines. The first two lines begin with reg, and the last line begins with C:\R2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
68
Microsoft Deployment Toolkit 2008
574.Create a task sequence to deploy the operating system and modify the [GUIRunOnce] section in the Unattend.txt file for the task sequence as follows: GUIRunOnce] "C:\R2\InstallR2.cmd" "cscript.exe C:\MININT\Scripts\LiteTouch.wsf /start" "cscript.exe D:\MININT\Scripts\LiteTouch.wsf /start" "cscript.exe E:\MININT\Scripts\LiteTouch.wsf /start" "cscript.exe F:\MININT\Scripts\LiteTouch.wsf /start". When the MDT 2008 deployment process finishes and the operating system starts for the first time, the R2 Component Installation Wizard starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Ad dit iona l Mas s Stor age D river s f or W indo ws XP and W indo ws Se r ver 2003 When an operating system is released, a large percentage of the existing hardware does not require additional mass storage drivers. However, after release, any new hardware released might require new drivers. Because Windows XP and Windows Server 2003 were released some time ago, system administrators and the deployment team must consider the need for additional mass storage. To accommodate the installation or deployment of Windows XP or Windows Server 2003 on a wider variety of hardware platforms, MDT 2008 supports unattended installation of mass storage devices. In the past, system administrators had to perform additional manual steps during this process. This manual process was time-consuming and prone to error. Note Windows Vista and Windows Server 2008 do not require any special processing for mass storage drivers, because the drivers can be easily injected. For these operating systems, this process is accomplished using MDT 2008 at the time the image is deployed.
To provide customers with the ability to increase the lifespan for both Windows XP and Windows Server 2003, the following deployment scenarios are provided.
Unattended Installation of Mass Storage Device Drivers Table 14 lists the steps for performing an unattended installation of Windows XP or Windows Server 2003 on a computer that requires a mass storage driver that is not available out of the box. Table 14. Unattended Mass Storage Driver Installation Steps required for unattended installation q
Download the driver from the manufacturer’s site.
q
Ensure that the TxtSetup.oem file exists in the same directory as the rest of the driver package. Note All mass storage drivers must have valid TxtSetup.oem files in the same directory as the .inf file (manual edits to fix path issues in the TxtSetup.oem file are supported).
q
Import the driver into MDT 2008 using the existing Deployment Workbench. Note Many drivers cannot be accurately inventoried by existing MDT 2008 routines. If importing an x86 driver, remove references to x64 in the ..\control\drivers.xml file; if importing an x64 driver, remove references to x86 in this file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
70
Microsoft Deployment Toolkit 2008
When installing Windows XP or Windows Server 2003 on a computer with this driver package, the ZTIStorageDrivers.wsf script will perform all the necessary steps to prepare the operating system to load the appropriate driver during text-mode Setup. These steps are: 1. Enumerate through all devices on the local computer, searching for a match with available drivers in the driver store. 2. Copy any drivers that match the storage devices to the local computer. 3. Copy the TxtSetup.oem file associated with the drivers to the correct location on the local disk, merging them if there are more than one. 4. Prepare the local Unattend.txt file to load the storage drivers during text-mode Setup.
Additional Considerations •
Only Windows XP Professional, Windows XP Tablet Edition, and Windows Server 2003 are supported for this process.
•
For a full explanation of the steps that ZTIStorageDrivers.wsf performs, see the Microsoft Help and Support article “HOW TO: Create an Unattended Installation of Third-Party Mass Storage Drivers in Windows Server 2003” at http://support.microsoft.com/kb/816299.
•
Files referenced in the TxtSetup.oem file that do not have the extensions .sys, .cat, or .inf are automatically copied to \$OEM$\$$\OEMDIR\ before calling Windows Setup (Winnt.exe), and then they are placed in the %WinDir%\System32 directory when the process is complete.
•
By default, ZTIStorageDrivers.wsf will skip installation of any integrated development environment (IDE) storage drivers (devices with a PCI\CC_0101 Plug and Play ID), because these devices are covered by in-box drivers.
•
ZTIStorageDrivers.wsf will only import drivers that have been imported by MDT 2008.
•
ZTIStorageDrivers.wsf will import only drivers that have matching devices on the local computer.
•
If there is more than one matching driver for a computer, ZTIStorageDrivers.wsf will install both drivers on the local system. Unless identical, the *.sys, *.inf, and *.cat files must have globally unique filenames (no other file with the same name can exist in any other package installed on the computer). The display name listed in the [scsi] section of TxtSetup.oem must be globally unique across each TxtSetup.oem file. A warning dialog box will be displayed if duplicates are found.
•
If driver packages conflict with other driver packages, typically the best thing to do is to identify the primary driver package, add it to a driver group, and add the group name to the StorageDriverGroup list item. Other storage drivers, not represented by groups defined in StorageDriverGroup, will not be installed.
•
If the property list StorageDriverGroup is defined, it will install only drivers associated with groups that are explicitly listed in this property. For example: •
StorageDriverGroup001 = AccountingStorageDriverGroup
•
StorageDriverGroup002 = SalesStorageDriverGroup
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Additional Mass Storage Drivers
71
Manually Enable the Installation of Mass Storage Device Drivers As part of the image creation process, Windows XP and Windows Server 2003 require that all mass storage drivers for all hardware that the image is intended to support be present in the image and in the operating system’s critical device database. This is done by adding entries to the Sysprep.inf configuration file, which is processed during the execution of Sysprep before the image is captured. Note To add additional mass storage driver support, the image must be rebuilt using a Sysprep.inf that contains the new, larger mass storage driver list, prepared using Sysprep, and captured again.
The basic steps required to enable image deployment to hardware requiring additional mass storage drivers are outlined in Table 15. Table 15. Deployment to Other Hardware Steps required for deployment to other hardware q
Copy all the required mass storage drivers to the reference computer so that they are included in the image.
q
Update Sysprep.inf to contain entries for each Plug and Play ID listed in the .inf file for each driver to be added. Note The Sysprep.inf file should include a BuildMassStorageSection=Yes entry so that all in-box drivers are also supported.
q
Run Sysprep to process all the drivers, which places them in the critical device database.
q
Capture the image.
Automate the Installation of Mass Storage Device Drivers Consider using MDT 2008 to automate the process of building standardized images for Sysprep to capture later in the process. These images, which have been prepared using Sysprep, can then be deployed to computers using image distribution technologies other than MDT 2008. In this scenario, a system administrator might need to pre-deploy a predefined list of nonMicrosoft mass storage drivers into the image in preparation for capture and deployment to systems with these mass storage controllers. This method allows the injection of a set of device drivers into a system when running Sysprep. Table 16 outlines the steps for automating the deployment to other hardware.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
72
Microsoft Deployment Toolkit 2008
Table 16. Automating the Deployment to Other Hardware Steps to automate the deployment to other hardware q
Import storage drivers into Deployment Workbench using known tools and procedures. Each driver package must have a TxtSetup.oem file that contains a valid list of Plug and Play IDs representing devices to be deployed.
q
Populate CustomSettings.ini (or some other method) with the StorageDriverSysPrepGroup list item. This list item contains a list all driver storage groups to be included in Sysprep: StorageDriverSysPrepGroup001 = AccountingStorageGroup StorageDriverSysPrepGroup002 = SalesStorageGroup Note Only storage drivers contained in these groups will be deployed to the Sysprep image.
q
Perform a deployment and capture to a reference computer with the defined storage groups.
q
The captured image should contain the storage drivers specified in the StorageDriverSysPrepGroup list item.
Additional Considerations •
A driver package could have more Plug and Play IDs enumerated by the system than are actually needed by Sysprep for driver preparation. This process will use only the subset of Plug and Play IDs present in the TxtSetup.oem file to populate the necessary Sysprep.inf sections. This ensures that only the Sysprep.inf file for devices that are actually supported by their respective manufacturers is populated.
•
Any MDT 2008 task sequence that deploys an operating systems includes the task sequence steps to run the ZTIStorageDrivers.wsf and ZTIStorageDriversSysPrep.wsf scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Rep laci ng an Exis ti ng C ompu ter wit h a Ne w Co mpute r U si ng Syste m C en ter Con fi gur ation Mana ger Use System Center Configuration Manager to deploy an image to a new computer that will substitute an existing computer in the enterprise architecture. This situation might occur when upgrading from one operating system to another (a new operating system might require new hardware), or because the organization needs newer, faster equipment for existing applications. When replacing an existing computer with a new computer, take into account all settings that will be migrated from one computer to another, such as user accounts and user state data, in addition to the need for a recovery solution in case the migration fails. In the following sample deployment, the scenario is replacing an existing computer by moving local accounts from the existing computer to the new computer. Move user state data, back up the existing computer before the migration, and finally deploy an existing image to the new computer. For this sample, the original computer is named COMPUTER1 and the new computer is named COMPUTER2.
Create Computer Association Before creating a task sequence to replace an existing computer, create a computer association between the existing computer and its replacement so System Center Configuration Manage can migrate user accounts and state data. Before a computer association can be established, both the existing computer and the new computer must be in the System Center Configuration Manager database. If the new computer already has an operating system installed, it can be added to the network and discovered by System Center Configuration Manager. If it is does not have an operating system installed, the computer information must be imported into System Center Configuration Manager as described at http://technet.microsoft.com/enus/library/bb633291.aspx. When the computer information for the new and existing computers is available in the System Center Configuration Manager database, a computer association must be created. To create the computer association 1. In Configuration Manager console, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Computer Associations. 2. In the actions pane, click New, and then click Computer Association.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
74
Microsoft Deployment Toolkit 2008
3. In the New Computer Association dialog box, on the Computer Association tab, in the Source Computer box, type COMPUTER1 as the name of the source computer that contains the user state data to be migrated to the new computer. Or, click Search to open the Search Computer dialog box, and then search for the source computer. 4. In the Destination Computer box, type COMPUTER2 as the name of the destination computer that will receive the user state data. Or, click Search to open the Search Computer dialog box, and then search for the destination computer. 5. Click the User Accounts tab. 6. To specify the user accounts that should be migrated from the source computer to the destination computer, click the yellow star icon to open the Add User Account dialog box, and then type the account name, or click Browse to search for accounts. For this sample, leave this box empty. Note If no user accounts are specified, all user accounts on the source computer will be migrated.
Create a Task Sequence to Save User State Information from Existing Computer When the computer association between the existing and new computers is in place, two task sequences must be created to perform a full backup of the existing computer, copy user state data, boot the new computer, apply an image to the new computer, and restore the user state data. To perform this process, create the following task sequences: 1. A task sequence to collect the user state migration information from the existing computer; create the task sequence by importing a Client Replace Task Sequence task sequence template. 2. A task sequence to deploy the operating system and restore the collected user state migration information; create the task sequence by importing a Client Task Sequence task sequence template. For the task sequences to be created, the following must be true: •
There is a boot image already available in System Center Configuration Manager. In this sample, this package will be called BOOTIMAGE.
•
There is an MDT 2008 Files package already available in System Center Configuration Manager. In this sample, this package will be called MDT2008.
•
There is an MDT 2008 Custom Settings package for the existing computer already available in System Center Configuration Manager. In this sample, this package will be called CUSTOMSETTINGS_EXISTING.
•
There is a computer image already available in System Center Configuration Manager. In this sample, this package will be called VISTAIMAGE.
•
There is a package that has the User State Migration Tool (USMT) already available in System Center Configuration Manager. In this sample, this package will be called USMT.
•
There is a package with the System Center Configuration Manager client already available in System Center Configuration Manager. In this sample, this package will be called SMSCLIENT.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Computer
75
To create a task sequence that collects the user state information from the existing computer 1. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 2. In the console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment, and then click Task Sequences. 3. In the actions pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard will start. 4. Complete the Import Microsoft Deployment Task Sequence Wizard using the information listed in Table 17; accept default values unless otherwise specified. Table 17. Information for Completing Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do the following
Choose Template
Click Client Replace Task Sequence, and then click Next.
General
In the Task sequence name box, type task_sequence (where task_sequence is the name of the task sequence). In the Task sequence comments box, type Task sequence for replacing the target computer, and then click Next.
Boot Image
In the Specify an existing boot image package box, click Browse. In the Select a Package dialog box, click BOOTIMAGE, and then click OK. Click Next.
MDT Package
In the Specify an existing Microsoft Deployment Toolkit Files package box, click Browse. In the Select a Package dialog box, click MDT2008, and then click OK. Click Next.
USMT Package
In the Specify an existing USMT package box, click Browse. In the Select a Package dialog box, click USMT, and then click OK. Click Next.
Settings Package
In the Specify an existing settings package box, click Browse. In the Select a Package dialog box, click CUSTOMSETTINGS_EXISTING, and then click OK. Click Next.
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
76
Microsoft Deployment Toolkit 2008
Modify CustomSettings.ini Properties for the Existing Computer Task Sequence After creating a task sequence for the existing computer, modify the MDT 2008 properties in CustomSettings.ini to specify where to perform the backup. Specifically, configure the BackupDir, BackupDrive, BackupShare, and ComputerBackupLocation properties. To modify CustomSettings.ini to perform a full computer backup 1. In Windows Explorer, go to the folder that contains the source for the CUSTOMSETTINGS_EXISTING package, and then double-click CustomSettings.ini. 2. In CustomSettings.ini, add the following lines (where share_name is the name of the share to which to back up the computer, and server_name is the name of the server where share_name exists): ComputerBackupLocation=Network BackupShare=\\server_name\share_name BackupDir=%ComputerName% BackupDrive=ALL 3. Save the file in the same folder. 4. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 5. In the console tree, go to Site Database/Computer Management/Software Distribution, and then click Packages. 6. In the details pane, click CUSTOMSETTINGS_EXISTING, and then click Update Distribution Points. 7. In the Confirm Update Distribution Points dialog box, click Yes. The CUSTOMSETTINGS_EXISTING package is updated to all the distribution points. This ensures the modified version of CustomSettings.ini is used in the task sequence.
Create a Task Sequence Advertisement for the Existing Computer After the task sequence for the existing computer is created, advertise the task sequence to the existing computer. This can be done by creating a collection to which the new computer belongs. Advertising the task sequence to the collection initiates the deployment process. To advertise a task sequence, follow the steps described at http://technet.microsoft.com/en-us/library/bb680317.aspx. After this task sequence is complete, the user state migration information is saved and a complete backup of the existing computer is made.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Computer
77
Create a Task Sequence to Deploy the Operating System to the New Computer Now, create a task sequence to deploy the operating system to the new computer. This task sequence will restore the user state migration information saved by the first task sequence. For the task sequence to be created, the following must be true: •
There is a boot image already available in System Center Configuration Manager. In this sample, this package will be called BOOTIMAGE.
•
There is an MDT 2008 Files package already available in System Center Configuration Manager. In this sample, this package will be called MDT2008.
•
There is an MDT 2008 Custom Settings package for the new computer already available in System Center Configuration Manager. In this sample, this package will be called CUSTOMSETTINGS_NEW.
•
There is a computer image already available in System Center Configuration Manager. In this sample, this package will be called VISTAIMAGE.
•
There is a package that has USMT already available in System Center Configuration Manager. In this sample, this package will be called USMT.
•
There is a package with the System Center Configuration Manager client already available in System Center Configuration Manager. In this sample, this package will be called SMSCLIENT.
To create a task sequence that deploys the operating system to the new computer 1. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 2. In the console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment, and then click Task Sequences. 3. In the actions pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard will start. 4. Complete the Import Microsoft Deployment Task Sequence Wizard using the information listed in Table 18; accept default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
78
Microsoft Deployment Toolkit 2008
Table 18. Information for Completing Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do the following
Choose Template
Click Client Task Sequence, and then click Next.
General
In the Task sequence name box, type task_sequence (where task_sequence is the name of the task sequence). In the Task sequence comments box, type Task sequence for deploying the target computer, and then click Next.
Boot Image
In the Specify an existing boot image package box, click Browse. In the Select a Package dialog box, click BOOTIMAGE, and then click OK. Click Next.
MDT Package
In the Specify an existing Microsoft Deployment Toolkit Files package box, click Browse. In the Select a Package dialog box, click MDT2008, and then click OK. Click Next.
USMT Package
In the Specify an existing USMT package box, click Browse. In the Select a Package dialog box, click USMT, and then click OK. Click Next.
Settings Package
In the Specify an existing settings package box, click Browse. In the Select a Package dialog box, click CUSTOMSETTINGS_NEW, and then click OK. Click Next.
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported.
Modify CustomSettings.ini Properties for the New Computer Task Sequence After creating a task sequence for the new computer, modify the MDT 2008 properties in CustomSettings.ini to specify where to perform the backup. Configure any properties that must be specified for the new computer. For example, a different set of device drivers may have to be specified in a package group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Computer
79
To modify CustomSettings.ini to perform a full computer backup 1. In Windows Explorer, go to the folder that contains the source for the CUSTOMSETTINGS_NEW package, and then double-click CustomSettings.ini. 2. Modify the CustomSettings.ini file as necessary. 3. Save the file in the same folder. 4. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 5. In the console tree, go to Site Database/Computer Management/Software Distribution, and then click Packages. 6. In the details pane, click CUSTOMSETTINGS_NEW, and then click Update Distribution Points. 7. In the Confirm Update Distribution Points dialog box, click Yes. The CUSTOMSETTINGS_NEW package is updated to all the distribution points. This ensures the modified version of CustomSettings.ini is used in the task sequence.
Create a Task Sequence Advertisement for the New Computer After the task sequence for the new computer is created, advertise the task sequence to the existing computer. This can be done by creating a collection to which the new computer belongs. Advertising the task sequence to the collection initiates the deployment process. To advertise a task sequence, follow the steps described at http://technet.microsoft.com/en-us/library/bb680317.aspx. After this task sequence is complete, the new operating system is installed on the new computer and the user state migration information is restored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying an O per ati ng Sys tem to a N ew C ompu ter No t in the Syste m C en ter Con fi gur ation Mana ger Da tabase One of the main challenges of using System Center Configuration Manager to deploy an operating system to a brand-new computer that does not have an operating system is the fact that the target computer must exist in the System Center Configuration Manager database before deployment can occur. There are different ways of solving this problem, using either System Center Configuration Manager or MDT 2008. In System Center Configuration Manager, computer information can be imported into the database by following the steps described at http://technet.microsoft.com/enus/library/bb633291.aspx. The solution presented here works well when very few new computers are being added to the network. However, when several computers are being added, an automated way of importing data into the System Center Configuration Manager database is required. This can be done by deploying an operating system with an operating system media preexecution hook or a PXE boot. The pre-execution hook option takes advantage of an MDT 2008 Web service that can be used to verify whether computer information exists within a System Center Configuration Manager database, and add information if needed. The pre-execution hook allows this service to be called prior to initiating the deployment process to ensure the computer is added to the System Center Configuration Manager database. To use this Web service, set up the service on a Web server, edit the boot media to set up the pre-execution hook, and boot the computer using the operating system media.
Configure the Web Service Setup The MDT 2008 Web service is used to import computer information into the System Center Configuration Manager database. Configure Internet Information Services (IIS) and the Web.config file so that the Web service connects to the appropriate server locator point (SLP), and uses the appropriate credentials for connecting to the SLP. To configure the MDT 2008 Web service 1. Ensure that a System Center Configuration Manager server running the SLP exists within the network. 2. Ensure that IIS and Microsoft .NET Framework 2.0 are installed on the server running MDT 2008. 3. On the MDT 2008 server, click Start, click Administrative Tools, and then click Internet Information Services Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Deploying an Operating System to a New Computer
81
4. In the Internet Information Services Manager dialog box, click Your Server (where Your Server is the MDT 2008 server), click Web Sites, and then click Default Web Site. 5. Right-click Default Web Site, click New, and then click Virtual Directory. 6. In the Virtual Directory Creation Wizard, click Next. 7. In the Alias box, type a name for the virtual directory. This name will be used later to hook into the Web service. For example, use MicrosoftDeployment. 8. Click Next. 9. Click the Browse button, and then click the path for the folder that contains the Web service. By default, this path is %Program Files%\Microsoft Deployment Toolkit. 10. Click Next. 11. Select the Run scripts (such as ASP) check box to allow .NET pages and Web services to be used in this virtual directory. 12. Click Next, and then click Finish. When the server is set up to allow access to the Web service, configure the System Center Configuration Manager root computer name, the SLP computer name, and the identity used to access these services in the Web.config file. To configure the Web.config file for the Web service 1. Open the Web.config file located at %Program Files%\Microsoft Deployment. 2. Locate the appSettings element, and then add the System Center Configuration Manager root server name and the SLP server name to the corresponding entries; for example: 3. Locate the system.web element, and then add an identity element that impersonates a user account with rights to access the System Center Configuration Manager database. This account will be used by the Web service whenever it needs to access resources outside the Web service process; for example: <web.config> ...
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
82
Microsoft Deployment Toolkit 2008
Create the Pre-Execution Hook With the Web service up and running, create the pre-execution hook for the boot media to use to start the deployment process. To create the pre-execution media hook file 1. Use the Import Microsoft Deployment Task Sequence wizard to create a new boot image. 2. As part of that boot image creation process, indicate that a media hook should be included, and type the Web service URL; for example: http://deployment_server/MicrosoftDeployment/unknowncomputer.asmx (where deployment_server is the name of the deployment server on which the Web service is installed).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng C ondi ti onal Task Sequence Steps In some scenarios, consider running a task sequence step conditionally based on defined criteria. Any combinations of these conditions can be added to determine whether the task sequence step should run. For example, use the value of a task sequence variable and the value of a registry setting to determine whether a task sequence step should run. Using MDT 2008, run a task sequence conditionally based on: •
One or more IF statements.
•
A task sequence variable.
•
The version of the target operating system.
•
The Boolean results of a WMI query.
•
A registry setting.
•
The software installed on the target computer.
•
The properties of a folder.
•
The properties of a file.
Configure a Conditional Task Sequence Step Conditional task sequence steps are configured in Deployment Workbench, on the Options tab of a task sequence step. One or more conditions can be added to the task sequence step to create the appropriate condition for running, or not running, the step. Note
Every conditional task sequence step needs at least one IF statement.
To view the Options tab of a task sequence step 1. Start Deployment Workbench 575.In the console tree, click Task Sequences. 576.In the details pane, right-click task_sequence (where task_sequence is the name of the task sequence to configure), and then click Properties. 577.In the task_sequence Properties dialog box, on the Task Sequence tab, click step (where step is the name of the task sequence step to configure), and then click the Options tab. On the Options tab of a task sequence step, perform the following actions: •
Add. Click this button to add a condition to the task sequence step.
•
Remove. Click this button to remove an existing condition in a task sequence step.
•
Edit. Click this button to modify an existing condition in a task sequence step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
84
Microsoft Deployment Toolkit 2008
IF Statements in Conditions All task sequence conditions include one or more IF statements. IF statements are the foundation for creating conditional task sequence steps. A task sequence step condition can include only one IF statement, but multiple IF statements can be nested beneath the top-level IF statement to create more complex conditions. An IF statement can be based on the conditions listed in Table 19, which are configured in the IF Statement Properties dialog box. Table 19. Conditions Available in IF Statements Condition
Select this option to run the task sequence if
All conditions
All the conditions beneath this IF statement must be true.
Any conditions
Any the conditions beneath this IF statement are true.
None
None the conditions beneath this IF statement are true.
Complete the condition for running the task sequence step by adding other criteria to the conditions (for example, task sequence variables or values in a registry setting). To add an IF statement condition to a task sequence step 578.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click If statement. 579.In the If Statement Properties dialog box, click condition (where condition is one of the conditions listed in Table 19), and then click OK.
Task Sequence Variables in Conditions Use the Task Sequence Variable condition to evaluate any task sequence variable created by a Set Task Sequence Variable task or by any task in the task sequence. For example, consider a network that contains Windows XP workstations that are part of a domain, and some that are in a workgroup. Knowing that the current domain policy forces all user settings to be saved on the network, user settings may need be saved only for computers that are not part of the domain—that is, computers that are in the workgroup. In such case, add a condition to the Capture User Files and Settings task that targets the computers in the workgroup. To add a condition based on a task sequence variable 1. On the step Options tab (where step is the name of the task sequence step to configure), click Add Condition, and then click Task Sequence Variable. 580.In the Task Sequence Variable Condition dialog box, in the Variable box, type OSDJoinType. Note This variable is set to 0 for computers that are joined to a domain and to 1 for those in a workgroup.
581.In the Condition box, click equal. 582.In the Value box, type 1, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Conditional Task Sequence Steps
85
Operating System Version in Conditions Use the Operating System Version condition to verify the existing operating system version of a target computer or the existing client (when capturing an image). For instance, consider a network that contains several servers that will be upgraded from Microsoft Windows 2000 Server to Windows Server 2003. Network settings should be copied and applied only to servers that are running Windows 2000 Server with Service Pack 4 (SP4). All other servers will have the default network settings used by Windows Server 2003. To add a condition based on operating system version 583.In the Task Sequence Editor, click the Capture Network Settings task. 584.Click Add Condition, and then click Operating System Version. 585.In the Architecture box, click the relevant server. For this example, click x86. 586.In the Operating system box, click the operating system and version for which to set a condition. For this example, click x86 Windows 2000 Service Pack 4. 587.In the Condition box, click the relevant condition, and then click OK.
File Properties in Conditions Use the File Properties condition to verify the version and/or times tamp of a given file to determine whether or not to run a task or a group of tasks. In this example, the production environment contains a Windows Server 2003 image that is constantly updated and used for every new server that is added to the network. All server computers in the environment run a custom application that requires the Digital Access Object (DAO) API version 3.60.6815. All existing servers are working properly. However, each new server that is added to the network with the image is unable to run the application. Because it is the responsibility of a different group to maintain and update images, it is decided that the deployment task sequence be changed to install the relevant version of DAO if the existing version of DAO deployed with the image is incorrect. To add a File Properties condition to a task sequence step 1. In System Center Configuration Manager, create a package to install DAO 3.60.6815. Call this package DAO, with a program called InstallDAO. To learn more about creating packages, visit http://technet.microsoft.com/en-us/library/bb693627.aspx. 2. Create an Install Software step to deploy the DAO package. 3. Click the Install Software task sequence step created in step 2, and then click the Options tab. 4. Click Add Condition, and then click File Properties. 5. In the Path box, type C:\Program Files\Microsoft Shared\DAO\dao360.dll. 6. Select the Check the version check box, and then click not equals for the condition. 7. In the Version box, type 3.60.6815. 8. In this case, ensure that the Check the timestamp check box is clear. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
86
Microsoft Deployment Toolkit 2008
Folder Properties in Conditions Use the Folder Properties condition to verify the time stamp of a given folder to determine whether or not to run a task or a group of tasks. For instance, consider a situation in which an internally developed application has been updated to work with Windows Vista. However, not all of the computers in the network have the most recent version of the application installed, and a data conversion process needs to be performed before the application can be upgraded. If the time stamp of the folder in which the application is installed is 12/31/2007 or earlier, then the target computer is running the incompatible version of the application and the data conversion process should be run on the target computer. Conditionally, run a task sequence step to run the data conversion process on computers that have an earlier version of the application. To add a Folder Properties condition to a task sequence step 1. Create a Command Line task to perform the data conversion process. 2. Click the task created in step 1. 3. Click Add Condition, and then click Folder Properties. 4. In the Path box, type the path of the folder that contains the application. 5. Select the Check the timestamp check box. 6. Click Less than or equals for the condition. 7. In the Date box, click 12/31/2007. 8. In the Time box, click 12:00:00 AM. 9. Click OK.
Registry Settings in Conditions Use the Registry Setting condition to verify the existence of keys and values in the registry, and the corresponding data stored in registry values. For instance, consider a case in which an application currently used on a small set of computers cannot run on Windows Vista, and a Windows Vista deployment is in place to upgrade computers that currently are running Windows XP. Create a condition on the very first task in a sequence to check the registry for an entry for the incompatible application and to interrupt the deployment process for that computer if it is found. To add a Registry Setting condition to a task sequence step 1. Open the task sequence that deploys Windows Vista. 2. Click the first task in the sequence, and then click the Options tab. 3. Click Add Condition, and then click Registry Setting. 4. In the Root key list, click HKEY_LOCAL_MACHINE. 5. In the Key box, type SOFTWARE\WOODGROVE.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Conditional Task Sequence Steps
87
6. Click not exists for the condition. In this case, the task will run, and the sequence continue, only if the key does not exist. 7. Optionally, the condition could check for the nonexistence of a value if the value name is typed in the Value name box. 8. If a condition other than exists/not exists was used, a value and value type could be specified. 9. Click OK.
WMI Queries in Conditions Use the WMI Query condition to run any WMI query. The condition is evaluated as true if the query returns at least one result. For example, consider that a deployment team needs to upgrade the operating system of all servers of a given model—Dell 1950, for instance. The team can use a WMI query to check each computer's model and proceed with the deployment only if the right model is found. To add a WMI Query condition to a task sequence step 1. Open the task sequence that will upgrade the servers. 2. Click the first task in the sequence, and then click the Options tab. 3. Click Add Condition, and then click Query WMI. 4. In the WMI Namespace box, type root\cimv2. 5. In the WQL Query box, type Select * From Win32_ComputerSystem WHERE Model LIKE "%Dell%%1950%". Click OK.
Installed Software in Conditions Use an Installed Software condition to check if a particular piece of software is currently installed on a target computer. Only software installed using .msi files can be evaluated using this condition. As an example, imagine that a deployment team wants to upgrade the operating system of all servers except those running the Systems Management Server Toolkit. To add an Installed Software condition to a task sequence step 1. Open the task sequence that will upgrade the servers. 2. Click the first task in the sequence, and then click the Options tab. 3. Click Add Condition, and then Installed Software. 4. Click Browse, and then click the .msi file for the Systems Management Server Toolkit. 5. Select the Match this specific product check box to specify that only computers with SQL Server 2005, and not any other versions, are the target computers this query should detect. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
88
Microsoft Deployment Toolkit 2008
Complex Conditions Multiple conditions can be grouped using IF statements to create complex conditions. For instance, imagine that a particular step should only be executed for Dell 1950 computers running Windows 2000 Server or Windows Server 2003. Written as a programmatic IF statement, it would look similar to the following: IF ((Computer Model IS “Dell 1950”) AND (OS=2000 OR OS=2003)) To add a complex condition 1. Click the task sequence step to which to add the condition, and then click the Options tab. 2. Click Add condition, click If Statement, and then click All conditions. Click OK. 3. Click the condition statement, then click Add condition, and then click WMI Query. 4. Ensure root\cimv2 is specified as the WMI namespace, and then, in the WQL Query box, type SELECT * FROM Win32_ComputerSystem WHERE ComputerModel LIKE “%Dell%1950%”. Click OK. 5. Click the If statement. Click Add condition, click If statement, and then click Any condition. Click OK. 6. Click the second If statement. Click Add condition, and then click Operating System Version. 7. In the Architecture box, click the architecture for the servers. For this example, click x86. 8. In the Operating system box, click the operating system and version. For this example, click x86 Windows 2000 original release. Click OK. 9. Click the second If statement. Click Add condition, and then click Operating System Version. 10. In the Architecture box, click the architecture for the servers. For this example, click x86. 11. In the Operating system box, click the operating system and version. For this example, click x86 Windows 2003 original release. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting a H ighl y Scala ble LTI Dep lo yment In fr as tr uctur e In this scenario, no electronic software distribution is available for the deployment infrastructure to leverage, so MDT 2008 will be used to build a fully automated LTI deployment infrastructure. The scalable LTI infrastructure uses SQL Server, Windows Deployment Services, and Windows Server 2003 Distributed File System Replication (DFS-R) technologies. To scale the LTI infrastructure 1. Ensure that the appropriate infrastructure exists. 2. Prepare Windows Deployment Services. 3. Configure Distributed File System Replication (DFS-R). 4. Prepare for SQL Server replication. 5. Configure SQL Server replication. 6. Configure CustomSettings.ini. This scenario presumes that MDT 2008 is configured on a master deployment server and that the configuration of the Deployment Workbench database has already been completed as discussed at the beginning of this document.
Ensure That the Appropriate Infrastructure Exists The highly scalable LTI deployment infrastructure uses a hub-and-spoke topology for replication of content; therefore, first nominate a deployment server in the production environment that will perform the role of the master deployment server. Table 20 lists the required components for the master deployment server. Table 20. Master Deployment Server Required Component
Purpose/Comment
Windows Server 2003 R2
Required to support DFS-R.
MDT 2008
Contains the master copy of the distribution share.
SQL Server 2005
Must be a full version to allow replication of the Deployment Workbench database.
DFS-R components
Required components for replication of the distribution share.
Windows Deployment Services
Required to allow network PXE-based installations to be initiated.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
90
Microsoft Deployment Toolkit 2008
When the master deployment server has been selected, provision additional servers at each site to support LTI deployments. Table 21 lists the required components for the child deployment server. Table 21. Child Deployment Servers Required Component
Purpose/Comment
Windows Server 2003 R2
Required to support DFS-R.
SQL Server 2005 Express Edition
Receives replicated copies of the Deployment Workbench database.
DFS-R components
Required components for replication of distribution share.
Windows Deployment Services
Required to allow network PXE-based installations to be initiated.
Note Windows Deployment Services must be set up and configured on each child server, but it is not necessary to add boot or installation images.
Add Content to MDT 2008 The master deployment server should be populated with content using Deployment Workbench, and the Deployment Workbench database should be created and populated as described in the following sections. For information on populating the database with: •
Applications, see the section “Applications” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating systems, see the section “Operating Systems” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating system packages, see the section “Packages” in the MDT 2008 document, Workbench Imaging Guide.
•
Device drivers, see the section “Out-of-Box Drivers” in the MDT 2008 document, Workbench Imaging Guide.
•
Task sequences, see the section “Task Sequences” in the MDT 2008 document, Workbench Imaging Guide.
Note Ensure that the LiteTouchPE_x86.wim file created when the deployment point is updated has been added to Windows Deployment Services.
Prepare Windows Deployment Services Because the LiteTouchPE_x86.wim file will be replicated on a periodic basis through the DFS-R replication group, the boot configuration data store must be updated periodically to reflect the newly replicated Windows PE environment. Perform the following steps on each of the deployment servers. To prepare Windows Deployment Services 1. Open a Command Prompt window. 2. Type WDSUtil /set-server /BCDRefreshPolicy /Enabled:yes /RefreshPeriod:60, and then press ENTER. Note In the example presented here, the refresh period is set to 60 minutes; however, this could be configured to replicate on a period that is equal to that of the DFS-R.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
91
Configure Distributed File System Replication (DFS-R) When scaling the LTI deployment architecture, DFS-R is used as the basis for replicating the content from both the MDT 2008 deployment point and the Windows PE Lite Touch boot environment, and from the master deployment server to the child deployment servers. Note
Ensure that the DFS-R components are installed before performing the following steps.
To configure DFS-R to replicate the deployment content 1. Open DFS Management Console. 2. In the console tree, expand DFS Management. 3. Right-click Replication, and then click New Replication Group. 4. In the New Replication Group Wizard, on the Replication Group Type page, click New Multipurpose Replication Group. 5. Click Next. 6. On the Name and Domain page, type the following information: •
In the Name for replication group box, type a name for the replication group; for example, MDT 2008 Replication Group.
•
In the Optional description of replication group box, type a description of the replication group; for example, Group for replication of MDT 2008 data.
•
Ensure that the Domain box contains the correct domain name.
7. Click Next. 8. On the Replication Group Members page: c.
Click Add.
d. Type the names of all servers that are to be members of this replication group; for example, all child deployment servers and the master deployment server. e. Click OK. 9. Click Next. 10. On the Topology Selection page, click Hub and Spoke, and then click Next. 11. On the Hub Members page, click the master deployment server, and then click Add. 12. Click Next. 13. On the Hub and Spoke Connections page, ensure that for each child deployment server the master deployment server listed is the Required Hub Member. 14. Click Next. 15. On the Replication Group Schedule and Bandwidth page, specify a schedule for replicating the content between servers. 16. Click Next. 17. On the Primary Member page, in the Primary Member box, click the master deployment server. 18. Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
92
Microsoft Deployment Toolkit 2008
19. On the Folders to Replicate page, click Add, and then type the following information: a. In the Local Path of the folder to replicate box, click Browse to go to the X:\Distribution folder. b. Click Use name based on path. c.
Click OK.
d. Click Add. e. In the Add Folder to Replicate dialog box, click Browse to go to the X:\RemoteInstall\Boot folder. f.
Click Use name based on path.
20. Click Next. 21. On the Local Path of Distribution on Other Members page: a. Click all the members in the distribution group, and then click Edit. b. In the Edit Local Path dialog box, click Enabled. c.
Type the path where the Distribution folder should be stored on the child deployment server; for example, X:\Distribution, where X is the drive letter on the deployment server.
d. Click OK. 22. Click Next. 23. On the Local Path of Boot on Other Members page: a. Click all the members in the distribution group, and then click Edit. b. In the Edit Local Path dialog box, click Enabled. c.
Type the path where the Boot folder should be stored on the child deployment server; for example, X:\RemoteInstall\Boot, where X is the drive letter on the deployment server.
d. Click OK. 24. Click Next. 25. On the Remote Settings and Create Replication Group page, click Create to complete the New Replication Group Wizard. 26. On the Confirmation page, click Close to close the wizard. Note
Ensure that the new replication group is now listed beneath the Replication node.
Prepare for SQL Server Replication Before SQL Server replication can be configured, complete several pre-configuration steps to ensure that the deployment servers are correctly configured. To prepare for SQL Server replication on the master deployment server 1. Create a folder to store the database snapshots, and then configure the folder as a share. Note For more information about securing the snapshot folder, go to http://msdn2.microsoft.com/en-us/library/ms151151.aspx.
2. Ensure that the SQL Server Browser service is not disabled, and is set to automatic. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
93
3. In the SQL Server Surface Area Configuration box, click Local and Remote connections. To prepare for SQL Server replication on the child deployment server 1. In the SQL Server Surface Area Configuration box, click Local and Remote connections. 2. Optionally, create an empty database to host the replicated Deployment Workbench database. Note This database must be given the same name as the Deployment Workbench database on the master deployment server. For example, if the Deployment Workbench database on the master deployment server is called DWDB, create an empty database called DWDB on the child deployment server.
Configure SQL Server Replication After configuring the replication of files and folders required to build the deployment infrastructure, configure SQL Server to replicate the Deployment Workbench database. Note It is also possible to maintain only a single central Deployment Workbench database; however, by maintaining a replicated version of the Deployment Workbench database, greater control can be maintained over data transferring across the wide area network (WAN).
SQL Server 2005 uses a replication model that is similar to a magazine distribution model: 1. A magazine is made available (published) by a publisher. 2. Distributors are used to distribute the publication. 3. Readers can subscribe to a publication so that that publication is delivered to the subscriber periodically (a push subscription). This terminology is used through the SQL Server replication setup and configuration wizards.
Configure a SQL Server Publisher To configure the master deployment server as a SQL Server publisher 1. Open SQL Server Management Studio. 2. Right-click the Replication node, and then click Configure Distribution. 3. In the Configure Distribution Wizard, click Next. 4. On the Distributor page, click will act as its own Distributor; SQL Server will create a distribution database and log. 5. Click Next. 6. On the Snapshot Folder page, in the Preparing for SQL Server Replication section, type the UNC path to the snapshot folder created. 7. On the Distribution Database page, click Next. 8. On the Publishers page, click the master deployment server to set it as the distributor. 9. Click Next. 10. On the Wizard Actions page, click Configure Distribution, and then click Next. 11. Click Finish, and then click Close when the wizard is finished. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
94
Microsoft Deployment Toolkit 2008
Enable the Deployment Workbench Database for Replication To enable the Deployment Workbench database for replication on the master deployment server 1. In SQL Server Management Studio, right-click the Replication node, and then click Publisher Properties. 2. On the Publisher Properties page: a. Click Publisher Databases. b. Click the Deployment Workbench database, and then click Transactional. c.
Click OK.
The Deployment Workbench database is now configured for transactional and snapshot replication.
Create a Publication of the Deployment Workbench Database To create a publication of the Deployment Workbench database to which the child deployment servers can subscribe 1. In SQL Server Management Studio, expand Replication, right-click Local Publications, and then click New Publication. 2. In the New Publication Wizard, click Next. 3. On the Publication Database page, click the Deployment Workbench database. 4. Click Next. 5. On the Publication Type page, click Snapshot publication. 6. Click Next. 7. On the Articles page, click all Tables, Stored Procedures, and Views. 8. Click Next. 9. On the Articles Issues page, click Next. 10. On the Filter Table Rows page, click Next. 11. On the Snapshot Agent page: a. Click Create a snapshot immediately and keep the snapshot available to initialize subscriptions. b. Click Schedule the Snapshot Agent to run at the following times. c.
Click Change, and then create a schedule on which to run the snapshot agent.
Note
Specify a schedule that will occur one hour before the database will replicate.
12. Click Next. 13. On the Agent Security page, click the account under which the snapshot agent will run, and then click Next. 14. On the Wizard Actions page, click Create the publication. 15. Click Next. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
95
16. On the Complete the Wizard page, in the publication name box, type a descriptive publication name. 17. Click Finish to complete the wizard, and then click Close when the wizard has created the publication. Note The publication will now be visible beneath the Local Publications node in SQL Server Management Studio.
Subscribe Child Deployment Servers to the Published Deployment Workbench Database Now that the Deployment Workbench database has been published, the child deployment servers can be added as subscribers to this publication; that is, that they will receive a copy of the database on a schedule so that during a deployment the client computers can query a database that is local to the network instead of going across the WAN. To subscribe the child deployment servers to the Deployment Workbench database publication 1. In SQL Server Management Studio, go to Replication/Local Publications. 2. Right-click the publication created in the previous section, and then click New Subscriptions. 3. In the New Subscriptions Wizard, click Next. 4. On the Publication page, click the publication created in the previous section. 5. On the Distribution Agent Location page, click Run all agents at the Distributor SERVERNAME (push subscriptions). 6. Click Next. 7. On the Subscribers page, add each of the child deployment servers by performing the following steps: a. Click Add Subscriber, and then click Add SQL Server Subscriber. b. Add each of the child deployment servers. c.
For each child deployment server added, in the Subscription Database box, click the empty Deployment Workbench database on that child deployment server.
Note If the empty Deployment Workbench database has not yet been created, in the Subscription Database box, click the option to create a new database. Note This database must be given the same name as the Deployment Workbench database on the master deployment server. For example, if the Deployment Workbench database on the master deployment server is called DWDB, create an empty database called DWDB on the child deployment server.
8. Click Next. 9. On the Distribution Agent Security page, click the … button to launch the Distribution Agent Security dialog box. 10. Type the details of the account to use for the distribution agent. 11. Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
96
Microsoft Deployment Toolkit 2008
12. On the Synchronization Schedule page: a. In the Agent Schedule box, click. b. Specify the schedule that should be used to replicate the database between master and child deployment servers. 13. Click Next. 14. On the Initialize Subscription page, click Next. 15. On the Wizard Actions page, click Create the subscription(s). 16. Click Next. 17. Click Finish, and then click Close when the wizard has successfully completed. SQL Server replication is now configured, and the Deployment Workbench database will be replicated from the master deployment server to all child deployment servers that have been subscribed to it on a periodic basis.
Configure CustomSettings.ini The LTI deployment infrastructure has now been successfully created, and each location will contain an LTI deployment server, with a replicated copy of: 1. The deployment point. 2. The Deployment Workbench database. 3. The LiteTouchPE_x86 Windows PE environment that has been added to Windows Deployment Services. Now, the CustomSettings.ini file can be configured for the deployment point to use the deployment content (deployment point and database) from its local deployment server, the server that delivers the LiteTouchPE_x86.wim environment through Windows Deployment Services. When the LiteTouchPE_x86.wim file is delivered from Windows Deployment Services, a registry key is configured with the name of the Windows Deployment Services server being used. This server name is captured by MDT 2008 in a variable (%WDSServer%) that can be used to configure CustomSettings.ini. To always use the local LTI deployment server Note The following procedure assumes that the deployment point has been created and set as the Distribution$ share.
1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 4. Click the Rules tab, and then modify the CustomSettings.ini file to configure the following properties: •
For each SQL Server section added, configure SQLServer to use the server name %WDSServer%; for example, SQLServer=%WDSServer%.
•
If configuring DeployRoot, configure DeployRoot to use the %WDSServer% variable; for example, DeployRoot=\\%WDSServer%\Distribution$.
5. Click the Edit Bootstrap.ini button. 6. Configure BootStrap.ini to use the %WDSServer% property by adding or changing the DeployRoot value to DeployRoot=\\%WDSServer%\Distribution$. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
97
7. Click File, and then click Save to save the changes to the BootStrap.ini file. 8. Click OK. 9. To update the deployment point and LiteTouchPE_x86.wim Windows PE environment, right-click deployment_point, and then click Update. Listing 28 illustrates CustomSettings.ini after performing the steps outlined in this section: Listing 28. Sample CustomSettings.ini Configured for Scalable LTI Deployment Infrastructure [Settings] Priority=CSettings,CPackages, CApps, CAdmins, CRoles, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [CSettings] SQLServer=%WDSServer% Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerSettings Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CPackages] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerPackages Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CApps] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerApplications Parameters=UUID, AssetTag, SerialNumber, MacAddress Solution Accelerators
microsoft.com/technet/SolutionAccelerators
98
Microsoft Deployment Toolkit 2008
ParameterCondition=OR Order=Sequence [CAdmins] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerAdministrators Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CRoles] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Selec ting a Local Mi cr oso ft Dep lo yment Toolk it Ser ver W hen Mu lt ip le Ser ver s Ex ist In this scenario, multiple MDT 2008 servers are being used to support a high volume of simultaneous deployments and deployments across multiple sites. When an LTI deployment is initialized, the default behavior is to request a path to the MDT 2008 server to connect to and access the required files to begin the deployment process. The MDT 2008 wizard can use the LocalServer.xml file to present a choice of known deployment servers for each location. To use the LocationServer.xml file 588.Understand the purpose and use of LocationServer.xml. 589.Create the LocationServer.xml file. 590.Add the LocationServer.xml file to the Extra Files directory. 591.Update the BootStrap.ini file. 592.Update the deployment point. This scenario assumes that MDT 2008 is configured on a deployment server.
Understand LocationServer.xml Understand How Microsoft Deployment Toolkit Uses LocationServer.xml During LTI, MDT 2008 scripts will read and process the BootStrap.ini file to gather initial information about the deployment. This happens before a connection has been made to the deployment server. Therefore, the DeployRoot property is commonly used to specify in the BootStrap.ini file the deployment server to which it should make a connection. If the BootStrap.ini file does not contain a DeployRoot property, MDT 2008 scripts load a wizard page to prompt the user for a path to the deployment server. While initializing the HTML Application (HTA) wizard page, MDT 2008 scripts check for the existence of the LocationServer.xml file, and if it exists, use LocationServer.xml to display available deployment servers.
Understand When to Use LocationServer.xml MDT 2008 offers multiple ways to determine which server to connect to during an LTI deployment. Different methods for locating the deployment server are best suited for different scenarios; therefore, it is important to understand when to use LocationServer.xml.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
100
Microsoft Deployment Toolkit 2008
MDT 2008 provides several methods for automatically discovering and using the most appropriate deployment server. These methods are listed in Table 22. Table 22. Methods for Automatically Determining the Deployment Server Method
Details
%WDSServer%
Used when the MDT 2008 server is co-hosted on the Windows Deployment Services server. When an LTI is initiated from a Windows Deployment Services server, an environmental variable, %WDSServer%, is created and populated with the name of the Windows Deployment Services server. The DeployRoot variable can use this variable to automatically connect to a deployment share on the Windows Deployment Services server; for example: DeployRoot=\\%WDSServer%\Distribution$
Location-based automation
MDT 2008 can use location-based automation in the BootStrap.ini file to determine the server to which it should deploy. The Default Gateway property is used to distinguish between different locations, and for each Default Gateway, a different MDT 2008 server is specified. For more information about using location-based automation, refer to the section ”Automating Deployment by Location” in this guide.
Each of the approaches listed in Table 22 offer one way to automate the selection of the deployment server at a given location for certain scenarios. These approaches are targeted to specific scenarios—for example, when the MDT 2008 server is co-hosted with the Windows Deployment Services server. There are other scenarios in which these approaches are not suitable; for example, if there are multiple deployment servers at a given location, or if automation logic is not possible (for example, the network is not segmented enough to allow location determination, or the MDT 2008 server is separated from the Windows Deployment Services server). In these scenarios, the LocationServer.xml file provides a flexible way to present this information at deployment time without requiring knowledge of server names and deployment share names.
Create the LocationServer.xml File To present a list of available deployment servers during an LTI deployment, create a LocationServer.xml file that contains details about each server. There is no default LocationServer.xml file in MDT 2008, so create one using the following guidance.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Selecting a Local Server
101
Create a LocationServer.xml File to Support Multiple Locations The simplest method for creating and using LocationServer.xml is to create a LocationServer.xml file and add entries for each deployment server in the environment (this can be either at the same location or at different locations). The LocationServer.xml file is constructed by creating a new section for each server, and then adding the following information: •
A unique identifier.
•
A location name, used to present an easily identifiable name for that location.
•
A UNC path to the MDT 2008 server for that location.
Listing 29 illustrates how the LocationServer.xml file is created using each of these properties using a sample LocationServer.xml file configured for multiple locations. Listing 29. Example LocationServer.xml File to Support Multiple Locations <servers>Contoso HQ, Seattle, USA \\STLDS01\Distribution$ <server> <serverid>2 Contoso NYC, New York, USA \\NYCDS01\Distribution$ Using this format, specify different server entries for each location (as shown in Listing 29), or for situations in which there are multiple servers within a single location, by specifying a different server entry for each server at that location, as shown in Listing 30. Listing 30. Example LocationServer.xml File to Support Multiple Servers at Multiple Locations <servers> Contoso HQ DS1, Seattle, USA \\STLDS01\Distribution$ <server> <serverid>2 Contoso HQ DS2, Seattle, USA Solution Accelerators
microsoft.com/technet/SolutionAccelerators
102
Microsoft Deployment Toolkit 2008
\\STLDS02\Distribution$
Create a LocationServer.xml File to LoadBalance Multiple Servers at Different Locations Using LocationServer.xml, specify multiple servers per location entry, and then perform basic load balancing so that when a location is chosen, MDT 2008 automatically selects a deployment server from the list of available servers. To provide this functionality, the LocationServer.xml file supports specifying a weighting metric. Listing 31 illustrates a sample LocationServer.xml file configured for multiple servers at different locations. Listing 31. Example LocationServer.xml File for Different Locations <servers>Contoso HQ, Seattle, USA <Server1>\\STLDS01\Distribution$ <Server2>\\STLDS02\Distribution$ <Server3>\\STLDS03\Distribution$ <Server weight=”1”>\\STLDS01\Distribution$ <Server weight=”2”>\\STLDS02\Distribution$ <Server weight=”4”>\\STLDS03\Distribution$ <server> <serverid>2 Contoso NYC, New York, USA \\NYCDS01\Distribution$ The weighting metric is specified by using the <server weight> tag and is used by MDT 2008 in the server selection process. The likelihood of a server being selected is calculated by: Server weight/sum of all server weights In Listing 31, the three servers at Contoso HQ are listed as 1, 2, and 4. The likelihood of a server with a weighting of 2 being selected becomes 2 in 7. Therefore, to use the weighting system, determine the capacity of the servers available at a location, and weight each server by the server’s capacity in relation to each of the other servers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Selecting a Local Server
103
Add the LocationServer.xml File to the Extra Files Directory After the LocationServer.xml file has been created, the file must be added to the LiteTouch_x86 and LiteTouch_x64 Windows PE boot images in the X:\Deploy\Control folder. Using Deployment Workbench, add other files and folders to these Windows PE images by specifying an additional directory to add in the deployment point properties. To add LocationServer.xml to the deployment point 593.Create a folder called Extra Files in the root deployment point folder (for example, D:\Distribution\Extra Files). 594.Create a folder structure in the Extra Files folder that mirrors the Windows PE location where the additional file should reside. For example, the LocationServer.xml file must reside in the \Deploy\Control folder in Windows PE; therefore, create the same folder structure under Extra Files (for example, D:\Distribution\Extra Files\Deploy\Control). 595.Copy LocationServer.xml to the \deployment_point\Extra Files\Deploy\Control folder (where deployment_point is the fully qualified path to the root folder of the deployment point). 596.Start Deployment Workbench. 597.In the console tree, expand Deploy, and then click Deployment Points. 598.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 599.In the deployment_point Properties dialog box, on the Windows PE tab, in the Windows PE Customizations section, in the Extra directory to add box, type path, (where deployment_point is the name of the deployment point, and path is the fully qualified path to the Extra Files folder; for example, D:\Distribution\Extra Files), and then click OK.
Update the BootStrap.ini File When a deployment point is created using Deployment Workbench, a DeployRoot property is automatically created and populated in the BootStrap.ini file. Because the LocationServer.xml file is used to populate the DeployRoot property, this value must be removed from the BootStrap.ini file. To remove the DeployRoot property from BootStrap.ini 600.Start Deployment Workbench. 601.In the console tree, expand Deploy, and then click Deployment Points. 602.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 603.Click the Rules tab, and then click Edit BootStrap.ini. 604.Remove the DeployRoot value (for example, DeployRoot=\\Server\Distribution$). 605.Click File, and then click Save to save the changes to the BootStrap.ini file. 606.Click OK to submit the changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
104
Microsoft Deployment Toolkit 2008
Update the Deployment Point The deployment point must next be updated to generate a new LiteTouch_x86 and LiteTouch_x64 boot environment that contains the LocationServer.xml file and the updated BootStrap.ini file. To update the deployment point 607.Start Deployment Workbench. 608.In the console tree, expand Deploy, and then click Deployment Points. 609.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Update. Note When the update process has finished, add the new LiteTouch_x86 and LiteTouch_x64 Windows PE environments back into Windows Deployment Services, or burn them to boot media to use during deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Rep laci ng an Exis ti ng C ompu ter wit h a Ne w Co mpute r U si ng L it e Touc h In sta ll ation MDT 2008 can be used to deploy an image to a new computer that will substitute an existing computer in the enterprise architecture. This situation could arise when upgrading from one operating system to another (a new operating system could require new hardware), or if the organization needs newer, faster computers for existing applications. When replacing an existing computer with a new computer, Microsoft recommends taking into account all settings that will be migrated from one computer to another, such as user accounts and user state data. In addition, it is important to create a recovery solution in case the migration fails. In this sample deployment, replace the existing computer (WDG-EXIST-01) with a new computer (WDG-NEW-02) in the CORP domain by capturing user state data from WDGEXIST-01 and saving it to a network share. Then, deploy an existing image to WDGNEW-02, and finally restore the captured user state data to WDG-NEW-02. The deployment will be performed from a deployment server (WDG-MDT-01). In MDT 2008, the Standard Client Replace Task Sequence template can be used to create a task sequence that will perform all the necessary deployment tasks. This demonstration assumes that: •
MDT 2008 has been installed on the deployment server (WDG-MDT-01).
•
The distribution share has already been created and populated, including operating system images, applications, and device drivers.
•
An image of a reference computer has already been captured and will be deployed to the new computer (WDG-NEW-02).
•
A network shared folder (UserStateCapture$) has been created and shared on the deployment server (WDG-MDT-01) with the appropriate share permissions.
Step 1: Create a Task Sequence to Capture the User State Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. To perform the first part of the Replace Computer deployment scenario (capturing the user state on the existing computer), select the Standard Client Replace Task Sequence template in the New Task Sequence Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
106
Microsoft Deployment Toolkit 2008
To create a task sequence to capture the user state in the Replace Computer deployment scenario 610.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 611.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 612.In the details pane, click New. The New Task Sequence Wizard starts. 613.Complete the New Task Sequence Wizard by using the information in Table 23. Accept the default values unless otherwise specified. Table 23. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_EXIST. In Task sequence name, type Perform Replace Computer Scenario on Existing Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Replace Task Sequence, and then click Finish.
The New Task Sequence Wizard finishes, and the VISTA_EXIST task sequence is added to the list of task sequences.
Step 2: Create a Task Sequence to Deploy Operating System and Restore the User State Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. To perform the second part of the Replace Computer deployment scenario (deploying the operating system, and then restoring the user state on the existing computer), select the Standard Client Task Sequence template in the New Task Sequence Wizard. To create a task sequence to deploy the user state in the Replace Computer deployment scenario 614.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 615.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 616.In the details pane, click New. The New Task Sequence Wizard starts. 617.Complete the New Task Sequence Wizard by using the information in Table 24. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
107
Table 24. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_NEW. In Task sequence name, type Perform Replace Computer Scenario on New Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select captured_vista_image (where captured_vista_image is the captured image the reference computer added to the Operating Systems node in Deployment Workbench). Click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd. Click Finish.
The New Task Sequence Wizard finishes, and the VISTA_NEW task sequence is added to the list of task sequences.
Step 3: Create a LAB Deployment Point After the task sequence for performing the Replace Computer deployment scenario has been added, create a Lab or single-server deployment point. Later in the process, the Windows Deployment Wizard will be used to capture the user state from the existing computer (WDG-EXIST-01). Then, the Windows Deployment Wizard is run again to deploy Windows Vista to the new computer (WDG-NEW-01), and then restore the captured user state information to the new computer (WDG-NEW-01). To create a Lab or single-server deployment point in Deployment Workbench 618.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 619.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
108
Microsoft Deployment Toolkit 2008
620.In the details pane, click New. The New Deployment Point Wizard starts. 621.Complete the New Deployment Point Wizard by using the information in Table 25. Table 25. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click Lab or single-server deployment, and then click Next.
Specify Deployment Point Name
Click Next.
Application List
Click Next.
Allow Image Capture
Click Next.
Allow Admin Password
Click Next.
Allow Product Key
Click Next.
Network Share
Click Next.
Configure User State
Click Finish.
The New Deployment Wizard finishes, and the LAB deployment point is added to the list of deployment points. The C:\Distribution folder (distribution share) is shared as Distribution$.
Step 4: Customize the MDT 2008 Configuration Files When the MDT 2008 task sequence has been created, customize the MDT 2008 configuration files that provide the configuration settings for capturing user state information. Specifically, customize the CustomSettings.ini file by modifying the file in the properties of the LAB deployment point created earlier in the deployment process. In a later step, the LAB deployment point will be updated to ensure that the configuration file is updated in the deployment point. To customize the MDT 2008 configuration files for capturing user state information 622.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 623.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 624.In the details pane, click LAB. 625.In the Actions pane, click Properties. The LAB Properties dialog box appears. 626.In the LAB Properties dialog box, click the Rules tab. 627.On the Rules tab, modify the CustomSettings.ini file to reflect the necessary changes as shown in Listing 32. Make any additional modifications the environment requires.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
109
Listing 32. Customized CustomSettings.ini File [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y UDShare=\\WDG-MDT-01\UserStateCapture$ UDDir=%OSDCOMPUTERNAME% UserDataLocation=NETWORK SkipAppsOnUpgrade=YES SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES 628.In the LAB Properties dialog box, click OK. 629.Close all open windows and dialog boxes.
Step 5: Configure the Windows PE Options for the LAB Deployment Point After creating the LAB deployment point, configure the Windows PE configuration options for it. Configure the Windows PE options for the deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the existing computer (WDG-EXIST-01) and the new computer (WDG-NEW-01) are included with Windows Vista, skip this step and proceed with the following step.
To configure the Windows PE options for the deployment point 630.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 631.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 632.In the details pane, click LAB. 633.In the details pane, click Properties.+ The LAB Properties dialog box appears. 634.In the LAB Properties dialog box, on the Windows PE tab, in Driver group, select device_drivers (where device_drivers is the name of the device driver group), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
110
Microsoft Deployment Toolkit 2008
Step 6: Update the LAB Deployment Point After configuring the Windows PE options for the LAB deployment point, update the deployment point. Updating the deployment point updates all the MDT 2008 configuration files and generates a customized version of Windows PE. The customized version of Windows PE is used to start the reference computer and initiate the LTI deployment process. To update the LAB deployment point in Deployment Workbench 635.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 636.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 637.In the details pane, click LAB. 638.In the Actions pane, click Update. Deployment Workbench starts updating the LAB deployment point. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share).
Step 7: Create the LTI Bootable Media A method must be provided for starting the computer with the customized version of Windows PE created when the LAB deployment point was updated. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). Create the appropriate LTI bootable media from one of these images. To create the LTI bootable media 639.In Windows Explorer, navigate to deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). 640.Based on the type of computer used for the existing computer (WDG-EXIST-01) and new computer (WDG-NEW-02), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the International Organization for Standardization (ISO) file.
•
If the reference computer is a VM, start the VM directly from the ISO file or from a CD or DVD of the ISO file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
111
Step 8: Start the Existing Computer with the LTI Bootable Media Start the existing computer (WDG-EXIST-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the existing computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, the user state migration information is stored in the UserStateCapture$ shared folder. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
To start the existing computer with the LTI bootable media 1. Start WDG-EXIST-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 641.Complete the Windows Deployment Wizard by using the information in Table 26. Accept the default values unless otherwise specified. Table 26. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system Click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Perform Replace Computer Scenario on Existing Computer
Specify where to save your data and settings
Click Next.
Click Next.
Specify where to save a Click Do not back up the existing computer. complete computer Click Next. backup Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
112
Microsoft Deployment Toolkit 2008
642.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 643.In the Deployment Summary dialog box, click Finish. The user state migration information is captured and is stored in the network shared folder (UserStateCapture$) created earlier in the process.
Step 9: Start the New Computer with the LTI Bootable Media Start the new computer (WDG-NEW-02) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the new computer and the captured user state migration information is restored to the new computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
To start the new computer with the LTI bootable media 644.Start WDG-NEW-02 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 645.Complete the Windows Deployment Wizard by using the information in Table 27. Accept the default values unless otherwise specified. Table 27. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Perform Replace Computer Scenario on New Computer, and then click Next.
Configure the computer In Computer name, type WDG-NEW-02, and then click name Next. Join the computer to a domain or workgroup
Click Next.
Specify whether to restore user data
Click Specify a location. In Location, type \\WDG-MDT01\UserStateCapture$\WDG-EXIST-01 Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
113
On this wizard page
Do this
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Specify whether to capture an image
Click Do not capture an image of this computer, and then click Next.
Specify the BitLocker configuration
Click Do not enable BitLocker for this computer, and then click Next.
Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 646.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 647.In the Deployment Summary dialog box, click Finish. Windows Vista is now installed on the new computer and the captured user state migration information is also restored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In te g r ati ng C us tom Dep lo yment Code in to Micr oso ft Depl oymen t Toolki t 2008 It is common for a deployment team to have complex requirements, specific to their target environment, that are not met by the Deployment Workbench predefined task sequence actions or by default MDT 2008 configuration files. In this situation, the deployment team might want to implement custom code to meet their requirements. To integrate custom deployment code into MDT 2008 648.Chose the appropriate scripting language. 649.Understand how to leverage ZTIUtility.vbs. 650.Integrate custom deployment code. The following sections assume that MDT 2008 is configured on a deployment server.
Choose the Appropriate Scripting Language Although any code that can be run on Microsoft Windows or Microsoft Windows PE can be called as an application installation or through an MDT 2008 task sequence step, Microsoft recommends using scripts in the form of .vbs or .wsf files. The advantage of using .wsf files is built-in logging in addition to some other predefined functions already used by the ZTI and LTI processes. These functions are available in the ZTIUtility script distributed with MDT 2008. When referenced from a custom script, the ZTIUtility script initializes the MDT 2008 environment and setup classes. Four classes are available: •
Logging. This class provides the logging functionality that all MDT 2008 scripts use. It also creates a single log file for each script run during deployment and a consolidated log file of all scripts. These log files are created in a format designed to be read by TRACE32; this tool is available in the System Center Configuration Manager 2007 Toolkit at http://www.microsoft.com/downloads/details.aspx?familyid=948e477e-fd3b-4a099015-141683c7ad5f&displaylang=en.
•
Environment. This class configures environment variables gathered through WMI and MDT 2008 rule processing, and allows them to be referenced directly from the script. This allows deployment properties to be read, giving access to all the configuration information used by the ZTI and LTI processes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
115
•
Utility. This class provides general utilities that are used throughout ZTI and LTI scripts. Microsoft recommends that any time custom code is developed this class should be examined to see if any code can simply be reused. Additional information about some of the functionality provided in this class is included later in this section.
•
Database. This class performs functions like connecting to databases and reading information from databases. In general, accessing the database class directly is not recommended; instead, rule processing should be used to perform database lookups.
Understand How to Leverage ZTIUtility Use the ZTIUtility Logging Class The logging class in ZTIUtiliy.vbs provides a simple mechanism for custom code to log status information, warnings, and errors in the same manner as other scripts during a ZTI or LTI deployment. This standardization also ensures that the LTI Deployment Summary dialog box correctly reports the status of any custom code that is run. Listing 33 illustrates an example custom code script that uses the oLogging.CreateEntry function to log different types of messages, depending on the amount of RAM available in the workstation. Listing 33. Example Script Using ZTIUtility Logging: Z-RAMTest.wsf <job id="Z-RAMTest"> <script language="VBScript" src="ZTIUtility.vbs"/> <script language="VBScript"> ' //************************************************************* ' // ***** Script Header ***** ' // ' // Solution: Solution Accelerator for Business Desktop Deployment ' // File: Z-RAMTest.wsf ' // ' // Purpose: Check the amount of RAM prior to upgrading a workstation ' // ' // Usage: cscript Z-RAMTest.wsf [/debug:true] ' // ' // Customer Build Version: 1.0 ' // Customer Script Version: 1.0 ' // ' // Customer History: ' // ' // ***** End Header ***** ' //************************************************************* '//-------------------------------------------------------------Solution Accelerators
microsoft.com/technet/SolutionAccelerators
116
Microsoft Deployment Toolkit 2008
'// '// Global constant and variable declarations '// '//-------------------------------------------------------------Option Explicit Dim iRetVal '//-------------------------------------------------------------'// End declarations '//-------------------------------------------------------------'//-------------------------------------------------------------'// Main routine '//-------------------------------------------------------------On Error Resume Next iRetVal = ZTIProcess ProcessResults iRetVal On Error Goto 0 '//-------------------------------------------------------------'// '// Function: ZTIProcess() '// '// Input: None '// '// Return: Success - 0 '// Failure - non-zero '// '// Purpose: Perform main ZTI processing '// '//-------------------------------------------------------------Function ZTIProcess() ZTIProcess = Failure Dim varAvailableRAM oLogging.CreateEntry "Z-RAMTest launched to evaluate available RAM in target workstation", LogTypeInfo
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
117
varAvailableRAM = oEnvironment.Item("Memory") oLogging.CreateEntry "Available RAM on target workation is: " & varAvailableRAM, LogTypeInfo If varAvailableRAM < 512 Then oLogging.CreateEntry "Not enough RAM avialable to continue upgrade process.",LogTypeError ZTIProcess = Failure ElseIf VarAvailableRAM >= 512 AND varAvailableRAM < 1024 Then oLogging.CreateEntry "Limited amount of RAM available in workstaion, upgrade continuing.",LogTypeWarning ZTIProcess = Success Else oLogging.CreateEntry "Sufficient RAM available for upgrade.",LogTypeInfo ZTIProcess = Success End If End Function
Use the ZTIUtility Environment Class The environment class in ZTIUtiliy.vbs provides access to, and the ability to update, MDT 2008 properties. In Listing 33, oEnvironment.Item("Memory") is used to retrieve the amount of available RAM; this can also be used to retrieve the value of any of the properties described in the MDT 2008 document, Toolkit Reference.
Use the ZTIUtility Utility Class The ZTIUtility.vbs script contains a number of commonly used utilities that can be used by any custom deployment script. These can be added to any script the same way as the oLogging and oEnvironment classes. Table 28 details some useful functions available, and their output. For a full list of available functions, refer to the ZTIUtility.vbs file. Table 28. Useful ZTI Utility Functions Function
Output
oUtility.LocalRootPath
Returns the path of the root folder being used by the deployment process on the target computer; for example, C:\MININT.
oUtility.BootDevice
Returns the system boot device; for example, MULTI(0)DISK(0)RDISK(0)PARTITION(1).
oUtility.LogPath
Returns the path to the logs folder being
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
118
Function
Microsoft Deployment Toolkit 2008
Output used during the deployment; for example, C:\MININT\SMSOSD\OSDLOGS.
oUtility.StatePath
Returns the path of the currently configured state store; for example, C:\MININT\StateStore.
oUtility.ScriptName
Returns the name of the script calling the function; for example, Z-RAMTest.
oUtility.ScriptDir
Returns the path to the script that is calling the function; for example, \\<ServerName>\Distribution$\Scripts.
oUtility.ComputerName
Determines the computer name that will be used during the build process; for example,.
oUtility.ReadIni(file,section,item)
Allows the specified item to be read from an .ini file.
oUtility.WriteIni(file,section,item,myvalue) Allows the specified item to be written to an .ini file. oUtility.Sections(file)
Reads the sections of an .ini file and stores them in an object for reference.
oUtility.SectionContents(file,section)
Reads the contents of the specified .ini file and stores them in an object.
oUtility.RunWithHeartbeat(sCmd)
When the command is run, heartbeat information is written to the logs every 0.5 seconds.
oUtility.FindFiles(sFilename,sFoundPath)
Searches for the specified file in the DeployRoot folder and standard subfolders including Servicing, Tools, USMT, Templates, Scripts, and Control.
oUtility.findMappedDrive(sServerUNC)
Checks to see if a drive is mapped to the specified UNC path, and returns the drive letter.
oUtility.ValidateConnection(sServerUNC)
Checks to see if there is an existing connection to the server specified, and if there is not, will attempt to create one.
MapNetworkDrive(sShare,SDomID, sDomPwd)
Maps a drive letter to the UNC path specified as the share, and returns the drive letter used; returns an error if unsuccessful.
VerifyPathExists(strPath)
Verifies that the specified path exists.
Integrate Custom Deployment Code Custom deployment code can be integrated into the MDT 2008 process in several ways; however, regardless of the method used, the following two rules should be met: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
119
651.The custom deployment code script name should always begin with the letter Z. MDT 2008 replicates files only beginning with a Z; for example, Z-RAMTest. 652.The custom deployment code should be placed in the Scripts folder on the deployment share; for example, D:\Distribution\Scripts. The most frequently used methods for integrating custom code that also ensure consistent logging are: 653.Deploy the code as an MDT 2008 application. 654.Launch the code as an MDT 2008 task sequence command. 655.Launch the code as a user exit script.
Deploy Custom Code As a Microsoft Deployment Toolkit Application Custom deployment code can be imported into Deployment Workbench and managed the same way as any other application. To create a new application to run custom deployment code 656.Copy the custom deployment code to the distribution_share\Scripts folder (where distribution_share is the fully qualified path to the distribution share). 657.Start Deployment Workbench. 658.In the console tree, click Distribution, and then click Applications. 659.In the actions pane, click New. The New Application Wizard will start. 660.Complete the New Application Wizard using the information in Table 29; accept defaults unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
120
Microsoft Deployment Toolkit 2008
Table 29. Information for Completing the New Application Wizard On this page
Do this
Application Type
Click Application without source files or elsewhere on the network. Click Next.
Details
Complete this page based on the information from the application. Click Next.
Command Details
In the Command line box, type cscript.exe %SCRIPTROOT%\custom_code (where custom_code is the name of the custom code that has been developed). In the Working directory box, type working_directory (where working_directory is the name of the working directory of the custom code; this is typically the same folder specified in the Command line box). Click Finish.
The application will appear on the Applications node in Deployment Workbench.
Add the Custom Code As a Task Sequence Step Custom deployment code can be called directly from any point within a task sequence; this gives access to the usual task sequence rules and options. To add the custom deployment code to an existing task sequence 661.Copy the custom deployment code to the \distribution_share\Scripts folder (where distribution_share is the fully qualified path to the distribution share). 662.Start Deployment Workbench. 663.In the console tree, click Task Sequences. 664.In the details pane, click task_sequence (where task_sequence is the name of the task sequence that runs the custom code). 665.In the actions pane, click Properties. 666.In the task_sequence Properties dialog box, click the Task Sequence tab. 667.In the console tree, go to group (where group is the group to add the task sequence step). 668.Click Add, click General, and then click Run Command Line. 669.In the console tree, click Run Command Line, and then click the Properties tab. 670.In the Name box, type name (where name is the name of the custom code).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
121
671.On the Properties tab, in the Command line box, type command_line (where command_line is the command to run the custom code; for example, cscript.exe %SCRIPTROOT%\CustomCode.vbs). 672.In the Start in box, type path (where path is the fully qualified path to the working folder of the custom code; typically this is the same path specified in the Command line box), and then click OK. The newly created task sequence step will appear in the list of task sequences.
Run Custom Code As a User Exit Script It also is possible to run the custom code as a user exit script from CustomSettings.ini. This provides a mechanism for information to be passed into the CustomSettings.ini rule validation process and provides a dynamic update of MDT 2008 properties. A user exit script is effectively a function library that can be called during the processing of CustomSettings.ini: •
A user exit script will contain one or more functions that can be called during CustomSettings.ini processing.
•
The user exit script is called by specifying the UserExit property and assigning the property name of the script to be called; for example, UserExit=TrimAssetTag.vbs.
•
A function is called by specifying the name of a function enclosed in the # characters. For example, if the user exit script contains a function called TrimAssetTag(), it would be called by specifying #TrimAssetTag()#.
•
Parameters can be passed to the function in the usual way by specifying the parameter while calling the function. For example, to pass the variable %ASSETTAG% to the function TrimAssetTag(), the function would be called by specifying #TrimAssetTag(“%ASSETTAG%”)#.
•
The value returned by the function can be assigned to a variable by assigning the function to that variable. For example, to take the asset tag of a computer and trim it using the function TrimAssetTag(), and to then reassign the trimmed asset tag to the variable AssetTag, the CustomSettings.ini file would read AssetTag=#TrimAssetTag(“%ASSETTAG%”)#.
An example of how this could be used is to determine the task sequence to be run based on a rule that sets the TaskSequenceID property. Listing 34 is an example user exit script that determines the task sequence to be run based on the amount of available RAM. This script also uses the ZTIUtility logging class. Listing 34. Example User Exit Script Function UserExit(sType,sWhen,sDetail,bSkip) UserExit = Successfs End Function Function SetTaskSequence(vMemory) oLogging.CreateEntry "UserExit - Determining Task Sequence to run based on available RAM",LogTypeInfo If vMemory <= 2048 Then SetTaskSequence = "XP_X86" Solution Accelerators
microsoft.com/technet/SolutionAccelerators
122
Microsoft Deployment Toolkit 2008
oLogging.CreateEntry "UserExit - Available RAM: " & vMemory & ". Selecting XP_X86 TS.",LogTypeInfo Else SetTaskSequence = "Vista_X86" oLogging.CreateEntry "UserExit - Available RAM: " & vMemory & ". Selecting Vista_X86 TS.",LogTypeInfo End If End Function The user exit script should be placed in the same location as the CustomSettings.ini file in which it is referenced; this is typically the Control folder of the distribution point. To create the user exit script 673.Create and test the custom script to be used. 674.Locate the MDT 2008 Control folder (for example, D:\Distribution\Control). 675.Copy the custom script to the Control folder. With the user exit script added to the deployment point (in this case, z-RAMTest.wsf), it must then be referenced in the CustomSettings.ini file for the deployment point so it is called during deployment. To call the user exit script from CustomSettings.ini 676.Start Deployment Workbench. 677.In the console tree expand Deploy, and then click Deployment Points. 678.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 679.Click the Rules tab to display the CustomSettings.ini file. 680.Add sections to UserExit.vbs to call the required functionality using the principles described in the previous section. An example CustomSetting.ini file is shown in Listing 35. 681.Click OK to submit the changes. 682.Right click deployment_point, and then click Update (files only) to update the deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
123
Another common use for the user exit script is to dynamically set the computer name from known MDT 2008 properties such as SerialNumber, Model, or Product. Listing 35. Example CustomSettings.ini for Calling the User Exit Script [Settings] Priority=Default [Default] OSInstall=Y TaskSequenceID=#SetTaskSequence("%MEMORY%")# UserExit=Z-RAMTest.vbs UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=YES SkipAdminPassword=NO SkipProductKey=YES
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ins tal ling De vice Dri ver s Us ing Var ious In sta ll ation Me thods In this scenario, MDT 2008 is used to deploy an operating system to different types of hardware. As part of the deployment process, device drivers must be identified and installed so that each hardware type will function correctly. There are two main types of device drivers; each must be handled differently during the deployment process: 683.Device drivers that contain an .inf file that can be used to import the device driver into Deployment Workbench. 684.Device drivers that are packaged as an application, and that must be installed as an application. Using MDT 2008 both types of drivers can be handled as part of an operating system deployment. To install device drivers using different methods 685.Determine which method to use to install each device driver. 686.Install device drivers using the out-of-box drivers method. 687.Install device drivers as applications. This scenario assumes that MDT 2008 is running on a deployment server.
Determine Which Method to Use to Install a Device Driver Hardware manufacturers release device drivers in one of two forms: 688.As a package that can be extracted and that contains .inf files that can then be used to import the driver into Deployment Workbench. 689.As an application that must be installed using traditional application installation processes. Device driver packages that can be extracted to access .inf files can use the MDT 2008 automatic driver detection and installation process by first importing the driver into the Out-of-Box Drivers node in Deployment Workbench. Device driver packages that cannot be extracted to isolate .inf files, or those that do not work correctly without first being installed using an application installer such as an .msi or Setup.exe file can use the MDT 2008 Install Application feature and install the device driver during the deployment process just as for any normal application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
125
Install Device Drivers Using the Out-ofBox Drivers Method Device driver packages that include an .inf file can be imported to Deployment Workbench and be installed automatically as part of the deployment process. To implement this type of device driver deployment, first add the device driver to Deployment Workbench. To add the device driver to Deployment Workbench 690.Download the device drivers that are required for the hardware types to be deployed, and extract the device driver package to a temporary location. 691.Start Deployment Workbench. 692.In the console tree, expand Distribution Share. 693.Right-click Out-of-Box Drivers, and then click New. 694.In the New Device Driver Wizard, in the Drive source directory section, click Browse to go to the folder that contains the new device drivers, and then click OK. Note The New Device Driver Wizard will search all subdirectories of the driver source directory; therefore, if there are multiple drivers to install, extract them into folders within the same root directory and then set the driver source directory as the root directory that holds all of the driver source folders.
695.In the These drivers can be assigned to one or more groups as they are being imported section, click or add the relevant driver groups. Note The driver groups can be used during a deployment to limit the number of drivers that will be searched by MDT 2008 scripts. For example, if all drivers for a Dell Latitude D600 were imported and assigned to a driver group called Dell Latitude D600 Drivers, CustomSettings.ini or the Deployment Workbench database could be used to specify that for any Dell Latitude D600 computer, use only drivers from that driver group. To do this, add DriverGroups1=Dell Latitude D600 Drivers to a Dell-specific section of the file or database. For more information about creating computer-specific entries in CustomSettings.ini or in the Deployment Workbench database, see the section “Install Device Drivers As an Application” in this document.
7. Click Finish to import the drivers into Deployment Workbench. If the device drivers contain boot-critical drivers such as mass storage or network class drivers, the deployment point must next be updated to generate a new LiteTouch_x86 and LiteTouch_x64 boot environment that contains the new drivers. To add device drivers to the Lite Touch Windows PE images 696.Start Deployment Workbench. 697.In the console tree, expand Deploy, and then click Deployment Points. 698.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Update.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
126
Microsoft Deployment Toolkit 2008
Install Device Drivers As an Application Device drivers that are packaged as applications and which cannot be extracted to a folder containing an .inf file, in addition to additional driver files, should be added to Deployment Workbench as an application for installation during the deployment process. Applications can be specified as a task sequence step or specified in CustomSettings.ini; however, device driver applications should be installed only when the task sequence is run on a computer with the devices. To ensure this, run the task sequence step for deploying the relevant device driver applications as a conditional task sequence step. The conditional criteria can be specified for running the task sequence step using WMI queries for the device on the target computer.
Add the Device Driver Application to Deployment Workbench Each device driver application must first be imported into Deployment Workbench. To add the device driver application to Deployment Workbench 699.Download the device driver application and save it to a temporary location. 700.Start Deployment Workbench. 701.In the console tree, expand Distribution Share. 702.Right-click Applications, and then click New. 703.In the New Application Wizard, click Application with source files, and then click Next. 704.On the Details page, type relevant details about the application, and then click Next. 705.On the Source page, in the Source directory section, click Browse to go to and then click the directory that contains the device driver application source files, and then click OK. 706.Click Next. 707.On the Destination page, type a name for the destination directory, and then click Next. 708.On the Command Details page, in the Command line section, type the command that allows silent installation of the device driver application. 709.Click Finish to import the device driver application into Deployment Workbench. Note This process must be repeated for each device driver application that needs to be used during deployment. Using Deployment Workbench, whether the application should be visible during deployment in the Lite Touch Installation Application Wizard can also be specified. To do this, in the Properties dialog box of any application, select or clear the Hide this application in the Deployment Wizard check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
127
After the applications are imported into Deployment Workbench, each application must be added to the deployment process using the appropriate logic to ensure that the application installs only when running on the correct hardware. There are different methods for achieving this: 710.Specify the device driver application as part of a deployment task sequence. 711.Specify the device driver application in CustomSettings.ini. 712.Specify the device driver application in the Deployment Workbench database. Each approach is discussed in more detail in the following sections.
Specify the Device Driver Application As Part of a Task Sequence The first method for adding a device driver application to the deployment process is to use a task sequence to add additional steps for each device driver application. There are two main approaches for managing device driver applications in the task sequence: 713.Create a new task sequence group for each hardware model, and then add a query to run that group of actions if the computer matches a specific hardware type. 714.Create a task sequence group for hardware-specific applications, and then add queries for each task sequence action so that each task sequence step is evaluated against the hardware type and will run only if a match is found. To create a new task sequence group for each type of hardware 715.Start Deployment Workbench. 716.In the console tree, click Task Sequences. 717.Right-click task_sequence (where task_sequence is the deployment task sequence that will be required to install the device driver application), and then click Properties. 718.In the task_sequence Properties dialog box, on the Task Sequence tab, in the details pane, go to State Restore/Windows Update (Pre-Application Installation). 719.On the Task Sequence tab, click Add, and then click New Group. This creates a new task sequence group in the task sequence. Use this new task sequence group to create the steps for installing the hardware-specific device driver applications. 720.In the details pane, click New Group. 721.On the Properties tab, in the Name box, type group_name (where group_name is the name of the group; for example, Hardware Specific Applications – Dell Computer Corporation). 722.On the Options tab, click Add, and then click Query WMI.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
128
Microsoft Deployment Toolkit 2008
723.In the Task Sequence WMI Condition dialog box, type the following details: •
In the WMI namespace box, type root\cimv2.
•
In the WQL query box, type a WMI Query Language (WQL) query using the Win32_ComputerSystem class to ensure that the application is installed only for a specific application type. For example: Select * FROM Win32_ComputerSystem WHERE Model LIKE %hardware_model% AND Manufacturer LIKE %hardware_manufacturer% In this example, hardware_model is the name of the computer model (such as Latitude D620) and hardware_manufacturer is the name of the computer make (such as Dell Corporation). The % symbol is a wildcard character that is included in the names to allow administrators to return any computer models or manufactures that contains the value specified for hardware_model or hardware_manufacturer.
For more information about WMI and WQL queries, see the MDT 2008 document, Image Customization Guide, and see Querying with WQL at http://msdn.microsoft.com/en-us/library/aa392902.aspx. 724.Click OK to submit the query, and then click OK to submit changes to the task sequence. Note This process must be repeated for each hardware type of each device driver application to be installed.
After the hardware-specific task sequence groups have been created, device driver applications can be added to each group. To add device driver applications to hardware-specific task sequence groups 725.Start Deployment Workbench. 726.In the console tree, click Task Sequences. 727.Right-click task_sequence (where task_sequence is the deployment task sequence that will be required to install the device driver application), and then click Properties. 728.In the task_sequence Properties dialog box, click the Task Sequence tab. 729.In the details pane, go to State Restore/Hardware_Specific_Group (where Hardware_Specific_Group is the name of the hardware-specific group where the task sequence step will be added to install the device driver application ). 730.On the Task Sequence tab, click Add, click General, and then click Install Application The Install Application task sequence step appears in the details pane. 731.In the details pane, click Install Application. 732.On the Properties tab, click Install a single application, and in the Application to install list,, select hardware_application (where hardware_application is the application for installing the hardware-specific application). Note This process must be repeated for each device driver application that needs to be used during a deployment
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
129
Specify the Device Driver Application in CustomSettings.ini When an LTI or ZTI deployment begins, one of the first actions to be completed is the processing of the BootStrap.ini and CustomSettings.ini control files. Both of these files contain rules that can be used to dynamically customize the deployment. Because of the way MDT 2008 processes the CustomSettings.ini file it can be used to add applications based on specific conditions. This logic will be used to add device driver–specific applications during deployment based on specific hardware types. Applications are referenced in CustomSettings.ini by the application’s globally unique identifier (GUID), located in the Applications.xml file in the distribution share. To locate an imported application’s GUID 733.In the distribution share of the deployment server, open the Control folder; for example, D:\Distribution\Control. 734.Locate and open the Applications.xml file. 735.Locate the required application. 736.Locate the application GUID by locating the line enclosed in the application tags; for example, . As part of the initialization process, both the LTI and ZTI process gather information about the computer on which it is running. As part of this process, WMI queries are performed and the values from the Win32_ComputerSystem class for make and manufacturer are populated as variables %Make% and %Model%, respectively. These values can be used during processing the CustomSettings.ini file to dynamically read sections of the file depending on the make and model detected. Listing 36 shows an example of the CustomSettings.ini file. Listing 36. Sample CustomSettings.ini Configured for a Hardware-Specific Application Installation [Settings] Priority=Make, Default Properties=MyCustomProperty [Default] OSInstall=Y [Dell Computer Corporation] Subsection=Dell-%Model% [Dell-Latitude D620] MandatoryApplications1={1D7DF331-47B7-472C-87B3-442597EC2F7D} [Dell-Latitude D610] MandatoryApplications1={c303fa6e-3a4d-425e-8102-77db9310e4d0}
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
130
Microsoft Deployment Toolkit 2008
The following properties can be used to specify applications in CustomSettings.ini: •
Applications. This property can be used when deployment administrators do not want to present an application wizard as part of the deployment process by specifying SkipApplications=YES in CustomSettings.ini.
•
MandatoryApplications. This property can be used if deployment administrators want to present the application wizard during the deployment to allow deployment engineers to select additional applications to be installed during the deployment.
If the application wizard is used without the MandatoryApplications property (for example, SkipApplications=NO), it will overwrite applications specified by the Applications property. Listing 36 shows how to use the %Make% and %Model% variable values to dynamically manipulate how the applications list is built. The values for the make and model of each type of hardware can be located using one of the following methods: 737.The System Information tool. Use the System Summary node in this tool to identify the System Manufacturer (make) and System Model (model). 738.Windows PowerShell™. Use the Get-WMIObject –class Win32_ComputerSystem cmdlet to determine the make and model of the computer. 739.Windows Management Instrumentation Command-line (WMIC). Use CSProduct Get Name, Vendor to return the name (model) and vendor (make) of the computer. To modify CustomSettings.ini to add hardware-specific logic 740.Start Deployment Workbench. 741.In the console tree, expand Deploy, and then click Deployment Points. 742.In the details pane, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to configure), and then click Properties. 743.Click the Rules tab. 744.Information typed on this tab is stored in the CustomSettings.ini file. Modify the CustomSettings.ini file entries to add logic for each hardware model that has a device driver–specific application, as described in the section “Specify the Device Driver Application As Part of a Task Sequence.” 745.Click OK to submit the changes. 746.Right-click deployment_point, and then click Update (files only) to submit the changes to the deployment point. By default, all available applications are displayed in the Deployment Wizard during a Lite Touch Installation (LTI). Because device driver–specific applications are applicable only to specific hardware types, IT might not want them displayed all the time. By specifying the device driver–specific application package in CustomSettings.ini, the application can be hidden using the Hide the application in the Deployment Wizard option in the application configuration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
131
To hide an application in the Deployment Wizard 747.Start Deployment Workbench. 748.In the console tree, click Applications. 749.Right-click device_driver_application (where device_driver_application is the application to be hidden from the Deployment Wizard), and then click Properties. 750.On the General tab, select the Hide the application in the Deployment Wizard check box. 751.Click Apply, and then close the Properties dialog box.
Specify the Device Driver Application in the Deployment Workbench Database The Deployment Workbench database is a database version of the CustomSettings.ini file and can be queried at deployment time for information to be used during the deployment. For more information about using the Deployment Workbench database, see the section “Automating Deployment to a Specific Computer” in this guide. When querying the Deployment Workbench database at deployment time, there are three methods available for identifying the target computer: 752.Search for the individual computer (using the media access control [MAC] address, asset tag, or similar). 753.Search for the location of the computer (using the default gateway). 754.Search for the make and model of the computer (using WMI manufacturer/make and model queries). For each database entry that is created, administrators can specify deployment properties, applications, whether to use Systems Management Server or Configuration Manager packages, and administrators. By creating make and model entries in the database, administrators can add the required hardware-specific device driver applications. To create entries in the Deployment Workbench database to allow installation of device driver applications 755.Start Deployment Workbench. 756.In the console tree, go to Deploy/Database. 757.Right-click Make and Model, and then click New. 758.In the Properties dialog box, on the Identity tab, in the Make box, type make_name (where make_name is an easily identified name to associate with the manufacturer of the target computer). 759.In the Model box, type model_name (where model_name is an easily identified name to associate with the model of the target computer). 760.On the Applications tab, add each of the device driver applications required for that model of hardware. Note This process must be repeated for each specific hardware make and model that requires a device driver application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In it ia ti ng M icr osof t Dep lo yment Toolki t Us ing W indo ws Dep lo yment Ser vi ces Windows Server 2008 uses Windows Deployment Services as an updated and redesigned version of Remote Installation Services (RIS), the default deployment tool in Windows Server 2003 SP2. Using Windows Deployment Services, Windows operating systems can be deployed, particularly Windows Vista and Windows Server 2008, across a network using either a computer’s PXE–enabled network adapter or boot media. Although this section focuses on the Windows Deployment Services role in Windows Server 2008, all of the samples in this section, with the exception of deployments using multicasting, also apply to Windows Deployment Services installed on Windows Server 2003. Before deploying Windows Deployment Services, administrators should consider the following integration options, to determine which option best suits their environment: •
Option 1: Boot computers boot in PXE to initiate the LTI process.
•
Option 2: Deploy an operating system image from the Windows Deployment Services image store.
•
Option 3: Use multicasting with MDT 2008 and the Windows Server 2008 Windows Deployment Services server role.
•
Option 4: Configure the Windows Deployment Services PXE filter to allow System Center Configuration Manager to respond to unknown computers.
Option 1: Boot Computers in PXE to Initiate the LTI Process Help minimize the cost of managing operating system deployments by starting the MDT 2008 deployment process using Windows Deployment Services in conjunction with DHCP. This removes the requirement of creating and delivering bootable media to each target computer.
Create and Import the Deployment Workbench Windows PE Image into Windows Deployment Services When creating a new MDT 2008 deployment point or modifying an existing MDT 2008 deployment point using the Lab or single-server deployment or Separate deployment share deployment point types, a customized Windows PE boot image can be created. When the deployment point is updated, the Windows PE boot image is automatically generated and updated with information about the deployment point, and it will inject any additional drivers or components specified during the deployment point configuration. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
133
The Windows PE boot image is generated as both an .iso image file, which can be written to a CD or DVD, and as a bootable WIM file. The WIM file can be imported to a Windows Deployment Services server so that computers that can boot in PXE can download and run the LTI Windows PE boot image across a network used to initialize an installation. To create a bootable Windows PE image in Deployment Workbench 761.Start Deployment Workbench. 762.In the console tree, click Deployment Points. 763.In the details pane, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to configure), and then click Properties. 764.In the deployment_point Properties dialog box, click the Windows PE tab. 765.In the Images to Generate area, select the Generate a Lite Touch bootable RAM disk ISO image check box. 766.In the Driver Injection section, click the appropriate driver types to include. Note This step is not necessary if Windows PE already includes the necessary device drivers.
767.In the Driver Injection section, in the Driver group list, select the appropriate driver group. 768.In the deployment_point Properties dialog box, click OK. Note This step is not necessary if Windows PE already includes the necessary device drivers.
769.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point), and then click Update. When this process completes, the Boot folder in the distribution share will contain a number of boot images; for example: D:\Distribution\Boot\LiteTouchPE_x64.iso D:\Distribution\Boot\LiteTouchPE_x64.wim D:\Distribution\Boot\LiteTouchPE_x86.iso D:\Distribution\Boot\LiteTouchPE_x86.wim 770.The .iso files that have been generated can be written directly to CD or DVD, or be used to initialize the LTI process on new hardware; the boot WIM files created can be imported into Windows Deployment Services. When bootable WIM images are available, they can be imported to an existing Windows Deployment Services server, so that new computers can initialize the LTI deployment process without requiring any physical media. To import the Windows PE image into Windows Deployment Services 771.Start the Windows Deployment Services console, and then connect to the appropriate Windows Deployment Services server. 772.In the console tree, right-click Boot Images, and then click Add Boot Image. 773.Browse to the WIM image to be imported; for example, D:\Distribution\Boot\LiteTouchPE_x86.wim.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
134
Microsoft Deployment Toolkit 2008
774.The import process will automatically read the metadata from the boot image, but the Image Name and Image Description values can also be edited; the Image Name affects the boot option information displayed by Windows Boot Manager when the client boots in PXE. 775.When the boot image has been imported, any computer that boots in PXE and receives a reply from the Windows Deployment Services server will be able to download the LTI boot image and initiate an LTI installation. Installing and configuring Windows Deployment Services is not covered in this guide. For additional information about Windows Deployment Services, visit http://technet.microsoft.com/en-us/library/cc265612.aspx.
Use Windows Deployment Services to Automatically Detect the Deployment Server An additional option is available when using Windows Deployment Services to host MDT 2008 boot images when the MDT 2008 distribution share is hosted on the same server as Windows Deployment Services. When the MDT 2008 boot image is loaded by a PXE client, the name of the Windows Deployment Services server hosting the boot image is captured and placed in the MDT 2008 property WDSServer. This property can then be referenced in the boot image’s BootStrap.ini file and in the deployment point’s CustomSettings.ini file by the DeployRoot property. This results in a client that boots from the Windows Deployment Services server automatically using the deployment point hosted on the Windows Deployment Services server. This eliminates the need to specify a server name in any configuration file. To set the local Windows Deployment Services server as the deployment server 776.Start Deployment Workbench. 777.In the console tree, expand Deploy, and then click Deployment Points. 778.In the details pane, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to configure), and then click Properties. 779.Click the Rules tab. 780.Information typed on this tab is stored in the CustomSettings.ini file. Configure the DeployRoot property to use the %WDSServer% variable; for example, DeployRoot=\\%WDSServer%\Distribution$. 781.Click Edit Bootstrap.ini. 782.Configure BootStrap.ini to use the %WDSServer% property by adding or changing the DeployRoot value to DeployRoot=\\%WDSServer%\Distribution$. 783.On the File menu, click Save to save the changes to the BootStrap.ini file. 784.Click OK. 785.To update the deployment point, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to update), and then click Update to generate updated boot images. 786.Import the updated boot WIM into Windows Deployment Services as described in the section “Import the LTI Boot Image into Windows Deployment Services.”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
135
Option 2: Deploy an Operating System Image from the Windows Deployment Services Store If an organization is already using Windows Deployment Services for operating system deployment, it can extend the functionality of MDT 2008 by configuring it to reference the Windows Deployment Services operating system images already in use rather than using its own store, and to supplement Windows Deployment Services deployments with driver management, application deployment, update installation, rule processing, and other MDT 2008 functionality. After a Windows Deployment Services operating system image has been referenced by MDT 2008 it can be treated like any operating system that has been staged to an MDT 2008 deployment point. To reference a Windows Deployment Services operating system image The following steps require that at least one operating system image has previously been imported into the Windows Deployment Services server. 787.Update MDT 2008 to be able to access Windows Deployment Services images by copying the following files from the Sources folder of the Windows Vista or Windows Server 2008 media to the \\Program Files\Microsoft Deployment Toolkit\bin folder on the Windows Deployment Services server: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
•
Wdstptc.dll (this is only applicable if copying from the Windows Server 2008 or Windows Vista with SP1 source directories)
Note The Windows source directory being used must match the platform of the operating system running on the computer where MDT 2008 is installed.
788.In the Deployment Workbench console tree, go to Distribution Share/Operating Systems. 789.In the actions pane, click New to start the New OS Wizard. 790.On the OS Type page, click Windows Deployment Services images, and then click Next. 791.Type the name of the Windows Deployment Services server to be referenced—for example, WDSSvr001—and then click Finish. 792.All of the images available on the Windows Deployment Services server will now be available to MDT 2008 task sequences. Note Importing images from Windows Deployment Services does not copy the source files from the Windows Deployment Services server to the distribution share. MDT 2008 continues to use the source files from their original location.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
136
Microsoft Deployment Toolkit 2008
Option 3: Use Multicasting with Microsoft Deployment Toolkit and Windows Server 2008 Windows Deployment Services Role With the release of Windows Server 2008, Windows Deployment Services was enhanced to support the deployment of images using multicast transmissions. MDT 2008 also includes updates to integrate MDT with Windows Deployment Services multicasting. In addition, an updated Windows Automated Installation Kit (WAIK), version 1.1, includes Wdsmcast.exe. This allows multicast sessions to be joined manually and allows the client launching Wdsmcast.exe to copy files from an active multicast session. The LTIApply.wsf script uses Wdsmcast.exe when it accesses operating system source files from the distribution point. LTIApply.wsf looks for Wdsmcast.exe on the deployment point either in the .\Tools\x86 or the .\Tools\x64 folder, depending on the version of Windows PE that is running. When LTIApply.wsf runs it will always attempt to access and download WIM images from an existing multicast stream, but it will fall back to a standard file copy if a multicast stream does not exist. This process applies only to WIM image files and is not used when performing unattended installations of Windows XP and Windows Server 2003. To prepare for MDT 2008 multicasting—deployment server prerequisites 793.The deployment server must be running Windows Server 2008. 794.The Windows Deployment Services role must be installed from the Server Management console. 795.WAIK 1.1 for Windows Server 2008 must be installed. 796.MDT 2008 must be installed. 797.As with any deployment using MDT 2008, at least one operating system WIM image must have been imported, either as a full set of source files or as a custom image with setup files. Note It is important to use the latest version of WAIK for multicasting; the copy of Windows PE included in earlier versions of WAIK—for example, WAIK 1.0—does not support downloading from a multicast server.
To configure MDT 2008 for multicasting from an existing deployment point 798.In the Deployment Workbench console tree, expand Deployment, and then click Deployment Points. 799.Select deployment_point (where deployment_point is an existing Lab or Network deployment point that to configure), and then, in the actions pane, click Properties. 800.On the General tab, select the Enable multicast for this deployment point (requires Windows Server 2008 Windows Deployment Services) check box. 801.Apply the changes to the deployment point. 802.In Deployment Workbench, click deployment_point, and then, in the actions pane, click Update to generate the Windows Deployment Services multicast transmission for the distribution share.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
137
This process creates an Auto-Cast Windows Deployment Services multicast transmission that directly uses the existing MDT 2008 distribution share. MDT 2008 does not create Scheduled-Cast transmissions. Also note that no additional images are imported into Windows Deployment Services and that it is not possible to use multicast for boot images, because the multicast client cannot be loaded until after Windows PE is running. To verify that the multicast transmission has been generated in Windows Deployment Services 803.Click Start, point to Administrative Tools, and then click Windows Deployment Services. 804.In the Windows Deployment Services console console tree, right-click Servers, and then click Add Server. 805.In the Add Servers(s) dialog box, click Local computer, and then click OK. 806.In the Windows Deployment Services console console tree, click Servers, then click server_name (where server_name is the name of the computer running Windows Deployment Services), and then click Multicast Transmissions. 807.In the details pane, a new Auto-Cast transmission for the deployment point share will be listed; for example, BDD Share Distribution$. 808.Verify that the status of the BDD Share Distribution$ Auto-Cast transmission is set to Active. After a computer has been deployed, verify that the operating system was downloaded from a multicast transmission by examining the BDD.log file in the \Windows\Temp\DeploymentLogs folder. There will be two entries in the logs folder, both beginning with Multicast transfer; check them to verify that the transfer was successful. For more information on multicast transmissions with MDT 2008 and Windows Deployment Services, see “Configuring MDT 2008 and Windows Deployment Services for Multicast Operation” in Preparing for LTI Tools.
Option 4: Configure Windows Deployment Services PXE Filter Provider to Allow Configuration Manager to Respond to Unknown Computers When a computer is booted in PXE from a System Center Configuration Manager PXE service point, the PXE service point will check the System Center Configuration Manager site database for System Center Configuration Manager computer objects that match the details of the client making the PXE boot request. If the computer is unknown, System Center Configuration Manager will ignore the client and the client will fall back to the next boot device.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
138
Microsoft Deployment Toolkit 2008
To deploy an operating system to an unknown computer using the PXE service point in System Center Configuration Manager, the computer’s details are first pre-staged in the System Center Configuration Manager database. MDT 2008 provides a Windows Deployment Services PXE filter provider that allows operating system deployments to unknown computers in System Center Configuration Manager. The MDT 2008 Windows Deployment Services PXE filter provider performs the following actions: •
Checks the System Center Configuration Manager site database for records of the computer performing the PXE request.
•
If the computer account is not found, creates a computer account in the site database.
•
If the computer account is not found, adds the new computer account to a specific System Center Configuration Manager collection.
•
Checks for up to 30 seconds for an advertisement to become available.
Install the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider Installing the Windows Deployment Services PXE filter provider requires that MDT 2008 is installed on the Windows Deployment Services server that is hosting the System Center Configuration Manager PXE service point role. To install the MDT 2008 Windows Deployment Services PXE filter provider 809.Click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure WDS PXE Filter. 810.When the Install or Remove PXE Filter wizard is displayed, ensure that the Install the PXE filter provider on this computer check box is selected. 811.Click Edit PXEFilter.vbs script. 812.The PXEFilter.vbs script must be edited to specify: •
The System Center Configuration Manager site code of which the PXE service point is currently a site role. Locate sSiteCode = “CEN” in PXEFilter.vbs, and then replace CEN with the three-letter site code for the System Center Configuration Manager site.
•
The System Center Configuration Manager collection identifier to which the unknown computer should be added. Locate sCollection = “CEN0000” in PXEFilter.vbs, and then replace CEN0000 with the collection ID for the collection to which the unknown computers should be added.
Note Also consider modifying the variables sUsername and sPassword. These credentials are required only when the PXE service point server is not on the same computer as System Center Configuration Manager.
813.On the File menu, click Save to save the changes to the PXEFilter.vbs script. 814.Click Finish to complete the installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
139
Enable Logging on the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider The MDT 2008 Windows Deployment Services PXE filter provider logs information using standard Windows Deployment Services channels. To enable MDT 2008 Windows Deployment Services PXE filter logging 815.Start Regedit, and then go to HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\WDSServer\. 816.Edit the EnableFileTracing key so the value is set to 1. 817.Close Regedit. 818.Restart the Windows Deployment Services service. 819.In Notepad, open the %windir%\tracing\wdsserver.log file. 820.Review the wdsserver.log file for any errors encountered when starting Windows Deployment Services. 821.Close Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Per for ming S ta ged Dep lo yment s Us ing Micr osoft D epl oymen t Toolki t (O EM Pr eload) In many organizations, computers are loaded with the operating system image before deployment to the production network. In some instances, loading the operating system image is performed by a team within the organization that is responsible for building the computers in a staging environment. In other instances, loading the operating system image is performed by the computer hardware vendor, also known as an Original Equipment Manufacturer (OEM). Note The OEM preload process is supported in MDT 2008 only for deployments performed using LTI or System Center Configuration Manager. MDT 2008 does not support the OEM preload process for deployments based on Systems Management Server.
Overview of the OEM Preload Process in Microsoft Deployment Toolkit The OEM preload process is divided into three phases: •
Phase 1: Create a media-based image of the reference computer to be applied in the staging environment.
•
Phase 2: Apply the reference computer image to the target computer in a staging environment.
•
Phase 3: Complete deployment of the target computer in the production environment.
Phase 1 and Phase 3 are typically performed by the deployment organization. Depending on the use of the OEM preload process in the organization, Phase 2 may be performed by the organization or by the computer hardware vendor that supplies the computers. If the organization performs Phase 2, then the staging environment is within the organization. If an OEM performs Phase 2, then the staging environment is in the OEM’s environment.
Overview of Microsoft Deployment Toolkit Configuration Files in the OEM Preload Process Separate MDT 2008 configuration files (CustomSettings.ini and Bootstrap.ini) are used by the task sequences run during Phase 1 and Phase 3 of the OEM preload process. However, both configuration files exist simultaneously in different folder structures. In the first phase, the configuration files are used during the creation of the reference computer and are stored in the folder specific to the task sequence used in that phase. The configuration files used in the third and last phase of the OEM preload process are stored in the folder that is specific to the task sequence used in that phase.
Template User Instructions
141
When making modifications to the configuration files, ensure that changes to the configuration file are made that corresponds to the appropriate task sequence in each OEM preload process phase.
Overview of Microsoft Deployment Toolkit Log Files in the OEM Preload Process Separate MDT 2008 log files are generated during Phase 1 and Phase 3 of the OEM preload process. •
The MDT 2008 log files for Phase 1 are stored in the C:\MININT and C:\SMSTSLog folders.
•
The MDT 2008 log files for Phase 3 are stored in the %WINDIR%\System32\CCM\Logs folder for x86-based deployments or in the %WINDIR%\SysWow64\CCM\Logs folder for x64-based deployments.
Use the appropriate folder when diagnosing or troubleshooting MDT-related deployment problems.
Staged Deployments Using Lite Touch Installation For LTI-based deployments, the OEM preload process must be performed using a Removable media (Media) deployment point type. Other deployment point types are not supported for the OEM preload process. To perform the OEM preload process, create a task sequence based on the Litetouch OEM Task Sequence task sequence template, in addition to any task sequences that will be used to deploy the target operating system. Then create a Removable media (Media) deployment point that will ultimately create an .iso file of the deployment point contents, specifically the LiteTouchPE_x86.iso file or LiteTouchPE_x64.iso file (based on the target computer’s processor platform). The deployment point update process also creates a folder structure for that can be used to create Universal Disk Format (UDF) media.
LTI OEM Preload Process - Phase 1: Create a Media-Based Image The first phase in the OEM preload process is performed by the deployment organization. The final deliverable of this phase is a bootable image (such as an .iso file) or media (such as a DVD) that is sent to the OEM or to the staging environment within the deployment organization. Most of these steps are performed in Deployment Workbench. To create a media-based image for delivery to the OEM or to the staging environment within the deployment organization 1. Populate the following nodes for the distribution share in Deployment Workbench: •
Operating Systems
•
Applications
•
Packages
•
Out-of-Box Drivers
For more information about performing this step, see “Populating the Distribution Share” in the MDT 2008 document Workbench Imaging Guide. Solution Accelerators microsoft.com/technet/SolutionAccelerators
142
MSDN 2.0
822.Create a new task sequence based on the Litetouch OEM Task Sequence task sequence template in Deployment Workbench. For more information about performing this step, see “Task Sequences” in the MDT 2008 document Workbench Imaging Guide. 823.Create one or more task sequences that will be used to deploy the target operating system on the target computer after deployment in the production environment. For more information about performing this step, see “Task Sequences” in the MDT 2008 document Workbench Imaging Guide. 824.Create a Removable media (Media) deployment point in Deployment Workbench. For more information about performing this step, see “Deployment Points” in the MDT 2008 document Workbench Imaging Guide. 825.On the deployment_point Properties dialog box, on the Task Sequences tab, select the task sequences created in step 2 and step 3 (where deployment_point is the deployment point created in step 4). For more information on performing this step, see “Deployment Points” in the Workbench Imaging Guide. 826.Update the Removable media (Media) deployment point created in Deployment Workbench in the previous step. When the deployment point is updated, Deployment Workbench creates the LiteTouchPE_x86.iso file or LiteTouchPE_x64.iso file (based on the target computer’s processor platform). For more information about performing this step, see “Update the Deployment Point” in the MDT 2008 document Workbench Imaging Guide. 827.Burn a DVD of the LiteTouchPE_x86.iso file or LiteTouchPE_x64.iso file created in the previous step. Note If delivering the .iso file to the OEM or to the organization’s staging environment, this step is not necessary.
In addition, the media could be a bootable USB flash drive. For more information about creating a bootable USB flash drive, see “Creating Bootable USB Flash Drive” in the MDT 2008 document Workbench Imaging Guide. 828.Deliver the .iso file or the DVD to the OEM or to the organization’s staging environment.
LTI OEM Preload Process - Phase 2: Apply the Image to the Target Computer The second phase of the OEM preload process is performed by the OEM or by the deployment team in the staging environment of the deployment organization. During this phase of the process, the .iso file or DVD created in Phase 1 is applied to the target computers. The deliverable of this phase is the image deployed on the target computers so that they are ready for deployment in the production environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
143
To apply the image to the target computers 1. Start a target computer with the media created in the Phase 1. Windows PE will start, and then the Windows Deployment Wizard will start. 829.In the Windows Deployment Wizard, click the OEM Preinstallation Task Sequence for Staging Environment task sequence. The task sequence will start and the contents of the bootable media will be copied to the local hard disk of the target computer. 830.When the Windows Deployment Wizard is completed for the OEM Preinstallation Task Sequence for Staging Environment task sequence, the hard disk will be ready to initiate the remainder of the deployment process by running the Windows Deployment Wizard for the other task sequences that are used to deploy the operating system. The OEM Preinstallation Task Sequence for Staging Environment task sequence is responsible for deploying the image to the target computer and initiating the LTI process. The Windows Deployment Wizard will start a second time to run the task sequences used to deploy the operating system on the target computer. 831.Clone the contents of the first hard disk to as many target computers in the staging environment as required. 832.The target computers are delivered to the production environment for deployment.
LTI OEM Preload Process - Phase 3: Complete Target Computer Deployment The third and final phase of the OEM preload process is performed in the deployment organization’s production environment. During this phase of the process, the target computer is started and the bootable media image, placed on the hard disk in the staging environment during the previous phase, starts. To complete deployment of the target computers in the production environment 1. Start the target computer. Windows PE will start, and then the Windows Deployment Wizard will start. 833.Complete the Windows Deployment Wizard using the specific configuration information for each target computer. For more information about completing this step, see “Running the Windows Deployment Wizard” in the MDT 2008 document Preparing for LTI Tools. When this phase is complete, the target computer will be ready to use in the production environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
144
MSDN 2.0
Staged Deployments Using System Center Configuration Manager and Microsoft Deployment Toolkit For deployments using System Center Configuration Manager, the standard client deployment task sequence is divided into the following task sequences: •
Preload OEM Task Sequence (Pre-OEM). This task sequence runs during the first phase of the OEM preload process.
•
Preload OEM Task Sequence (Post-OEM). This task sequence runs during the third and final phase of the OEM preload process.
Table 30 lists the high-level deployment phases and how those phases are divided into the Preload OEM Task Sequence (Pre-OEM) and Preload OEM Task Sequence (PostOEM) task sequences. Table 30. Deployment Phases Divided for OEM Task Sequences Deployment Phase
Preload OEM Task Sequence (Pre-OEM)
Initialization
Initialization (the Set Diskpart BIOS Compatibility Mode task sequence step is disabled)
Validation
Validation
State Capture
State Capture
Preinstall
Preinstall (the Set Diskpart BIOS Compatibility Mode task sequence step is disabled)
Install
Includes only the Apply Operating System Image and Prepare Computer for OEM Capture task sequence steps
Preload OEM Task Sequence (Post-OEM)
Post-Install
Post-Install
State Restore
State Restore (the Enable BitLocker task sequence step is disabled)
System Center Configuration Manager OEM Preload Process - Phase 1: Create a MediaBased Image The first phase of the OEM preload process is performed by the deployment organization. The final deliverable of this phase is an image of a reference computer that is sent to the OEM or to the staging environment within the deployment organization. This image can be created as a .wim file using ImageX or other format file types created by other imaging software. Most of these steps are performed in Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
145
To create a media-based image for delivery to the OEM or to the staging environment within the deployment organization 1. Install System Center Configuration Manager with SP1 on all site server roles. For more information about completing this step, see “Preparing the Prerequisite Infrastructure for System Center Configuration Manager 2007” in the MDT 2008 document Getting Started Guide. 834.Install MDT 2008 on the site server that is used to manage deployments. For more information about completing this step, see “Installing MDT 2008” in the MDT 2008 document Getting Started Guide. 835.Run the MDT 2008 Configure ConfigMgr Integration script on the site server on which MDT 2008 is installed. For more information about completing this step, see “Enable Configuration Manager Console Integration” in the MDT 2008 document Preparing for Microsoft System Center Configuration Manager 2007. 836.Create a new task sequence in Configuration Manager console using the Import Microsoft Deployment Task Sequence Wizard; on the Choose Template wizard page, click the Preload OEM Task Sequence (Pre-OEM) task sequence template, and then click the remainder of the configuration choices based on the deployment environment. Note In the OEM preload process for Configuration Manager, specify a .wim image file that is captured from a reference computer. Full operating source files cannot be used with this task sequence.
For more information about completing this step, see “Import MDT 2008 Task Sequences” in the MDT 2008 document Microsoft System Center Configuration Manager 2007 Imaging Guide or “Step 3-1: Create an MDT 2008 Task Sequence for the Reference Computer” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 837.Add the reference computer to the System Center Configuration Manager site database using the Import Computer Information Wizard. Note In the OEM preload process, the reference computer and all target computers are categorized as unknown computers. Unknown computers are computers that do not currently exist in the System Center Configuration Manager site database.
Manually add the reference computer to the System Center Configuration Manager site database using the Import Computer Information Wizard. For target computers, configure the MDT 2008 Web service to import computer information into the System Center Configuration Manager site database; this is discussed in the section “Configuration Manager OEM Preload Process - Phase 3: Completing the Deployment of the Target Computer” later in this guide. For more information about completing this step, see “Step 4-1: Add the Reference Computer to the Configuration Manager Site Database” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 838.Deploy the target operating system to the reference computer. When this step is completed, the reference computer is ready to be captured. The reference computer was configured to boot into an instance of Windows PE for the new computer (also known as a “New Computer” Windows PE configuration). The “New Computer” Windows PE boot image is used in the third and final phase to automatically find the correct distribution point and to complete the deployment process. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
146
MSDN 2.0
For more information about completing this step, see “Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 839.Capture an image of the reference computer. Capture the image by using any imaging software, for example ImageX. Send the captured image to the OEM or your staging environment to be applied to the target computers. 840.Select the method for starting the “New Computer” Windows PE image based on the information in Table 31. Table 31. Methods to Automatically Determine the Deployment Server Start Windows PE image from
Description
Windows Deployment Services
The image is started using PXE. Advantages: •
The System Center Configuration Manager distribution point can be dynamically selected based on the computer running Windows Deployment Services.
Disadvantages:
Local hard disk
•
Makes assumptions about the BIOS start order (a PXE boot is higher in the boot order than other boot methods).
•
Requires the PXE boot environment to be deployed and configured to support this method.
The image is stored on the local hard disk and is configured to boot the “New Computer” Windows PE image. Advantages: •
Makes few assumptions about the target computer configuration and production network environment.
Disadvantages: •
Solution Accelerators
The System Center Configuration Manager distribution point is statically configured as part of the image in the staging environment.
microsoft.com/technet/SolutionAccelerators
Template User Instructions
147
Start Windows PE image from
Description
Local DVD-ROM
The image is burned onto a DVD-ROM and used to manually start the target computers using the “New Computer” Windows PE image. Advantages: •
Allows System Center Configuration Manager distribution points to easily be maintained.
•
Makes few assumptions about the target computer configuration and production network environment.
Disadvantages: •
A large number of DVD-ROMs might be complex to manage and maintain.
841.Deliver the .wim file to the OEM or staging environment within the organization.
System Center Configuration Manager OEM Preload Process - Phase 2: Apply the Image to the Target Computer The second phase of the OEM preload process is performed by the OEM or by the deployment team in the staging environment of the deployment organization. During this phase of the process, the image captured in the previous phase is applied to the target computers. The deliverable of this phase is the image deployed on the target computers so that they are ready for deployment in the production environment. In addition, during this phase of the OEM preload process, the “New Computer” Windows PE image created during the previous phase can be placed on the hard disk in the staging environment, and then be used to start the computer. To apply the image to the target computers 1. Apply the image captured in the previous phase to the hard disk on a target computer. 842.If starting the “New Computer” Windows PE image from the local hard disk, complete the following steps: f.
Place the “New Computer” Windows PE image on a separate partition on the hard disk.
g. Set this partition as the active partition on the local hard disk so that the “New Computer” Windows PE image will start. h. Configure the MDT 2008 configuration files to select the appropriate System Center Configuration Manager distribution point based on where the target computers will be deployed. 843.Replicate the contents of the .wim file to as many target computers in the staging environment as required by: •
Applying the image captured in the previous phase using the process outlined in step 1.
•
Cloning the contents of the hard disk used in step 1.
844.The target computers are delivered to the production environment for deployment. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
148
MSDN 2.0
System Center Configuration Manager OEM Preload Process - Phase 3: Complete Target Computer Deployment The third and final phase of the OEM preload process is performed in the deployment production environment. During this phase of the process, the target computer is started using the “New Computer” Windows PE image. The “New Computer” Windows PE image can be: •
Placed on the hard disk in the staging environment during the previous phase and then started when the computer starts.
•
Started by PXE-booting the “New Computer” Windows PE image from a computer running Windows Deployment Services.
•
Started from a DVD-ROM that was created during the previous phase.
To complete deployment of the target computers in the production environment 1. Create a new task sequence in Configuration Manager console using the Import Microsoft Deployment Task Sequence Wizard; on the Choose Template wizard page, click the Preload OEM Task Sequence (Post-OEM) task sequence template, and then click the remainder of the configuration choices based on the production environment. For more information about completing this step, see “Import MDT 2008 Task Sequences” in the MDT 2008 document Microsoft System Center Configuration Manager 2007 Imaging Guide or “Step 5: Import and Configure a Task Sequence to Deploy the Target Computer” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 845.Make any necessary configuration changes to the MDT 2008 configuration files based on the deployment environment. For more information about completing this step, see “Configuring the Appropriate Processing Rules” in the MDT 2008 document Preparing for Microsoft System Center Configuration Manager 2007. 846.Configure the MDT 2008 Web service to automatically import computer information into the System Center Configuration Manager site database. For more information about completing this step, see “Deploying an Operating System to a New Computer Not in the System Center Configuration Manager Database” in the MDT 2008 document Microsoft Deployment Toolkit Samples Guide. 847.Start the target computer using the “New Computer” Windows PE image, based on the boot method selected in the previous step. The “New Computer” Windows PE will start, and then select the task sequence based on the Preload OEM Task Sequence (Post-OEM) template. Then the task sequence will start. The remainder of the deployment process will complete (see the Preload OEM Task Sequence (Post-OEM) column in Table 25). When this phase is completed, the target computer will be ready to use in the production environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
149
Microsoft® Deployment Toolkit 2008 Office Deployment Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, Excel, Groove, InfoPath, Microsoft Press, Outlook, PowerPoint, SharePoint, Visual Basic, Visual Studio, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Qu ic k-S tar t G ui de and Che ckl is t This section provides a high-level overview of the planning and deployment phases of 2007 Office system deployment.
Planning Phase The primary focus in this phase is to determine how to install 2007 Office system programs on client computers. Project team members along with customer subject matter experts (SMEs) will determine the mix of applications and settings to be deployed. Table 1 shows the high-level steps in the Planning Phase. Table 1. Planning Checklist High-level steps in the Planning Phase q
Determine Microsoft Office application installation requirements. Working with the organization’s SMEs, develop a plan that specifies which 2007 Office system programs will be deployed and which settings will be configured as part of 2007 Office system deployment.
q
Create a data migration plan. The Microsoft Office deployment team will also inventory existing Microsoft Office System data, developing a plan to migrate data to the new applications.
q
Choose a thick or thin image deployment plan. Decide whether Microsoft Office will be deployed as part of the desktop image (thick image) or after operating system image deployment (thin image).
2
Microsoft Deployment Toolkit 2008
Developing Phase Table 2 shows the high-level steps in the Developing Phase. Table 2. Developing Checklist High-level steps in the Developing Phase q
Configure Microsoft Office deployment and customization. Using the Office Customization Tool, create a customized Microsoft Office deployment.
q
Integrate the Microsoft Office deployment with Microsoft Deployment Toolkit 2008. Integrate Microsoft Office into the desktop image (thick image) or to integrate it as a follow-on installation step (thin image).
Stabilizing Phase Table 3 shows the major steps required to accomplish during the Stabilizing Phase. Table 3. Stabilizing Checklist High-level steps in the Stabilizing Phase q
Test the Microsoft Office deployment. Test Microsoft Office installation as part of the overall desktop deployment process, resolving any issues that arise during this phase.
Deploying Phase Monitor installation progress during this phase and respond to any issues. The team may also manage data-migration issues during this phase. Table 4 shows the high-level steps in the Deploying Phase. Table 4. Deploying Checklist High-level steps in the Deploying Phase q
Monitor 2007 Office system deployment. Monitor 2007 Office system deployment during this phase, resolving any issues that may arise with undiscovered hardware configurations.
q
Manage Microsoft Office data conversions. During this phase, users will begin using the new 2007 Office system programs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Applications are an integral part of computer deployments in many organizations today. Because Microsoft Office is often a corporate standard application suite and because of its size, the Microsoft Deployment Toolkit 2008 project treats it as a core application to be included in the base computer image used during the corporate deployment of the Windows Vista® operating system. In this scenario, the Image Engineering and Application Management feature teams install the 2007 Office system on the disk image, and then deploy that disk image throughout the organization. This is called a thick image deployment. In addition to describing how to customize the 2007 Office system, this guide describes an alternative scenario for organizations that have already deployed Windows Vista but have not yet deployed the 2007 Office system. Note The follow-on installation scenario described above is used when deploying Windows Vista as a thin image.
Prerequisites To create a custom 2007 Office system installation, the lab must contain the following items: •
Microsoft Office 2007 Resource Kit
•
A network share to store the 2007 Office release source files
•
A computer on which to install, configure, and customize the 2007 Office system
•
The 2007 Office system volume-licensed media
Ov er vi ew of 2007 Of fice Sys tem Dep lo yment Figure 1 provides an overview of the 2007 Office system upgrade process.
Figure 1. Overview of a 2007 Office system deployment The 2007 Office system deployment process should follow specific milestones that integrate well with overall MDT 2008 milestones and objectives. This guide describes each of the following stages: •
Creating a project plan. As with any project, careful planning leads to greater chances of success. In this phase, the team analyzes current Microsoft Office deployments, plans migration of documents and settings, determines optimal placement of deployment servers, and acquires resources for completing the project.
•
Creating an installation point. The first phase of development, creation of the 2007 Office system installation point, creates a shared folder containing the 2007 Office release installation files.
•
Customizing installation. Most organizations require some changes to the default settings for the 2007 Office release. Consolidate these settings into a Microsoft Office customization file that can then be applied to the installation point.
•
Testing Microsoft Office deployment. Before releasing the 2007 Office system to production, careful testing of the 2007 Office system deployment process ensures that there are no surprises in the field.
•
Deploying to production. The deployment policies are activated to provide the 2007 Office release to client computers.
•
Transitioning to Information Technology (IT) Operations. After the deployment plan has been executed, the deployment infrastructure is handed off to IT Operations for long-term operation and management.
Template User Instructions
5
Plan for Deployment Figure 2 provides a detailed breakdown of the activities accomplished during the Planning Phase. These activities are divided into two categories: establishing the lab and identifying the deployment issues that the feature team must address over the course of the project.
Figure 2. Deployment planning activities
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
MSDN 2.0
Choose the Right Package The 2007 Office release is available in a variety of suites and stand-alone products. Rarely does a single suite meet all an organization’s requirements. For example, the team might deploy Microsoft Office Professional 2007 to most users in the organization but deploy Microsoft Office Professional Plus 2007 to those users who require Microsoft Office InfoPath® 2007 or Microsoft Office Groove® 2007. For the 2007 Office release suites that will be available, see 2007 Microsoft Office System Packaging at http://office.microsoft.com/en-us/products/FX101635841033.aspx.
Define the 2007 Office System Settings Extensive customizations can be made before installing the 2007 Office system on users’ computers. The team can also customize many aspects of the installation process itself. Begin by evaluating who the users are and how they will use the 2007 Office release programs. Some users may work exclusively in English, for example, whereas others may routinely view or edit documents in multiple languages. Consider the following points when planning 2007 Office system customizations, and document them in the Office Upgrade Configuration Plan: •
Should there be a uniform configuration throughout the organization? If multiple users share one computer or if users roam from one computer to another, establish a standard Microsoft Office configuration.
•
How many different configurations of the 2007 Office system are needed and for which groups of users? The Application Management feature team can distribute different configurations of Microsoft Office from a single administrative installation point or compressed CD image.
•
Will the deployment of 2007 Office release programs be staged? Some organizations stagger their deployment of 2007 Office release programs. By using the Office Customization Tool (OCT), the team can specify settings for applications that will be installed later. Use the Office Setup Controller to add 2007 Office release programs to an existing configuration. For example, the team can schedule a Microsoft Office Outlook® 2007 installation to coincide with a mail server upgrade rather than with Microsoft Office installation.
•
What other products will be included in the 2007 Office system installation? The team can specify additional Windows® Installer packages to install with the 2007 Office release. 2007 Office system Setup coordinates these installations after Microsoft Office installation is complete.
•
Should users be able to change the default settings and customize the 2007 Office release programs for themselves, or will settings be enforced? Settings that are distributed in a setup update (.msp) file appear as the default settings when users install 2007 Office release programs, but users can modify them. To enforce settings, use policies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
7
•
Do some users need to keep earlier versions of Microsoft Office programs on their computers? By default, when the 2007 Office system Setup runs in quiet mode, all earlier versions of Microsoft Office programs are removed. The team can specify earlier versions that should be kept, but the flexibility of coexisting versions is limited. For more information, see the Microsoft Help and Support article, “Information about using 2007 Office suites and programs on a computer that is running another version of Office,” at http://support.microsoft.com/kb/928091/en-us.
•
What is the best way to customize Office Outlook 2007 to work in the organization’s messaging environment? In the OCT, Office Outlook 2007 profiles can be created or modified, new e-mail accounts can be set up, or Office Outlook 2007 can be configured to work with a computer running Microsoft Exchange Server.
Four tools are available for analyzing, customizing, and deploying 2007 Office release programs. Some of these tools are built into the 2007 Office release, while others are available as free downloads at the 2007 Office Resource Kit (http://technet2.microsoft.com/Office/en-us/library/9df1c7d2-30a9-47bb-a3b25166b394fbf51033.mspx?mfr=true). Microsoft Office Migration Management Technologies include: •
The OCT.
•
Microsoft Office Migration Planning Manager.
•
Microsoft Office File Conversion Tool.
•
Microsoft Office Setup Controller.
Office Deployment Tools The sections that follow describe the Microsoft Office Migration Management Technologies in detail.
The Office Customization Tool When planning customizations, the OCT is the primary tool, so it is an obvious place to start. Think of the process as taking a dry run through the Setup wizard. During this run, team members can configure settings for each 2007 Office release program, and then save the result to a customization (.msp) file. After a few test runs, team members may want to clear the Completion notice and Suppress modal check boxes and set the Display level to none to create a setup update file for a silent installation. Although the initial settings will likely change, a dry run jump-starts the configuration by showing the possibilities. Spend some time looking at the settings on the Modify User Settings folder to get an idea of which customizations are available. Also, spend some time looking at the Office Security Settings folder. Each setup update (.msp) file that is used roughly corresponds to a configuration for one group of users. Document in the deployment plan each unique configuration and its corresponding setup patch. For example, if the team is deploying two 2007 Office system configurations—one for the majority of the organization and one for users who require Microsoft Office Access 2007—document the updates for each configuration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
MSDN 2.0
Office Migration Planning Manager The Office Migration Planning Manager is a command-line tool with which desktop administrators scan any client computer, file server, Microsoft Office SharePoint® Server 2007 computer, or any other Web-based Distributed Authoring and Versioning (WebDAV)–enabled document library. The Office Migration Planning Manager takes an inventory of all Microsoft Office system files and determines their properties. Known issues are identified within those files so that they can be addressed before they are opened with, or converted to, 2007 Office release programs.
Office File Conversion Tool In the process of upgrading to the 2007 Office system, organizations may want to move all or many of their existing documents to the new Office Open XML Formats. Using the Office File Conversion Tool, desktop administrators can convert documents saved in Microsoft Office 97 through Microsoft Office 2003 formats to the new Office Open XML Formats. By using output from the Office Migration Planning Manager, the Office File Conversion Tool can be employed to run documents through an open-and-save-as process.
Office Setup Controller The Office Setup Controller manages the overall 2007 Office system installation experience. It is responsible for making sure that the local installation source is present and complete. After verifying that each computer has been properly prepared, the Setup engine installs and configures the chosen programs. Changes are made to both the file system and the registry by using the underlying Windows Installer technology, which helps ensure maximum compatibility and robustness for all users. Unlike earlier releases, the 2007 Office system cannot be installed without the use of Setup.exe.
Identify the Upgrade Issues Three primary issues must be addressed when upgrading from earlier Microsoft Office versions to the 2007 Office system. The primary issues are: •
Feature installation states.
•
Settings migration.
•
File-conversion issues.
•
Custom Microsoft Office–based solutions, such as macros and Microsoft Visual Basic® for Applications (VBA).
•
File coexistence with multiple versions of Microsoft Office.
In addition to the packaging and customization, these issues could have a significant effect on the user experience after the 2007 Office system is installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
9
Feature State Migration When running the 2007 Office system Setup interactively, users can choose which applications and features are installed by selecting options from the feature tree that the Setup program displays. 2007 Office system features can be installed in any of the following states: •
Copied to the local hard disk
•
Installed on first use, which means that the 2007 Office system Setup does not install the feature until the first time it is used
•
Not installed but accessible to users through the Add or Remove Programs Control Panel item or in a Command Prompt window
•
Not installed, not displayed during installation, and not accessible to users after installation
By using the OCT, choices can be made for users ahead of time. When users run the 2007 Office system Setup interactively, the installation states that what team members specify in the setup update (.msp) file appear as the default selections. When the 2007 Office system Setup runs quietly, team members’ choices determine how the features are installed. To make an installation more efficient, the 2007 Office system Setup automatically sets default feature installation states in the following circumstances: •
When upgrading to the 2007 Office system, Setup detects and matches feature installation states from the earlier Microsoft Office version. For example, if Microsoft Office Word 2003 is installed to run from the network, the 2007 Office system Setup installs Microsoft Office Word 2007 to run from the network. If Microsoft Office PowerPoint® 2003 is set to Not Available, Setup does not install Microsoft Office PowerPoint 2007.
•
When installing the 2007 Office system under Windows Server® 2003 Terminal Services, Setup applies the most efficient installation state for each feature. For example, because the speech-recognition feature does not run efficiently over most networks and might not be supported by all clients, Terminal Services automatically changes the feature installation state from Installed on First Use to Not Available.
The OCT provides even more control of feature installation states than this section has described. For example, the Application Management feature team can disable featureinstallation states that require a network connection. The team can lock featureinstallation states to prevent users from changing them. For more information about these settings, see the link to the 2007 Office Resource Kit in the section, “Education and References,” earlier in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
MSDN 2.0
Settings Migration By default, if an earlier version of Microsoft Office is installed on a user’s computer, Windows Installer copies the earlier application settings for that version to the 2007 Office system. Migrated settings are applied the first time each user starts a 2007 Office release program, and the user's migrated settings overwrite any duplicate settings added to the setup update. On the Modify user settings page of the OCT, team members can change this behavior. When users install the 2007 Office system with the update, Setup migrates relevant settings from an earlier version. If team members specify their settings on the Modify user settings page and clear the Migrate user settings check box, the migrated settings will not be used. Note The 2007 Office system does not use .ops files for transformations as Microsoft Office 2003 did. Instead, it uses the same setup update file to specify Microsoft Office features and user settings.
File-Conversion Issues The 2007 Office system uses a new, XML-based file format—Office Open XML Formats. This format is currently used in the 2007 Office system programs Excel® 2007, Word 2007, and PowerPoint 2007 files. The new XML-based file formats in these programs enable broader integration and interoperability between Microsoft Office documents and enterprise applications. In addition, 2007 Office system files are all wrapped by using extraction technologies, which allows for easy access to the content parts as well as standard compression, reducing file sizes and improving reliability and data recovery. Users can migrate files created in earlier versions of Microsoft Office programs to Office Open XML Formats by using the Office File Conversion Tool. Because of the new file format, conversion issues may surface during deployment and should be dealt with early in the deployment project life cycle. When identifying file-conversion issues, consider the following: •
Word, Excel, and PowerPoint in Microsoft Office 97, Microsoft Office 2000, Microsoft Office 2003, and Microsoft Office XP share the same file format. Documents created with these versions of Microsoft Office require conversion to edit them with the corresponding 2007 Office release programs.
•
The 2007 Office release programs can convert individual files created with earlier versions of the corresponding Microsoft Office programs, and the 2007 Office release includes the Office File Conversion Tool for converting multiple documents at a time.
•
For backward compatibility, the 2007 Office system can be configured in compatibility mode so that files saved in Word, Excel, and PowerPoint can use the same binary format used by earlier versions of those Microsoft Office programs.
•
For interoperability, apply updates to computers running Microsoft Office XP and Microsoft Office 2003 to allow those versions to save files in Office Open XML Formats.
•
Office Access 2007 uses a new file format, .accdb. For interoperability, save Office Access 2007 files in the Microsoft Office Access 2003 or Office Access 2000 format (.mdb). Office Access 2007 can also open .mdb files for editing.
Note For more information about Office Open XML Formats, see “Microsoft Office Open XML Formats Overview” at http://office.microsoft.com/en-us/products/HA102058151033.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
11
Custom Microsoft Office–Based Solutions Many organizations have used the advanced features of Microsoft Office to develop custom solutions. These organizations apply macros and application programming constructs such as VBA and Microsoft Visual Studio® 2005 Tools for the Microsoft Office System to extend the base functionality of Microsoft Office. Like data-file structures, these macros and programming structures have evolved with Microsoft Office and may require migration strategies to ensure that business requirements continue to be met after the migration to the 2007 Office system. When planning to deploy the 2007 Office system, consider the following questions: •
Is an inventory available of the non-Microsoft and internally built programs and customizations based on the Microsoft Office System?
•
Has each non-Microsoft and internally built Microsoft Office–based solution been tested for compatibility with the 2007 Office system?
When the list of custom Microsoft Office–based applications is complete, develop a plan to modify each application to use 2007 Office system components, if necessary, for coexistence with 2007 Office release applications. Include this plan in the overall 2007 Office system deployment plan.
Coexistence Issues Although an organization may have the goal of migrating everyone to the 2007 Office system, the complete migration of the organization is not likely to occur instantly. A plan must be devised and implemented that permits users of the 2007 Office system to collaborate on documents with teammates who are using earlier versions of the Microsoft Office System. The Migration feature team must understand these issues and identify the effect of each issue on the organization. For example, a company that is migrating from Microsoft Office XP to the 2007 Office system is likely to experience more issues than a company migrating from Microsoft Office 2003. Consider the following questions: •
Which versions of the Microsoft Office System are users running?
•
Which groups of users share documents with which other groups of users? Do they need to share documents in one direction, or will users of the earlier Microsoft Office release be using 2007 Office release documents?
During a 2007 Office system deployment, a variety of solutions is available to enable users to share documents among various Microsoft Office System versions. If the organization is migrating from Microsoft Office 97 to the 2007 Office system, for example, these solutions ensure that users who have not yet migrated can still exchange information with users who have. The solutions that the Application Management feature team uses depend on whether users share documents with other groups. The solutions also depend on whether users share documents one way or two ways and whether they need to change the documents they share. The Application Management feature team can migrate groups of users who do not share documents with other groups to the 2007 Office system at any time without reducing their productivity.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
MSDN 2.0
If a group of users shares documents with other groups, however, the Application Management feature team must decide whether document recipients require read-only access to those documents or whether they must be able to edit and return those documents. If they require read-only access, a larger variety of solutions is available, including file viewers, saving documents as Web pages, and so on. If users must edit and return documents to the sending group, consider restricting both groups to a common file format until both groups have fully migrated to the 2007 Office system. Also, to ensure continuity, plan to migrate dependent groups at the same time.
Identify SMEs In those areas or departments in which 2007 Office system developers have reason to believe that significant issues might arise with the 2007 Office system, ask the department to provide an SME to act as a liaison with the developers. For example, having an SME from the accounting department available to the developers is generally helpful to ensure that all 2007 Office system issues related to the use of Office Excel 2007 are identified and addressed, because accounting departments often use complex Excel workbooks.
Identify Chained Applications Using the 2007 Office system Setup, the Application Management feature team can deploy the 2007 Office release and related applications in one seamless process by chaining additional packages (.msi files) or executable programs. In this scenario, the Setup program first completes the core 2007 Office system installation, and then immediately calls Windows Installer to install the additional programs in the order specified on the Add installations and run programs page of the OCT.
Install 2007 Office System Updates The 2007 Office system Setup automatically installs any updates included in the Updates folder under the installation share. Updates are only installed during Setup. The Application Management feature team can also include security updates and other updates released as .msp files in this folder. The Setup installer automatically includes these updates at installation time.
Additional Considerations The following list describes additional development work that most organizations perform and where to find detailed information in the 2007 Office Resource Kit for each: •
Messaging. A close review of the organization’s messaging needs helps plan the optimal Office Outlook 2007 deployment. Among the configuration and installation choices made are deciding which e-mail messaging server to use with Office Outlook 2007 and timing the Office Outlook 2007 deployment to suit the organization’s needs. Look for ORKMessaging.doc in the 2007 Office Resource Kit documentation folder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
13
•
Multilingual deployment. The Application Management feature team can install, customize, and maintain a single version of the 2007 Office system that meets the organization’s multilingual needs. Through the plug-in language features in the 2007 Office system and Microsoft Office multilingual resources, such as the Multilingual User Interface pack (MUI pack), users in international locales can work in their own languages. The 2007 Office system consists of a language-neutral core to which multilingual packs can be added. Find more information in ORKDeployment.doc and ORKPlan.doc.
•
Security. Security was a major focus in the development of the 2007 Office system. More emphasis was placed on eliminating security flaws than in any earlier release of the Microsoft Office System, which helped produce the most robust level of security to date. However, improper configuration of settings and user methods can still expose administrative and user-level security vulnerabilities. This section addresses specific security issues an administrator should take into consideration when deploying or maintaining a Microsoft Office configuration in a corporate setting. Along with this information are suggestions and recommendations for how to limit exposure to attacks and how to manage the security of a deployed installation through securityrelated policies. For additional information on 2007 Office System security, see the 2007 Office Resource Kit at http://technet2.microsoft.com/Office/enus/library/9df1c7d2-30a9-47bb-a3b2-5166b394fbf51033.mspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
MSDN 2.0
Customize the 2007 Office System Figure 3 shows at a high level the development process for customizing the 2007 Office system.
Figure 3. Process for packaging the 2007 Office system
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
15
Creating a customized 2007 Office system installation is a multi-step process. After creating and testing this package, insert it into the MDT 2008 imaging process so that the customized 2007 Office system configuration can be included automatically in all computer images. To create the custom 2007 Office system installation 848.Create a distribution point. Copy the contents of the 2007 Office system DVD to a network share. Apply any available service packs and updates to the distribution point. 849.Create an .msp file. Start the OCT by running setup /admin. Specify features, user settings, and security settings to be applied. 850.Manually test the configuration. Before adding the 2007 Office system configuration to the MDT 2008 image, manually test it in a lab environment to ensure that it is correct. To do so, copy the .msp file to the \Updates folder and then run Setup. 851.Change the .msp file to perform a silent installation. Run setup/admin again, open the .msp file to be changed, and change the Licensing and user interface page by clearing the Completion notice and Suppress modal check boxes and setting the display level to none.
Create a Distribution Point To create the first distribution point, simply copy all the content on the 2007 Office system DVD to a network share. After copying the Setup files, verify whether any service releases are available for the 2007 Office system and place them in the Updates folder under the network share. The OCT can be used to specify multiple network shares to be used during installation when the distribution point that a given computer uses for installation is offline. When creating such distribution points, it is important to keep all distribution points synchronized, which the team can do by using file replication or a software distribution tool such as Microsoft Systems Management Server (SMS) 2003. Document all distribution points before moving on to the next step.
Integrate Service Releases The 2007 Office system service packs are interim upgrades that address performance, reliability, and security issues. If the deployment plans require it, integrate the latest service release with the existing 2007 Office system source files. Note Download service packs from Office Admin Update Center at http://office.microsoft.com/en-us/FX011511561033.aspx. Service packs are update files with the .msp extension. Use a software-distribution process such as Systems Management Server 2003 to install the service releases.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
MSDN 2.0
Update the 2007 Office system distribution points with current service packs before deploying them. To integrate a service release into a Setup share, copy the .msp files to the Updates folder in the share. (Microsoft Office applications will automatically install any updates found in this folder.) Note Many organizations use Microsoft Update or Windows Server Update Services (WSUS) to download and distribute updates and security fixes to Microsoft operating systems and Microsoft Office. Bear in mind, however, that the amount of time a system remains vulnerable after installation increases proportionally to the amount of time it takes to be fully updated. For this reason, it is helpful to maintain a fully updated 2007 Office system distribution point.
Create a Setup Customization File Use the OCT to define 2007 Office system features, user settings, and security settings for use during 2007 Office system installation. For the 2007 Office release, use the OCT to save settings by application or group of applications. This feature is particularly useful when staging the 2007 Office system deployment; the settings saved in the .msp file can be limited to only those applications the team is deploying at a given time. When creating an .msp file, the OCT allows team members to perform the following tasks: •
Define the path in which the 2007 Office system is installed on users’ computers.
•
Accept the End User License Agreement (EULA), and type a product key on behalf of users who are installing the 2007 Office system from a compressed DVD image.
•
Define the default installation state for 2007 Office release programs and features. For example, the Application Management feature team can install Office Word 2007 immediately on the local computer but set Office PowerPoint 2007 to be installed on demand.
•
Specify 2007 Office system security settings to be applied to the computers.
•
Modify user settings, such as whether Office Word 2007 should use AutoRecovery.
•
Modify 2007 Office release program shortcuts, specifying where they are installed and customizing their properties.
•
Define a list of servers for the 2007 Office system to use if the primary installation source is unavailable.
•
Specify other products to install or programs to run on users’ computers after Setup is complete.
•
Configure Office Outlook 2007 mail settings. For example, specify a default user profile.
•
Specify which earlier versions of Microsoft Office are removed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
17
To create an .msp file 852.On any computer, run setup /admin from the network share previously created. For example, run \\servername\Office12\Setup.exe /admin, where servername is the name of the server on which the source 2007 Office system files reside. 853.Select Create a new Setup customization file for the following product. 854.Select Microsoft Office Professional Plus 2007 (or the chosen edition) from the list of available products, and then click OK. 855.Customize settings on the different pages available through the OCT. 856.From the File menu, click Save As, and then save the .msp file in the network share. (Save all .msp files to the Updates folder.)
Manually Test the Configuration To manually test the custom 2007 Office system package, start with a clean Windows Vista computer that has been recently built, preferably with no other applications installed. Install the 2007 Office system package with a command similar to the following: \\server\share\Setup.exe /config \\server\share\suite.WW\Config.xml (where \\server\share is the server name and share name, respectively, of the distribution point for 2007 Office system and suite.WW is the path to the config.xml file for the Microsoft Office edition being installed). Note
Setup customization files placed in the Updates folder are used automatically.
Team members can iterate through creating and testing the transforms until they meet the organization’s requirements. After these requirements have been met with manual installation, team members can proceed to integrate the package into the MDT 2008 imaging and deployment processes.
Change the Setup Customization File to Perform a Silent Installation After the settings specified in the configuration file are working according to the organization’s policies, Application Management feature team members can change the .msp file so that user interaction is not required during installation. To do so, change the .msp file to perform a silent installation. To change an .msp file 857.On any computer, run setup /admin from the network share previously created—for example, \\servername\Office12\Setup.exe /admin. 858.Select Open an existing Setup customization, and then select the file to be changed. 859.On the Licensing and user interface page, clear the Completion notice and Suppress modal check boxes, and then set the display level to none. 860.Save the file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
MSDN 2.0
Integrate 2007 Office Release Programs into MDT 2008 Team members can integrate 2007 Office system installations with MDT 2008 in one of two ways—either as part of the desktop deployment image (known as a thick image) or after desktop image deployment (known as a thin image).
Thick Image Installations To preinstall the 2007 Office system on the desktop deployment image, execute the appropriate installation commands before collecting the deployment image. Microsoft Office will be installed on the image, allowing the deployment of a complete Windows Vista/2007 Office system image at one time. Doing so increases the size of the desktop image but simplifies Deployment Workbench configuration.
Thin Image Installations To integrate 2007 Office release programs into MDT 2008 as supplemental applications, use the Add Application feature of Deployment Workbench to point to the customized Microsoft Office distribution point. (See the MDT 2008 document, Image Engineering Feature Team Guide, for more details on adding applications.) Deployment Workbench offers customized steps for the integration of the 2007 Office system, taking into account specific requirements of the 2007 Office system in the application settings used to deploy the package. Note To install multiple Microsoft Office programs, add each separately to the applications list contained in Deployment Workbench.
To configure the 2007 Office system using the Deployment Workbench 861.Right-click Applications, and then click New to start the New Application Wizard. Note See the Image Engineering Feature Team Guide for specific guidance on adding applications.
862.Complete the New Application Wizard, using the path and setup commands for the 2007 Office system. 863.Right-click the resulting package, and then click Properties to display the properties sheet for the 2007 Office system (see Figure 4).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
19
Figure 4. Customizing 2007 Office system settings 864.Click the Office Products tab to configure additional Microsoft Office settings. Note In addition to basic settings, this tab also provides access to edit the config.xml file and to run the OCT.
865.Complete configuration settings, and then click Apply or OK to accept changes.
Test 2007 Office System Deployment With the application servers updated with the custom 2007 Office system configuration, the team can begin testing. When the team is satisfied that the 2007 Office system installation is working as planned, the 2007 Office system package is ready for pilot. Testing must be performed to ensure that the 2007 Office system configuration and planned deployment solution function as designed. Divide the testing tasks by functional area, such as the following: •
The deployment server
•
2007 Office system configuration
•
Deployment process testing
Perform testing on a variety of hardware that represents the hardware present throughout the organization. Document all test results for review.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
MSDN 2.0
Pilot 2007 Office System Deployment The solution is ready for the pilot deployment as soon as a full build has been through testing and passed. Follow the pilot plan, revising it as necessary to incorporate new developments in the project. Use the communications and training materials developed to keep users informed as to the nature and progress of the pilot. A well-planned pilot of a sufficiently tested solution should present few surprises.
Candidates for Pilot Deployment SMEs chosen to assist during the 2007 Office system deployment process are natural selections for the pilot deployment. Others can be nominated based on their ability to test critical aspects of the system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
Deploy the 2007 Office System to Production With the Developing and Stabilizing Phases complete, the servers are ready to process computer deployments. Figure 5 provides the detailed task breakdown for the Deploying Phase.
Figure 5. Deploying Phase activities The Deploying Phase includes the following three steps: •
Initiate deployment. The MDT 2008 project deploys the 2007 Office system on client computers by including it in the desktop image (thick image deployments) or by linking it to the image deployment through use of Deployment Workbench (thin image deployments). Subsequent deployments will use the 2007 Office system distribution point. Use Group Policy to publish or assign the 2007 Office system to organizational units (OUs) containing client computers. When a client system is re-imaged, the 2007 Office system is installed as the Group Policy settings direct.
•
Monitor file migration. Migration of existing Microsoft Office program data files may take some time. In addition, some files might not migrate properly. Monitor this process, and intervene when appropriate to ensure business continuity.
•
Resolve deployment issues. Unforeseen issues can arise during a large-scale deployment. Monitor the deployment process closely, and intervene if necessary to preserve business continuity.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
MSDN 2.0
Use Group Policy Microsoft Windows 2000 and later operating systems include tools with which administrators can install and maintain software applications through Group Policy with the Microsoft Active Directory® directory service. For small- or medium-sized organizations that do not have Systems Management Server 2003 and have Active Directory installed, Group Policy can be used to assign computer startup scripts for 2007 Office deployment. For more information, see the Microsoft TechNet article, “Use Group Policy to assign computer startup scripts for 2007 Office deployment,” at http://technet2.microsoft.com/Office/en-us/library/a57c8446-b959-4025-a866b690ddcaa66d1033.mspx?mfr=true.
Transition to IT Operations After the initial deployment is complete and the Application Management feature team has verified that the computers are operating properly, the project is transitioned from the Deployment feature team to IT Operations. The IT Operations group is then responsible for ongoing computer maintenance and support. This process is typically well structured and formal, and documentation, knowledge, and other materials are formally transferred from one group to another.
Microsoft® Deployment Toolkit 2008 Preparing for Microsoft System Center Configuration Manager 2007
Published: July 2008
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
23
For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, Visual Basic, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® System Center Configuration Manager 2007 contains operating system deployment features and, when used with Microsoft Deployment Toolkit (MDT) 2008, offers many advantages over using System Center Configuration Manager alone. Using both tools together provides the benefits of each product—for example, the Pre-Boot Execution Environment (PXE) service point in System Center Configuration Manager and the configuration database in MDT 2008. The MDT 2008 database and existing task sequences can be imported into System Center Configuration Manager using the Import Microsoft Deployment Task Sequence Wizard. MDT 2008 integrates seamlessly into System Center Configuration Manager; combined, these tools offer greater flexibility and time savings by allowing the upgrade of existing Solution Accelerator for Business Desktop Deployment (BDD) 2007 environments to use in the new environment. The deployment process described in this guide takes advantage of and combines the results of other processes in MDT 2008 to accomplish the following tasks: •
Collect hardware and software inventory information using System Center Configuration Manager.
•
Migrate existing user profile information using the Windows® User State Migration Tool (USMT) version 3.0.1 (non-server operating systems only).
•
Configure Windows Deployment Services to start the Windows Preinstallation Environment (Windows PE).
•
Install a Windows Vista®, Windows Server® 2008, Windows Server 2003, Windows XP Professional, or Windows XP Tablet PC Edition operating system image on target computers.
•
Automatically install a Windows Vista, Windows XP Professional, or Windows XP Tablet PC Edition operating system image on target computers using MDT 2008 scripts and the operating system deployment features available in System Center Configuration Manager.
•
Monitor the deployment process using Microsoft System Center Operations Manager 2007 and the MDT 2008 Management Pack.
•
Optionally, copy existing user data and preferences from the target computer to a network deployment server.
•
Optionally, create a backup image of the target computer locally or to a shared folder on a server.
•
Optionally, repartition and format the existing primary hard drive (in New Computer and Replace Computer scenarios).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2
Microsoft Deployment Toolkit 2008
•
Install an operating system image that includes enterprise applications such as the various editions of Microsoft Office 2003 or the 2007 Microsoft Office system.
•
Dynamically install applications that are specific to the target computer model, such as DVD software.
•
Optionally, restore the user data and preferences that were previously stored on the network deployment server.
Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Pr ocess ing Rules At this step in the planning process, configure the appropriate processing rules in the MDT 2008 database based on the environment. The Zero Touch Installation (ZTI) deployment process uses rules defined in the MDT 2008 database to configure target computers. ZTI and Lite Touch Installation (LTI) use a common set of components, which are included in MDT 2008. The six MDT 2008 components are: •
Configuration files. Made up of the BootStrap.ini and CustomSetting.ini files
•
Configuration database. Contains the CustomSettings.ini configuration settings
•
Scripts. Automate the deployment process
•
Task sequences. Comprise a series of steps that complete an overall process without the need for user interaction during the deployment process
•
Environment variables. Contain properties referenced during the deployment process
•
Log files. Contain the log output of the scripts used to complete the deployment process Each of these components is an integral part of MDT 2008. These components must be customized to fully access the rich functionality and features of MDT 2008.
Note that the configuration database contains the elements used to customize the CustomSettings.ini file, which is used during the deployment process to define the settings used on the destination—whether client or server—computer. For a visual representation of the tasks that comprise the deployment process, see the flow charts in the MDT 2008 document, Troubleshooting Reference. For more information about configuring the appropriate processing rules in the MDT 2008 database, see the MDT 2008 document, Deployment Customization Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Dep lo yment En vir onmen t Before deploying images to target computers, ensure that the deployment environment is properly configured to run ZTI. Some of these steps might have already been completed. Skip steps that are complete. To prepare the deployment environment to run ZTI with System Center Configuration Manager, complete the following tasks: •
Install System Center Configuration Manager.
•
Upgrade BDD 2007 to MDT 2008, or install MDT 2008. Note There is a specific upgrade path from BDD 2007 to MDT 2008. For additional information, see the MDT 2008 document, Getting Started Guide.
•
Enable MDT 2008 integration with Configuration Manager console in System Center Configuration Manager.
Install System Center Configuration Manager In most instances, System Center Configuration Manager will already be installed on the deployment server. In instances where this task has not yet been completed and for more information on how to install System Center Configuration Manager on the deployment server, see Configuration Manager Setup Overview at http://technet.microsoft.com/enus/library/bb693836.aspx.
Install MDT 2008 In most instances, MDT 2008 will already be installed on the deployment server. In instances where this task has not yet been completed and for more information on how to install MDT 2008 on the deployment server, see the MDT 2008 document, Getting Started Guide. Note For integrated System Center Configuration Manager support with Deployment Workbench, install MDT 2008 on each computer running Configuration Manager console. In this way, the Configuration Manager 2007 Integration option can be run and data specified for MDT 2008 packages.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
5
Enable Configuration Manager Console Integration Before the System Center Configuration Manager integration features of MDT 2008 can be used, run the Configure Configuration Manager 2007 Integration script. The Configure Configuration Manager 2007 Integration script copies the appropriate System Center Configuration Manager integration files to the Configuration Manager 2007_root (where Configuration Manager 2007_root is the folder in which System Center Configuration Manager is installed). The script also adds Windows Management Instrumentation (WMI) classes for the new MDT 2008 custom actions. The classes are added by compiling a new Managed Object Format (.mof) file that contains the new class definitions. To run the Configure Configuration Manager 2007 Integration script 866.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Configure ConfigMgr 2007 Integration. The Configure Configuration Manager 2007 Integration script starts. 867.In the Site Server Name dialog box, type ConfigMgr_server_name (where ConfigMgr_server_name is the name of the System Center Configuration Manager server on which to install MDT 2008 integration), and then click OK. 868.In the Site Code dialog box, type ConfigMgr_site_code (where ConfigMgr_site_code is the System Center Configuration Manager site code that installs MDT 2008 integration), and then click OK. Note
Configuration Manager console should be closed when performing this procedure.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Resour ce Access During deployment to target computers, the System Center Configuration Manager client connects to the distribution point shares and shared folders. Create accounts within System Center Configuration Manager for the System Center Configuration Manager client to use when accessing these resources. To configure the appropriate resource access 869.Configure the System Center Configuration Manager Network Access account. 870.Create additional shared folders. 871.Configure shared folder permissions. 872.Configure access to other resources.
Configure the Network Access Account The System Center Configuration Manager client needs an account to provide credentials when accessing the System Center Configuration Manager distribution points, MDT 2008 deployment points, and shared folders. This account is called the Network Access account. To configure the Network Access account 873.Create the user account and password in an Active Directory® Domain Services (AD DS) domain. 874.On a computer that has the System Center Configuration Manager administration tools installed, start Configuration Manager console. 875.In the Configuration Manager console console tree, go to Site Database/site/Site Settings, and then click Client Agents. 876.In the details pane, right-click Computer Client Agent, and then click Properties. 877.In the Computer Client Agent Properties dialog box, click the General tab. In Network Access Account, in Account (domain\user), click Set. 878.Complete the Windows User Account dialog box using the information in Table 1, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: Resource Access
7
Table 1. Information Required to Complete the Windows User Account Dialog Box For this
Do this
User name
Type Domain\UserName (where UserName is the name of the user account to be used and Domain is the name of the domain where the user account is located).
Password
Type Password (where Password is the password for the user account to be used).
Confirm password
Type Password (where Password is the password for the user account to be used).
879.Close any open windows.
Create Additional Shared Folders System Center Configuration Manager uses a state migration point (SMP) to store migration data. During the state migration process the data is stored automatically in the SMP, which consists of a share defined in System Center Configuration Manager. The share must be accessible to the computer on which the SMP resides. After configuring the Network Access account, create an additional shared folder in which to store deployment logs. Table 2 lists the shared folder to create and describes the purpose of the folder. System Center Configuration Manager uses an SMP to store migration data, so there is no need to store migration data in this folder. For System Center Configuration Manager to capture and restore user data, it must be configured as a user SMP. For more information about setting up System Center Configuration Manager for this role, see Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx. Table 2. Shared Logs Folder and its Description Shared folder
Description
Logs
Stores the deployment logs during the deployment process. Usually the logs folder resides in SMS_CCM\logs or %windir%\system32\CCM\logs folder when collocated with a client.
Note When configuring the state migration point, refer to the shared folders that will be used for user state storage.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Configure Shared Folder Permissions The shared permissions on the logs folder should include the Systems Management Server Advanced Client account. The default permissions set on the Systems Center Configuration Manager distribution point shares should provide the appropriate resource access. The permissions set allow a target computer to connect to the appropriate share and create deployment logs. The folder permissions should prevent other users or computers from accessing the data stored in the folder.
Configure Access to Other Resources In addition to the shared folders just created, the MDT 2008 scripts might require access to other resources. The most common resources are: •
The distribution point, which uses the user credentials supplied by the Network Access account.
•
The System Center Configuration Manager databases hosted in Microsoft SQL Server® 2005.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng Sys tem Ce nte r Con figu r ation Mana ger to Respond to PXE B oot Requests PXE is a broadcast protocol used to boot a client computer using a network adapter to a PXE service point, which uses Trivial File Transfer Protocol (TFTP) to send information concerning the boot process to the PXE client. The computer requesting services from a PXE service point is the PXE client. The service point in this instance is System Center Configuration Manager, which sends bootstrap code to the PXE client, allowing the computer to start and optionally be controlled for image capture or deployment. System Center Configuration Manager can be configured to respond to PXE boot requests using Windows Deployment Services. This allows System Center Configuration Manager to directly service PXE boot requests received by Windows Deployment Services as a PXE service point, which in turn allows target computers to boot images that System Center Configuration Manager manages using PXE. System Center Configuration Manager can service PXE clients that are defined within the Configuration Manager site database. (System Center Configuration Manager cannot manage computers that are not defined in the System Center Configuration Manager database.) See the section, “Define Computers to System Center Configuration Manager,” later in this document to define computers in System Center Configuration Manager. This section also describes how to integrate Windows Deployment Services into the System Center Configuration Manager environment to assist with PXE requests. Configure a computer running System Center Configuration Manager with the PXE service point role. The PXE service point responds to PXE boot requests made by computers defined in System Center Configuration Manager, and then interacts with System Center Configuration Manager infrastructure to determine the appropriate deployment actions to take. Note In addition to the methods described here, traditional Windows Deployment Services methods can be used for responding to PXE boot requests. For more information, see the Windows Deployment Services Help file included with Windows Deployment Services.
To configure System Center Configuration Manager to respond to PXE boot requests 880.Ensure that the required infrastructure exists to support integration (especially AD DS, Dynamic Host Configuration Protocol [DHCP], and Windows Deployment Services). 881.Configure a computer running System Center Configuration Manager with the PXE service point role. For more information on configuring the PXE service point role in System Center Configuration Manager, see “How to Configure the PXE Service Point” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
882.Import the target computer information, and assign the computer to a System Center Configuration Manager collection. For more information about importing the target computer information, see “How to Add a New Computer to the Configuration Manager 2007 Database” in the Configuration Manager Documentation Library included with System Center Configuration Manager and the section “Define Computers to the System Center Configuration Manager” later in this document. 883.Create and advertise the PXE operating system deployment task sequence to the target collection or device (imported in the previous step). For additional information about: •
Creating task sequences, see “How to Manage Task Sequences” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
•
Advertising task sequences, see “How to Advertise Task Sequences” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Note The task sequence must be advertised by selecting the Make this task sequence available to boot media and PXE check box. If this box is not selected, the task sequence will not be available for PXE deployments.
Define Computers to System Center Configuration Manager System Center Configuration Manager does not support running task sequences on computers that have not been defined in the Configuration Manager site database. To work around this limitation, MDT 2008 offers two scenarios: an operating system media pre-execution hook and PXE boot.
Boot Media MDT 2008 provides an operating system media pre-execution hook. This hook is executed before System Center Configuration Manager checks to determine whether the computer is defined in the Configuration Manager site database. The hook allows the executed command to take steps to add the computer to the Configuration Manager site database. It also adds the computer to a collection so that the computer receives at least one task sequence. To add the script files needed to run a new wizard as part of the pre-execution hook to the boot image being created, in the New Boot Image pane of the Import Microsoft Deployment Task Sequence Wizard, select the Add media hook files for unknown computer support with boot media check box. A URL for a Web service can verify whether the computer is defined to System Center Configuration Manager. The Web service must be deployed to a Web server, and the computer must be added to Configuration Manager console and to a collection. Note For more information about the operating system media pre-execution hook, see Operating System Media Pre-Execution Hook at http://technet.microsoft.com/enus/library/bb694075.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: PXE Boot Requests
11
To set up a Web service to use with the operating system media pre-execution hook 884.Verify that a System Center Configuration Manager server configured with the Service Location Protocol (SLP) exists in the environment. Note This would normally be the central site server, because it needs to know the boundaries of all System Center Configuration Manager sites in the hierarchy. The MDT 2008 Web service will contact the SLP to determine the System Center Configuration Manager site code in which a computer is assigned.
885.Verify that MDT 2008 is installed on a server running Microsoft Internet Information Services (IIS). This does not have to be the same computer used for other MDT 2008 functions, although it typically would exist on that server. The server must have Microsoft .NET Framework version 2.0 installed. Note If Microsoft .NET Framework 2.0 was installed after IIS was installed, run Aspnet_regiis.exe to add Microsoft ASP.NET support to IIS. For more information, see ASP.NET IIS Registration Tool (Aspnet_regiis.exe) at http://msdn2.microsoft.com/enus/library/k6h9cz8h(VS.80).aspx.
886.In the IIS Manager Microsoft Management Console (MMC) snap-in, right-click the default Web site (or any other appropriate Web site), and then click Add Application. 887.Type an alias—for example, MicrosoftDeployment—and then the path; for example, %programfiles%\Microsoft Deployment Toolkit. Note Step 3 works as described for Windows Server 2008. For Windows Server 2003, rightclick the default Web site, click New, and then click Virtual Directory. Type the alias and path, and then click both Read and Execute permissions.
888.Edit the Web.config file in the installation directory—for example, %programfiles%\Microsoft Deployment Toolkit\Web.config—to specify the name of the System Center Configuration Manager server running the SLP, in addition to the name of the server running the central site System Center Configuration Manager provider. Usually, both of these will be set to the same server name. Note The Web service will normally run as the Network Service account. If System Center Configuration Manager is running on the same computer, NT AUTHORITY\NETWORK SERVICE would need permissions to System Center Configuration Manager. If System Center Configuration Manager. is running on a different computer, the computer account (Domain\Computer$) would need permissions. In either case, Web.config can be edited to indicate the account to be used. To do this, remove comments from the entry. The account selected needs to have permissions to import computer entries, check site boundaries, and modify collections.
889.Test the Web service using a Web browser. Specify a URL using the server name and the application created in the previous step. For example, http://servername/MicrosoftDeployment/UnknownComputer.asmx. A Web page will be displayed that indicates the following operations are supported: •
AddComputer
•
GetADSite
•
GetAssignedSite
•
IsComputerKnown
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
890.Click the GetADSite link, and then click Invoke on the resulting page to test the GetADSite Web service. This Web service returns the AD DS site name for the TCP/IP address the client used to connect to the Web service. Note This might not return a valid name if the Web service is executed from a Web browser on the same host, because the loopback address 127.0.0.1 is not a member of an AD DS site.
891.On the original Web page that lists the supported operations, click the GetAssignedSite link. Specify the IP address and subnet address of a client that is within the boundaries of one of the System Center Configuration Manager sites in the hierarchy, and then click Invoke. The subnet address is the IP address with the mask applied. Note If the client's IP address is 10.1.1.1 with a subnet mask of 255.255.255.0, the subnet address would be 10.1.1.0. Verify that the returned site code is correct. If no site code is returned, verify the SLP server name configured earlier, and make sure the site boundaries are configured correctly.
892.On the original Web page that lists the supported operations, click the IsComputerKnown link. Specify either a media access control (MAC) address or a system management basic input/output system (SMBIOS) globally unique identifier (GUID), or both, for a computer already known to a System Center Configuration Manager site, and the site code for that site, and then click Invoke. Verify the results. 893.On the original Web page that lists the supported operations, click the AddComputer link. Specify a site code to which the computer should be added, the computer name to be assigned (this can be a temporary name, because it will be overridden when the computer becomes a System Center Configuration Manager client), at least one of the MAC address and SMBIOS GUID properties, and, optionally, a collection to which the computer should be added. Note This collection must be owned by the specified site. Typically this would be a collection associated with an operating system deployment task sequence.
894.When all of the Web services have been validated, use the Import Microsoft Deployment Task Sequence Wizard to create a new boot image. As part of that boot image creation process, specify that a media hook should be included, and specify the Web service URL that was used in step 6.
PXE Boot System Center Configuration Manager integrates with Windows Deployment Services to support PXE boot known computers. If the computer is not known to the local System Center Configuration Manager site, it will not respond to the PXE request. To work around this problem, MDT 2008 offers a PXE filter, which hooks into Windows Deployment Services and adds new computers to the Configuration Manager site database before Configuration Manager console sees the request. This way, System Center Configuration Manager can respond to the request. A wizard is used to install the new PXE filter. To execute the wizard, click Start, and then click Configure WDS PXE Filter. This action requires that MDT 2008 exist on the Windows Deployment Services server and that Windows Deployment Services be running the Systems Management Server PXE role. The PXE filter calls PXEFilter.vbs, a Microsoft Visual Basic® Scripting Edition (VBScript) file located in the %ProgramFiles%\Microsoft Deployment Toolkit\scripts folder, which determines whether to add the computer to the Configuration Manager site database. Edit the script for each installation to specify the name of the System Center Configuration Manager server, the site code of the server, the collection ID to which new computers are added, and the credentials required for a remote connection to the System Center Configuration Manager provider. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: PXE Boot Requests
13
Note Credentials are required only when the PXE server is not on the same computer as System Center Configuration Manager, because the PXEFilter.vbs script runs in the security context of Local System. If credentials are provided in this scenario, PXEFilter.vbs will not run correctly.
Making these changes to the scripts will result in System Center Configuration Manager responding to PXE requests from all unknown computers. Ensure that operating systems are not deployed to computers for which they were not intended. It might be necessary to edit the scripts to filter the requests using the IP address of the request, or handle only requests received from computers on dedicated staging subnets, and ignore requests without adding the computers to the Configuration Manager site database. Enable logging in Windows Deployment Services to provide additional help with troubleshooting problems related to configuring the PXE filter. For more information on how to enable logging in Windows Deployment Services, see the Microsoft Help and Support article, “How to enable logging in Windows Deployment Services (WDS) in Windows Server 2003,” at http://support.microsoft.com/kb/936625. Note This process is currently only tested and supported for Windows Deployment Services running on Windows Server 2003.
To make the unknown computer support option work correctly 895.Add the PXE server computer account to the Microsoft Systems Management Server (SMS) 2003 Admins security group. 896.Add the following rights within System Center Configuration Manager: •
Sites Class: Administer
•
Collections Class: Create, Modify, Modify Resource, Read, Read Resource
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Iden ti fyi ng t he P ac ka ges and Ima ges Requ ir ed by the Task Sequence Templ ate s Table 3 lists the packages and images that are required by the task sequence templates in MDT 2008. These packages and images must exist (or be created) for the task sequences to run correctly. Table 3. Packages and Images Required by the Task Sequence Templates Included in MDT 2008 This package or image
Contains the
Boot image package
Boot image used to initiate the ZTI deployment process.
Microsoft Deployment Files package
Contents of the MDT 2008 distribution share directory. The files used from the distribution share directory are the scripts and control files.
OS image
Image of the operating system to be deployed to the target computer.
Client package
System Center Configuration Manager client installation files.
USMT package
USMT files used to capture and restore user state.
Custom Settings package
Contains unattended files and customsettings.ini.
Sysprep files package
Contains the specific System Preparation Tool (Sysprep) files defined for a package.
Note Do not use Lite Touch Windows Imaging Format (WIM)–generated boot images from Deployment Workbench (LiteTouchPE_x86.wim) in System Center Configuration Manager. Instead, use the generic WIM image generated from Deployment Workbench in conjunction with System Center Configuration Manager, if needed.
In addition to the packages and images required by the task sequence templates, consider creating and including the following elements in the task sequences to provide similar functionality in Deployment Workbench: •
Application packages. This package includes any applications that will be installed as part of the operating system deployment (similar to the Applications node in Deployment Workbench). These packages are created as packages and programs in System Center Configuration Manager. For more information on how to create these packages, see “Tasks for Software Distribution” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: Import Task Sequences
•
15
Windows package file packages. These packages include any Windows package files (such as language packs, security updates, and service packs) that will be installed as part of the operating system deployment (similar to the OS Packages node in Deployment Workbench). These packages are created as packages in System Center Configuration Manager. For more information on how to create these packages, see “Tasks for Software Distribution” in the Configuration Manager Documentation Library included with System Center Configuration Manager. Note For more information about creating a package that contains language packs, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
•
Device driver package. System Center Configuration Manager uses driver packages to control the distribution of drivers to distribution points. System Center Configuration Manager always considers all available drivers when deciding what is needed for a particular computer. For more information about how to include device drivers in the operating system image, see “How to Install Drivers on a Configuration Manager Client Using a Task Sequence” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ad ver ti sing the Task Sequence Initiate the ZTI deployment process by advertising the task sequences created in System Center Configuration Manager. If System Center Configuration Manager is configured to respond to PXE boot requests, advertising the task sequence automatically configures the boot image referenced in the task sequence for PXE boot. For more information, see the section “Configuring System Center Configuration Manager to Respond to PXE Boot Requests,” earlier in this document. Advertise task sequences to collections using the New Advertisement Wizard. Before running the New Advertisement Wizard, the target collections and desired run-time behavior for the advertisement being created must be known. Read access to the task sequence is required to advertise the task sequence, and the task sequence must exist prior to creating the advertisement. For more information on advertising task sequences, see “How to Advertise Task Sequences” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Upd ating P ac ka ges, Ima ges, and Task Sequences As part of the ongoing management of the deployment process, update the packages, images, and task sequences that are used in the deployment process. These entities are updated using the standard methods that System Center Configuration Manager provides. For example, to update the CustomSettings.ini file used by a task sequence, create a new task sequence in the Import Microsoft Deployment Task Sequence Wizard. For systematic guidance to complete this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide. For more information on updating package data on distribution points, see “How to Update Package Data on Distribution Points” in the Configuration Manager Documentation Library included with System Center Configuration Manager. Use similar methods for updating other packages and images used in the task sequences. Any modifications to the task sequences are automatically incorporated the next time a target computer runs the task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ne xt Steps When System Center Configuration Manager has been prepared for the deployment process, it is ready to begin the imaging process. For additional procedural guidance on using System Center Configuration Manager in the imaging process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide. That guide helps determine the best way to use System Center Configuration Manager and MDT 2008 to help with the imaging and deployment processes used by corresponding teams in the organization’s deployment process.
Microsoft® Deployment Toolkit 2008 Preparing for Microsoft Systems Management Server 2003
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Template User Instructions
19
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
In tr oduct ion The deployment process described in this guide takes advantage of and combines the results of the other processes in Microsoft® Deployment Toolkit (MDT) 2008 to accomplish the following tasks: •
Collect hardware and software inventory information using Microsoft Systems Management Server (SMS) 2003 with Service Pack 2 (SP2) or later. Note Use the Windows® User State Migration Tool (USMT) version 3.0.1 to migrate existing user profile information. USMT supports the migration of multi-user computers. When a single computer has multiple profiles, each with unique user data, USMT need no longer be executed for each user to capture all user states. USMT can capture all user states during a one-time Scanstate execution—including both domain and local users. For more information about how to migrate computer systems with many users, see “Migrate Data on Computers with Multiple Users” in the USMT product documentation.
•
Configure Windows Deployment Services to start Windows Preinstallation Environment (Windows PE).
•
Install a Windows operating system image on target computers automatically using the SMS 2003 Operating System Deployment (OSD) Feature Pack and Zero Touch Installation (ZTI) deployment scripts.
•
Monitor the deployment process using Microsoft System Center Operations Manager 2007 and the MDT 2008 Management Pack. Note To report the proper information in the MDT 2008 Management Pack, the OSDNewMachine property must be properly configured. For more information about ensuring proper operation of Systems Management Server with MDT 2008 and the MDT 2008 Management Pack, see the section, “Configure the OSDNewMachineProperty,” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Management Pack.
•
Optionally, copy existing user data and preferences from the target computer to a network deployment server.
•
Optionally, create a backup image of the user computer to a network deployment server.
•
Optionally, repartition and format the existing primary hard disk (in New Computer and Replace Computer scenarios).
•
Install a Windows operating system image that includes application suites such as Microsoft Office 2003 or the 2007 Microsoft Office system.
•
Dynamically install applications that are specific to the target computer model, such as DVD software.
•
Automatically install previously packaged software specific to the user of the target computer.
•
Optionally, restore the user data and preferences that were previously stored on the network deployment server.
2
Microsoft Deployment Toolkit 2008
In addition, this document provides guidance on where to place deployment servers and other planning information. Note An upgrade feature is available for upgrading to MDT 2008 from Business Desktop Deployment (BDD) 2007. For more information about upgrading to MDT 2008, see the MDT 2008 document, Getting Started Guide. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2003, and Windows Server 2008 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Dep lo yment En vir onmen t Before deploying images to target computers, ensure that the deployment environment is properly prepared to run ZTI. Table 1 shows the high-level steps in ZTI deployment environment preparation. Some of these steps might have already been completed. Skip steps that are complete. Table 1. ZTI Deployment Environment Preparation Checklist High-level steps in ZTI deployment environment preparation q
Install the SMS 2003 OSD Feature Pack.
q
Install MDT 2008.
q
Create the SMS 2003 OSD deployment point.
Install the SMS 2003 OSD Feature Pack Install the SMS 2003 OSD Feature Pack on either a Systems Management Server site server or on a target computer running the SMS Administrator Console. As indicated earlier in this guide, Systems Management Server 2003 with SP1 must be installed on all site servers to support the SMS 2003 OSD Feature Pack. In addition, the SMS Administrator Console included in Systems Management Server with SP1 must be installed. To ensure that more than one target computer can administer the SMS 2003 OSD Feature Pack, install the SMS 2003 OSD Feature Pack on a Systems Management Server site server (recommended). To install the SMS 2003 OSD Feature Pack 897.Extract the setup files that come with the product. 898.Install the SMS 2003 OSD Feature Pack on a Systems Management Server site server and on the SMS Administrator Console. Note Back up the Systems Management Server site server before upgrading Systems Management Server or adding a feature pack. Note For more information about installing the SMS 2003 OSD Feature Pack, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM.
Install MDT 2008 In most instances, MDT 2008 will already be installed on the deployment server. In instances where this task has not been completed and for more information on how to install MDT 2008 on the deployment server, see the section, “Installing MDT 2008,” in the MDT 2008 document, Getting Started Guide.
4
Microsoft Deployment Toolkit 2008
Create the SMS 2003 OSD Deployment Point After MDT 2008 is installed, create the deployment point using the Deployment Point Wizard in Deployment Workbench. Using the Deployment Point Wizard, the following types of deployment points can be managed: •
Lab or single-server deployment (LAB). By default, Deployment Workbench creates a distribution point (shared as Distribution$). Select this option to use the Distribution$ share as the deployment point.
•
Separate deployment share (Network). This option allows creation of a new network share that can be used as a new distribution point. Create the network on the computer running Deployment Workbench or on another computer.
•
Removable media (Media). This option allows creation of a shared folder that can be used to create images for deployment on removable media. This includes deploying from DVDs, external hard disks, or USB storage devices.
•
SMS 2003 OSD (OSD). This option allows creation of a shared folder that can be used to create SMS 2003 OSD Feature Pack–managed images. This option should only be used for ZTI-based deployments.
Note For ZTI deployments, always select the SMS 2003 OSD deployment point; only steps related to that deployment point type will be displayed. Note Create a Lab or single-server deployment point before creating an SMS 2003 OSD deployment point.
To create the deployment point 899.Start Deployment Workbench. 900.In the console tree, right-click Deploy, and then click New. The Windows Deployment Wizard starts. 901.On the Builds can be deployed in several ways page, click SMS 2003 OSD, and then click Next. 902.On the Specify a descriptive name page, in the Deployment point name box, type deployment_point_name (where deployment_point_name is the descriptive name selected), and then click Next. 903.Complete the Specify the location of the network share to hold the files and folders necessary for this deployment type page based on the information listed in Table 2, and then click Next. Table 2. Configuration Options for the Specify the Location of the Network Share to Hold the Files and Folders Necessary for This Deployment Type Wizard Page In this Box
Type
Servername
computer_name (where computer_name is the name of the computer that will host the shared folder)
Sharename
share_name (where share_name is the name of the share to be created on the computer that will host the shared folder)
Path for share
path_name (where path_name is the fully qualified path folder to share on the computer that will host the shared folder)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Preparing the Deployment Environment
5
904.On the Specify where to obtain SMS 2003 OSD files page, in the SMS 2003 OSD path box, type path (where path is the path to the SMS 2003 OSD installation directory), or browse to the file by clicking Browse, and then click Finish. 905.Review the information displayed in the More configuration required dialog box, and then click OK. The Deployment Point Wizard finishes, and the new deployment point name appears in the details pane. The ZTI$ shared folder is created as the deployment point for SMS 2003 OSD Feature Pack deployment point types.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng A pp r opr ia te R esour ce Acces s During deployment to target computers, the Systems Management Server client connects to the distribution point shares and shared folders. Create accounts within Systems Management Server for the Systems Management Server client to use when accessing these resources. Table 3 shows the high-level steps in configuring resources access. Table 3. Resource Access Configuration Checklist High-level steps in configuring resource access q
Configure Systems Management Server client access accounts.
q
Create additional shared folders.
q
Configure shared folder permissions.
q
Configure access to other resources.
q
Configure credentials used in the Package Selection Phase.
Configure Client Access Accounts The Systems Management Server client needs an account to provide as credentials when accessing the Systems Management Server distribution points, the MDT 2008 deployment point, and shared folders. The account to configure is listed in Table 4. Table 4. Accounts That Must Be Configured Account
Description
Systems Management Server Advanced Client Network Access account
Used by the SMS 2003 OSD Feature Pack on Microsoft Windows 2000 Professional and later operating systems to access the distribution point that contains the operating system package.
To configure the client access accounts 906.Create the user account and password in an Active Directory® Domain Services (AD DS) domain. 907.In SMS Administrator Console, right-click the Client node, point to New, and then click Windows User Account. 908.In the Connection Account Properties dialog box, click Set. 909.Complete the Windows User Account dialog box using the information listed in Table 5, and then click OK.
Preparing for Microsoft Systems Management Server 2003: Configure Resource Access
7
Table 5. Information Required to Complete the Windows User Account Dialog Box In this box
Type
User name
UserName (where UserName is the name of the user account to be used)
Password
Password (where Password is the password for the user account to be used)
Confirm password
Password (where Password is the password for the user account to be used)
910.Repeat steps 2–4 for each client access account to be created. 911.In SMS Administrator Console, click the Component Configuration node. 912.In the details pane, right-click Software Distribution, and then click Properties. 913.In the Software Distribution Properties dialog box, click the General tab, type the corresponding account in the Advanced Client Network Access Account box, and then click OK. 914.Close any open windows.
Create Additional Shared Folders After configuring the Systems Management Server client access accounts, create additional shared folders in which to store user state migration data and deployment logs. Table 6 lists the shared folders to create and describes the purpose of each shared folder. For more information about planning for these share folders, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts. Table 6. Shared Folders and Their Descriptions Shared folder
Description
MigData
Stores the user state migration data during the deployment process.
Logs
Stores the deployment logs during the deployment process.
Note The files in Table 6 are recommended shared folder names. Any names can be used for these shared folders. However, the remainder of the deployment process will refer to these shared folders by these names.
Configure Shared Folder Permissions After creating additional shared folders, configure the appropriate shared folder permissions. Ensure that unauthorized users are unable to access user state migration information and deployment logs. Typically, only Write access is required for the Systems Management Server Advanced Client Network Access account, as described in the previous section. In addition, during the “old computer” portion of the Replace Computer scenario, the target computer account must have Write access to save the user state migration information and to write any necessary deployment logs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
To configure the shared folder permissions for each folder listed in Table 6 915.In Windows Explorer, right-click SharedFolder (where SharedFolder is one of the shared folders listed in Table 6), and then click Properties. 916.On the Security tab, click Advanced. 917.On the Permissions tab, clear the Allow inheritable permissions from the parent to propagate to this object and all child objects check box. 918.When the Remove when prompted to either Copy or Remove the permission entries that were previously applied from the parent dialog box appears, click Remove. 919.On the Permissions tab, click Add. 920.In the Enter the object name to select box, type Domain Computers, and then click OK. This action allows domain computers to create subfolders. 921.In the Permission Entry for SharedFolder dialog box, in the Apply onto list, click This folder only. 922.In the Permission Entry for SharedFolder dialog box, in the Permissions list, click Allow for the Create Folders/Append Data permission, and then click OK. 923.Repeat steps 5–8, substituting the account specified for the Systems Management Server Advanced Client Network Access account in the “Configure Client Access Accounts” section. 924.On the Permissions tab, click Add. 925.In the Enter the object name to select box, type CREATOR OWNER, and then click OK. This action allows domain computers and domain users to access the subfolders they create. 926.In the Permission Entry for SharedFolder dialog box, in the Apply onto list, click Subfolders and files only. 927.In the Permission Entry for SharedFolder dialog box, in the Permissions list, click Allow for the Full Control permission, and then click OK. 928.Repeat steps 10–13 for each group or user account to which these required privileges will be granted. The permissions set in these steps allow a target computer to connect to the appropriate share and create a new folder in which to store user state information or deployment logs, respectively. The folder permissions prevent other users or computers from accessing the data stored in the folder. Note The default permissions on the Systems Management Server distribution point shares should provide the appropriate resource access by default.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Configure Resource Access
9
Configure Access to Other Resources In addition to the shared folders created in the previous section, MDT 2008 scripts might require access to other resources. These resources include application or database servers such as Microsoft SQL Server® 2005, SQL Server 2000, Microsoft Exchange Server 2007, or the following: •
•
The distribution point, using the user credentials supplied by the: •
Systems Management Server Advanced Client Network Access account
•
UserID, UserDomain, and UserPassword properties in CustomSettings.ini
Other servers, using the Connect to UNC action
Supply credentials when configuring a Connect to UNC action. In addition to a connection to shared folders, use the credentials supplied in the Connect to UNC action to authenticate to application or database servers. To authenticate on these application or database servers, use the Connect to UNC action to connect to any share on that server. Other connections, such as Named Pipes or Remote Procedure Call (RPC), will use the same credentials supplied in the Connect to UNC action.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Configure the Package Selection Phase Credentials Deployment of the operating system packages to the target computer can be broken down into the phases described in Table 7. These phases occur during different sequences in the deployment process. Table 7. Operating System Deployment Phases and the Credentials Available Phase
Credentials available
Validation
Systems Management Server Advanced Client Network Access account
State Capture
Systems Management Server Advanced Client Network Access account
Package Selection
Systems Management Server Advanced Client Network Access account These credentials in Ripinfo.ini provide access to the distribution point and provide access to the shared folder specified in the [UserCommand] section. Note These credentials are specified when creating the SMS 2003 OSD Feature Pack image installation CD and are encoded and stored in Ripinfo.ini.
Preinstall
Systems Management Server Advanced Client Network Access account
Postinstall
Systems Management Server Advanced Client Network Access account
State Restore
Systems Management Server Advanced Client Network Access account
The account defined when the Image Installation CD image was created is used to make a connection to the share that contains the package automation script (ZeroTouchInstallation.vbs). The Systems Management Server Advanced Client Network Access account is used to access the package source directory, log directories, user data directories, and databases unless the package selection automation script is located on the same server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he ZT I O per ati ng Syste m I ma ge Before configuring the ZTI operating system image, first create an image. For guidance on creating images using the SMS 2003 OSD Feature Pack, see SMS 2003 OSD Image Capture CD topics in Systems Management Server Help. The SMS 2003 OSD Feature Pack defines phases, listed in Table 8, that occur during the deployment of the SMS 2003 OSD Feature Pack image to the target computer. Configure each phase with the appropriate ZTI script settings to fully automate the Windows Vista or Windows XP deployment. Table 8. SMS 2003 OSD Feature Pack Phases, the Custom Action Names, and Their Descriptions Phase
Custom action name Phase description
Validation
Zero Touch Installation— Validation
Performs validation checks to make sure the operating system installation can proceed; specifically blocks installation on server operating systems.
State Capture
Zero Touch Installation—State Capture
Gathers information from the configuration file, databases, and the local computer to determine how the image installation process should proceed, including whether there is enough space to do a local USMT state backup; invokes USMT Scanstate as appropriate.
Preinstall
Zero Touch Confirms that the necessary information has Installation—Preinstall been gathered (or, in a New Computer or Replace Computer scenario, gathers it) It also backs up the computer, if requested.
Postinstall
Zero Touch Installation— Postinstall
Updates the Sysprep.inf file with information gathered in the previous three custom actions and injects drivers, updates, and language packs. Note file.
State Restore
Zero Touch Installation—State Restore
Windows Vista updates the Unattend.xml
Invokes USMT Loadstate to restore the user state that was previously backed up and also installs any packages specified.
12
Microsoft Deployment Toolkit 2008
Before continuing, create an SMS 2003 OSD Feature Pack package and program for the target operating system. For more information on performing these tasks, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM. Note For troubleshooting purposes in the lab environment, consider including the /debug:true option at the end of the command in each phase. This causes the SMS 2003 OSD Feature Pack to preserve the full contents of the C:\Minint folder so that the logs can be reviewed when errors occur.
Capture an Image with the SMS 2003 OSD Feature Pack Before using the Systems Management Server 2003 Image Capture Wizard to prepare and capture an image of the lab computer, make sure the computer is configured to start from the CD drive. Complete the following steps to use the Image Capture CD to capture an image of the lab computer: 929.On the lab computer running the installed build, insert the Image Capture CD created as described in the section, “Creating an Image Capture CD.” 930.On the welcome page of the Systems Management Server 2003 Image Capture Wizard, click Next. 931.On the Image Destination page, complete the following steps, and then click Next: i.
In the Image file name box, type the name of the Windows Imaging Format (WIM) file to create.
j.
In the Network location box, type the Universal Naming Convention (UNC) path in which to store the image file. For MDT 2008, type \\server\Distribution$\Captures, where server is the name of the server that contains the distribution share.
k.
In the Account name box, type the name of an account that has Write permission to the network location. Specify the account using the format Domain\User.
l.
In the Password box, type the password for the account.
932.On the Sysprep information page, complete the following steps, and then click Next: m. In the Local Administrator’s Password box, type the password for the local Administrator account. n. In the Confirm Password box, confirm the password for the local Administrator account. o. In the Sysprep Parameters box, edit the System Preparation Tool (Sysprep) command-line options, if necessary. 933.In the Image Properties dialog box, provide any comments, version information, and developer information as necessary, and then click Next. 934.Click Finish. The Systems Management Server 2003 Image Capture Wizard will run Sysprep, and then shut down the computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Configure the ZTI Image
13
Start the computer using the Image Capture CD. If prompted to press a key to boot from the CD, press any key. The Systems Management Server 2003 Image Capture Wizard captures an image of the lab computer with no interaction. For more information, see the SMS 2003 OSD Image Capture CD topics in Systems Management Server Help.
Configure the OSD Phase Actions Configure the actions to be performed for each OSD phase (listed in Table 8). The action for each OSD phase is essentially the same: Run the ZeroTouchInstallation.vbs script and include all the files in \\servername\ZTI$\TaskSequenceFolder (where servername is the name of the server hosting the distribution point shared folder). The folder \\servername\ZTI$\TaskSequenceFolder is created when an SMS 2003 OSD deployment point is created in Deployment Workbench. This folder is referenced in the various phase actions so that the files located in the folder are included in the OSD operating system image that is distributed to the target computers.
Configure the Validation Phase Actions To configure the Validation Phase actions, perform the following steps: 935.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 936.In the details pane, double-click Program (where Program is the name of the program to configure). 937.In the Program Properties dialog box, click the Advanced tab. 938.In the Phase list, click Validation, and then click Add. The Validation dialog box appears. 939.In the list of action types, click Custom, and then click OK. 940.Complete the custom actions using the information listed in Table 9 (where servername is the name of the server hosting the distribution point shared folder). Table 9. Configuration Information for the Validation Phase Actions Field
Value
Name
Zero Touch Installation—Validation
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Configure the State Capture Phase Actions To configure the State Capture Phase actions, perform the following steps: 941.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 942.In the details pane, double-click Program (where Program is the name of the program to configure). 943.In the Program Properties dialog box, click the Advanced tab. 944.In the Phase list, click State Capture, and then click Add. The State Capture dialog box appears. 945.In the list of action types, click Custom, and then click OK. 946.Complete the custom actions using the information listed in Table 10 (where servername is the name of the server hosting the distribution point shared folder). Table 10. Configuration Information for the State Capture Phase Actions Field
Value
Name
Zero Touch Installation—State Capture
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Configure the Preinstall Phase Actions To configure the Preinstall Phase actions, perform the following steps: 947.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 948.In the details pane, double-click Program (where Program is the name of the program to configure). 949.In the Program Properties dialog box, click the Advanced tab. 950.In the Phase list, click Preinstall, and then click Add. The Preinstall dialog box appears. 951.In the list of action types, click Custom, and then click OK. 952.Complete the custom actions using the information listed in Table 11 (where servername is the name of the server hosting the distribution point shared folder).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Configure the ZTI Image
15
Table 11. Configuration Information for the Preinstall Phase Actions Field
Value
Name
Zero Touch Installation—Preinstall
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Configure the Postinstall Phase Actions To configure the Postinstall Phase actions, perform the following steps: 953.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 954.In the details pane, double-click Program (where Program is the name of the program to configure). 955.In the Program Properties dialog box, click the Advanced tab. 956.In the Phase list, click Postinstall, and then click Add. The Postinstall dialog box appears. 957.In the list of action types, click Custom, and then click OK. 958.Complete the custom actions using the information listed in Table 12 (where servername is the name of the server hosting the distribution point shared folder). Table 12. Configuration Information for the Postinstall Phase Actions Field
Value
Name
Zero Touch Installation—Postinstall
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Configure the State Restore Phase Actions To configure the State Restore Phase actions, perform the following steps: 959.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 960.In the details pane, double-click Program (where Program is the name of the program to configure). 961.In the Program Properties dialog box, click the Advanced tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
962.In the Phase list, click State Restore, and then click Add. The State Restore dialog box appears. 963.In the list of action types, click Custom, and then click OK. 964.Complete the custom actions using the information listed in Table 13 (where servername is the name of the server hosting the distribution point shared folder). Table 13. Configuration Information for the State Restore Phase Actions Field
Value
Name
Zero Touch Installation—State Restore
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting an O ld C ompu ter Syste ms Mana gement Ser ver Pac ka ge and Pr og r am When replacing an existing computer, capture the user state from the existing computer so that it can be restored to the migrated target computer. In this scenario, do not deploy an operating system to the existing computer. Instead, create a Systems Management Server package and program to capture the user state information. This is a standard Systems Management Server package and program—not an SMS 2003 OSD Feature Pack package and program. In a typical deployment scenario, after creating the Systems Management Server package and program, the package and program would be advertized to the existing computers (the computers being migrated). Deployment Workbench automatically creates the source files required to create the Systems Management Server package and program to perform user state capture. The files are stored in the OldComputer folder immediately beneath the folder that is the root folder for the deployment point. For example, if the root folder of the deployment point is C:\ZTI, then the path to the source files for creating the Systems Management Server package is C:\ZTI\OldComputer. The OldComputer folder is created for all SMS 2003 OSD Feature Pack deployment points. However, task sequence–specific folders are created only for task sequences associated with SMS 2003 OSD Feature Pack images. Note Do not use the OldComputer folder to configure an SMS 2003 OSD Feature Pack program or package (using the advance properties of an SMS 2003 OSD Feature Pack program or package). Use the OldComputer folder only to create the standard Systems Management Server package and program.
To create the Systems Management Server package and program to perform user state capture 965.On a computer that has Systems Management Server administration tools installed, open SMS Administrator Console. 966.In the console tree, right-click Packages, point to New, and then click Package. 967.Complete the Package Properties dialog box using the information listed in Table 14, and then click OK. Note Table 14 contains the steps and information required to complete the Package Properties dialog box. Configure other information as appropriate for the environment.
18
Microsoft Deployment Toolkit 2008
Table 14. Completing the Package Properties Dialog Box On this tab
Perform these steps
General
In the Name box, type package_name (where package_name is an appropriate name for the package; for example, Microsoft Deployment Old Computer Package).
Data Source
Click This package contains source files. Click Set. In the Set Source Directory dialog box, in the Source directory, type unc_path (where unc_path is the UNC path to the OldComputer folder on the distribution point; for example, \\nyc-fs-01\ZTI$\OldComputer), and then click OK.
968.In the console tree, go to Packages/package_name (where package_name is the name of the package created in the previous step). Right-click Programs, point to New, and then click Program. 969.Complete the Program Properties dialog box using the information listed in Table 15, and then click OK. Note Table 15 contains the steps and information required to complete the Program Properties dialog box. Configure other information as appropriate for the environment.
Table 15. Completing the Program Properties Dialog Box On this tab
Perform these steps
General
In the Name box, type program_name (where program_name is an appropriate name for the program; for example, Old Computer State Capture). In the Command line box, type ZeroTouchInstallation.vbs /debug:true.
Environment
In the Program can run box, click Whether or not a user is logged on.
970.In the console tree, right-click Advertisements, point to All Tasks, and then click Distribute Software. 971.Complete the Distribute Software Wizard using the information listed in Table 16; accept defaults unless otherwise instructed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating an SMS Package and Program
19
Table 16. Completing the Distribute Software Wizard On this page
Do this
Welcome to the Distribute Software Wizard
Click Next.
Package
Click Select an existing package. In the Packages box, click the package created in step 3, and then click Next.
Distribution Points Click the appropriate distribution points for the environment, and then click Next. Advertise a Program
Click Next.
Select a Program to Advertise
In the Programs box, click the program created in step 5, and then click Next.
Advertisement Target
Click or create a collection that contains the computers to replace (the old computers), and then click Next.
Advertisement Name
In the Name box, type advertisement_name (where advertisement_name is the name for the advertisement), and then click Next.
Advertise to Subcollections
Click to advertise to subcollections as appropriate for the collection selected.
Advertisement Schedule
Click the appropriate schedule for the environment.
Assign Program
Click if the program is mandatory after a period of time based on the environment.
Completing the Distribute Software Wizard
Review the information in the Details box.
Solution Accelerators
Click Finish.
microsoft.com/technet/SolutionAccelerators
Cr ea ting a C us tom iz ed W indo ws PE I ma ge f or t he SMS 2003 OSD Fea tur e Pac k To completely automate the ZTI deployment process using the SMS 2003 OSD Feature Pack, create a customized version of Windows PE for the SMS 2003 OSD Feature pack to use. All deployment scenarios use Windows PE to gather deployment information from target computers or to configure the target computers prior to the deployment of Windows Vista or Windows XP. In ZTI deployments, initiate Windows PE automatically using Windows Deployment Services. To initiate Windows PE using Windows Deployment Services, prepare the Windows PE CDs and legacy images that Windows Deployment Services will use. Prepare the Windows PE CDs and legacy images using Deployment Workbench or manually. Although the Windows PE CDs and legacy images can be created manually, Microsoft recommends using Deployment Workbench. Note The steps in this section must be completed regardless of the method used to initiate Windows PE (including Windows Deployment Services or Systems Management Server advertisement).
Create a Windows PE boot image file using the SMS 2003 OSD Feature Pack. Note that the image file that the SMS 2003 OSD Feature Pack creates cannot be customized and does not include Windows Management Instrumentation (WMI). To create a customized Windows PE boot image, use Deployment Workbench or a custom process. Deployment Workbench adds WMI and makes other necessary changes to the Windows PE boot image. Note If the image being created will not be used on a Windows Deployment Services server, skip any instructions in this section that refer to Windows Deployment Services or Remote Installation Service (RIS).
To prepare the Windows PE CDs and legacy images 972.Customize Windows PE using Deployment Workbench or manually. 973.Provide access to the contents of the International Organization for Standardization (ISO) file created in step 1. 974.Import the customized version of Windows PE into the SMS 2003 OSD Feature Pack. 975.Create the SMS 2003 OSD Feature Pack Image Installation CD based on the customized Windows PE image.
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
21
Customize Windows PE Customize the version of Windows PE used in ZTI-based deployment manually or using Deployment Workbench. For ZTI-based deployments, use Windows PE 2004 or Windows PE 2005. When customizing Windows PE, operating system source files are required to provide the files needed to build a bootable version of Windows PE. Table 17 lists the versions of Windows PE and the operating system source files required to build the corresponding version of Windows PE. Table 17. Windows PE Versions and Required Operating System Source Files Windows PE version
Required operating system source files
Windows PE 2004
Windows XP with SP2
Windows PE 2005
Windows Server 2003 with SP1
Customize Windows PE Using Deployment Workbench Use Deployment Workbench to prepare a Windows PE ISO file. First burn the ISO file onto a CD; then, create an SMS 2003 OSD Feature Pack image from the CD. From there, create an SMS 2003 OSD Feature Pack package based on the Systems Management Server image. Transfer the same image to a Windows Deployment Services server as a legacy image. Note If customizing the Windows PE image manually, skip this section and continue in the section, “Customize Windows PE Manually,” later in this document.
To prepare the Windows PE CDs and legacy images using Deployment Workbench 976.Add the appropriate operating systems to Deployment Workbench. 977.Configure the Windows PE 2004/2005 tab. 978.Update the deployment point. Note Updating the deployment point creates both an ISO file and a “flat” source folder that can be used to update Systems Management Server without actually burning the created ISO file to CD media.
Add the Appropriate Operating Systems Before preparing the Windows PE CDs and legacy images, add the Windows PE 2004 or Windows PE 2005 operating system to Deployment Workbench. These become the Windows PE source for MDT 2008 ZTI deployments using the SMS 2003 OSD Feature Pack. In addition, add a version of Windows XP with SP2 or Windows Server 2003 with SP1 to Deployment Workbench. Customizing Windows PE 2004 or Windows PE 2005 for ZTI to use requires certain files from these operating systems. Add the version of Windows (Windows XP with SP2 for Windows PE 2004 or Windows Server 2003 with SP1 for Windows PE 2005) using the New OS Wizard in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
To add the new operating system Note Skip any wizard pages that are not displayed based on the operating system source selected.
979.Open Deployment Workbench. 980.In the console tree, expand Distribution Share, right-click Operating System, and then click New. The New OS Wizard starts. 981.On the OS Type page, click one of the options listed in Table 18 based on requirements, and then click Next. Table 18. Operating System Type Options Option
Description
Full set of source files
An operating system when files are the source. These files can be stored on a DVD or other folder structure made from a product DVD.
Custom Image File
A custom image file.
Windows Deployment Services images
An operating system in which the source is stored in an image file on a Windows Deployment Services server.
982.Based on the option selected in Table 18, complete the steps listed in Table 19. Table 19. Tasks to Perform for the Operating System Type Options Option
Perform these steps
Full set of source files
On the Source page, in the Source directory box, type source_directory_name (where source_directory_name is the fully qualified path to the operating system source files), and then click Next.
Custom Image File
On the Image page, in the Source file box, type source_file_name (where source_file_name is the fully qualified path to the WMI file), and then click Next.
Windows Deployment Services images
On the WDS Server page, in the Server name box, type server_name (where server_name is the name of the Windows Deployment Services server on which the image to add resides), and then click Next.
983.On the Specify the destination page, in the Destination directory name box, type destination_directory_name (where destination_directory_name is the fully qualified path to the folder into which the operating system will be copied), and then click Finish. The New OS Wizard finishes, and the new operating system appears in the details pane. Note
Repeat this procedure for each operating system to be added.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
23
Configure the Windows PE 2004/2005 Tab Before creating the ISO file that contains a customized version of Windows PE, configure the Windows PE 2004/2005 tab in the properties sheet of an SMS 2003 OSD Feature Pack deployment point. Configuring the Windows PE 2004/2005 tab provides Deployment Workbench with the necessary information to automatically customize Windows PE. To configure the Windows PE 2004/2005 tab 984.Open Deployment Workbench. 985.In the console tree, expand Deploy, and then click Deployment Points. 986.In the details pane, right-click osd_deployment_point (where osd_deployment_point is a deployment point used to prepare Windows PE), and then click Properties. Note Windows PE 2004 and Windows PE 2005 operating system source directories are used only in conjunction with SMS 2003 OSD Feature Pack deployment points.
987.In the osd_deployment_point Properties dialog box (where osd_deployment_point is the deployment point used to prepare Windows PE), click the Windows PE 2004/2005 tab. 988.In the Windows PE source box, click windows_pe_source (where windows_pe_source is the source for Windows PE that the New OS Wizard created in the Operating Systems node under the Distribution Share node in Deployment Workbench). 989.In the Windows source box, click windows_source (where windows_source is the source for Windows XP with SP2 for Windows PE 2004 or Window Server 2003 with SP1 for Windows PE 2005 that the New OS Wizard created in the Distribution Share/Operating Systems in Deployment Workbench). 990.In the Images to Generate section, select the Generate a flat bootable ISO image check box. 991.In the Driver Injection section, in the Driver group box, click driver_group (where driver_group is the driver group in the Out-of-Box Drivers node under the Distribution Share node in Deployment Workbench). Only the drivers contained in this group will be injected. 992.In the Driver Injection section, click Include all network drivers in the selected group to include all network drivers, and then click driver_group (where driver_group is the driver group in the Out-of-Box Drivers node under the Distribution Share node in Deployment Workbench). Note The SMS 2003 OSD Feature Pack uses only x86 versions of Windows PE. Even if a 64bit operating system is being deployed, the appropriate x86 drivers must be included for the Windows PE version that the SMS 2003 OSD Feature Pack uses.
993.Optionally, in the Windows PE Customizations section, in the Custom background bitmap file box, type bitmap (where bitmap is fully qualified path and file name for the bitmap image file). 994.Optionally, in the Windows PE Customizations section, in the Extra directory to add box, type folder (where folder is the fully qualified path to a folder to include in the Windows PE image). 995.Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Update the Deployment Point To create or update the ISO file that contains the customized version of Windows PE, update the deployment point. Updating the deployment point instructs Deployment Workbench to create a customized version of Windows PE using the configuration settings on the Windows PE 2004/2005 tab. To update the deployment point 996.Open Deployment Workbench. 997.In the console tree, expand Deploy, and then click Deployment Points. 998.In the details pane, right-click osd_deployment_point (where osd_deployment_point is a deployment point that contains the Windows PE image to update), and then click Update. Note Windows PE 2004 and Windows PE 2005 operating source directories are used only in conjunction with SMS 2003 OSD Feature Pack deployment points.
The update finishes, and the Generic_OSD_x86.iso file appears in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). In addition, a “flat” folder structure is created in the deployment_point_share\Boot\Source folder for directly updating the SMS 2003 OSD Feature Pack.
Customize Windows PE Manually To prepare Windows PE CDs and legacy images manually, perform the following steps: 999.Add support to Windows PE for additional network adapters. 1000.Add WMI support to Windows PE. 1001.Create customized Windows PE images. 1002.Create the ISO file that will be used to create a CD that the SMS 2003 OSD Feature Pack Wizard will use. For more information about Windows PE, Windows Deployment Services, and using Windows Deployment Services to deploy Windows PE, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, included on the SMS 2003 OSD Feature Pack CD-ROM. Note The SMS 2003 OSD Feature Pack uses only x86 versions of Windows PE. Even if an 64-bit operating system is being deployed, the appropriate x86 drivers must be included for the Windows PE version that the SMS 2003 OSD Feature Pack uses.
Add Network Adapter Support to Windows PE Ensure that Windows PE has the appropriate network adapter support for all the adapters in the organization. Deployment Workbench can automatically include any device drivers defined in Deployment Workbench in the Windows PE image. Or, the device drivers can be restricted to only network adapters. The steps for adding device driver support to Windows PE using Deployment Workbench are discussed in the section, “Configure the Windows PE 2004/2005 Tab,” earlier in this guide. For more information about adding support to Windows PE for additional network adapters manually or using other methods, see the following information: •
Microsoft Deployment Toolkit 2008 Deployment Concepts. This MDT 2008 guide provides information about building a custom Windows PE image that contains all the necessary drivers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
•
25
Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide. This guide provides information about using the Operating System Image Installation CD Wizard to update the SMS 2003 OSD Feature Pack version of Windows PE if drivers must be added that were missed when building the custom Windows PE image.
Add WMI Support to Windows PE The version of Windows PE created by Deployment Workbench automatically includes WMI support. If a different method is used to create Windows PE images, add WMI support to the Windows PE images. For example, if the version of Windows PE that is included with the SMS 2003 OSD Feature Pack does not include WMI support. Note WMI support is required for ZTI to function. Add WMI support to any customized Windows PE image that will be used with ZTI.
Although Windows PE images can be created manually, Microsoft recommends using Deployment Workbench. Windows PE images can be built, configured, and customized using Deployment Workbench. For more information about creating images using Deployment Workbench, see the MDT 2008 document, Workbench Imaging Guide. For more information about how to add WMI support to Windows PE, see the Microsoft Windows Preinstallation Environment User’s Guide (Winpe.chm) in the Docs folder of the Windows PE 2004 CD.
Create a Customized Windows PE Image After adding support for additional network adapters and WMI, begin creating customized Windows PE CDs. To create a customized Windows PE image manually 1003.Use Mkimg.cmd to create the Windows PE image. Note For more information about using Mkimg.cmd to create the Windows PE image, see the Microsoft Windows original equipment manufacturer (OEM) Preinstallation Kit (OPK), or review the Winpe.chm file in the Docs folder of the Windows PE version 1.5 CD.
1004.Make the appropriate modifications to Winbom.ini. 1005.Customize the Windows PE splash screen (necessary only if the image is to be used on Windows Deployment Services servers). 1006.Create the ISO file the SMS 2003 OSD Feature Pack wizards will use.
Modify Winbom.ini To make the appropriate modifications to Winbom.ini, perform the following steps: 1007.Open the Winbom.ini file in Microsoft Notepad. 1008.In the WinPE section, on a new line type Quiet=Yes. 1009.Save the file, and then close Notepad. 1010.Copy the Winbom.ini file to the I386\System32 folder in the Windows PE image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Customize the Windows PE Splash Screen Note This step is necessary only if the Windows PE image will be used on Windows Deployment Services servers.
To replace the default Windows PE splash screen with a custom splash screen 1011.On the Windows Deployment Services server, open Windows Explorer. 1012.Go to RISSourcePath (where RISSourcePath is the path to the WinPE folder in the Windows PE image to modify—for example, D:\WinPE15\Winpe). 1013.Rename the existing Winpe.bmp file as Winpe_Original.bmp. 1014.Copy PersonalizedBMP (where PersonalizedBMP is the file name of the customized splash screen to be displayed) to Winpe.bmp, and then close Windows Explorer. An additional step must be performed if creating the Windows PE image manually: •
Create the directory structure \Documents and Settings\All Users\Application Data. These directories will be empty, but they are required for the Rsaenh.dll file the task sequencer uses. If these directories are not present, the task sequencer cannot execute.
Create the ISO File for the SMS 2003 OSD Feature Pack Wizards To create the ISO file for the SMS 2003 OSD Feature Pack wizards, perform the following steps: 1015.In a Command Prompt window, go to WindowsPEFiles (where WindowsPEFiles is the folder where the Windows PE files are located). 1016.Type oscdimg -betfsboot.com -n -h sourcefolder isofile (where sourcefolder is the folder where the Windows PE source files are located and isofile is the fully qualified path and file name of the ISO file to create), and then press ENTER. For example: oscdimg -betfsboot.com -n -h “e:\WindowsPE_2005_Source” d:\Distribution\Boot\Generic_OSD_x86.iso This example creates a no-emulation bootable (-betfsboot.com) ISO image with long file name support (-n). When the image is built, any hidden files are included (-h). The source directory is E:\WindowsPE_2005_Source. The output file is Generic_OSD_x86.iso and placed in the D:\Distribution\Boot folder. 3. Store the ISO file created in step 2 in the Boot folder of the distribution point to be used. Name the ISO file Generic_OSD_x86.iso for 32-bit versions of Windows PE. Note The remaining steps in the process assume that the ISO naming convention indicated in the preceding steps is used and that the ISO file resides in the Boot folder of the target distribution point. If using a different naming convention or storing the ISO file in a different folder, substitute the custom ISO file name and folder in the remaining steps.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
27
Provide Access to the Contents of the Windows PE ISO File To import the customized Windows PE image ISO file into the SMS 2003 OSD Feature Pack, provide access to the contents of the ISO file. The Update Windows PE Wizard in the SMS 2003 OSD Feature Pack must copy the contents of the ISO file to create a WIM file that the SMS 2003 OSD Feature Pack can use. To provide the Update Windows PE Wizard to the contents of the Windows PE ISO file •
Burn the contents of the ISO file to a CD. The ISO file that was created contains the customized version of Windows PE. The CD burned will be a copy of that image. Note Do not burn the image file itself onto the CD (that is, do not create a CD that contains the ISO file). Instead, burn the contents of the image onto the CD (the files inside the ISO file).
•
For servers without local CD-ROM drives, load the ISO file on the computer running Systems Management Server (with a site server role) using the Microsoft Virtual CD-ROM Control Panel item or another, similar software tool. Install Virtual CD-ROM Control Panel on the computer with the Systems Management Server site server role that has the SMS 2003 OSD Feature Pack installed.
•
Use the contents of the source directory E:\WindowsPE_2005_Source.
For more information about these methods, see the Microsoft Help and Support article, “How to customize Windows PE by using the source files that are included with the Microsoft SMS 2003 Operating System Deployment (OSD) Feature Pack,” at http://support.microsoft.com/kb/916902.
Import the Customized Version of Windows PE into the SMS 2003 OSD Feature Pack To import the Windows PE image into the SMS 2003 OSD Feature Pack, perform the following steps: 1017.On the computer with the Systems Management Server site server role on which the SMS 2003 OSD Feature Pack is installed, start SMS Administrator Console. 1018.Right-click Image Packages, point to All Tasks, and then click Update Windows PE. 1019.Complete the Update Windows PE Wizard using the information listed in Table 20.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Table 20. Information for Completing the Update Windows PE Wizard On this page
Do this
Welcome to the Update Windows PE Wizard
Click Next.
Windows PE Settings
In the Source folder box, type the path to the flat folder contents of the Windows PE ISO file or to the deployment_point\Boot\Source folder that Deployment Workbench creates, and then click Next.
Window PE Update Complete
Click Finish.
Note The source folder location cannot be a network UNC path. It must be a locally accessible folder, because the SMS 2003 OSD Feature Pack will skip empty folders when accessed over a network path. This causes WMI not to function correctly in the resulting Windows PE image.
1020.Close SMS Administrator Console.
Create the SMS 2003 OSD Feature Pack Operating System Installation CD After importing the customized version of Windows PE into the SMS 2003 OSD Feature Pack, create the ISO file that contains the SMS 2003 OSD Feature Pack operating system installation CD. Use the SMS 2003 OSD Feature Pack operating installation CD to initiate the ZTI deployment process when unable to initiate the process using the Systems Management Server client or Windows Deployment Services. Start the target computer with the SMS 2003 OSD Feature Pack operating system installation CD to initiate the ZTI deployment process. When the process is initiated, the rest of the ZTI deployment process occurs without user interaction. To create the SMS 2003 OSD Feature Pack operating system image installation CD 1021.In SMS Administrator Console, right-click the Image Packages node, point to All Tasks, and then click Create Operating System Image Installation CD. 1022.Complete the Operating System Image Installation CD Wizard using the information listed in Table 21.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
29
Table 21. Completing the Operating System Image Installation CD Wizard On this page
Do this
Welcome to the Operating System Image Installation CD Wizard
Click Next.
Installation Settings
Select the Automatically choose the OS Package to install by running a custom program or a script check box, and then click Next.
Install from SMS Distribution Points
Ensure that the central site server is specified in the list of servers, click Select All, and then click Next.
Automatically Select Operating System Package
In the File name box, type \\servername\ZTI$\ZeroTouchInstallation.vbs (where servername is the name of the server hosting the shared folder). Note The ZeroTouchInstallation.vbs file must reside on the same server as the distribution point on which the image packages reside, because a second set of credentials cannot be provided to connect to a different server (Connect to UNC). Note In the lab environment, add the /debug:true option to the end of the argument to provide additional debugging and troubleshooting information using dialog boxes in Windows PE.
In the User name box, type SMSClientAccount (where SMSClientAccount is the name of the client account created in the section, “Configure Client Access Accounts,” earlier in this document). In the Password box and Confirm password box, type Password (where Password is the password of the client account created earlier in the deployment process). Note This account can actually be any account with appropriate access to the network shares, but using the Network Access account is a typical choice.
Click Next. Note The account credentials are stored on the installation CD in an encrypted format.
Windows PE Settings
If additional network drivers are required, select the Include additional network drivers from this location check box, and then type DriverPath (where DriverPath is the fully qualified path to any additional network drivers required in the environment). If additional storage drivers are required, select the Include additional storage drivers from this location check box, and then type DriverPath (where DriverPath is the fully qualified path to any additional storage drivers required in the environment). Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
On this page
Do this
Create CD Image
In the Name box, type CDName (where CDName is the name of the CD image). In the File name box, type CDFileName (where CDFileName is the file name for the CD image).
Wizard Complete
Click Finish.
1023.Generate a CD of the operating system image contents. Note Do not burn the image file itself onto the CD (that is, do not create a CD that contains the ISO file). Instead, burn the contents of the image onto the CD (the files inside the ISO file).
The SMS 2003 OSD Feature Pack Operating System Installation image contains the Ripinfo.ini file, which in turn contains: •
The commands for the script used to automate the installation.
•
The list of available packages in the image.
•
Encrypted credentials used to access required network shares.
•
The management point name and port.
Update the images when any of the listed items change. Although the Ripinfo.ini file can be edited directly, a new image should be created using the Operating System Image Installation CD Wizard. The wizard will automatically update Ripinfo.ini to reflect any changes in the commands or available packages. Note If the image just created will be used on a Windows Deployment Services server, skip to the section, “Preparing the Windows Deployment Services Server.” Otherwise, continue the process in the section “Running the Deployment Wizard.”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the W indo ws Dep lo yment Ser vi ces Se r ver When deploying to target computers that are not managed by Systems Management Server, initiate the image installation process using Windows Deployment Services. In the ZTI deployment process, the Windows Deployment Services servers are responsible for installing Windows PE on the target computers. Start Windows PE from Windows Deployment Services to prepare the target computer for operating system image deployment. Note Windows Deployment Services performs the same functions as RIS in SMS 2003 OSD Feature Pack–based deployments. The SMS 2003 OSD Feature Pack is required by ZTI and is only compatible with RIS methods of deployment.
Ensure that the Windows Deployment Services servers have: •
Appropriate flat file image structures.
•
Copies of the Windows PE images when they become available from the development team that creates them. These images might not be ready until the end of the Developing Phase.
For more information about: •
Setting up and configuring the Windows Deployment Services server running in Legacy or Mixed mode, see “Deploying the OS Deployment Package Using RIS” in the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM.
•
Adding additional network drivers to the Windows Deployment Services legacy image on a Windows Deployment Services server, see the section, “Add Network Adapter Support to the Windows Deployment Services Legacy Image” later in this document.
Select the Windows Deployment Services Operational Mode Windows Deployment Services performs the same functions as RIS in SMS 2003 OSD Feature Pack–based deployments. The SMS 2003 OSD Feature Pack is required by ZTI and is only compatible with RIS methods of deployment. To use Windows Deployment Services, run Windows Deployment Services in Legacy mode or Mixed mode. Table 22 compares the operating modes of Windows Deployment Services.
32
Microsoft Deployment Toolkit 2008
Table 22. Windows Deployment Services Operating Modes Mode
Description
Legacy
Functionally equivalent to RIS. This configuration only supports:
Mixed
Native
•
OSChooser as the boot operating system.
•
Images created using Risetup.exe or Riprep.exe.
•
Administration using the normal RIS tools.
Allows compatibility with RIS and Windows Deployment Services. This configuration only supports: •
OSChooser or Windows PE as the boot operating system.
•
Risetup.exe, Riprep.exe, or WIM images.
•
Administration using the normal RIS tools or Windows Deployment Services management tools.
Provides support only for Windows Deployment Services and is incompatible with the SMS 2003 OSD Feature Pack and ZTI. This configuration only supports: •
Windows PE as the boot operating system.
•
WIM images.
•
Administration using the Windows Deployment Services management tools.
Note The SMS 2003 OSD Feature Pack only supports RIS compatibility. In Mixed mode, only the functionality that Legacy mode provides for ZTI deployments can be used. However, other Windows Deployment Services features can be used for LTI deployments.
In ZTI deployments that use the SMS 2003 OSD Feature Pack, using Windows Deployment Services is identical to using RIS. To configure Windows Deployment Services for ZTI and the SMS 2003 OSD Feature Pack, follow any RIS-related guidance in this document. For more information on configuring Windows Deployment Services to run in Legacy or Mixed modes, see: •
Windows Deployment Services Update Step-by-Step Guide, included in Windows Deployment Services.
•
Windows Deployment Services Help files.
Configure the Windows Deployment Services Server Perform additional Windows Deployment Services legacy (that is, RIS) image configuration specific to using Windows PE in the ZTI deployment process. To configure the Windows Deployment Services server to support Windows PE in the ZTI deployment process 1024.Disable the creation of the Windows PE computer account in the AD DS domain. 1025.Disable Windows PE logging on the Windows Deployment Services server. 1026.Automate the Windows Deployment Services Client Installation Wizard. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
33
1027.Add support to the Windows Deployment Services legacy (RIS) image for additional network adapters. 1028.Transfer the Windows PE CD images to the Windows Deployment Services servers. 1029.Restart the Windows Deployment Services service on the Windows Deployment Services servers on which the Windows Deployment Services legacy images were installed.
Disable Creation of the Windows PE Computer Account in the AD DS Domain During the ZTI deployment process, Windows PE creates a computer account in the AD DS domain by default. The computer name that Windows PE uses is temporary, and the account is no longer needed after Windows PE has prepared the target computer for Windows XP deployment. To modify the Ristndrd.sif file to disable the creation of computer accounts in the AD DS domain 1030.On the Windows Deployment Services server, open Notepad. 1031.In Notepad, open RISTemplatePath\Ristndrd.sif (where RISTemplatePath is the path to the Template folder of the Windows PE image to modify—for example, \RemoteInstall\Setup\English\Images\RIS\I386\Templates). 1032.In the [OSChooser] section, change ImageType =Flat (illustrated in Listing 1) to ImageType =WinPE, (illustrated in Listing 2). Listing 1. Ristndrd.sif Before the Modification of ImageType to Use Windows PE [OSChooser] Description ="Build 3608" Help ="SMS 2003 SP1 Build 3174.1017, OSD Build 3608, WinPE Source" LaunchFile = "%INSTALLPATH%\%MACHINETYPE%\templates\startrom.com" ImageType =Flat Version="5.1 (0)" After modification, the [OSChooser] section should resemble Listing 2. Listing 2. Ristndrd.sif After the Modification of ImageType to Use Windows PE [OSChooser] Description ="Build 3608" Help ="SMS 2003 SP1 Build 3174.1017, OSD Build 3608, WinPE Source" LaunchFile = "%INSTALLPATH%\%MACHINETYPE%\templates\startrom.com" ImageType =WinPE Version="5.1 (0)" 1033.Save the file, and then close Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008 Note In addition to completing these steps, select only Tools in the Choice Option dialog box. For more information, see the section, “Enable Tools Only in the Choice Options Dialog Box,” later in this document.
Disable Unexpected Write Access to the Windows Deployment Services Server Two problems commonly reported by users of RIS or Windows Deployment Services result from the \\servername\Reminst share having unnecessary write access. The following events occur: •
The first copy of Windows PE accessed attempts to write a Setupapi.log file to the server.
•
The WMI repository becomes corrupt after the first Windows PE boot from the server.
To prevent both of these problems, change the share permissions on the \\servername\Reminst share to: •
Ensure that the share is Read Only for all users.
•
Ensure that any account used to log on to RIS or Windows Deployment Services has Read Only access to the share.
Automate the Windows Deployment Services Client Installation Wizard Although enabling the Windows PE Tools option is automatic, the process still requires manual intervention to complete the installation of Windows PE. If a single image of Windows PE is being installed, automate the Client Installation Wizard pages in Windows Deployment Services. To automate the Windows Deployment Services Client Installation Wizard 1034.In the Choice Options dialog box, select the Tools check box, and clear all other options. 1035.Modify the Tools.osc file (and the Tlchoice.osc file for Windows Server 2003 with SP1) to enable automated installation. 1036.Modify the Login.osc file to further automate installation. 1037.Modify the Welcome.osc, Install.osc, and Oschoice.osc files to further automate installation.
Enable Tools Only in the Choice Options Dialog Box To enable the Tools (Maintenance and Troubleshooting) option in the Client Installation Wizard, perform the following steps: 1038.Open Active Directory Users and Computers. 1039.In the console tree, go to GroupPolicyContainer (where GroupPolicyContainer is either the domain or the organizational unit [OU] that contains the Windows Deployment Services servers), right-click GroupPolicyContainer, and then click Properties. 1040.On the Group Policy tab, click the default domain policy, and then click Edit. 1041.In the console tree of the Group Policy Object Editor, expand User Configuration, expand Windows Settings, and then click Remote Installation Services.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
35
1042.In the details pane, double-click Choice Options.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
1043.In the Tools section of the Choice Options Properties dialog box, click Enabled. 1044.In the Automatic Setup section, click Disabled. 1045.In the Custom Setup section, click Disabled. 1046.In the Restart Setup section, click Disabled, and then click OK. 1047.Close the Group Policy Object Editor. 1048.Close Active Directory Users and Computers.
Modify the Tools.osc and Tlchoice.osc Files Modify Tools.osc (or the Tlchoice.osc file for Windows Server 2003 with SP1) that Windows Deployment Services automatically selects as the default tool without waiting for user interaction. Note In the version of RIS in Windows Server 2003 with SP1 and later versions, two files must be modified: Tools.osc and Tlchoice.osc.
To modify the Tools.osc file (or the Tlchoice.osc file for Windows Server 2003 with SP1) 1049.On the server running Windows Deployment Services, open Notepad. 1050.In Notepad, open ToolsPath\Tools.osc (or Tlchoice.osc for SP1) (where ToolsPath is the path to the Template folder of the Windows PE image to modify—for example, \RemoteInstall\Setup\English\Images\RIS\I386\Templates). 1051.In the Tools.osc file (or the Tlchoice.osc file for SP1), locate the entry <SELECT NAME="SIF" NOAUTO SIZE=12>, shown in Listing 3. Listing 3. Original Version of Tools.osc (or Tlchoice.osc for SP1) <META KEY=F3 ACTION="REBOOT"> <META KEY=F1 HREF="TOOLSHLP"> <META KEY=ESC HREF="CHOICE"> <META SERVER ACTION="ENUM TOOLS CMDCONS"> <TITLE> Client Installation Wizard Tools
Use the arrow keys to select one of the following options:
Description: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
37
<TIPAREA> 1052.Remove NOAUTO from the entry, as illustrated in Listing 4. Listing 4. Modified Version of Tools.osc (or Tlchoice.osc for SP1) <META KEY=F3 ACTION="REBOOT"> <META KEY=F1 HREF="TOOLSHLP"> <META KEY=ESC HREF="CHOICE"> <META SERVER ACTION="ENUM TOOLS CMDCONS"> <TITLE> Client Installation Wizard Tools
Use the arrow keys to select one of the following options:
Description: <TIPAREA> 1053.Save the file, and then close Notepad. Note If the organization is running Windows Server 2003 without SP1 (or later versions), no further modifications are necessary.
To modify the Tools.osc file for Windows Server 2003 with SP1 or later 1054.On the Windows Deployment Services server, open Notepad. 1055.In Notepad, open ToolsPath\Tools.osc (where ToolsPath is the path to the Template folder of the Windows PE image to modify—for example, \RemoteInstall\Setup\English\Images\RIS\I386\Templates). 1056.In the Tools.osc file, search for <TITLE>. 1057.Insert a new line immediately above <TITLE>. 1058.On the new line, type <META ACTION=AUTOENTER>. 1059.Save the file, and then close Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
Customize Login.osc To customize Login.osc to provide credentials for authentication, perform the following steps: 1060.On the Windows Deployment Services server, open Notepad. 1061.In Notepad, open the file \RemoteInstall\OSChooser\English\login.osc. 1062.Replace the string "*****" with the user name and password values appropriate for the environment, as shown in Listing 5. Listing 5. Original Version of Login.osc For example, if the USERNAME value used is OSDUser and the PASSWORD value is Deploy101, the edited lines are illustrated in Listing 6. Listing 6. Modified Version of Login.osc
Customize Welcome.osc, Install.osc, and Oschoice.osc To customize Welcome.osc, Install.osc, and Oschoice.osc to provide credentials for authentication, perform the following steps: 1063.On the server running Windows Deployment Services, open Notepad. 1064.In Notepad, open OSCFile (where OSCFile is \RemoteInstall\OSChooser\Welcome.osc). 1065.In the file, search for <TITLE>. 1066.Insert a new line immediately above <TITLE>. 1067.On the new line, type <META ACTION=AUTOENTER>. 1068.Save the file, and then close Notepad. 1069.Complete steps 2–6 for the following files: •
\RemoteInstall\OSChooser\English\Install.osc
•
\RemoteInstall\OSChooser\English\Oschoice.osc
An additional copy of the Welcome.osc file is located in the \RemoteInstall\OSChooser\English folder. This is the language-specific version of the file. Modify only the version of Welcome.osc in the \RemoteInstall\OSChooser folder. Note Windows Deployment Services uses Oschoice.osc when there is more than one legacy image to choose from. It prompts the user for the appropriate image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
39
Add Network Adapter Support to the Windows Deployment Services Legacy Image Add support for additional network adapters that are not available in the default configuration of Windows Deployment Services. The network drivers can be added to the Windows Deployment Services legacy image. Note Before completing this procedure, obtain the correct network drivers from the software vendor. Also obtain the Windows XP versions of the network drivers.
To add support to the Windows Deployment Services legacy image for additional network adapters, copy the files shown in Table 23. Table 23. Source Network Driver Files and Where to Copy Them in a Windows Deployment Services Legacy Image Copy these files
To
*.sys
Copy from RIS Image Path\i386\system32\drivers to RIS Image Path\i386 (where RISImagePath is the path to the root of the Windows Deployment Services legacy image—for example, D:\RemoteInstall\Setup\English\Images\WinPE15).
*.inf
Copy from RIS Image Path\i386\inf to RIS Image Path\i386.
*.din, *.bin, *.exe, or other files
RISImagePath\I386 and RISImagePath\I386\system32.
For more information about adding additional network adapters to Windows Deployment Services in Legacy or Mixed mode, see the following resources: •
Microsoft Help and Support article, “How to deploy Microsoft Windows Preinstallation Environment from an RIS server by using PXE-enabled clients,” at http://support.microsoft.com/kb/304992.
•
Microsoft Help and Support article, “‘The operating system image you selected does not contain the necessary drivers for your network adapter’ error message during the text-mode part of Setup when you deploy an operating system image by using RIS,” at http://support.microsoft.com/?id=823658. This error message occurs during the text-mode part of Setup when using Windows Deployment Services to deploy an operating system image.
•
Microsoft Help and Support article, “How to Add Third-Party OEM Network Adapters to RIS Installations,” at http://support.microsoft.com/default.aspx?scid=kb%3Benus%3B246184.
Restart Windows Deployment Services on the Windows Deployment Services Servers After adding support for additional network adapters, restart the Windows Deployment Services service on any Windows Deployment Services server on which the Windows Deployment Services legacy images are installed. This ensures that the Windows Deployment Services service recognizes the updates made in the preceding steps. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Running the De pl oymen t W izar d The high-level steps for completing the Deployment Wizard include: 1070.Verify that the folders in Table 24 no longer exist on the target computer. The ZTI process creates and uses the folders listed in Table 24 during the deployment process. If an earlier deployment terminated with errors, these folders might still exist on the target computer. Remove these folders, if they exist, before initiating a new deployment. These folders would reside on os_drive (where os_drive is the drive where the operating system is installed). Table 24. Folders to Remove Before Initiating the Deployment Wizard Folder
Description
os_drive:\Minint
This folder is preserved through the deployment process and contains deployment state information (such as user state migration information and log files).
os_drive:\_SMSTaskSequence This folder contains state information specific to the Systems Management Server Task Sequencer. 1071.In SMS Administrator Console, go to OSDImage (where OSDImage is the name of the SMS 2003 OSD Feature Pack operating system image to be deployed). 1072.Click the appropriate distribution points. 1073.Click the applications to advertise. 1074.Click the target collection for the image. For more information about how to run the Deployment Wizard, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM.
A ppendix : Extend ing Sys tems Mana gement Se r ver by Ed it ing SMS_de f.mof The Systems Management Server hardware inventory collection process can be extended by editing the SMS_def.mof file. The file edit causes the inventory collection process to retrieve the additional WMI items that MDT 2008 places on the target computer during the ZTITatoo.wsf script phase. To edit the SMS_def.mof file 1075.Open SMS_def.mof. 1076.Add the following code to the bottom of the SMS_def.mof file: #pragma namespace ("\\\\.\\root\\cimv2\\sms") [ SMS_Report (True), SMS_Group_Name ("Microsoft BDD Info"), SMS_Class_ID ("MICROSOFT|MicrosoftBDDInfo|1.0") ] class Microsoft_BDD_Info : SMS_Class_Template { [SMS_Report (TRUE), key ] string InstanceKey; [SMS_Report (TRUE) ] string DeploymentMethod; [SMS_Report (TRUE) ] string DeploymentType; [SMS_Report (TRUE) ] string DeploymentTimeStamp; [SMS_Report (TRUE) ] string BuildID; [SMS_Report (TRUE) ] string BuildName; [SMS_Report (TRUE) ] string BuildVersion; [SMS_Report (TRUE) ] string OSDPackageID; [SMS_Report (TRUE) ]
42
MSDN 2.0
string OSDProgramName; [SMS_Report (TRUE) ] string OSDAdvertisementID; }; 1077.To check the syntax of the file, open a Command Prompt window, and then type mofcomp.exe sms_def.mof -check. 1078.To compile the .mof file with the new entries on the server, open a Command Prompt window, and then type mofcomp.exe sms_def.mof. 1079.Use the command mofcomp.exe sms_def.mof to create a Systems Management Server package to push the updated .mof file to the Systems Management Server Advanced Client computers in the organization. The Systems Management Server Advanced Client computers will need updated machine policies to know that they must inventory the new entries. Following policy updates, the next hardware inventories for the computers will be uploaded to the server for reporting.
Microsoft® Deployment Toolkit 2008 Quick Start Guide for Microsoft System Center Configuration Manager 2007
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
43
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, FrontPage, SQL Server, Windows, Windows Server, Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 provides technology for deploying Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. This quick-start guide helps Information Technology personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using it to install Windows Vista® with Microsoft System Center Configuration Manager 2007. This quick-start guide demonstrates how to perform the New Computer deployment scenario. The New Computer deployment scenario covers the deployment of Windows Vista to a new computer. This scenario assumes that there is no user data or profile to preserve. Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
After using this guide to evaluate MDT 2008, review the rest of the MDT 2008 guidance to learn more about the technology’s advanced features. Note The infrastructure setup described here is for evaluation purposes and not intended for a production system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes MDT 2008 has the following prerequisites.
Required Software To complete this guide, the following software is required: •
Windows Server 2003 Release 2 (R2) with Service Pack 2 (SP2)
•
Windows Vista
•
System Center Configuration Manager
•
Windows Automated Installation Kit (Windows AIK) to help install, customize, and deploy Windows operating systems Note Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 release to manufacturing (RTM) deployments. However, Windows AIK version 1.1 is compatible with all currently supported operating system releases.
•
Windows Preinstallation Environment (Windows PE) version 2.0 (included in Windows AIK)
•
Networking services, including Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP)
•
Active Directory® Domain Services (AD DS)
Note The task sequencer used in MDT 2008 deployments requires the Create Global Object right be assigned to credentials used to access and run Deployment Workbench and the deployment process. This right is normally available to accounts with Administrator-level permissions (unless explicitly removed). Also, the Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
3
Computer Configuration To complete this guide, set up the computers listed in Table 1. These computers can be either physical computers or virtual machines (VMs) with the system resources designated. Table 1. Computers Used in This Guide Computer
Description and system resources
WDG-MDT-01
This computer runs the MDT 2008 infrastructure and System Center Configuration Manager. The computer runs Windows Server 2003 with SP2 with the following networking services installed: •
AD DS
•
DNS Server
•
DHCP Server
•
Windows Deployment Services
The system resources of the computer are as follows:
WDG-REF-01
•
Processor running at 1.4 gigahertz (GHz) or faster
•
512 megabytes (MB) or greater physical memory
•
One disk partition that has 16 gigabytes (GB) or more available disk space and that will become the drive C partition
•
One CD-ROM or DVD-ROM drive that will be assigned the drive letter D
•
One disk partition that has 16 GB or more available disk space and that will become partition E.
This is the target computer, which runs no current operating system. The system resources of the computer are as follows:
WDG-CLI-01
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
This is the target computer, which runs no current operating system. The system resources of the computer are as follows:
Solution Accelerators
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
The resources listed in Table 1 reflect the system resources recommended to perform the steps in this guide. For information on the minimum system resource requirements for: •
Windows Server 2003, see System Requirements at http://technet.microsoft.com/en-us/windowsserver/bb430827.aspx.
•
Windows Vista, see Windows Vista recommended system requirements at http://www.microsoft.com/windows/products/windowsvista/editions/systemrequiremen ts.mspx.
•
System Center Configuration Manager, see Configuration Manager Supported Configurations at http://technet.microsoft.com/enus/library/bb680717.aspx#SiteServerSystemRequirements.
•
Microsoft SQL Server® 2005, see SQL Server 2005 System Requirements at http://www.microsoft.com/sql/prodinfo/sysreqs/default.mspx.
Note This guide assumes that MDT 2008 is being evaluated on 32-bit (x86) physical or virtual computers. If evaluating MDT 2008 on 64-bit (x64) platforms, download and install the x64 editions of MDT 2008 and the components that this guide describes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 1: Pr epar e the Pr er equis ite In fr ast r uc tur e For the purposes of this guide, all the prerequisite infrastructure services run on the computer named WDG-MDT-01. Install the prerequisite software, server roles, and services on this computer before installing MDT 2008. Note This section assumes that a new System Center Configuration Manager infrastructure will be created for MDT 2008. If an existing System Center Configuration Manager infrastructure will be used, review the steps in this section and substitute existing resource names for the resources created in this section (such as computer name and shared network folders). After reviewing this section, proceed to “Step 2: Prepare the MDT 2008 Environment.”
The steps for preparing the prerequisite infrastructure before installing the MDT 2008 are: 1080.Install Windows Server 2003 with SP2. 1081.Create the required folders and network shares. 1082.Obtain the software required to perform the steps in this guide. 1083.Install AD DS. 1084.Install the DHCP Server. 1085.Install Microsoft Internet Information Services (IIS) version 6.0. 1086.Enable the Web-based Distributed Authoring and Versioning (WebDAV) Internet Services Application Programming Interface (ISAPI) extensions in IIS 6.0. 1087.Install the additional software. 1088.Create the user and service accounts required to perform the steps in this guide. 1089.Install the Windows User State Migration Toolkit (USMT) source files. 1090.Install SQL Server 2005 with SP2 to be used by System Center Configuration Manager. 1091.Add the site server to the Administrators security group. 1092.Install System Center Configuration Manager. 1093.Configure the network access account that System Center Configuration Manager clients use to access System Center Configuration Manager distribution points. 1094.Configure the System Center Configuration Manager site boundaries. 1095.Configure the publishing of site information in AD DS and DNS. 1096.Configure the drive to be used for storing System Center Configuration Manager package source files. 1097.Configure the System Center Configuration Manager distribution point to be Background Intelligent Transfer Service (BITS) enabled.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Step 1-1: Install Windows Server 2003 with SP2 Install Windows Server 2003 with SP2 by using the information in Table 2. Accept default values unless otherwise specified. Table 2. Information for Installing Windows Server 2003 with SP2 When prompted for
Provide these values
Where do you want to install Windows?
Disk 0 Unallocated Space
Password
Any strong password.
Computer name
WDG-MDT-01
Format for volumes C and E
NTFS
TCP/IP configuration
Configure with a static IP address configuration with the other TCP/IP configuration options as appropriate for the environment.
Step 1-2: Create Required Folders and Shares The MDT 2008 deployment process requires additional folders that are used as the source for files or to store files created during the MDT 2008 deployment process. Some of these folders need to be shared so that they can be accessed from other computers. To create the required folders and shares 1098.Create the E:\Source$ folders, and share the folder as Source$ with the following permissions: •
Administrators: Full Control
•
Everyone: Read
1099.Create the following folders: •
E:\Source$\Drivers
•
E:\Source$\Vista
•
E:\Source$\MDT_2008
•
E:\Source$\USMT_301
1100.Copy the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) to E:\Source$\Drivers.
Step 1-3: Obtain the Required Software Besides Windows Server 2003 with SP2, Windows Vista, and System Center Configuration Manager, software is required to evaluate MDT 2008 based on the processes in this guide. Table 3 lists the software required to perform deployments using MDT 2008, where to obtain the software, and where to place the software on WDG-MDT01. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
7
Table 3. Additional Software Required for Deployment Using MDT 2008 Obtain this software
Place in this folder
MDT 2008, available at http://microsoft.com/technet/SolutionAccelerators
E:\Source$\MDT_2008
Windows Vista distribution files from the product CD
E:\Source$\Vista
USMT version 3.0.1 at http://www.microsoft.com/downloads/details.aspx?FamilyID =799ab28c-691b-4b36-b7ad6c604be4c595&DisplayLang=en
E:\Source$\USMT_301
Device drivers required for the target computer WDG-CLI01
E:\Source$\Drivers
SQL Server 2005 from the product CD
E:\Source$\SQL2005
SQL Server 2005 SP2 at E:\Source$\SQL2005SP2 http://www.microsoft.com/downloads/details.aspx?FamilyId= d07219b2-1e23-49c8-8f0c-63fa18f26d3a&DisplayLang=en System Center Configuration Manager
E:\Source$\ConfigMgr
Microsoft XML core Services (MSXML) version 6.0 at http://www.microsoft.com/downloads/details.aspx?FamilyID =993C0BCF-3BCF-4009-BE21-27E85E1857B1
E:\Source$\MSXML60
Step 1-4: Install AD DS AD DS is required to provide authentication and act as a repository for configuration values for the Microsoft products and technologies that MDT 2008 uses, such as SQL Server 2005 and System Center Configuration Manager. To install AD DS, run the DCPROMO Wizard to configure the computer as a domain controller. Install AD DS by using the information provided in Table 4 and accepting any defaults unless otherwise specified. Table 4. Information for Installing AD DS When prompted for
Do the following
Domain type
Create a new domain in a new forest.
Fully qualified domain name (FQDN)
Type corp.woodgrovebank.com
Forest functional level
Windows Server 2003
Install DNS Server service as a part of the domain controller installation process.
Click Yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Step 1-5: Install DHCP Server DHCP Server is required to provide automatic IP configuration for the target computers. Install DHCP Server by using the information provided in Table 5 and accepting any defaults unless otherwise specified. Note If a virtualized environment will be used, disable any DHCP configuration provided by the computer virtualization software. Ensure that the DHCP Server service running WDG-MDT-01 is the only provider of IP configuration by using DHCP.
Table 5. Information for Installing DHCP Server On this wizard page
Do this
Authorize DHCP server in Active Directory
Authorize WDG-MDT-01 to provide client IP configuration.
DHCP scopes
Create an appropriate scope that can be used to automatically configure TCP/IP for WDGREF-01 and WDG-CLI-01.
Step 1-6: Install IIS 6.0 Install IIS version 6.0 with the application server components listed in Table 6. Unless otherwise specified, use the default values. The application server components listed in Table 6 are required for SQL Server 2005 and System Center Configuration Manager installation. Table 6. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
Microsoft ASP.NET
Installed
Enable network COM+ access
Installed
Enable network Microsoft Distributed Transaction Coordinator (DTC) access
Not installed
IIS: BITS Server Extensions
Installed
Common files
Installed
File Transfer Protocol (FTP) service
Not installed
Microsoft Office FrontPage® 2002 Server Extensions
Not installed
IIS Manager
Installed
Internet printing
Not installed
Network News Transfer Protocol (NNTP) Service
Not installed
Simple Mail Transfer Protocol (SMTP) Service
Not installed
World Wide Web Service: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
Application server component
9
Status
Active Server Pages (ASP)
Installed
Internet Data Connector
Not installed
Remote Administration (HTML)
Not installed
Remote Desktop Web Connection
Not installed
Server Side Includes
Installed
WebDAV Publishing
Installed
World Wide Web Service
Installed
Message Queuing
Not installed
Step 1-7: Enable the WebDAV ISAPI Extension The WebDAV Publishing component runs as an ISAPI extension in IIS. After installing the WebDAV Publishing Application Server component, allow the WebDAV ISAPI extension to run in IIS. By default, the WebDAV ISAPI extension is prohibited from running after installation. To enable the WebDAV ISAPI extension 1101.Start IIS Manager. 1102.In the IIS Manager console tree, click Web Service Extension. 1103.In the details pane, click WebDAV, and then click Allow. The status of the WebDAV should change to Allowed. 1104.Close all open windows and dialog boxes.
Step 1-8: Install Additional Software Additional software must be installed in Windows Server 2003 with SP2 to support MDT 2008. Install the following software using the default installation options: •
MSXML version 6.0
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Step 1-9: Create the User and Service Accounts System Center Configuration Manager and SQL Server 2005 require user accounts during the installation process. Table 7 lists the information needed for creating the user and service accounts. Table 7. Information for Creating the Required Accounts Create this account
With these settings
SQL Service account
In First name, type SQL. In Last name, type Service Account. In User logon name, type SQLSvcAcct. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. Make the account a member of the Domain Admins security group. In Description, type Service account used to run SQL Server 2005 services.
System Center Configuration Manager Client Network Access account
In First name, type CM 2007. In Last name, type Client Network Access. In User logon name, type CMNetAccess. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. In Description, type Service account used as the network access account for Configuration Manager 2007 Client.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
11
Step 1-10: Install USMT The USMT is used to save and restore user state migration information. For deployments based on System Center Configuration Manager, create a package that contains the USMT files so that MDT 2008 deployment process can use them. Install USMT on WDG-MDT-01 to extract the files needed to create the System Center Configuration Manager package. USMT is run on the target computers, not on WDGMDT-01. This installation only acts as a source for the package. To install USMT 1105.In Windows Explorer, go to E:\Source$\USMT_301, and then double-click: •
InstallUSMT301_x86.msi.for x86-based computers.
•
InstallUSMT301_x64.msi.for x64-based computers.
1106.Complete the installation wizard by accepting all the default values. This installs USMT in C:\Program Files\USMT301. 1107.Copy the USMT source files from C:\Program Files\USMT301 to E:\Source$\USMT301.
Step 1-11: Install SQL Server 2005 with SP2 Before installing System Center Configuration Manager, install SQL Server 2005 with SP2. Note To enable all SQL Server 2005 features, install the Web Server (IIS) server role before installing SQL Server 2005.
To install SQL Server 2005 with SP2 1108.Install SQL Server 2005 by using the information in Table 8 and accepting defaults unless otherwise specified. Table 8. Information for Installing SQL Server 2005 When prompted for
Provide these values
Components to Install
Select SQL Server Database Services. Select Reporting Services.
Service account
In User name, type SQLSvcAcct. In Password, type P@ssw0rd. In Domain, type CORP.
1109.Install SQL Server 2005 with SP2 by accepting all defaults for installing the Service Pack Installation Wizard. Tip This service pack was downloaded earlier in the process and saved in E:\Source$\SQL2005SP2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Step 1-12: Add Site Server to the Administrators Security Group When all computers are in the same forest, manually add the site server computer account to the local Administrators group on each computer. Complete this step before configuring the computer as a site system. To add the site server to the Administrators security group 1110.Click Start, point to Administrative Tools, and then click Active Directory Users and Computers. 1111.In the Active Directory Users and Computers console tree, go to corp.woodgrovebank.com/Builtin. 1112.In the details pane, right-click Administrators, and then click Properties. 1113.In the Administrators Properties dialog box, click the Members tab, and then click Add. 1114.In the Select Users, Contacts, Computers, or Groups dialog box, click Object Types. 1115.In the Object Types dialog box, in Object types, select Computers, and then click OK. 1116.In the Select Users, Contacts, Computers, or Groups dialog box, in Enter the object names to select, type WDG-MDT-01, click Check Names, and then click OK. 1117.Close any open windows.
Step 1-13: Install System Center Configuration Manager When the other products and technologies have been installed, install System Center Configuration Manager. Before installing System Center Configuration Manager, however, extend the Active Directory schema so that computers can locate the distribution points, service locator points, and other server roles. Also, the schema can be extended after System Center Configuration Manager has been installed. To extend the Active Directory schema for System Center Configuration Manager 1118.In Windows Explorer, go to \SMSSETUP\BIN\platform on the installation media, and then double-click extadsch.exe (where platform is the processor platform). 1119.In Windows Explorer, go to C:\, and then open the ExtADSch.log file. 1120.Review the ExtADSch.log file, and ensure that the schema was extended successfully. After extending the Active Directory schema, install System Center Configuration Manager. The configuration of WDG-MDT-01 supports System Center Configuration Manager for this sample. The configuration of computers in the production network may vary. To find out more about the prerequisites for installing System Center Configuration Manager, see Prerequisites for Installing Configuration Manager at http://technet.microsoft.com/en-us/library/bb694113.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
13
To install System Center Configuration Manager 1121.Install System Center Configuration Manager by using the information in Table 9. Accept the defaults unless otherwise specified. Table 9. Information for Installing System Center Configuration Manager On this wizard page
Do this
Site Settings
In Site code, type NYC. In Site name, type New York City Site.
Site Mode
Click Configuration Manager Mixed Mode.
Updated Prerequisite Components
Select the appropriate option for obtaining client prerequisite component files. Files can either be downloaded as part of Setup, an alternate location where the client prerequisite component files have already been downloaded to can be used.
Updated Prerequisite Component Path
Specify the path to store client prerequisite component files downloaded during Setup or the path to the alternate location where client prerequisite component files have previously been downloaded to. Note The Setup command-line option Setup /download path_to_files can be used to download client prerequisite component files without running the complete Configuration Manager Setup wizard.
At the end of this step, System Center Configuration Manager is installed. To find more help in troubleshooting any installation-related problems, see Troubleshooting Configuration Manager 2007 at http://technet.microsoft.com/enus/library/bb632812.aspx.
Step 1-14: Configure the Network Access Account The System Center Configuration Manager client needs an account to provide credentials when accessing the System Center Configuration Manager distribution points, MDT 2008 deployment points, and shared folders. This account is called the Network Access account. The CMNetAccess account was created earlier in the process to use as the Network Access account. To configure the Network Access account 1122.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1123.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site/Site Settings/Client Agents. 1124.In the details pane, right-click Computer Client Agent, and then click Properties.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1125.In the Computer Client Agent Properties dialog box, click the General tab. In Network Access Account, in Account (domain\user), click Set. 1126.Complete the Windows User Account dialog box using the information in Table 10, and then click OK. Table 10. Information Required to Complete the Windows User Account Dialog Box For this
Do this
User name
Type CORP\CMNetAccess.
Password
Type P@ssw0rd.
Confirm password
Type P@ssw0rd.
1127.Close any open windows.
Step 1-15: Configure the Configuration Manager Site Boundaries The System Center Configuration Manager client needs to know the boundaries for the site. Unless the site boundaries are specified, the client assumes that the computer running System Center Configuration Manager is in a remote site. Add a site boundary based on the IP subnet used by WDG-MDT-01, WDG-REF-01, and WDG-CLI-01. To configure the System Center Configuration Manager site boundaries 1128.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1129.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site/Site Settings/Boundaries. 1130.In the details pane, click New Boundary. 1131.Complete the New Site Boundary dialog box using the information in Table 11, and then click OK. Note For this sample, the site boundary is specified by network address. However, site boundaries can also be specified by using an AD DS site name or an IP address range.
Table 11. Information Required to Complete the New Site Boundary Dialog Box For this
Do this
Description
Type IP Subnet Boundary.
Network
Type network_address (where network_address is the network address of the subnet where the computers are installed).
Subnet mask
Type subnet_mask (where subnet_mask is the subnet mask of the subnet where the computers are installed).
1132.Close any open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
15
Step 1-16: Configure Publishing of Site Information The System Center Configuration Manager client needs to locate the various System Center Configuration Manager server roles. Modify the site properties to publish the site information in AD DS and in DNS. To configure the publishing of site information in AD DS and in DNS 1133.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1134.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site. 1135.In the details pane, click Properties. 1136.Complete the Advanced tab of the NYC - New York City Site Properties dialog box by performing the following steps, and then click OK: p. Select the Publish this site in Active Directory Domain Services check box. q. Select the Publish the default management point in DNS (intranet only) check box. 1137.Close any open windows.
Step 1-17: Configure the Drive for Storing Package Source Files System Center Configuration Manager stores the source packages on a local drive. By default, System Center Configuration Manager stores the source packages on drive C. Configure System Center Configuration Manager to store the source packages on drive E. To configure the drive for storing System Center Configuration Manager package source files 1138.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1139.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site/Site Settings/Component Configuration. 1140.In the details pane, right-click Software Distribution, and then click Properties. 1141.In the Software Distribution Properties dialog box, in Drive on site server, type E:\, and then click OK. 1142.Close any open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Step 1-18: Configure the Distribution Point to Be BITS Enabled Using BITS-enabled distribution points in System Center Configuration Manager helps control bandwidth throttling between the clients and distribution points. Enabling the BITS setting does not guarantee that the client will always download content from the distribution point using BITS. However, if this setting is not enabled, the client will never download packages using BITS. To configure a distribution point to be BITS enabled 1143.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1144.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Site Management/NYC - New York City Site/Site Settings/Site Systems/WDG-MDT-01. 1145.In the details pane, right-click ConfigMgr distribution point, and then click Properties. 1146.In the ConfigMgr Distribution Point Properties dialog box, on the General tab, select the Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS (required for device clients and Internet-based clients) check box, and then click OK. 1147.Close any open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 2: Pr epar e the MDT 2008 En vir onmen t The first step in the process is to prepare the MDT 2008 environment. When this step is completed, the reference computer can be created and a captured image of the reference computer deployed to the target computer (WDG-CLI-01) using System Center Configuration Manager integration with MDT 2008. To prepare the MDT 2008 environment 1148.Install MDT 2008. 1149.Enable Configuration Manager Console integration by running the Configure ConfigMgr 2007 Integration script.
Step 2-1: Install MDT 2008 To install MDT 2008, perform the following steps: 1150.In Windows Explorer, go to E:\Source$\MDT_2008. 1151.Double-click MicrosoftDeploymentToolkit_x86.msi (for 32-bit operating systems) or MicrosoftDeploymentToolkit_x64.msi (for 64-bit operating systems), and then click Install. 1152.Click Next to skip the welcome page. 1153.On the End-User License Agreement page, review the license agreement, select I accept the terms in the License Agreement, and then click Next. 1154.On the Custom Setup page, click Next. 1155.Click Install. The installation process status is displayed, then finishes. 1156. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Step 2-2: Enable Configuration Manager Console Integration Before the System Center Configuration Manager integration features of MDT 2008 can be used, run the Configure ConfigMgr 2007 Integration script. The Configure ConfigMgr 2007 Integration script copies the appropriate integration files to the folder where System Center Configuration Manager is installed. The script also adds Windows Management Instrumentation (WMI) classes for the new MDT 2008 custom actions. The classes are added by compiling a new Managed Object Format (.mof) file that contains the new class definitions. To enable Configuration Manager console integration Note
Ensure that Configuration Manager console is closed while performing these steps.
1157.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Configure ConfigMgr 2007 Integration. The Configure ConfigMgr 2007 Integration script starts. 1158.In the Configure ConfigMgr Integration dialog box, in Site server name, verify the value is WDG-MDT-01. 1159.In Site code, verify that the value is NYC, and then click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 3: Impor t and Co nf igur e a Task Sequence t o Cr ea te a Refer ence Co mpute r After the MDT 2008 environment is prepared, create the reference computer. The reference computer is used as the template for deploying new images to the target computers. Configure this computer (WDG-REF-01) exactly as the target computers will be configured. An image of the reference computer will be captured and the image deployed to the target computers. To create the reference computer, WDG-REF-01 1160.Create an MDT 2008 task sequence template to deploy Window Vista to the reference computer. 1161.Select the distribution points for the new packages and images created by the Import Microsoft Deployment Task Sequence Wizard. 1162.Add the necessary device drivers to a new drive package and to the appropriate boot images. 1163.Configure the MDT 2008 configuration files for the reference computer—specifically, the CustomSettings.ini file. 1164.Update the System Center Configuration Manager distribution points for the Custom Settings Files package. 1165.Customize the task sequence for the reference computer.
Step 3-1: Create an MDT 2008 Task Sequence for the Reference Computer Create task sequences in System Center Configuration Manager that are integrated with MDT 2008 by using the Import Microsoft Deployment Task Sequence Wizard in Configuration Manager console. MDT 2008 includes task sequence templates that can be imported into System Center Configuration Manager. Table 12 lists the task sequence templates that are included in MDT 2008, the file name for each template, and a description of the template. The template files are located in the install_folder\SCCM folder (where install_folder is the folder in which MDT 2008 was installed).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
Table 12. Task Sequence Templates Included in MDT 2008 Template
File name
Select this template to
Standard Client Task Sequence
SCCM_Client.xml
Deploy to client computers for all scenarios except the Replace Computer scenario.
Standard Client Replace Task Sequence
SCCM_ClientReplace.xml
Deploy to client computers for the Replace Computer scenario.
Custom Task Sequence
SCCM_Custom.xml
Create a custom task sequence that installs applications without an operating system installation.
Standard Server Task Sequence
SCCM_Server.xml
Deploy to server computers for all scenarios.
Import the Standard Client Task Sequence template to deploy Windows Vista to the reference computer (WDG-REF-01). The Import Microsoft Deployment Task Sequence Wizard substitutes the packages and images selected for the placeholders in the task sequence templates. After completing the wizard, the new imported task sequence references the appropriate packages and images. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
To create a task sequence for deploying the reference computer 1166.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1167.In the Configuration Manager console tree, go to Site Database/Computer Management/Task Sequences. 1168.In the details pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard starts. 1169.Complete the Import Microsoft Deployment Task Sequence Wizard by using the information in Table 13. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
21
Table 13. Information for Completing the Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do this
Choose Template
Select Client Task Sequence, and then click Next.
General
In Task sequence name, type Windows Vista Reference Deployment. In Task sequence comments, type Task sequence for deploying Windows Vista to the reference computer (WDG-REF-01), and then click Next.
Details
Click Join a workgroup. In Workgroup, type WORKGROUP. In User name, type Woodgrove Bank Employee. In Organization name, type Woodgrove Bank. In Product key, type product_key (where product_key is the product key for Windows Vista). In Capture destination, type \\WDG-MDT01\Capture$\WDG-REF-01.wim. In Capture Account, click Set, and then complete the Windows User Account dialog box by performing the following steps: 1170.In User name, type CORP\Administrator. 1171.In Password and Confirm password, type P@ssw0rd. 1172.Click OK. Click Next.
Boot Image
Click Create a new boot image package. In Package source folder to be created, type \\WDGMDT-01\Packages$\WINPE_Custom, and then click Next.
Boot Image: General Settings
In Name, type Windows PE Custom. In Version, type 1.00. In Comments, type Customized version of Windows PE to be used in deployment of reference and target computers, and then click Next.
Boot Image: Image Options
Click Next.
MDT Package
Click Create a new Microsoft Deployment Toolkit Files package. In Package source folder to be created, type \\WDGMDT-01\Packages$\MDT_2008_Files, and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
On this wizard page
Do this
MDT Package: MDT Details
In Name, type MDT 2008 Files. In Version, type 1.00. In Comments, type Provides access to MDT 2008 software during Configuration Manager deployment process, and then click Next.
OS Image
Click Create a new OS install package. In OS installation folder location, type \\WDG-MDT01\Source$\Vista. In Package source folder to be created, type \\WDGMDT-01\Packages$\Vista, and then click Next.
OS Image: Image Details
In Name, type Windows Vista. In Version, type 1.00. In Comments, type Windows Vista package used to deploy to reference computers, and then click Next.
Client Package
Click Create a new ConfigMgr client package, and then click Next.
USMT Package
Click Create a new USMT package. In Path to USMT executables and related files, type \\WDG-MDT-01\Source$\USMT301. In Package source folder to be created, type \\WDGMDT-01\Packages$\USMT301, and then click Next.
USMT Package: USMT Details
In Name, type USMT. In Version, type 3.01. In Comments, type USMT files used to capture and restore user state migration information, and then click Next.
Settings Package
Click Create a new settings package. In Package source folder to be created, type \\WDGMDT-01\Packages$\CustomSettings_Reference, and then click Next.
Settings Package: Settings Details
In Name, type MDT 2008 Reference Computer Custom Settings. In Version, type 1.00. In Comments, type Configuration settings for MDT 2008 deployment process (such as CustomSettings.ini) for the reference computer, and then click Next.
Sysprep Package
Solution Accelerators
Click Next.
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
23
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported. Note
This process can take several minutes to finish.
Step 3-2: Select Distribution Points for Packages and Images The Import Microsoft Deployment Task Sequence Wizard creates a number of packages and images. After these packages and images are created, select the distribution points from which the packages and images will be copied and available to target computers. Note In this sample, there is only one distribution point (WDG-MDT-01). However, most production networks have multiple distribution points. When performing this step in a production environment, select the appropriate distribution points for the network.
Select the distribution points for software distribution packages, boot images, and operating system install packages. To select the distribution points for software distribution packages 1173.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Software Distribution/Packages. 1174.In the details pane, click MDT 2008 Reference Computer Custom Settings. 1175.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1176.Complete the Manage Distribution Points Wizard by using the information in Table 14. Accept default values unless otherwise specified. Table 14. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1177.Repeat steps 2–4 of this procedure, substituting each of the following packages for MDT 2008 Reference Computer Custom Settings: •
MDT 2008 Files
•
USMT
•
Configuration Manager Client Upgrade
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
To select the distribution points for boot images 1178.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Boot Images. 1179.In the details pane, click Windows PE Custom. 1180.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1181.Complete the Manage Distribution Points Wizard by using the information in Table 15. Accept the default values unless otherwise specified. Table 15. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
To select the distribution points for operating system installation packages 1182.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Operating System Install Packages. 1183.In the details pane, click Windows Vista. 1184.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1185.Complete the Manage Distribution Points Wizard by using the information in Table 16. Accept the default values unless otherwise specified. Table 16. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1186.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
25
Step 3-3: Add Necessary Device Drivers When the MDT 2008 task sequence has been imported, add any device drivers required for the reference computer (WDG-REF-01) to the Windows PE boot image and to the Windows Vista image. Add the device drivers in the Drivers node in Configuration Manager console. Create a package that contains the device drivers, and inject the drivers into the custom Windows PE image created earlier in the process. After creating the package that contains the device drivers, select the distribution point on which the package will be deployed. To add the necessary device drivers 1187.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1188.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Drivers. 1189.In the console tree, right-click Drivers, and then click Import. The Import New Driver Wizard starts. 1190.Complete the Import New Driver Wizard by using the information in Table 17. Accept the default values unless otherwise specified. Table 17. Information for Completing the Import New Driver Wizard On this wizard page
Do this
Locate Driver
In Source folder, type \\WDG-MDT01\Source$\Drivers, and then click Next.
Locate Driver: Driver Details
Click Next.
Locate Driver: Add Driver to Packages
Click New Package. Complete the New Driver Package dialog box by performing the following steps: 1191.In Name, type device_driver_name Package (where device_driver_name is a descriptive name for the device drivers). 1192.In Comment, type Device drivers that are necessary for the reference and target computers. 1193.In Driver package source, type \\WDG-MDT01\Packages$\Drivers, and then click OK. Click Next.
Locate Driver: Add Driver to Boot Images
In the list of images, select the Windows PE Custom check box. Select the Update distribution points when finished check box, and then click Next.
Summary
Click Next.
Confirmation
Click Close.
To select the distribution points for the driver package Solution Accelerators microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
1194.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Driver Packages. 1195.In the details pane, click device_driver_name Package (where device_driver_name is a descriptive name for the device drivers). 1196.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1197.Complete the Manage Distribution Points Wizard by using the information in Table 18. Accept default values unless otherwise specified. Table 18. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1198.Close all open windows and dialog boxes.
Step 3-4: Customize MDT 2008 Configuration Files When the MDT 2008 task sequence has been imported, customize the MDT 2008 configuration files that provide the configuration settings for deploying Windows Vista to the target computer. Specifically, customize the CustomSettings.ini file. When the CustomSettings.ini file customization is finished, save the updated files to the source folder for the MDT 2008 Reference Computer Custom Settings package created earlier in the process (E:\Packages$\CustomSettings_Reference). Then, add the DoCapture property and value to the CustomSettings.ini file so that the MDT 2008 deployment process captures an image of the reference computer (WDGREF-01) after deploying Windows Vista.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
27
To customize the MDT 2008 configuration files for the reference computer 1199.In Windows Explorer, go to E:\Packages$\CustomSettings_Reference, and then double-click CustomSettings.ini. 1200.In Microsoft Notepad, add DoCapture=Yes to the end of the CustomSettings.ini file, as shown in Listing 1. Listing 1. CustomSettings.ini File After Adding the DoCapture Property [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y DoCapture=Yes 1201.In Notepad, save the file, and then exit Notepad.
Step 3-5: Update Distribution Points for the Custom Settings Package When the source folder has been updated for the MDT 2008 Reference Computer Custom Settings package in System Center Configuration Manager, update the distribution points for the MDT 2008 Reference Computer Custom Settings Files package. Updating the distribution points copies the updated version of the CustomSettings.ini file to the deployment points specified in the package. To update the distribution points for the Custom Settings package 1202.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1203.In the Configuration Manager console tree, go to Site Database/Computer Management/Software Distribution/Packages, and then click MDT 2008 Reference Computer Custom Settings 1.00. 1204.In the details pane, click Update Distribution Points. 1205.In the Confirm Update Distribution Points dialog box, click Yes. 1206.Close all open windows and dialog boxes. System Center Configuration Manager starts updating the distribution points with the latest versions of the CustomSettings.ini file. This process could take several minutes. Check the status of the package until the State value of the package status is Installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Step 3-6: Customize the Reference Computer Task Sequence For most deployments, the Windows Vista Reference Deployment task sequence created earlier in the process performs all the necessary steps without modification. In this sample, modify the task sequence to set the password for the local Administrator account to a known value. By default, the task sequence sets the password for the local Administrator account to a random value. Further customization of the task sequence may be required depending on the environment. To customize the Windows Vista Reference Deployment task sequence 1207.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1208.In the Configuration Manager console console tree, go to Site Database/Computer Management/Operating System Deployment/Task Sequences. 1209.In the details pane, click Windows Vista Reference Deployment. 1210.In the details pane, click Edit. 1211.In the Windows Vista Reference Deployment Task Sequence Editor dialog box, go to PostInstall/Apply Windows Settings. 1212.On the Properties tab, click Enable the account and specify the local administrator password. 1213.On the Properties tab, in Password and Confirm Password, type P@ssw0rd, and then click Apply. 1214.Make any additional modifications to the task sequence that environment requires, and then click OK. 1215.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 4: Depl oy W indo ws V ist a and Ca ptur e an I ma ge o f the Refer ence Co mpute r When the task sequence has been created to deploy Windows Vista to the reference computer and an image of the reference computer captured, start the task sequence. Create the operating system capture by using the Task Sequence Media Wizard in Configuration Manager console. To deploy Windows Vista and capture an image of the reference computer 1216.Add the reference computer to the Configuration Manager site database. 1217.Create a collection that contains the reference computer added in the previous step. 1218.Create an advertisement for the reference computer task sequence. 1219.Create a task sequence bootable media disk by using the Task Sequence Media Wizard. 1220.Start the reference computer with the task sequence bootable media disk.
Step 4-1: Add the Reference Computer to the Configuration Manager Site Database To deploy an operating system to a new computer without stand-alone media that System Center Configuration Manager does not currently manage, the new computer must be added to the Configuration Manager site database prior to initiating the operating system deployment process. Although System Center Configuration Manager can automatically discover computers on the network that have a Windows operating system installed, if the computer has no operating system installed, import the new computer information by using the Import Computer Information Wizard. To add the reference computer to the Configuration Manager site database 1221.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1222.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Computer Associations. 1223.In the details pane, click Import computer Information. The Import Computer Information Wizard starts. 1224.Complete the Import Computer Information Wizard by using the information in Table 19. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
Table 19. Information for Completing Import Computer Information Wizard On this wizard page
Do this
Select Source
Click Import single computer, and then click Next.
Single Computer
In Computer Name, type WDG-REF-01. In MAC address, type mac_address (where mac_address is the media access control (MAC) address of the primary network adapter for the reference computer, WDG-REF-01). Click Next.
Data Preview
Click Next.
Choose Target Collection
Click Next.
Summary
Click Next.
Wizard Completed
Click Close.
For more information on adding a new computer to the Configuration Manager site database, see “How to Add a New Computer to the Configuration Manager Database” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 4-2: Create a Collection for the Reference Computer In Configuration Manager console, create a collection that includes the reference computer (WDG-REF-01). This computer collection is used later when advertising the task sequence created earlier in the process. To create a collection that includes the reference computer 1225.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1226.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Collections. 1227.In the details pane, click New Collection. The New Collection Wizard starts. 1228.Complete the New Collection Wizard by using the information in Table 20. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 4
31
Table 20. Information for Completing the New Collection Wizard On this wizard page
Do this
General
In Name, type Microsoft Deployment – Reference Computer In Comment, type Computer that is to be the reference computer for the target computers to be deployed. Click Next.
Membership Rules
Click the Computer icon. Complete the Create Direct Membership Rule Wizard by performing the following steps: 1229.On the Welcome page, click Next. 1230.On the Search for Resources page, in Resource class, select System Resource; in Attribute name, select Name; in Value, type WDG-REF-01; and then click Next. 1231.On the Collection Limiting page, click Next. 1232.On the Select Resources page, select WDG-REF01, and then click Next. 1233.On the Finished page, click Finish. Click Next.
Advertisements
Click Next.
Security
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Create a Collection,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
Step 4-3: Create an Advertisement for the Reference Computer Task Sequence In Configuration Manager console, create an advertisement for the task sequence created earlier in the process. Advertise the task sequence to the collection that includes the reference computer created earlier in the process. To create an advertisement for the task sequence 1234.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1235.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Task Sequences. 1236.In the details pane, click Windows Vista Reference Deployment. 1237.In the details pane, click Advertise. The New Advertisement Wizard starts. 1238.Complete the New Advertisement Wizard by using the information in Table 21. Accept the default values unless otherwise specified. Table 21. Information for Completing the New Advertisement Wizard On this wizard page
Do this
General
In Comment, type Advertisement to deploy Windows Vista to the reference computer and then capture an image of the reference computer. In Collection, click Browse. In the Browse Collection dialog box, click Microsoft Deployment – Reference Computer, and then click OK. Select the Make this task sequence available to boot media and PXE check box. Click Next.
Schedule
Click Next.
Distribution Points
Click Next.
Interaction
Click Next.
Security
Click Next.
Summary
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Advertise Task Sequences,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 4
33
Step 4-4: Create Task Sequence Bootable Media A method must be provided for starting the computer with Windows PE and the necessary software to initiate the MDT 2008 process. Create the task sequence bootable media by using the Task Sequence Media Wizard in Configuration Manager console. Use the Task Sequence Media Wizard to create bootable media that can be stored on a USB flash drive (UFD), CD, or DVD. To create task sequence bootable media 1239.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1240.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Task Sequences. 1241.In the details pane, click Create Task Sequence Media. The Task Sequence Media Wizard starts. 1242.Complete the Task Sequence Media Wizard by using the information in Table 22. Accept the default values unless otherwise specified. Table 22. Information for Completing the Task Sequence Media Wizard On this wizard page
Do this
Select Media Type
Click Bootable media, and then click Next.
Media type
In Media file, type \\WDG-MDT01\Capture$\CM2007_TS_Boot_Media.iso, and then click Next.
Security
In Password and Confirm password, type P@ssw0rd, and then click Next.
Boot image
In Boot image, click Browse. In the Select a Boot Image dialog box, click Windows PE Custom, and then click OK. Click Next.
Summary
Click Next.
Confirmation
Click Close.
The wizard creates the CM2007_TS_Boot_Media.iso file in the \\WDG-MDT01\Capture$ shared folder. 1243.If WDG-REF-01 is a physical computer, create a CD or DVD of the International Organization for Standardization (ISO) file. If WDG-REF-01 is a VM, start the VM directly from the ISO file. For more information on creating the task sequence bootable media, see the section, “How to Create Task Sequence Bootable Media,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Step 4-5: Start the Reference Computer with the Task Sequence Bootable Media Start the reference computer (WDG-REF-01) with the task sequence bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 process. At the end of the MDT 2008 process, Windows Vista is deployed on the reference computer and an image of the reference computer is saved to \WDG-MDT-01\Capture$\WDG-REF-01.wim. Note The MDT 2008 process can also be initiated by starting the target computer from Windows Deployment Services. For more information, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts.
To start the reference computer with the task sequence bootable media 1244.Start WDG-REF-01 with the task sequence bootable media created earlier in the process. Windows PE starts, and then the Task Sequence Wizard starts 1245.Complete the Task Sequence Wizard by using the information in Table 23. Accept the default values unless otherwise specified. Table 23. Information for Completing the Task Sequence Wizard On this wizard page
Do this
Welcome to the Task Sequence Wizard
In Password, type P@ssw0rd, and then click Next.
Select a Task Sequence In the list box, select Windows Vista Reference Deployment, and then click Next. The wizard starts, and the operating system deployment starts. If any problems occur during the deployment, consult the MDT 2008 document, Troubleshooting Reference. When completed, a captured image of the reference computer should exist in \\WDGMDT-01\Capture$\WDG-REF-01.wim.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 5: Impor t and Co nf igur e a Task Sequence t o Dep lo y the Tar ge t C ompu ter After the task sequence to deploy the reference computer (WDG-REF-01) finishes, a captured image of the reference computer is stored in \\WDG-MDT-01\Capture$\WDGREF-01.wim. Now, create a task sequence that will deploy the captured image of reference computer to the target computer (WDG-CLI-01). When this step is complete, the captured image of the reference computer can be deployed to the target computer. To import and configure a task sequence to deploy the target computer 1246.Create an MDT 2008 task sequence template to deploy the captured image of the reference computer to the target computer using the Import Microsoft Deployment Task Sequence Wizard. 1247.Select the distribution points for the new packages and images created by the Import Microsoft Deployment Task Sequence Wizard. 1248.Customize the MDT 2008 configuration files for the target computer—specifically, the CustomSettings.ini file. 1249.Update the System Center Configuration Manager distribution points for the Custom Settings Files package. 1250.Customize the task sequence for the target computer.
Step 5-1: Create an MDT 2008 Task Sequence for the Target Computer After the image is captured, create a task sequence to deploy the captured image of the reference computer (WDG-REF-01) to the target computer (WDG-CLI-01). Most of the packages needed for this task sequence were created earlier in the process. However, a new MDT 2008 Custom Settings package must be created that has the proper configuration settings for the target computer and creates an operating system image of the captured image of the reference computer. To create a task sequence to deploy the captured image to the target computer 1251.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1252.In the Configuration Manager console console tree, go to Site Database/Computer Management/Task Sequences. 1253.In the details pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard starts. 1254.Complete the Import Microsoft Deployment Task Sequence Wizard by using the information in Table 24. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Table 24. Information for Completing Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do this
Choose Template
Select Client Task Sequence, and then click Next.
General
In Task sequence name, type Windows Vista Target Deployment. In Task sequence comments, type Task sequence for deploying captured reference computer image to the target computer (WDG-CLI-01), and then click Next.
Details
Click Join a domain. In Domain, type corp.woodgrovebank.com. In Account, click Set, and then complete the Windows User Account dialog box by performing the following steps: 1255.In User name, type CORP\Administrator. 1256.In Password and Confirm password, type P@ssw0rd. 1257.Click OK. In User name, type Woodgrove Bank Employee. In Organization name, type Woodgrove Bank. In Product key, type product_key (where product_key is the product key for Windows Vista). In Capture destination, type \\WDG-MDT01\Capture$\WDG-CLI-01.wim. In Capture Account, click Set, and then complete the Windows User Account dialog box by performing the following steps: 1258.In User name, type CORP\Administrator. 1259.In Password and Confirm password, type P@ssw0rd. 1260.Click OK. Click Next.
Boot Image
In Specify an existing boot image package, click Browse. In Select a Package dialog box, click Windows PE Custom, and then click OK. Click Next.
MDT Package
In Specify an existing Microsoft Deployment Toolkit Files package, click Browse. In the Select a Package dialog box, click MDT 2008 Files, and then click OK. Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 5
On this wizard page
Do this
OS Image
Click Create a new OS image.
37
In OS image file (WIM) location, type \\WDG-MDT01\Capture$\WDG-REF-01.wim. In Package source folder to be created, type \\WDGMDT-01\Package$\WDG-REF-01_Image. Click Next. OS Image: Image Details
In Name, type Windows Vista Reference Image. In Version, type 1.00. In Comments, type Windows Vista captured image of reference computer (WDG-REF-01) used to deploy to target computers, and then click Next.
Client Package
In Specify an existing ConfigMgr client package, click Browse. In the Select a Package dialog box, click Configuration Manager Client Upgrade, and then click OK. Click Next.
USMT Package
In Specify an existing USMT package, click Browse. In the Select a Package dialog box, click USMT, and then click OK. Click Next.
Settings Package
Click Create a new settings package. In Package source folder to be created, type \\WDGMDT-01\Packages$\CustomSettings_Target, and then click Next.
Settings Package: Settings Details
In Name, type MDT 2008 Target Computer Custom Settings. In Version, type 1.00. In Comments, type Configuration settings for MDT 2008 deployment process (such as CustomSettings.ini) for the target computer, and then click Next.
Sysprep Package
Click Next.
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
Step 5-2: Select Distribution Points for Packages and Images Running the Import Microsoft Deployment Task Sequence Wizard to create the task sequence for the target creates a new software distribution package and a new image. After the package and image are created, you need to select the distribution points where the package and image will be copied and available to target computers. Note In this sample, there is only one distribution point (WDG-MDT-01). However, in most production networks there are multiple distribution points. When performing this step in a production environment, select the appropriate distribution points for the network.
Select the distribution points for the software distribution package (for the new target computer custom settings package MDT 2008 Target Computer Custom Settings) and the operating system image package (for the new captured .wim of the reference computer Windows Vista Reference Image). To select the distribution points for software distribution package 1261.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Software Distribution/Packages. 1262.In the details pane, click MDT 2008 Target Computer Custom Settings. 1263.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1264.Complete the Manage Distribution Points Wizard by using the information in Table 25. Accept the default values unless otherwise specified. Table 25. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
To select the distribution points for operating system images 1265.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Operating System Images. 1266.In the details pane, click Windows Vista Reference Image. 1267.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1268.Complete the Manage Distribution Points Wizard by using the information in Table 26. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 5
39
Table 26. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1269.Close all open windows and dialog boxes.
Step 5-3: Customize the MDT 2008 Configuration Files When the MDT 2008 task sequence has been imported, customize the MDT 2008 configuration files that provide the configuration settings for deploying Windows Vista to the target computer. Specifically, customize the CustomSettings.ini file. When the CustomSettings.ini file has been customized, save the updated files to the source folder for the MDT 2008 Custom Settings package created earlier in the process (E:\Packages$\CustomSettings_Target). To customize the MDT 2008 configuration files for the target computer 1270.In Windows Explorer, go to E:\Packages$\CustomSettings_Target folder, and then double-click CustomSettings.ini. 1271.In Notepad, add any necessary properties to the CustomSettings.ini file, as shown in Listing 2, that the environment requires. Listing 2. Default CustomSettings.ini File [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y 1272.In Notepad, save the file and then exit Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
Step 5-4: Update Distribution Points for the Custom Settings Package When the source folder has been updated for the MDT 2008 Target Computer Custom Settings package in System Center Configuration Manager, update the distribution points for the MDT 2008 Target Computer Custom Settings package. Updating the distribution points copies the updated version of the CustomSettings.ini file to the deployment points specified in the package. To update the distribution points for the Custom Settings package 1273.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1274.In the Configuration Manager console console tree, go to Site Database/Computer Management/Software Distribution/Packages, and then click MDT 2008 Target Computer Custom Settings 1.00. 1275.In the details pane, click Update Distribution Points. 1276.In the Confirm Update Distribution Points dialog box, click Yes. 1277.Close all open windows and dialog boxes. System Center Configuration Manager starts updating the distribution points with the latest versions of the CustomSettings.ini file. This process could take several minutes. Check the status of the package until the State value of the package status is Installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 5
41
Step 5-5: Customize the Target Computer Task Sequence For most deployments, the Windows Vista Target Deployment task sequence created earlier in the process performs all the necessary steps without modification. In this sample, modify the task sequence to set the password for the local Administrator account to a known value. By default, the task sequence sets the password for the local Administrator account to a random value. The task sequence may require further customization depending on the environment. To customize the Windows Vista Target Deployment task sequence 1278.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1279.In the Configuration Manager console console tree, go to Site Database/Computer Management/Operating System Deployment/Task Sequences. 1280.In the details pane, click Windows Vista Target Deployment. 1281.In the details pane, click Edit. 1282.In the Windows Vista Reference Deployment Task Sequence Editor dialog box, go to PostInstall/Apply Windows Settings. 1283.On the Properties tab, click Enable the account and specify the local administrator password. 1284.On the Properties tab, in Password and Confirm Password, type P@ssw0rd, and then click Apply. 1285.Make any additional modifications to the task sequence that the environment requires, and then click OK. 1286.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 6: Depl oy the Ca ptur ed Ima ge of t he R ef er ence C ompu ter to the Tar ge t Co mpute r After the image of the reference computer is captured and the task sequence is imported and configured, deploy the captured image. Configure MDT 2008 to provide all the necessary configuration settings to deploy to the target computer. After initiating the deployment process, the image of the reference computer running Windows Vista is automatically deployed to the target computer and configured with the settings defined. To deploy the captured image 1287.Add the target computer to the Configuration Manager site database. 1288.Create a computer collection that includes the target computer. 1289.Create a System Center Configuration Manager advertisement for the task sequence earlier in the process. 1290.Start the target computers with the task sequence bootable media.
Step 6-1: Add the Target Computer to the Configuration Manager Site Database To deploy an operating system to a new computer without stand-alone media that System Center Configuration Manager does not currently manage, the new computer must be added to the Configuration Manager site database prior to initiating the operating system deployment process. Although System Center Configuration Manager can automatically discover computers on the network that have a Windows operating system installed, if the computer has no operating system installed, import the new computer information by using the Import Computer Information Wizard. To add the target computer to the Configuration Manager site database 1291.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1292.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Computer Associations. 1293.In the details pane, click Import computer Information. The Import Computer Information Wizard starts. 1294.Complete the Import Computer Information Wizard by using the information in Table 27. Accept the default values unless otherwise specified.
Template User Instructions
43
Table 27. Information for Completing Import Computer Information Wizard On this wizard page
Do this
Select Source
Click Import single computer, and then click Next.
Single Computer
In Computer Name, type WDG-CLI-01. In MAC address, type mac_address (where mac_address is the MAC address of the primary network adapter for the target computer, WDG-CLI-01). Click Next.
Data Preview
Click Next.
Choose Target Collection
Click Next.
Summary
Click Next.
Wizard Completed
Click Close.
For more information on adding a new computer to the Configuration Manager site database, see the section, “How to Add a New Computer to the Configuration Manager Database,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 6-2: Create a Collection for the Target Computer In Configuration Manager console, create a collection that includes the target computer (WDG-CLI-01). This computer collection is used later when advertising the task sequence created earlier in the process. To create a collection that includes the target computer 1295.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1296.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Collections. 1297.In the details pane, click New Collection. The New Collection Wizard starts. 1298.Complete the New Collection Wizard by using the information in Table 28. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
MSDN 2.0
Table 28. Information for Completing the New Collection Wizard On this wizard page
Do this
General
In Name, type Microsoft Deployment – Batch 01 In Comment, type Computers that are to be included in the first batch of computers deployed. Click Next.
Membership Rules
Click the Computer icon. Complete the Create Direct Membership Rule Wizard by performing the following steps: 1299.On the Welcome page, click Next. 1300.On the Search for Resources page, in Resource class, select System Resource; in Attribute name, select Name; in Value, type WDG-CLI-01; and then click Next. 1301.On the Collection Limiting page, click Next. 1302.On the Select Resources page, select WDG-CLI01, and then click Next. 1303.On the Finished page, click Finish. Click Next.
Advertisements
Click Next.
Security
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Create a Collection,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 6-3: Create an Advertisement for the Task Sequence In Configuration Manager console, create an advertisement for the task sequence created earlier in the process. Advertise the task sequence to the collection of target computers created earlier in the process. To create an advertisement for the task sequence 1304.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1305.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Task Sequences. 1306.In the details pane, click Windows Vista Target Deployment. 1307.In the details pane, click Advertise. The New Advertisement Wizard starts. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
45
1308.Complete the New Advertisement Wizard by using the information in Table 29. Accept the default values unless otherwise specified. Table 29. Information for Completing the New Advertisement Wizard On this wizard page
Do this
General
In Comment, type Advertisement to deploy Windows Vista reference image. In Collection, click Browse. In the Browse Collection dialog box, click Microsoft Deployment – Batch 01, and then click OK. Select the Make this task sequence available to boot media and PXE check box. Click Next.
Schedule
Click Next.
Distribution Points
Click Next.
Interaction
Click Next.
Security
Click Next.
Summary
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Advertise Task Sequences,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 6-4: Start the Target Computer with the Task Sequence Bootable Media Start the target computer (WDG-CLI-01) with the task sequence bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 process. At the end of the MDT 2008 process, Windows Vista is deployed on the target computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts.
To start the target computer with the task sequence bootable media 1309.Start WDG-CLI-01 with the task sequence bootable media created earlier in the process. Windows PE starts, and then the Task Sequence Wizard starts 1310.Complete the Task Sequence Wizard by using the information in Table 30. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
MSDN 2.0
Table 30. Information for Completing the Task Sequence Wizard On this wizard page
Do this
Welcome to the Task Sequence Wizard
In Password, type P@ssw0rd, and then click Next.
Select a Task Sequence In the list box, select Windows Vista Target Deployment, and then click Next. The wizard starts and the operating system deployment starts. If any problems occur during the deployment, consult the MDT 2008 document, Troubleshooting Reference. When successfully completed, the target computer is running a Windows Vista operating system configured like the reference computer.
Microsoft® Deployment Toolkit 2008 Quick Start Guide for Lite Touch Installation
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation
xlvii
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, Hyper-V, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 provides technology for deploying Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. This quick-start guide helps Information Technology (IT) personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using it to install the Windows Vista® operating system through Lite Touch Installation (LTI). This quick-start guide demonstrates how to perform the New Computer deployment scenario using a LAB deployment point. The New Computer deployment scenario covers the deployment of Windows Vista to a new computer. This scenario assumes that there is no user data or profile to preserve. Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
After using this guide to evaluate MDT 2008, review the rest of the MDT 2008 guidance to learn more about the technology’s advanced features. Note The infrastructure setup described here is for evaluation purposes and not intended for a production system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes To deploy operating systems and applications by using MDT 2008 and Microsoft Systems Management Server (SMS) 2003, the environment must meet the following software and computer configuration prerequisites.
Required Software To complete this guide, the following software is required: •
Windows Server 2003 Release 2 (R2) with Service Pack 2 (SP2)
•
Windows Vista
•
Windows Automated Installation Kit (Windows AIK) to help install, customize, and deploy Windows operating systems Note Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 release to manufacturing (RTM) deployments. However, Windows AIK version 1.1 is compatible with all currently supported operating system releases.
•
Windows Preinstallation Environment (Windows PE) version 2.0 (included in Windows AIK)
•
Networking services, including Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP)
•
Windows User State Migration Tool (USMT) version 3.0.1 (not available for server operating systems)
•
Windows Deployment Services (used only for Pre-Boot Execution Environment [PXE] boot requirements)
•
The Hyper-V™ server role, if computers are virtualized and running on a Windows Server 2008 host operating system
•
Microsoft Virtual Server 2005 R2 with SP1, if computers are virtualized and running on a Windows Server 2003 host operating system
•
Microsoft Virtual PC 2007, if computers are virtualized and running on a Windows XP or Windows Vista host operating system
•
Active Directory® Domain Services (AD DS) infrastructure, including logical and physical design of infrastructure.
Note The task sequencer used in MDT 2008 deployments requires the Create Global Object right be assigned to credentials used to access and run Deployment Workbench and the deployment process. This right is normally available to accounts with Administrator-level permissions (unless explicitly removed). Also, the Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
3
Computer Configuration To complete this guide, set up the computers listed in Table 1. These computers can be either physical computers or virtual machines (VMs) with the system resources designated. Table 1. Computers Used in This Guide Computer
Description and system resources
WDG-MDT-01
This computer runs the MDT 2008 infrastructure and Windows Vista. The system resources of the computer are as follows:
WDG-REF-01
•
Processor running at 1.4 gigahertz (GHz) or faster
•
512 megabytes (MB) or greater physical memory
•
One disk partition that has 15 gigabytes (GB) or more available disk space and that will become the drive C partition
•
One CD-ROM or DVD-ROM drive that will be assigned the drive letter D
This is the target computer and runs no current operating system. The system resources of the computer are as follows:
WDG-CLI-01
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
16 GB or more available disk space
This is the target computer and runs no current operating system. The system resources of the computer are as follows: •
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
Note This guide assumes that MDT 2008 is being evaluated on 32-bit (x86) physical or virtual computers. If evaluating MDT 2008 on 64-bit (x64) platforms, download and install the x64 editions of MDT 2008 and the components that this guide describes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 1: Pr epar e the Pr er equis ite In fr ast r uc tur e This guide assumes that Windows Vista is installed on a computer named WDG-MDT-01. If the computer being used is named differently, substitute the name of that computer for WDG-MDT-01. Note
This section assumes that a new infrastructure will be created for MDT 2008.
The step for preparing the prerequisite infrastructure before installing the MDT 2008 is: •
Obtain the software required to perform the steps in this guide.
Step 1-1: Obtain the Required Software The software required to perform deployments using MDT 2008 includes: •
MDT 2008, available at http://microsoft.com/technet/SolutionAccelerators.
•
Windows Vista distribution files from the product CD.
•
Device drivers required for the target computer, WDG-CLI-01.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 2: Pr epar e the MDT 2008 En vir onmen t The first step in the process is to prepare the MDT 2008 environment. When this step is complete, create the reference computer and deploy a captured image of the reference computer to the target computer (WDG-CLI-01) by using MDT 2008. To prepare the MDT 2008 environment 1311.Install MDT 2008. 1312.Install Windows AIK.
Step 2-1: Install MDT 2008 To install MDT 2008 1313.Double-click MicrosoftDeploymentToolkit_x86.msi, and then click Install. 1314.Click Next to skip the welcome page. 1315.On the End-User License Agreement page, review the license agreement, click I accept the terms in the License Agreement, and then click Next. 1316.On the Custom Setup page, click Next. 1317.Click Install. The installation process status is displayed and eventually finishes. 1318. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Step 2-2: Install Windows AIK To install Windows AIK when the computer has Internet connectivity 1319.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1320.In the Deployment Workbench console tree, go to Deployment Workbench/Information Center/Components. 1321.In the details pane, in the Available for Download section, click Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems). 1322.In the details pane, click Download. After downloading Windows AIK, Deployment Workbench copies the Windows AIK files to C:\Program Files\Microsoft Deployment Toolkit\WAIK. 1323.In the details pane, in the Downloaded section, click Windows Automated Installation Kit (x86) (for 32-bit operating systems) or Windows Automated Installation Kit (x64) (for 64-bit operating systems), and then click Install. The Windows Automated Installation Kit Setup Wizard starts. 1324.Complete the Windows Automated Installation Kit Setup Wizard by using the information in Table 2. Table 2. Information for Completing the Windows Automated Installation Kit Setup Wizard On this wizard page
Do this
Welcome to the Windows Automated Installation Kit Setup Wizard
Click Next.
License Terms
Click I Agree, and then click Next.
Select Installation Folder
Click Next.
Confirm Installation
Click Next.
Completed Installation
Click Close.
1325.In the details pane, in the Installed section, notice that Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems) is installed 1326.Close all open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 3: Conf igur e MD T 2008 to Cr ea te t he R ef er ence C ompu ter After the MDT 2008 environment is prepared, create the reference computer. The reference computer is used as the template for deploying new images to the target computers. Configure this computer exactly as the target computers will be configured. Windows Vista will be deployed to the reference computer (WDG-REF-01), an image of the reference computer will be captured, and then the captured image will be deployed to the target computer (WDG-CLI-01). To configure MDT 2008 to create a reference computer 1327.Create the distribution share. 1328.Add operating system files to the distribution share. 1329.Add device drivers to the distribution share. 1330.Create a task sequence for the reference computer. 1331.Create a LAB deployment point. 1332.Configure the Windows PE options for the LAB deployment point. 1333.Update the LAB deployment point.
Step 3-1: Create the Distribution Share Before deployment can begin with MDT 2008 and Systems Management Server, create the distribution share in Deployment Workbench. The distribution share is the repository for the operating system images, language packs, applications, device drivers, and other software deployed to the target computers. Later in the process, a Lab deployment point will be created that the reference and target computers will use. To create the distribution share in Deployment Workbench 1334.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1335.In the Deployment Workbench console tree, navigate to Deployment Workbench/Distribution Share. 1336.In the console tree, right-click Distribution Share, and then click Create distribution share directory. The Create Distribution Share Wizard starts. 1337.Complete the Create Distribution Share Wizard by using the information in Table 3.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Table 3. Information for Completing the Create Distribution Share Wizard On this wizard page
Do this
Specify Directory
In Path for new distribution share directory, type C:\Distribution, and then click Finish.
The Create Distribution Share Wizard finishes, and the distribution share is created.
Step 3-2: Add Operating System Files to the Distribution Share MDT 2008 acts as a repository for the operating system files that are deployed to the reference computer (WDG-REF-01) and target computer (WDG-CLI-01). In this sample, add the Windows Vista operating system files to the distribution share created earlier in the process. Add the device drivers in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. To add the Windows Vista operating system files to the distribution share 1338.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1339.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1340.In the details pane, click New. The New OS Wizard starts. 1341.Complete the New OS Wizard by using the information in Table 4. Table 4. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type C:\Source$\Vista, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows Vista operating system is added to the list of operating systems in the details pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
9
Step 3-3: Add the Device Drivers After the Windows Vista operating system has been added to Deployment Workbench, add any device drivers required for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01). These device drivers will be added to Windows PE and deployed with Windows Vista. Add the device drivers in the Out-of-box Drivers node in Deployment Workbench by using the New Driver Wizard. The New Driver Wizard copies the device driver files to the distribution share in Out-of-Box Drivers\subfolder. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To add the device drivers for the reference and target computers to the distribution share 1342.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1343.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Out-of-Box Drivers. 1344.In the details pane, click New. The New Driver Wizard starts. 1345.Complete the New Driver Wizard by using the information in Table 5. Table 5. Information for Completing the New Driver Wizard On this wizard page
Do this
Specify Directory
In Driver source directory, type C:\Source$\Drivers. Click Add Group. In the New Driver Group dialog box, type device_driver_name, and then click OK (where device_driver_name is a descriptive name for the device drivers). Select the device_driver_name check box (where device_driver_name is a descriptive name for the device driver group created). Click Finish.
The New Driver Wizard finishes. The device drivers are added to the list of operating systems in the details pane and are copied to the distribution\Out-of-box Drivers folder (where distribution is the distribution folder created earlier in the process).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Step 3-4: Create a Task Sequence for the Reference Computer Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. Table 6 lists the task sequence templates that are included in MDT 2008 and a description of the template. Table 6. Task Sequence Templates Included in MDT 2008 Template
Select this template to
Standard Client Task Sequence
Deploy to client computers for all scenarios except the Replace Computer scenario.
Standard Client Replace Task Sequence
Deploy to client computers for the Replace Computer scenario.
Custom Task Sequence
Create a custom task sequence that installs applications without an operating system installation.
Standard Server Task Sequence
Deploy to server computers for all scenarios.
Select the Standard Client Task Sequence template to deploy Windows Vista to the reference computer (WDG-REF-01). To create a task sequence for deploying the reference computer 1346.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1347.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1348.In the details pane, click New. The New Task Sequence Wizard starts. 1349.Complete the New Task Sequence Wizard by using the information in Table 7. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
11
Table 7. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_REFERENCE. In Task sequence name, type Deploy Vista to Reference Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence. Click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select Windows Vista edition (where edition is the edition of Windows Vista added to the Operating Systems node in Deployment Workbench). Click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd. Click Finish.
The New Task Sequence Wizard finishes, and the VISTA_REFERENCE task sequence is added to the list of task sequences.
Step 3-5: Create a LAB Deployment Point After the task sequence for deploying Windows Vista has been added to the reference computer, create a Lab or single-server deployment point that is used to deploy Windows Vista to the reference computer. Later in the process, the Windows Deployment Wizard will be used to deploy Windows Vista to the reference computer (WDG-REF-01), and then capture an image of the reference computer. Then, the captured image will be deployed to the target computer (WDG-CLI-01) by using the Windows Deployment Wizard in MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
To create Lab or single-server deployment point in Deployment Workbench 1350.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1351.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1352.In the details pane, click New. The New Deployment Point Wizard starts. 1353.Complete the New Deployment Point Wizard by using the information in Table 8. Table 8. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click Lab or single-server deployment, and then click Next.
Specify Deployment Point Name
Click Next.
Application List
Click Next.
Allow Image Capture
Click Next.
Allow Admin Password
Click Next.
Allow Product Key
Click Next.
Network Share
Click Next.
Configure User State
Click Finish.
The New Deployment Wizard finishes, and the LAB deployment point is added to the list of deployment points. The C:\Distribution folder (distribution share) is shared as Distribution$.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
13
Step 3-6: Configure the Windows PE Options for the LAB Deployment Point After creating the LAB deployment point, configure the Windows PE configuration options for it. Configure the Windows PE options for the deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To configure the Windows PE options for the deployment point 1354.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1355.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1356.In the details pane, click LAB. 1357.In the details pane, click Properties. The LAB Properties dialog box appears. 1358.In the LAB Properties dialog box, on the Windows PE tab, in Driver group, select device_drivers (where device_drivers is the name of the device driver group created earlier in the deployment process), and then click OK.
Step 3-7: Update the LAB Deployment Point After configuring the Windows PE options for the LAB deployment point, update the deployment point. Updating the deployment point updates all the MDT 2008 configuration files and generates a customized version of Windows PE. The customized version of Windows PE is used to start the reference computer and initiate the LTI deployment process. To update the LAB deployment point in Deployment Workbench 1359.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1360.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1361.In the details pane, click LAB. 1362.In the details pane, click Update. Deployment Workbench starts updating the LAB deployment point. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 4: Depl oy W indo ws V ist a and Ca ptur e an I ma ge o f the Refer ence Co mpute r After creating the task sequence to deploy Windows Vista to the reference computer and capturing an image of the reference computer, start the task sequence. Initiate the operating system deployment and capture by starting the reference computer with the LTI bootable media. To deploy Windows Vista and capture an image of the reference computer 1363.Create the LTI bootable media disk. 1364.Start the reference computer with the LTI bootable media disk.
Step 4-1: Create the LTI Bootable Media A method must be provided for starting the computer with the customized version of Windows PE created when the LAB deployment point was updated. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). Create the appropriate LTI bootable media from one of these images. To create the LTI bootable media 1365.In Windows Explorer, navigate to C:\Distribution\Boot. 1366.Based on the type of computer used for the reference computer (WDG-REF-01), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the International Organization for Standardization (ISO) file.
•
If the reference computer is a VM, start the VM directly from the ISO file or from a CD or DVD of the ISO file.
Step 4-2: Start the Reference Computer with the LTI Bootable Media Start the reference computer (WDG-REF-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the reference computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
15
To start the reference computer with the LTI bootable media 1367.Start WDG-REF-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 1368.Complete the Windows Deployment Wizard by using the information in Table 9. Accept the default values unless otherwise specified. Table 9. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Next.
Configure the computer In Computer name, type WDG-REF-01, and then click name Next. Join the computer to a domain or workgroup
Click Next.
Specify whether to restore user data
Click Next.
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Specify whether to capture an image
Click Next.
Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 1369.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 1370.In the Deployment Summary dialog box, click Finish. Windows Vista is now installed on the reference computer, and the captured Windows Imaging Format (WIM) file of the reference computer (VISTA_REFERENCE.wim) is stored in the deployment_point_share\Captures folder (where deployment_point_share is the shared folder used as the deployment point share).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 5: Conf igur e MD T 2008 to Dep lo y W ind ows V ista to the Tar ge t C ompu ter After the image of the reference computer (MDT-REF-01) is captured, deploy the captured image to the target computer (MDT-CLI-01). The captured image will be imported into Deployment Workbench by using the New OS Wizard. Then, an MDT 2008 task sequence will be created to deploy the captured image to the target computer. Also the LAB deployment created earlier in the process will be configured to use the new task sequence and captured image. To configure MDT 2008 to deploy Windows Vista to the target computer 1371.Add the captured image of the reference computer to Deployment Workbench. 1372.Create a task sequence for the target computer.
Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench To deploy the captured image of the reference computer to the target computer, add the captured image to the list of operating systems in the Operating Systems node in Deployment Workbench. The New OS Wizard copies the operating system files to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process). To add the captured image of the reference computer to Deployment Workbench 1373.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1374.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1375.In the details pane, click New. The New OS Wizard starts. 1376.Complete the New OS Wizard by using the information in Table 10.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 5
17
Table 10. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Custom image file, and then click Next.
Image
In Source file, type C:\Distribution\Captures\VISTA_REFERENCE.wim. Select the Move the files to the distribution share instead of copying them check box, and then click Next.
Setup
Click Next.
Destination
Click Finish.
The New OS Wizard finishes. The captured image of the reference computer (WDGREF-01) operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process). 1377.Close all open windows and dialog boxes.
Step 5-2: Create a Task Sequence for the Target Computer Create an MDT 2008 task sequences for the target computer in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. This task sequence is used to deploy the captured image of the reference computer to the target computer. To create a task sequence for deploying the captured image to the target computer 1378.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1379.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1380.In the details pane, click New. The New Task Sequence Wizard starts. 1381.Complete the New Task Sequence Wizard by using the information in Table 11. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Table 11. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_TARGET. In Task sequence name, type Deploy Captured Image to Target Computer, and then click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select VISTA_REFERENCECDrive in “VISTA_REFERENCE\VISTA_REFERENCE.wim”, and then click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd, and then click Finish.
The New Task Sequence Wizard finishes, and the VISTA_TARGET task sequence is added to the list of task sequences. 1382.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 6: Depl oy the Ca ptur ed Ima ge of t he R ef er ence C ompu ter to the Tar ge t Co mpute r After the image of the reference computer is captured and the task sequence is created and configured, deploy the captured image. Configure MDT 2008 to provide all the necessary configuration settings to deploy to the target computer. After initiating the deployment process, the image of the reference computer running Windows Vista is automatically deployed to the target computer and configured with the settings defined. To deploy the captured image of the reference computer to the target computer •
Start the target computer with the LTI bootable media disk.
Step 6-1: Start the Target Computer with the LTI Bootable Media Start the target computer (WDG-CLI-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the target computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the target computer. Note The MDT 2008 process can also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
To start the target computer with the LTI bootable media 1383.Start WDG-CLI-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 1384.Complete the Windows Deployment Wizard by using the information in Table 12. Accept the default values unless otherwise specified.
20
MSDN 2.0
Table 12. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Deploy Captured Image to Target Computer, and then click Next.
Configure the computer In Computer name, type WDG-CLI-01, and then click name Next. Join the computer to a domain or workgroup
Click Join a domain.
Specify whether to restore user data
Click Next.
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Specify the BitLocker configuration
Click Next.
Ready to begin
Click Begin.
In Domain, type CORP, and then click Next.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 1385.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 1386.In the Deployment Summary dialog box, click Finish. The image of Windows Vista captured from the reference computer is now installed on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
Microsoft® Deployment Toolkit 2008 Quick Start Guide for Microsoft Systems Management Server 2003
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, FrontPage, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 provides technology for deploying Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. This quick start guide helps Information Technology (IT) personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using it to install Windows Vista® with Microsoft Systems Management Server (SMS) 2003. This quick-start guide demonstrates how to perform the New Computer deployment scenario using a LAB and an OSD deployment point. The New Computer deployment scenario covers the deployment of Windows Vista to a new computer. This scenario assumes that there is no user data or profile to preserve. Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
After using this guide to evaluate MDT 2008, review the rest of the MDT 2008 guidance to learn more about the technology’s advanced features. Note The infrastructure setup described here is for evaluation purposes and not intended for a production system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes To deploy operating systems and applications by using MDT 2008 and Systems Management Server, the environment must meet the following software and computer configuration prerequisites. Note Only client operating systems can be deployed, such as Windows Vista or Windows XP, with MDT 2008 and Systems Management Server. Deployment of server operating systems, such as Windows Server 2008 or Windows Server 2003, is not supported using MDT 2008 and Systems Management Server.
Required Software To complete this guide, the following software is required: •
Windows Server 2003 Release 2 (R2) with Service Pack 2 (SP2)
•
Windows Vista
•
Systems Management Server with SP3
•
Windows Automated Installation Kit (Windows AIK) to help install, customize, and deploy Windows operating systems Note Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 release to manufacturing (RTM) deployments. However, Windows AIK version 1.1 is compatible with all currently supported operating system releases.
•
Windows Preinstallation Environment (Windows PE) version 2.0 (included in Windows AIK)
•
Networking services, including Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP)
•
Active Directory® Domain Services (AD DS)
Note The task sequencer used in MDT 2008 deployments requires the Create Global Object right be assigned to credentials used to access and run Deployment Workbench and the deployment process. This right is normally available to accounts with Administrator-level permissions (unless explicitly removed). Also, the Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
3
Computer Configuration To complete this guide, set up the computers listed in Table 1. These computers can be either physical computers or virtual machines (VMs) with the system resources designated. Table 1. Computers Used in This Guide Computer
Description and system resources
WDG-MDT-01
This computer runs the MDT 2008 infrastructure and Systems Management Server. The computer runs Windows Server 2003 with SP2 with the following networking services installed: •
AD DS
•
DNS Server
•
DHCP Server
The system resources of the computer are as follows:
WDG-REF-01
•
Processor running at 1.4 gigahertz (GHz) or faster
•
512 megabytes (MB) or greater physical memory
•
One disk partition that has 16 gigabytes (GB) or more available disk space and that will become the drive C partition
•
One CD-ROM or DVD-ROM drive that will be assigned the drive letter D
•
One disk partition that has 16 GB or more available disk space and that will become partition E.
This is the target computer and runs no current operating system. The system resources of the computer are as follows:
WDG-CLI-01
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
This is the target computer and runs no current operating system. The system resources of the computer are as follows: •
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
Note This guide assumes that MDT 2008 is being evaluated on 32-bit (x86) physical or virtual computers. If evaluating MDT 2008 on 64-bit (x64) platforms, download and install the x64 editions of MDT 2008 and the components that this guide describes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 1: Pr epar e the Pr er equis ite In fr ast r uc tur e For the purposes of this guide, all the prerequisite infrastructure services run on the computer named WDG-MDT-01. Install the prerequisite software, server roles, and services on this computer before installing MDT 2008. Note This section assumes that a new Systems Management Server infrastructure will be created for MDT 2008. If an existing Systems Management Server infrastructure is being used, review the steps in this section and substitute existing resource names for the resources created in this section (such as computer name and shared network folders). After reviewing this section, proceed to “Step 2: Prepare the MDT 2008 Environment.”
The steps for preparing the prerequisite infrastructure before installing the MDT 2008 are: 1387.Install Windows Server 2003 with SP2. 1388.Create the required folders and network shares. 1389.Obtain the software required to perform the steps in this guide. 1390.Install AD DS. 1391.Install the DHCP Server. 1392.Install Microsoft Internet Information Services (IIS) version 6.0. 1393.Enable the Web-based Distributed Authoring and Versioning (WebDAV) Internet Services Application Programming Interface (ISAPI) extensions in IIS 6.0. 1394.Install the additional software. 1395.Create the user and service accounts required to perform the steps in this guide. 1396.Install Microsoft SQL Server® 2005 with SP2 to be used by Systems Management Server. 1397.Install Systems Management Server. 1398.Install the SMS 2003 Operating System Deployment (OSD) Feature Pack. 1399.Install Systems Management Server SP3. 1400.Configure the network access account that Systems Management Server Advanced Clients use to access Systems Management Server distribution points. 1401.Configure the drive to be used for storing Systems Management Server package source files. 1402.Configure the default management point in Systems Management Server. 1403.Configure the Systems Management Server distribution point to be Background Intelligent Transfer Service (BITS) enabled. Note If the site has multiple site servers, add all the site servers to the Site System and Site Server Connection local security groups on all the site servers. In this sample, there is only one site server (WDG-MDT-01), so this step is not necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
5
Step 1-1: Install Windows Server 2003 with SP2 Install Windows Server 2003 with SP2 by using the information in Table 2. Accept default values unless otherwise specified. Table 2. Information for Installing Windows Server 2003 with SP2 When prompted for
Provide these values
Where do you want to install Windows?
Disk 0 Unallocated Space
Password
Any strong password.
Computer name
WDG-MDT-01
Format for volumes C and E
NTFS
TCP/IP configuration
Configure with a static IP address configuration with the other TCP/IP configuration options as appropriate for the environment.
Step 1-2: Create Required Folders and Shares The MDT 2008 deployment process requires additional folders that are used as the source for files or to store files created during the MDT 2008 deployment process. Some of these folders need to be shared so that they can be accessed from other computers. To create the required folders and shares 1404.Create the E:\Source$ folder, and share the folder as Source$ with the following permissions: •
Administrators: Full Control
•
Everyone: Read
1405.Create the following folders: •
E:\Source$\Drivers
•
E:\Source$\Vista
•
E:\Source$\MDT_2008
Step 1-3: Obtain the Required Software Besides Windows Server 2003 with SP2, Windows Vista, and Systems Management Server, software is required to evaluate MDT 2008 based on the processes in this guide. Table 3 lists the software required to perform deployments using MDT 2008, where to obtain the software, and where to place the software on WDG-MDT-01.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Table 3. Additional Software Required for Deployment Using MDT 2008 Obtain this software
Place in this folder
MDT 2008, available at http://microsoft.com/technet/SolutionAccelerators
E:\Source$\MDT_2008
Windows Vista distribution files from the product CD
E:\Source$\Vista
Windows Server 2003 SP1 Original Equipment Manufacturer (OEM) Preinstallation Kit (OPK) as a part of Software Assurance or to approved users at http://oem.microsoft.com/script/contentpage.aspx?PageID= 560519 (used to obtain Windows PE 2005)
E:\Source$\W2K3_SP1_ OPK
Windows Server 2003 SP1 distribution files from the product CD (required for Windows PE 2005).
E:\Source$\Win2K3_SP1 `
Device drivers required for the target computer WDG-CLI01
E:\Source$\Drivers
SQL Server 2005 with SP2, available at E:\Source$\SQL2005SP2 http://www.microsoft.com/downloads/details.aspx?FamilyId= d07219b2-1e23-49c8-8f0c-63fa18f26d3a&DisplayLang=en Systems Management Server
E:\Source$\SMS_2003
SMS 2003 OSD Feature Pack
E:\Source$\SMS_2003_ OSD_FP
Systems Management Server SP3
E:\Source$\SMS_2003_S P3
Microsoft XML Core Services (MSXML) version 6.0 at http://www.microsoft.com/downloads/details.aspx?FamilyID =993C0BCF-3BCF-4009-BE21-27E85E1857B1
E:\Source$\MSXML60
Step 1-4: Install AD DS AD DS is required to provide authentication and act as a repository for configuration values for the Microsoft products and technologies that MDT 2008 uses, such as SQL Server 2005 and Systems Management Server. To install AD DS, run the DCPROMO Wizard to configure the computer as a domain controller. Install AD DS by using the information provided in Table 4 and accepting any defaults unless otherwise specified. Table 4. Information for Installing AD DS When prompted for
Do the following
Domain type
Create a new domain in a new forest.
Fully qualified domain name (FQDN)
Type corp.woodgrovebank.com
Forest functional level
Windows Server 2003
Install the DNS Server service as a part of the domain controller installation process.
Click Yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
7
Step 1-5: Install DHCP Server DHCP Server is required to provide automatic IP configuration for the target computers. Install DHCP Server by using the information provided in Table 5 and accepting any defaults unless otherwise specified. Note If a virtualized environment will be used, disable any DHCP configuration provided by the computer virtualization software. Ensure that the DHCP Server service running WDG-MDT-01 is the only provider of IP configuration by using DHCP.
Table 5. Information for Installing DHCP Server When prompted for
Do the following
Authorize DHCP server in Active Directory
Authorize WDG-MDT-01 to provide client IP configuration.
DHCP scopes
Create an appropriate scope that can be used to automatically configure TCP/IP for WDGREF-01 and WDG-CLI-01.
Step 1-6: Install IIS 6.0 Install IIS version 6.0 with the application server components listed in Table 6. Unless otherwise specified, use the default values. The application server components listed in Table 6 are required for SQL Server 2005 and Systems Management Server installation. Table 6. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
Microsoft ASP.NET
Installed
Enable network COM+ access
Installed
Enable network DTC access
Not installed
IIS BITS Server Extensions
Installed
Common Files
Installed
File Transfer Protocol (FTP) Service
Not installed
Microsoft Office FrontPage® 2002 Server Extensions
Not installed
Internet Information Services Manager
Installed
Internet Printing
Not installed
Network News Transfer Protocol (NNTP) Service
Not installed
Simple Mail Transfer Protocol (SMTP) Service
Not installed
World Wide Web Service: Active Server Pages (ASP)
Installed
Internet Data Connector
Not installed
Remote Administration (HTML) Solution Accelerators
Not installed microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Application server component
Status
Remote Desktop Web Connection
Not installed
Server Side Includes
Installed
WebDAV Publishing
Installed
World Wide Web Service
Installed
Message Queuing
Not installed
1406.Close all open windows and dialog boxes.
Step 1-7: Enable the WebDAV ISAPI Extension The WebDAV Publishing component runs as an ISAPI extension in IIS. After installing the WebDAV Publishing Application Server component, allow the WebDAV ISAPI extension to run in IIS. By default, the WebDAV ISAPI extension is prohibited from running after installation. To enable the WebDAV ISAPI extension 1407.Start IIS Manager. 1408.In the IIS Manager console tree, click Web Service Extension. 1409.In the details pane, click WebDAV, and then click Allow. The status of the WebDAV should change to Allowed. 1410.Close all open windows and dialog boxes.
Step 1-8: Install Additional Software Additional software that must be installed in Windows Server 2003 with SP2 to support MDT 2008. Install the following software using the default installation options: •
MSXML version 6.0
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
9
Step 1-9: Create the User and Service Accounts Systems Management Server and SQL Server 2005 require user accounts during the installation process. Table 7 lists the information needed for creating the user and service accounts. Table 7. Information for Creating the Required Accounts Create this account
With these settings
SQL Service account
In First name, type SQL. In Last name, type Service Account. In User logon name, type SQLSvcAcct. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. Make the account a member of the Domain Admins security group. In Description, type Service account used to run SQL Server 2005 services.
Systems Management Server 2003 In First name, type SMS 2003. Client Network Access account In Last name, type Client Network Access. In User logon name, type SMSNetAccess. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. In Description, type Service account used as the network access account for Systems Management Server 2003 Client. 1411.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Step 1-10: Install SQL Server 2005 with SP2 Before installing Systems Management Server, install SQL Server 2005 with SP2. Note To enable all SQL Server 2005 features, install the Web Server (IIS) server role before installing SQL Server 2005.
To install SQL Server 2005 with SP2 1412.Install SQL Server 2005 by using the information in Table 8 and accepting defaults unless otherwise specified. Table 8. Information for Installing SQL Server 2005 When prompted for
Provide these values
Components to Install
Select SQL Server Database Services. Select Reporting Services.
Service account
In User name, type SQLSvcAcct. In Password, type P@ssw0rd. In Domain, type CORP.
1413.Install SQL Server 2005 with SP2 by accepting all defaults for installing the Service Pack Installation Wizard. Tip This service pack was downloaded earlier in the process and saved in the E:\Source$\SQL2005SP2 folder.
1414.Close all open windows and dialog boxes.
Step 1-11: Install Systems Management Server After installing the other products and technologies, install Systems Management Server. As Systems Management Server is installed, extend the Active Directory schema so that computers can locate the distribution points, service locator points, and other server roles. The configuration of WDG-MDT-01 supports Systems Management Server for this sample. The configuration of computers in the production network may vary. To find out more about the prerequisites for installing Systems Management Server, see SMS 2003 Supported Configurations for SP3 at http://download.microsoft.com/download/5/c/a/5cab7c25-9dba-4462-a8871977337e369e/SMS2003SP3SupportedConfigurations.htm.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
11
To install Systems Management Server 1415.Install Systems Management Server by using the information in Table 9. Accept the defaults unless otherwise specified. Table 9. Information for Installing Systems Management Server On this wizard page
Do this
Welcome to the Microsoft Systems Management Server Setup Wizard
Click Next.
System Configuration
Click Next.
Setup Options
Click Install an SMS primary site, and then click Next.
Installation Options
Click Custom Setup, and then click Next.
System Management Server License Agreement
Click I Agree, and then click Next.
Product Registration
In CD Key, type cd_key (where cd_key is the product key for Systems Management Server).
SMS Site Information
In Site code, type NYC. In Site name, type New York City Site. Click Next.
SMS Active Directory Schema
Select Extend the Active Directory schema, and then click Next.
SMS Security Information
Click Next.
SMS 2.0 Site Interoperability
Click Next.
SMS Primary Site Client Load
Click Next.
Installation Options
Click Next.
Asset Intelligence Installation Options
Click Next.
SQL Server Information for SMS Site Database
Click Next.
Creation of SMS Site Database
Click Next.
SMS Site Database Name
Click Next.
SQL Server Directory Path for SMS Site Database
Click Next.
Concurrent SMS Administrator Consoles
Click Next.
Completing the Systems Management Server Setup Wizard
Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
1416.Close all open windows and dialog boxes. At the end of this step, Systems Management Server is installed. To find more help in troubleshooting any installation-related problems, see Systems Management Server 2003 Troubleshooting Flowcharts at http://technet.microsoft.com/enus/library/cc180097.aspx.
Step 1-12: Install the SMS 2003 OSD Feature Pack After installing Systems Management Server, install the SMS 2003 OSD Feature Pack. MDT 2008 requires this feature pack to deploy operating systems to the reference and target computers. The configuration of WDG-MDT-01 supports the SMS 2003 OSD Feature Pack for this sample. The configuration of computers in the production network may vary. To find out more about the prerequisites for installing the feature pack, see the readme.htm and OSD_FP_Guide.doc files included in the SMS 2003 OSD Feature Pack. To install the SMS 2003 OSD Feature Pack 1417.Install the SMS 2003 OSD Feature Pack by using the information in Table 10. Accept the defaults unless otherwise specified. Table 10. Information for Installing the SMS 2003 OSD Feature Pack On this wizard page
Do this
Microsoft Systems Management Server OS Deployment Feature Pack
Click Next.
License agreement
Click I accept the license agreement, and then click Next.
Security warning
Click Next.
Installation
Click Next.
Setup Complete
Click Finish.
1418.Close all open windows and dialog boxes. At the end of this step, the SMS 2003 OSD Feature Pack is installed. To find more help in troubleshooting any installation-related problems, see the readme.htm and OSD_FP_Guide.doc files included in the feature pack.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
13
Step 1-13: Install Systems Management Server SP3 MDT 2008 requires Systems Management Server SP3. After installing Systems Management Server and the SMS 2003 OSD Feature Pack, apply Systems Management Server SP3 to the existing installation. Note If Systems Management Server and the SMS 2003 OSD Feature Pack were installed from a distribution source that has SP3 already installed, skip this step.
To install Systems Management Server SP3 1419.In Windows Explorer, go to E:\Source$\SMS_2003_SP3, and then double-click SMS2003sp3.exe. The Software Update Installation Wizard starts. 1420.Complete the Software Update Installation Wizard by using the information in Table 11. Table 11. Information for Completing the Software Update Installation Wizard On this wizard page
Do this
Welcome to the Update for SMS 2003 (KB899738) Installation Wizard
Click Next.
License Agreement
Click I Agree, and then click Next.
Asset Intelligence Options
Click Finish.
Confirm Installation
Click Next.
Completed Installation
Click Close.
1421.Close all open windows and dialog boxes.
Step 1-14: Configure the Network Access Account The Systems Management Server Advanced Client needs an account to provide credentials when accessing the Systems Management Server distribution points, MDT 2008 deployment points, and shared folders. This account is called the Network Access account. The SMSNetAccess account was created earlier in the process to use as the Network Access account. To configure the Network Access account 1422.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1423.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Connection Accounts/Client. 1424.In the console tree, right-click Client, click New, and then click Windows User Account. 1425.In the Connection Account Properties dialog box, click Set. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1426.Complete the Windows User Account dialog box by using the information in Table 12, and then click OK Table 12. Information Required to Complete the Windows User Account Dialog Box For this
Do this
User name
Type CORP\SMSNetAccess.
Password
Type P@ssw0rd.
Confirm password
Type P@ssw0rd.
1427.In the Connection Account Properties dialog box, click OK. 1428.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Component Configuration. 1429.In the details pane, right-click Software Distribution, and then click Properties. 1430.In the Software Distribution Properties dialog box, in the Advanced Client Network Access Account area, click Set. 1431.Complete the Windows User Account dialog box by using the information in Table 12 and then click OK. 1432.In the Software Distribution Properties dialog box, click OK. 1433.Close all open windows and dialog boxes.
Step 1-15: Configure the Drive for Storing Package Source Files Systems Management Server stores the source packages on a local drive. By default, Systems Management Server stores the source packages on drive C. Configure Systems Management Server to store the source packages on drive E. To configure the drive for storing Systems Management Server package source files 1434.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1435.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Component Configuration. 1436.In the details pane, right-click Software Distribution, and then click Properties. 1437.In the Software Distribution Properties dialog box, in the Location of stored packages area, in Drive on site server, type E:\. 1438.In the Software Distribution Properties dialog box, click OK. 1439.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
15
Step 1-16: Configure the Default Management Point The Systems Management Server Advanced Client contacts a Systems Management Server management point to exchange data with the site services. Because there is only one computer in this scenario, configure WDG-MDT-01 as the default management point for the site. To configure the default management point 1440.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1441.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Site Systems. 1442.In the details pane, right-click WDG-MDT-01, and then click Properties. 1443.In the WDG-MDT-01 Site System Properties dialog box, on the Management Point tab, select the Use this site system as a management point check box, and then click OK. The WDG-MDT-01 Site System dialog box prompts to make the site system the default management point. 1444.In the WDG-MDT-01 Site System dialog box, click Yes. 1445.Close all open windows and dialog boxes.
Step 1-17: Configure the Distribution Point to Be BITS Enabled Using BITS-enabled distribution points in Systems Management Server helps control bandwidth throttling between the clients and distribution points. Enabling the BITS setting does not guarantee that the client will always download content from the distribution point using BITS. However, if this setting is not enabled, the client will never download packages using BITS. To configure a distribution point to be BITS enabled 1446.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1447.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Site Systems. 1448.In the details pane, right-click WDG-MDT-01, and then click Properties. 1449.In the WDG-MDT-01 Site System Properties dialog box, on the Distribution Point tab, select Enable Background Intelligent Transfer Service (BITS), and then click OK. 1450.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 2: Pr epar e the MDT 2008 En vir onmen t The first step in the process is to prepare the MDT 2008 environment. When this step is completed, create the reference computer and deploy a captured image of the reference computer to the target computer (WDG-CLI-01) by using Systems Management Server integration with MDT 2008. To prepare the MDT 2008 environment 1451.Install MDT 2008. 1452.Install Windows AIK.
Step 2-1: Install MDT 2008 To install MDT 2008 1453.In Windows Explorer, go to E:\Source$\MDT_2008. 1454.Double-click MicrosoftDeploymentToolkit_x86.msi (for 32-bit operating systems) or MicrosoftDeploymentToolkit_x64.msi (for 64-bit operating systems), and then click Install. 1455.Click Next to skip the welcome page. 1456.On the End-User License Agreement page, review the license agreement, click I accept the terms in the License Agreement, and then click Next. 1457.On the Custom Setup page, click Next. 1458.Click Install. The installation process status is displayed and eventually finishes. 1459. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
17
Step 2-2: Install Windows AIK MDT 2008 simplifies the process for installing any components that MDT 2008 requires. Windows AIK is one required component. To install Windows AIK when there is Internet connectivity 1460.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1461.In the Deployment Workbench console tree, go to Deployment Workbench/Information Center/Components. 1462.In the details pane, in the Available for Download section, click Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems). 1463.In the details pane, click Download. After downloading Windows AIK, Deployment Workbench copies the Windows AIK files to C:\Program Files\Microsoft Deployment Toolkit\WAIK. 1464.In the details pane, in the Downloaded section, click Windows Automated Installation Kit (x86) (for 32-bit operating systems) or Windows Automated Installation Kit (x64) (for 64-bit operating systems), and then click Install. The Windows Automated Installation Kit Setup Wizard starts. 1465.Complete the Windows Automated Installation Kit Setup Wizard by using the information in Table 13. Table 13. Information for Completing the Windows Automated Installation Kit Setup Wizard On this wizard page
Do this
Welcome to the Windows Automated Installation Kit Setup Wizard
Click Next.
License Terms
Click I Agree, and then click Next.
Select Installation Folder
Click Next.
Confirm Installation
Click Next.
Completed Installation
Click Close.
1466.In the details pane, in the Installed section, notice that Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems) is installed. 1467.Close all open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 3: Conf igur e MD T 2008 and Syste ms Mana gement Ser ver t o Cr ea te t he R ef er ence C ompu ter After the MDT 2008 environment is prepared, create the reference computer. The reference computer is used as the template for deploying new images to the target computers. Configure this computer exactly as the target computers will be configured. Windows Vista is deployed to the reference computer (WDG-REF-01), then an image of the reference computer is captured that will be subsequently deployed to the target computer (WDG-CLI-01). Lite Touch Installation (LTI) in MDT 2008 is used to deploy Windows Vista to the reference computer. The SMS 2003 OSD Feature Pack in Systems Management Server cannot be used to deploy the reference computer, because the feature pack can only deploy images that it creates using the SMS 2003 OSD Feature Pack Operating System Image Capture CD. Later in the process, the Operating System Image Capture CD is used to capture an image of the reference computer. Then, the captured image is deployed to the target computer. To configure MDT 2008 and Systems Management Server to create a reference computer 1468.Create the distribution share. 1469.Add operating system files to the distribution share. 1470.Add device drivers to the distribution share. 1471.Add Windows PE 2005 to the distribution share. 1472.Add Windows Server 2003 SP1 to the distribution share. 1473.Add a Systems Management Server Advance client application to the distribution share. 1474.Create a task sequence for the reference computer. 1475.Create a LAB deployment point. 1476.Configure the Windows PE options for the LAB deployment point. 1477.Update the LAB deployment point. 1478.Create an SMS 2003 OSD deployment point. 1479.Configure the Windows PE options for the SMS 2003 OSD deployment point. 1480.Update the SMS 2003 OSD deployment point. 1481.Update the version of Windows PE in the SMS 2003 OSD Feature Pack. 1482.Create the OSD Operating System Image Capture CD. 1483.Create the OSD Operating System Image Capture CD bootable media.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
19
Step 3-1: Create the Distribution Share Before deployment with using MDT 2008 and Systems Management Server can begin, create the distribution share in Deployment Workbench. The distribution share is the repository for the operating system images, language packs, applications, device drivers, and other software deployed to the target computers. Later in the process, an SMS 2003 OSD deployment point is created that Systems Management Server will use. To create the distribution share in Deployment Workbench 1484.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1485.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share. 1486.In the console tree, right-click Distribution Share, and then click Create distribution share directory. The Create Distribution Share Wizard starts. 1487.Complete the Create Distribution Share Wizard by using the information in Table 14. Table 14. Information for Completing the Create Distribution Share Wizard On this wizard page
Do this
Specify Directory
In Path for new distribution share directory, type E:\Distribution, and then click Finish.
The Create Distribution Share Wizard finishes, and the distribution share is created.
Step 3-2: Add Operating System Files to Distribution Share MDT 2008 acts as a repository for the operating system files that are deployed to the reference computer (WDG-REF-01) and target computer (WDG-CLI-01). In this sample, add the Windows Vista operating system files to the distribution share created earlier in the process. Add the device drivers in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
To add the Windows Vista operating system files to the distribution share 1488.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1489.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1490.In the details pane, click New. The New OS Wizard starts. 1491.Complete the New OS Wizard by using the information in Table 15. Table 15. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type E:\Source$\Vista, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows Vista operating system is added to the list of operating systems in the details pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Step 3-3: Add the Device Drivers After the Windows Vista operating system has been added to Deployment Workbench, add any device drivers required for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01). These device drivers will be added to Windows PE and deployed with Windows Vista. Add the device drivers in the Out-of-box Drivers node in Deployment Workbench by using the New Driver Wizard. The New Driver Wizard copies the device driver files to the distribution share in Out-of-Box Drivers\subfolder. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To add the device drivers for the reference and target computers to the distribution share 1492.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1493.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Out-of-Box Drivers. 1494.In the details pane, click New. The New Driver Wizard starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
21
1495.Complete the New Driver Wizard by using the information in Table 16. Table 16. Information for Completing the New Driver Wizard On this wizard page
Do this
Specify Directory
In Driver source directory, type E:\Source$\Drivers. Click Add Group. In the New Driver Group dialog box, type device_driver_name, and then click OK (where device_driver_name is a descriptive name for the device drivers). Select the device_driver_name check box (where device_driver_name is a descriptive name for the device driver group created). Click Finish.
The New Driver Wizard finishes. The device drivers are added to the list of operating systems in the information pane and are copied to the distribution\Out-of-box Drivers folder (where distribution is the distribution folder created earlier in the process).
Step 3-4: Add Windows PE 2005 After the Windows Vista operating system and device drivers have been added to Deployment Workbench, add the Windows PE operating system to Deployment Workbench. Windows PE is used to start the reference (WDG-REF-01) and target (WDGCLI-01) computers. Add Windows PE in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. Windows PE 2005 was installed with the Windows Server 2003 SP1 OPK earlier in the process. Add this version of Windows PE to the Operating Systems node in Deployment Workbench. To add Windows PE to the distribution share 1496.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1497.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1498.In the details pane, click New. The New OS Wizard starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
1499.Complete the New OS Wizard by using the information in Table 17. Table 17. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type E:\Source$\W2K3_SP1_OPK, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows PE 2005 operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Step 3-5: Add Windows Server 2003 with SP1 After Windows PE 2005 has been added, add the Windows Server 2003 with SP1 operating system to Deployment Workbench. MDT 2008 requires Windows Server 2003 with SP1 to build customized version of Windows PE 2005. Windows PE 2005 is based on Windows Server 2003 SP1 source code. Add Windows PE in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. To add Windows Server 2003 with SP1 to the distribution share 1500.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1501.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1502.In the details pane, click New. The New OS Wizard starts. 1503.Complete the New OS Wizard by using the information in Table 18.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
23
Table 18. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type E:\Source$\W2K3_SP1, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows Server 2003 with SP1 operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Step 3-6: Add a Systems Management Server Advanced Client Application The Systems Management Server Advanced Client must be installed on all target computers. Add the Advanced Client files as an application in the Application node in Deployment Workbench. Add the application containing the Systems Management Server Advanced Client files in any task sequence. The Systems Management Server Advanced Client can also be deployed to the target computers after the operating system is deployed to the target computers. However, the Systems Management Server Advanced Client should be deployed as an application with the operating system image. To create an application for the Systems Management Server Advanced Client by using the Application node in Deployment Workbench 1504.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1505.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Applications. 1506.In the details pane, click New. The New Application Wizard starts. 1507.Complete the New Application Wizard by using the information in Table 19.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Table 19. Information for Completing the New Application Wizard On this wizard page
Do this
Application Type
Click Next.
Details
In Application Name, type SMS 2003 Advanced Client, and then click Next.
Source
In Source directory, type E:\SMS\Client, and then click Next.
Destination
Click Next.
Command Details
In Command line, type Ccmsetup.exe SMSSITECODE=AUTO. In Working directory, type .\Applications\SMS 2003 Advanced Client\i386. Click Finish.
The New Application Wizard finishes, and the Systems Management Server Advanced Client is added to the list of applications.
Step 3-7: Create a Task Sequence for the Reference Computer Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. Table 20 lists the task sequence templates included in MDT 2008 and a provides description of the template. Table 20. Task Sequence Templates Included in MDT 2008 Template
Select this template to
Standard Client Task Sequence
Deploy to client computers for all scenarios except the Replace Computer scenario.
Standard Client Replace Task Sequence
Deploy to client computers for the Replace Computer scenario.
Custom Task Sequence
Create a custom task sequence that installs applications without an operating system installation.
Standard Server Task Sequence
Deploy to server computers for all scenarios.
Select the Standard Client Task Sequence template to deploy Windows Vista to the reference computer (WDG-REF-01). The Import Microsoft Deployment Task Sequence Wizard substitutes the packages and images selected for the placeholders in the task sequence templates. After completing the wizard, the new imported task sequence references the appropriate packages and images. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
25
To create a task sequence for deploying the reference computer 1508.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1509.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1510.In the details pane, click New. The New Task Sequence Wizard starts. 1511.Complete the New Task Sequence Wizard by using the information in Table 21. Accept the default values unless otherwise specified. Table 21. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_REFERENCE. In Task sequence name, type Deploy Vista to Reference Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select Windows Vista edition (where edition is the edition of Windows Vista added to the Operating Systems node in Deployment Workbench). Click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd. Click Finish.
The New Task Sequence Wizard finishes, and the VISTA_REFERENCE task sequence is added to the list of task sequences.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Step 3-8: Create a LAB Deployment Point After the task sequence to deploy Windows Vista has been added to the reference computer, create a Lab or single-server deployment point that is used to deploy Windows Vista to the reference computer. Because the SMS 2003 OSD Feature Pack only deploys images captured by the Operating System Image Capture CD in the SMS 2003 OSD Feature pack, Windows Vista must be deployed to the reference computer by using LTI in MDT 2008. Later in the process, the Operating System Image Capture CD is used to capture an image of the reference computer (WDG-REF-01). Then, the captured image is deployed to the target computer (WDG-CLI-01) by using MDT 2008 and the SMS 2003 OSD Feature Pack in Systems Management Server. To create Lab or single-server deployment point in Deployment Workbench 1512.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1513.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1514.In the details pane, click New. The New Deployment Point Wizard starts. 1515.Complete the New Deployment Point Wizard by using the information in Table 22. Table 22. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click Lab or single-server deployment, and then click Next.
Specify Deployment Point Name
Click Next.
Application List
Click Next.
Allow Image Capture
Click Next.
Allow Admin Password
Click Next.
Allow Product Key
Click Next.
Network Share
Click Next.
Configure User State
Click Finish.
The New Deployment Wizard finishes, and the LAB deployment point is added to the list of deployment points. The E:\Distribution folder (distribution share) is shared as Distribution$.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
27
Step 3-9: Configure the Windows PE Options for the LAB Deployment Point After the LAB deployment point has been created, configure the Windows PE configuration options for the deployment point. Configure the Windows PE options for the deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To configure the Windows PE options for the deployment point 1516.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1517.In the Deployment Workbench console tree, navigate to Deployment Workbench/Deploy/Deployment Point. 1518.In the details pane, click LAB. 1519.In the details pane, click Properties. The LAB Properties dialog box appears. 1520.In the LAB Properties dialog box, click the Windows PE tab. In Driver group, select device_drivers (where device_drivers is the name of the device driver group created earlier in the deployment process), and then click OK.
Step 3-10: Update the LAB Deployment Point After configuring the Windows PE options for the LAB deployment point, update the deployment point. Updating the deployment point updates all the MDT 2008 Configuration files and generates a customized version of Windows PE. The customized version of Windows PE is used to start the reference computer and initiate the LTI deployment process. To update the LAB deployment point in Deployment Workbench 1521.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1522.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1523.In the details pane, click LAB. 1524.In the details pane, click Update. Deployment Workbench starts updating the LAB deployment point. When the process completes and the update is complete, Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Step 3-11: Create SMS 2003 OSD Deployment Point When the appropriate files have been added to Deployment Workbench, create the MDT 2008 deployment point to be used as the source for the SMS 2003 OSD Feature Pack, which is known as an SMS 2003 OSD–type deployment point. Create the SMS 2003 OSD–type deployment point in the Deployment Point node in Deployment Workbench by using the New Deployment Point Wizard. The New Deployment Point Wizard copies the appropriate files from the distribution share to the new SMS 2003 OSD deployment point. To create an SMS 2003 OSD deployment point in Deployment Workbench 1525.Click Start, and then point All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1526.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1527.In the details pane, click New. The New Deployment Point Wizard starts. 1528.Complete the New Deployment Point Wizard by using the information in Table 23. Table 23. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click SMS 2003 OSD, and then click Next.
Specify Deployment Point Name
Click Next.
Network Share
In Path for share, type E:\ZTI, and then click Next.
Configure User State
Click Next.
OSD File Path
In SMS 2003 OSD path, type E:\SMS\OSD. Click Finish.
The New Deployment Wizard finishes, and the SMS 2003 OSD deployment point is added to the list of deployment points. However, the E:\ZTI folder is not created until the deployment point is updated later in the deployment process.
Step 3-12: Configure the Windows PE Options for the SMS 2003 OSD Deployment Point When the SMS 2003 OSD deployment point has been created, configure the Windows PE configuration options for the SMS 2003 OSD deployment point. Configure the Windows PE options for the SMS 2003 OSD type deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
29
To configure the Windows PE options for the SMS 2003 OSD deployment point in Deployment Workbench 1529.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1530.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1531.In the details pane, click OSD. 1532.In the details pane, click Properties. The OSD Properties dialog box appears. 1533.In the OSD Properties dialog box, click the Windows PE 2004/2005 tab. 1534.Complete the Windows PE 2004/2005 tab by completing the following steps: r.
In Windows PE source, select Windows PE 2005.
s.
In Windows source, select Windows Server 2003 edition (where edition is the edition of Windows Server 2003 installed earlier in the deployment process).
t.
In Driver group, select device_drivers (where device_drivers is the name of the device driver group created earlier in the deployment process).
u. Click OK. The Windows PE configuration options for the SMS 2003 OSD deployment point are updated. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
Step 3-13: Update the SMS 2003 OSD Deployment Point When the SMS 2003 OSD deployment point has been created, configure the Windows PE configuration options for the SMS 2003 OSD deployment point. Configure the Windows PE options for the SMS 2003 OSD type deployment point in the Deployment Point node in Deployment Workbench. To configure the Windows PE options for the SMS 2003 OSD deployment point in Deployment Workbench 1535.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1536.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1537.In the details pane, click OSD. 1538.In the details pane, click Update. Deployment Workbench starts updating the SMS 2003 OSD deployment point. At the end of the update process, the E:\ZTI$ folder is created and shared as the OSD distribution point for MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
Deployment Workbench creates the Generic_OSD_x86.iso file in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). In addition, a “flat” folder structure is created in the deployment_point_share\Boot\Source folder for directly updating the SMS 2003 OSD Feature Pack. The deployment_point_share\Boot\Source folder is used later in the deployment process to update the version of Windows PE that the SMS 2003 OSD Feature Pack in Systems Management Server uses.
Step 3-14: Update the Version of Windows PE in the SMS 2003 OSD Feature Pack The SMS 2003 OSD Feature Pack comes with an earlier version of Windows PE. The version of Windows PE that the SMS 2003 OSD Feature Pack uses must be updated to the version that MDT 2008 generated earlier in the deployment process. Later in the process, an SMS 2003 OSD Operating System Installation CD will be created that that will be used to install the reference and target computers. To update the version of Windows PE in the SMS 2003 OSD Feature Pack 1539.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1540.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1541.In the console tree, right-click Image Packages, click All Tasks, and then click Update Windows PE. The Update Windows PE Wizard starts. 1542.Complete the Update Windows PE Wizard using the information listed in Table 24. Table 24. Information for Completing the Update Windows PE Wizard On this wizard page
Do this
Welcome to the Update Windows PE Wizard
Click Next.
Windows PE settings
In the Source folder box, type E:\ZTI\Boot\Source, and then click Next.
Window PE Update Complete
Click Finish.
Note The source folder location cannot be a network Universal Naming Convention (UNC) path. It must be a locally accessible folder, because the SMS 2003 OSD Feature Pack will skip empty folders when accessed over a network path. This causes Windows Management Instrumentation (WMI) not to function correctly in the resulting Windows PE image.
1543.Close SMS Administrator Console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
31
Step 3-15: Create the OSD Operating System Image Capture CD SMS 2003 OSD Feature Pack–captured images can only be deployed by using the SMS 2003 OSD Feature Pack. An SMS 2003 OSD Feature Pack–compatible image of a reference computer is created by starting the reference computer with the OSD Operating System Image Capture CD. The OSD Operating System Image Capture CD is created by running the Operating System Image Capture CD Wizard in the Image Packages node in SMS Administrator Console. To create the OSD Operating System Image Capture CD 1544.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1545.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1546.In the console tree, right-click Image Packages, point to All Tasks, and then click Create Operating System Image Capture CD. The Operating System Image Capture CD Wizard starts. 1547.Complete the Operating System Image Capture CD Wizard using the information listed in Table 25. Table 25. Information for Completing the Operating System Image Capture CD Wizard On this wizard page
Do this
Welcome to the Operating System Image Capture CD Wizard
Click Next.
Windows PE settings
Click Next.
Create CD image
In File name, type E:\Images$\OSD_Image_Capture.iso.
CD Creation Complete
Click Finish.
1548.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
Step 3-16: Create the OSD Operating System Image Capture CD Bootable Media Provide a method for starting the reference computer with the OSD Operating System Image Capture CD created when the Operating System Image Capture CD Wizard was run in SMS Administrator Console. The OSD_Image_Capture.iso file was saved in the E:\Images$ folder. To create the OSD Operating System Image Capture CD bootable media 1549.In Windows Explorer, go E:\Images$. 1550.Based on the type of computer used for the reference computer (WDG-REF-01), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the OSD_Image_Capture.iso file.
•
If the reference computer is a VM, start the Operating System Image Capture CD Wizard directly from the OSD_Image_Capture.iso file or from a CD or DVD of the OSD_Image_Capture.iso file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 4: Depl oy W indo ws V ist a and Ca ptur e an I ma ge o f the Refer ence Co mpute r When the task sequence to deploy Windows Vista to the reference computer has been created and an image of the reference computer captured, start the task sequence. Initiate the operating system deployment and capture by starting the reference computer with the LTI bootable media. To deploy Windows Vista and capture an image of the reference computer 1551.Create the LTI bootable media disk. 1552.Start the reference computer with the LTI bootable media. 1553.Run the SMS 2003 Image Capture Wizard on the reference computer.
Step 4-1: Create the LTI Bootable Media A method must be provided for starting the computer with the customized version of Windows PE created when the LAB deployment point was updated. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). Create the appropriate LTI bootable media from one of these images. To create the LIT bootable media 1554.In Windows Explorer, go to E:\Distribution\Boot. 1555.Based on the type of computer used for the reference computer (WDG-REF-01), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the .iso file.
•
If the reference computer is a VM, start the VM directly from the .iso file or from a CD or DVD of the .iso file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Step 4-2: Start the Reference Computer with the LTI Bootable Media Start the reference computer (WDG-REF-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the reference computer. Note The MDT 2008 process can also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for Lite Touch Tools.
To start the reference computer with the LTI bootable media 1556.Start WDG-REF-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 1557.Complete the Windows Deployment Wizard by using the information in Table 26. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 4
35
Table 26. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Next.
Configure the computer In Computer name, type WDG-REF-01, and then click name Next. Join the computer to a domain or workgroup
Click Next.
Specify whether to restore user data
Click Next.
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Select one or more applications to install
Select the SMS 2003 Advanced Client SP3 check box, and then click Next.
Administrator Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd, and then click Next.
Specify whether to capture an image
Click Prepare to capture the machine, and then click Next.
Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box is displayed. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 1558.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings, and record any diagnostic information. 1559.In the Deployment Summary dialog box, click Finish. Windows Vista is now installed on the reference computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Step 4-3: Run the SMS 2003 Image Capture Wizard After Windows Vista is deployed to the reference computer, capture an image of the reference computer by using the SMS 2003 Image Capture Wizard. The SMS 2003 Image Capture Wizard is on the OSD Operating System Image Capture CD created earlier in the deployment process. Run the SMS 2003 Image Capture Wizard in Windows Vista immediately after Windows Vista is deployed. Note The SMS 2003 Image Capture Wizard requires that the Systems Management Server Advance Client be installed on the reference computer.
To run the SMS 2003 Image Capture Wizard 1560.Insert the SMS 2003 OSD Operating System Image Capture CD in the reference computer. 1561.In Windows Explorer, go to the root of the CD, and then double-click osdicw.exe. SMS 2003 Image Capture Wizard starts. 1562.Complete the SMS 2003 Image Capture Wizard by using the information in Table 27. Accept the default values unless otherwise specified. Table 27. Information for Completing the SMS 2003 Image Capture Wizard On this wizard page
Do this
Welcome to the SMS 2003 Image Capture Wizard
Click Next.
Image Destination
In Image file name, type WDG-REF-01.wim. In Network location, type \\WDG-MDT-01\Capture$. In Account name, type CORP\Administrator In Password, type P@ssw0rd. Click Next.
Sysprep information
In Local Administrator’s Password and Confirm Password, type P@ssw0rd. Click Next.
Image Properties
Click Next.
Capture Image
Click Finish.
The reference computer shuts down after the SMS 2003 Image Capture Wizard finishes. Note When restarting the reference computer, do so from the SMS 2003 OSD Operating System Image Capture CD.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 4
37
1563.Start reference computer with the OSD Operating System Image Capture CD bootable media. The customized version of Windows PE on the SMS 2003 OSD Operating System Image Capture CD bootable media starts, and the SMS 2003 Image Capture Wizard starts automatically. In a virtualized environment, this process can take more than an hour to finish. When the SMS 2003 Image Capture Wizard finishes, the SMS 2003 Image Capture dialog box appears. 1564.In the SMS 2003 Image Capture dialog box, click OK. The reference computer restarts in Windows Vista. 1565.Shutdown the reference computer. A captured image of the reference computer should exist in \\WDG-MDT01\Capture$\WDG-REF-01.wim.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 5: Conf igur e MD T 2008 and Syste ms Mana gement Ser ver t o Dep lo y W ind ows V ista to the Tar ge t C ompu ter After the image of the reference computer (MDT-REF-01) is captured, deploy the captured image to the target computer (MDT-CLI-01). The captured image is imported into Deployment Workbench by using the New OS Wizard. Then, create an MDT 2008 task sequence to deploy the captured image to the target computer. Also, configure the SMS 2003 OSD deployment point (OSD) created earlier in the process to use the new task sequence and captured image. To configure MDT 2008 and Systems Management Server to deploy Windows Vista to the target computer 1566.Add the captured image of the reference computer to Deployment Workbench. 1567.Create a task sequence for the target computer. 1568.Configure the task sequence for the SMS 2003 OSD deployment point. 1569.Customize the MDT 2008 configuration files. 1570.Customize the target computer task sequence. 1571.Update the SMS 2003 OSD deployment point. 1572.Create the Systems Management Server operating system package. 1573.Create the target computer operating system program. 1574.Customize the target computer operating system program. 1575.Select the disruption points for the operating system package.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
39
Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench To deploy the captured image of the reference computer to the target computer, add the captured image to the list of operating systems in the Operating Systems node in Deployment Workbench. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. To add the captured image of the reference computer to Deployment Workbench 1576.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1577.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1578.In the details pane, click New. The New OS Wizard starts. 1579.Complete the New OS Wizard by using the information in Table 28. Table 28. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Custom image file, and then click Next.
Image
In Source file, type E:\Capture$\WDG-REF01.wim. Click Next.
Setup
Click Next.
Destination
Click Finish.
The New OS Wizard finishes. The captured image of the reference computer (WDGREF-01) operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process). 1580.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
Step 5-2: Create a Task Sequence for the Target Computer Create an MDT 2008 task sequences for the target computer in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. This task sequence is used to deploy the captured image of the reference computer to the target computer. To create a task sequence for deploying the captured image to the target computer 1581.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1582.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1583.In the details pane, click New. The New Task Sequence Wizard starts. 1584.Complete the New Task Sequence Wizard by using the information in Table 29. Accept the default values unless otherwise specified. Table 29. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_TARGET. In Task sequence name, type Deploy Captured Image to Target Computer, and then click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select SMS OSDImage in “WDG-REF-01\WDG-REF01.wim, and then click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd, and then click Finish.
The New Task Sequence Wizard finishes, and the VISTA_TARGET task sequence is added to the list of task sequences. 1585.Close all open windows and dialog boxes. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
41
Step 5-3: Configure the Task Sequence for the SMS 2003 OSD Deployment Point When the task sequence to deploy the captured image of the reference computer to the target computer has been created, configure the task sequences for the SMS 2003 OSD deployment point to use. Configure which task sequences are available in the Deployment Point node in Deployment Workbench. To configure the task sequences for the SMS 2003 OSD deployment point to use 1586.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1587.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1588.In the details pane, click OSD. 1589.In the details pane, click Properties. The OSD Properties dialog box appears. 1590.In the OSD Properties dialog box, click the Task Sequences tab. 1591.In the Select the task sequences that should be supported by this deployment point list, clear the Deploy Vista to Reference Computer check box, and then click OK. 1592.Close all open windows and dialog boxes.
Step 5-4: Customize the MDT 2008 Configuration Files When the MDT 2008 task sequence has been created, customize the MDT 2008 configuration files that provide the configuration settings for deploying Windows Vista to the target computer. Specifically, customize the CustomSettings.ini file by modifying the file in the properties of the SMS 2003 OSD deployment point created earlier in the deployment process. In a later step, the SMS 2003 OSD deployment point will be updated to ensure that the configuration file is updated in the deployment point. To customize the MDT 2008 configuration files for the target computer 1593.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1594.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1595.In the details pane, click OSD. 1596.In the details pane, click Properties. The OSD Properties dialog box appears. 1597.In the OSD Properties dialog box, click the Rules tab. 1598.On the Rules tab, modify the CustomSettings.ini file to reflect the necessary changes as shown in Listing 1. Make any additional modifications the environment requires.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit 2008
Listing 1. Customized CustomSettings.ini File [Settings] Priority=Default [Default] OSInstall=Y [SMS] SQLServer=WDG-MDT-01 Database=SMS_NYC Table=v_Program Parameters=PackageID,ProgramName SQLShare=SMSClient 1599.On the Rules tab, click Edit Bootstrap.ini. Microsoft Notepad starts and loads Bootstrap.ini. 1600.In Notepad, modify the BootStrap.ini file to reflect the necessary changes as shown in Listing 2. Make any additional modifications the environment requires. Listing 2. Customized BootStrap.ini File [Settings] Priority=Default [Default] OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=NYC00001 OSDINSTALLPROGRAM=Windows Vista Target Program Note NYC00001 is the Package ID of the Windows Vista Target Image operating system image package created earlier in the process by using the test environment configured for this sample. If these steps are performed in the existing test environment, ensure that the OSDINSTALLPACKAGE value is set to the Package ID in the environment.
1601.In Notepad, on the File menu, click Exit. 1602.In the Notepad dialog box, click Yes. 1603.In the OSD Properties dialog box, click OK. 1604.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
43
Step 5-5: Customize the Target Computer Task Sequence For most deployments, the target computer task sequence created earlier in the process performs all the necessary steps without modification. However, the task sequence may have to be customized depending on the environment. Note No modifications are required for the task sequence to deploy the target computer in this sample. However, this is the point in the process where any changes to the task sequence for the target computers in the environment would be made.
To customize the target computer task sequence 1605.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1606.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1607.In the details pane, click VISTA_TARGET. 1608.In the details pane, click Properties. The VISTA_TARGET Properties dialog box appears. 1609.In the VISTA_TARGET Properties dialog box, click the Task Sequence tab. 1610.Make any modifications to the task sequence the environment requires, and then click OK. 1611.Close all open windows and dialog boxes.
Step 5-6: Update the SMS 2003 OSD Deployment Point When the task sequences available to the SMS 2003 OSD deployment point have been configured, update the deployment point to update the configuration files by using the Update action in the Deployment Point node in Deployment Workbench. To update the SMS 2003 OSD deployment point 1612.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1613.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1614.In the details pane, click OSD. 1615.In the details pane, click Update. 1616.Close all open windows and dialog boxes. Deployment Workbench begins updating the SMS 2003 OSD deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit 2008
Step 5-7: Create the Systems Management Server Operating System Package Now that MDT 2008 has been fully configured to deploy the captured image, add the captured image to Systems Management Server. Add the captured image to Systems Management Server by using the New Operating System Package Wizard in the Image Packages node in SMS Administrator Console. To create the Systems Management Server operating system package 1617.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1618.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1619.In the console tree, right-click Image Packages, point to New, and then click Operating System Image Package. The New Operating System Package Wizard starts. 1620.Complete the New Operating System Package Wizard using the information listed in Table 30. Table 30. Information for Completing the New Operating System Package Wizard On this wizard page
Do this
Welcome to the New Operating System Package Wizard
Click Next.
Operating System Package settings
In Package name, type Windows Vista Target Image. In Image file, type \\WDG-MDT-01\Capture$\WDG-REF01.wim. In Package source, type \\WDG-MDT01\Packages$\Vista_Target. Click Next.
New Operating System Click Finish. Package Wizard Complete This process can take a few minutes to finish, and then the New Operating System Package Wizard dialog box appears. 1621.In the New Operating System Package Wizard dialog box, click OK. The New Operating System Package Wizard finishes, and the Windows Vista Target Image operating system package is added to the list of image packages. 1622.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
45
Step 5-7: Create the Target Computer Operating System Program To deploy the Windows Vista Target Image operating system package, create the program for deploying the operating system package. The image package program describes which commands to run to initiate the image deployment for each of the OSD phases. Create the operating system program by using the New Operating System Program Wizard in the Program node of the image package in SMS Administrator Console. To create the target computer operating system program 1623.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1624.In the SMS Administrator Console console tree, go to Site Database/Image Packages/Windows Vista Target Image/Programs. 1625.In the console tree, right-click Programs, point to New, and then click Operating System Program. The New Operating System Program Wizard starts. 1626.Complete the New Operating System Program Wizard using the information listed in Table 31. Table 31. Information for Completing the New Operating System Program Wizard On this wizard page
Do this
Welcome to the New Operating System Program Wizard
Click Next.
New Operating System In Name, type Windows Vista Target Program, and then Program options click Next. Licensing settings
Click Product key not required, and then click Next.
Membership settings
Click Domain. In Domain, type CORP. In Account, click Set. In the Set Account dialog box, perform the following steps: v.
In Account, type CORP\Administrator.
w. In Password and Confirm Password, type P@ssw0rd. x.
Click OK.
Click Next. New Operating System Click Finish. Program Wizard Complete This process can take a few minutes to finish. The New Operating System Program Wizard dialog box appears. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
1627.In the New Operating System Program Wizard dialog box, click OK. The New Operating System Program Wizard finishes, and the Windows Vista Target Program operating system program is added to the list of programs. 1628.Close all open windows and dialog boxes.
Step 5-8: Customize the Target Computer Operating System Program Before the operating system image package can be deployed to the target computer, the operating system program must be customized. The operating system program needs to know which commands to run for each SMS 2003 OSD Feature Pack phase, including the Validation, State Capture, Preinstall, Postinstall, and State Restore SMS 2003 OSD phases. As part of this configuration process, specify the folder containing the MDT 2008 files, and Systems Management Server will automatically make the MDT 2008 files available to the target computer during the deployment process. To customize the target computer operating system program 1629.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1630.In the SMS Administrator Console console tree, go to Site Database/Image Packages/Windows Vista Target Image/Programs. 1631.In the details pane, right-click Windows Vista Target Program, and then click Properties. 1632.In the Windows Vista Target Program Properties dialog box, click the Advanced tab. 1633.In Phase, select Validation, and then click Add. The Add Action: Validation dialog box appears. 1634.In the Add Action: Validation dialog box, click OK. The Custom Action dialog box appears. 1635.In the Custom Action dialog box, perform the following tasks: y.
In Name, type Microsoft Deployment – Validation.
z.
In Command line, type ZeroTouchInstallation.vbs
aa. Click Add. bb. In the Open dialog box, navigate to \\WDG-MDT-01\ZTI$\VISTA_TARGET. cc. In the Open dialog box, in Files of type, select All files (*.*). dd. In the Open dialog box, select all files in the VISTA_TARGET folder. Note
To select all files, press Ctrl + A in the Open dialog box.
ee. In the Open dialog box, then click OK. 1636.In the Custom Action dialog box, click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
47
1637.Repeat steps 5–8, substituting the values for Phase and Name as listed in Table 32. Table 32. Information for Configuring the Operating System Program Advanced Properties Phase
Name
State Capture
Microsoft Deployment – State Capture
Preinstall
Microsoft Deployment – Preinstall
Postinstall
Microsoft Deployment – Postinstall
State Restore
Microsoft Deployment – State Restore
1638.In the Windows Vista Target Program Properties dialog box, click OK. This process can take a few minutes to finish while the wizard copies the file listed in each phase. Eventually, the Windows Vista Target Program Properties dialog box appears. 1639.In the Windows Vista Target Program Properties dialog box, click OK. 1640.Close all open windows and dialog boxes.
Step 5-9: Select Distribution Points for the Operating System Package As a final step in making the operating system package available to the target computer, select the Systems Management Server distribution points on which the package will be available. Later in the deployment process, the Operating System Image Installation CD bootable media will be created, and the target computer will be started with the bootable media. When the bootable media starts, the operating system package and operating system program created will be selected and deployed. Note In this sample, there is only one distribution point (WDG-MDT-01). However, most production networks have multiple distribution points. When performing this step in a production environment, select the appropriate distribution points for the network.
To select the distribution points for the operating system package 1641.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1642.In the SMS Administrator Console console tree, go to Site Database/Image Packages/Windows Vista Target Image. 1643.In the console tree, right click Windows Vista Target Image, point to All Tasks, and then click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1644.Complete the Manage Distribution Points Wizard by using the information in Table 33. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
Table 33. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome to the Manage Distribution Points Wizard
Click Next.
Manage Distribution Points
Click Next.
Copy Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completing the Manage Distribution Points Wizard
Click Finish.
Wizard Completed
Click Close.
1645.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 6: Depl oy the Ca ptur ed Ima ge of t he R ef er ence C ompu ter to the Tar ge t Co mpute r After the image of the reference computer is captured and the task sequence is created and configured, deploy the captured image. Configure MDT 2008 and Systems Management Server to provide all the necessary configuration settings to deploy to the target computer. After initiating the deployment process, the image of the reference computer running Windows Vista is automatically deployed to the target computer and configured with the settings defined. To deploy the captured image of the reference computer to the target computer 1646.Create the Operating System Image Installation CD. 1647.Create the Operating System Image Installation CD bootable media. 1648.Start the target computer with the Operating System Image Installation CD bootable media.
Step 6-1: Create the Operating System Image Installation CD To deploy an operating system to a new computer that Systems Management Server does not currently manage, the new computer must be added to the Systems Management Server site database prior to initiating the operating system deployment process. Although Systems Management Server can automatically discover computers on the network that have a Windows operating system installed, if the computer has no operating system installed, the new computer information must be imported by using the Import Computer Information Wizard. To create the Operating System Image Installation CD 1649.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1650.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1651.In the console tree, right click Image Packages, point to All Tasks, and then click Create Operating System Image Installation CD. The Operating System Image Installation CD Wizard starts. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
l Release Notes
1652.Complete the Operating System Image Installation CD Wizard by using the information in Table 34. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Release Notes
li
Table 34. Information for Completing the Operating System Image Installation CD Wizard On this wizard page
Do this
Welcome to the Operating System Image Installation Wizard
Click Next.
Installation settings
Select the Automatically choose the Operating System Package to install by running a custom program or script check box, and then click Next.
Install from SMS distribution points
In Operating System packages, select Windows Vista Target Image, and then click Next.
Automatically select Operating System Package
In File name, type \\WDG-MDT01\ZTI$\ZeroTouchInstallation.vbs. In User name, type CORP\Administrator. In Password and Confirm password, type P@ssw0rd. Click Next.
Windows PE settings
Click Next.
Create CD image
In Name, type MDT_2008_Install_CD. In File name, type \\WDG-MDT01\Images$\OSD_Image_Install.iso. Click Next.
CD Creation Complete
Click Finish.
When completed, the Operating System Installation CD Wizard creates the OSD_Image_Install.iso file in the E:\Images$ folder. This process can take a few minutes to finish. 1653.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
lii Release Notes
Step 6-2: Create the Operating System Image Installation CD Bootable Media A method must be created for starting the target computer with the OSD Operating System Image Installation CD created when the Operating System Image Installation CD Wizard was run in SMS Administrator Console. The OSD_Image_Install.iso file was saved in the E:\Images$ folder. To create the OSD Operating System Image Installation CD bootable media 1654.In Windows Explorer, go to E:\Images$. 1655.Based on the type of computer used for the target computer (WDG-CLI-01), perform one of the following tasks: •
If the target computer is a physical computer, create a CD or DVD of the OSD_Image_Install.iso file.
•
If the target computer is a VM, start the SMS 2003 Image Capture Wizard directly from the OSD_Image_Install.iso file or from a CD or DVD of the OSD_Image_Install.iso file.
Step 6-3: Start the Target Computer with the Operating System Image Installation CD Bootable Media Start the target computer (WDG-CLI-01) with the operating system image installation CD bootable media created earlier in the process. This bootable media starts Windows PE on the target computer and initiates the MDT 2008 process. At the end of the MDT 2008 process, Windows Vista is deployed on the target computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services.
To start the target computer with the operating system image capture CD bootable media 1656.Start WDG-CLI-01 with the operating system image bootable media created earlier in the process. Windows PE starts, and then the MDT 2008 deployment process starts. If problems occur during the deployment, consult the MDT 2008 document, Troubleshooting Reference. When successfully finished, the target computer is running Windows Vista and configured like the reference computer. 1657.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Release Notes
liii
Release Notes Microsoft® Deployment Toolkit 2008 Update 1 Published: July 2008
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
liv Release Notes
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, BitLocker, Internet Explorer, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Introduction Welcome to Microsoft® Deployment Toolkit (MDT) 2008 Update 1. MDT 2008 Update 1 is the next version of MDT 2008, which updated Business Desktop Deployment (BDD) 2007. This release supports the deployment of the Windows Vista® (including Windows Vista with Service Pack 1 [SP1]), Windows® XP, Windows Server® 2008, and Windows Server 2003 operating systems. See the Getting Started Guide for information about installing MDT 2008 Update 1, updating BDD 2007, and becoming familiar with MDT 2008 Update 1 tools and guidance. Also see the Quick Start Guide for Lite Touch Installation, Quick Start Guide for Microsoft Systems Management Server 2003, or Quick Start Guide for Microsoft System Center Configuration Manager 2007 for an overview of the MDT 2008 Update 1 process, the goal of which is to deploy the Windows Vista operating system to a test computer. The following sections describe new features, known issues, and limitations of MDT 2008 Update 1.
Contents Using This Guide Application Installation Overview How MDT 2008 Installs Applications Application Deployment with MDT 2008 Lite Touch Deployment The System Center Configuration Manager Task Sequencer The Applications List Custom Tasks The MDT 2008 Database Zero Touch Deployment Systems Management Server/System Center Configuration Manager Packages and Programs Reference Applications by Program ID Deploy Applications Based on Existing Application Inventories Systems Management Server Add or Remove Programs Database System Center Configuration Manager Add or Remove Programs Database Maintain the Approved Applications List Preparing Applications for Silent Deployment Windows Installer Options Setup.exe Command Options Legacy Installers 2007 Office System/Microsoft Office 2003 Deployment Thick Image Installations
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
56
Microsoft Deployment Toolkit 2008
Thin Image Installations Repackaging Non-compliant Applications Application-Packaging Fundamentals Application Repackaging Tools Macrovision AdminStudio Wise Package Studio SMS Installer Deploying Challenging Applications Deploy Applications Using Scripting Deploy Applications Using AutoIT Introduction Selecting Deployment Methods Selecting Deployment Scenarios Choosing an Image Strategy Thick Image Thin Image Hybrid Image Creating the Image Add Operating Systems Sysprep Windows PE Add Device Drivers Add Updates Windows Vista and Windows Server 2008 Windows XP and Windows Server 2003 Add Language Packs Add Language Packs Offline Using System Center Configuration Manager Add Language Pack Online Using System Center Configuration Manager Windows XP and Windows Server 2003 Windows Vista and Windows Server 2008 Add Applications Configure Task Sequences Edit the Answer File Edit the Task Sequence Configure Deployment Points Customize Windows PE Capture an Image Deploying Applications
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
57
Repackaging Applications Deployment Infrastructure Security Protect Deployment Staging Areas Protect Production Deployment Servers Analyzing Deployment Targets Perform a Situation Analysis Gather Inventories Identify the Storage Requirements for Deployment Images Reduce Storage Requirements for Deployment Images Provide Sufficient Storage for User State Migration Data Provide Sufficient Storage for Computer Backup Provide Sufficient Storage for Application and Operating System Source Files Verify an Adequate Target Computer Configuration Verify Correct Target Computer Software Versions Verify Adequate Target Computer Resources Identify Differences in 64-bit and 32-bit Deployment Provide Adequate Network Capacity Determine the Required Infrastructure Introduction Reviewing the Deployment Processing Rules Identify the Deployment Components Task Sequences Scripts Configuration Files Configuration Database Environment Variables Log Files Customizing Task Sequences Deployment Workbench Task Sequences OS Packages Select the Packages Group for a Task Sequence Languages Patches Drivers Applications Custom Images
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
58
Microsoft Deployment Toolkit 2008
Systems Management Server Packages Languages Advertisements Drivers Custom Images SMS Installer System Center Configuration Manager Packages Advertisements Languages Drivers Custom Images Script Customizations Identify the CustomSettings.ini Syntax Sections in the CustomSettings.ini File Required Sections Optional Sections Properties in the CustomSettings.ini File Priority Reserved Property Properties Reserved Property Values in the CustomSettings.ini File Basic CustomSettings.ini File for LTI Basic CustomSettings.ini File for ZTI Identify the BootStrap.ini Syntax Configuration Property Customizations Select the Configuration Properties Select the Validate Phase Properties Select the State Capture Phase Properties Select the Preinstall Phase Properties Select the Install Phase Properties Select the Post Install Phase Properties Select the State Restore Properties Applying the Properties to Groups of Computers Select the Method for Grouping Computers Example: Computer Groupings Selected by Woodgrove Bank Apply the Properties to the Groups
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
59
Example: Group-Based Configuration Settings Selected by Woodgrove Bank Applying the Properties to Individual Computers Select the Methods for Identifying Computers Example: Computer Identification Method Selected by Woodgrove Example: Computer-Based Configuration Settings Selected by Woodgrove Configuring the Database Configuration Rules Configure the Rules in the CustomSettings.ini File Configure the Rules in the DWDB Configure the Property Values in the DWDB Create a New Roles Item Create a New Computers Item Create a New Locations Item Create a New Make and Model Item Configure CustomSettings.ini for Database Queries Modify the List of Incompatible BIOS Versions Modify the Task Sequence Disk Customizations Format and Partition Disks Convert Disks to Dynamic Enable Windows BitLocker Drive Encryption Enabling Windows BitLocker Drive Encryption Methods Disable Windows BitLocker Drive Encryption Network Customizations Capture Network Settings Capture Windows Settings Apply Network Settings Apply Windows Settings Configuring Conditional Task Sequence Steps Configure a Conditional Task Sequence Step IF Statements in Conditions Task Sequence Variables in Conditions Operating System Version in Conditions WMI Queries in Conditions Registry Settings in Conditions Installed Software in Conditions Folder Properties in Conditions
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
60
Microsoft Deployment Toolkit 2008
File Properties in Conditions Configuring Server Roles Configure AD DS Server Role Settings Requirements Automate Deployment MDT 2008 Components Deploy the AD DS Server Role Configure DNS Server Role Settings Requirements Automate Deployment MDT 2008 Components Deploy the DNS Server Role Configure DHCP Server Role Settings Requirements Automate Deployment MDT 2008 Components Deploy the DHCP Server Role Authorize the DHCP Server Role in Active Directory Introduction Terminology Prerequisites for MDT 2008 Deployment Server Prerequisites LTI Deployment Prerequisites ZTI Deployment for System Center Configuration Manager Prerequisites ZTI Deployment for Systems Management Server Prerequisites Target Computer Prerequisites Evaluating Security and Privacy for the Deployment Solution Upgrade and Migration Paths MDT 2008 Operating Systems Scenarios Preparing the Prerequisite Infrastructure Preparing the Prerequisite Infrastructure for System Center Configuration Manager Preparing the Prerequisite Infrastructure for Systems Management Server Installing MDT 2008 New Installation Upgrade from or Coexist with BDD 2007 or a Previous MDT Version
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
61
Coexist with BDD 2007 Upgrade from BDD 2007 Upgrade from a Previous Version of MDT Using LTI Deployment Upgrade from a Previous Version of MDT Using ZTI Deployment with Systems Management Server Upgrade from a Previous Version of MDT Using ZTI with System Center Configuration Manager Starting Deployment Workbench Program Folders Distribution Share Updating Required Components Team Guidance Technical Guides Reference Guides Other Documents Appendix A: Software Download Locations Appendix B: Preparing Windows 2000 Client Computers Appendix C: References Introduction Custom Images Thick or Thin Images Modifying Task Sequences Deployment Workbench Operating System Packages Languages Updates Out-of-Box Drivers Applications System Center Configuration Manager Use System Center Configuration Manager Packages with MDT 2008 Operating System Packages, Drivers, and Language Packs Add Applications to a Task Sequence Script Use in MDT 2008 Develop Custom Scripts Environment Class Logging Class Utility Class Database Class Create New Scripts
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
62
Microsoft Deployment Toolkit 2008
WMI Queries Customizing Actions Deployment Workbench Customizations Disk Customization Network Customization System Center Configuration Manager Customizations Disk Customization Network Customization Microsoft Deployment Toolkit Management Pack Document Version Get the Latest Management Pack and Management Pack Documentation What’s New Microsoft Deployment Toolkit Management Pack: Getting Started Before Importing the Management Pack Files to Download Other Requirements Optional Management Packs Support for Agentless Monitoring Create the Service Account Prepare the Event Collection Servers Create the Events Shared Folder Configure the Events Shared Folder Permissions Configure the CustomSettings.ini File Configure the OSDNewMachine Property Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases Grant the Service Access to the System Center Operations Manager SDK Service Import the Microsoft Deployment Toolkit Management Pack Install the Microsoft Deployment Management Pack Service Uninstall the Microsoft Deployment Management Pack Service Microsoft Deployment Toolkit Management Pack: Optional Configuration Configure the Management Server That the Service Uses Manage the List of Event Collection Server Folders Modify the Duration for Detecting Hung Computers Modify the Duration for Removing Monitored Computers After Deployment Is Complete Modify the Duration for Collecting New Monitoring Information
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
63
Change the Management Pack Service Log File Location and Name Change the Identity That the Microsoft Deployment Management Pack Service Uses Manage the List of System Center Configuration Manager or Systems Management Server Databases Configure Retention of the .tmp Files After Processing Configure Filtering of Events Recorded in the Operations Manager Database Understanding the Microsoft Deployment Toolkit 2003 Management Pack Objects That the Microsoft Deployment Toolkit Management Pack Discovers How Health Rolls Up Viewing Information in the System Center Operations Manager Operations Console Reports Technical Reference MDTComputer Class Attributes Rules Events MDT 2008–Related Events System Center Configuration Manager–Related Events Systems Management Server–Related Events Introduction Automating Deployment to a Specific Computer Configure a Database for Deployment Workbench Select the Method for Identifying Computers Create the Computer Settings Create Other Items Configure CustomSettings.ini Automating Deployment by Location Identify the Locations Create the Location and Location Settings Configure CustomSettings.ini Automating Deployment by Computer Make and Model Identify Make and Model Combinations Create Make and Model Combinations and Settings Configure CustomSettings.ini Automating Deployment by Role Identify the Roles
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
64
Microsoft Deployment Toolkit 2008
Create the Roles and Role Settings Associate the Roles Configure CustomSettings.ini Running Microsoft Deployment Toolkit 2008 Without WINS Configure DHCP with Appropriate DNS Scope Entries Configure Lmhosts Files for the Windows PE CD Images Create the Appropriate Folder Structure Create the Appropriate Lmhosts File Configure Active Directory Schema Extensions Customizing Deployment Based on Chassis Type Deploying Applications Based on Earlier Application Versions Deploying Operating Systems Using the Download and Execute Feature Configuration Process Define Collections Configure Advanced Client Computers Configure Operating System Programs and Advertisements Scripts Used in This Process Source Code for ZTICacheUtil.vbs Source Code for ZTICache.vbs Deploying Operating Systems Using System Center Configuration Manager Deploy Operating System Images to a Computer Deploy an Operating System Image to a New Computer Using Boot Media Deploy an Operating System Image to an Offline Computer Create Stand-Alone Media Create a Computer Association for a Side-by-Side Migration Initiate Operating System Image Deployments Using PXE Fully Automated LTI Deployment Scenario Fully Automated LTI Deployment for Refresh Computer Scenario Fully Automated LTI Deployment for Upgrade Computer Scenario Fully Automated LTI Deployment for New Computer Scenario Calling Web Services in MDT 2008 Connecting to Network Resources Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages Deploying the Correct Device Drivers to Computers with Same Hardware Devices but Different Make and Model Creating an Image of Windows Server 2003 R2
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
65
Creating a Windows Server 2003 R2 Image by Modifying the R2comp.inf File Creating a Windows Server 2003 R2 Image by Running R2 Component Installation at Startup Deploying Additional Mass Storage Drivers for Windows XP and Windows Server 2003 Unattended Installation of Mass Storage Device Drivers Additional Considerations Manually Enable the Installation of Mass Storage Device Drivers Automate the Installation of Mass Storage Device Drivers Additional Considerations Replacing an Existing Computer with a New Computer Using System Center Configuration Manager Create Computer Association Create a Task Sequence to Save User State Information from Existing Computer Modify CustomSettings.ini Properties for the Existing Computer Task Sequence Create a Task Sequence Advertisement for the Existing Computer Create a Task Sequence to Deploy the Operating System to the New Computer Modify CustomSettings.ini Properties for the New Computer Task Sequence Create a Task Sequence Advertisement for the New Computer Deploying an Operating System to a New Computer Not in the System Center Configuration Manager Database Configure the Web Service Setup Create the Pre-Execution Hook Configuring Conditional Task Sequence Steps Configure a Conditional Task Sequence Step IF Statements in Conditions Task Sequence Variables in Conditions Operating System Version in Conditions File Properties in Conditions Folder Properties in Conditions Registry Settings in Conditions WMI Queries in Conditions Installed Software in Conditions Complex Conditions Creating a Highly Scalable LTI Deployment Infrastructure Ensure That the Appropriate Infrastructure Exists
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
66
Microsoft Deployment Toolkit 2008
Add Content to MDT 2008 Prepare Windows Deployment Services Configure Distributed File System Replication (DFS-R) Prepare for SQL Server Replication Configure SQL Server Replication Configure a SQL Server Publisher Enable the Deployment Workbench Database for Replication Create a Publication of the Deployment Workbench Database Subscribe Child Deployment Servers to the Published Deployment Workbench Database Configure CustomSettings.ini Selecting a Local Microsoft Deployment Toolkit Server When Multiple Servers Exist Understand LocationServer.xml Understand How Microsoft Deployment Toolkit Uses LocationServer.xml Understand When to Use LocationServer.xml Create the LocationServer.xml File Create a LocationServer.xml File to Support Multiple Locations Create a LocationServer.xml File to Load-Balance Multiple Servers at Different Locations Add the LocationServer.xml File to the Extra Files Directory Update the BootStrap.ini File Update the Deployment Point Replacing an Existing Computer with a New Computer Using Lite Touch Installation Step 1: Create a Task Sequence to Capture the User State Step 2: Create a Task Sequence to Deploy Operating System and Restore the User State Step 3: Create a LAB Deployment Point Step 4: Customize the MDT 2008 Configuration Files Step 5: Configure the Windows PE Options for the LAB Deployment Point Step 6: Update the LAB Deployment Point Step 7: Create the LTI Bootable Media Step 8: Start the Existing Computer with the LTI Bootable Media Step 9: Start the New Computer with the LTI Bootable Media Integrating Custom Deployment Code into Microsoft Deployment Toolkit 2008 Choose the Appropriate Scripting Language Understand How to Leverage ZTIUtility Use the ZTIUtility Logging Class
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
67
Use the ZTIUtility Environment Class Use the ZTIUtility Utility Class Integrate Custom Deployment Code Deploy Custom Code As a Microsoft Deployment Toolkit Application Add the Custom Code As a Task Sequence Step Run Custom Code As a User Exit Script Installing Device Drivers Using Various Installation Methods Determine Which Method to Use to Install a Device Driver Install Device Drivers Using the Out-of-Box Drivers Method Install Device Drivers As an Application Add the Device Driver Application to Deployment Workbench Specify the Device Driver Application As Part of a Task Sequence Specify the Device Driver Application in CustomSettings.ini Specify the Device Driver Application in the Deployment Workbench Database Initiating Microsoft Deployment Toolkit Using Windows Deployment Services Option 1: Boot Computers in PXE to Initiate the LTI Process Create and Import the Deployment Workbench Windows PE Image into Windows Deployment Services Use Windows Deployment Services to Automatically Detect the Deployment Server Option 2: Deploy an Operating System Image from the Windows Deployment Services Store Option 3: Use Multicasting with Microsoft Deployment Toolkit and Windows Server 2008 Windows Deployment Services Role Option 4: Configure Windows Deployment Services PXE Filter Provider to Allow Configuration Manager to Respond to Unknown Computers Install the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider Enable Logging on the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider Performing Staged Deployments Using Microsoft Deployment Toolkit (OEM Preload) Overview of the OEM Preload Process in Microsoft Deployment Toolkit Overview of Microsoft Deployment Toolkit Configuration Files in the OEM Preload Process Overview of Microsoft Deployment Toolkit Log Files in the OEM Preload Process Staged Deployments Using Lite Touch Installation LTI OEM Preload Process - Phase 1: Create a Media-Based Image LTI OEM Preload Process - Phase 2: Apply the Image to the Target Computer
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
68
Microsoft Deployment Toolkit 2008
LTI OEM Preload Process - Phase 3: Complete Target Computer Deployment Staged Deployments Using System Center Configuration Manager and Microsoft Deployment Toolkit System Center Configuration Manager OEM Preload Process - Phase 1: Create a Media-Based Image System Center Configuration Manager OEM Preload Process - Phase 2: Apply the Image to the Target Computer System Center Configuration Manager OEM Preload Process - Phase 3: Complete Target Computer Deployment Quick-Start Guide and Checklist Planning Phase Developing Phase Stabilizing Phase Deploying Phase Introduction Prerequisites Overview of 2007 Office System Deployment Plan for Deployment Choose the Right Package Define the 2007 Office System Settings Office Deployment Tools Identify the Upgrade Issues Identify SMEs Identify Chained Applications Install 2007 Office System Updates Additional Considerations Customize the 2007 Office System Create a Distribution Point Create a Setup Customization File Manually Test the Configuration Change the Setup Customization File to Perform a Silent Installation Integrate 2007 Office Release Programs into MDT 2008 Test 2007 Office System Deployment Pilot 2007 Office System Deployment Candidates for Pilot Deployment Deploy the 2007 Office System to Production Use Group Policy Transition to IT Operations Introduction
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
69
Configuring the Appropriate Processing Rules Preparing the Deployment Environment Install System Center Configuration Manager Install MDT 2008 Enable Configuration Manager Console Integration Configuring the Appropriate Resource Access Configure the Network Access Account Create Additional Shared Folders Configure Shared Folder Permissions Configure Access to Other Resources Configuring System Center Configuration Manager to Respond to PXE Boot Requests Define Computers to System Center Configuration Manager Boot Media PXE Boot Identifying the Packages and Images Required by the Task Sequence Templates Advertising the Task Sequence Updating Packages, Images, and Task Sequences Next Steps Introduction Preparing the Deployment Environment Install the SMS 2003 OSD Feature Pack Install MDT 2008 Create the SMS 2003 OSD Deployment Point Configuring Appropriate Resource Access Configure Client Access Accounts Create Additional Shared Folders Configure Shared Folder Permissions Configure Access to Other Resources Configure the Package Selection Phase Credentials Configuring the ZTI Operating System Image Capture an Image with the SMS 2003 OSD Feature Pack Configure the OSD Phase Actions Configure the Validation Phase Actions Configure the State Capture Phase Actions Configure the Preinstall Phase Actions Configure the Postinstall Phase Actions Configure the State Restore Phase Actions
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
70
Microsoft Deployment Toolkit 2008
Creating an Old Computer Systems Management Server Package and Program Creating a Customized Windows PE Image for the SMS 2003 OSD Feature Pack Customize Windows PE Customize Windows PE Using Deployment Workbench Customize Windows PE Manually Provide Access to the Contents of the Windows PE ISO File Import the Customized Version of Windows PE into the SMS 2003 OSD Feature Pack Create the SMS 2003 OSD Feature Pack Operating System Installation CD Preparing the Windows Deployment Services Server Select the Windows Deployment Services Operational Mode Configure the Windows Deployment Services Server Disable Creation of the Windows PE Computer Account in the AD DS Domain Disable Unexpected Write Access to the Windows Deployment Services Server Automate the Windows Deployment Services Client Installation Wizard Add Network Adapter Support to the Windows Deployment Services Legacy Image Restart Windows Deployment Services on the Windows Deployment Services Servers Running the Deployment Wizard Appendix: Extending Systems Management Server by Editing SMS_def.mof Introduction Prerequisites Required Software Computer Configuration Step 1: Prepare the Prerequisite Infrastructure Step 1-1: Install Windows Server 2003 with SP2 Step 1-2: Create Required Folders and Shares Step 1-3: Obtain the Required Software Step 1-4: Install AD DS Step 1-5: Install DHCP Server Step 1-6: Install IIS 6.0 Step 1-7: Enable the WebDAV ISAPI Extension Step 1-8: Install Additional Software Step 1-9: Create the User and Service Accounts
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
71
Step 1-10: Install USMT Step 1-11: Install SQL Server 2005 with SP2 Step 1-12: Add Site Server to the Administrators Security Group Step 1-13: Install System Center Configuration Manager Step 1-14: Configure the Network Access Account Step 1-15: Configure the Configuration Manager Site Boundaries Step 1-16: Configure Publishing of Site Information Step 1-17: Configure the Drive for Storing Package Source Files Step 1-18: Configure the Distribution Point to Be BITS Enabled Step 2: Prepare the MDT 2008 Environment Step 2-1: Install MDT 2008 Step 2-2: Enable Configuration Manager Console Integration Step 3: Import and Configure a Task Sequence to Create a Reference Computer Step 3-1: Create an MDT 2008 Task Sequence for the Reference Computer Step 3-2: Select Distribution Points for Packages and Images Step 3-3: Add Necessary Device Drivers Step 3-4: Customize MDT 2008 Configuration Files Step 3-5: Update Distribution Points for the Custom Settings Package Step 3-6: Customize the Reference Computer Task Sequence Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer Step 4-1: Add the Reference Computer to the Configuration Manager Site Database Step 4-2: Create a Collection for the Reference Computer Step 4-3: Create an Advertisement for the Reference Computer Task Sequence Step 4-4: Create Task Sequence Bootable Media Step 4-5: Start the Reference Computer with the Task Sequence Bootable Media Step 5: Import and Configure a Task Sequence to Deploy the Target Computer Step 5-1: Create an MDT 2008 Task Sequence for the Target Computer Step 5-2: Select Distribution Points for Packages and Images Step 5-3: Customize the MDT 2008 Configuration Files Step 5-4: Update Distribution Points for the Custom Settings Package Step 5-5: Customize the Target Computer Task Sequence Step 6: Deploy the Captured Image of the Reference Computer to the Target Computer
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
72
Microsoft Deployment Toolkit 2008
Step 6-1: Add the Target Computer to the Configuration Manager Site Database Step 6-2: Create a Collection for the Target Computer Step 6-3: Create an Advertisement for the Task Sequence Step 6-4: Start the Target Computer with the Task Sequence Bootable Media Introduction Prerequisites Required Software Computer Configuration Step 1: Prepare the Prerequisite Infrastructure Step 1-1: Obtain the Required Software Step 2: Prepare the MDT 2008 Environment Step 2-1: Install MDT 2008 Step 2-2: Install Windows AIK Step 3: Configure MDT 2008 to Create the Reference Computer Step 3-1: Create the Distribution Share Step 3-2: Add Operating System Files to the Distribution Share Step 3-3: Add the Device Drivers Step 3-4: Create a Task Sequence for the Reference Computer Step 3-5: Create a LAB Deployment Point Step 3-6: Configure the Windows PE Options for the LAB Deployment Point Step 3-7: Update the LAB Deployment Point Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer Step 4-1: Create the LTI Bootable Media Step 4-2: Start the Reference Computer with the LTI Bootable Media Step 5: Configure MDT 2008 to Deploy Windows Vista to the Target Computer Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench Step 5-2: Create a Task Sequence for the Target Computer Step 6: Deploy the Captured Image of the Reference Computer to the Target Computer Step 6-1: Start the Target Computer with the LTI Bootable Media Introduction Prerequisites Required Software Computer Configuration Step 1: Prepare the Prerequisite Infrastructure
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
73
Step 1-1: Install Windows Server 2003 with SP2 Step 1-2: Create Required Folders and Shares Step 1-3: Obtain the Required Software Step 1-4: Install AD DS Step 1-5: Install DHCP Server Step 1-6: Install IIS 6.0 Step 1-7: Enable the WebDAV ISAPI Extension Step 1-8: Install Additional Software Step 1-9: Create the User and Service Accounts Step 1-10: Install SQL Server 2005 with SP2 Step 1-11: Install Systems Management Server Step 1-12: Install the SMS 2003 OSD Feature Pack Step 1-13: Install Systems Management Server SP3 Step 1-14: Configure the Network Access Account Step 1-15: Configure the Drive for Storing Package Source Files Step 1-16: Configure the Default Management Point Step 1-17: Configure the Distribution Point to Be BITS Enabled Step 2: Prepare the MDT 2008 Environment Step 2-1: Install MDT 2008 Step 2-2: Install Windows AIK Step 3: Configure MDT 2008 and Systems Management Server to Create the Reference Computer Step 3-1: Create the Distribution Share Step 3-2: Add Operating System Files to Distribution Share Step 3-3: Add the Device Drivers Step 3-4: Add Windows PE 2005 Step 3-5: Add Windows Server 2003 with SP1 Step 3-6: Add a Systems Management Server Advanced Client Application Step 3-7: Create a Task Sequence for the Reference Computer Step 3-8: Create a LAB Deployment Point Step 3-9: Configure the Windows PE Options for the LAB Deployment Point Step 3-10: Update the LAB Deployment Point Step 3-11: Create SMS 2003 OSD Deployment Point Step 3-12: Configure the Windows PE Options for the SMS 2003 OSD Deployment Point Step 3-13: Update the SMS 2003 OSD Deployment Point Step 3-14: Update the Version of Windows PE in the SMS 2003 OSD Feature Pack
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
74
Microsoft Deployment Toolkit 2008
Step 3-15: Create the OSD Operating System Image Capture CD Step 3-16: Create the OSD Operating System Image Capture CD Bootable Media Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer Step 4-1: Create the LTI Bootable Media Step 4-2: Start the Reference Computer with the LTI Bootable Media Step 4-3: Run the SMS 2003 Image Capture Wizard Step 5: Configure MDT 2008 and Systems Management Server to Deploy Windows Vista to the Target Computer Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench Step 5-2: Create a Task Sequence for the Target Computer Step 5-3: Configure the Task Sequence for the SMS 2003 OSD Deployment Point Step 5-4: Customize the MDT 2008 Configuration Files Step 5-5: Customize the Target Computer Task Sequence Step 5-6: Update the SMS 2003 OSD Deployment Point Step 5-7: Create the Systems Management Server Operating System Package Step 5-7: Create the Target Computer Operating System Program Step 5-8: Customize the Target Computer Operating System Program Step 5-9: Select Distribution Points for the Operating System Package Step 6: Deploy the Captured Image of the Reference Computer to the Target Computer Step 6-1: Create the Operating System Image Installation CD Step 6-2: Create the Operating System Image Installation CD Bootable Media Step 6-3: Start the Target Computer with the Operating System Image Installation CD Bootable Media Introduction New Features General Installation Deployment Workbench Deployment Points Image Capture Deployment Process Account Access Device Drivers Disks and Partitioning
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
75
Windows BitLocker Drive Encryption User State Migration Internet Explorer Language Support Network Configuration Lite Touch Installation Zero Touch Installation Replace Computer Scenario Upgrade Computer Scenario Open Issues and Ways to Work Around Them in MDT 2008 Update 1 Installing System Center Configuration Manager Configuration Manager Console Start Configuration Manager Console Preparing System Center Configuration Manager for Deployment Import MDT 2008 Task Sequences Create New Task Sequences Using the Import Wizard Create a New Driver Package Import Drivers to System Center Configuration Manager Add Language Packs Add Updates Create an Operating System Image Capture Image Install an Existing Image Package Using the Import Microsoft Deployment Task Sequence Wizard and the Client Task Sequence Create a Client Replace Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard Create a Server Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard Targeting Drivers to a Specific Computer Introduction Task Sequence Steps Common Properties and Options for Task Sequence Step Types Common Properties Common Options Specific Properties and Settings for Task Sequence Step Types Apply Network Settings Authorize DHCP Capture Network Settings Configure ADDS Configure DHCP
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
76
Microsoft Deployment Toolkit 2008
Configure DNS Enable BitLocker Format and Partition Disk Gather Install Application Install Operating System Install Roles and Features Install Language Packs Offline Install Language Packs Online Install Updates Offline Restart Computer Run Command Line Run Command Line As Set Task Sequence Variable Validate Out-of-Box Task Sequence Steps Add Mass Storage Drivers to Sysprep.inf for XP and 2003 Apply Network Settings Apply Patches Apply Windows PE Backup Capture Groups Capture User State Check BIOS Configure Copy Media CD to Local Hard Disk for OEM Pre-installation Copy Scripts Copy Sysprep Files Create BitLocker Partition Enable BitLocker Enable OEM Disk Configuration End Phase Execute Sysprep Format and Partition Disk Gather Local Only Generate Application Migration File Inject Drivers Inject Storage Drivers for XP and 2003
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
77
Install Applications Install Operating System Install Packages Next Phase Post Apply Cleanup Prepare Computer for OEM Capture Restart Computer Restore Computer from OEM Capture Restore Groups Restore User State Set Diskpart BIOS Compatibility Mode Tatoo Validate Windows Update (Pre-Application Installation) Wipe Disk Properties Property Definition _SMSTSOrgName Administrators AdminPassword Applications Architecture AreaCode AssetTag BackupDir BackupDrive BackupShare BDEDriveLetter BDEDriveSize BDEInstall BDEInstallSuppress BDEKeyLocation BDEPin BDERecoveryKey BDEWaitForEncryption BitsPerPel BuildID CapableArchitecture
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
78
Microsoft Deployment Toolkit 2008
CaptureGroups ComputerBackupLocation ComputerName CountryCode Database DBID DBPwd DefaultGateway DeployDrive DeploymentMethod DeploymentType DeployRoot Dialing DoCapture DomainAdmin DomainAdminDomain DomainAdminPassword DomainOUs DriverGroup DriverPaths EventShare FullName Groups HALName Home_Page HostName InputLocale Instance IPAddress IsDesktop IsLaptop IsServer IsServerCoreOS IsServerOS JoinDomain JoinWorkgroup KeyboardLocale LanguagePacks
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
79
LoadStateArgs Location LongDistanceAccess MACAddress MachineObjectOU Make MandatoryApplications Memory Model NetLib Order OrgName OSDBitLockerCreateRecoveryPassword OSDBitLockerMode OSDBitLockerRecoveryPassword OSDBitLockerStartupKey OSDBitLockerStartupKeyDrive OSDBitLockerTargetDrive OSDBitLockerWaitForEncryption OSDComputerName OSCurrentBuild OSCurrentVersion OSDInstallPackage OSDInstallProgram OSDInstallSilent OSDMP OSDNewMachineName OSDSiteCode OSFeatures OSInstall OSRoles OSRoleService OSVersion OverrideProductKey PackageGroup Packages Parameters ParameterCondition
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
80
Microsoft Deployment Toolkit 2008
Phase Port PowerUsers Priority ProcessorSpeed Product ProductKey Properties ResourceDrive ResourceRoot Role ScanStateArgs SerialNumber SkipAdminPassword SkipApplications SkipAppsOnUpgrade SkipBDDWelcome SkipBitLocker SkipBuild SkipCapture SkipComputerBackup SkipComputerName SkipDeploymentType SkipDomainMembership SkipFinalSummary SkipLocaleSelection SkipPackageDisplay SkipProductKey SkipSummary SkipTaskSequence SkipTimeZone SkipUserData SkipWizard SLShare SQLServer SQLShare StorageDriverGroup StorageDriverSysprepGroup
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
81
StoredProcedure Table TaskSequenceID TimeZone TimeZoneName TPMOwnerPassword UDDir UDProfiles UDShare UILanguage UserDataLocation UserDomain UserID UserLocale UserPassword USMTConfigFile USMTMigFiles UUID VRefresh WDSServer WipeDisk WUMU_ExcludeKB WUMU_ExcludeID WSUSServer XResolution YResolution Providing Properties for Skipped Windows Deployment Wizard Pages Scripts BDD_Autorun.wsf Arguments Properties BDD_Welcome_ENU.xml Arguments Properties Credentials_ENU.xml Arguments Properties Credentials_scripts.vbs
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
82
Microsoft Deployment Toolkit 2008
Arguments Properties DeployWiz_Definition_ENU.xml Arguments Properties DeployWiz_Initialization.vbs Arguments Properties DeployWiz_Validation.vbs Arguments Properties LiteTouch.vbs Arguments Properties LiteTouch.wsf Arguments Properties LTIApply.wsf Arguments Properties LTICleanup.wsf Arguments Properties LTICopyScripts.wsf Arguments Properties LTIGetFolder.wsf Arguments Properties LTIOEM.wsf Arguments Properties LTISysprep.wsf Arguments Properties NICSettings_Definition_ENU.xml Arguments Properties
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
83
Summary_Definition_ENU.xml Arguments Properties Summary_scripts.vbs Arguments Properties Wizard.hta Arguments Properties WizUtility.vbs Arguments Properties ZeroTouchInstallation.vbs Arguments Properties ZeroTouchInstallation.wsf Arguments Properties ZTIApplications.wsf Arguments Properties ZTIAppXmlGen.wsf Arguments Properties ZTIAuthorizeDHCP.wsf Arguments Properties ZTIBackup.wsf Arguments Properties ZTIBCDUtility.vbs Arguments Properties ZTIBde.wsf Arguments Properties ZTIBIOSCheck.wsf Arguments
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
84
Microsoft Deployment Toolkit 2008
Properties ZTICoalesce.wsf Arguments Properties ZTIConfigure.wsf Arguments Properties ZTIConfigureADDS.wsf Arguments Properties ZTIConfigureDHCP.wsf Arguments Properties ZTIConfigureDNS.wsf Arguments Properties ZTIConnect.wsf Arguments Properties ZTICopyLogs.wsf Arguments Properties ZTIDeterminePartition.wsf Arguments Properties ZTIDiskpart.wsf Arguments Properties ZTIDiskUtility.vbs Arguments Properties ZTIDrivers.wsf Arguments Properties ZTIGather.wsf Arguments Properties ZTIGroups.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
85
Arguments Properties ZTILangPacksOnline.wsf Arguments Properties ZTIMoveStateStore.wsf Arguments Properties ZTINextPhase.wsf Arguments Properties ZTINICConfig.wsf Arguments Properties ZTINICUtility.vbs Arguments Properties ZTIOEM.wsf Arguments Properties ZTIOSRole.wsf Arguments Properties ZTIPackages.wsf Arguments Properties ZTIPatches.wsf Arguments Properties ZTIPrereq.vbs Arguments Properties ZTISCCM.wsf Arguments Properties ZTISetVariable.wsf Arguments Properties
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
86
Microsoft Deployment Toolkit 2008
ZTIStorageDrivers.wsf Arguments Properties ZTIStorageDriversSysprep.wsf Arguments Properties ZTITatoo.wsf Arguments Properties ZTIUserState.wsf Arguments Properties ZTIUtility.vbs Arguments Properties ZTIValidate.wsf Arguments Properties ZTIWindowsUpdate.wsf Arguments Properties ZTIWipeDisk.wsf Arguments Properties Support Files Applications.xml BootStrap.ini CustomSettings.ini Databases.xml Deploy.xml Drivers.xml DriverGroups.xml ListOfLanguages.xml OperatingSystems.xml Packages.xml ServerManager.xml TaskSequences.xml TS.xml
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
87
Variables.dat Wimscript.ini ZTIBIOSCheck.xml ZTIConfigure.xml ZTIDiskpart.txt ZTIGather.xml ZTISupportedPlatforms.xml ZTITatoo.mof Utilities BCDEdit.exe Arguments BDDRun.exe Arguments BdeHdCfg.exe Arguments Bootsect.exe Arguments Compact.exe Arguments Diskpart.exe Arguments Expand.exe Arguments ImageX.exe Arguments Microsoft.BDD.PnpEnum.exe Arguments Mofcomp.exe Arguments Netsh.exe Arguments Reg.exe Arguments Regsvr32.exe Arguments Wdsmcast.exe Arguments Wpeutil.exe
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
88
Microsoft Deployment Toolkit 2008
Arguments Tables and Views in the Deployment Workbench Database Tables in the Deployment Workbench Database Views in the Deployment Workbench Database Introduction Preparing the Deployment Environment Ensure the Required Infrastructure Exists Install MDT 2008 Create Deployment Points Select the Appropriate Deployment Point Types Create Additional Deployment Points Update Deployment Point Content Configuring the Appropriate Processing Rules Preparing the Windows Deployment Services Server Select the Windows Deployment Services Operational Mode Add Boot Images to the Windows Deployment Services Server Pre-stage Target Computers for Windows Deployment Services Configuring MDT 2008 and Windows Deployment Services for Multicast Operation Enabling Multicast Deployments on a Lab or Single-Server Deployment (Lab) Deployment Point Enabling Multicast Deployments on a Separate deployment share (Network) Deployment Point Configuring the Appropriate Resource Access Create Additional Shared Folders Configure Shared Folder Permissions Configure Access to Other Resources Updating the Deployment Points Running the Windows Deployment Wizard Introduction Known Issues and Work-Arounds Deployment Workbench Adding Custom Vista WIMs Removing Operating Systems Windows Deployment Services Understanding Logs MDT 2008 Logs Operating System Logs Windows Vista
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
89
Windows XP System Center Configuration Manager Operating System Deployment Logs SMS 2003 OSD Feature Pack Logs User State Migration Tool Logs Identifying Error Codes Converting Error Codes Review of Sample Logs Failure to Access the Database Troubleshooting Application Installation Blocked Executables Lost Network Connections The 2007 Microsoft Office System BIOS Database Problems Named Pipe Connections Deployment Scripts Credentials_script ZTIWindowsUpdate Deployment Wizard Wizard Pages Are Not Skipped Disks and Partitioning BitLocker Drive Encryption Disk Partitioning Errors Driver Installation Troubleshooting Device Installation with SetupAPI.log Logon Security Banners New Computer Deployments Failure to Copy .Log Files to Shared Folders PXE Boot Printers Restarting the Deployment Process Sysprep Joining a Domain The Computer Account Is In the Wrong OU Execution Limit System Center Configuration Manager
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
90
Microsoft Deployment Toolkit 2008
Systems Management Server Task Sequences Apply Network Settings Upgrading from BDD 2007—Missing Task Sequence Steps Using Continue on Error User State Migration Tool Missing Desktop Shortcuts USMT-Related Errors During Deployment—Error 1618 Windows Imaging Format (WIM) Files Corrupt WIM File Windows PE Deployment Process Not Initiated—Limited RAM Deployment Process Not Initiated—Missing Components Deployment Process Not Initiated—Missing or Incorrect Drivers Deployment Process Flow Charts LTI/ZTI with SMS 2003 OSD Feature Pack ZTI with System Center Configuration Manager Finding Additional Help Microsoft Services Premier Support Internet-Based Support Introduction USMT Usage Scenarios System Center Configuration Manager State Capture Identify Operating System Settings USMT Components Scanstate Loadstate Component Manifests Downlevel Manifests Technical Considerations Appendix A: Converting Control Files from Earlier Versions of USMT USMT .Inf File Format Sections of a USMT .Inf File USMT .Inf File Syntax Find Equivalent Settings in XML [CopyFiles] [CopyFilesFiltered] [AddReg]
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
91
[DelReg] Create a Complete Migration in XML Appendix B: Preparing the MDT 2008 Distribution Share Prepare the USMT Component in the Distribution Folder Locate the Store Files Place the XML Control Files Introduction Installing Deployment Workbench Create the Distribution Share Starting Deployment Workbench Upgrading BDD 2007 to MDT 2008 Creating the Distribution Share Populate the Distribution Share Operating Systems Add an Operating System Remove an Operating System Rename an Operating System Add Images from Windows Deployment Services Add Custom Image Files Hide and Unhide Feature Applications Add an Application Remove an Application Edit an Application’s General Information Edit an Application’s Details Edit an Application’s Dependencies Enable or Disable an Application Restart the Computer After Installing an Application Packages Add a Package Remove a Package View a Package’s General Information Enable or Disable a Package Add a Package Group Change a Package Group Assignment Out-of-Box Drivers Add a Device Driver Remove a Device Driver
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
92
Microsoft Deployment Toolkit 2008
View a Device Driver's General Information Enable or Disable a Device Driver Change a Device Driver's Group Assignment Add a Device Driver Group Use Legacy $OEM$ Folders Task Sequences Create Task Sequences Remove a Task Sequence Edit a Task Sequence’s General Information Enable or Disable a Task Sequence Define a Task Sequence Edit the Unattended Setup Answer File Associated with the Task Sequence Select the Packages Groups for a Task Sequence Deployment Points Create the Deployment Point Customize the Deployment Point Update the Deployment Point Create a Bootable USB Flash Drive Create a Computer Image Capture an Image for LTI Prepare the Image for Capture Add a Custom Image to the Distribution Share Capture an Image for Systems Management Server Create an Image Capture CD Prepare the Image for Capture Capture the Image
New Features The following list highlights the new features that have been included in this release of MDT 2008: •
Lite Touch OEM-Preload. In this case, MDT 2008 takes the contents of a media deployment point (USB, DVD, and so on) and loads it onto the hard drive, configuring it to automatically start up into Windows Preinstallation Environment (Windows PE). The original equipment manufacturer (OEM) can duplicate this hard drive (or a sector-based image of it), and the drive or image will run through an LTI deployment when it starts up but without generating network traffic for the bits because they are all already present on the hard drive. A new script, LTIOEM.wsf, and a new task sequence template are provided that set up the hard disk for duplication.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
93
•
System Center Configuration Manager OEM-Preload. In this case, a standard deployment task sequence, ConfigMgr OS MDT 2008, is broken into two parts. The first half (pre), a new task sequence template, applies an operating system image to the hard disk, saves some information about the environment, and marks the hard drive as inactive (so that it doesn’t accidentally start into the new operating system before it is customized). The second half (post), another new task sequence template, must be run using unknown computer support (such as a startup CD or Pre-Boot Execution Environment [PXE] filter). The second task sequence customizes the machine in Windows PE (using the already applied operating system image on disk) and then starts into the operating system to install any needed applications or other customizations. A new ZTIOEM.wsf script has been provided to help with this (to save some task sequence variables from the first task sequence so that they can be used by the second).
•
Microsoft System Center Operations Manager 2007 with SP1 Management Pack for MDT 2008. Monitors the events and performance indicators for LTI deployment, Zero Touch Installation (ZTI) deployment using Systems Management Server, and ZTI deployment with System Center Configuration Manager deployment processes.
General •
MDT 2008 Update 1 supports only a single partition in Refresh and Upgrade scenarios. New Computer and Replace Computer scenarios format Disk 0 by default. Using MDT 2008 Update 1 on computers with OEM partitions or multiple fixed or external hard disks may require additional configuration and scripting, in addition to thorough testing.
•
Using brackets ([ ] or <>) in data—for example, in passwords—that MDT 2008 Update 1 stores in .xml files causes the deployment to fail. Do not use special characters that are contained in .xml files when configuring settings.
•
Language packs, applications, and device drivers that are disabled in Deployment Workbench are not installed, unless they are added manually to the CustomSettings.ini file.
Installation •
After uninstalling MDT 2008 Update 1 using the Control Panel, the Distribution share directory (if created) must be removed manually. MDT 2008 Update 1 does not remove files or folders that it did not initially install.
•
Completely remove all beta versions of MDT 2008, Windows User State Migration Tool (USMT), the Windows Automated Installation Kit (Windows AIK), and the directory created by earlier installations of MDT 2008 (including the beta version) before installing MDT 2008 Update 1. Matched versions of the tools are required, and some configuration file schemas have been changed. This release supports Windows AIK versions 1.0 and 1.1. Windows AIK 1.1 was released with Windows Vista and is required to deploy Windows Vista with SP1 and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
94
Microsoft Deployment Toolkit 2008
•
When using MDT 2008 Update 1 extensions (add-in wizards) with System Center Configuration Manager, MDT 2008 Update 1 must be installed on every System Center Configuration Manager server used to administer operating system deployments.
•
Earlier versions of MDT 2008 must be closed when updating to MDT 2008 Update 1.
•
If uninstalling MDT 2008, manually remove the Management Pack service before uninstalling MDT 2008. If MDT 2008 is installed and being updated to MDT 2008 Update 1, the display name of the Management Pack service will not match the display name in the documentation. To fix this, use the Configure Management Pack Wizard to remove and then reinstall the Management Pack service.
Deployment Workbench •
To use Deployment Workbench for tasks other than reviewing the documentation, log on to the computer using an account that is a member of the local Administrator group.
•
Open only a single instance of Deployment Workbench at a time. Opening two or more instances of Deployment Workbench can result in unpredictable behavior.
•
If Deployment Workbench displays an error and closes after the error is dismissed, restart Deployment Workbench and continue working.
•
Deployment Workbench gives the option, when it attempts to add duplicate drivers, to ignore the duplicates or to create two folders, both which contain the same device driver. The second folder will have a numeric suffix that indicates it is a duplicate, helping to avoid adding duplicate device drivers to a distribution share. The suffixnaming feature supports storing two versions of the same device driver that have the same name if they are required for device compatibility reasons. During import, Deployment Workbench also helps by placing them in separate driver groups.
•
When adding applications to the distribution share using Deployment Workbench, ensure that every application has a unique, full name. Typically, the application name should include a version number and a platform (such as 32-bit or 64-bit). Otherwise, users will see multiple applications with the same name, each of which installs a different application during an LTI deployment.
•
Occasionally, Deployment Workbench appears to incorrectly display items in the details pane of the console. For example, clicking the Task Sequences node may not display task sequences, even though several exist. To display the items, click Refresh in the action pane, or right-click in the details pane, and then click Refresh.
•
Occasionally, Deployment Workbench displays an error on the Application page of the LTI wizard. To avoid this, pause between making selections.
•
Windows Server 2008 language packs are designated as SP1 Language Packs. The language packs will work correctly with Windows Server 2008, however.
•
When adding an operating system to Deployment Workbench, the wizard may accept an invalid name for the Windows Deployment Services server. After completing the wizard, Deployment Workbench then may display an error message when the Windows Deployment Services server cannot be contacted. To avoid this, specify the correct name of the Windows Deployment Services server initially.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
95
•
If an update, language pack, or driver from MDT 2008 Update 1 that is part of a package group is removed, MDT 2008 Update 1 does not remove the corresponding entries from the Packagegroups.xml file. The entries are removed from the Packages.xml file, however, which removes them from the MDT 2008 Update 1 user interface. Therefore, when removing updates, language packs, or drivers, the Packagegroups.xml file must be manually edited to remove the entries after removing them using MDT 2008 Update 1.
•
When creating a distribution share for an LTI Upgrade scenario, the wizard displays backup pages. These are not used in this scenario and can be disregarded.
•
When performing a Refresh deployment from a 64-bit Windows Server 2008 platform to a 64-bit Windows Server 2008 platform, the wizard displays user state migration pages even though user state migration is not supported for server deployments. The pages can be disregarded.
•
When IP addresses (for example, when identifying Domain Name System [DNS] and Windows Internet Naming Service [WINS] servers) are specified, they must exclude unnecessary zero prefixes, which will be misevaluated. For example, the IP address is typed 10.010.10.1, Deployment Workbench will evaluate it as 10.8.10.1. To avoid this problem, enter IP addresses carefully and do not add unnecessary zeroes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
96
Microsoft Deployment Toolkit 2008
Deployment Points •
The Priority property in CustomSettings.ini has no maximum line length. However, if it is longer than 55 characters when the Configure Database Wizard runs, the wizard will truncate the Priority property, and the property will need to be manually edited. To work around this, run the Configure Database Wizard before performing any other customization, or clear the check boxes for queries in the wizard that are not needed.
•
When creating deployment points on computers that have 8.3 file names disabled (see the Microsoft Knowledge Base article, “How to Disable the 8.3 Name Creation on NTFS Partitions,” at http://support.microsoft.com/kb/121007/), Deployment Workbench fails to generate the Windows PE image, and an exception is logged in DeployUpdates_platform.log, where platform is either x86 (for 32-bit) or x64 (for 64bit). If 8.3 file names have been disabled, re-enable them by setting the \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\Ntfs Disable8dot3NameCreation registry value to 0.
•
MDT 2008 Update 1 supports deployment from a USB flash drive (UFD). See Windows AIK for information about preparing the device, then copy (using the xcopy command) all files and folders from the \Media\content folder to the UFD.
•
The MDT 2008 Update 1 documentation frequently refers to media deployments. Starting up from a CD is not considered a media deployment because the CD is used only to start the computer, and the rest of the deployment is performed across the network. By definition, media deployments store all content locally and do not require a network connection.
•
When running MDT 2008 Update 1 on 64-bit versions of Windows Server 2008 or 64bit Windows Vista with SP1 and attempting to update an SMS 2003 Operating System Deployment (OSD) Feature Pack deployment point, an error message appears while MDT is generating the .iso file. The message reads, “An unexpected error occurred while updating the deployment point.” To work around this issue, generate a generic .iso file using another deployment point server running Windows Server 2003, a 32-bit version of Windows Server 2008, or a 32-bit version of Windows Vista with SP1. This does not occur on 32-bit versions of Windows Server 2008 or Windows Vista with SP1, or on any version of Windows Server 2003.
•
Windows AIK 1.1 servicing stack files are copied to the Servicing directory of the distribution share. This is done by updating a deployment point for the platform (x86 and x64).
•
Windows AIK 1.0 servicing stack files are removed from the Tools directory and from any ZTI directories specific to builds or task sequences created on an SMS 2003 OSD deployment point. This requires updating the Systems Management Server Image Program to remove those old servicing stack files manually.
Image Capture •
Turn off antivirus programs on the lab computer before capturing an image of the lab computer’s disk. Antivirus programs can interfere with the configuration of the image and the installation of applications during deployment. After deployment, reactivate the antivirus program. Before beginning deployment, test the interaction of antivirus programs with MDT 2008 Update 1.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
97
•
When the System Preparation Tool (Sysprep) uses the Windows Deployment Wizard to capture an image and the reference computer is joined to a domain that requires complex passwords, Sysprep does not remove that policy. The reference computer must be removed from the domain, and the local password complexity policy must be reset or the computer must use a complex password.
•
If custom images captured by directly running ImageX.exe (without using MDT 2008 Update 1 to capture the image) do not work properly, troubleshoot the issues by capturing and adding the image using MDT 2008 Update 1 to ensure that all prerequisites are configured properly. Be sure setup files are added to Deployment Workbench by adding a complete operating system distribution or by pointing the wizard to the location of source files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
98
•
Microsoft Deployment Toolkit 2008
When manually capturing images, use the Wimscript.ini file supplied by MDT 2008 Update 1 in the \Distribution\tools\_platform folder, where platform is either x86 (for 32-bit) or x64 (for 64-bit), to exclude the folders or files from the image. Also be aware of preexisting Unattend.xml files in the image. Specify the correct /FLAGS value when capturing Windows Vista images using ImageX.exe or Windows Deployment Services capture processes.
Deployment Process •
If the product key specified for a build is invalid, Windows Vista Setup prompts for a valid key during deployment. However, even after a valid key is provided, the deployment fails. Ensure that the product key specified for each build is valid before beginning deployment.
•
At the completion of MDT 2008 Update 1 deployment, a summary page displays warnings about errors encountered during the process. (This page won't be displayed when conducting a Server Core installation option of the Windows Server 2008 operating system because a Server Core installation does not include the Windows Internet Explorer® components required for this display.) It is possible for deployment to finish but still trigger several errors or warnings if the errors are nonfatal. It is useful to inspect these errors and warnings and determine whether they are unexpected. This might involve opening corresponding log files and running verification tests.
•
Dialing properties that are not configured, even if present in the answer file, include the country code, area code, long-distance access, and dialing rules. To work around this issue, configure dialing rules by creating and testing a .reg file in a lab environment, and then import that .reg file as a custom task during the task sequence.
•
MDT 2008 Update 1 cannot completely remove the C:\Minint folder from the target computer after deployment because it cannot remove the Task Sequencer dynamiclink libraries (DLLs) while they are in use. MDT 2008 Update 1 does, however, move the log files to %SystemRoot%.
•
When deploying an image that has never been started or that is missing the \%SystemRoot%\Prefetch directory, updates installed using Setup.exe or PkgMgr.exe can fail. To work around this, create the \%SystemRoot%\Prefetch directory in the operating system image.
•
Windows AIK 1.0 does not allow creating a media deployment International Organization for Standards (ISO) image of 4 gigabytes (GB) or larger. This limitation has been removed in Windows AIK 1.1.
•
The media ISO image must be smaller than 2.2 GB for media deployment to a Microsoft Virtual PC or Microsoft Virtual Server virtual machine. If the ISO image is larger than 2.2 GB, the deployment may result in an error.
•
Do not use system variables to configure the Active Directory® folder paths in the Configure ADDS task sequence. Instead, create the folder paths without system variables. For example, instead of %SystemRoot%, use C:\Windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
99
Account Access •
In Windows Vista and Windows Server 2008, if a user with a limited account maps a drive (such as Z:) to the MDT 2008 Update 1 distribution share (\\server\distribution$, where server is the name of the computer hosting the distribution share), runs LiteTouch.vbs, and then provides Administrator credentials in the User Credentials dialog box, MDT 2008 Update 1 displays the error, “Cannot find script file ’Z:\Scripts\LiteTouch.wsf‘ because the account that the user provided in the User Credentials dialog box cannot access the mapped drive created by the limited user account.” To resolve this issue, use an account with Administrator credentials to map the drive to the distribution share.
•
Active Directory user credentials set using the ADDSUserPassword attribute in CustomSetting.ini are used during the answer file generation of the Configure ADDS configuration task. To resolve this, change the ADDSUserPassword attribute to ADDSPassword in the ZTIGather.xml file, and then set the ADDSPassword property in CustomSettings.ini.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
100
Microsoft Deployment Toolkit 2008
Device Drivers •
Some device drivers can stall the deployment process. If this happens, isolate the device driver and remove it from the target computer, or contact the vendor for an updated version of the device driver.
•
If a TxtSetup.oem file is in the \Out-of-Box Drivers\ store directory, it must reference all storage drivers in the same directory. If a driver is matched to a device in the ZTIStorageDrivers.wsf tool, and the drivers files are not properly referenced in the TxtSetup.oem file, it can cause the setup phase of Windows XP or Windows Server 2003 to fail and block installation. If the storage drivers are not critical during installation, then the Inject Storage Drivers for XP and 2003 task can be disabled during the Preinstall phase.
Disks and Partitioning •
After starting Windows PE, the drive letters assigned to each storage device may change. For example, if the destination computer has a CD-ROM assigned to drive D and a hard disk drive assigned to drive E, the hard disk drive will be on drive D and the CD-ROM will be on drive E when Windows PE starts. This can prevent the local USMT and backup process from working properly when storing these files on a local storage device. If a DVD deployment fails, check that the drives have not been reassigned on the target computer. To simplify deployment, save user data to a network location instead of to a local drive.
•
Avoid editing the Unattend.xml files to format or alter the partitions. MDT 2008 Update 1 might store state and user data on the partition before calling Setup.exe (in LTI scenarios), and instructions added to Unattend.xml would cause Setup to destroy that data and cause a deployment failure.
•
While configuring the Format and Partition Disk task, always specify the extended and logical partitions together and do not add a primary partition in-between, which gives undesirable results when a logical partition size is configured using a percentage. In other words, do not add a primary partition between an extended and logical partition.
Windows BitLocker Drive Encryption •
Windows BitLocker™ Drive Encryption during LTI deployment requires at least two partitions. The first partition is the primary partition and can be any size; it stores operating system files and user data. In Windows BitLocker Drive Encryption terminology, this is called the boot partition. The second partition should be at least 2 GB; it stores startup files required during the first phase of startup. This is called the system partition. LTI deployment automatically configures the required 2-GB system partition if Windows BitLocker Drive Encryption is being deployed.
•
If activating Windows BitLocker Drive Encryption during installation fails in Refresh and Upgrade scenarios, verify that MDT 2008 Update 1 is able to shrink the partition as required by following these steps:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
101
1. At the command prompt, type diskpart shrink querymax, and note the value that is displayed. 2. If the value is less than 2,000 megabytes (MB), then defragment the disk. 3. If defragmenting the disk does not resolve the issue, back up the computer’s hard disk, create a new partition, and repeat these steps until typing diskpart shrink querymax returns a value greater than 2,000 MB. There might be files in specific areas of the partition that cannot be relocated or removed. •
The BDERequired flag is no longer used. All sample templates that enable Windows BitLocker Drive Encryption and that encounter an error will stop by default. The task sequence can be edited to enable deployment to continue if an error occurs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
102
Microsoft Deployment Toolkit 2008
•
MDT 2008 Update 1 can configure Windows BitLocker Drive Encryption during LTI deployments and System Center Configuration Manager task sequences. Enabling Windows BitLocker Drive Encryption during a Systems Management Server 2003 ZTI deployment is not supported because Systems Management Server 2003 does not support restarts during the State Restore Phase, in which reassignment of the active partition would occur. The Windows BitLocker Drive Encryption Disk Preparation Tool must be downloaded and added to the \Distribution\Tools\_platform folder, where _platform is either x86 (for 32-bit) or x64 (for 64-bit), preserving the language subfolder. See Microsoft Knowledge Base article, “Description of the BitLocker Drive Preparation Tool,” at http://support.microsoft.com/kb/930063 for instructions on acquiring the tool. System Center Configuration Manager provides native support for Windows BitLocker Drive Encryption.
•
Windows BitLocker Drive Encryption deployments using MDT 2008 Update 1 integration scripts with System Center Configuration Manager are only fully tested for new computer deployment scenarios; however, Windows BitLocker Drive Encryption support is provided natively by System Center Configuration Manager using the Enable BitLocker action.
•
When performing computer upgrades using a DVD deployment point and generating an external Windows BitLocker Drive Encryption key, MDT 2008 Update 1 generates key files with the name -.txt instead of %ComputerName%.txt.
•
In New Computer scenarios on computers running Windows Vista that have Windows BitLocker Drive Encryption disabled (a state in which the volume is still encrypted, but the key is stored in clear text to allow automatic startup), running Diskpart to clean the disk causes the computer to stop responding. To work around this issue, enable Windows BitLocker Drive Encryption again, or turn off Windows BitLocker Drive Encryption to decrypt the volume and ensure that decryption completes. If the computer stops responding, restart deployment.
•
Active Directory can be used to back up Windows BitLocker Drive Encryption and Trusted Platform Module (TPM) data. Recovery information includes the recovery password for each encrypted value, the TPM owner password, and the information necessary to associate recovery information with computers and volumes. Another option is to save a package containing the keys used to encrypt data, in addition to the recovery password required to access those keys. For more information, go to Configuring Active Directory to Back up Windows BitLocker Drive Encryption and Trusted Platform Module Recovery Information at http://www.microsoft.com/downloads/details.aspx?FamilyID=3a207915-dfc3-457990cd-86ac666f61d4.
•
When enabling Windows BitLocker Drive Encryption, key files are generated as hidden, read-only system files. To see them, set the Windows Explorer option to show hidden and system files.
•
If a Windows BitLocker Drive Encryption recovery prompt appears after restarting the target computer (because the Windows BitLocker Drive Encryption key required to unlock the volume could not be obtained), work around the problem by using one of the following approaches: •
Remove the media (such as the deployment DVD) while Windows PE is still running. This prevents the operating system from seeing the DVD when it starts.
•
Change the boot order of the computer so that the DVD drive follows the hard disk in boot order.
•
Deploy the computer with no startup media; for example, use a PXE deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
103
User State Migration •
USMT version 3.0.1 .msi files are supported to migrate user data during deployment. Use the following steps to install USMT 3.0.1: 1. Install the Microsoft Knowledge Base package 929761 from http://support.microsoft.com/kb/929761. 2. Copy the USMT 3.0.1 .msi files to tools\_platform, where platform is either x86 (for 32-bit) or x64 (for 64-bit) in the distribution share.
•
The USMT 3.0.1 .msi file requires Windows Installer version 3.1 or later. Ensure that target computers have Windows Installer 3.1 installed; otherwise, deployment will fail during USMT installation. To install Windows Installer 3.1, and for more information, go to http://support.microsoft.com/?id=893803.
Internet Explorer •
Internet Explorer home page can be configured in a task sequence, using CustomSettings.ini, or in the MDT 2008 Update 1 database. Configuring the Internet Explorer home page works only in Windows Vista or Windows XP unattended installations. Sysprep does not support configuring the Internet Explorer home page for Windows XP images. Instead, for Windows XP, add a custom action to the task sequence that configures the home page.
Language Support •
During LTI deployments to new computers, some pages (such as the User Locale and Keyboard Locale pages) do not display text correctly if required fonts are not installed in Windows PE. In Refresh and Upgrade scenarios, the same symptoms appear if required fonts are not installed in the operating system being replaced.
•
Some keyboard layouts might require language packs or input method editors that MDT 2008 Update 1 does not automatically include in the Windows PE startup image. MDT 2008 Update 1 does not verify that the keyboard layout is valid. For more information, see How to add Input Method Editor (IME) support to Windows PE 2.0 at http://support.microsoft.com/kb/926181.
•
When refreshing a computer running a localized edition of Windows XP with a Windows Vista image that is using a different language, Windows Vista Setup will prompt for the keyboard layout, language, and time and currency settings during the Windows PE phase.
•
MDT 2008 Update 1 supports Windows Vista language pack selection during deployment for all scenarios if the language packs are configured in Deployment Workbench. Selecting multiple language packs is possible when deploying Windows Vista Enterprise or Windows Vista Ultimate. When other editions of Windows Vista are deployed, only one language pack can be selected because of Windows Vista licensing restrictions. If the deployment fails in Upgrade scenarios and three or more
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
104
Microsoft Deployment Toolkit 2008
language packs are selected, try reducing the number of language packs until the deployment succeeds.
Network Configuration •
A maximum of two WINS server addresses can be added when configuring static IP configuration settings for a network adapter. If more than two WINS server addresses are added using MDT 2008 Update 1, only the first two WINS server addresses are used.
•
An error stating, “Network settings have been applied except for the following: SetGateways (Gateway, GatewayMetric),” can be safely ignored. Click OK to continue. This error appears when attempting to apply static IP settings to a network adapter that already has received dynamic IP settings from a Dynamic Host Configuration Protocol (DHCP) server.
•
The ZTINicConfig.wsf script supports modifying critical settings for network cards, including static IP addresses. However, because the ZTINicConfig.wsf script makes calls to the Windows shell, it will fail on Windows Server 2008 Server Core installations.
Lite Touch Installation •
Support for deployments using a Windows PE flat ISO image has been removed in this release.
•
Because Windows PE version 2.0 lacks the security .dll file needed to make an integrated security connection to Microsoft SQL Server®, Deployment Workbench obtains a copy of this .dll file from the existing operating system (Windows Vista, Windows Server 2003, or Windows XP) when Deployment Workbench generates a Windows PE image. It then adds the .dll file to the Windows PE image. This is possible only if the existing operating system is the same platform as the Windows PE image being generated (for example, both are 32-bit). This problem is solved in Windows PE 2.1.
•
The network credentials specified for accessing network resources (the USMT store location, computer backup location, and so on) are not validated if a user is logged on to the computer using a domain account and if the computer already has a connection established to another share on the same server.
•
When a custom image is added to the OS node in Deployment Workbench and the capture image option in the Lite Touch Installation Wizard is selected, the computer may issue an exception after the operating system installation. The exception displays the message, "ZTI ERROR - Unhandled error returned by ZTIStorageDriversSysprep: Invalid procedure call or argument (5)." To work around this, add a step to the task sequence to copy the Sysprep.inf file to C:\Sysprep.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
105
Zero Touch Installation •
A new MDT Tools package to support Windows Vista with SP1 and Windows Server 2008 must be created when updating from MDT 2008 to MDT 2008 Update 1. The tools package created by earlier versions of MDT 2008 do not support these target platforms.
•
Applications and Systems Management Server packages that run during a ZTI deployment of Windows XP must run without requiring user interaction.
•
When deploying Windows Vista Business or Home Basic editions using System Center Configuration Manager, disable the BitLocker task, or set it to Continue on Error. Windows Vista Business and Home Basic editions do not support Windows BitLocker Drive Encryption.
•
Some applications remove the file association between .wsf files and the Windows Script Host (WSH) files Cscript.exe or Wscript.exe. As a result, scripts added to the SMS 2003 OSD Feature Pack program custom action command that do not include Cscript.exe or Wscript.exe in the command line will not run correctly. To ensure scripts run correctly in the task sequence, at the command prompt, type wscript.exe scriptname.wsf.
•
If the path for an SMS 2003 OSD Feature Pack package contains spaces, SMS 2003 OSD Feature Pack fails and displays the message, “Could not connect to the installation package on path,” where path is the path name that was typed. Use share names that do not contain spaces.
•
In ZTI deployments, an additional SQL Server database or instance can be added to a computer licensed for SMS 2003 with Microsoft SQL Server 2005 Technology or System Center Configuration Manager 2007 with Microsoft SQL Server 2005 Technology without requiring additional SQL Server or SQL Server client licenses.
•
A custom image captured using the SMS 2003 OSD Feature Pack Image Capture CD must contain the folder %SystemRoot%\Panther. Otherwise, deployment fails during the Restore Computer Settings action.
•
During ZTI deployments, Systems Management Server usually connects to the Systems Management Server distribution point using the computer account. When using MDT 2008 Update 1 with an SQL database, the SQL connection string specifies different credentials because the configured SQL database share will likely not grant access to computer accounts. This is primarily a problem when launching a New Computer deployment using Windows PE. When access fails in OSDConnectToUNC.exe, Systems Management Server tries to connect using the Systems Management Server Network Access account. However, because the computer is already connected to the same server with the computer account, the reconnect fails, and the connection to the database fails because of insufficient rights. If an SQLShare property is not specified, and the computer is making a named pipe connection to an SQL database server, the computer account is used. To work around this issue, either try a different name for the server, such as the fully qualified DNS name or IP address, or give database access to the Everyone group.
•
In ZTI New Computer scenarios using Windows PE 2004 on a SMS 2003 OSD Feature Pack installation CD, the computer may stop responding during the partitioning step. Click the mouse anywhere on the screen to make the process continue normally.
•
The ZTI process does not support packages with the reboot option. The SMS 2003 OSD Feature Pack does not support rebooting during the State Restore phase of
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
106
Microsoft Deployment Toolkit 2008
deployment. See the SMS 2003 OSD Feature Pack documentation for more information. •
Hash value errors may occur in Systems Center Configuration Manager during download on demand or when creating a media deployment DVD. This can occur if the packages on the distribution points are inconsistent with the information in the System Center Configuration Manager database. To correct this, open System Center Configuration Manager console, expand the Boot Image or Package nodes, expand Distribution Points, right-click the distribution point, and then click Refresh Distribution Point.
•
During an SMS 2003 OSD ZTI deployment, an issue can occur in which MDT 2008 Update 1 is unable to install USMT 3.0.1 on computers silently during deployment. Repeat the following steps for the x86 and x64 versions of USMT 3.0.1 to repackage their files into cabinet files from which MDT 2008 Update 1 can extract USMT 3.0.1: 1. Manually install the x86 or x64 version USMT 3.01 on a computer running Windows XP or Windows Vista. 2. Copy %Program Files%\Microsoft Deployment Toolkit\Samples\USMT30_platform.ddf, where platform is either x86 (for 32bit) or x64 (for 64-bit), from a computer on which MDT 2008 Update 1 is installed. If USMT 3.0.1 is installed in a location other than the default (%Program Files%\USMT30), edit USMT30_platform.ddf to indicate its path. 3. Run the command makecab /F USMT30_platform.ddf; then, copy the .cab file it creates (USMT30_platform.cab) to \Tools\platform folder in the MDT 2008 Update 1 distribution share.
•
The Configure ADDS action fails on Windows Server 2008 x64 operating systems when used with System Center Configuration Manager. To avoid this problem, perform the following steps: 1. Add the Configure ADDS step to the task sequence. Configure this task to continue on error. 2. Add a Run Command Line step immediately after this Configure ADDS step. Configure it to run the command dcpromo.exe /answer:"%TEMP%\AD_Answer.txt". Please make sure to configure this step to "Disable 64-bit file system redirection" (otherwise Dcpromo.exe won't be found, as 64-bit servers only have a 64-bit version of this executable file), and specify success codes on the Options tab as 1 2 4.
•
The Install Roles and Features action fails on Windows Server 2008 x64 operating systems when used with System Center Configuration Manager. To avoid this problem, perform the following steps: 1. Add the Install Roles and Features step to the task sequence. Select the needed roles. 2. Add a Run Command Line step immediately after the Install Roles and Features step. Configure it to run the command ServerManagerCmd.exe -inputpath %TEMP%\Roles.xml -LogPath %TEMP%\ServerMgr.log. Select the Disable 64-bit File System Redirection option and specify success codes on the Options tab of 0 1003 3010. Please make sure to configure this step to "Disable 64-bit file system redirection" (otherwise ServerManagerCmd.exe won't be found, as 64-bit servers only have a 64-bit version of this executable file), and specify success codes on the Options tab of 0 1003 3010.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
107
•
When deploying Windows Server 2003 using System Center Configuration Manager, the deployment process does not automatically copy the Windows installation files to the %WinDir%\Source folder, as it does for other deployment methods. As a result, System Center Configuration Manager can display popup dialog boxes requesting missing DLLs needed to complete a server role installation. To work around this, add a step to the task sequence to copy the source files and set the registry keys that identifies the source folder (SourcePath and ServicePackSourcePath in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\setup).
•
When deploying using System Center Configuration Manager and backing up the computer data locally, computers with two partitions may not be able to retain the backup. To prevent backups from being removed, save to a network location instead of to a local drive.
•
In a System Center Configuration Manager task sequence, the Format and Partition task might not run successfully on a computer if it has only one unformatted partition. To work around this issue, either remove the partition or format it.
Replace Computer Scenario •
During an LTI Replace scenario, first specify a path in which to store the user state data. Then, after replacing the computer and installing a build, the Specify whether to restore user state data dialog box prompts the administrator for the location from which to restore user state data. The same path used when saving user state data must be specified.
•
When performing a Replace scenario deployment for Windows XP, Windows XP will fail to start after the deployment because Windows PE 2.0 (which is used during the deployment process) does not automatically restore the Windows XP startup sector. To work around this, add a step to the Replace task sequence that runs the command “%TOOLROOT%\Bootsect.exe” /NT52 C: to restore the Windows XP startup sector.
Upgrade Computer Scenario •
Before using the Windows Deployment Wizard to upgrade a computer, ensure that the local Administrator account is enabled.
•
Upgrading from 64-bit editions of Windows XP Professional to 64-bit editions of Windows Vista is not supported.
•
Before running the Windows Deployment Wizard on target computers that are running the Microsoft Windows 2000 operating system, be sure that Msvcp60.dll is installed. Copy Msvcp60.dll from the %SystemRoot%\System32 folder of a computer running Windows XP Professional with SP2 to the %SystemRoot%\System32 folder on each computer running Windows 2000.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
108
Microsoft Deployment Toolkit 2008
Open Issues and Ways to Work Around Them in MDT 2008 Update 1 The following section describes known issues and limitations of this MDT 2008 release. •
When performing an automated capture of a Windows XP or Windows Server 2003 operating system after deploying the operating system from a captured image, the deployment may fail with an unhandled exception error in ZTIStorageDriversSysprep.wsf. To work around this issue, add a task to copy Sysprep.inf from the deployment point to C:\Sysprep. If injecting mass storage drivers is not required, this step can be disabled in the task sequence.
•
When configuring the Active Directory folder paths in CustomSettings.ini, using system variables such as %SystemRoot% incorrectly sets the value to the Windows PE drive X. To work around this issue, use the physical path instead of the system variable.
•
In LTI deployments, several kinds of information are set in the Create Task Sequence Wizard. The user interface (UI) does not provide an option to edit these at a later time. However, they can be edited directly in the Unattend.xml file (for Windows Vista or Windows Server 2008) or in Sysprep.inf and Unattend.txt (for Windows XP or Windows Server 2003). The information includes:
•
•
•
Organization name
•
Full name
•
Internet Explorer home page
•
Local Administrator password
Some pages might not be displayed if the user changes the options on the domain membership page. The following pages might be affected: •
Windows BitLocker Drive Encryption pages. If the user chooses not to perform an image capture and then chooses to enable Windows BitLocker Drive Encryption in the Windows Deployment Wizard, and then decides to go back to the Image Capture page and choose Capture, Windows BitLocker Drive Encryption is still enabled. The image capture would be attempted against an encrypted partition.
•
Image Capture page. This page should be displayed only when a user tries to join a workgroup. If the user specifies the path for image capture and then goes back to the Domain Join page, and then joins a domain, the Image Capture page will still be displayed. This problem occurs because the image capture process runs Sysprep and should only be performed on computers not joined to a domain.
A Missing Wdi.dll file warning dialog box may be displayed during a New Computer deployment. Close the warning dialog box, and the deployment process will continue. This occurs when specific wireless drivers are added to Windows PE. Windows PE does not support wireless networking, so these drivers should be removed. Create a driver group that contains the wired network drivers and configure Deployment Workbench to use only the drivers in that group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
109
•
No user state configuration settings can be or need to be specified using the CustomSettings.ini file for System Center Configuration Manager scenarios. The network location is determined automatically by the Request State Store task.
•
For System Center Configuration Manager deployments to work without errors, certain properties must be configured by editing the task sequence, or the properties must be configured in the CustomSetting.ini file. Some properties in the task sequence can be configured only by editing the task sequence.
•
In System Center Configuration Manager deployments, multiple application packages can be installed on a computer by specifying them in the CustomSettings.ini file according to the following parameters: •
A base variable named PACKAGES should be specified in the task sequence in the Install Software task.
•
Each PACKAGES variable name should have a suffix starting with 001.
•
The PACKAGESxxx value should have the format PACKAGEID:ProgramName (use a colon between items).
•
The ProgramName value is case-sensitive. An example of specifying packages in CustomSettings.ini:
PACKAGES001=DEP0002B:Install Office 2007 PACKAGES002=DEP00011:Install Office Communicator •
The Microsoft Deployment Toolkit Management Pack runs only on Microsoft System Center Operations Manager 2007.
•
The BDD 2007 Management Pack does not work with MDT 2008 Update 1.
•
The MDT 2008 Update 1 Management Pack does not work with earlier versions of MDT 2008 or BDD 2007.
•
The MDT database name should not contain spaces.
•
Alerts are not generated on the Alerts node of the Microsoft Deployment Toolkit Management Pack. Some events, such as a deployment failure or system stop, may not generate a proper alert.
•
When monitoring LTI deployments using the MDT 2008 Management Pack, the Name and Logging Computer boxes display the Windows PE phase self-generated computer name. To control the computer name reported to System Center Operations Manager, set the OSDNEWMACHINENAME variable using CustomSettings.ini, and the value specified there will be used throughout the process.
•
In LTI New Computer deployments, applications marked as hidden in Deployment Workbench are not installed when the Application page is not skipped in the wizard and the application globally unique identifier (GUID) is specified in CustomSettings.ini. Hidden applications can be specified using the MandatoryApplications property instead of the Applications property.
•
System Center Configuration Manager in Unknown Computer scenarios allows specification only of a collection that exists on the site to which the client belongs. Pointing at a collection on the parent site is not supported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
110
Microsoft Deployment Toolkit 2008
•
Close System Center Configuration Manager console before running the integration option from MDT 2008 Update 1. Otherwise, some files may not be properly updated.
•
For LTI deployment, configuring static IP addresses is best done using CustomSetting.ini or the Windows Deployment Wizard. Configuring IP addresses using the Apply Network Settings step in the task sequence causes mapped drives to fail if the adapter had already mapped drives using DHCP-assigned addresses. Because multiple computers normally use a task sequence, setting a specific static IP address value in a task sequence wizard in MDT 2008 Update 1 is not recommended. Other general settings might be appropriate.
•
Sometimes the Import Microsoft Deployment Toolkit Task Sequence Wizard does not complete successfully. In this case, the XML for the new task sequence has already been generated and is available at the %Temp% directory. This .xml file can be imported manually using the System Center Configuration Manager Import Task Sequence Wizard to create the task sequence. The .xml file will not be available at the %Temp% directory if the initial import was successful.
•
During the Scanstate and Loadstate processes, multiple copies of log files may be created. A new USMT template can be used for excluding the log files or log directories while running Scanstate and Loadstate.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
111
Microsoft System Center Configuration Manager 2007 Imaging Guide
Contents Introduction This guide is part of Microsoft® Deployment Toolkit (MDT) 2008. This document provides guidance on the process of using Microsoft System Center Configuration Manager 2007 in the deployment process. The guides listed in Table 1 provide additional information about using System Center Configuration Manager and its functions and can assist in finding the information needed to configure and set up the environment. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Table 1. Related System Center Configuration Manager Guidance Guide
This guide offers assistance to help
Configuration Manager Setup Overview
Guide installation of the System Center Configuration Manager environment. See this guide at http://technet.microsoft.com/en-
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
112
Microsoft Deployment Toolkit 2008
us/library/bb693836.aspx. Preparing for Microsoft System Center Configuration Manager 2007
Guide in the preparation of System Center Configuration Manager for the deployment process.
Ins tal ling Syste m C ente r Con figu r ation Mana ger System Center Configuration Manager is used to create and distribute disk images and packages for Zero Touch Installation (ZTI) with System Center Configuration Manager deployments. The first step in the process is to install System Center Configuration Manager on a server computer. See “Configuration Manager Setup Overview” at http://technet.microsoft.com/en-us/library/bb693836.aspx for guidance on installing System Center Configuration Manager.
Con figu r ation Mana ger Con sole Configuration Manager console is used to manage all the features of System Center Configuration Manager. The console is divided into three sections: the left pane, which contains the console tree; the center pane, which contains details about the item selected in the console tree; and the right pane, which shows possible actions for the item selected in the console tree. Table 2 lists and describes the tree listings in the left pane of Configuration Manager console. Table 2. Configuration Manager Console Tree Listings and Their Descriptions Tree listing
Description
Site Database
Contains the site database and all System Center Configuration Manager settings.
Site Management
Provides access to settings that define the site hierarchy of System Center Configuration Manager and to the configuration of each site.
Computer Management
Provides access to the settings that define the management of computers within the System Center Configuration Manager sites.
System Status
Provides the status of System Center Configuration Manager components.
Security Rights
Provides access to System Center Configuration Manager security parameters.
Tools
Contains the ConfigMgr Service Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
113
Start Configuration Manager Console To start Configuration Manager console, click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. After opening Configuration Manager console, begin managing the installation of System Center Configuration Manager and prepare the images, software, and migration data for deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing Syste m C ente r Con figu r ation Mana ger for Dep lo yment Using Configuration Manager console, prepare images, drivers, driver packages, applications, operating systems, and other packages for deployment. When these items are added to System Center Configuration Manager, the files that System Center Configuration Manager will eventually distribute to the production environment are essentially stored in System Center Configuration Manager. When the items are in place, associate these stored items with task sequences in the configuration process. The following sections of this document provide guidance on ways Configuration Manager console can be used to import and prepare the images and packages that System Center Configuration Manager will use during deployment.
Import MDT 2008 Task Sequences Although new task sequences can be created manually using System Center Configuration Manager, MDT 2008 includes task sequence template files that can be imported into System Center Configuration Manager. These task sequence templates dramatically reduce the effort required to create task sequences in System Center Configuration Manager to use in MDT 2008. To import the MDT 2008 task sequence templates, use the System Center Configuration Manager Import Microsoft Deployment Task Sequence Wizard.
Create New Task Sequences Using the Import Wizard To create task sequences, the Import Microsoft Deployment Task Sequence Wizard moves the necessary files to System Center Configuration Manager. Configuration Manager console contains the Import Microsoft Deployment Task Sequence Wizard, which can be used to create the task sequences required for successful deployment of ZTI images. This functionality is new in MDT 2008 and requires the installation of MDT 2008 to operate correctly in Configuration Manager console. This integrated functionality does not exist between System Center Configuration Manager and MDT 2008 by default and requires that the Configure ConfigMgr Integration Wizard be run. Note Run the Configure ConfigMgr Integration Wizard to install the Import Microsoft Deployment Task Sequence Wizard in System Center Configuration Manager. To complete this process, refer to the section “Enable Configuration Manager Console Integration” in the MDT 2008 document, Preparing for Microsoft System Center Configuration Manager 2007.
Table 3 lists the task sequences templates that are included in MDT 2008, the file name for each template, and a description of the template. The template files are located in the install_folder\SCCM folder (where install_folder is the folder in which MDT 2008 was installed). Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
115
Table 3. Task Sequence Templates Included in MDT 2008 Template
File name
Select this template to
Standard Client Task Sequence
SCCM_Client.xml
Deploy to client computers for all scenarios except the Computer Replace scenario.
Standard Client Replace Task Sequence
SCCM_ClientReplace.xml
Deploy to client computers for the Computer Replace scenario.
Custom Task Sequence
SCCM_Custom.xml
Creates a task sequence completely customizable by the imaging team.
Standard Server Task Sequence
SCCM_Server.xml
Deploy to server computers for all scenarios.
The Import Microsoft Deployment Task Sequence Wizard guides the process of creating these packages and images (or specifying existing packages and images). The task sequence templates contain placeholders for each of the packages and images listed in Table 3. The Import Microsoft Deployment Task Sequence Wizard substitutes the packages and images selected for the placeholders in the task sequence templates. After completing the wizard, the new imported task sequence references the appropriate packages and images. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
Using the Import Microsoft Deployment Task Sequence Wizard, choose the template type to create, and then customize it for the needs of the environment. Table 4 describes the different sections of the Import Microsoft Deployment Task Sequence Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
116
Microsoft Deployment Toolkit 2008
Table 4. Import Microsoft Deployment Task Sequence Wizard Sections and Descriptions Wizard page
Use this page to
Choose Template
Create the Standard Client, Standard Client Replace, and Standard Server task sequences, and the Custom Task Sequence.
General
Set the task sequence name and add task sequence comments.
Details
Specify the workgroup or domain; type the registrant user name, organization name, and product key; and specify the capture destination and authorized account for capture.
Boot Image
Specify an existing boot image package or create a new boot image package.
General Settings
Provide the name, version, and comments for the boot image.
Image Options
Choose components, optional fonts, additional files, and platforms for the image.
Microsoft Deployment Package
Specify an existing MDT 2008 files package or create a new MDT 2008 files package.
Microsoft Deployment Details
Specify MDT 2008 file package properties, including name, version, language, manufacturer, and comments.
OS Image
Specify an operating system image or an operating system image package, or create a new operating system image or operating system installation package.
Install Source
Set options for installation sources to use with System Center Configuration Manager packages.
Client Package
Specify the ConfigMgr client package.
USMT Packages
Specify an existing Windows User State Migration Tool (USMT) package or create a new USMT package.
USMT Details
Specify the name, version, language, and manufacturer, and supply comments for the USMT package.
Settings Package
Specify or create the settings package to use. This package contains CustomSettings.ini and unattended installation files needed for operating system deployment.
Settings Details
Specify the name, version, language, manufacturer, and comments for the settings package.
Sysprep Package
Specify or create a System Preparation Tool (Sysprep) package to use, if required.
Sysprep Details
Specify the name, version, language, manufacturer, and comments for the Sysprep package.
Summary
See the status of package import or creation tasks.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
117
To import task sequences into Configuration Manager console 1658.In Configuration Manager console, expand Computer Management, right-click Task Sequences, and then click Import Microsoft Deployment Task Sequence. 1659.On the Choose Template page, click Client Task Sequence, and then click Next. 1660.On the General page, in the Task Sequence Name box, type the name of the task sequence to create. In the Comments box, type a comment (optional) that describes the sequence, and then click Next. 1661.On the Details page, click either Join a workgroup or Join a domain, and then type the name of the workgroup or domain name in the relevant box. 1662.Click Set, and then in the Account box, type the credentials for joining the domain. 1663.In the Windows Settings section, in the User name box, type the registered user name; in the Organization name box, type the registered organization; and in the Product key box, type the product key. 1664.In the Capture Operating System Image Settings section, in the Capture Destination box, type the location for captures; in the Capture account box, type the authorized account for capture placement; and then click Next. 1665.On the Boot Image page, click Create a New Boot Image Package. Type the Universal Naming Convention (UNC) path to the package, and then click Next. 1666.On the General Settings page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the boot image.
•
Version: The package version.
•
Comments: Optional comments.
1667.On the Image Options page, type the relevant information or click the relevant options, and then click Next: •
Platform section: Click the relevant operating system.
•
Optional Components section: Click ADO, if required.
•
Optional Fonts section: Click additional fonts, if required.
•
Additional Files section: Click Browse to add a custom a background bitmap image file, and then click Browse to add an extra additional directory, if required.
Note
The background bitmap file must be specified using a UNC path.
1668.On the Microsoft Deployment Package page, click Create a New Microsoft Deployment Files Package; in the UNC path box, type the UNC path (for example, \\DeploymentServer\packages$\Deployment4files) for the deployment files package the wizard will create, and then click Next. 1669.On the Microsoft Deployment Details page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the MDT 2008 files.
•
Version: The version of the MDT 2008 files (optional).
•
Language: The language of the MDT 2008 files.
•
Comments: Optional comments.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
118
Microsoft Deployment Toolkit 2008
1670.On the OS Image page, click Create a new OS install package; in the OS installation folder location box, type or browse to the relevant location; in the Package source folder to be created box, type or browse to the relevant UNC location; and then click Next. Note The OS installation folder contents are copied from the specified UNC location to the package source folder, which are then used to create the package.
1671.On the Install Source page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the operating system image.
•
Version: The operating system package version.
•
Comments: Optional comments.
1672.On the Client Package page, click Create a new ConfigMgr client package, and then click Next. 1673.On the USMT Package page, click Create a new USMT package, type the relevant information in the following boxes, and then click Next: •
Path to the USMT executables and related files: The path to the location on the network where USMT files are stored.
•
Package source folder to be created: The name of the package source folder to create.
CAUTION A network location for USMT cannot be specified in the CustomSettings.ini file for a task sequence. The Request state store task automatically determines the location. For this to work, define a state migration point. See the Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx for additional guidance on this process. Note The default location of USMT files is C:\Program Files\USMT301. If USMT will be used with System Center Configuration Manager, run the USMT 3.0.1 .msi file on the System Center Configuration Manager server and specify this location as the source location. For additional information about configuring System Center Configuration Manager to use USMT, refer to the Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx.
1674.On the Specify USMT package properties page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the USMT package.
•
Version: The version of the USMT package.
•
Language: The USMT package language.
•
Manufacturer: The manufacturer of the USMT package.
•
Comments: Optional comments.
CAUTION For more information on using roaming profiles, see the Managing Roaming User Data Deployment Guide at http://technet2.microsoft.com/WindowsVista/en/library/fb3681b2-da39-4944-93addd3b6e8ca4dc1033.mspx?mfr=true. USMT will back up and restore locally cached user profiles but not network copies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
119
1675.On the Settings Package page, click Create a new settings package, type the UNC path for the location where the wizard will create the package, and then click Next. 1676.On the Settings Details page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the settings package.
•
Version: The version of the settings package.
•
Language: The settings package language.
•
Manufacturer: The manufacturer of the settings package.
•
Comments: Optional comments.
1677.On the Sysprep Package page, click Create a new Sysprep package; in the Path to Sysprep executables and related files box, type the UNC path for the location where the wizard will create the Sysprep package; in the Package source folder to be created box, type or browse to the location where the wizard will create the package source folder; and then click Next. Note This selection is optional and does not apply to Windows Vista or Windows Server 2008 deployments if no custom image is captured.
1678.On the Sysprep Details page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the Sysprep package.
•
Version: The version of the Sysprep package.
•
Language: The Sysprep package language.
•
Manufacturer: The manufacturer of the Sysprep package.
•
Comments: Optional comments.
The Summary page displays a status bar that shows the progress of the tasks defined in the wizard. The wizard closes when it completes the tasks.
Create a New Driver Package Complete the following steps to create a new driver package in System Center Configuration Manager. System Center Configuration Manager creates a package file in the UNC share path defined in the Import Microsoft Deployment Task Sequence Wizard. 1679.In Configuration Manager console, expand Computer Management, expand Operating System Deployment, and then click Driver Packages to start the New Driver Package Wizard. 1680.Type the relevant information in the following boxes, and then click OK: •
Name: The name of the new driver package.
•
Comments: Optional comments.
•
Driver Package Source: The path to the new driver package.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
120
Microsoft Deployment Toolkit 2008
Import Drivers to System Center Configuration Manager To import drivers into System Center Configuration Manager 1681.In Configuration Manager console, expand Computer Management, and then expand Operating System Deployment. Right-click Drivers, and then click Import to start the Import New Driver Wizard. 1682.On the Locate Driver page, click one of the following options; then, type or browse to the UNC path of the source folder that holds the drivers to import, and then click Next: •
Import all drivers in the following network path (UNC)
•
Import a specific driver by specifying the network path (UNC) to its .inf or txtsetup.oem file
1683.On the Driver Details page, the driver name is shown in the Name box. Click Enable this driver and allow computer to install it, and then click Next. 1684.On the Applicability page, click one of the following options, and then click Next: •
This driver can be run on any platform
•
This driver can run only on the specified platforms, and then select your OS option(s)
1685.On the Add Driver to Package page, click one of the following options, and then click Next: •
Select All
•
Clear All
•
New Package
•
Update distribution points when finished
Note A package must be created to add a package. If no package is listed, add the drivers to one or more packages later.
1686.Click the package to the drivers will be added or create a new package. Note Click Update distribution points when finished to force the wizard to perform the update.
1687.On the Add Driver to Boot Image page, add updated mass storage drivers, network drivers, or critical drivers for the system boot, as appropriate. Click the boot image (x86 or x64), and then click Next. Note Boot images must be refreshed on distribution points before the new drivers are available for use.
1688.The Summary page shows the details of the selections made while completing the wizard. To change an option or setting, click Previous, make the necessary changes to the selections, and then click Next. The Progress page displays a status bar that indicates the wizard is processing. Then, the Confirmation page shows the success or failure of the wizard’s ability to complete the tasks defined for the driver creation. 1689.Click Close to return to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
121
Add Language Packs Language packs can be added to packages in System Center Configuration Manager either offline or online. Before adding language packs, first create a package that contains the language pack. To create a package containing a language pack 1690.Create a folder that will contain the package source for the language files. Note Create this folder where previously created packages are stored or where space is available.
1691.Add the language pack folders downloaded from Microsoft into the folder created in step 1. Note Language packs already in .cab format are available to download on the Microsoft Volume Licensing Web site.
1692.In the Configuration Manager console console tree, go to Computer Management/Software Distribution/Packages. Right-click Packages, and then click New Package. 1693.In the Name box, type Vista Language Packs, and then click Next. 1694.Click This package contains source files, and then click Set to set the source directory. 1695.Type the path to the source directory, and then click OK. 1696.Click Enable binary differential replication, and then click OK. 1697.On the Data Access page, click Next. 1698.On the Distribution Settings page, click Next. 1699.On the Reporting page, click Next. 1700.On the Security page, click Next. 1701.On the Summary page, click Next, then click Close. To add language packs offline to Windows Vista and Windows Server 2008 1702.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1703.In the Task Sequence Editor dialog box, go to the Postinstall phase. 1704.Under the Postinstall phase, go to the Setup Windows and ConfigMgr task. 1705.Click the task immediately above this task, so that the new added task will be positioned just above the Setup Windows and ConfigMgr task. 1706.Click Add, click MDT, and then click Install Language Packs Offline. 1707.Type the relevant information in the Name and Description boxes, and then click Browse to select an appropriate language pack package to install. 1708.Click OK to save the settings, and then close the Task Sequence Editor. Note When used with MDT 2008, the term offline means that the computer is booted into Windows Preinstallation Environment (Windows PE), and thus the image can be modified offline—not in the currently booted operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
122
Microsoft Deployment Toolkit 2008
To add language packs online to Windows Vista and Windows Server 2008 1709.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1710.In the Task Sequence Editor dialog box, click Add, click General, and then click Install Language Packs Online. 1711.In the Task Sequence Editor dialog box, go to the State Restore phase. 1712.Click the Restart Computer task. 1713.Click Add, click MDT, and then click Install Language Packs Online. 1714.Type the relevant information in the Name and Description boxes, and then click Browse to select a language pack package to install. 1715.Click OK to save the settings, and then close the Task Sequence Editor. Note When used in MDT 2008, the term online means that the computer is booted into an operating system but run as an Administrator user so that final configurations can be made to the running operating system.
Add Updates Use System Center Configuration Manager to add updates during the task sequence. Updates can be added online or offline. Manage software updates in System Center Configuration Manager using a server configured as a software update point. For detailed information on software updates using System Center Configuration Manager, see Tasks for Software Updates at http://technet.microsoft.com/en-us/library/bb693776.aspx. Use deployment packages to deploy software updates. For more information about configuration and deployment of software update packages, see Download Updates Wizard at http://technet.microsoft.com/en-us/library/bb632835.aspx. To install operating system updates online, the updates need to be added to a Deployment Management item. Create a Deployment Management item using the Deploy Package Wizard. For more information on deploying packages and deployment management, see the Configuration Manager Library at http://technet.microsoft.com/enus/library/bb693754.aspx. To add offline updates to Windows Vista 1716.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1717.Beneath the Postinstall phase, locate the Setup Windows and ConfigMgr task. 1718.Click the task immediately above this task, so that the new added task will be positioned just above the Setup Windows and ConfigMgr task. 1719.In the Task Sequence Editor dialog box, click Add, click MDT, and then click Install Updates Offline. 1720.Type the relevant information in the Name and Description boxes, and then click Browse to select an appropriate updates package to install. 1721.Click OK to save the settings, and then close the Task Sequence Editor.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
123
To add online updates to Windows XP, Windows Server 2003, Windows Server 2008, or Windows Vista 1722.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1723.In the Task Sequence Editor dialog box, go to the State Restore phase. 1724.Click the Restart Computer task. 1725.Click Add, click MDT, and then click Install Updates Online. 1726.Type the relevant information in the Name and Description boxes, and then click Browse to select an appropriate updates package to install. 1727.Click OK to save the settings, and then close the Task Sequence Editor. Note The Software Update Point role and Windows Server Update Services (WSUS) must be set for this purpose. Use the Install Software Updates task to accomplish this task.
Create an Operating System Image Capture Image When a reference computer must be captured to be deployed using System Center Configuration Manager, first capture that image and add it to Configuration Manager console as an operating system image package. The image is created using an operating system deployment media task sequence. For additional guidance on this process, see “Sample Build and Capture Operating System Image Task Sequence” in the Configuration Manager Documentation Library.
Install an Existing Image Package Using the Import Microsoft Deployment Task Sequence Wizard and the Client Task Sequence To install an existing image package using the MDT 2008 client task sequence, perform the following steps: 1728.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1729.Right-click Task Sequences, and then point to Import Microsoft Deployment Task Sequence. Click Client Task Sequence, and then click Next. 1730.On the General page, type the relevant information in the following boxes, and then click Next: •
Task Sequence Name: A name for the task sequence.
•
Comments: Optional comments.
1731.On the Details page, in the Join workgroup or domain section, click the relevant settings to add the computer to a workgroup if building a reference image, or to a domain, if required.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
124
Microsoft Deployment Toolkit 2008
1732.If adding the computer to a domain, click Set to type credentials for adding the computer to the designated domain. 1733.In the Windows Settings section, type the relevant information in the following boxes, and then click Next: •
User Name: The owner of this copy of Windows.
•
Organization name: The organization name.
•
Product key: The product key; usually a 25-character alphanumeric value.
1734.In the Capture Operating System Image settings box, type a UNC path to a location and file name, and then click Next. •
Capture destination: \\servername\sharename\%computername%.wim.
•
Capture account: Click Set to type credentials with Write access to the capture destination share location.
1735.On the Boot Image page, click Browse to locate an existing boot image package in the Select a Package dialog box, and then click Next. 1736.On the MDT Package page, click one of the following options: •
Specify a new Microsoft Deployment Files package: Click Browse to select an existing MDT 2008 tools package.
•
Create a new Microsoft Deployment Files package: Browse to the location of the appropriate deployment point created in Deployment Workbench.
1737.On the OS Image page, browse to select an existing image package for deployment, and then click Next. Note This page also allows for creation of a new operating system package by browsing to a Windows Imaging Format (WIM) file that will create a new System Center Configuration Manager package.
1738.On the Client Package page, click Browse to select an existing System Center Configuration Manager client package to install, and then click Next. 1739.On the USMT Package page, specify the USMT package, and then click Next. •
Specify an existing USMT Package: Click Browse to select a USMT package.
1740.On the Settings Package page, browse to select a settings package. 1741.On the Select a Sysprep Package page, if deploying Windows, click No Sysprep Package is required, because Sysprep in already in the operating system image. 1742.If deploying Windows XP with SP2, select one of the following options, and then click Finish: •
Select an existing Sysprep package: Browse to select an existing Sysprep package.
•
Create a new Sysprep package: Browse to the location of the existing Sysprep files, such as C:\Sysprep, and type the package path to store the created package.
1743.The Summary page shows the details of the selections made while completing the wizard. Click Close to return to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
125
Create a Client Replace Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard MDT 2008 provides a Client Replace task sequence. This task sequence is primarily used to capture the user state data from an existing computer so it can be restored on a user’s new destination computer. To create a Client Replace task sequence, import the MDT 2008 Client Replace task sequence to use in Replace Computer scenarios. A computer must be associated with System Center Configuration Manager before running the client task sequence. Without the computer association, it is not possible to restore the captured user state on the new computer. It is also not possible to add a computer association with System Center Configuration Manager after the user state has already been captured from the old computer. To create a Client Replace task sequence 1744.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1745.Right-click Task Sequences, point to Import Microsoft Deployment Task Sequence, click Client Replace Task Sequence, and then click Next. 1746.On the General page, type the relevant information in the following boxes, and then click Next: •
Task Sequence Name: An appropriate name for the task sequence.
•
Comments: Optional comments.
1747.Click Next. 1748.On the Boot Image page, click Browse to locate an existing boot image package in the Select a Package dialog box. 1749.Click Next. 1750.On the MDT Package page, click one of the following options: •
Specify a new Microsoft Deployment files package: Click Browse to select an existing MDT tools package.
•
Create a new Microsoft Deployment files package: Browse to the location of the relevant deployment point created in Deployment Workbench.
1751.Click Next. 1752.On the USMT Package page, browse to select a USMT package. Click Next. 1753.On the Settings Package page, click Browse to select a settings package, and then click Next. The wizard finishes and returns to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
126
Microsoft Deployment Toolkit 2008
Create a Server Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard MDT 2008 provides a task sequence that can be used for server deployment. This task sequence is used to completely automate the build, capture, and deployment of Windows Server 2008 or Windows Server 2003. To create a server task sequence, import the MDT 2008 server task sequence into Configuration Manager console. To create a server task sequence 1754.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1755.Right-click Task Sequences, point to Import Microsoft Deployment Task Sequence, click Server Task Sequence, and then click Next. 1756.On the General page, type the relevant information in the following boxes, and then click Next: •
Task Sequence Name: An appropriate name for the task sequence.
•
Comments: Optional comments.
1757.On the Details page, in the Join workgroup or domain section, click the relevant settings to add the computer to a workgroup if building a reference image, or to a domain, if required. 1758.If adding the computer to a domain, click Set to type credentials for adding the computer to the designated domain. 1759.In the Windows Settings section of the dialog box, type the relevant information in the following boxes: •
User Name: The owner of this copy of Windows.
•
Organization name: The organization name.
•
Product key: A product key; usually a 25 character alphanumeric value.
1760.In the Capture Operating System Image settings box, type a UNC path to a location and filename, such as: •
Capture destination: \\servername\sharename\%computername%.wim.
•
Capture account: Click Set to type credentials with Write access to the capture destination share location.
1761.Click Next. 1762.On the Boot Image page, click Browse to locate an existing boot image package in the Select a Package dialog box. Note Alternatively, in the Create a new boot image package box, type a UNC path to store the newly created image package, and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
127
1763.On the MDT Package page, click one of the following to: •
Specify a new Microsoft Deployment Files package: Click Browse to select an existing MDT 2008 tools package.
•
Create a new Microsoft Deployment Files package: Browse to the location of the relevant deployment point created with Deployment Workbench.
1764.Click Next. 1765.On the OS Image page, click one of the following options: •
Specify an existing OS image: Browse to select an existing server image package.
•
Create a new OS Image: Browse to the location of an existing server WIM image, and then define the location to store the resulting server image package.
•
Specify an existing OS Install Package: Browse to select an existing server OS install package.
•
Create a new OS Install Package: Click this option to install and capture a new Windows Server 2003 operating system installation package from the original CD operating system source files.
1766.Click Next. 1767.On the Client Package page, click one of the following: •
Specify an existing ConfigMgr Client package: Browse to select a System Center Configuration Manager client installation package.
•
Create a new ConfigMgr Client package: If this option is selected, the wizard creates a new System Center Configuration Manager client package. Note This page is for the installation of the System Center Configuration Manager client and is not specific to the client operating system installation.
1768.Click Next. 1769.On the Settings Package page, click Browse to select a settings package. 1770.On the Select a Sysprep Package page, if deploying Windows Server 2008, click No Sysprep Package is required, because Sysprep in already part of the operating system image. 1771.If deploying a version of Windows Server 2003, click one of the following options: •
Select an existing Sysprep Package: Browse to select an existing Sysprep package.
•
Create a new Sysprep package: Browse to the location of the existing Sysprep files, such as C:\Sysprep, and type the package path to store the created package.
1772.Click Next. The wizard finishes and returns to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Tar ge ting Driv er s to a Spec if ic Co mpute r To install specific drivers to a target computer, use the Auto-apply Drivers task sequence to install drivers from a specific driver category. The driver category used is not important, because the CustomSettings.ini file overrides it. To add specific drivers to a target computer 1773.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1774.Click Task Sequences, and then click task_sequence (where task_sequence is the sequence to edit). Right-click Task Sequence, and then click Edit. 1775.Create multiple Auto-apply Drivers tasks in the task sequence. For each task, choose the specific driver category. Set a condition on the tasks so that a Windows Management Instrumentation (WMI) query is made for the make and model of the computer, and so the correct task will be associated with the correct make and model or role. 1776.Use the OSDAutoApplyDriverCategoryList variable, available in Configuration Manager console. To do this, add the following lines to the CustomSettings.ini file: [Settings] Properties=OSDAutoAPplyDriverCategoryList [Default] or some other location OSDAutoApplyDriverCategoryList=DriverCategories:GUID Where GUID is the globally unique identifier (GUID) assigned to the driver category.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Contents
cxxix
1777.Obtain the GUID information by running the following Microsoft Visual Basic® Scripting Edition (VBScript) code: strSiteCode = "CEN" strServer = "SMSSERVER" strDriverCatName = "Dell" set objWMIService= GetObject("winmgmts:{impersonationlevel=impersonate}!\\" & strServer & "\root\sms\site_" & strSiteCode) set DriverGUIDS = objWMIService.ExecQuery("select CategoryInstance_UniqueID from sms_categoryinstance where LocalizedCategoryInstanceName = '" & strDriverCatName & "'") For each DriverGuid in DriverGuids wscript.echo DriverGuid.CategoryInstance_UniqueID Next 1778.Replace strSiteCode, the strServer server, and strDriverCatName with information pertinent to the environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
cxxx
Microsoft Deployment Toolkit 2008
Microsoft® Deployment Toolkit 2008 Toolkit Reference Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This reference is part of Microsoft® Deployment Toolkit (MDT) 2008 and provides configuration settings that can be used in the deployment process. Reviewing the guides listed in Table 1 can further assist in customizing configuration settings for the deployment environment. Table 1. Guidance for Configuring Deployment Settings Guide
This guide offers assistance to help
Deployment Customization Guide
Further customize the configuration files used in Zero Touch Installation (ZTI) and Lite Touch Installation (LTI) deployments. This guide also provides generic configuration guidance and a technical reference for configuration settings.
Image Customization Guide
Guides the process of using MDT 2008, Microsoft Systems Management Server 2003, and Microsoft System Center Configuration Manager 2007 during the imaging process.
Microsoft Deployment Toolkit 2008 Samples Guide
Identify deployment scenarios and corresponding configuration settings when deploying target computers using ZTI and LTI. The sample configuration files in this guide can be used as a starting point for the configuration in the environment.
Preparing for LTI Tools
Create a default installation of MDT 2008 for LTI deployment.
Preparing for Microsoft System Center Configuration Manager 2007
Install ZTI in the environment and perform deployments using System Center Configuration Manager. The guide includes information about how ZTI and System Center Configuration Manager work together, including flowcharts and troubleshooting.
Preparing for Microsoft Systems Management Server 2003
Install ZTI in the environment and perform deployments using Systems Management Server. The guide includes information about how ZTI and Systems Management Server work together.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Task Sequence S
teps
Task sequences are created by the Task Sequence Editor and consist of a combined series of steps that are designed to complete an action. Task sequences can operate across a computer restart and can be configured to automate tasks on a computer without requiring user intervention. In addition, task sequence steps can be added to a task sequence group, which help keep similar task sequence steps together for better organization and error control. Each task sequence step performs a specific task, such as validating that the target computer is capable of receiving the deployment image, storing user data in a safe location, deploying an image to a target computer, restoring saved user data, and so on. These task sequence steps accomplish their tasks by using utilities and scripts provided with the MDT 2008 solution or by the deployment team. Use this reference to help determine the correct task sequence groups and task sequence steps to configure the deployment process and the valid properties and options to use. The following information is provided for each task sequence group and step: •
Name. The name of the task sequence group or step.
•
Description. A description of the purpose of the task sequence group or step and any pertinent information regarding its customization.
•
Properties. Indicates the valid configuration properties that can be specified for the task sequence group or step that define how the task is performed.
•
Options. Indicates the valid configuration options that can be specified for the task sequence group or step that define if and when the task is performed and what is considered a successful exit code from the task. For more information about the Task Sequence Editor, see Operating System Deployment: Task Sequence Editor at http://technet.microsoft.com/enus/library/bb680396.aspx.
Common Properties and Options for Task Sequence Step Types Each task sequence group and step has configurable settings on the Properties and Options tabs that are common to all task sequence groups and steps. These common settings are briefly described in the following sections.
Common Properties Table 2 shows the settings that are available on the Properties tab of each task sequence step. For more information about the Properties tab for a particular task sequence step, see the topic that corresponds to the step later in this reference. Note The task sequence step types listed here are those that are available in Deployment Workbench. Additional task sequence step types might be available when configuring task sequences using System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
3
Table 2. Settings Available on the Properties Tab Name
Description
Type
A read-only value that indicates the task sequence group or step type. The type will be set to one of these values: •
Apply Network Settings
•
Authorize DHCP
•
Capture Network Settings
•
Configure ADDS
•
Configure DHCP
•
Configure DNS
•
Enable BitLocker
•
Format and Partition Disk
•
Gather
•
Group
•
Install Application
•
Install Operating System
•
Install Roles and Features
•
Install Updates Offline
•
Restart Computer
•
Run Command Line
•
Run Command Line As
•
Set Task Sequence Variable
•
Validate
Group
Step
Name
A user-defined name that should allow easy identification and differentiation from other task sequence steps.
Description
A user-defined description that should make the task sequence step requirements and tasks easily understandable.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Common Options Table 3 shows the settings that are available on the Options tab of a task sequence step. For more information about the Options tab, see Task Sequence Options Tab at http://technet.microsoft.com/en-us/library/bb693661.aspx. Table 3. Settings Available on the Options Tab Name
Description
Group
Disable this step
Select this option to disable this task sequence step.
Success codes
Exit codes of the utility associated with this task sequence step that indicates it has completed successfully.
Step
Continue on error Select this option to allow the Task Sequencer to process additional task sequence steps if a failure occurs.
Conditional statements
One or more conditions that limit the running of this task sequence group or step. These conditional are based on the following: •
File Properties
•
Folder Properties
•
Operating system version: •
Is a certain architecture
•
Is a certain version
•
Query Windows Management Instrumentation (WMI)
•
Registry Setting: •
Exists
•
Does not exist
•
Equals
•
Does not equal
•
Greater than
•
Greater than or equals
•
Less than
•
Less than or equals
•
Installed Software
•
Task sequence variable:
Solution Accelerators
•
Exists
•
Equals
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
Name
5
Description •
Does not equal
•
Greater than
•
Greater than or equals
•
Less than
•
Less than or equals
Group
Step
These conditions can be grouped using IF statements that test all conditions, any condition, or no condition that evaluates as true. Note Additional conditional statements might be available when using System Center Configuration Manager to configure task sequence steps.
Specific Properties and Settings for Task Sequence Step Types Some properties and parameters of each task sequence step type are unique to that type. Each type with unique properties and settings is shown in the following sections, with its unique task sequence step properties and settings.
Apply Network Settings This task sequence step configures the network adapter on the target computer. For more information about what script accomplishes this task and what properties are used, see ZTINICConfig.wsf in the “Scripts” section of this reference. The unique properties and settings for the Apply Network Settings task sequence step type are:
Properties Name
Value
Type
Apply Network Settings
Settings Name
Value
Name
The name to be assigned to the network connection.
Obtain an IP address automatically
When selected, Dynamic Host Configuration Protocol (DHCP) will be used to obtain the required IP configuration settings for the network connection. This is the default selection.
Use the following IP address
When selected, one or more IP address and subnet mask combinations can be provided in addition to gateways that will be assigned to the network connection.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Name
Value
Obtain a Domain Name System (DNS) server automatically
When selected, DHCP will be used to obtain the required IP configuration settings for the network connection. This is the default selection.
Use the following DNS servers
When selected, one or more DNS server IP address can be provided that will be assigned to the network connection.
DNS Suffix
The DNS suffix that will be applied to all network connections that use TCP/IP.
Register this connection’s address in DNS
Specifies that the computer will attempt dynamic registration of the IP addresses (through DNS) of this connection with the full computer name of this computer.
Use this connection’s DNS suffix in DNS registration
Specifies whether DNS dynamic update is used to register the IP addresses and the connection-specific domain name of this connection.
WINS server addresses
One or more Windows Internet Naming Service (WINS) server IP address can be provided that will be assigned to the network connection.
Enable LMHOSTS lookup
Specifies whether a local area network (LAN) Manager Hosts (LMHOSTS) file for network basic input/output system (NetBIOS) name resolution is used.
Default
Specifies whether this network connection obtains the setting to enable or disable NetBIOS over TCP/IP (NetBT) from a DHCP server. This is the default selection.
Enable NetBIOS over TCP/IP
Specifies that this network connection uses NetBT and WINS.
Disable NetBIOS over TCP/IP
Specifies that this network connection does not use NetBT and WINS.
Authorize DHCP This task sequence step authorizes the target computer as a DHCP server. For more information about what script accomplishes this task and what properties are used, see ZTIAuthorizeDHCP.wsf in the “Scripts” section of this reference. The unique properties and settings for the Authorize DHCP task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Authorize DHCP Server.
Settings Name
Description
Account
A user account that is a member of the Enterprise Admins group, to be used when authorizing DHCP for the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
7
Capture Network Settings This task sequence step gathers the network adapter settings from the target computer. For more information about what script accomplishes this task and what properties are used, see ZTINICConfig.wsf in the “Scripts” section of this reference. The unique properties and settings for the Capture Network Settings task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Capture Network Settings.
Settings Name
Description
None
Configure ADDS This task sequence step configures the target computer as an Active Directory® Domain Services (AD DS) domain controller. For more information about the settings listed in the following table, and which are configurable by this task sequence step, see the Microsoft Help and Support article, “Unattended promotion and demotion of Windows 2000 and Windows Server 2003 domain controllers,” at http://support.microsoft.com/kb/223757. The unique properties and settings for the Configure ADDS task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Configure ADDS.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Settings Name
Description
Create
Specifies the configuration set that will be used to configure the target computer. The configuration sets are: •
New domain controller replica. Creates an additional domain controller in an existing AD DS domain.
•
New read-only domain controller (RODC) replica. Creates a read-only domain controller (Windows Server® 2008 only).
•
New domain in existing forest. Creates a domain in an existing AD DS forest.
•
New domain tree in existing forest. Creates a new tree in an existing AD DS forest.
•
New forest. Creates a new AD DS forest.
Domain DNS name
The name of DNS domain.
Domain NetBIOS name
The NetBIOS name that is used by pre-AD DS clients to access the domain. This name must be unique on the network.
DNS name
The DNS name.
Replication source domain controller
The name of the domain controller from which to source AD DS on new replica or backup domain controller upgrade installations. If no value is supplied, the closest domain controller from the domain being replicated will be selected by default.
Account
The account to be used to perform the configuration.
Recovery (safe mode) password
The password for the offline Administrator account that is used in AD DS repair mode.
Install DNS if not already present
When selected, DNS will be installed if it has not already been installed.
Make this domain controller a global catalog (GC) server
Specifies whether the replica will also be a GC server. When selected, the target computer will be configured as a GC server if the replication source domain controller is a GC server.
Wait for critical replication only
When selected, this setting specifies that only critical replication is sourced during the replication phase of Dcpromo. Noncritical replication resumes when the computer restarts as a domain controller.
Forest functional level
Specifies the functional level for a new forest. Available options are:
Solution Accelerators
•
Level 1 = Microsoft Windows® 2000
•
Level 2 = Windows Server 2003
•
Level 3 = Windows Server 2008
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
9
Name
Description
Domain functional level
Specifies the functional level for a new domain. Available options are: •
Level 1 = Windows 2000
•
Level 2 = Windows Server 2003
•
Level 3 = Windows Server 2008
Database
Fully qualified, non–Universal Naming Convention (UNC) directory on a hard disk drive of the local computer that will host the AD DS database (NTDS.dit). If the directory exists, it must be empty. If it does not exist, it will be created. Free disk space on the logical drive selected must be 200 megabytes (MB) and possibly larger when rounding errors are encountered and to accommodate all objects in the domain. For best performance, the directory should be located on a dedicated hard disk.
Log files
Fully qualified, non-UNC directory on a hard disk on the local computer to host the AD DS log files. If the directory exists it must be empty. If it does not exist, it will be created.
SYSVOL
Fully qualified, non-UNC directory on a hard disk drive of the local computer that will host the AD DS System Volume (SYSVOL) files. If the directory exists it must be empty. If it does not exist it will be created. The directory must be located on a partition that is formatted with the NTFS version 5.0 file system. For best performance, the directory should be located on a different physical hard disk than the operating system.
Site name
The value of an existing AD DS site on which to locate the new domain controller. If not specified, an appropriate site will be selected. This option only applies to the new tree in a new forest scenario. For all other scenarios, a site will be selected using the current site and subnet configuration of the forest.
Configure DHCP This task sequence step configures the DHCP server service on the target computer. For more information about what script accomplishes this task and what properties are used, see ZTIConfigureDHCP.wsf in the “Scripts” section of this reference. The unique properties and settings for the Configure DHCP task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Configure DHCP Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Settings Name
Description
Name
Configure DHCP
Scope Details
These options apply to any client computers that obtain a lease within that particular scope. Configured scope option values always apply to all computers obtaining a lease in a given scope unless they are overridden by options assigned to class or client reservation. Within the Scope Details setting, the following sub-settings are configurable:
Solution Accelerators
•
Scope Name. A user-definable name.
•
Start IP address. The starting IP address for the scope.
•
End IP address. The ending IP address for the scope.
•
Subnet mask. The subnet mask of the client subnet.
•
Lease duration for DHCP clients. The duration that the DHCP lease is valid for the client.
•
Description. A description of the scope.
•
Exclude IP address range, Start IP address. The starting IP address for the range of IP addresses that are to be excluded from the scope.
•
Exclude IP address range, End IP address. The ending IP address for the range of IP addresses that are to be excluded from the scope.
•
003 Router. A list of IP addresses for routers on the client subnet.
•
006 DNS Servers. A list of IP addresses for DNS name servers available to the client.
•
015 DNS Domain Name. The domain name that the DHCP client should use when resolving unqualified domain names with the DNS.
•
044 WINS/NBNS Servers. Lists the IP addresses for NetBIOS name servers (NBNSes) on the network.
•
046 WINS/NBT Node Type. Configures the client node type for NetBT clients.
•
060 PXE Client. The address used for Pre-Boot Execution Environment (PXE) client bootstrap code.
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
11
Name
Description
Server Options
These options apply globally for all scopes and classes defined at each DHCP server and for any clients that a DHCP server services. Configured server option values always apply unless they are overridden by options assigned to other scope, class, or client reservation. Within the Server Options setting, the following sub-settings are configurable: •
003 Router. A list of IP addresses for routers on the client subnet.
•
006 DNS Servers. A list of IP addresses for DNS name servers available to the client.
•
015 DNS Domain Name. The domain name that the DHCP client should use when resolving unqualified domain names with the DNS.
•
044 WINS/NBNS Servers. Lists the IP addresses for NBNSes on the network.
•
046 WINS/NBT Node Type. Configures the client node type for NetBT clients.
•
060 PXE Client. The address used for Pre-Boot Execution Environment (PXE) client bootstrap code.
Configure DNS This task sequence step configures DNS on the target computer. For more information about what script accomplishes this task and what properties are used, see ZTIConfigureDNS.wsf in the “Scripts” section of this reference. The unique properties and settings for the Configure DNS task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Configure DNS Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Settings Name
Description
Name
Configure DNS
Zones
Within the Scope Details setting, the following sub-settings are configurable:
Server Properties
•
DNS zone name. A user-definable name.
•
Type. The type of DNS zone to be created.
•
Replication. Specifies the replication scheme used to share information between DNS servers.
•
Zone file name. The zone’s DNS database file.
•
Dynamic updates. Enables DNS client computers to register and dynamically update their resource records with a DNS server whenever changes occur.
•
Scavenge stale resource records. Removes stale resource records.
Within the Server Properties setting, the following subsettings are configurable: •
Disable recursion. Specifies that the DNS server will not perform recursion on any query.
•
BIND secondaries. Specifies whether to use fast transfer format to transfer a zone to DNS servers running legacy Berkeley Internet Name Domain (BIND) implementations.
•
Fail on load if bad data. Specifies the DNS server should parse files strictly.
•
Enable round robin. Specifies the DNS server should use the round robin mechanism to rotate and reorder a list of resource records if multiple resource records exist of the same type exist for a query answer.
•
Enable netmask ordering. Specifies whether the DNS server should reorder resource records within the same resource record set in its response to a query based on the IP address of the source of the query.
•
Secure cache against pollution. Specifies whether the DNS server will attempt to clean up responses to avoid cache pollution.
Note For more information about these server properties, see Optimizing DNS at http://technet2.microsoft.com/windowsserver/en/library/3a1388f8-269f-42f3-ad0ecc76e95226531033.mspx. Note The Configure DNS task sequence step uses the Dnscmd tool, which is included in Windows Support Tools, to configure DNS. Be sure that Windows Support Tools has been installed before running the Configure DNS task sequence step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
13
Enable BitLocker This task sequence step configures BitLocker™ Drive Encryption on the target computer. For more information about this step type, see Enable BitLocker at http://technet.microsoft.com/en-us/library/bb632526.aspx. The unique properties and settings for the Enable BitLocker task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Enable BitLocker.
Settings Name
Description
Current operating system drive
When selected, the operating system drive will be configured. This is the default selection.
Specific drive
When selected, the specified drive will be configured.
TPM only
When selected, the Trusted Platform Module (TPM) is required. This is the default selection.
Startup key on USB only When selected, a startup key is required on the specified USB drive. TPM and startup key on USB
When selected, the TPM is required, in addition to a startup key on the specified USB drive.
In Active Directory
When selected, the recovery key is stored in AD DS. This is the default selection.
Do not create a recovery key
When selected, the recovery key is not created. Using this option is not recommended.
Wait for BitLocker to complete
When selected, this step will not finish until after BitLocker Drive Encryption has completed processing all drives.
Format and Partition Disk This task sequence step partitions and formats disks on the target computer. For more information about this step type, see Format and Partition Disk at http://technet.microsoft.com/en-us/library/bb680345.aspx. The unique properties and settings for the Format and Partition Disk task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Format and Partition Disk.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Settings Name
Description
Disk number
The physical number of the disk to be configured.
Disk type
The type of drive to be created. Values are Standard—Master Boot Record (MBR) and GUID (globally unique identifier) Partition Table (GPT). The default selection is MBR.
Volume
Within the Volume setting, the following sub-settings are configurable: •
Partition Name. A user-definable name.
•
Partition Type. Values are Primary or Extended.
•
Use a percentage of remaining space.
•
Use specific drive size. Values are in increments of 1 MB or 1 GB.
•
Make this a boot partition.
•
File System. Values are NTFS or FAT32.
•
Quick Format. When selected, a quick format is performed.
•
Variable. The drive letter that was assigned to this newly configured partition.
Note When using the CustomSettings.ini file to specify the hard disk and partition configurations, only the first hard disk and first two partitions will be configured. Edit ZTIGather.xml to configure additional hard disks or partitions.
Gather This task sequence step gathers data and processing rules for the target computer. The unique properties and settings for the Gather task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Gather.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
15
Settings Name
Description
Gather only local data
When selected, this step will process only the properties contained in the ZTIGather.xml file.
Gather local data and process rules
When selected, this step will process the properties contained in the ZTIGather.xml file and the properties contained in the file specified by the Rules file. This is the default selection.
Rules file
The name of the Rules file to process. If left blank, the task sequence step will attempt to locate and process the CustomSettings.ini file.
Install Application This task sequence step installs applications on the target computer. For more information about this step type, see Install Software at http://technet.microsoft.com/en-us/library/bb680842.aspx. The unique properties and settings for the Install Application task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Application.
Settings Name
Description
Install multiple applications
Install mandatory applications that have been specified by the MandatoryApplications property and optional applications that are specified by the Applications property. These properties are configured by rules or are specified during the Windows Deployment Wizard interview process. This is the default selection.
Install a single application
The specific application to install. The application is selected from a drop-down list which is compiled of applications that have been configured on the Applications node of Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Install Operating System This task sequence step installs an operating system on the target computer. The unique properties and settings for the Install Operating System task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Install Operating System.
Settings Name
Description
Operating system to install
The name of the operating system to be installed on the target computer. The operating system is selected from a drop-down list which is compiled from operating systems that have been configured on the Operating Systems node of Deployment Workbench.
Install Roles and Features This task sequence step installs the selected roles and features on the target computer. The unique properties and settings for the Install Roles and Features task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Roles and Features.
Settings Name
Description
The list of roles and features that should be installed
One or more roles and features can be specified for installation on the target computer. These roles are: •
AD DS domain controller
•
DHCP server
•
DNS server
Install Language Packs Offline This task sequence step installs updates to the image on the target computer after the operating system has been deployed but before the target computer has been restarted. These updates include language packs. For more information about what script accomplishes this task and what properties are used, see ZTIPatches.wsf in the “Scripts” section of this reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
17
The unique properties and settings for the Install Language Packs Offline task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Updates Offline.
Settings Name
Description
Package Name
The name of the language pack package that should be applied to the target computer.
Note This task sequence step is valid only when deploying Windows Vista® or Windows Server 2008 using MDT 2008 with System Center Configuration Manager.
Install Language Packs Online This task sequence step installs language packs to the image on the target computer after the operating system has been deployed and after the target computer has been restarted. For more information about what script accomplishes this task and what properties are used, see ZTILangPacks.wsf in the “Scripts” section of this reference. The unique properties and settings for the Install Language Packs Online task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Language Packs Online.
Settings Name
Description
Package Name
The name of the language pack package that should be applied to the target computer.
Note This task sequence step is valid only when using MDT 2008 with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Install Updates Offline This task sequence step installs updates to the image on the target computer after the operating system has been deployed, but before the target computer has been restarted. These updates include language packs. For more information about what script accomplishes this task and what properties are used, see ZTIPatches.wsf in the “Scripts” section of this reference. The unique properties and settings for the Install Updates Offline task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Updates Offline.
Settings Name
Description
Package Group
The name of the package group that should be applied to the target computer. Note When using MDT 2008 with System Center Configuration Manager, specify the name of the update package that should be applied.
Note This task sequence step is valid only when deploying Windows Vista or Windows Server 2008.
Restart Computer This task sequence step restarts the target computer. The unique properties and settings for the Restart Computer task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Restart Computer.
Settings Name
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
19
Run Command Line This task sequence step will run the specified commands on the target computer. For more information about this step type, see Run Command Line at http://technet.microsoft.com/en-us/library/bb632992.aspx. The unique properties and settings for the Run Command Line task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Run Command Line.
Settings Name
Description
Command Line
The command to be run when this task sequence step is processed.
Start in
The starting folder for the application. The path must be a valid path on the target computer.
Run Command Line As This task sequence step will run the specified commands on the target computer while impersonating the specified user. The unique properties and settings for the Run Command Line As task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Run Command Line.
Settings Name
Description
Command Line
The commands to be run when this task sequence step is processed.
Start in
The starting folder for the application. The path must be a valid path on the target computer.
Account
The user credentials that will be used to run the specified command.
Load the user’s profile
When selected, the user profile for the specified account is loaded.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
Set Task Sequence Variable This task sequence step sets the specified task sequence variable to the specified value. For more information about this step type, see Set Task Sequence Variable at http://technet.microsoft.com/en-us/library/bb694306.aspx. The unique properties and settings for the Set Task Sequence Variable task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Set Task Sequence Variable.
Settings Name
Description
Task Sequence Variable
The name of the variable to modify.
Value
The value to assign to the specified variable.
Validate This task sequence step validates that the target computer meets the specified deployment prerequisite conditions. The unique properties and settings for the Validate task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Validate.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
21
Settings Name
Description
Ensure minimum memory
When selected, this step will verify that the amount of memory, in MB, installed on the target computer meets or exceeds the amount specified. This is a default selection.
Ensure minimum processor speed
When selected, this step will verify that the speed of the processor, in megahertz (MHz), installed on the target computer meets or exceeds the amount specified. This is a default selection.
Ensure specified image size will fit
When selected, this step will verify that the amount of free disk space, in MB, on the target computer meets or exceeds the amount specified.
Ensure current operating system to be refreshed
When selected, this step will verify that the operating system installed on the target computer meets the requirement specified. This is a default selection.
Out-of-Box Task Sequence Steps The following task sequence steps are referenced by one or more of the available task sequence templates that are included with MDT 2008. Each of the following examples lists the preconfigured properties, parameters, and options, and can be used as a basis for building custom task sequences. Only the task sequence step properties, parameters, and options, and their corresponding values, are listed in the examples. For more information about each task sequence step, see the corresponding topics in the sections, “Common Properties and Options for Task Sequence Step Types” and “Specific Properties and Parameters for Task Sequence Step Types” sections of this reference.
Add Mass Storage Drivers to Sysprep.inf for XP and 2003 This task sequence step adds mass storage drivers to the System Preparation Tool (Sysprep) file on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIStorageDriversSysprep.wsf in the “Scripts” section of this reference. The default configuration of the Add mass storage drivers to sysprep.inf for XP and 2003 task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Add mass storage drivers to Sysprep.inf for XP and 2003
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIStorageDriversSysprep.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Apply Network Settings This task sequence step configures the network adapter on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTINICConfig.wsf in the “Scripts” section of this reference. The default configuration of the Apply Network Settings task sequence step is:
Properties Name
Value
Type
Apply Network Settings
Name
Apply Network Settings
Description
Not specified.
Settings Name
Value No parameters are preconfigured for this step. This causes this step, by default, to configure the network adapter to use DHCP.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
23
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Note When using the CustomSettings.ini file to specify the network adapter configurations, only the first network adapter will be configured. Edit ZTIGather.xml to configure additional network adapters.
Apply Patches This task sequence step installs updates to the image on the target computer after the operating system has been deployed, but before the target computer has been restarted. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIPatches.wsf in the “Scripts” section of this reference. The default configuration of the Install Updates Offline task sequence step is:
Properties Name
Value
Type
Install Updates Offline
Name
Apply Patches
Description
Not specified.
Settings Name
Value
Package Group
All Packages
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Apply Windows PE This task sequence step prepares the target computer to start in Windows Preinstallation Environment (Windows PE). Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTIApply.wsf in the “Scripts” section of this reference. The default configuration of the Apply Windows PE task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Apply Windows PE
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTIApply.wsf" /PE
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Backup This task sequence step backs up the target computer before starting the operating system deployment. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIBackup.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
25
The default configuration of the Backup task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Backup
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIBackup.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Capture Groups This task sequence step captures group membership of local groups that exist on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIGroups.wsf in the “Scripts” section of this reference. The default configuration of the Capture Groups task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Capture Groups
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIGroups.wsf" /capture
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Capture User State This task sequence step captures the user state for user profiles that exist on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIUserState.wsf in the “Scripts” section of this reference. For more information about this step type, see Capture User State at http://technet.microsoft.com/en-us/library/bb680924.aspx. The default configuration of the Capture User State task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Capture User State
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIUserState.wsf" /capture
Start in
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
27
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Check BIOS This task sequence step checks the BIOS of the target computer to ensure that it is compatible with the operating system that is to be deployed. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIBIOSCheck.wsf in the “Scripts” section of this reference. The default configuration of the Check BIOS task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Check BIOS
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIBIOSCheck.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Configure This task sequence step configures the Unattend.xml, Sysprep.inf, or Unattend.txt files with the required property values that are applicable to the operating system being deployed to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIConfigure.wsf in the “Scripts” section of this reference. The default configuration of the Configure task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Configure
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIConfigure.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Copy Media CD to Local Hard Disk for OEM Pre-installation This task sequence step copies the contents of the media deployment point to the target computer, in preparation for original equipment manufacturer (OEM) duplication. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIOEM.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
29
The default configuration of the Copy Media CD to Local Hard Disk for OEM preinstallation task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Copy Media CD to Local Hard Disk for OEM pre-installation
Description
Not specified.
Settings Name
Value
Command line
cscript.exe //nologo "%SCRIPTROOT%\LTIOEM.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Copy Scripts This task sequence step copies the deployment scripts used during the deployment processes to a local hard drive on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTICopyScript.wsf in the “Scripts” section of this reference. The default configuration of the Copy Scripts task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Copy Scripts
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTICopyScripts.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
DeploymentMethod does not equal OSD Note When performing a non- SMS 2003 Operating System Deployment (OSD) Feature Pack deployment, the conditional qualifier will not be specified.
Copy Sysprep Files This task sequence step copies the Sysprep files to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTISysprep.wsf in the “Scripts” section of this reference. The default configuration of the Copy Sysprep Files task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Copy Sysprep Files
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTISysprep.wsf"
Start in
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
31
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Create BitLocker Partition This task sequence step sets the BDEInstall property to True, indicating that BitLocker Drive Encryption should be installed on the target computer. The unique properties and settings for the Create BitLocker Partition task sequence step type are:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Create BitLocker Partition
Description
None
Settings Name
Value
Task Sequence Variable
BDEInstall
Value
True
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Enable BitLocker This task sequence step enables BitLocker Drive Encryption on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIBde.wsf in the “Scripts” section of this reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
The default configuration of the Enable BitLocker task sequence step is:
Properties Name
Value
Type
Enable BitLocker
Name
Enable BitLocker
Description
None
Settings Name
Value
Current operating system drive
Selected.
TPM only
Selected.
Startup key on USB only Not selected. TPM and startup key on USB
Not selected.
Specific drive
Not selected.
In Active Directory
Selected.
Do not create a recovery key
Not selected.
Wait for BitLocker to complete
Not selected.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
33
Enable OEM Disk Configuration This task sequence step sets the DeploymentType property to NEWCOMPUTER, which allows the target computer’s disk to be partitioned and formatted. The unique properties and settings for the Enable OEM Disk Configuration task sequence step type are:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Enable OEM Disk Configuration
Description
None
Settings Name
Value
Task Sequence Variable
DeploymentType
Value
NEWCOMPUTER
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
End Phase This task sequence step ends the current deployment phase and restarts the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. The default configuration of the End Phase task sequence step is:
Properties Name
Value
Type
Restart Computer
Name
End Phase
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Settings Name
Value
None
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Execute Sysprep This task sequence step starts Sysprep on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTISysprep.wsf in the “Scripts” section of this reference. The default configuration of the Execute Sysprep task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Execute Sysprep
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTISysprep.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
35
Format and Partition Disk This task sequence step configures and formats disk partitions on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIDiskpart.wsf in the “Scripts” section of this reference. The default configuration of the Format and Partition Disk task sequence step is:
Properties Name
Value
Type
Format and Partition Disk
Name
Format and Partition Disk
Description
Not specified.
Settings Name
Value
Disk number
0
Disk type
Standard (MBR)
Volume
Within the Volume setting, the following sub-settings are configured: •
Partition Name. OSDisk.
•
Partition Type. Primary.
•
Use a percentage of remaining space. Selected.
•
Size(%). 100
•
Use specific drive size. Not selected.
•
Make this a boot partition. Selected.
•
File System. NTFS.
•
Quick Format. Selected.
•
Variable. Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Note When using the CustomSettings.ini file to specify the hard disk and partition configurations, only the first hard disk and first two partitions will be configured. Edit ZTIGather.xml to configure additional hard disks or partitions.
Gather Local Only This task sequence step gathers deployment configurations settings from local sources that apply to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIGather.wsf in the “Scripts” section of this reference. The default configuration of the Gather Local Only task sequence step is:
Properties Name
Value
Type
Gather
Name
Gather Local Only
Description
Not specified.
Settings Name
Value
Gather only local data
Selected.
Gather local data and process rules
Not selected.
Rules file
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
None
Generate Application Migration File This task sequence step generates the ZTIAppXmlGen.xml file, which contains a list of file associations that are installed on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIAppXmlGen.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
37
The default configuration of the Generate Application Migration File task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Generate Application Migration File
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIAppXmlGen.wsf" /capture
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
None
Inject Drivers This task sequence step injects drivers that have been configured for deployment to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIDrivers.wsf in the “Scripts” section of this reference. The default configuration of the Inject Drivers task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Inject Drivers
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIDrivers.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Inject Storage Drivers for XP and 2003 This task sequence step injects mass storage drivers to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIStorageDrivers.wsf in the “Scripts” section of this reference. The default configuration of the Inject Storage Drivers for XP and 2003 task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Inject Storage Drivers for XP and 2003
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIStorageDrivers.wsf"
Start in
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
39
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Install Applications This task sequence step installs applications on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIApplications.wsf in the “Scripts” section of this reference. The default configuration of the Install Applications task sequence step is:
Properties Name
Value
Type
Install Applications
Name
Install Applications
Description
Not specified.
Settings Name
Value
Install multiple applications
Selected.
Install a single application
Not selected.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
Install Operating System This task sequence step installs an operating system on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. The default configuration of the Install Operating System task sequence step is:
Properties Name
Value
Type
Install Operating System
Name
Install Operating System
Description
Not specified.
Settings Name
Value
Operating system to install
This value corresponds to the operating system that was selected when the task sequence was created.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Install Packages This task sequence step installs software packages that are designated for deployment on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIPackages.wsf in the “Scripts” section of this reference. The default configuration of the Install Packages task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Install Packages
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
41
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIPackages.wsf"
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
DeploymentMethod does not equal OSD
Next Phase This task sequence step updates the Phase property to the next phase in the deployment process. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTINextPhase.wsf in the “Scripts” section of this reference. The default configuration of the Next Phase task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Next Phase
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTINextPhase.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit 2008
Post Apply Cleanup This task sequence step cleans up unnecessary files after the installation of an image on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTIApply.wsf in the “Scripts” section of this reference. The default configuration of the Post Apply Cleanup task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Post Apply Cleanup
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTIApply.wsf" /post
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
DeploymentMethod does not equal OSD
Prepare Computer for OEM Capture This task sequence step prepares the target computer for OEM duplication. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIOEM.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
43
The default configuration of the Prepare Computer for OEM Capture task sequence step is: Note
This task sequence step is available only when using ZTI for ConfigMgr.
Properties Name
Value
Type
Run Command Line
Name
Prepare Computer for OEM Capture
Description
Not specified.
Settings Name
Value
Command Line
cscript.exe "%deployroot%\scripts\ZTIOEM.wsf" /PREOEM
Disable 64-bit file system redirection
Not selected.
Start in
Not specified.
Package
Not selected.
Time-out
Not selected.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Restart Computer This task sequence step restarts the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. The default configuration of the Restart Computer task sequence step is:
Properties Name
Value
Type
Restart Computer
Name
Restart Computer
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit 2008
Settings Name
Value
None
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Restore Computer from OEM Capture This task sequence step reconfigures the target computer to allow starting from hard disk and restores certain preconfigured task sequence properties. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIOEM.wsf in the “Scripts” section of this reference. The default configuration of the Restore Computer from OEM Capture task sequence step is: Note
This task sequence step is available only when using ZTI for ConfigMgr.
Properties Name
Value
Type
Run Command Line
Name
Restore Computer from OEM Capture
Description
Not specified.
Settings Name
Value
Command Line
cscript.exe "%deployroot%\scripts\ZTIOEM.wsf" /POSTOEM
Disable 64-bit file system redirection
Not specified.
Start in
Not specified.
Package
Not specified.
Time-out
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
45
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Restore Groups This task sequence step restores the previously captured group membership of local groups on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIGroups.wsf in the “Scripts” section of this reference. The default configuration of the Restore Groups task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Restore Groups
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIGroups.wsf" /restore
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
If all conditions are true:
Solution Accelerators
•
DoCapture not equals YES
•
DoCapture not equals PREPARE
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
Restore User State This task sequence step restores previously captured user state to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIUserState.wsf in the “Scripts” section of this reference. For more information about this step type, see Restore User State at http://technet.microsoft.com/en-us/library/bb632881.aspx. The default configuration of the Restore User State task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Restore User State
Description
Not specified.
Settings Name
Value
Command Line
cscript.exe "%SCRIPTROOT%\ZTIUserState.wsf" /restore
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
If all conditions are true: •
If DeploymentType not equals UPGRADE
•
If DoCapture not equals YES
•
If DoCapture not equals PREPARE
Set Diskpart BIOS Compatibility Mode This task sequence step sets the OSDDiskpartBiosCompatibilityMode property to TRUE. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
47
The default configuration of the Set Diskpart BIOS Compatibility Mode task sequence step is:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Set Diskpart BIOS Compatibility Mode
Description
Not specified.
Settings Name
Value
Task Sequence Variable
OSDDiskpartBiosCompatibilityMode
Value
TRUE
Options Name
Value
Disable this step
Selected.
Success codes
0
Continue on error
Not selected.
Conditional qualifier
Not specified.
Tatoo This task sequence step tattoos the target computer with identification and version information. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTITatoo.wsf in the “Scripts” section of this reference. The default configuration of the Tatoo task sequence step is:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Set Diskpart BIOS Compatibility Mode
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTITatoo.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Selected.
Conditional qualifier
Not specified.
Validate This task sequence step validates that the target computer meets the specified deployment prerequisite conditions. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIValidate.wsf in the “Scripts” section of this reference. The default configuration of the Validate task sequence step is:
Properties Name
Value
Type
Validate
Name
Validate
Description
Not specified.
Settings Name
Value
Ensure minimum memory (MB)
Selected. The value selector is set to 512.
Ensure minimum processor speed (MHz)
Selected. The value selector is set to 800.
Ensure specified image size will fit (MB)
Not selected.
Ensure current operating system to be refreshed
Selected. The value selector is set to “Server” or “Client,” depending on the template used to create the task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
49
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Windows Update (Pre-Application Installation) This task sequence step installs updates to the target computer prior to the installation of applications. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIWindowsUpdate.wsf in the “Scripts” section of this reference. The default configuration of the Windows Update (Pre-Application Installation) task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Windows Update (Pre-Application Installation)
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIWindowsUpdate.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Selected.
Conditional qualifier
If all conditions are true:
Solution Accelerators
•
If DoCapture not equals YES
•
If DoCapture not equals PREPARE microsoft.com/technet/SolutionAccelerators
50
Microsoft Deployment Toolkit 2008
Note This task sequence step is the same as the Windows Update (Post-Application Installation) task sequence step.
Wipe Disk This task sequence step formats the disks of the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIWipeDisk.wsf in the “Scripts” section of this reference. The default configuration of the Wipe Disk task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Wipe Disk
Description
This will only run if WipeDisk=TRUE in CustomSettings.ini
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIWipeDisk.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Selected.
Conditional qualifier
If all conditions are true:
Solution Accelerators
•
If DoCapture not equals YES
•
If DoCapture not equals PREPARE
microsoft.com/technet/SolutionAccelerators
Pr oper ti es The scripts used in LTI and ZTI reference properties to determine the process steps and configuration settings used during the deployment process. The scripts create some of these properties automatically. Other properties must be configured in the CustomSettings.ini file. Some of these properties are: •
Specific to ZTI only.
•
Specific to LTI only.
•
For use in both ZTI and LTI.
Use this reference to help determine the correct properties to configure and the valid values to include for each property. For each property the following information is provided: •
Description. Provides a description of the purpose of the property and any pertinent information regarding the customization of the property. Note
Unless explicitly specified for ZTI or LTI only, a property is valid for both ZTI and LTI.
•
Value and Description. Indicates the valid values to be specified for the property and a brief description of what each value means. (Values in italics indicate that a value is substituted—for example the value user1, user2 indicates that user1 and user2 would be replaced with the actual name of user accounts.)
•
Example. Provides an example of a property use as it might appear in the .ini files. For more information about these and other task sequence properties that might be referenced while performing a ZTI deployment, see Operating System Deployment Task Sequence Variables at http://technet.microsoft.com/enus/library/bb632442.aspx.
Property Definition _SMSTSOrgName Customizes the Task Sequencer engine's display banner. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
name
The name that will be used in the Task Sequencer engine’s display banner.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
52
Example [Settings] Priority=Default [Default] _SMSTSOrgName=Woodgrove Bank Note If MDT 2008 is used with the Systems Management Server (SMS) 2003 Operating System Deployment (OSD) Feature Pack, create a Variables.dat file and place it in the OSD package source folder. The file should have the following contents: <MediaVarList Version="4.00.5345.0000">My CorpName (where My CorpName is the name of the organization). When the file has been properly updated, update the Systems Management Server distribution points with the new package source.
Administrators A list of user accounts and domain groups that will be added to the local Administrator group on the target computer. The Administrators property is a list of text values that can be any non-blank value. The Administrators property has a numeric suffix (for example, Administrators1 or Administrators2). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
name
The name of a user or group that is to be added to the local Administrator group.
Example [Settings] Priority=Default [Default] Administrators1=WOODGROVEBANK\NYC Help Desk Staff Administrators2=WOODGROVEBANK\North America East Help Desk Staff PowerUsers1=WOODGROVEBANK\User01 PowerUsers2=WOODGROVEBANK\User02
AdminPassword Defines the password that will be assigned to the local Administrator user account on the target computer. If not specified, the pre-deployment password of the Administrator user account will be used. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
53
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
admin_password
The password that is to be assigned to the Administrator user account on the target computer.
Example [Settings] Priority=Default [Default] Administrators1=WOODGROVEBANK\NYC Help Desk Staff AdminPassword=admin_password
Applications A list of application GUIDs that should be installed on the target computer. These applications are specified on the Applications node in Deployment Workbench. These GUIDs are stored in the Applications.xml file. The Applications property is a list of text values that can be any non-blank value. The Applications property has a numeric suffix (for example, Applications001 or Applications002). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
application_guid
The GUID is specified by Deployment Workbench for the application to be deployed to the target computer. The GUID corresponds to the application GUID stored in the Applications.xml file.
Example [Settings] Priority=Default [Default] Applications001={1D7DF331-47B7-472C-87B3-442597EC2F7D} Applications002={9d2b8999-5e4d-4f3d-bb05-edaaf4fe5628}
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
54
Architecture The processor architecture of the processor that is currently running, which is not necessarily the processor architecture supported by the target computer. For example, when running a 32 bit–compatible operating system on a 64-bit processor, Architecture will indicate that the processor architecture is 32-bit. Use the CapableArchitecture property to identify the actual processor architecture supported by the target computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
x86
Processor architecture is 32-bit.
x64
Processor architecture is 64-bit.
Example None
AreaCode The area code to be configured for the operating system on the target computer. This property allows only numeric characters. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
area_code
The area code where the target computer is to be deployed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
55
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9
AssetTag The asset tag number associated with the target computer. The format for asset tag numbers is undefined. Use this property to create a subsection that contains settings targeted to a specific computer. Note This property is dynamically set by MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only. However, this property can be used within CustomSettings.ini, as shown in the following examples, to aid in defining the configuration of the target computer.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
asset_tag
The format of the asset tag is undefined and is determined by the asset tag standard of each organization.
Example 1 [Settings] Priority=Default [Default] ComputerName=HP-%AssetTag%
Example 2 [Settings] Priority=AssetTag, Default [Default] OSInstall=YES
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
56
Example 2 [0034034931] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [0034003233] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
BackupDir The folder in which backups of the target computer are stored. This folder exists beneath the UNC path specified in the BackupShare property. If the folder does not already exist, the folder is created automatically. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
folder
The name of the folder that exists beneath the shared folder specified in the BackupShare property.
Example [Settings] Priority=Default [Default] DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% BackupDrive=C:
BackupDrive The drive to include in the backup of the target computer. This property defaults to the drive that contains disk 0 partition 1. It can be also set to ALL.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
57
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
backup_drive
The drive letter of the drive to back up.
ALL
Back up all drives on the target computer.
Example [Settings] Priority=Default [Default] DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% BackupDrive=C:
BackupShare The shared folder in which backups of the target computer are stored. The credentials used to access this shared folder for: •
LTI are the credentials entered in the Windows Deployment Wizard.
•
ZTI are the credentials used by the Systems Management Server Advanced Client Network Access account.
The permissions required on this share are as follows: •
Domain Computers. Allow the Create Folders/Append Data permission.
•
Domain Users. Allow the Create Folders/Append Data permission.
•
Creator Owner. Allow the Full Control permission.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path of the shared folder. Note The UNC path specified in this property must exist before deploying the target operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
58
Example [Settings] Priority=Default [Default] DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% BackupDrive=C:
BDEDriveLetter The drive letter for the partition that is not encrypted by BitLocker Drive Encryption, also known as the System Volume (SYSVOL). SYSVOL is the directory that contains the hardware-specific files needed to load Windows computers after the BIOS has booted the platform. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_letter
The letter designation for the logical drive for the System Volume (such as S or T). The default value is S.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEDriveSize The size of the partition that is encrypted by BitLocker Drive Encryption, also known as the operating system volume. The value is specified in megabytes. In the example, the Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
59
size of the BitLocker Drive Encryption partition to create is almost 2 gigabytes (GB) (2,000 MB). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_size
The size of the partition in megabytes.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEInstall The type of BitLocker Drive Encryption installation to be performed. Protect the target computer using one of the following methods: •
A TPM microcontroller
•
A TPM and an external startup key (using a key that is typically stored on a USB flash drive)
•
A TPM and personal identification number (PIN)
•
An external startup key
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
60
Value
Description
TPM
Protect the computer with TPM only. The TPM is a microcontroller that stores keys, passwords, and digital certificates. The microcontroller is typically an integral part of the computer motherboard.
TPMKey
Protect the computer with TPM and a startup key. Use this option to create a startup key and to save it on a USB flash drive. The startup key must be present in the port each time the computer starts.
TPMPin
Protect the computer with TPM and a pin. Use this option in conjunction with the BDEPin property.
Key
Protect the computer with an external key (the recovery key) that can be stored in a folder, in AD DS, or printed.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEInstallSuppress Indicates whether the deployment process should skip the BitLocker Drive Encryption installation. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
YES
Do not attempt to install BitLocker Drive Encryption.
NO
Attempt to install BitLocker Drive Encryption.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
61
Example [Settings] Priority=Default [Default] BDEInstallSuppress=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
BDEKeyLocation The location for storing the BitLocker Drive Encryption recovery key and startup key. Note If this property is configured using the Windows Deployment Wizard, the property must be the drive letter of a removable disk. If the SkipBitLocker property is set to True so that the Specify the BitLocker configuration wizard page is skipped, this property can be set to a UNC path in CustomSettings.ini or in the Deployment Workbench database.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
location
Specifies where the recovery key will be stored. Must be a UNC path or the drive letter of a removable disk. If not set, the first available removable drive will be used.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
62
BDEPin The PIN to be assigned to the target computer when configuring BitLocker Drive Encryption and the BDEInstall or OSDBitLockerMode properties are set to TPMPin. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
Pin
The PIN to be used for BitLocker Drive Encryption. The PIN can be between 4 and 20 digits long.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMPin BDEPin=123456789
BDERecoveryKey A Boolean value that indicates whether the process creates a recovery key for BitLocker Drive Encryption. The key is used for recovering data encrypted on a BitLocker Drive Encryption volume. This key is cryptographically equivalent to a startup key. If available, the recovery key decrypts the volume master key (VMK), which, in turn, decrypts the full volume encryption key (FVEK). Note
The recovery key is stored in the location specified in the BDEKeyLocation property.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
AD
A recovery key is created.
Not specified
A recovery key is not created.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
63
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEWaitForEncryption Specifies that the deployment process should not proceed until BitLocker Drive Encryption has completed the encryption process for all specified drives. Specifying TRUE could dramatically increase the time required to complete the deployment process. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
TRUE
Specifies that the deployment process should wait for drive encryption to complete.
FALSE
Specifies that the deployment process should not wait for drive encryption to complete.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerStartupKeyDrive=C: OSDBitLockerCreateRecoveryPassword=AD BDEWaitForEncryption=TRUE
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
64
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
BitsPerPel A setting for displaying colors on the target computer. The property can contain numeric digits and corresponds to the color quality setting. In the example, 32 indicates 32 bits per pixel for color quality. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 Hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
bits_per_pixel
The number of bits per pixel to use for color. The default value is the default for the operating system being deployed.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
BuildID Identifies the operating system task sequence to be deployed to the target computer. The task sequence ID is created on the Task Sequences node in Deployment Workbench. The BuildID property allows alphanumeric characters, hyphens (-), and underscores (_). The BuildID property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
65
Value
Description
build_id
Identifier of the operating system task sequence as defined in Deployment Workbench for the target operating system being deployed. Note Make certain to use the TaskSequenceID specified in the Deployment Workbench UI, and not the GUID of the TaskSequenceID.
Example [Settings] Priority=Default [Default] BuildID=Vista_BareMetal
CapableArchitecture The processor architecture of the processor supported by the target computer, not the current processor architecture that is running. For example, when running a 32-bitcompatible operating system on a 64-bit processor, CapableArchitecture will indicate that the processor architecture is 64-bit. Use the Architecture property to see the processor architecture that is currently running. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
x86
Processor architecture is 32-bit.
x64
Processor architecture is 64-bit.
Example None
CaptureGroups Controls whether the group membership of local groups on the target computer is captured. This group membership is captured during the State Capture Phase and is restored during the State Restore Phase.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
66
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
NO
Captures no group membership information.
ALL
Captures the membership of all local groups on the target computer.
YES
Captures the membership of the Administrator and Power Users built-in groups and the groups listed in the groups’ properties. This is the default value if some other value is specified. (YES is the typical value.)
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ CaptureGroups=YES Groups1=NYC Application Management Groups2=NYC Help Desk Users Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
ComputerBackupLocation The network shared folder where the computer backup is stored. If the target folder does not already exist, it is automatically created. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
blank
Same as AUTO.
UNC_path
The UNC path to the network shared folder where the backup is stored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
67
Value
Description
AUTO
Creates a backup on a local hard disk if space is available. Otherwise, the backup is saved to a network location specified in the BackupShare and BackupDir properties.
NETWORK
Creates a backup on a network location specified in BackupShare and BackupDir.
NONE
No backup will be performed.
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ ComputerBackupLocation=NETWORK BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
ComputerName The name to be assigned to the target computer during the deployment of the target operating system. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
computer_name
The name to be assigned to the target computer. Note In a Refresh Computer scenario, ZTI will rename the computer if the following line was included in the [Default] section: ComputerName=%OSDNEWMACHINENAME%.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
68
Example [Settings] Priority=Default [Default] ComputerName=%OSDNEWMACHINENAME%
CountryCode The country code to be configured for the operating system on the target computer. This property allows only numeric characters. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
country_code
The country code where the target computer is to be deployed.
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9
Database The property that specifies the database to be used for querying property values from columns in the table specified in the Table property. The database resides on the computer specified in the SQLServer property. The instance of Microsoft SQL Server® on the computer is specified in the Instance property.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
69
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
database
The name of the database to be used for querying property values.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
DBID Specifies the user account used to connect to the computer running SQL Server (specified by the SQLServer property) using SQL Server authentication. The DBPwd property provides the password for the user account in the DBID property. Note SQL Server authentication is not as secure as Integrated Windows authentication. Integrated Windows authentication is the recommended authentication method. Using the DBID and DBPwd properties stores the credentials in clear text in the CustomSettings.ini file and therefore is not secure. For more information about using Integrated Windows authentication, see the SQLShare property. Note This property is configurable only by manually editing the CustomSettings.ini and BootStrap.ini files.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
70
Value
Description
user_id
The name of the user account credentials used to access the computer running SQL Server using SQL Server authentication.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 DBID=SQL_User-01 DBPwd=complex_password NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
DBPwd Specifies the password for the user account specified in the DBID property. The DBID and DBPwd properties provide the credentials for performing SQL Server authentication to the computer running SQL Server (specified by the SQLServer property). Note SQL Server authentication is not as secure as Integrated Windows authentication. Integrated Windows authentication is the recommended authentication method. Using the DBID and DBPwd properties stores the credentials in clear text in the CustomSettings.ini file and therefore is not secure. For more information about using Integrated Windows authentication, see the SQLShare property. Note This property is configurable only by manually editing the CustomSettings.ini and BootStrap.ini files.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
71
Value
Description
user_password
The password for the user account credentials specified in the DBID property for using SQL Server authentication.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 DBID=SQL_User-01 DBPwd=complex_password NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
DefaultGateway The IP address of the default gateway being used by the target computer. The format of the IP address returned by the property is standard dotted-decimal notation; for example, 192.168.1.1. Use this property to create a subsection that contains settings targeted to a group of computers based on the IP subnets on which they are located. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
default_gateway
The IP address of the default gateway in standard dotteddecimal notation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
72
Example [Settings] Priority=DefaultGateway, Default [Default] OSInstall=YES [DefaultGateway] 192.168.0.1=HOUSTON 11.1.1.11=REDMOND 172.28.20.1=REDMOND [REDMOND] Packages001=XXX00004:Program4 Packages002=XXX00005:Program5 [HOUSTON] Packages001=XXX00006:Program6 Packages002=XXX00007:Program7 Packages003=XXX00008:Program8
DeployDrive The value used by the scripts to access files and run programs in the deployment point share created by Deployment Workbench. The property returns the drive letter mapped to the DeployRoot property. ZTIApplications.wsf uses the DeployDrive property when running any command-line programs with a .cmd or .bat extension. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_letter
The letter designation for the logical drive where the target operating system is to be installed (such as C or D).
Example None Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
73
DeploymentMethod The method being used for the deployment (Network, Media, or OSD). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
Network
The deployment is made to the target computer over the network.
Media
The deployment is made from local media (such as DVD or hard disk) at the target computer.
OSD
The deployment occurs using the SMS 2003 OSD Feature Pack from OSD distribution points. This is the method used by ZTI.
Example None
DeploymentType The type of deployment being performed based on the deployment scenario. For ZTI, this property is set dynamically by MDT 2008 scripts and is not configured in CustomSettings.ini. For LTI, the page in the Windows Deployment Wizard can be bypassed on which the deployment type is selected. When skipping this page in the wizard (using the SkipDeploymentType property), set this value in CustomSettings.ini to identify the type of deployment to be performed. Additionally, the deployment type can be specified by passing one of the values listed below to the LiteTouch.wsf script as a command-line option. Note Use the DeploymentType property in conjunction with the SkipDeploymentType property to skip the page in the Windows Deployment Wizard. All values must be specified in upper case to function properly.
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
NEWCOMPUTER
The target computer is a new computer that has never been a member of the network.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
74
Value
Description
REFRESH
The target computer is an existing computer on the network that needs the desktop environment standard to be redeployed.
REPLACE
An existing computer on the network is being replaced with a new computer. The user state migration data is transferred from the existing computer to a new computer.
UPGRADE
An existing computer on the network is running an earlier version of the Microsoft Windows operating system and needs to be upgraded to the most current desktop environment standard.
Example [Settings] Priority=Default [Default] DeploymentType=UPGRADE
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
DeployRoot The deployment point share created by Deployment Workbench. Use this property to select a specific deployment point. The most common use of this property is in the BootStrap.ini file to identify a deployment point before the connection to the deployment point is established. All other deployment point folders are relative to this property (such as device drivers, language packs, or operating systems). Note For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path to the deployment point share. The default share name is Distribution$.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
75
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE
Dialing The type of dialing supported by the telephony infrastructure where the target computer is located. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
PULSE
The telephony infrastructure supports pulse dialing.
TONE
The telephony infrastructure supports touch-tone dialing.
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9 Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
76
DoCapture Indicator of whether an image of the target computer is to be captured. If it is, Sysprep is run on the target computer to prepare for image creation. After Sysprep has run, a new Windows Imaging Format (WIM) image is created and stored in the folder within the shared folder designated for target computer backups (BackupDir and BackupShare, respectively). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Run Sysprep on the target computer and capture a WIM image.
NO
Do not run Sysprep on the target computer and do not capture a WIM image.
PREPARE
Copies the necessary files to run Sysprep on the target computer but does not run Sysprep or other image capture processes. This value is used when the SMS 2003 OSD Feature Pack is used to capture an image of the target computer.
Example [Settings] Priority=Default [Default] DoCapture=YES DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
DomainAdmin The user account credentials used to join the target computer to the domain specified in JoinDomain. Specify as Domain\UserName or [email protected]. Note For ZTI, the credentials that the SMS 2003 OSD Feature Pack specifies typically are used. If the DomainAdmin property is specified, the credentials in the DomainAdmin property override the credentials that the SMS 2003 OSD Feature Pack specifies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
77
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_admin
The name of the user account credentials.
Example [Settings] Priority=Default [Default] DomainAdmin=NYCAdmin DomainAdminDomain=WOODGROVEBANK DomainAdminPassword=complex_password::
DomainAdminDomain The domain in which the user’s credentials specified in DomainAdmin reside. Note For ZTI, the credentials that the SMS 2003 OSD Feature Pack specifies typically are used. If the DomainAdmin property is specified, the credentials in the DomainAdmin property override the credentials that the SMS 2003 OSD Feature Pack specifies.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_admin_domain
The name of the domain where the user account credentials reside.
Example [Settings] Priority=Default [Default] DomainAdmin=NYCAdmin DomainAdminDomain=WOODGROVEBANK DomainAdminPassword=complex_password::
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
78
DomainAdminPassword The password used for the domain Administrator account specified in the DomainAdmin property to join the computer to the domain. Note For ZTI, the credentials that the SMS 2003 OSD Feature Pack specifies typically are used. If the DomainAdmin property is specified, the credentials in the DomainAdmin property override the credentials that the SMS 2003 OSD Feature Pack specifies.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_admin_password
The password for the domain Administrator account on the target computer.
Example [Settings] Priority=Default [Default] DomainAdmin=NYCAdmin DomainAdminDomain=WOODGROVEBANK DomainAdminPassword=complex_password
DomainOUs A list of AD DS organizational units (OUs) where the target computer account can be created. The DomainOUs property lists text values that can be any non-blank value. The DomainOUs property has a numeric suffix (for example, DomainOUs1 or DomainOUs2). In addition, the same functionality can be provided by configuring the DomainOUList.xml file. The format of the DomainOUList.xml file is as follows: OU=\WOODGROVEBANK\NYC\Tellers\Computers OU=\WOODGROVEBANK\NYC\Managers\Computers Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
79
Value
Description
OU
The OU where the target computer account can be created.
Example [Settings] Priority=Default [Default] OSInstall=Y DomainOUs1=\WOODGROVEBANK\NYC\Tellers\Computers DomainOUs2=\WOODGROVEBANK\NYC\Managers\Computers
DriverGroup A list of text values that associates out-of-box drivers created in Deployment Workbench with each other (typically based on the make and model of a computer). A driver can be associated with one or more driver groups. The DriverGroup property allows the drivers within one or more groups to be deployed to a target computer. The text values in the list can be any non-blank value. The DriverGroup property value has a numeric suffix (for example, DriverGroup001 or DriverGroup002). After it is defined, a driver group is associated with a computer. A computer can be associated with more than one driver group. For example, there are two sections for each of the computer manufacturers [Mfgr01] and [Mfgr02]. Two driver groups are defined for the manufacturer Mfgr01: Mfgr01 Video Drivers and Mfgr01 Network Drivers. For the manufacturer Mfgr02, one driver group is defined, Mfgr02 Drivers. One driver group, Shared Drivers, is applied to all computers found in the [Default] section. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
driver_group_name
The name of the driver group defined in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
80
Example [Settings] Priority=Make, Default [Default] DriverGroup001=Shared Drivers :: [Mfgr01] DriverGroup001=Mfgr01 Video Drivers DriverGroup002=Mfgr01 Network Drivers [Mfgr02] DriverGroup001=Mfgr02 Drivers
DriverPaths A list of UNC paths to shared folders where additional device drivers are located. These device drivers are installed with the target operating system on the target computer. The MDT 2008 scripts copy the contents of these folders to the C:\Drivers folder on the target computer. The DriverPaths property is a list of text values that can be any non-blank value. The DriverPaths property has a numeric suffix (for example, DriverPaths001 or DriverPaths002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
UNC path to the shared folder where the additional drivers are located.
Example [Settings] Priority=Default [Default] DriverPaths001=\\NYC-AM-FIL-01\Drivers$ DriverPaths002=\\NYC-AM-FIL-03\VistaDrvs::
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
81
EventShare The UNC path to the event collection servers for the Microsoft Deployment Toolkit Management Pack for Microsoft System Center Operations Manager 2007. The EventShare property points to a shared folder in which the MDT 2008 scripts record events. By default, the shared folder is created in C:\Events. If the folder will be created in any location other than C:\Events, modify the Generate ZTI Events and Discovery Data Management Pack rule to reference the location of the folder. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path to the shared folder where the Microsoft Deployment Toolkit Management Pack stores event information. The default share name is Events.
Example [Settings] Priority=Default [Default] EventShare=\\NYC-AM-FIL-01\Events DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$
FullName The full name of the user of the target computer provided during the installation of the operating system. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note This value is different from the user credentials created after the operating system is deployed. The FullName property is provided as information to system administrators about the user running applications on the target computer.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
full_name Solution Accelerators
The full name of the user of the target computer. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
82
Value
Description
Example [Settings] Priority=MACAddress, Default Properties=CustomProperty, ApplicationInstall [Default] CustomProperty=TRUE OSDINSTALLSILENT=1 OrgName=Woodgrove Bank [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista ApplicationInstall=Custom FullName=Woodgrove Bank User [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista ApplicationInstall=Minimum FullName=Woodgrove Bank Manager
Groups The list of local groups on the target computer whose membership will be captured. This group membership is captured during the State Capture Phase and is restored during the State Restore Phase. (The default groups are Administrators and Power Users.) The Groups property is a list of text values that can be any non-blank value. The Groups property has a numeric suffix (for example, Groups001 or Groups002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
group_name
The name of the local group on the target computer for
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
Value
83
Description which group membership will be captured.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
84
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ CaptureGroups=YES Groups001=NYC Application Management Groups002=NYC Help Desk Users
HALName The descriptive name of the hardware abstraction layer (HAL) currently running on the target computer. Note This property is required only for Windows XP and Windows Server 2003 deployment. Also, this property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
hal_name
The name of the HAL running on the target computer.
Example None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
85
Home_Page The URL to be used as the Windows Internet Explorer® home page after the target operating system is deployed. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
URL
The URL of the Web page to be used as the home page for Internet Explorer on the target computer.
Example [Settings] Priority=Default [Default] Home_Page=http://portal.woodgrovebank.com ComputerName=%OSDNEWMACHINENAME%
HostName The IP host name of the target computer (the name assigned to the target computer). Note This is the computer name of the target computer, not the NetBIOS computer name of the target computer. The NetBIOS computer name can be shorter than the computer name. Also, this property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
host_name
The IP host name assigned to the target computer.
Example None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
86
InputLocale A list of input locales to be used with the target operating system. More than one input locale can be specified for the target operating system. Each locale must be separated by a semicolon (;). If not specified, the Windows Deployment Wizard uses the input locale configured in the image being deployed. Exclude this setting in the Windows User State Migration Tool (USMT) when backing up and restoring user state information. Otherwise, the settings in the user state information will override the values specified in the InputLocale property. Note
This property is used only for deploying Windows XP and Windows Server 2003.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
input_locale1; input_locale2
The locale for the keyboard attached to the target computer.
Example [Settings] Priority=Default [Default] UserLocale=0409:00000409 InputLocale=0409:00000409;0413:00020409;0413:00000409;0409:00020409
Instance The instance of SQL Server used for querying property values from columns in the table specified in the Table property. The database resides on the computer specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
instance
The name of the instance of SQL Server to be used for querying property values.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
87
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
IPAddress The IP address of the target computer. The format of the IP address returned by the property is standard dotted-decimal notation; for example, 192.168.1.1. Use this property to create a subsection that contains settings targeted to a specific target computer based on the IP address. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
ip_address
The IP address of the target computer in standard dotteddecimal notation.
Example None
IsDesktop Indicator of whether the computer is a desktop, because the Win32_SystemEnclosure ChassisType property value is 3, 4, 5, 6, 7, or 15. Note Only one of the following properties will be true at a time: IsDesktop, IsLaptop, IsServer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
88
Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The target computer is a desktop computer.
FALSE
The target computer is not a desktop computer.
Example None
IsLaptop Indicator of whether the computer is a portable computer, because the Win32_SystemEnclosure ChassisType property value is 8, 10, 12, 14, 18, or 21. Note Only one of the following properties will be true at a time: IsDesktop, IsLaptop, IsServer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The target computer is a portable computer.
FALSE
The target computer is not a portable computer.
Example None
IsServer Indicator of whether the computer is a server, because the Win32_SystemEnclosure ChassisType property value is 23. Note Only one of the following properties will be true at a time: IsDesktop, IsLaptop, IsServer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
89
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The target computer is a server.
FALSE
The target computer is not a server.
Example None
IsServerCoreOS Indicator of whether the current operating system running on the target computer is the Windows Server 2008 Core operating system. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The operating system on the target computer is Windows Server 2008 Core.
FALSE
The operating system on the target computer is not Windows Server 2008 Core.
Example None
IsServerOS Indicator of whether the current operating system running on the target computer is a server operating system (such as Windows Server 2003). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
90
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The operating system on the target computer is a server operating system.
FALSE
The operating system on the target computer is not a server operating system.
Example None
JoinDomain The domain that the target computer joins after the target operating system is deployed. This is the domain where the computer account for the target computer is created. The JoinDomain property can contain alphanumeric characters, hyphens (-), and underscores (_). The JoinDomain property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_name
The name of the domain that the target computer joins.
Example [Settings] Priority=Default [Default] JoinDomain=WOODGROVEBANK MachineObjectOU=OU=Reception,OU=NYC,DC=Woodgrovebank,DC=com ComputerName=%OSDNEWMACHINENAME%
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
91
JoinWorkgroup The workgroup that the target computer joins after the target operating system is deployed. The JoinWorkgroup property can contain alphanumeric characters, hyphens (-), and underscores (_). The JoinWorkgroup property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
workgroup_name
The name of the workgroup that the target computer joins.
Example [Settings] Priority=Default [Default] JoinWorkgroup=WDGV_WORKGROUP
KeyboardLocale A list of keyboard locales to be used with the target operating system. More than one keyboard locale can be specified for the target operating system. Each locale must be separated by a semicolon (;). If not specified, the Windows Deployment Wizard uses the keyboard locale configured in the image being deployed. Exclude this setting in USMT when backing up and restoring user state information. Otherwise, the settings in the user state information will override the values specified in the KeyboardLocale property. Note This property is used only for deploying Windows Vista and Windows Server 2008. For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
92
Value
Description
keyboard_locale1; keyboard_locale2
The locale of the keyboard attached to the target computer. The value can be specified in the following formats: •
Text (en-us)
•
Hexadecimal (0409:00004009)
Example 1 [Settings] Priority=Default [Default] UserLocale=en-us KeyboardLocale=en-us
Example 2 [Settings] Priority=Default [Default] UserLocale=en-us KeyboardLocale=0409:00004009;1809:00001809;041A:0000041A;083b:0001083b
LanguagePacks A list of the GUIDs for the language packs to be deployed on the target computer. Deployment Workbench specifies these language packs on the OS Packages node. These GUIDs are stored in the Packages.xml file. The LanguagePacks property has a numeric suffix (for example, LanguagePacks001 or LanguagePacks002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
language_pack_guid
The GUID that Deployment Workbench specifies for the language packs to install on the target computer. The GUID corresponds to the language pack GUID stored in Packages.xml.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
93
Example [Settings] Priority=Default [Default] LanguagePacks001={a1923f8d-b07b-44c7-ac1e-353b7cc4c1ad}
LoadStateArgs The arguments passed to the USMT Loadstate process. The ZTI script inserts the appropriate logging, progress, and state store parameters. If this value is not included in the settings file, the user state restore process is skipped. If the Loadstate process finishes successfully, the user state information is deleted. In the event of a Loadstate failure (or non-zero return code), the local state store is moved to %WINDIR%\StateStore to prevent deletion and to ensure that no user state information is lost. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
Arguments
The command-line arguments passed to Loadstate.exe. The default arguments specified by Deployment Workbench are as follows: •
/v. Enables verbose output in the Loadstate log. The default is 0. Specify any number from 0 to 15. The value 5 enables verbose and status output.
•
/c. When specified, Loadstate will continue to run even if there are nonfatal errors. Without the /c option, Loadstate exits on the first error.
•
/lac. Specifies that if the account being migrated is a local (non-domain) account, and it does not exist on the destination computer, then USMT will create the account but it will be disabled.
For more information about these and other arguments, see the USMT Help files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
94
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName%
Location The geographic location of the target computers. A list of IP addresses that correspond to the default gateways defined for the computers within that location defines the Location property. An IP address for a default gateway can be associated with more than one location. Typically, the value for the Location property is set by performing a database query on the database managed using Deployment Workbench. Deployment Workbench can assist in creating the locations, defining property settings associated with the locations, and then in configuring CustomSettings.ini to perform the database query for the Location property and the property settings associated with the locations. For example, a LocationSettings section in CustomSettings.ini can query the LocationSettings view in the database for a list of locations that contain the value specified in the DefaultGateway property listed in the Parameters property. The query returns all settings associated with each default gateway. Then the scripts parse each section that corresponds to the locations returned in the query. For example, the value [Springfield]and the section [Springfield-123 Oak Street-4th Floor] in CustomSettings.ini can represent the corresponding locations. This is an example of how one computer can belong to two locations. The [Springfield] section is for all computers in a larger geographic area (an entire city), and the [Springfield-123 Oak Street-4th Floor] section is for all computers on the fourth floor at 123 Oak Street, in Springfield. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
95
Value
Description
location1,
The list of locations to be assigned to an individual computer or a group of computers.
location2 Example [Settings]
Priority=LSettings, Default [Default] UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution$ OSInstall=YES ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c [LSettings] SQLServer=w2k3-sp1 Instance=MDT2008 Database=DWDB Netlib=DBNMPNTW SQLShare=SQL$ Table=LocationSettings Parameters=DefaultGateway [Springfield] UDDir=%ComputerName% UDShare=\\Springfield-FIL-01\UserData [Springfield-123 Oak Street-4th Floor] DeployRoot=\\Springfield-BDD-01\Distribution1$
LongDistanceAccess The dialing digits to gain access to an outside line to dial long distance. The property can contain only numeric digits. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
96
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
long_distance_access
The digits used to get an outside line to dial long distance where the target computer is to be deployed.
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9
MACAddress The media access control (MAC) layer address of the primary network adapter of the target computer. The MACAddress property is included on the Priority line so that property values specific to a target computer can be provided. Create a section for each MAC address for each of the target computers (such as [00:0F:20:35:DE:AC] or [00:03:FF:FE:FF:FF]) that contain target computer–specific settings. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
mac_address
The MAC address of the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
97
Example [Settings] Priority=MACAddress, Default [Default] CaptureGroups=YES Groups1=NYC Application Management Groups2=NYC Help Desk Users [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
MachineObjectOU The AD DS OU in the target domain where the computer account for the target computer is created. Note
The OU specified in this property must exist before deploying the target operating system.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
OU_name
The name of the OU where the computer account for the target computer will be created.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
98
Example [Settings] Priority=Default [Default] JoinDomain=WOODGROVEBANK MachineObjectOU=OU=Reception,OU=NYC,DC=Woodgrovebank,DC=com ComputerName=%OSDNEWMACHINENAME%
Make The manufacturer of the target computer. The format for Make is undefined. Use this property to create a subsection that contains settings targeted to a specific computer manufacturer (most commonly in conjunction with the Model and Product properties). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
make
The manufacturer of the target computer.
Example [Settings] Priority=Make, Default [Default] [Dell Computer Corporation] Subsection=Dell-%Model% [Dell-Latitude D600] Packages001=XXX00009:Program9 Packages002=XXX0000A:Program10
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
99
MandatoryApplications A list of application GUIDs that will be installed on the target computer. These applications are specified on the Applications node in Deployment Workbench. The GUIDs are stored in the Applications.xml file. The MandatoryApplications property is a list of text values that can be any non-blank value. The MandatoryApplications property has a numeric suffix (for example, MandatoryApplications001 or MandatoryApplications002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
application_guid
The GUID specified by Deployment Workbench for the application to be deployed to the target computer. The GUID corresponds to the application GUID stored in the Applications.xml file.
Example [Settings] Priority=Default [Default] MandatoryApplications001={1D7DF331-47B7-472C-87B3-442597EC2F7D} MandatoryApplications002={9d2b8999-5e4d-4f3d-bb05-edaaf4fe5628} Administrators1=WOODGROVEBANK\NYC Help Desk Staff
Memory The amount of memory installed on the target computer in megabytes. For example, the value 2038 indicates 2,038 MB (or 2 GB) of memory is installed on the target computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
memory
The amount of memory installed on the target computer in megabytes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
100
Example None
Model The model of the target computer. The format for Model is undefined. Use this property to create a subsection that contains settings targeted to a specific computer model number for a specific computer manufacturer (most commonly in conjunction with the Make and Product properties). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
model
The model of the target computer.
Example [Settings] Priority=Make, Default [Default] [Dell Computer Corporation] Subsection=Dell-%Model% [Dell-Latitude D600] Packages001=XXX00009:Program9 Packages002=XXX0000A:Program10
NetLib The protocol to be used to communicate with the computer running SQL Server specified in the SQLServer property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
101
Value
Description
DBNMPNTW
Use named pipes protocol to communicate.
DBMSSOCN
Use TCP/IP sockets to communicate.
Example [Settings] Priority=Computers, Default [Default] ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
Order The sorting order for the result set on a database query. The result set is based on the configuration settings of the Database, Table, SQLServer, Parameters, and ParameterCondition properties. More than one property can be provided to sort the results by more than one property. For example, if Order=Sequence is specified in the CustomSettings.ini file, then an ORDER BY Sequence clause is added to the query. Specifying Order=Make, Model adds an ORDER BY Make, Model clause to the query. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
property1, property2, …
Properties to define the sort order for the result set (where propertyn represents the properties in the sort criteria).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
102
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=MakeModelSettings Parameters=SerialNumber, AssetTag ParameterCondition=OR Order=Make, Model
OrgName The name of the organization that owns the target computer. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
org_name
The name of the organization that owns the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
103
Example [Settings] Priority=MACAddress, Default Properties=CustomProperty, ApplicationInstall [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 OrgName=Woodgrove Bank [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista ApplicationInstall=Custom FullName=Woodgrove Bank User [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista ApplicationInstall=Minimum FullName=Woodgrove Bank Manager
OSDBitLockerCreateRecoveryPassword A Boolean value that indicates whether the process creates a recovery key for BitLocker Drive Encryption. The key is used for recovering data encrypted on a BitLocker Drive Encryption volume. This key is cryptographically equivalent to a startup key. If available, the recovery key decrypts the volume master key (VMK), which, in turn, decrypts the full volume encryption key (FVEK). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini Deployment Database Solution Accelerators
ZTI for SMS ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
104
Value
Description
AD
A recovery key is created.
Not specified
A recovery key is not created.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerStartupKeyDrive=C:
OSDBitLockerMode The type of BitLocker Drive Encryption installation to be performed. Protect the target computer using one of the following methods: •
A TPM microcontroller
•
A TPM and an external startup key (using a key that is typically stored on a USB flash drive)
•
A TPM and PIN
•
An external startup key.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TPM
Protect the computer with TPM only. The TPM is a microcontroller that stores keys, passwords, and digital certificates. The microcontroller is typically an integral part of the computer motherboard.
TPMKey
Protect the computer with TPM and a startup key. Use this option to create a startup key and to save it on a USB flash drive. The startup key must be present in the port each time the computer starts.
TPMPin
Protect the computer with TPM and a pin. Use this option in conjunction with the BDEPin property. Note
Solution Accelerators
This value is not valid when using ZTI for ConfigMgr. microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
105
Value
Description
Key
Protect the computer with an external key (the recovery key) that can be stored in a folder, in AD DS, or printed.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPM OSDBitLockerCreateRecoveryPassword=AD
OSDBitLockerRecoveryPassword Instead of generating a random recovery password, the Enable BitLocker task sequence action uses the specified value as the recovery password. The value must be a valid numerical BitLocker Drive Encryption recovery password. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
password
A valid 48-digit password.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerRecoveryPassword=621280128854709621167486709731081433315062587367 OSDBitLockerStartupKeyDrive=C:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
106
OSDBitLockerStartupKey Instead of generating a random startup key for the key management option Startup Key on USB only, the Enable BitLocker task sequence action uses the value as the startup key. The value must be a valid, Base64-encoded BitLocker Drive Encryption startup key. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
startupkey
Base64-encoded BitLocker Drive Encryption startup key.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=KEY OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerStartupKey=8F4922B8-2D8D-479E-B776-12629A361049
OSDBitLockerStartupKeyDrive The location for storing the BitLocker Drive Encryption recovery key and startup key. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
location
The storage location for the recovery key and startup key (either local to the target computer or to a UNC that points to a shared network folder).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
107
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLocker CreateRecoveryPassword=AD OSDBitLockerStartupKeyDrive=C:
OSDBitLockerTargetDrive Specifies the drive to be encrypted. The default drive is the drive that contains the operating system. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
drive
The drive that is to be encrypted.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDERecoveryPassword=TRUE OSDBitLockerMode=TPMKey OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerTargetDrive=C:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
108
OSDBitLockerWaitForEncryption Specifies that the deployment process should not proceed until BitLocker Drive Encryption has completed the encryption process for all specified drives. Specifying TRUE could dramatically increase the time required to complete the deployment process. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
TRUE
Specifies that the deployment process should wait for drive encryption to complete.
FALSE
Specifies that the deployment process should not wait for drive encryption to complete.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerStartupKeyDrive=C: OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerWaitForEncryption=TRUE Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSDComputerName The new computer name to assign to the target computer. Note
This property is valid when using MDT 2008 with System Center Configuration Manager.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for SMS ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
109
Value
Description
computer_name
The new computer name to assign to the target computer.
Example [Default] OSDComputerName=%_SMSTSMachineName% Note This property can also be set within a task sequence using a customized Set Task Sequence Variable task sequence step.
OSCurrentBuild The build number of the currently running operating system. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
2195
Microsoft Windows 2000
2600
Windows XP
3790
Windows Server 2003
6000
Windows Vista, Windows PE 2.0
6001
Windows Vista with Service Pack 1 (SP1), Windows Server 2008
Example None
OSCurrentVersion The version of the operating system that is currently running. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
110
Value
Description
5.0.2195
Windows 2000
5.1.2600
Windows XP
5.2.3790
Windows Server 2003
6.0.6000
Windows Vista, Windows PE 2.0
6.0.6001
Windows Vista with SP1, Windows Server 2008
Example None
OSDInstallPackage The SMS 2003 OSD Feature Pack package that the operating system image installation CD installs, using a Systems Management Server package advertisement or Windows Deployment Services. This is set by the custom program or script specified in the Operating System Image Installation CD Wizard. During the Validation Phase, if the value of the OSDInstallPackage property (the value gathered by ZTIGather.wsf) is not equal to the value of the OSDPackageID for the currently running package, the scripts log the following warning message: Warning: The OSDINSTALLPACKAGE value gathered (XXX00000) does not match the actively-running package (XXX00001). The intended package may not be installing due to SMS advertisement targeting problems. Note For this property to function properly, the OSDInstallProgram, OSDInstallSilent, and OSDNewMachineName properties must also be specified. In addition, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected. Note This property is used only in the New Computer scenario for CD or Windows Deployment Services installations. This property is not used for other scenarios or installation types.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
package_name
The SMS 2003 OSD Feature Pack package name to be installed on the target computer.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
111
Example OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDInstallProgram The SMS 2003 OSD Feature Pack program that the operating system image installation CD installs, using a Systems Management Server package advertisement or Windows Deployment Services. This property is set by the custom program or script specified in the Operating System Image Installation CD Wizard. Note For this property to function properly, the OSDInstallPackage, OSDInstallSilent, and OSDNewMachineName properties must also be specified. In addition, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected. Note This property is used only in the New Computer scenario for CD or Windows Deployment Services installations. This property is not used for other scenarios or installation types.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
program_name
The name of the SMS 2003 OSD Feature Pack program to be run for the SMS 2003 OSD Feature Pack package specified in OSDInstallPackage.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDInstallSilent Indicator of whether the SMS 2003 OSD Feature Pack Image Installation Wizard is displayed. For ZTI, this property is typically set to 1. If this property is defined, however, the SMS 2003 OSD Feature Pack Image Installation Wizard is hidden. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
112
Note For this property to work properly, the OSDInstallPackage, OSDInstallProgram, and OSDNewMachineName properties must be specified, as well. In addition, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
1
Hide the SMS 2003 OSD Feature Pack Image Installation Wizard.
blank
Display the SMS 2003 OSD Feature Pack Image Installation Wizard.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDMP The server that is the Systems Management Server management point for the target computer. Set this property for a New Computer scenario so that the Systems Management Server client on the target computer can communicate with the Systems Management Server management point. Specify the computer name or IP address and the IP port number on which the management point is listening. The default port number is 80 but can be changed using SMS Administrator Console. Note For this property to work properly, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
113
Value
Description
server_name:port_numbe r
The server name and port number of a Systems Management Server management point.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO OSDMP=NYC-AM-SMS-01:80 OSDSiteCode=001 ComputerName=WasWIN2000PRO TimeZone=004
OSDNewMachineName The name to assign to a computer when a new operating system is installed. This property is used in the New Computer and Replace Computer installation scenarios when running the operating system image installation CD or Remote Installation Service (RIS). In a Refresh Computer scenario, ZTI can rename the computer if the following line is included in the default section: ComputerName=%OSDNEWMACHINENAME% Note In a New Computer scenario, ensure that ComputerName and OSDNEWMACHINENAME are the same (if both are populated). Otherwise, because .log file names and computer names in events use OSDNEWMACHINENAME, if ComputerName has a different value, the names will be inconsistent for the same computer.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
computer_name
The name that the SMS 2003 OSD Feature Pack assigns the target computer.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
114
Example OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDSiteCode The site code for the Systems Management Server site. Set this property for New Computer scenarios so that the Systems Management Server client on the target computer can communicate with the Systems Management Server management point. Note For this property to work properly, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contain CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
site_code
The site code of the Systems Management Server management point.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO OSDMP=NYC-AM-SMS-01:80 OSDSiteCode=CEN ComputerName=WasWIN2000PRO TimeZone=004
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
115
OSFeatures A comma-delimited list of server feature IDs that will be installed on the target computer. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
ID1,ID2
The server features that are to be installed on the target computer. Valid values are located in the program_files\Microsoft Deployment Toolkit\Bin\ServerManager.xml file on the MDT 2008 server.
Example [Settings] Priority=Default [Default] OSFeatures=CMAK,MSMQ-Multicasting,RSAT Note Not all features listed in the ServerManager.xml file are compatible with all server operating systems. Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSInstall Indicates whether the target computer is authorized to have the target operating system installed. If the OSInstall property is not listed, the default is to allow deployment of operating systems to any target computer. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Deployment of an operating system to the target computer is authorized. This is the default value.
NO
Deployment of an operating system to the target computer is not authorized.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
116
Example [Settings] Priority=Default [Default] OSInstall=YES
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSRoles A comma-delimited list of server role IDs that will be installed on the target computer. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
ID1,ID2
The server role that is to be installed on the target computer. Valid values are: •
ADDS
•
DNS
•
DHCP
Example [Settings] Priority=Default [Default] OSRoles=ADDS Note
Not all roles are compatible with all server operating systems.
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSRoleService A comma-delimited list of server role service IDs that will be installed on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
117
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
ID
The server role service that will be installed on the target computer. Valid values are: •
ADDS-Domain-Controller
Example [Settings] Priority=Default [Default] OSRoleService=ADDS-Domain-Controller Note
Not all server role service IDs are compatible with all server operating systems.
OSVersion The version of the currently running operating system. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
WinPE
Windows PE
2000
Windows 2000
XP
Windows XP
2003
Windows Server 2003
Vista
Windows Vista
2008
Windows Server 2008
Example None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
118
OverrideProductKey The Multiple Activation Key (MAK) string to be applied after the target operating is deployed to the target computer. The value specified in this property is used by the ZTILicensing.wsf script during the State Restore Phase to apply the MAK to the target operating system. The script also configures the volume licensing image to use MAK activation instead of Key Management Service (KMS). The operating system needs to be activated with Microsoft after the MAK is applied. This is used when the target computer is unable to access a server that is running KMS. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
MAK
The MAK string to be provided to the target operating system.
Example [Settings] Priority=Default [Default] ProductKey=AAAAA-BBBBB-CCCCC-DDDDD-EEEEE-FFFFF OverrideProductKey=AAAAA-BBBBB-CCCCC-DDDDD-EEEEE-FFFFF
PackageGroup A list of text values that associates operating system (OS) packages with each other (typically based on the type of OS package). An OS package can be associated with one or more package groups. The PackageGroup property allows the OS packages within one or more groups to be deployed to a target computer. The text values in the list can be any non-blank value. The PackageGroup property value has a numeric suffix (for example, PackageGroup001 or PackageGroup002). After it is defined, a package group is associated with a computer. A computer can be associated with more than one package group. Note
The PackageGroup property applies only to Windows Vista and Windows Server 2008.
Note
OS packages are created on the OS Packages node in Deployment Workbench.
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
119
Value
Description
package_group_name
Name of the package group to be deployed to the target computer.
Example [Settings] Priority=Default [Default] PackageGroup001=Updates Note The PackageGroup property can be specified in the format PackageGroup1=Updates or PackageGroup001=Updates.
Packages The list of Systems Management Server or System Center Configuration Manager packages to be deployed to the target computer. The Packages property has a numeric suffix (for example, Packages001 or Packages002). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
package_id:program_nam e
Name of the package to be deployed to the target computer.
Example [Settings] Priority=Default [Default] Packages001=NYC00010:Install Packages002=NYC00011:Install Note The Packages property can be specified in the format Packages1=NYC00010:Install or Packages001=NYC00010:Install.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
120
Parameters The parameters to be passed to a database query that returns property values from columns in the table specified in the Table property. The table is located in the database specified in the Database property on the computer specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
parameter1, parameter2
The list of parameters to pass to the database query.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
ParameterCondition Indicator of whether a Boolean AND or OR operation is performed on the properties listed in the Parameters property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
121
Value
Description
AND
A Boolean AND operation is performed on the properties listed in the Parameters property. Only results that match all properties specified in the Parameters property are returned. This is the default value.
OR
A Boolean OR operation is performed on the properties listed in the Parameters property. Results that match any property specified in the Parameters property are returned.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Phase The current phase of the deployment process that corresponds to the SMS 2003 OSD Feature Pack phases. The Task Sequencer uses these phases to determine which tasks must be completed. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
VALIDATION
Identifies that the target computer is capable of running the
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
122
Value
Description scripts necessary to complete the deployment process.
STATECAPTURE
Saves any user state migration data before deploying the new target operating system.
PREINSTALL
Completes any tasks that need to be done (such as creating new partitions) before the target operating system is deployed.
INSTALL
Installs the target operating system on the target computer.
POSTINSTALL
Completes any tasks that need to be done before restoring the user state migration data. These tasks customize the target operating system before starting the target computer the first time (such as installing updates or adding drivers).
STATERESTORE
Restores the user state migration data saved during the State Capture Phase.
Example None Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Port The number of the port that should be used when connecting to the SQL Server database instance that is used for querying property values from columns in the table specified in the Table property. The database resides on the computer specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. The port used during connection is specified in the Port property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
port
The number of the port used when connecting to SQL Server.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
123
Example [Computers] SQLServer=NYC-SQL-01 Database=DWDB Instance=MDT2008 Port=1433 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
PowerUsers A list of user accounts and domain groups to be added to the local Power Users group on the target computer. The PowerUsers property is a list of text values that can be any non-blank value. The PowerUsers property has a numeric suffix (for example, PowerUsers1 or PowerUsers2). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
name
Name of the user or group to be added to the local Power Users group.
Example [Settings] Priority=Default [Default] Administrators1=WOODGROVEBANK\NYC Help Desk Staff PowerUsers1=WOODGROVEBANK\User01 PowerUsers2=WOODGROVEBANK\User02
Priority The reserved property that determines the sequence for finding configuration values. The Priority reserved property lists each section to be searched and the order in which the sections are searched. When a property value is found, the ZTIGather.wsf script quits searching for the property, and the remaining sections are not scanned for that property.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
124
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
section1, section2
The sections to be searched in the order they are to be searched.
Example [Settings] Priority=MACAddress, Default [Default] UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
ProcessorSpeed The speed of the processor installed on the target computer in MHz. For example, the value 1995 indicates the processor on the target computer is running at 1,995 MHz or 2 gigahertz (GHz). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
125
Value
Description
processor_speed
The speed of the processor on the target computer in megahertz.
Example None
Product The product name of the target computer. With some computer vendors, the make and model might not be sufficiently unique to identify the characteristics of a particular configuration (for example, hyperthreaded or non-hyperthreaded chipsets). The Product property can help to differentiate. The format for Product is undefined. Use this property to create a subsection that contains settings targeted to a specific product name for a specific computer model number for a specific computer manufacturer (most commonly in conjunction with the Make and Model properties). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
product
The product name of the target computer.
Example None
ProductKey The product key string to be configured for the target computer. Before the target operating system is deployed, the product key specified is automatically inserted into the appropriate location in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
126
Value
Description
product_key
The product key to be assigned to the target computer.
Example [Settings] Priority=Default [Default] ProductKey=AAAAA-BBBBB-CCCCC-DDDDD-EEEEE-FFFFF
Properties A reserved property that defines any custom, user-defined properties. These user-defined properties are located by the ZTIGather.wsf script in the CustomSettings.ini file, BootStrap.ini file, or the Deployment Workbench database (DWDB). These properties are additions to the predefined properties in MDT 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
custom_property1,
Custom, user-defined properties to be resolved.
custom_property2 Example [Settings] Priority=MACAddress, Default Properties=CustomProperty, ApplicationInstall [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
127
Example OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista ApplicationInstall=Custom [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista ApplicationInstall=Minimum
ResourceDrive The drive letter mapped to the ResourceRoot property for the ZTIDrivers.wsf and ZTIPatches.wsf scripts to use to install drivers and patches to the target computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_letter
The letter designation for the logical drive that contains the resources.
Example None
ResourceRoot The value of this property is used by the ZTIDrivers.wsf and ZTIPatches.wsf scripts to install drivers and patches to the target computer. Note For LTI, the scripts automatically set the ResourceRoot property to be the same as the DeployRoot property. For ZTI, the values in the DeployRoot and ResourceRoot properties can be unique.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
128
Value
Description
UNC_path
The UNC path to the shared folder that contains the resources.
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceDrive=R: ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE
Role The purpose of a computer based on the tasks performed by the user on the target computer. The Role property lists text values that can be any non-blank value. The Role property value has a numeric suffix (for example, Role1 or Role2). When defined, a role is associated with a computer. A computer can perform more than one role. Typically, the value for the Role property is set by performing a database query in the DWDB database. Deployment Workbench can assist in creating the role and property settings associated with the role, and then Deployment Workbench can configure CustomSettings.ini to perform the database query for the Role property and the property settings associated with the role. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
role
The roles to be assigned to an individual computer or a group of computers.
Example 1 [Settings] Priority=RoleSettings, Default [Default] SkipCapture=NO SkipAppsOnUpgrade=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
129
Example 1 UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution$ OSInstall=YES ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c [RoleSettings] SQLServer=w2k3-sp1 Instance=MDT2008 Database=DWDB Netlib=DBNMPNTW SQLShare=SQL_Share Table=RoleSettings Parameters=Role
Example 2 [Settings] Priority=RoleSettings, Default [Default] SkipCapture=NO SkipAppsOnUpgrade=NO UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution$ OSInstall=YES ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c Role1=Teller Role2=Woodgrove User [RoleSettings] SQLServer=w2k3-sp1 Instance=MDT2008 Database=DWDB Netlib=DBNMPNTW SQLShare=SQL_Share Table=RoleSettings Parameters=Role
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
130
ScanStateArgs Arguments passed to the USMT Scanstate process. The scripts call Scanstate.exe and then insert the appropriate logging, progress, and state store parameters. If this value is not included in the settings file, the user state backup process is skipped. Note Use the USMTMigFiles property to specify the .xml files to be used by Scanstate.exe instead of using the /I parameter in the ScanStateArgs property. This prevents the ZTIUserState.wsf script from potentially duplicating the same list of .xml files.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
arguments
The command-line arguments passed to Scanstate.exe. The default arguments specified by Deployment Workbench are as follows: •
/v. Enables verbose output in the Scanstate log. The default is 0. Specify any number from 0 to 15. The value 5 enables verbose and status output.
•
/o. Overwrites any existing data in the store. If not specified, Scanstate will fail if the store already contains data. This option cannot be specified more than once in a Command Prompt window.
•
/c. When specified, Scanstate will continue to run even if there are nonfatal errors. Without the /c option, Scanstate exits on the first error.
For more information about these and other arguments, see the USMT Help files. Example [Settings] Priority=Default [Default] ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName%
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
131
SerialNumber The serial number of the target computer. The format for serial numbers is undefined. Use this property to create a subsection that contains settings targeted to a specific computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
serial_number
The format of the serial number is undefined and is determined by the serial number standard of each computer manufacturer.
Example None
SkipAdminPassword Indicates whether the Administrator Password wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
132
Example SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipApplications Indicates whether the Select one or more applications to install wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
133
Example SkipApplications=YES SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipAppsOnUpgrade Indicates whether the Select one or more applications to install wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
134
Example SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipBDDWelcome Indicates whether the Welcome to Windows Deployment wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Note For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipComputerBackup=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
135
Example SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipBitLocker Indicates whether the Specify the BitLocker configuration wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipBitLocker=YES SkipBitLockerDetails=YES SkipComputerBackup=NO SkipDomainMembership=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
136
Example SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipBuild Indicates whether the Select a task sequence to execute on this computer wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipBuild=Yes SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
137
Example SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipCapture Indicates whether the Specify whether to capture an image wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
138
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipComputerBackup Indicates whether the Specify where to save a complete computer backup wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
139
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=YES SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipComputerName Indicates whether the Configure the computer name wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
140
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipComputerName=YES SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipDeploymentType Indicates whether the Choose a migration type wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
141
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipDomainMembership Indicates whether the Join the computer to a domain or workgroup wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
142
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NOSkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NOSkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipFinalSummary Indicates whether the Operating system deployment completed successfully wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
143
Example SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipLocaleSelection Indicates whether the Locale Selection wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
144
Example SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipPackageDisplay Indicates whether the Packages wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
145
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=YES SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipProductKey Indicates whether the Specify the product key needed to install this operating system wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
146
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipSummary Indicates whether the Ready to begin wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
147
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipTaskSequence=Yes SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipTaskSequence Indicates whether the Select a task sequence to execute on this computer wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Note Specify the SkipBuild property when using Deployment Workbench to configure the Windows Deployment Wizard to skip the Select a task sequence to execute on this computer wizard page.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for SMS ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
148
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipTaskSequence=NO SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NOSkipTaskSequence=Yes Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipTimeZone Indicates whether the Set the Time Zone wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
149
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipTaskSequence=Yes SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipTimeZone=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipUserData Indicates whether the Specify whether to restore user data and Specify where to save your data and settings wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
150
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipWizard Indicates whether the entire Windows Deployment Wizard is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
151
Value
Description
YES
Entire wizard is not displayed, and none of the information on the wizard pages is collected.
NO
Wizard is displayed, and the information on the enabled wizard pages is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SLShare The network shared folder in which the script logs are stored. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
shared_folder
The name of the network shared folder in which script logs are stored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
152
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES
SQLServer The identity of the computer running SQL Server that performs a database query that returns property values from columns in the table specified in the Table property. The query is based on parameters specified in the Parameters and ParameterCondition properties. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
SQL_server
The name of the computer running SQL Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
153
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
SQLShare The name of a shared folder on the computer running SQL Server (specified by the SQLServer property). The credentials used for authentication are provided by the UserDomain, UserID, and UserPassword properties (for LTI and ZTI) or by the Systems Management Server Advanced Client account credentials (ZTI only). Note This property must be specified to perform Integrated Windows authentication. This is the recommended authentication method, rather than using the DBID and DBPwd properties (which support the SQL Server authentication method).
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
shared_folder
The name of a shared folder on the computer running SQL Server.
Example [Settings] Priority=Computers, Default Properties=MyCustomProperty
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
154
Example [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=MDT2008 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
StorageDriverGroup The name of the storage driver group that contains drivers to be added to the target computer during unattended installation of Windows XP or Windows Server 2003. For more information about using the StorageDriverGroup property, see “Deploying Additional Mass Storage Drivers for Windows XP and Windows Server 2003” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
group_name
The name of the storage driver group that contains drivers to be added to the target computer.
Example [Settings] Priority=Default [Default] StorageDriverGroup001=Laptops StorageDriverGroup001=Universal
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
155
StorageDriverSysprepGroup The name of the storage driver group that contains drivers to be added to the target computer during image-based deployment of Windows XP or Windows Server 2003. For more information about using the StorageDriverSysprepGroup property, see “Automate the Installation of Mass Storage Device Drivers” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
group_name
The name of the storage driver group that contains drivers to be added to the target computer.
Example [Settings] Priority=Default [Default] StorageDriverGroup001=SCSI StorageDriverGroup002=Universal
StoredProcedure The name of the stored procedure used when performing a database query that returns property values from columns in the table or view. The stored procedure is located in the database specified in the Database property. The computer running SQL Server is specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. The name of the stored procedure is specified in the StoredProcedure property. For more information about using a stored procedure to query a SQL Server database, see “Deploying Applications Based on Earlier Application Versions” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
stored_procedure
The name of the stored procedure used to query the SQL Server database.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
156
Example [Settings] Priority=DynamicPackages, Default [Default] OSInstall=YES [DynamicPackages] SQLDefault=DB_DynamicPackages [DB_DynamicPackages] SQLServer=SERVER1 Database=DWDB StoredProcedure=RetrievePackages Parameters=MacAddress SQLShare=Logs Instance=MDT2008 Port=1433 Netlib=DBNMPNTW
Table The name of the table or view to be used in performing a database query that returns property values from columns in the table or view. The query is based on parameters specified in the Parameters and ParameterCondition properties. The table or view is located in the database specified in the Database property. The computer running SQL Server is specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
table_name
The name of the table or view to be queried for property values.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
157
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=MDT2008 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
TaskSequenceID Identifies the operating system task sequence to be deployed to the target computer. The task sequence ID is created on the Task Sequences node in Deployment Workbench. The TaskSequenceID property allows alphanumeric characters, hyphens (-), and underscores (_). The TaskSequenceID property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
task_sequence_id
Identifier of the operating system task sequence defined in Deployment Workbench for the target operating system being deployed. Note Be sure to use the TaskSequenceID specified in the Deployment Workbench UI, and not the GUID of the TaskSequenceID.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
158
Example [Settings] Priority=Default [Default] TaskSquenceID=Vista_BareMetal
TimeZone The time zone in which the target computer is located. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003. Note This property is currently supported only for Windows XP and Windows Server 2003. For Windows Vista and Windows Server 2008, use the TimeZoneName property.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
time_zone_offset
The numeric value that indicates the time zone where the target computer is located. For more information, see the TimeZone entry for Unattend.txt in the Ref.chm file included in the Deploy.cab file in the \support\tools folder of the Windows Server 2003 installation CD.
Example [Settings] Priority=Default [Default] TimeZone=004 DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
159
TimeZoneName The time zone in which the target computer is located. This value is inserted into the appropriate configuration settings in Unattend.xml for Windows Vista and Windows Server 2008. Note This property is currently supported only for Windows Vista and Windows Server 2008. For Windows XP and Windows Server 2003, use the TimeZone property.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
time_zone_name
The text value that indicates the time zone where the target computer is located.
Example [Settings] Priority=Default [Default] TimeZoneName=Pacific Standard Time DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE
TPMOwnerPassword The TPM password (also known as the TPM Administration Password) for the owner of the target computer. The password can be saved to a file or stored in AD DS. Note If the TPM ownership is already set or TPM ownership is not allowed, then the TPMOwnerPassword property is ignored. If the TPM password is needed and the TPMOwnerPassword property is not provided, the TPM password is set to the local Administrator password.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
160
Value
Description
password
The TPM password for the owner of the target computer.
Example [Settings] Priority=Default [Default] BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=TRUE BDEKeyLocation=C: TPMOwnerPassword=complex_password BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName%
UDDir The folder in which the user state migration data is stored. This folder exists beneath the network shared folder specified in UDShare. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
folder
The name of the folder that exists beneath the network shared folder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
161
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO
UDProfiles A comma-delimited list of user profiles that need to be saved by Scanstate.exe during the State Capture Phase. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
user_profiles
The list of user profiles to be saved, separated by commas.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
162
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO
UDShare The network share where user state migration data is stored. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path to the network share where user state migration data is stored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
163
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO
UILanguage The default language to be used with the target operating system. If not specified, the Windows Deployment Wizard uses the language configured in the image being deployed. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UI_language
The default language for the operating system on the target computer.
Example [Settings] Priority=Default [Default] UserLocale=en-us UILanguage=en-us KeyboardLocale=0409:00000409
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
164
UserDataLocation The location in which USMT stores user state migration data. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
blank
If UserDataLocation is not specified or is left blank, the Windows Deployment Wizard will default to using the AUTO behavior.
UNC_path
The UNC path to the network shared folder where the user state migration data is stored.
AUTO
The deployment scripts store the user state migration data on a local hard disk if space is available. Otherwise, the user state migration data is saved to a network location, which is specified in the UDShare and UDDir properties.
NETWORK
The user state migration data is stored in the location designated by the UDShare and UDDir properties.
NONE
The user state migration data is not saved.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% UserDataLocation=NETWORK DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
165
UserDomain The domain in which a user’s credentials (specified in the UserID property) reside. Note For a completely automated LTI deployment, provide this property in both CustomSettings.ini and BootStrap.ini. However, note that storing the user credentials in these files stores the credentials in clear text and therefore is not secure.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain
The name of the domain where the user account credentials reside.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE UserDomain=WOODGROVEBANK UserID=NYC Help Desk Staff UserPassword=complex_password
UserID The user credentials for accessing network resources. Note For a completely automated LTI deployment, provide this property in both CustomSettings.ini and BootStrap.ini. However, note that storing the user credentials in these files stores the credentials in clear text and therefore is not secure.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
166
Value
Description
user_id
The name of the user account credentials used to access the network resources.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE UserDomain=WOODGROVEBANK UserID=NYC-HelpDesk UserPassword=complex_password
UserLocale The user locale to be used with the target operating system. If not specified, the Windows Deployment Wizard uses the user locale configured in the image being deployed. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
user_locale
The locale for the user on the target computer. For:
Solution Accelerators
•
Windows Server 2003, the value is specified as a hexadecimal value (0409:00004009).
•
Windows Server 2008, the value is specified as a text value (en-us).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
167
Example 1 [Settings] Priority=Default [Default] UserLocale=0409:00000409 KeyboardLocale=0409:00000409
Example 2 [Settings] Priority=Default [Default] UserLocale=en-us KeyboardLocale=en-us
UserPassword The password for user credentials specified in the UserID property. Note For a completely automated LTI deployment, provide this property in both CustomSettings.ini and BootStrap.ini. However, note that storing the user credentials in these files stores the credentials in clear text and therefore is not secure.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
user_password
The password for the user account credentials.
Example [Settings] Priority=Default [Default] UserDataLocation=NONE UserDomain=WOODGROVEBANK UserID=NYC-HelpDesk UserPassword=complex_password
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
168
USMTConfigFile The USMT configuration XML file that should be used when running Scanstate and Loadstate. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
USMTConfigFile
The name of the XML configuration file that should be used when running Scanstate.exe and Loadstate.exe.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ USMTMigFiles1=MigApp.xml USMTMigFiles2=MigUser.xml USMTMigFiles3=MigSys.xml USMTMigFiles4=MigCustom.xml USMTConfigFile=USMTConfig.xml UserDataLocation=NONE
USMTMigFiles A list of files in XML format that are used by USMT (Scanstate.exe) to identify user state migration information to be saved. When this property is not specified, the ZTIUserState.wsf script uses MigApp.xml, MigUser.xml, and MigSys.xml. Otherwise, ZTIUserState.wsf uses the files explicitly referenced in this property. The USMTMigFiles property has a numeric suffix (for example, USMTMigFiles001 or USMTMigFiles002). Note Use this property to specify the .xml files to be used by Scanstate.exe instead of using the /I parameter in the ScanStateArgs property. This prevents the ZTIUserState.wsf script from potentially duplicating the same list of .xml files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
169
Note This property name can be specified using single-digit nomenclature (USMTMigFiles1) or triple-digit nomenclature (USMTMigFiles001).
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
USMTMigFile
The name of the .xml file to be used as input for Scanstate.exe, on separate lines. If not specified, the default is MigApp.xml, MigUser.xml, and MigSys.xml. Note If this value is specified, the default files (MigApp.xml, MigUser.xml, and MigSys.xml) must also be added to the list if these files are to be included.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ USMTMigFiles001=MigApp.xml USMTMigFiles002=MigUser.xml USMTMigFiles003=MigSys.xml USMTMigFiles004=MigCustom.xml UserDataLocation=NONE
UUID The Universal Unique Identifier (UUID) stored in the System Management BIOS (SMBIOS) of the target computer. The format for UUID is a 16-byte value using hexadecimal digits in the following format: 12345678-1234-1234-1234-123456789ABC. Use this property to create a subsection that contains settings targeted to a specific computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
170
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UUID
The UUID of the target computer.
Example None
VRefresh The vertical refresh rate for the monitor on the target computer. The vertical refresh rate is specified in hertz (Hz). In the example, the value 60 indicates that the vertical refresh rate of the monitor is 60 Hz. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows Server 2003 or in Unattend.xml for Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
refresh_rate
The vertical refresh rate for the monitor on the target computer in hertz.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
171
WDSServer The computer running Windows Deployment Services that is used for installing Windows Deployment Services images. The default value is the server running Windows Deployment Services from which the image was initiated. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
WDS_server
The name of the computer running Windows Deployment Services.
Example None
WipeDisk Specifies whether the disk should be wiped. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
TRUE
If WipeDisk is set to TRUE, the Win32_DiskPartition at DiskIndex 0 and Index 0 will be formatted.
FALSE
The disk will not be formatted.
Example [Settings] Priority=Default [Default] WipeDisk=TRUE Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
172
WUMU_ExcludeKB The list of Windows Update/Microsoft Update software updates to ignore (by associated Knowledge Base articles). Deployment project team members will want to periodically review the list of updates being installed by the ZTIWindowsUpdate.wsf script to verify that each update meets the project’s needs and expectations. All updates are logged and recorded in the ZTIWindowsUpdate.log file, which is generated during deployment. Each update will indicate its status as INSTALL or SKIP, and lists the UpdateID, the update name, and the QNumber associated with each update. If an update needs to be excluded, that update should be added to the CustomSettings.ini file (for LTI deployments). For example, if the installation of Windows Vista language packs should be excluded, look up the line in the ZTIWindowsUpdate.log that shows where the update was identified and installed, and then select the QNumber. For example, the QNumber for the Windows Vista language packs is 925471. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
WUMU_ExcludeKB
The list of Windows Update/Microsoft Update software updates to ignore, by QNumber.
Example [Settings] Priority=Default [Default] WUMU_ExcludeKB1=925471
WUMU_ExcludeID The list of Windows Update/Microsoft Update software updates to ignore (by associated update ID). Deployment project team members will want to periodically review the list of updates being installed by the ZTIWindowsUpdate.wsf script to verify that each update meets the project’s needs and expectations. All updates are logged and recorded in the ZTIWindowsUpdate.log file, which is generated during deployment. Each update will indicate its status as INSTALL or SKIP, and lists the UpdateID, the update name, and the QNumber associated with each update. If an update should be excluded, that update should be added to the CustomSettings.ini file (for LTI deployments).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
173
For example, if the installation of Windows Malicious Software Removal Tool should be excluded, look up the line in the ZTIWindowsUpdate.log that shows where the update was identified and installed, and then select the UpdateID number. For example, the UpdateID number for the Windows Malicious Software Removal Tool is adbe6425-65604d40-9478-1e35b3cdab4f. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
WUMU_ExcludeID
The list of Windows Update/Microsoft Update software updates to ignore, by UpdateID number.
Example [Settings] Priority=Default [Default] WUMU_ExcludeID1={adbe6425-6560-4d40-9478-1e35b3cdab4f}
WSUSServer This is the name of the Windows Server Update Services (WSUS) server that the target computer should use when scanning for, downloading, and installing updates. For more information about what script uses this property, see ZTIWindowsUpdate.wsf in the “Scripts” section of this reference. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
server_name
The name of the WSUS server, specified in HTTP format.
Example [Settings] Priority=Default [Default] WSUSServer=http://WSUSServerName
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
174
XResolution The horizontal resolution of the monitor on the target computer, specified in pixels. In the example, the value 1024 indicates the horizontal resolution of the monitor is 1,024 pixels. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
horizontal_resolution
The horizontal resolution of the monitor on the target computer, in pixels.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
YResolution The vertical resolution of the monitor on the target computer, specified in pixels. In the example, the value 768 indicates the vertical resolution of the monitor is 768 pixels. This value gets inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
175
Value
Description
vertical_resolution
The vertical resolution of the monitor on the target computer, in pixels.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
Providing Properties for Skipped Windows Deployment Wizard Pages The following table lists the individual Windows Deployment Wizard pages, the property to skip the corresponding wizard page, and the properties that must be configured when skipping the wizard page. If the SkipWizard property is used to skip all the Windows Deployment Wizard pages, provide all the properties in the Configure These Properties column. For examples of various deployment scenarios that skip Windows Deployment Wizard pages, see “Fully Automated LTI Deployment Scenario” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Note In instances where the Configure These Properties column is blank, no properties need to be configured when skipping the corresponding wizard page.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
176
Skip this wizard page
Using this property
Welcome to the Windows Deployment Wizard
SkipBDDWelcome
Choose a migration type
SkipDeploymentType
•
DeploymentType
Configure the computer name
SkipComputerName
•
ComputerName
Join the computer to a domain or workgroup
SkipDomainMembership
•
JoinWorkgroup
•
JoinDomain
•
DomainAdmin
•
DomainAdminDomain
•
DomainAdminPassword
•
UDDir
•
UDShare
•
UserDataLocation
•
UDDir
•
UDShare
•
UserDataLocation
•
BackupDir
•
BackupShare
•
ComputerBackupLocation
Select a task sequence to SkipBuild, execute on this computer SkipTaskSequence
•
TaskSequenceID
•
BuildID
Specify the product key needed to install this operating system
SkipProductKey
•
ProductKey
Packages
SkipPackageDisplay
•
LanguagePacks
Locale Selection
SkipLocaleSelection
•
KeyboardLocale
•
UserLocale
•
UILanguage
•
TimeZone
•
TimeZoneName
•
Applications
Specify where to save your data and settings
Specify whether to restore user data
Specify where to save a complete computer backup
Set the Time Zone
SkipUserData
SkipUserData
SkipComputerBackup
SkipTimeZone
Configure these properties
Select one or more applications to install
SkipApplications
Administrator Password
SkipAdminPassword
•
AdminPassword
Specify whether to
SkipCapture
•
ComputerBackupLocation
Solution Accelerators
SkipAppsOnUpgrade
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
Skip this wizard page
177
Using this property
Configure these properties
SkipBitLocker
•
BDEDriveLetter
•
BDEDriveSize
•
BDEInstall
•
TPMOwnerPassword
•
UserID
•
UserDomain
•
UserPassword
capture an image Specify the BitLocker configuration
Specify credentials for connecting to network shares
Skipped by providing properties in next column
Ready to begin
SkipSummary
Operating system deployment completed successfully
SkipFinalSummary
Operating system deployment did not complete successfully
SkipFinalSummary
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Scr ipt s The scripts used in LTI and ZTI deployments reference properties that determine the process steps and configuration settings used during the deployment process. Use this reference section to help it determine the correct scripts to include in actions and the valid arguments to provide when running each script. The following information is provided for each script: •
Name. Specifies the name of the script.
•
Description. Provides a description of the purpose of the script and any pertinent information regarding script customization.
•
Input. Indicates the files used for input to the script.
•
Output. Indicates the files created or modified by the script.
•
References. Indicates other scripts or configuration files that are referenced by the script.
•
Location. Indicates the folder where the script can be found. In the information for the location, the following variables are used: •
program_files. This variable points to the location of the Program Files folder on the computer where MDT 2008 is installed.
•
distribution. This variable points to the location of the Distribution folder for the deployment point.
•
platform. This variable is a placeholder for the operating system platform (x86 or x64).
•
Use. Provides the commands and options that can be specified.
•
Arguments and description. Indicate the valid arguments to be specified for the script and a brief description of what each argument means.
•
Properties. The properties referenced by the script.
BDD_Autorun.wsf This script displays a dialog box that indicates the user inserted deployment media created by the MDT 2008 process (such as a bootable DVD or a removable hard disk). The message is displayed for 15 seconds. If no action is taken, the script starts LiteTouch.vbs. For more information about LiteTouch.vbs, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
None
Output
None
References
LiteTouch.vbs. Initiates LTI.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
179
Value
Description
Location
distribution\Scripts
Use
None
Arguments Arguments
Description
None
None
Properties Name
Read
Write
None
BDD_Welcome_ENU.xml This .xml file contains the script code and HTML layout for the Welcome to Windows Deployment page that is displayed at the start of the Deployment Wizard. This .xml file is read by Wizard.hta, which runs the wizard pages embedded in this .xml file. Value
Description
Input
None
Output
None
References
•
NICSettings_Definition_ENU.xml. Allows the user to provide configuration settings for network adapters.
•
RecEnv.exe. If this utility exists, the user is prompted to determine if they want to launch Windows PE.
•
WPEUtil.exe. Initializes Windows PE and network connections; initiates LTI.
Location
distribution\Tools\platform
Use
mshta.exe Wizard.hta BDD_Welcome_ENU.xml
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
180
Properties Name
Read
KeyboardLocale
Write
Credentials_ENU.xml This .xml file contains the script code and HTML layout for the Specify credentials for connecting to network shares wizard page in the Deployment Wizard. This .xml file is read by Wizard.hta, which runs the wizard pages embedded in this .xml file. Note This wizard page is only displayed if there is a failure while validating the predefined user credentials.
Value
Description
Input
None
Output
None
References
Credentials_scripts.vbs
Location
distribution\Scripts
Use
mshta.exe Wizard.hta /NotWizard /definition:Credentials_ENU.xml [/ValidateAgainstDomain:domain | /ValidateAgainstUNCPath:uncpath]
Arguments Value
Description
/ValidateAgainstDomain:domain
Specifies the domain in which the credentials exist (as specified in domain).
/ValidateAgainstUNCPath:UNCPat h
Specifies the shared network folder to be used to validate the credentials by connecting to the folder (as specified in UNCPath).
/DoNotSave
Does not write the properties to a file; connects to the path only.
/LeaveShareOpen
If UNC path is specified, then does NOT delete the share if successful.
Properties Name
Read
Write
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
181
Credentials_scripts.vbs This script parses the arguments that were provided when loading the Credentials_ENU.xml file into the Deployment Wizard. It also performs user credential validation. This script is read by the Credentials_ENU.xml file. For more information about Credentials_ENU.xml, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
None Event message are written to these log files:
Output •
Credentials_scripts.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="Credentials_scripts.vbs"/>
Arguments Value None
Description None
Properties Name
Read
Write
UserCredentials
DeployWiz_Definition_ENU.xml This .xml file contains the script code and HTML layout for each wizard page in the Deployment Wizard. This .xml file is read by Wizard.hta, which runs the wizard pages embedded in this .xml file. This .xml file contains the following wizard pages: •
Welcome to the Windows Deployment Wizard
•
Select a task sequence to execute on this computer
•
Specify the product key needed to install this operating system
•
Choose a migration type
•
Configure the computer name
•
Join the computer to a domain or workgroup
• Specify where to save your data and settings Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
182
•
Specify whether to restore user data
•
Specify where to save a complete computer backup
•
Packages
•
Locale selection
•
Set the time zone
•
Select one or more applications to install
•
Administrator password
•
Specify whether to capture an image
•
Specify the BitLocker configuration
•
Specify credentials for connecting to network shares
•
Ready to begin
Value
Description
Input
None
Output
None
References
•
DeployWiz_Initialization.vbs. Includes support functions and subroutines used by the script.
•
DeployWiz_Validation.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Properties Name
Read
ComputerName
DeployRoot
DeployTemplate
DeploymentMethod
DeploymentType
DoCapture
ImageBuild
ImageFlags
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
183
Name
Read
JoinDomain
OSGUID
SkipAdminPassword
SkipApplications
SkipAppsOnUpgrade
SkipBitLocker
SkipCapture
SkipComputerBackup
SkipComputerName
SkipDeploymentType
SkipDomainMembership
SkipLocaleSelection
SkipPackageDisplay
SkipProductKey
SkipSummary
SkipTaskSequence
SkipTimeZone
SkipUserData
UserDomain
UserID
UserPassword
Write
DeployWiz_Initialization.vbs This script initializes the pages in the Windows Deployment Wizard (stored in DeployWiz_Definition_ENU.xml). It also contains functions and subroutines that are called by the Windows Deployment Wizard during an LTI deployment. For more information about DeployWiz_Definition_ENU.xml, see the corresponding topic in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
184
Value
Description
Input
•
Applications.xml. Contains a list of available applications.
•
DomainOUList.xml. Contains a list of domain OUs.
•
LocationServer.xml. Contains a list of available deployment points.
•
Packages.xml. Contains a list of available packages.
•
TaskSequences.xml. Contains a list of task sequences.
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Output
Event message are written to these log files: •
DeployWiz_Initialization.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="DeployWiz_Initialization.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
Write
Architecture
Applications
BDEInstall
ComputerBackupLocation
DeploymentType
DeployRoot
DomainAdmin
DomainAdminDomain
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
185
Name
Read
Write
DomainAdminPassword
DomainOUs
ImageBuild
ImageFlags
ImageLanguage
ImageProcessor
IsServerOS
KeyboardLocale
LanguagePacks
LanguagePacks1
LocalDeployRoot
MandatoryApplications
OSCurrentBuild
OSVersion
OverrideProductKey
ProductKey
SkipCapture
SkipDomainMembership
TaskSequenceID
TimeZone
TimeZoneName
TSGUID
UDDir
UDShare
UserDataLocation
UserDomain
UserID
UserLocale
UserPassword
DeployWiz_Validation.vbs This script initializes and validates the information typed in the pages of the Windows Deployment Wizard (stored in DeployWiz_Definition_ENU.xml). This script contains Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
186
functions and subroutines that are called by the Windows Deployment Wizard during an LTI deployment. For more information about DeployWiz_Definition_ENU.xml, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
•
OperatingSystems.xml. Contains the list of operating systems available for deployment.
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Output
None
References
Credentials_ENU.xml. Prompts the user for credentials that will be used when connecting to network resources.
Location
distribution\Scripts
Use
<script language=”VBScript” src=”DeployWiz_Validation.vbs”/>
Arguments Value
Description
None
None
Properties Name DeploymentType
Read
DeployTemplate ImageBuild
Write
ImageProcessor
OSGUID
OSVersion
SkipDeploymentType
TSGUID
UserCredentials
UserDomain
UserID
UserPassword
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
187
LiteTouch.vbs This script is called by the Windows Deployment Wizard to initiate LTI. The script: •
Removes the C:\MININT folder (if it exists).
•
Checks that the target computer meets the requirements for running the Windows Deployment Wizard by calling ZTIPrereq.vbs.
•
Starts the Windows Deployment Wizard by running LiteTouch.wsf.
For more information about ZTIPrereq.vbs and LiteTouch.wsf, see the corresponding topics in the “Scripts” section of this reference. Value
Description
Input
None
Output
None
References
•
ZTIPrereq.vbs. Used to determine if the target computer meets the prerequisites for deploying a new operating system.
•
LiteTouch.wsf. The script responsible for controlling the LTI deployment process.
Location
distribution\Scripts
Use
cscript LiteTouch.vbs
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
LiteTouch.wsf This script is called by LiteTouch.vbs and is responsible for controlling the LTI deployment process. This includes: •
Running the Windows Deployment Wizard.
•
Running the LTI deployment process by using the appropriate task sequence file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
188
For more information about LiteTouch.vbs, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
•
task_sequence_file.xml. Contains the tasks and sequence of tasks for the LTI deployment process.
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
•
LiteTouch.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
BDD_Welcome_ENU.xml. Displays the Deployment Wizard Welcome page for LTI deployment.
•
CMD.exe. Windows Command Processor for running external commands while debugging the deployment.
•
DeployWiz_Definition_ENU.xml. Displays the Deployment Wizard pages for LTI deployment.
•
Diskpart.exe. Utility that allows the automated management of disks, partitions, and volumes.
•
LTICleanup.wsf. Performs cleanup tasks after deployment completes.
•
RecEnv.exe. If this utility exists, the user is prompted to determine if they want to launch Windows RE.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
Summary_Definition_ENU.xml. Displays the summary results for the LTI deployment.
•
TsmBootStrap.exe. Task sequence Bootstrap utility.
•
Wpeutil.exe. Initializes Windows PE and network connections; initiates LTI.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
BDDRun.exe “wscript.exe ScriptDirectory\LiteTouch.wsf ”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
189
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
_SMSTSPackageName
Write
Architecture
DeployDrive
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
ImageLanguage001
IsServerCoreOS
JoinDomain
JoinWorkgroup
KeyboardLocale
OSDAdapterCount
Phase
ResourceDrive
ResourceRoot
RetVal
SkipBDDWelcome
SkipFinalSummary
SkipWizard
TaskSequenceID
UILanguage
UserDomain
UserID
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
190
Name
Read
UserPassword
Write
UserLocale
WelcomeWizardCommand
WizardComplete
LTIApply.wsf This script is responsible for installing a Windows PE image, Windows XP image, or Windows Vista image to the target computer. The Windows PE image is used to collect information about the target computer and to run the deployment tasks on the target computer. Value
Description OperatingSystems.xml
Input Output
References
•
LTIApply.log. Log file that contains events generated by this script.
•
LTIApply_wdsmcast.log. Log file that contains events generated by the Wdsmcast utility.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
Bootsect.exe. Applies a boot sector to the hard disk.
•
ImageX.exe. A utility used to create and manage WIM files.
•
Wdsmcast.exe. A utility used by target computers to join a multicast transmission.
Location
distribution\Scripts
Use
cscript LTIApply.wsf
Arguments Value
Description
/pe
Uses the process for installing the Windows PE image on the target computer.
/post
Cleans up unnecessary files after the installation of an image.
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
Solution Accelerators
TRUE, event messages are sent to the console and the .log files.
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
Value
191
Description •
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeployRoot
OSGUID
OSVersion
ImageBuild
Write
ImageFlags
ImageProcessor
SourcePath
TaskSequenceID
UserDomain
UserID
UserPassword
WDSServer
LTICleanup.wsf This script removes any files or configuration settings (such as scripts, folders, registry entries, or automatic logon configuration settings) from the target computer after the deployment process completes. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
References
Location Solution Accelerators
•
LTICleanup.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
Bootsect.exe. Applies a boot sector to the hard disk. distribution\Scripts microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
192
Value Use
Solution Accelerators
Description cscript LTICleanup.wsf
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
193
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
_DoNotCleanLiteTouch
DeployRoot
DeploySystemDrive
ImageBuild
OSVersion
Write
LTICopyScripts.wsf This script copies the deployment scripts for the LTI and ZTI deployment processes to a local hard drive on the target computer. Value
Description
Input
None
Output
References
•
LTICopyScripts.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript LTICopyScripts.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
194
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Phase
Write
LTIGetFolder.wsf This script displays a dialog box that allows the user to browses to a folder. The selected folder path is stored in the FolderPath environment variable. Value
Description
Input
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Output
None
References
Location Use
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
WizUtility.vbs. Includes support functions and subroutines used by the user interface (such as wizard pages).
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts cscript LTIGetFolder.wsf
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
195
Properties Name
Read
DefaultFolderPath
Write
FolderPath
LTIOEM.wsf This script is used by an Original Equipment Manufacturer (OEM) during an LTI OEM scenario to copy the contents of a media deployment point to the target computer’s hard disk to prepare it for duplication. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
•
LTIOEM.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript LTIOEM.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/BITLOCKER
Enables BitLocker Drive Encryption
/BDE
Enables BitLocker Drive Encryption
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
196
Properties Name
Read
Write
_DoNotCleanLiteTouch
BdeInstall
DeployDrive
DeployRoot
TSGUID001
LTISysprep.wsf This script prepares the target computer for running Sysprep, runs Sysprep on the target computer, and then verifies that Sysprep ran successfully. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
References
•
LTISysprep.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Expand.exe. Expands compressed files.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript LTISysprep.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
197
Properties Name
Read
Architecture
DoCapture
OSCurrentBuild
SourcePath
Write
NICSettings_Definition_ENU.xml This .xml file contains the script code and HTML layout for the Configure Static IP Network Settings wizard page in the Windows Deployment Wizard. During an LTI deployment, Wizard.hta reads this .xml file and runs the embedded wizard page that prompts for the required network addressing configuration. If no static IP addressing configuration is supplied, the deployment scripts will default to using DHCP to obtain the required network configuration. Value
Description
Input
None
Output
None
References
ZTINICUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
198
Properties Name
Read
Write
OSDAdapter0DNSServerList
OSDAdapter0DNSSuffix
OSDAdapter0Gateways
OSDAdapter0IPAddressList
OSDAdapter0MacAddress
OSDAdapter0SubnetMask
OSDAdapter0WINSServerList
OSDAdapterCount
Summary_Definition_ENU.xml This .xml file contains the script code and HTML layout for the Deployment Summary wizard page in the Windows Deployment Wizard. During an LTI deployment, Wizard.hta reads this .xml file and runs the embedded wizard page that displays the summary results for the LTI deployment. This .xml file contains the following wizard pages: •
Success. Notification regarding the successful completion of the deployment tasks.
•
Failure. Notification regarding the failure to successfully complete the deployment tasks.
Value
Description
Input
None
Output
None
References
Summary_Scripts.vbs. Includes support functions and subroutines used by the wizard pages embedded in this .xml file.
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
199
Properties Name
Read
SkipFinalSummary
RetVal
Write
Summary_scripts.vbs This script is called by the Summary wizard page of the Windows Deployment Wizard. It contains functions and subroutines that are used for initialization and validation. Value
Description
Input
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
Event message are written to these log files: •
Summary_scripts.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language=”VBScript” src=”Summary_Scripts.vbs”/>
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
200
Properties Name
Read
DeploymentType
RetVal
Write
Wizard.hta This Hypertext Application (HTA) displays the Windows Deployment Wizard pages. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
References
Location
•
Wizard.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
WizUtility.vbs. Includes support functions and subroutines used by the script.
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
Use
mshta.exe Wizard.hta
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/NotWizard
Used to bypass wizard page prompts.
/Definition:filename
Specifies the .xml file that is to be loaded into the wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
201
Properties Name
Read
WizardComplete
Write
WizUtility.vbs This script contains functions and subroutines that are referenced by the various Windows Deployment Wizard scripts. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
WizUtility.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. LTIGetFolder.wsf. Script file that initiates a BrowseForFolder dialog box.
References Location Use
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts <script language=”VBScript” src=”WizUtility.vbs”/>
Arguments Value
Description
None
None
Properties Name
Read
DefaultFolderPath
FolderPath
OSVersion
UserDomain
UserCredentials
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
202
ZeroTouchInstallation.vbs This script is run to initiate the ZTI deployment process. The script: •
Checks that the target computer meets the requirements for running the Windows Deployment Wizard by calling ZTIPrereq.vbs.
•
Starts the Windows Deployment Wizard by running ZeroTouchInstallation.wsf.
For more information about ZTIPrereq.vbs and ZeroTouchInstallation.wsf, see the corresponding topics in the “Scripts” section of this reference. Value
Description
Input
None
Output
None
References
•
BDDRun.exe. Runs a command that requires user interaction.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
TsmBootStrap.exe. Task sequence Bootstrap utility.
•
ZTIGather.wsf. Gathers the properties and processing rules that control the deployment process.
•
ZTINicConfig.wsf. Configures network adapters.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the scripts in this file.
•
ZTIPrereq.vbs. Used to determine if the target computer meets the prerequisites for deploying a new operating system.
•
ZeroTouchInstallation.wsf. Initiates the ZTI deployment process.
Location
distribution\Scripts
Use
cscript ZeroTouchInstallation.vbs
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
203
Properties Name
Read
Write
None
ZeroTouchInstallation.wsf This script is responsible for controlling the ZTI deployment process. This includes running the ZTI deployment process using the appropriate task sequence file. Note
This script is initiated by ZeroTouchInstallation.vbs.
Value
Description
Input
•
task_sequence_file.xml. Contains the tasks and sequence of tasks for the ZTI deployment process (where task_sequence_file is the name of the task sequence file).
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
•
ZeroTouchInstallation.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
BDDRun.exe. Runs a command that requires user interaction.
•
TsmBootStrap.exe. Task sequence Bootstrap utility.
•
ZTIGather.wsf. Gathers the properties and processing rules that control the deployment process.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZeroTouchInstallation.wsf
For more information about ZTIUtility.vbs, ZeroTouchInstallation.vbs, and task_sequence_file, see the corresponding topics in the “Scripts” section of this reference.
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
Solution Accelerators
TRUE, event messages are sent to the console and the microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
204
Value
Description .log files. •
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
_SMSTSPackageName
Architecture
DeployDrive
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
OSDAdapterCount
OSDInstallPackage
OSDPackageID
OSDPackagePath
OSVersion
Phase
ResourceDrive
ResourceRoot
ZTIApplications.wsf This script will initiate an installation of applications that have been configured on the Applications node in Deployment Workbench. This script will not attempt to install any application that: •
Does not support the target computer’s platform type.
•
Does not support the target computer’s processor type.
•
Has an uninstall entry in the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unin stall.
Note If the listed application has any dependent applications defined, this script will attempt to install those dependent applications before installing the listed application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
205
Value
Description
Input
•
Applications.xml. Contains a list of applications to be installed. This file is created by Deployment Workbench.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIApplications.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
BDDRun.exe. Runs a command that requires user interaction.
Output
References
Location
distribution\Scripts
Use
cscript ZTIApplications.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
ApplicationGUID
DeploymentMethod
InstalledApplications
ResourceDrive
ResourceRoot
Write
SMSTSRebootRequested
SMSTSRetryRequested
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
206
ZTIAppXmlGen.wsf This script generates an .xml file, ZTIAppXmlGen.xml, to use when automatically capturing user data (documents) that are associated with installed applications. This script accomplishes this task by enumerating through the HKEY_CLASSES_ROOT\Software\Classes registry key and capturing any applications that: •
Are not associated with one of these file extensions: .mp3, .mov, .wma, .wmv, .chm, .evt, .evtx, .exe, .com, or .fon.
•
Are not associated with Microsoft Office, such as the 2007 Microsoft Office System or Microsoft Office 2003.
•
Have a valid open handler listed at: HKEY_CLASSES_ROOT\application\shell\open\command.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIAppXmlGen.xml. Contains a list of applications that are installed on the target computer.
•
ZTIAppXmlGen.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIAppXmlGen.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name USMTMigFiles
Solution Accelerators
Read
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
207
ZTIAuthorizeDHCP.wsf This script uses the Netsh tool to configure the target computer so that it is an authorized DHCP server in AD DS. For more information about authorizing DHCP servers, see “How to Use Netsh.exe to Authorize, Unauthorize and List DHCP Servers in Active Directory” at http://support.microsoft.com/kb/303351. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIAuthorizeDHCP.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Netsh.exe. A utility used to automate the configuration of networking components.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIAuthorizeDHCP.wsf
Note The security context that this script runs under must be a member of the Enterprise Admins group.
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name IPAddress
Solution Accelerators
Read
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
208
ZTIBackup.wsf This script performs a backup of the target computer using the ImageX utility. The backup is stored in the location specified in the BackupDir and BackupShare properties. For more information about the BackupDir and BackupShare properties, see the corresponding topics in the “Properties” section of this reference. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIBackup.log. Log file that contains events generated by this script.
•
ZTIBackup_imagex.log. Log file that contains events generated by ImageX.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ImageX.exe. A utility used to create and manage WIM files.
•
Reg.exe. The Console Registry Tool for reading and modifying registry data.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIBackup.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
BackupDir
BackupDisk
BackupDrive
BackupFile
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
209
Name
Read
BackupPartition
BackupShare
ComputerBackupLocation
DeploymentMethod
DeploymentType
DoCapture
ImageFlags
TaskSequenceID
Write
ZTIBCDUtility.vbs This script contains utility functions that are used by some of the MDT 2008 scripts when performing Boot Manager tasks. Value
Description
Input
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
None
References
•
BCDEdit.exe. A tool for editing the boot configuration of Windows Vista and later versions of Windows.
Location
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
Use
<script language="VBScript" src="ZTIBCDUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
Write
None
ZTIBde.wsf This script installs and configures BitLocker Drive Encryption on the target computer. Solution Accelerators microsoft.com/technet/SolutionAccelerators
210
Microsoft Deployment Toolkit 2008
Note The BitLocker Drive Encryption configuration is limited to New Computer and Upgrade Computer scenarios that have hard disks configured with a single partition.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
211
Value
Description
Input
•
BdeFixDiskPart.txt. Answer file used by the Diskpart tool to adjust drive letter assignments.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIBde.log. Log file that contains events generated by this script.
•
ZTIBdeFix_diskpart.log. Log file that contains events generated by the Diskpart tool.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
BdeHdCfg.exe. Manages the BitLocker Drive Encryption configuration.
•
Diskpart.exe. Utility that allows for the automated management of disks, partitions, and volumes.
•
ZTIDiskUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZTIBde.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
AdminPassword
BDEDriveLetter
BDEDriveSize
BDEInstall
BDEInstallSuppress
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
212
Name
Microsoft Deployment Toolkit 2008
Read
BDEKeyLocation
BDEPin
BDERecoveryKey
BDERecoveryPassword
BDESecondPass
BdeWaitForEncryption
ComputerName
DeploymentMethod
DeploymentType
OSDBitLockerCreateRecoveryPassword
OSDBitLockerMode
OSDBitLockerRecoveryPassword
OSDBitLockerStartupKey
OSDBitLockerStartupKeyDrive
OSDBitLockerTargetDrive
OSDBitLockerWaitForEncryption
OSVersion
Write
SMSTSRebootRequested
SMSTSRetryRequested
TPMOwnerPassword
ZTIBIOSCheck.wsf This script checks the BIOS on the target computer and then looks at a list of BIOSes that are incompatible with Windows Vista. The list of incompatible BIOSes is stored in the ZTIBIOSCheck.xml file. If the BIOS on the target computer is listed in the ZTIBIOSCheck.xml file, then the script returns a status that indicates the BIOS is incompatible with Windows Vista and the deployment process should be terminated. For information on populating the ZTIBIOSCheck.xml file with a list of incompatible BIOSes, see the corresponding topic in the “Support Files” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
213
Value
Description
Input
•
ZTIBIOSCheck.xml. Contains a list of BIOSes that are known to be incompatible with Windows Vista.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIBIOSCheck.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
Output
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIBIOSCheck.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
ZTICoalesce.wsf System Center Configuration Manager requires packages to be numbered sequentially, starting with PACKAGES001, with no gaps in the number sequence. Otherwise, installation will fail. This script allows variables to be defined and named using identifying information about the program to run—for example, ComputerPackages100, ComputerPackages110, or CollectionPackages150. Then, when this script is run, System Center Configuration Manager will find all variables that match a pattern (for example, all variable names that contain the string Packages), and build a sequential list, without gaps, using the base name PACKAGES.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
214
For example, if the following variables were defined (using computer variables, collection variables, or in CustomSettings.ini or the MDT 2008 database, for example): •
ComputerPackages100=XXX00001:Program
•
ComputerPackages110=XXX00002:Program
•
CollectionPackages150=XXX00003:Program
•
Packages001=XXX00004:Program
After the script runs, the list would be: •
PACKAGES001=XXX00004:Program
•
PACKAGES002=XXX00001:Program
•
PACKAGES003=XXX00002:Program
•
PACKAGES004=XXX00003:Program
System Center Configuration Manager would then be able to run all four programs. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTICoalesce.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTICoalesce.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
215
Properties Name
Read
CoalescePattern
Coalesce pattern to be used when performing the search. Default value is Packages.
CoalesceTarget
Get the target base variable name. Default value is PACKAGES.
Write
ZTIConfigure.wsf This script configures the Unattend.xml, Sysprep.inf, or Unattend.txt files with the property values specified earlier in the MDT 2008 deployment process. The script configures the appropriate file based on the operating system being deployed. This script reads the ZTIConfigure.xml file to determine how to update the Unattend.xml, Sysprep.inf, or Unattend.txt files with the appropriate values specified in the deployment properties. The ZTIConfigure.xml file contains the information to translate properties to settings in the Unattend.xml, Sysprep.inf, or Unattend.txt files. Value
Description
Input
•
ZTIConfigure.xml. Contains a list of property values (specified earlier in the deployment process) and their corresponding configuration settings.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIConfigure.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
Output
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigure.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided). microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
216
Properties Name
Read
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
DomainAdminDomain
OSDTargetSystemDrive
Phase
TaskSequenceID
Write
Upgrade
ZTIConfigureADDS.wsf This script starts Dcpromo to configure the target computer as an AD DS domain controller. For more information about Dcpromo.exe, see Dcpromo at http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIConfigureADDS.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Dcpromo.exe. Installs and removes AD DS.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigureADDS.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
217
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
ADDSPassword
ADDSUserDomain
ADDSUserName
AutoConfigDNS
ChildName
ConfirmGC
DatabasePath
DomainLevel
DomainNetBiosName
ForestLevel
LogPath
NewDomain
NewDomainDNSName
OSVersion
ParentDomainDNSName
ReplicaOrNewDomain
ReplicaDomainDNSName
ReplicationSourceDC
SafeModeAdminPassword
SiteName
SysVolPath
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
218
ZTIConfigureDHCP.wsf This script configures DHCP on the target computer. Note
DHCP should already be installed on the target computer before running this script.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIConfigureDHCP.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Netsh.exe. A utility that permits automating the configuration of networking components.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigureDHCP.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DHCPScopes
DHCPScopesxEndIP
DHCPScopesxExcludeStartIP
DHCPScopesxExcludeEndIP
DHCPScopesxIP
DHCPScopesxName
DHCPScopesxOptionRouter
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
219
Name
Read
DHCPScopesxOptionDNSDomainName
DHCPScopesxOptionDNSServer
DHCPScopesxOptionLease
DHCPScopesxOptionNBTNodeType
DHCPScopesxOptionPXEClient
DHCPScopesxOptionWINSServer
DHCPScopesxStartIP
DHCPScopesxSubnetmask
DHCPServerOptionDNSDomainName
DHCPServerOptionDNSServer
DHCPServerOptionNBTNodeType
DHCPServerOptionPXEClient
DHCPServerOptionRouter
DHCPServerOptionWINSServer
IPAddress
Scopes
Write
Note The x in the properties listed here is a placeholder for a zero-based array that contains DHCP configuration information.
ZTIConfigureDNS.wsf This script configures DNS on the target computer. To perform the actual configuration tasks, the script uses the Dnscmd utility. For more information about Dnscmd.exe, see Dnscmd Overview at http://technet2.microsoft.com/windowsserver/en/library/5c497b2e-3387-4ecf-adf5562045620a961033.mspx. Note
DNS should already be installed on the target computer before running this script.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References Solution Accelerators
•
ZTIConfigureDNS.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Dnscmd.exe. Assists administrators with DNS management. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
220
Value
Description •
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigureDNS.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DNSServerOptionDisableRecursion
DNSServerOptionBINDSecondaries
DNSServerOptionFailOnLoad
DNSServerOptionEnableRoundRobin
DNSServerOptionEnableNetmaskOrdering
DNSServerOptionEnableSecureCache
DNSServerOptionNameCheckFlag
DNSZonesxName
DNSZonesxType
DNSZonesxMasterIP
DNSZonesxDirectoryPartition
DNSZonesxFileName
DNSZonesxScavenge
DNSZonesxUpdate
Write
Note The x in the properties listed here is a placeholder for a zero-based array that contains DNS configuration information.
ZTIConnect.wsf The MDT 2008 deployment process uses this script to authenticate with a server computer (such as a computer running SQL Server or another server that has a shared Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
221
network folder). When this script is run, it validates that a connection can be created to the network shared folder specified in the /uncpath argument. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIConnect.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConnect.wsf /UNCPath:uncpath
Arguments Value
Description
/UNCPath:uncpath
Specifies a fully qualified UNC path to a network shared folder.
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
222
ZTICopyLogs.wsf Copy the Smsts.log and BDD.log files to a subfolder beneath the share specified by the SLShare property. The subfolder will be named the name specified by OSDComputerName, or OSDNewComputerName, or HostName. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTICopyLogs.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTICopyLogs.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
223
ZTIDeterminePartition.wsf Determines the user-specified hard disk partition layout. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTIDeterminePartition.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIDeterminePartition.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
DeploySystemDrive
ZTIDiskpart.wsf This script creates the disk partitions on the target computer by calling the Diskpart utility. The parameters used to configure the disk are specified by the Task Sequencer or in CustomSettings.ini. ZTIDiskpart.wsf is primarily run in New Computer scenarios. The process works like this: 1. The MDT 2008 deployment process runs the ZTIDiskpart.wsf script based on the steps and sequence of steps in the Task Sequencer. 2. ZTIDiskpart.wsf starts the Diskpart utility and sends it the required configuration commands. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
224
3. ZTIDiskpart.wsf runs ZTIDiskpart.cmd and provides this .txt file as a command-line parameter to ZTIDiskpart.cmd. 4. The disk is initially cleaned by sending Diskpart the CLEAN command. 5. If this is the first disk, and a disk configuration has not been specified by the Task Sequencer or in CustomSettings.ini, a single partition is created to store the operating system. However, if a disk configuration has been specified, the disk will be configured according to the specified configuration. 6. If BitLocker Drive Encryption is to be enabled, space is reserved at the end of the first disk. 7. All format commands are queued until after Diskpart has completed. If not explicitly specified by the Task Sequencer or in CustomSettings.ini, ZTIDiskpart.wsf performs a quick format of drive C using the following command: FORMAT C: /FS:NTFS /V:OSDisk /Q /Y 8. ZTIDiskpart.wsf copies the ZTIDiskpart_diskpart.log and BDD.log files from the RAM disk back to the hard drive. Customize the disk configuration of the target computer by providing the required information in the Task Sequencer or in CustomSettings.ini. For more information about configuring disks, see “Disk Customizations” in the MDT 2008 document, Deployment Customization Guide. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIDiskpart.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Diskpart.exe. Utility that allows for the automated management of disks, partitions, and volumes.
•
ZTIDiskUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIDiskpart.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
225
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
BDEDriveLetter
BDEDriveSize
BDEInstall
DeployDrive
DeploymentType
ImageBuild
OSDDiskIndex
OSDDiskpartBiosCompatibilityMode
OSDDiskType
OSDPartitions
OSDPartitionStyle
VolumeLetterVariable
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
226
ZTIDiskUtility.vbs This script contains disk-related functions and subroutines that are called by the various scripts in the MDT 2008 deployment process. Value
Description
Input
None
Output
•
ZTIDiskUtility.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="ZTIDiskUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
Write
None
ZTIDrivers.wsf This script installs additional device drivers onto the target computer before initiating the configuration of the operating system. This script reads the Drivers.xml file and copies the list of device driver files in the Drivers.xml file (created by and managed on the Drivers node in Deployment Workbench) to the target computer. When not deploying the Windows Vista operating system, the following updates are also performed on the target computer: •
The setup answer files Sysprep.inf or Unattend.txt are updated so that the OemPnPDriversPath property includes the new driver locations.
•
The following registry value is updated to include the new driver locations: HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\DevicePath.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
227
Value
Description
Input
•
Drivers.xml. Contains a list of device drivers to be copied to the target computer.
•
CustomSettings.ini. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
PnpEnum.xml. Contains a list of all devices installed on the target computer.
•
ZTIDrivers.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Microsoft.BDD.PnpEnum.exe. Utility that enumerates Plug and Play devices.
•
Reg.exe. The Console Registry Tool for reading and modifying registry data.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZTIDrivers.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentMethod
DeployRoot
DeploySystemDrive
DriverGroup
DriverPaths
OSDPlatformArch
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
228
Name
Read
Phase
ResourceRoot
TaskSequenceID
Write
ZTIGather.wsf This script gathers the properties and processing rules that control the deployment process. The properties and rules (also known as local properties) are explicitly defined in this script, and are contained in the ZTIGather.xml file, in the CustomSettings.ini file, and in the deployment database (created on the Database node in Deployment Workbench). Value
Description
Input
•
ZTIGather.xml. Contains a list of predefined properties that are parsed in the .ini file and deployment database.
•
CustomSettings.ini. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIGather.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
Wpeutil.exe. Initializes Windows PE and network connections; initiates LTI.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZTIGather.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
229
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
/localonly
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Returns only information about the target computer and the current operating system installed on the target computer. Does not parse the input .ini file (specified in the /inifile argument) and returns properties and rules specified in the .ini file. If not specified, the script will return information about the target computer and the currently installed operating system, and will parse the .ini file.
/inifile:ini_file_name
Name and path of the input .ini file that contains the properties and rules used in the deployment process. If not specified, the script uses the default value in CustomSettings.ini.
Properties Name All
Read
Write
ZTIGroups.wsf This script captures and restores the local group membership on the target computer. This script is called with the /capture argument to back up the group membership from the target computer before deploying the operating system. The CaptureGroups property contains the list of groups to be backed up by this script. The script is called with the /restore argument to restore the group membership after the operating system is deployed. When performing a restore, it will restore the membership of all groups that were backed up when the script was run using the /capture argument. Note When restoring group membership, the script does not create any destination groups that do not already exist on the target computer. Therefore, be sure to include all required groups in the reference computer when building the image file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
230
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIGroups.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIGroups.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/capture
Backs up the group membership of the local groups on the target computer as specified in the CaptureGroups property.
/restore
Restores the group membership to the local groups backed up earlier in the deployment process.
Properties Name
Read
CaptureGroups
Groups
HostName
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
231
ZTILangPacksOnline.wsf This script installs language packs for Windows Vista and Windows Server 2008. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTILangPacksOnline.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Lpksetup.exe. The Language Pack Setup tool used to add or remove language packs.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTILangPacksOnline.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
OSVersion
Write
ZTIMoveStateStore.wsf This script moves the captured user state and backup files to C:\Windows\Temp\StateStore. Note
This script is run only when deploying images using System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
232
Value
Description
Input
None
Output
•
ZTIMoveStateStore.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIMoveStateStore.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
ZTINextPhase.wsf This script updates the Phase property to the next phase in the deployment process. The Task Sequencer uses these phases to determine the sequence in which each task must be completed. The Phase property includes the following values: •
VALIDATION. Identify that the target computer is capable of running the scripts necessary to complete the deployment process.
•
STATECAPTURE. Save any user state migration data before deploying the new target operating system.
•
PREINSTALL. Complete any tasks that need to be done (such as creating new partitions) before the target operating system is deployed.
•
INSTALL. Install the target operating system on the target computer.
•
POSTINSTALL. Complete any tasks that need to be done before restoring the user state migration data. These tasks customize the target operating system before starting the target computer the first time after deployment (such as installing updates or adding drivers).
•
STATERESTORE. Restore the user state migration data saved during the State Capture Phase.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
233
For more information about the Phase property, see the corresponding topic in the “Properties” section of this reference. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTINextPhase.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTINextPhase.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DeploymentMethod
Phase
Write
ZTINICConfig.wsf This script configures activated network adapters with values that were captured by ZTIGather.wsf based on the properties listed in the CustomSettings.ini file or the deployment database (created on the Database node in Deployment Workbench). Value Input
Solution Accelerators
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
234
Value
Description
Output
•
ZTINICConfig.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTINicUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTINicConfig.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/ForceCapture
If there are any local networking adapters with static IP addresses saved, this script will capture those settings and save them to the local environment; for example, C:\MININT\SMSOSD\OSDLogs\Variables.dat. This script can be useful in capturing static IP settings for a large number of computers for automation.
/RestoreWithinWinPE
When specified, will apply any saved static IP network settings to the local computer, when appropriate. Used for internal processing only.
Properties Name
Read
Write
DeployDrive
DeploymentMethod
DeploymentType
DeployRoot
OSDAdapterCount
OSDMigrateAdapterSettings
OSGUID
Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
235
ZTINICUtility.vbs This script contains network adapter–related functions and subroutines that are called by the various scripts in the MDT 2008 deployment process. Value
Description
Input
None
Output
None
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="ZTINicUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name OSDAdapterAdapterIndexAdapterName
Read
Write
Note AdapterIndex in this property is a placeholder for a zero-based array that contains network adapter information.
ZTIOEM.wsf This script is used by the OEM duplication process when using MDT 2008 with System Center Configuration Manager. This script has two functions: 1. When run using the /PREOEM switch, the target computer is prepared for OEM duplication. 2. When run using the /POSTOEM switch, the target computer is reconfigured to allow starting from the hard drive so that it can complete the deployment task sequence. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
Solution Accelerators
•
ZTIOEM.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
236
Value
Description
References
•
ZTIDiskUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIOEM.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/PREOEM
Prepares the target computer for OEM duplication.
/POSTOEM
Completes the configuration of the target computer after OEM duplication.
Properties Name
Read
Write
ConfigFileName
ConfigFilePackage
ImagePackageID
InstallPackageID
Phase
OSArchitecture
OSDAnswerFilePath
OSDImageCreator
OSDImageIndex
OSDInstallEditionIndex
OSDImagePackageID
OSDInstallType
OSDisk
OSDTargetSystemDrive
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
237
Name
Read
Write
OSDTargetSystemRoot
OSVersionNumber
ZTIOSRole.wsf This script installs server roles for target computers that are running Windows Server 2008 and Windows Server 2003. The script reads the OSRoles, OSRoleServices, and OSFeatures properties to determine what should be installed. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIOSRole.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIOSRole.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
IsServerCoreOS
OSFeatures
OSRoles
OSRoleServices
OSVersion
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
238
Name
Read
Write
SMSTSRebootRequested
ZTIPackages.wsf This script installs a list of packages during the OSD State Restore Phase. During the installation process the script performs the following steps: 1. Verifies that the Osdswdexec executable file can be located. 2. Verifies the existence of the specified .ini file. The default .ini file is CustomSettings.ini. 3. Reads the Systems Management Server database connection information from the specified .ini file. 4. Connects to the Systems Management Server database. 5. Reads each package name from the Packages environment variable, and then, using the Osdswdexec executable, starts the package installation. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIPackages.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Osdswdexec.exe. SMS 2003 OSD Feature Pack application installer.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIPackages.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
239
Properties Name
Read
Write
PackageID
Packages
ProgramName
ZTIPatches.wsf This script installs updates (language packs, security updates, and so on) that are listed in the Packages.xml file. The script will terminate if the deployment is not in one of the following states: •
DeploymentMethod equals OSD and Phase equals POSTINSTALL
•
DeploymentMethod does not equal OSD and Phase equals PREINSTALL
The script will start Pkgmgr if the deployment is in the following state: •
DeploymentMethod equals OSD and Phase equals POSTINSTALL.
Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTIPatches.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Expand.exe. Expands compressed files.
•
Pkgmgr.exe. Installs or updates Windows Vista offline.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTIPatches.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
240
Value
Description (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeployRoot
DeploymentMethod
DeploymentType
LanguagePacks
OSDPlatformArch
PackageGroup
Phase
ResourceRoot
Write
ZTIPrereq.vbs This script checks to verify that the target computer has the prerequisite software installed, and that it is functional. The checks the script performs are: •
Determine if the Windows Script version is equal to or greater than version 5.6.
•
Verify that errors do not occur when object references are instantiated to Wscript.Shell, Wscript.Network, Scripting.FileSystemObject MSXML2.DOMDocument, and the Process environment.
If any one of the checks fail, an error is raised and the script exits the ValidatePrereq procedure. Value
Description
Input
None
Output
None
References
None
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
241
Properties Name
Read
Write
None
ZTISCCM.wsf This script initializes ZTI when deploying using Systems Center Configuration Manager. The script performs the following procedure: 1. If debugging is activated, the script creates the OSD.Debug and Archive_OSD.sms files. 2. The script configures these properties: a. ScriptRoot is set to the parent folder of the currently running script. b. DeployRoot is set to the parent folder of ScriptRoot. c.
ResourceRoot is set to DeployRoot.
d. DeploySystemDrive is set to “C:.” e. DeploymentMethod is set to “CONFIGMGR.” 3. When DeployRoot contains “:\”: a. The DeployRoot folder is copied to _SMSTSMDataPath\WDPackage. b. ScriptRoot is set to _SMSTSMDataPath\WDPackage\Scripts. c.
DeployRoot is set to the parent folder of ScriptRoot.
d. ResourceRoot is set to DeployRoot. 4. When Phase is NULL: a. If the %SystemDrive% environment variable is “X:,” then DeploymentType is set to “NEWCOMPUTER” and Phase is set to “PREINSTALL.” Otherwise DeploymentType is set to “REPLACE” and Phase is set to “VALIDATION.” b. If the OldComputer.tag file exists in the parent folder of the current running script, then DeploymentType is set to “REPLACE” and Phase is set to “VALIDATION.” Otherwise DeploymentType is set to “REFRESH” and Phase is set to “VALIDATION.” For more information about these properties, see the corresponding topics in the “Properties” section of this reference. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
Solution Accelerators
•
ZTISCCM.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
242
Value
Description
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTISCCM.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
_SMSTSMDataPath
Architecture
BDDPackageID
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
Phase
ResourceRoot
ScriptRoot
ToolRoot
ZTISetVariable.wsf This script sets the specified global task sequence variable that corresponds to the name contained in VariableName to the value contained in VariableValue. Value Input
Solution Accelerators
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process. microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
243
Value
Description
Output
•
ZTISetVariable.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTISetVariable.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
VariableName
VariableValue
Write
ZTIStorageDrivers.wsf This script injects required non-Microsoft mass storage drivers into Windows XP or Windows Server 2003 when deploying using a full set of source files and running Setup.exe. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIStorageDrivers.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
244
Value
Description
Use
cscript ZTIStorageDrivers.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentMethod
DeploySystemDrive
ImageBuild
InstallFromPath
OSDPlatformArch
ResourceRoot
StorageDriverGroupxxx
Write
ZTIStorageDriversSysprep.wsf This script injects required non-Microsoft mass storage drivers into Windows XP or Windows Server 2003 when deploying an image to the target computer that has been prepared using Sysprep. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References Solution Accelerators
•
ZTIStorageDriversSysprep.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. ZTIUtility.vbs. Includes support functions and subroutines used by the script. microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
Value
245
Description
Location
distribution\Scripts
Use
cscript ZTIStorageDriversSysprep.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentMethod
DeploySystemDrive
ImageBuild
OSDPlatformArch
ResourceRoot
StorageDriverSysPrepGroupxxx
Write
ZTITatoo.wsf This script tattoos the target computer with identification and version information. The script performs the following procedure: •
Locate and copy the ZTITatoo.mof file to the %SystemRoot%\System32\Wbem folder. Any preexisting ZTITatoo.mof that exists at the destination will be deleted before starting the copy operation.
•
Mofcomp.exe will be run using the following command: %SystemRoot%\System32\Wbem\Mofcomp.exe -autorecover %SystemRoot%\System32\Wbem\ZTITatoo.mof.
•
These deployment details are written to the registry at HKEY_LOCAL_MACHINE\Software\Microsoft\Deployment 4: •
Deployment Method is set to DeploymentMethod.
•
Deployment Type is set to DeploymentType.
• Deployment Timestamp is set to the current date in WMI date format. Solution Accelerators microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
246
•
•
•
Task Sequence ID is set to TaskSequenceID.
•
Task Sequence Name is set to TaskSequenceName.
•
Task Sequence Version is set to TaskSequenceVersion.
If OSDPACKAGEID is not NULL, these deployment details are written to the registry at HKEY_LOCAL_MACHINE\Software\Microsoft\Deployment 4: •
OSD Package ID is set to OSDPACKAGEID.
•
OSD Program Name is set to OSDPROGRAMID.
•
OSD Advertisement ID is set to OSDADVERTID.
If OSDPACKAGEID is not NULL, these deployment details are written to the registry at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion: •
Note
CM_DSLID is set to OSDSITECODE:OSDPACKAGEID. This script is not designed to run on Windows PE.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTITatoo.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Mofcomp.exe. Command-line .mof file compiler.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTITatoo.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
247
Properties Name
Read
DeploymentMethod
DeploymentType
OSDAdvertID
OSDPackageID
OSDProgramID
OSDSiteCode
OSVersion
TaskSequenceID
TaskSequenceName
TaskSequenceVersion
Write
ZTIUserState.wsf This script initializes USMT to capture and restore user state on the target computer. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTIUserState.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Loadstate.exe. Deposits user state data on a target computer.
•
Msiexec.exe. Manages the installation of .msi-based applications.
•
Scanstate.exe. Collects user data and settings.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTIUserState.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
248
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentType
DeploySystemDrive
ImageSize
ImageSizeMultiplier
InstallFromPath
IsServerOS
LoadStateArgs
OSDPackagePath
OSDStateStorePath
OSVersion
ScanStateArgs
StatePath
UDDir
UDProfiles
UDShare
UserDataLocation
USMTConfigFile
USMTEstimate
USMTLocal USMTMigFiles
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
249
ZTIUtility.vbs This script contains utility functions that are used by most of the MDT 2008 scripts. Value
Description
Input
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
None
References
Location
•
OSDConnectToUNC.exe. Connects to a UNC path.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
Use
<script language="VBScript" src="ZTIUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
_OSDRESERVED1
_SMSTSAdvertID
_SMSTSCurrentActionName
_SMSTSCustomProgressDialogMessage
_SMSTSInstructionTableSize
_SMSTSLogPath
_SMSTSMachineName
_SMSTSNextInstructionPointer
_SMSTSOrgName
_SMSTSPackageID
_SMSTSPackageName
_SMSTSPackagePath
_SMSTSReserved1
_SMSTSReserved2
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
250
Name
Microsoft Deployment Toolkit 2008
Read
Architecture
AssetTag
ComputerName
Database
DBID
DBPwd
Debug
DeployRoot
EventShare
HostName
ImageBuild
Write
ImageFlags
ImageIndex
ImageLanguage
ImageMemory
ImageProcessor
ImageProcessorSpeed
ImageSize
InstallFromPath
Instance
JoinDomain
MacAddress
NetLib
OSDAdvertID
OSDComputerName
OSDNewMachineName
OSDPackageID
OSDPackagePath
OSGUID
OSVersion
ParameterCondition
Phase
Port
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
251
Name
Read
ResourceRoot
SLShare
SQLServer
SQLShare
StoredProcedure
Table
Write
TaskSequenceName
TaskSequenceVersion
UDDir
UDShare
UUID
UserID
UserPassword
UserDomain
WDSServer
ZTIValidate.wsf This script ensures that it is safe for the deployment to continue by validating the condition of the target computer. The script processes are: •
If DeploymentType equals REFRESH or UPGRADE and the target computer is a server, the script will exit.
•
If OSInstall exists and is not equal to YES, the script will exit.
•
Verify the minimum amount of RAM exists on the target computer. If not, the script will exit.
•
Verify the processor meets the minimum required speed. If not, the script will exit.
•
Verify the hard disk size meets the minimum size requirements. If not, the script will exit.
•
Verify that the target computer’s operating system is installed on drive C. If not, the script will exit.
•
During an Upgrade scenario: If VerifyOS = SERVER, verify that a server operating system is not pending deployment to a target computer that is running a workstation operating system.
•
During an Upgrade scenario: If VerifyOS = CLIENT, verify that a workstation operating system is not pending deployment to a target computer that is running a server operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
252
•
If DeploymentType equals REFRESH, verify that drive C is not compressed by running Compact /u C:\.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIValidate.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Compact.exe. Displays or alters the compression of files on NTFS file system partitions.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIValidate.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DeploymentType
ImageMemory
ImageProcessorSpeed
ImageSize
ImageSizeMultiplier
IsServerOS
Memory
OSDPackagePath
OSInstall
ProcessorSpeed
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
Name VerifyOS
Solution Accelerators
253
Read
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
254
ZTIWindowsUpdate.wsf This script will download and install updates from computers on a corporate network that are running WSUS, Windows Update, or Microsoft Update, using the Windows Update Agent (WUA) API. By default, this feature is disabled in each task sequence and must be manually activated to run. This script was designed to run on Windows Vista, Windows Server 2008, Windows XP, and Windows Server 2003. Most enterprises will already have teams and infrastructures in place to update newly deployed computers over the corporate network. This involves tracking the latest set of patches, drivers, and updates available for each desktop configuration and determining which updates should be downloaded and installed for each configuration. If the organization already has an established process, this script might not be necessary. This script was designed to fill a need for deployment teams that might not have established processes, yet want to ensure that target computers are updated when deployed. This script will automatically scan the target computer and download a wide range of updates that are found to be applicable. Among these are: •
Windows service packs
•
Non-Microsoft drivers that were placed on Windows Update
•
Enhanced features for Windows Vista Ultimate
•
The latest Quick Fix Engineering (QFE) updates
•
Microsoft Office updates
•
Microsoft Exchange Server and SQL Server updates
•
Microsoft Visual Studio® updates
•
Some non-Microsoft application updates Tip Many hardware manufacturers have placed their drivers on Windows Update. These drivers no longer need to be maintained in the “Out of Box Drivers” directory. Experiment by removing drivers from the distribution share to see which ones are available on Windows Update. Note that if the drivers are not included with Windows by default, do not remove Networking or Storage drivers, because the operating system will require user input.
MDT 2008 supports the ability to deploy an updated version of WUA as part of the operating system deployment. This helps ensure that target computers are running the correct version of WUA when they are deployed. This also helps eliminate the need to connect to the Internet and download the latest version of WUA after deployment. MDT 2008 can also configure WUA to collect updates from computers on the corporate network that are running WSUS instead of connecting to Microsoft Updates over the Internet. MDT 2008 can optionally configure WUA to use a specific computer running WSUS using the WSUSServer property. For additional information and for WUA deployment instructions, go to http://technet.microsoft.com/en-us/library/bb932139.aspx. Obtain the latest version of the WUA stand-alone installer for: •
x86 versions (WindowsUpdateAgent30-x86.exe) at http://go.microsoft.com/fwlink/?LinkID=100334.
•
x64 version (WindowsUpdateAgent30-x64.exe) at http://go.microsoft.com/fwlink/?LinkID=100335.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
255
Windows Vista and Windows Server 2008 include the most recent version of WUA, so no upgrade is necessary for these operating systems. In Windows XP and Windows Server 2003, one of the following will occur: •
If the WUA 3.0 stand-alone installer files are in the TOOLS\architecture folder (where architecture is either x86 or x64) on the deployment point, MDT 2008 will automatically install WUA on the target computer. When downloading the WUA 3.0 stand-alone installer files, save them in the distribution\TOOLS\architecture folder (where distribution is the folder where the distribution point is created).
•
If the WUA 3.0 stand-alone installer files are not in the TOOLS\architecture folder on the deployment point and if the existing version of WUA is configured for a WSUS server, then WUA will attempt to update itself from a WSUS server. If the existing version of WUA is not configured for a WSUS server, then MDT 2008 will attempt to download and install WUA 3.0 from the Microsoft Update site. In this case, Internet access is required for the target computer.
Note
MDT 2008 does not support authentication with proxy servers.
For more information, see “Updating the Windows Update Agent” at http://msdn2.microsoft.com/en-us/library/aa387285.aspx. When enabled in the Task Sequencer, this script runs multiple times while in the State Restore phase of the operating system deployment. It is first run after the operating system has started for the first time. This ensures that the latest updates and service packs are installed before the installation of any applications that might be dependent on specific updates or service packs being installed on the target computer. For example, an application might be dependent on the latest version of the Microsoft .NET Framework being installed. This script is also run after the installation of applications. This ensures that the latest application service packs and updates have been applied. For example, use this script to ensure that the latest updates are applied to Microsoft Office 2003 or the 2007 Office system. It is possible, during the installation of one or more updates, that the target computer will need to be restarted to allow an update installation to fully complete. To ensure updates are properly installed, if the script detects that the installation of an update requires the target computer to be restarted, the script will automatically restart the target computer and resume again if additional updates have been detected and are pending installation. This script will exit if it determines that the target computer is fully up to date. An error will be logged if, while updating the target computer, the script has seven unsuccessful attempts to install the updates and the target computer still requires a reboot. During run time, the script performs the following tasks: •
Configures the target computer to use a WSUS server, if the WSUSServer property was specified.
•
Verifies that the latest version of the Windows Update Agent is installed on the target computer.
•
Searches the target computer for applicable updates that are not already installed and which might or might not be normally hidden.
•
Each update has an associated UpdateID and QNumber property: •
The UpdateID property is in GUID form, such as 67da2176-5c57-4614-a51433abbdd51f67.
•
The QNumber property is a numerical value, such as 987654.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
256
•
The script will compare the UpdateID and KBArticle property values against the list of exclusions specified in the following MDT 2008 properties: •
WUMU_ExcludeID: A list of UpdateIDs to exclude. Any update with an UpdateID found in this list will not be installed.
•
WUMU_ExcludeKB: A list of QNumbers to exclude. Any update with a QNumber found in this list will not be installed.
•
In addition, any update that requires user input will be excluded, and will not be installed.
•
All updates that require an End User License Agreement (EULA) to be approved will automatically be approved by the script. Be sure to manually read and check each EULA before running this script in a production environment.
•
The activity for each update is written to the ZTIWindowsUpdate.log file with the string INSTALL or SKIP if the update has been approved for installation, along with the UpdateID, a short description of the update, and the QNumber.
•
Each update that is to be installed is downloaded and installed in batches. The target computer might require more than one restart during the update installation.
Note
Internet Explorer 7 requires user interaction, so it is not installed using this script.
Note By default, include QNumber 925471 in the WUMU_ExcludeKB list to prevent Windows Vista Ultimate from installing extra language packs. Note If intranet sources are not available, this script will download two files from Microsoft Web sites: http://update.microsoft.com/redist/wuredist.cab and http://download.windowsupdate.com/v6/windowsupdate/redist/standalone/muauth.cab.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIWindowsUpdate.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Expand.exe. Expands compressed files.
•
WIZUtility.vbs. Includes support functions and subroutines used by the user interface (such as wizard pages).
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIWindowsUpdate.wsf >
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
257
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
/UpdateCommand:para m
/Query:value
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
•
IsInstalled. Set to 0 to query for updates that are not installed.
•
IsHidden. Set to 0 to query for updates that are hidden.
•
True. Query only for required updates. Do not download and install any binaries.
•
False. Query for and install required updates. Download and install binaries.
Note
When specified, UpdateCommand requires at least one option.
Note
If specifying both options for UpdateCommand, they must be separated by “and”.
Note
The default value for UpdateCommand is IsInstalled=0 and IsHidden=0.
Properties Name
Read
Write
Architecture
MSIT_WU_Count
NoAutoUpdate_Previous
SMSTSRebootRequested
SMSTSRetryRequested
WSUSServer
WUMU_ExcludeID
WUMU_ExcludeKB
ZTIWipeDisk.wsf This script formats the target computer’s hard disk. The script: •
Exits if WipeDisk is not equal to TRUE.
•
Determines the appropriate drive to format.
•
Formats the drive by calling cmd /c format Drive /fs:ntfs /p:3 /Y (where Drive is the drive letter of the hard disk drive to be formatted).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
258
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIWipeDisk.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIWipeDisk.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
ResourceRoot
WipeDisk
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Suppor t File s The utilities and scripts used in LTI and ZTI deployments reference external configuration files to determine the process steps and configuration settings used during the deployment process. The following information is provided for each utility: •
Name. Specifies the name of the file.
•
Description. Provides a description of the purpose of the file.
•
Location. Indicates the folder where the file can be found. In the information for the location, the following variables are used: •
program_files. This variable points to the location of the Program Files folder on the computer where MDT 2008 is installed.
•
distribution. This variable points to the location of the Distribution folder for the deployment point.
•
platform. This variable is a placeholder for the operating system platform (x86 or x64).
Some of the additional reference files are:
Applications.xml This .xml file contains metadata about the applications defined in the distribution share. This .xml file is created on the Applications node in Deployment Workbench and is read by ZTIApplications.wsf. Value
Description
Location
distribution\Control
BootStrap.ini The configuration file used when the target computer is not able to connect to the appropriate deployment point. This situation occurs in the New Computer and the Replace Computer scenarios. Value
Description
Location
distribution\Control
CustomSettings.ini The primary configuration file for the MDT 2008 processing rules used in all scenarios. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
260
Value
Description
Location
distribution\Control
Databases.xml This .xml file contains metadata about the databases used by MDT 2008. This .xml file is created on the Database node in Deployment Workbench. Value
Description
Location
distribution\Control
Deploy.xml This .xml file contains metadata about the configuration settings associated with MDT 2008 deployment points. This .xml file is created on the Deployment Points node in Deployment Workbench. Value
Description
Location
program_files\Microsoft Deployment Toolkit\Control
Drivers.xml This .xml file contains metadata about the device drivers defined in the distribution share. This .xml file is created on the Drivers node in Deployment Workbench and is read by ZTIDrivers.wsf. Value
Description
Location
distribution\Control
DriverGroups.xml This .xml file contains metadata that specifies the grouping of drivers as listed on the Groups tab for each defined driver. Each driver group node contains a listing of associated drivers. This .xml file is created on the Out-of-Box Drivers node in Deployment Workbench. Value
Description
Location
distribution\Control
ListOfLanguages.xml This .xml file contains metadata about the languages supported by MDT 2008 and is read by DeployWiz_Initialization.vbs. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Support Files Note
261
This .xml file is preconfigured and should never require modification.
Value
Description
Location
distribution\Scripts
OperatingSystems.xml This .xml file contains metadata about the operating systems in the distribution share. This .xml file is created on the Operating Systems node in Deployment Workbench. Value
Description
Location
distribution\Control
Packages.xml This .xml file contains metadata about operating system packages in the distribution share, including software updates and language packs. This .xml file is created on the OS Packages node in Deployment Workbench. Value
Description
Location
distribution\Control
ServerManager.xml This .xml file contains metadata about the OSRoles, OSRoleService, and OSFeatures that can be configured on Windows Server 2008 and Windows Server 2003. Note Not all values listed for OSRoles, OSRoleService, and OSFeatures are compatible with all server operating systems.
Value Location
Description program_files\Microsoft Deployment Toolkit\Bin
TaskSequences.xml This .xml file contains metadata about the task sequences that reside in the subfolders of distribution\Control. Value Location
Description distribution\Control
TS.xml This .xml file contains metadata about the task sequence definition. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
262
Value
Description distribution\Control\task_sequence_id
Location
Note Task_sequence_id is a placeholder for the task sequence ID that was assigned to each task sequence when it was created on the Task Sequences node in Deployment Workbench.
Variables.dat This .dat file contains property settings that are required when using the SMS 2003 OSD Feature Pack. Value
Description
Wimscript.ini This .ini file is an ImageX configuration file that contains the list of folders and files that will be excluded from being added to an image. It is referenced by ImageX during the LTI Capture phase. For assistance with customizing this file, see the section, “Create an ImageX Configuration File,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
distribution\Tools\platform
ZTIBIOSCheck.xml This .xml file contains metadata about BIOSes for target computers. This .xml file is edited manually and is read by ZTIBIOSCheck.wsf. Extract the necessary information from a target computer to create an entry in this .xml file using the Microsoft Visual Basic® Scripting Edition (VBScript) program (ZTIBIOS_Extract_Utility.vbs) that is embedded in this .xml file. Value
Description
Location
distribution\Scripts
ZTIConfigure.xml This .xml file is used by the ZTIConfigure.wsf script to translate property values (specified earlier in the deployment process) to configure settings in the Unattend.xml, Sysprep.inf, or Unattend.txt files. This .xml file is already customized to make the appropriate translations and should not require further modification. For more information about the ZTIConfigure.wsf script, see the corresponding topic in the “Scripts” section of this reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Support Files
263
Value
Description
Location
distribution\Scripts
ZTIDiskpart.txt This .txt file is an answer file used by the Diskpart.exe utility as part of the process for creating partitions on the target computer. This file contains actions that are processed by Diskpart.exe. The process is as follows: 1779.The MDT 2008 deployment process runs the ZTIDiskpart.exe based on the actions and sequence of actions in the Task Sequencer. 1780.ZTIDiskpart.wsf runs ZTIDiskpart.cmd and provides this .txt file as a command-line parameter to ZTIDiskpart.cmd. 1781.ZTIDiskpart.cmd runs Diskpart.exe and provides this .txt file as a command-line parameter to Diskpart.exe. 1782.Diskpart.exe reads the actions in this .txt file and then performs the corresponding action. This file can be customized to create different partition configurations on the target computer using a text editor. For more information about ZTIDiskpart.wsf and ZTIDiskpart.cmd, see the corresponding topics in the “Scripts” section of this reference. Value
Description
Location
distribution\Scripts
Use
Diskpart.exe /s ZTIDiskpart.txt
For more information about Diskpart, please see the section, “DiskPart Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide.
ZTIGather.xml In addition to the properties explicitly defined within each deployment script (also known as local properties), the deployment scripts also read this .xml file. This .xml file contains a list of properties that are to be processed by each deployment script to obtain values for the properties listed in the CustomSettings.ini file or the deployment database (created on the Deployment Workbench Database node). Note This .xml file is preconfigured and should never require modification. Define custom properties in the CustomSettings.ini file or the deployment database.
Value
Description
Location
distribution\Scripts
ZTISupportedPlatforms.xml This .xml file contains metadata about supported operating systems and associated queries. These queries can be used to identify target computers that are based on hardware platforms that are compatible with the supported operating systems. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
264
Value
Description
Location
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
ZTITatoo.mof This .mof file, when imported into the WMI repository of the target computer using Mofcomp.exe, creates the Microsoft_BDD_Info WMI class. This class will contain deployment-related information, such as: •
DeploymentMethod
•
DeploymentType
•
DeploymentTimestamp
•
BuildID
•
BuildName
•
BuildVersion
•
OSDPackageID
•
OSDProgramName
•
OSDAdvertisementID
•
TaskSequenceID
•
TaskSequenceName
•
TaskSequenceVersion
Value Location
Solution Accelerators
Description distribution\Scripts
microsoft.com/technet/SolutionAccelerators
Uti lit ies The scripts used in LTI and ZTI reference utilities that perform specialized tasks that support the steps used during the deployment process. Use the following information to help determine the correct utilities to include in actions and the valid arguments to provide when running each utility. The following information is provided for each utility: •
Name. Specifies the name of the utility.
•
Description. Provides a description of the purpose of the utility.
•
Location. Indicates the folder where the utility can be found. In the information for the location, the following variables are used: •
program_files. This variable points to the location of the Program Files folder on the computer where MDT 2008 is installed.
•
distribution. This variable points to the location of the Distribution folder for the deployment point.
•
platform. This variable is a placeholder for the operating system platform (x86 or x64).
•
Use. Provides the commands and options that can be specified.
•
Arguments and description. Indicates the valid arguments to be specified for the utility and a brief description of what each argument means.
BCDEdit.exe BCDEdit.exe is a command-line tool for managing boot configuration data (BCD) stores. It can be used for a variety of purposes, including creating new stores, modifying existing stores, adding boot menu options, and so on. For more information about BCDEdit.exe, see BCDEdit Commands for Boot Environment at http://www.microsoft.com/whdc/system/platform/firmware/bcdedit_reff.mspx and BCDEdit Command-Line Options at http://technet2.microsoft.com/WindowsVista/en/library/08d64d13-4f45-4a05-bd86c99211a93dd91033.mspx. Value
Description
Location
Included in the Windows Automated Installation Kit (Windows AIK).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
266
Arguments Value
Description See the command-line help provided by this utility, Windows AIK, or the information found at the URLs listed in the utility description.
BDDRun.exe This utility is run as an action by the Task Sequencer for executables (such as a script or other code) that require user interaction. By default, the task sequence cannot run an executable that requires user interaction. However, this utility allows the Task Sequencer to run an executable that requires user interaction. The executable that requires user interaction is provided as an argument to this utility. This utility runs the executable in a separate command environment. Note This utility can only be used in LTI deployments. ZTI deployments prohibit any user interaction.
Value
Description
Location
distribution\Tools\platform
Use
BDDRun.exe commandline
Arguments Value
Description
commandline
The command to be run that requires user interaction.
Note Put double quotation marks around any part of the command-line portion of the argument that contains blanks. For example: BDDRun.exe MyAppInstaller.exe /destinationdir: "%ProgramFiles%\AppName".
BdeHdCfg.exe Manages the BitLocker Drive Encryption configuration. For detailed information about BdeHdCfg.exe, see the Microsoft Knowledge Base article, “Description of the BitLocker Drive Preparation Tool,” at http://support.microsoft.com/kb/930063. Value
Description
Location
Included in the Windows PE source files.
Arguments Value
Description
See KB article 930063. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Utilities
267
Bootsect.exe Bootsect.exe updates the master boot code for hard disk partitions to switch between BOOTMGR and NTLDR. Use this utility to restore the boot sector on the computer. For more information on Bootsect.exe, see the section, “Bootsect Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
distribution\Tools\platform
Use
bootsect.exe /nt52 C:
Arguments Value
Description
/Help
Displays the use instructions listed here.
/nt52
Applies the master boot code that is compatible with NTLDR to SYS, ALL, or DriveLetter. The operating system installed on SYS, ALL, or DriveLetter must be an earlier version of Windows Vista.
/nt60
Applies the master boot code that is compatible with BOOTMGR to SYS, ALL, or DriveLetter. The operating system installed on SYS, ALL, or DriveLetter must be Windows Vista.
SYS
Updates the master boot code on the system partition used to boot Windows.
All
Updates the master boot code on all partitions. ALL does not necessarily update the boot code for each volume. Instead, this option updates the boot code on volumes that can be used as Windows boot volumes, which excludes any dynamic volumes that are not connected with an underlying disk partition. This restriction is present because the boot code must be located at the beginning of a disk partition.
DriveLetter
Updates the master boot code on the volume associated with this drive letter. The boot code will not be updated if either 1) DriveLetter is not associated with a volume or 2) DriveLetter is associated with a volume not connected to an underlying disk partition.
/Force
Forcibly dismounts the volume(s) during the boot code update. Use this option with caution.
Compact.exe Displays or alters the compression of files on NTFS file system partitions.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
268
Value
Description
Location
Included in the Windows source files.
Arguments Value
Description
/C
Compresses the specified files. Directories will be marked so that files added afterward will be compressed.
/V
Uncompresses the specified files. Directories will be marked so that files added afterward will not be compressed.
/S
Performs the specified operation on files in the given directory and in all subdirectories. Default "dir" is the current directory.
/A
Displays files with the hidden or system attributes. These files are omitted by default.
/I
Continues performing the specified operation even after errors have occurred. By default, Compact.exe stops when an error is encountered.
/F
Forces the compress operation on all specified files, even those which are already compressed. Already-compressed files are skipped by default.
/Q
Reports only the most essential information.
filename
Specifies a pattern, file, or directory.
Diskpart.exe Diskpart is a text-mode command interpreter in Windows Vista, Windows XP, and Windows Server 2003. Using this utility allows management of objects (disks, partitions, or volumes) using scripts or direct input in a Command Prompt window. For more information on Diskpart.exe, see the section, “Diskpart Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
Included in the Windows PE source files.
Arguments Value
Description See the guide referenced in the utility description.
Expand.exe This utility is run to expand (extract) files from compressed files. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Utilities
269
Value
Description
Location
Included in the Windows source files.
Use
Expand.exe -r wuredist.cab -F:wuRedist.xml %temp%
Arguments Value
Description
-r
Rename expanded files.
-D
Display the list of files in the source directory.
Source
Source file specification. Wildcards may be used.
-F:Files
Name of files to expand from a .cab.
Destination
Destination file | path specification. Destination can be a directory. If Source is multiple files and -r is not specified, Destination must be a directory.
ImageX.exe ImageX is a command-line utility that enables original equipment manufacturers (OEMs) and corporations to capture, modify, and apply file-based disk images for rapid deployment. ImageX works with WIM files for copying to a network, or it can work with other technologies that use WIM images, such as Windows Setup, Windows Deployment Services, and the SMS 2003 OSD Feature Pack. For more information about ImageX, see the section, “What is ImageX,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
distribution\Tools\platform
Arguments Value
Description See the guide referenced in the utility description.
Microsoft.BDD.PnpEnum.exe This utility is run to enumerate Plug and Play devices that are installed on the target computer. Value
Description
Location
distribution\Tools\platform
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
270
Arguments Value
Description
None
Mofcomp.exe Mofcomp.exe is the Managed Object Format (MOF) compiler that parses a file that contains MOF statements and adds the classes and class instances defined in the file to the WMI repository. Mofcomp.exe provides command-line help on the switch use options. Value
Description
Location
Included in the Windows source files.
Arguments Value
Description See the command-line help provided by this utility.
Netsh.exe Netsh.exe is a command-line and scripting utility used to automate the configuration of networking components. For more information about Netsh.exe, see The Netsh Command-Line Utility at http://technet2.microsoft.com/WindowsServer/en/library/fd1e2fbe-15a6-413b-b71228afb312c92f1033.mspx. Value
Description
Location
Included in the Windows source files.
Arguments Value
Description See the command-line help provided by this utility or the information found at the URL listed in the utility description.
Reg.exe The Console Registry Tool and is used to read and modify registry data. Value
Description
Location
Included in the Windows source files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Utilities
271
Arguments Value
Description See the command-line help provided by this utility.
Regsvr32.exe This utility is used to register files (.dll, .exe, .ocx, and so on) with the operating system. Value
Description
Location
Included in the Windows source files.
Arguments Value
Description
file
The name of the file to register or unregister.
/s
Runs the utility in silent mode.
/u
Unregisters the file.
Wdsmcast.exe This utility is used by target computers to join a multicast transmission. It is only available in the Windows Server 2008 Windows AIK. For more information about Wdsmcast.exe, see the corresponding section in the Windows Server 2008 Windows AIK. Note The Windows Server 2008 Windows AIK is only available to organizations who are participating in the Windows Server 2008 Beta program.
Value
Description
Location
Included in the Windows Server 2008 Windows AIK.
Arguments Value
Description See the guide referenced in the utility description.
Wpeutil.exe The Windows PE utility (Wpeutil) is a command-line utility with which various commands can be run in a Windows PE session. For example, an administrator can shut down or reboot Windows PE, activate or deactivate a firewall, configure language settings, and initialize a network. MDT 2008 uses the utility to initialize Windows PE and network connections, and start LTI deployments. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
272
For more information on Wpeutil.exe, see the section, “Wpeutil Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
Included in the Windows PE source files.
Arguments Value
Description See the guide referenced in the utility description.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Table s and V iew s i n the Dep lo yment Wor kbenc h Da tabase In MDT 2008, many property settings can be stored (normally configured in the CustomSettings.ini file) in a database. Configuring the properties in a database helps create a generic CustomSettings.ini file that requires fewer modifications and allows one CustomSettings.ini file to be used in more images (because the file is more generic). Customize the database on the Database node in Deployment Workbench. Using Deployment Workbench, the deployment settings can be configured and saved in tables. However, queries about the information in the tables are done using views. Views help simplify the queries by joining results from multiple tables. ZTIGather.wsf queries the views to return the result set specified by the Parameters and ParameterCondition properties. For more information on configuring deployment settings on the Database node in Deployment Workbench, see the section, “Configuring the Database,” in the MDT 2008 document, Deployment Customization Guide.
Tables in the Deployment Workbench Database The following table lists the database tables that Deployment Workbench creates and manages. Table
Description
BDDAdminCore
Provides backward compatibility for BDD 2.5; not managed by Deployment Workbench.
ComputerIdentity
Used to identify a specific computer using any combination of the AssetTag, UUID, SerialNumber, and MACAddress properties. The table includes a Description column to provide a user-friendly method of describing the computer (usually the computer name).
LocationIdentity
Used to identify geographic locations using the Location property. The values for this property are stored in a corresponding column in the table.
LocationIdentity_DefaultGateway
Relates the default gateway values with a location identified in the LocationIdentity table. There is a one-to-many relationship between this table and the LocationIdentity table.
274
MSDN 2.0
Table
Description
MakeModelIdentity
Used to identify a specific make and model of a computer using the Make and Model properties. The values for these properties are stored in corresponding columns in the table.
PackageMapping
Used to associate the name presented in the Add or Remove Programs Control Panel item with a Systems Management Server package and program to be deployed in place of the application in Add or Remove Programs. For more information on this table, see the section, “Deploying Applications Based on Previous Application Versions,” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide.
RoleIdentity
Used to identify the purpose of a computer or the users of a computer using the Role property. The values for this property are stored in a corresponding column in the table.
Settings
Identifies the settings that are applied to an individual computer or a group of computers based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Administrators
Identifies the user accounts to be added to the local Administrator group on the target computer based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Applications
Identifies the applications to be deployed to the target computer based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Packages
Identifies the packages to be deployed to the target computer based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Roles
Identifies the roles to be associated with the target computer based on the settings in the Computers, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
275
Views in the Deployment Workbench Database The following table lists and describes the database views that are used when querying configuration information in the Deployment Workbench database. View
Description
ComputerAdministrators
Used to find all accounts to be made members of the local Administrators group on the target computer. The view is a join of the ComputerIdentity and Settings_Administrators tables.
ComputerApplications
Used to find all applications to be deployed to the target computer. The view is a join of the ComputerIdentity and Settings_Applications tables.
ComputerPackages
Used to find all packages to be deployed to the target computer. The view is a join of the ComputerIdentity and Settings_Packages tables.
ComputerRoles
Used to find all roles to be associated with the target computer. The view is a join of the ComputerIdentity and Settings_Roles tables.
ComputerSettings
Used to find all property settings to be configured for the target computer. The view is a join of the ComputerIdentity and Settings tables.
LocationAdministrators
Used to find all the accounts to be made a member of the local Administrators group on the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Administrators tables.
LocationApplications
Used to find all the applications to be deployed to the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Applications tables.
LocationPackages
Used to find all the packages to be deployed to the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Packages tables.
LocationRoles
Used to find all the roles to be associated with the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Roles tables.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
276
MSDN 2.0
View
Description
Locations
Used to find the IP addresses for the default gateways within a location or for all the locations that contain a specified IP address for a default gateway. The view is a join of the LocationIdentity and LocationIdentity_DefaultGateway tables.
LocationSettings
Used to find all the property settings to be configured for the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings tables.
MakeModelAdministrators
Used to find all accounts to be made members of the local Administrators group on the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Administrators tables.
MakeModelApplications
Used to find all applications to be deployed to the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Applications tables.
MakeModelPackages
Used to find all packages to be deployed to the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Applications tables.
MakeModelRoles
Used to find all roles associated with the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Roles tables.
MakeModelSettings
Used to find all property settings to be configured for the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings tables.
RoleAdministrators
Used to find all accounts to be made members of the local Administrators group on the target computers with a given role. The view is a join of the RoleIdentity and Settings_Administrators tables.
RoleApplications
Used to find all applications to be deployed to the target computers with a given role. The view is a join of the RoleIdentity and Settings_Applications tables.
RolePackages
Used to find all packages to be deployed to the target computers with a given role. The view is a join of the RoleIdentity and Settings_Packages tables.
RoleSettings
Used to find all property settings to be configured for the target computers with a given role. The view is a join of the RoleIdentity and Settings tables.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
277
Microsoft® Deployment Toolkit 2008 Preparing for LTI Tools
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein might suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document might be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft might have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, BitLocker, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein might be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This guide contains detailed information about how to use Microsoft® Deployment Toolkit (MDT) 2008 Lite Touch Installation (LTI) process to deploy Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Dep lo yment En vir onmen t Before deploying images to target computers, ensure that the deployment environment is properly prepared to run LTI tools. Some of the tasks shown in Table 1 might already have been completed in the environment. Skip steps that are complete. Table 1. Deployment Environment Checklist High-level steps to prepare the deployment environment q
Ensure the required infrastructure exists.
q
Install MDT 2008.
q
Create the deployment points.
q
Update the deployment point content.
Ensure the Required Infrastructure Exists See “Prerequisites for MDT 2008” in the MDT 2008 document Getting Started Guide.
Install MDT 2008 See the section, “Install MDT 2008,” in the MDT 2008 document, Quick Start Guide for Lite Touch Installation.
Create Deployment Points After MDT 2008 is installed, create the deployment point using the Deployment Point Wizard in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Deployment Environment
3
Select the Appropriate Deployment Point Types Table 2 lists the deployment point options that are created using Deployment Workbench and the reasons for selecting each option. Table 2. Deployment Point Type Options Option
Select this option
Lab or single-server deployment (Lab)
When setting up the first deployment point in the environment. The environment should have only one of this deployment point type.
Separate deployment share (Network)
After creating a LAB deployment point type to provide additional deployment points for redundancy, load balancing, or to improve the performance of deployments in larger networks for LTI tools.
Removable media (Media)
After creating a Lab deployment point type so that bootable media can be created for deployments that are initiated from removable media (such as a DVDROM, USB flash drive [UFD], or other removable devices). Use this option when the deployment process cannot be initiated using Windows Deployment Services for LTI tools or when performing deployments by using the Litetouch OEM Task Sequence Template.
SMS 2003 OSD Feature Pack (OSD)
After creating a Lab deployment point type so that Microsoft Systems Management Server (SMS) 2003 Operating System Deployment (OSD) Feature Pack images can be created to be deployed using Zero Touch Deployment (ZTI) tools.
Note Network, Media, and SMS 2003 OSD Feature Pack deployment point types can be created without creating a Lab deployment point type. However, the Lab deployment point type should typically be the first deployment type created.
Create Additional Deployment Points The type of deployment point created determines the options the Windows Deployment Wizard is displayed. One Lab deployment point type is required in each environment (lab, test, prototype, or production). In addition to the Lab deployment point type, Network and Media distribution points can be created as necessary. SMS 2003 OSD Feature Pack deployment point types are used only with ZTI tools. Creating the Network and Media deployment points is covered in this section. For more information on creating the: •
Lab deployment point type, see the section, “Create the Deployment Point,” in the MDT 2008 document, Workbench Imaging Guide.
•
SMS 2003 OSD Feature Pack deployment point type, see the section, “Create the Deployment Point,” in the MDT 2008 document, Preparing for Microsoft Systems Management Server 2003.
To create a Network or Media deployment point, complete the following steps (skip any wizard pages that are not displayed based on the deployment point type selected): Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
1783.Start Deployment Workbench. 1784.In the console tree, expand Deploy, right-click Deployment Points, and then click New. The New Deployment Point Wizard starts. 1785.On the Choose Type page, click one of the options listed in Table 3 based on the environment’s requirements, and then click Next. Table 3. Deployment Point Type Options Option
Select this option to
Separate deployment share
Create a new deployment share on the same computer on which Deployment Workbench is running or on another computer.
Removable media
Create folders (and, optionally, an International Organization for Standardization [ISO] image file) to deploy images using removable media.
1786.On the Specify Deployment Point Name page, in the Deployment point name box, type deployment_point_name (where deployment_point_name is the descriptive name selected), and then click Next. 1787.On the Application List page, select or clear the Allow users to select additional applications on Upgrade check box based on the information in Table 4, and then click Next. Table 4. Allow Users to Select Additional Applications on Upgrade Check Box Options Check box
Select this option to
Selected
Display the page in the Windows Deployment Wizard that prompts users to select additional applications to be installed at the same time they are upgrading. The wizard page is displayed in the Windows Deployment Wizard when performing an Upgrade scenario.
Cleared
Suppress the page in the Windows Deployment Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Deployment Environment
5
1788.On the Allow Admin Password page, select or clear the Ask user to set the local Administrator Password check box based on the information in Table 5, and then click Next. Table 5. Ask User to Set the Local Administrator Password Check Box Options Check box
Select this option to
Selected
Display the page in the Windows Deployment Wizard that prompts users to provide the local Administrator password for the target computer.
Cleared
Suppress the page in the Windows Deployment Wizard.
1789.On the Allow Product Key page, select the Ask user for a product key check box based on the information in Table 6, and then click Next. Table 6. Ask User for a Product Key Check Box Options Check box
Select this option to
Selected
Display the page in the Windows Deployment Wizard that prompts users to provide a product key for the target computer.
Cleared
Suppress the page in the Windows Deployment Wizard.
1790.Complete the Network Share page based on the information in Table 7, and then click Next. Table 7. Configuration Options for the Network Share Wizard Page In this box
Type
Server name
computer_name (where computer_name is the name of the computer that will host the shared folder)
Share name
share_name (where share_name is the name of the share to be created on the computer that will host the shared folder)
Path for share
path_name (where path_name is the fully qualified path to the share on the computer that will host the shared folder) Note This should be an existing local path on the server where the network share will be created.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
1791.On the Configure User State page, click one of the options listed in Table 8 based on requirements, and then click Finish. Table 8. User Data Defaults Options Option
Select this option to
Automatically determine the location on the Network
Allow the MDT 2008 scripts and process rules to automatically determine the best location based on network shared folders available to the target computer.
Automatically determine the location on the Local System
Allow the MDT 2008 scripts and process rules to determine the best location based on local available disk space on the target computer.
Specify a location
Save the user state migration data to a specific location. In the Location box, type location (where location is the fully qualified path to the location for storing the user state migration data).
Do not save data and settings
Discard any existing user state migration data. Click this option when deploying a new computer with no existing data.
The New Deployment Point Wizard finishes, and the new deployment point name appears in the details pane.
Update Deployment Point Content The various nodes in Deployment Workbench may require updates since initially creating and populating the deployment point so that the deployment point reflects the most current configuration. For example, application or device drivers may have to be added to the deployment point. For more information on updating: •
Applications, see the section, “Applications,” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating systems, see the section, “Operating Systems,” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating system packages, see the section, “Packages,” in the MDT 2008 document, Workbench Imaging Guide.
•
Device drivers, see the section, “Out-of-Box Drivers,” in the MDT 2008 document, Workbench Imaging Guide.
•
Task sequences, see the section, “Task Sequences,” in the MDT 2008 document, Workbench Imaging Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Pr ocess ing R ules At this step in the planning process, configure the appropriate processing rules based on the environment. The deployment process uses rules to configure target computers. For more information about configuring the appropriate processing rules, see the MDT 2008 document, Deployment Customization Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the W indo ws Dep lo yment Ser vi ces Se r ver Although Windows Deployment Services is used in stand-alone mode in the following example, note that MDT 2008 can use Windows Deployment Services for various purposes, including: •
Booting to Windows Preinstallation Environment (Windows PE) in a New Computer scenario.
•
Hosting custom images that can be deployed using Deployment Workbench.
Additionally, when using Windows Deployment Services with Microsoft System Center Configuration Manager 2007, a Pre-Boot Execution Environment (PXE) service point must be set on the computer on which Windows Deployment Services is installed. When migrating computers that neither Systems Management Server nor the System Center Configuration Manager manage, initiate the image-installation process using Windows Deployment Services. During the deployment process, Windows Deployment Services servers are responsible for installing: •
Windows PE on the target computers. Start Windows PE from Windows Deployment Services to prepare the computers for operating system image deployment.
•
Windows XP with Service Pack 2 (SP2) or Windows Vista on the target computers. Initiate a Windows XP with SP2 or Windows Vista deployment directly from the Windows Deployment Services server.
•
Windows Server 2008 or Windows Server 2003 on the target computers. Initiate a Windows Server 2008 or Windows Server 2003 deployment directly from the Windows Deployment Services server.
For networks that support multicasting, click Multicasting to deploy an image to a large number of client computers while minimizing bandwidth use. This feature is disabled by default. When creating a transmission, two options for the multicast type are available: •
Auto-Cast. In this option, as soon as an applicable client computer requests an installation image, a multicast transmission of the selected image begins. Then, as other client computers request the same image, they are joined to the transmission that has already started.
•
Scheduled-Cast. This option sets the start criteria for the transmission based on the number of client computers that are requesting an image or a specific day and time.
Note The plug-and-play process on dissimilar hardware takes time. Therefore, during the deployment process, allow time for the client computer to adapt to the hardware.
MDT 2008 supports only the multicast transfer of images contained on the LTI$ distribution share. Note
The Multicasting feature in MDT 2008 is only supported in Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Windows Deployment Services Server
9
Ensure that the Windows Deployment Services servers have copies of the Windows PE images when they become available from the development team that creates them. Table 9 provides a checklist for preparing Windows Deployment Services. Table 9. Windows Deployment Services Checklist High-level steps in the Windows Deployment Services preparation q
Select the Windows Deployment Services operational mode.
q
Add images to the server running Windows Deployment Services.
q
Pre-stage the target computers for Windows Deployment Services.
q
Configure MDT 2008 and Windows Deployment Services for multicast operation.
For more information about setting up and configuring the Windows Deployment Services server, see: •
The Windows Deployment Services Help file, included in Windows Deployment Services.
•
The white paper, “Deploying and Managing the Windows Deployment Services Update on Windows Server 2003,” at http://go.microsoft.com/fwlink/?LinkId=81031.
Select the Windows Deployment Services Operational Mode Windows Deployment Services is responsible for initiating the deployment process for PXE boot-enabled target computers. To use Windows Deployment Services for LTI, run Windows Deployment Services in Mixed or Native mode. Table 10 compares the operational modes of Windows Deployment Services.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Table 10. Windows Deployment Services Operating Modes Mode
Description
Legacy
Functionally equivalent to Remote Installation Service (RIS). This configuration supports only:
Mixed
Native
•
OSChooser as the boot operating system.
•
Images created by Remote Installation Service Setup (Risetup) and Remote Installation Preparation (Riprep).
•
Administration using the normal RIS tools.
Allows compatibility with RIS and Windows Deployment Services. This configuration supports only: •
OSChooser or Windows PE as the boot operating system.
•
Images created by Risetup, Riprep, or Windows Imaging Format (WIM).
•
Administration using the normal RIS tools or Windows Deployment Services management tools.
Provides only Windows Deployment Services–specific support and is incompatible with the SMS 2003 OSD Feature Pack and ZTI. This configuration supports only: •
Windows PE as the boot operating system.
•
Images created by WIM.
•
Administration using the Windows Deployment Services management tools.
For more information on configuring Windows Deployment Services to run in Mixed or Native modes, see: •
Windows Deployment Services Help files.
•
The white paper, “Deploying and Managing the Windows Deployment Services Update on Windows Server 2003,” at http://go.microsoft.com/fwlink/?LinkId=81031.
Add Boot Images to the Windows Deployment Services Server The operating system images that Windows Deployment Services uses were created during the section, “Operating Systems,” in the MDT 2008 document, Workbench Imaging Guide. Place these images on the server running Windows Deployment Services so that Windows Deployment Services can use the images.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Windows Deployment Services Server
11
Windows Deployment Services supports the following types of images: •
Install images. Install images are operating system images that are installed to target computers, which boot to a Windows Deployment Services server. The type of install images MDT 2008 supports is: •
•
WIM format. WIM files contain one or more compressed Windows images. WIM files are file-based rather than sector-based, making it easier to update existing images. WIM files also use Single Instance Storage (SIS) technology, eliminating duplication of files within a WIM image.
Boot images. Boot images are Windows PE images that contain the Windows Deployment Services client and are used to present an initial boot menu when a client contacts a Windows Deployment Services server. The type of boot image MDT 2008 supports is: •
Setup images. This is the default image type when a boot image is exported from the Windows Deployment Services image store. When a client computer boots to a Setup image, Windows Setup is immediately invoked.
For more information about adding an install or boot image to the server running Windows Deployment Services, see the topic, “Add an Image,” in Windows Deployment Services Help, which is included in Windows Deployment Services.
Pre-stage Target Computers for Windows Deployment Services PXE client computers can be pre-staged in Active Directory® Domain Services (AD DS) domains. When target computers are pre-staged, the computer accounts exist in AD DS domains (also called known computers). Target computers that are not pre-staged do not have computer accounts in AD DS domains (also called unknown computers). Windows Deployment Services can be configured to respond to computers that are known or unknown. Depending on the Windows Deployment Services configuration, the target computers may need to be pre-staged. This authorizes Windows Deployment Services to deploy operating system images to the target computer. Note If Windows Deployment Services is configured to respond to any computer (known or unknown), pre-staging the target computers is not necessary. LTI will not use a pre-staged computer account when joining the domain. Instead, LTI will use the computer name and credentials configured in the task sequence or through the rules process.
To pre-stage the target computers for Windows Deployment Services 1792.Click Start, point to Administrative Tools, and then click Active Directory Users and Computers. 1793.In the console tree, right-click organizational_unit (where organizational_unit is the name of the organizational unit that will contain the target computer), point to New, and then click Computer. 1794.In the New Object – Computer dialog box, in the Computer name box, type computer_name (where computer_name is the name of the target computer), and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
1795.In the Managed dialog box, select the This is a managed computer check box. Then, in the Computer’s unique ID (GUID/UUID) box, type guid_uuid (where guid_uuid is the globally unique identifier/universally unique identifier [GUID/UUID] of the computer), and then click Next. Note For more information on locating the GUID for target computers, see the Microsoft TechNet document, “Locate the GUID for client computers,” at http://technet2.microsoft.com/WindowsServer/en/library/c2d81caf-dd93-4f4b-bc2d907c0413805c1033.mspx.
1796.In the Host server dialog box, click one of the following options, and then click Next: •
Any available remote installation server. Clicking this option specifies that this computer can be serviced by any RIS/Windows Deployment Services server.
•
The following remote installation server. Clicking this option designates a specific server to service the computer. Specify the fully qualified domain name (FQDN) of the server running Windows Deployment Services.
1797.In the New Object – Computer dialog box, review the information displayed, and then click Finish. 1798.Close all open windows.
Configuring MDT 2008 and Windows Deployment Services for Multicast Operation Multicast deployment of images by Windows Deployment Services allows multiple computers to receive a single copy of an image, which reduces the amount of network traffic required when multiple computers need to receive the same image. MDT 2008 supports multicast-based deployments on the following deployment point types: •
Lab or single-server deployment (Lab). In this scenario, MDT 2008 is installed on a computer running Windows Server 2008 with the Windows Deployment Services role.
•
Separate deployment share (Network). In this scenario, the computer hosting the Network deployment point is running Windows Server 2008 with the Windows Deployment Services role and MDT 2008 is installed on the same computer, MDT 2008 can automatically configure Windows Deployment Services. If the computer on which MDT 2008 is installed is running Windows Server 2003, then Windows Deployment Service must be configured manually.
Note This method cannot be used to allow multicast for boot images, as the multicast client is not loaded until after Windows PE is running.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Windows Deployment Services Server
13
Enabling Multicast Deployments on a Lab or Single-Server Deployment (Lab) Deployment Point In this scenario, MDT 2008 is installed on a computer running Windows Server 2008 with the Window Deployment Services server role. In this scenario, MDT 2008 can automatically configure Windows Deployment Services to support multicast deployments. To enable multicast deployments on a Lab or single-server deployment (Lab) deployment point 1799.Install Windows Server 2008 on the computer that is to be the deployment server. 1800.Install the Windows Deployment Services server role on the computer that is to be the deployment server. 1801.Install Window Automated Installation Kit (Windows AIK) version 1.1 on the computer that is to be the deployment server. 1802.Install MDT 2008 on the computer to be the deployment server. 1803.Start Deployment Workbench 1804.In the Deployment Workbench console tree, expand Deploy, and then click Deployment Points. 1805.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point for which multicast deployments will be enabled), and then click Properties. 1806.In the deployment_point Properties dialog box (where deployment_point is the name of the deployment point), on the General tab, select the Enable multicast for this deployment point check box, and then click OK. 1807.In the Actions pane, click Update. When completed, Deployment Workbench creates an Auto-Cast Windows Deployment Services multicast transmission from the deployment point.
Enabling Multicast Deployments on a Separate deployment share (Network) Deployment Point In this scenario, there are the following possibilities: •
MDT 2008, Windows Deployment Services, and Windows Server 2008 are all installed on the same computer. In this configuration, follow the same procedures as described in the section, “Enabling Multicast Deployments on a Lab or singleserver deployment (Lab) Deployment Point,” earlier in this guide.
•
Windows Deployment Services and Windows Server 2008 are all installed on the computer acting as the deployment server, but MDT 2008 is installed on another computer. In this configuration, remotely run the WDSUTIL command on the computer running Windows Deployment Services and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
To enable multicast deployments on a Supporting multicast deployments on a Separate deployment share (Network) Deployment Point when MDT 2008 is installed on a different computer 1808.Install Windows Server 2008 on the computer hosting the Separate deployment share (Network) deployment point. 1809.Install the Windows Deployment Services server role on the computer hosting the Separate deployment share (Network) deployment point. 1810.Install Windows AIK 1.1 on the deployment server. 1811.Install MDT 2008 on the deployment server. 1812.On the computer hosting the Separate deployment share (Network) deployment point, in a Command Prompt window, type the following command, and then press ENTER (where remote_server is the name of the computer running Windows Server 2008 with the Windows Deployment Services server role and deploy_point_path is the fully qualified path to the root of the deployment point). wdsutil.exe /new-namespace /friendlyname:"BDD Share Deploy$" /server:remote_server /namespace:"Deploy$" /contentprovider:WDS /configstring:"deploy_point_path" /namespacetype:AutoCast When completed, the WDSUTIL tool creates an Auto-Cast Windows Deployment Services multicast transmission from the deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Resour ce Access During deployment to the target computers, deployment scripts connect to the deployment point shares and shared folders. Create accounts for the scripts to use when accessing these resources. Table 11 provides the checklist for resource access tasks. Table 11. Resource Access Checklist High-level steps for resource access configuration q
Create additional shared folders.
q
Configure shared folder permissions.
q
Configure access to other resources.
Create Additional Shared Folders Before starting the deployment, create additional shared folders in which to store the user state migration data and the deployment logs. Table 12 lists the shared folders that must be created and describes the purpose of each. Table 12. Shared Folders and Their Descriptions Shared folder
Description
MigData
Stores the user state migration data during the deployment process.
Logs
Stores the deployment logs during the deployment process.
Note The files in Table 12 are recommended shared folder names. Use any name for these shared folders. However, the remainder of the deployment process refers to these shared folders by these names.
Configure Shared Folder Permissions After creating additional shared folders listed in Table 12, configure the appropriate shared folder permissions. Ensure that unauthorized users are unable to access user state migration information and the deployment logs. Only the target computer creating the user state migration information and the deployment logs should have access to these folders.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
To configure the shared folder permissions for the folders listed in Table 12, perform the following steps for each folder: 1813.In Windows Explorer, right-click SharedFolder (where SharedFolder is one of the shared folders listed in Table 12), and then click Properties. 1814.On the Security tab, click Advanced. 1815.On the Permissions tab, clear the Allow inheritable permissions from the parent to propagate to this object and all child objects check box. 1816.In the Security dialog box, click Remove. 1817.On the Permissions tab, click Add. 1818.In the Enter the object name to select box, type Domain Computers, and then click OK. This action allows domain computers to create subfolders. 1819.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Apply onto list, click This folder only. 1820.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Permissions list, click Allow for the Create Folders/Append Data permission, and then click OK. 1821.Repeat steps 6–9, substituting Authenticated Users for Domain Computers. 1822.On the Permissions tab, click Add. 1823.In the Enter the object name to select box, type CREATOR OWNER, and then click OK. This action allows domain computers and domain users to access the subfolders they create. 1824.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Apply onto list, click Subfolders and files only. 1825.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Permissions list, click Allow for the Full Control permission, and then click OK. 1826.Repeat steps 11–14 for each group that will receive Administrator privileges. The permissions set in these steps allow a target computer to connect to the appropriate share and create a new folder in which to store user state information or logs, respectively. The folder permissions prevent other users or computers from accessing the data stored in the folder.
Configure Access to Other Resources In addition to the shared folders just created, the MDT 2008 scripts might require access to other resources. The resources include application or database servers (such as Microsoft SQL Server® 2005, SQL Server 2000, or Microsoft Exchange Server 2003). Access is granted to the credentials specified in the: •
UserID, UserPassword, and UserDomain properties.
•
Windows Deployment Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Configuring the Appropriate Resource Access
17
Grant access to the following resources: •
MDT 2008 deployment point. Configure access to the deployment point created in Deployment Workbench.
•
Any resources accessed using the ZTIConnect.wsf script. Configure access to resources that are referenced using the ZTIConnect.wsf script. Note For further guidance on using the ZTIConnect.wsf script, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide.
•
Any resources on application or database servers. Configure access to applications or databases that are accessed through the SQLServer, SQLShare, and Database properties. Note Other connections to the same servers, such as Named Pipes and Remote Procedure Call (RPC), use the same credentials listed above. Use the ZTIConnect.wsf script to establish these connections.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Upd ating t he Dep lo yment Poin ts After the initial configuration, modifications to the images created may need to be made. These modifications might change configuration files (such as CustomSettings.ini) or add files to or remove them from images. After making these modifications to the images, update the deployment points that are used to deploy the images. To update the deployment points 1827.Make the necessary modifications to the images or support files. 1828.Start Deployment Workbench. 1829.In the Deployment Workbench console tree, expand Deploy, and then click Deployment Points. 1830.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to update), and then click Update. The Update Deploy Point dialog box appears and indicates the progress for updating the deployment point. The dialog box closes when the process is complete. 1831.Close all open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Running the W indo ws Depl oymen t W iza r d To initiate the deployment of Windows to target computers, run the Windows Deployment Wizard. Initiate the Windows Deployment Wizard manually or by using Windows Deployment Services. Each deployment scenario (Upgrade Computer, Replace Computer, New Computer, or Refresh Computer) uses a different process. Initiate the deployment from Windows Deployment Services, a network share, from local drives, or using a DVD. After initiating the Windows Deployment Wizard, the deployment process begins. The process prompts for any configuration settings that are not already specified. Depending on the deployment scenario selected and the configuration options specified in CustomSettings.ini, the Windows Deployment Wizard displays different wizard pages. The logic for displaying (or not displaying) a wizard page is noted for each wizard page in the following steps. To deploy the new operating system to the target computer using the Windows Deployment Wizard, complete the following steps (skip any wizard pages that are not displayed based on the deployment point type selected): 1832.Verify that the folders in Table 13 no longer exist on the target computer. The Windows Deployment Wizard creates and uses the folders listed in Table 13 during the deployment process. If a previous deployment was terminated because of an error, these folders might still exist on the target computer. If these folders are not removed, the process will continue from the point where the process terminated instead of starting from the beginning. Remove these folders, if they exist, before initiating a new deployment. These folders exist on os_drive (where os_drive is the drive where the operating system is installed). Table 13. Folders to Remove Before Initiating the Windows Deployment Wizard Folder
Description
os_drive:\MININT
This folder is preserved through the deployment process and contains deployment state information (such as user state migration information and log files).
os_drive:\_SMSTaskSequence
This folder contains state information specific to the Task Sequencer.
20
MSDN 2.0
1833.Initiate the Windows Deployment Wizard by connecting to the appropriate deployment point (for example, \\servername\Distribution$\Scripts) and typing cscript litetouch.vbs. This wizard appears when the conditions in Table 14 are met. Table 14. Welcome to the Windows Deployment Wizard Page Conditions Property
Condition
DeployRoot
Begins when X:\ or the DeployRoot property equals “”. (Typically, the Windows Deployment console automatically sets this value.)
1834.On the Welcome to the Windows Deployment Wizard page shown in Figure 1, type the Universal Naming Convention (UNC) path to the Distribution share for a local server based on the environment’s requirements, and then click Next. Use this wizard page to select deployment shares (called deployment points in Deployment Workbench) based on a site. Sites are logical groupings of one or more deployment points.
Figure 1. Windows Deployment Wizard welcome page
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
1835.On the Select a task sequence to execute on this computer page, shown in Figure 2, in The following task sequences are available section, click task_sequence (where task_sequence is the name of the task sequence to run). Note If a task sequence based on the Litetouch OEM Task Sequence template appears in the list, ensure that the deployment is being performed from a removable media (MEDIA) deployment point type. Although task sequences based on the Litetouch OEM Task Sequence template can be selected from other deployment point types, the task sequence will not finish successfully.
Figure 2. Selecting a task sequence Note
All supported operating systems could have task sequences listed.
1836.On the Specify the product key needed to install this operating system page (shown in Figure 3), in the Product key box, type product_key (where product_key is the product key to be assigned to the target computer), and then click Next (see Table 16). This wizard appears when the conditions in Table 15 are met. Table 15. Specify the Product Key Needed to Install This Operating System Page Conditions Property
Condition
SkipProductKey
Not equal to YES
DeploymentType
Not equal to REPLACE
ImageBuild
The first character in the property is less than 6 (which indicates a Windows Vista or Windows Server 2008 build).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
MSDN 2.0
Figure 3. Specifying a product key Table 16. Windows Vista and Windows Server 2008 Product Key Options Option
Select this option to
No product key is required Assign product keys to target computers using a Key Management Server (KMS) key. Activate the machine with a Multiple Activation Key (MAK)
Assign a Multiple Activation Key (MAK) to the target computer and activate the computer over the Internet. In the Multiple activation key box, type mak (where mak is the MAK to be assigned to the target computer).
Use a specific product key Assign a specific license key for installation or retail activation. In the Product_key box, type product_key (where product_key is the product key to be assigned to the target computer). 1837.On the Choose a migration type page, shown in Figure 4, click one of the options listed in Table 18 based on the environment’s requirements, and then click Next. This wizard appears when the conditions in Table 17 are met.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
23
Table 17. Choose a Migration Type Page Conditions Property
Condition
SkipDeploymentType
Not equal to YES
DeploymentType
Not equal to NEWCOMPUTER or REPLACE or CUSTOM
OSGUID
Not equal to blank Note This wizard page will appear if the selected task sequence is deploying an operating system.
Figure 4. Choosing a migration type
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
MSDN 2.0
Table 18. Migration Type Options Option
Select this option to
Refresh this computer
•
Optionally, save the existing user state migration data.
•
Deploy the desktop standard environment, including operating system and applications.
•
Restore user state migration data on the same computer.
Upgrade this computer
Upgrade the existing computer using the upgrade features supported by the new operating system. Note The upgrade process will fail on target computers that have users logged on using Remote Desktop sessions. Ensure that no users are connected to the target computer by Remote Desktop before initiating the Windows Deployment Wizard.
Note Although it is not a migration scenario, the New Computer scenario can be used to deploy the new operating system to a new computer.
1838.On the Configure the computer name page (shown in Figure 5), in the Computer name box, type computer_name (where computer_name is the computer name to assign to the target computer), and then click Next. This wizard appears when the conditions in Table 19 are met. Table 19. Configure the Computer Name Page Conditions Property
Condition
SkipComputerName
Not equal to YES
DeploymentType
Not equal to NEWCOMPUTER or REPLACE or CUSTOM
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
25
Figure 5. Naming the computer 1839.On the Join the computer to a domain or workgroup page (shown in Figure 6), click one of the options listed in Table 21 based on requirements, and then click Next. This wizard appears when the conditions in Table 20 are met. Table 20. Join the Computer to a Domain or Workgroup Page Conditions Property
Condition
PrePopulateDomainMembership Equal to TRUE SkipDomainMembership
Not equal to YES
DeploymentType
Not equal to REPLACE or UPGRADE
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
MSDN 2.0
Figure 6. Domain or workgroup membership Table 21. Specify Computer Membership Configuration For this option
Perform this task to
Join a domain
Join an existing AD DS domain: 1840.In the Domain box, type domain (where domain is the name of the domain to be joined). 1841.In the User Name box, type user_name (where user_name is the name of a user account that has sufficient permissions to create the computer account in the domain). 1842.In the Password box, type password (where password is the password for the user account specified in the User Name box). 1843.In the Domain box, type domain (where domain is the name of the domain where the user account specified in the User Name box is located). 1844.In the Organizational Unit box, type organizational_unit (where organizational_unit is the name of the organizational unit [OU] in the AD DS domain where the computer account will be created).
Join a workgroup
Join a Windows workgroup. In the Workgroup box, type workgroup (where workgroup is the name of the workgroup to join).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
27
9. On the Specify where to save your data and settings page (shown in Figure 7), click one of the options listed in Table 23 based on requirements, and then click Next. This wizard appears when the conditions in Table 22 are met. Table 22. Specify Where to Save Your Data and Settings Page Conditions Property
Condition
SkipUserData
Not equal to YES
DeploymentType
Not equal to NEWCOMPUTER or REPLACE or CUSTOM
Figure 7. User data settings storage
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
MSDN 2.0
Table 23. User State Backup Options Option
Select this option to
Automatically determine the location
•
Allow the MDT 2008 scripts and process rules to automatically determine the best location based on local available disk space on the target computer.
•
Optionally, select the Allow data and settings to be stored locally when possible check box to give preference to storing the data locally.
Specify a location
Save the user state migration data to a specific location. In the Location box, type location (where location is the fully qualified path to the locations for storing the user state migration data). Note
Do not save data and settings
Alternatively, click Browse to go to the location.
Discard any existing user state migration data or deploy a new computer with no existing data.
1845.On the Specify whether to restore user data page (shown in Figure 8), click one of the options listed in Table 25 based on requirements, and then click Next. This wizard appears when the conditions in Table 24 are met. Table 24. Specify Whether to Restore User Data Page Conditions Property
Condition
SkipUserData
Not equal to YES
DeploymentType
Equal to NEWCOMPUTER
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
29
Figure 8. Restoring user data Table 25. User State Restore Options Option
Select this option if
Do not restore user data and settings
The migration type is New Computer and there is no user state migration data to restore.
Specify a location
The migration type is Replace Computer. In the Location box, type location (where location is the fully qualified path to the location where the user state migration back files are stored).
1846.On the Specify where to save a complete computer backup page (shown in Figure 9), click one of the options listed in Table 27 based on requirements, and then click Next. This wizard appears when the conditions in Table 26 are met. Table 26. Specify Where to Save a Complete Computer Backup Page Conditions Property
Condition
SkipComputerBackup
Not equal to YES
DeploymentType
Equal to REFRESH
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
MSDN 2.0
Figure 9. Saving a computer backup Table 27. Computer Image Backup Options Option
Select this option to
Automatically determine the location
•
Allow the MDT 2008 scripts and process rules to automatically determine the best location based on local available disk space on the target computer.
•
Optionally, select the Allow data and settings to be stored locally when possible check box to give preference to storing the data locally.
Specify a location
Save the computer image backup to a specific location. In the Location box, type location (where location is the fully qualified path to the locations for storing the computer backup).
Do not back up the existing computer
Discard any existing data on the target computer or deploy a new computer with no existing data.
The Windows Deployment Wizard uses the ImageX utility to perform the backup. ImageX is not intended to be used as a part of the overall backup and disaster recovery process. Instead, ImageX is designed to create a backup of the target computer to assist in recovering user state migration information that might not have been captured correctly. Note Windows Complete PC Backup is a feature of Windows Vista only. MDT 2008 uses the ImageX utility during migration because it works on all platforms that MDT 2008 supports. Use the Windows Complete PC Backup for enhanced disaster recovery protection after migration is complete.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
31
1847.On the Specify the product key needed to install this operating system page (shown in Figure 10), in the Product key box, type product_key (where product_key is the product key to be assigned to the target computer), and then click Next. This wizard appears when the conditions in Table 28 are met. Table 28. Specify the Product Key Needed to Install This Operating System Page Conditions Property
Condition
SkipProductKey
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
Figure 10. Specifying a product key 1848.On the Packages page (shown in Figure 11), in the Packages box, click the language pack to be installed, and then click Next. This wizard appears when the conditions in Table 29 are met. Table 29. Packages Page Conditions Property
Condition
SkipPackageDisplay
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
ImageBuild
The first character in the property is equal to 6 (which indicates the Windows Vista build), and there are active packages to display to the user.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
MSDN 2.0
Figure 11. Packages page For Windows Vista Ultimate, Windows Vista Enterprise, and all editions of Windows Server 2008, more than one language can be selected. For all other versions, select only one language. Note In an Upgrade scenario, additional language packs can be included. However, if the languages are not already installed in the earlier version of Windows or Windows PE, some problems in displaying fonts might occur.
1849.On the Locale Selection page (shown in Figure 12), click one of the options listed in Table 31 based on requirements, and then click Next. This wizard appears when the conditions in Table 30 are met. Table 30. Locale Selection Page Conditions Property
Condition
SkipLocaleSelection
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
ImageBuild
The first character in the property is equal to 6 (which indicates the Windows Vista build).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
33
Figure 12. Locale Selection page Table 31. Locale Options In this box
Select
What is your Locale
The default locale for the target operating system.
Keyboard
Keyboard locale to be used with the target operating system.
1850.On the Set the Time Zone page (shown in Figure 13), click the time zone where the target computer is located, and then click Next. This wizard appears when the conditions in Table 32 are met. Table 32. Set the Time Zone Page Conditions Property
Condition
SkipTimeZone
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
MSDN 2.0
Figure 13. Setting the time zone 1851.On the Select one or more applications to install page (shown in Figure 14), select the appropriate applications to deploy, and then click Next. This wizard appears when the conditions in Table 33 are met. Table 33. Select One or More Applications to Install Page Conditions Property
Condition
DeploymentType
Not equal to REPLACE or UPGRADE
SkipAppsOnUpgrade
Not equal to YES
IsThereAtLeastOneApplicationPresent Greater than one SkipApplications
Solution Accelerators
Not equal to YES
microsoft.com/technet/SolutionAccelerators
Template User Instructions
35
Figure 14. Selecting application to install 1852.On the Administrator Password page (shown in Figure 15), in the Administrator Password and Please confirm Administrator Password boxes, type password (where password is the password for the local built-in Administrator account on the target computer), and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
MSDN 2.0
Figure 15. Setting the administrator password This wizard appears when the conditions in Table 34 are met. Table 34. Administrator Password Page Conditions Property
Condition
SkipAdminPassword
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
1853.On the Specify whether to capture an image page (shown in Figure 16), click one of the options listed in Table 36 based on requirements, and then click Next. This wizard appears when the conditions in Table 35 are met. Table 35. Specify Whether to Capture an Image Page Conditions Property
Condition
SkipCapture
Equal to NO
DeploymentType
Equal to NEWCOMPUTER
JoinDomain
Equal to “”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
37
Figure 16. Capturing an image Table 36. Image Capture Options Option
Select this option to
Capture an image of this reference computer
Run the System Preparation Tool (Sysprep), and then capture an image of the target computer. Then, store the image in the location specified. In the Location box, type location (where location is the fully qualified path to the location for storing the image of the target computer). In the File name box, type file_name (where file_name is the name of the image file).
Prepare to capture the machine
Copy the required Sysprep files to the target computer, but do not initiate Sysprep. Use this option when the Image Capture Wizard in the SMS 2003 OSD Feature Pack will be used.
Do not capture an image of this computer
Deploy the target operating system to the target computer without capturing a Sysprep image of the computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
MSDN 2.0
1854.On the Specify the BitLocker configuration page (shown in Figure 17), click one of the options listed in Table 38 based on requirements, and then click Next. This wizard appears when the conditions in Table 37 are met. Table 37. Specify the BitLocker Configuration Page Conditions Property
Condition
SkipBitLocker
Not equal to YES
DeploymentType
Equal to REPLACE or CUSTOM
DoCapture
Not equal to YES
ImageBuild
The first character in the property is equal to 6 (which indicates the Windows Vista build)
ImageFlags
Equal to ENTERPRISE or ULTIMATE
Figure 17. Windows BitLocker Drive Encryption configuration
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
39
Table 38. Windows BitLocker Drive Encryption Configuration Options Option
Select this option to
Do not enable BitLocker for this computer
Deploy the new operating system without activating Windows BitLocker™ Drive Encryption.
Enable BitLocker using TPM
Activate Windows BitLocker Drive Encryption and use Trusted Platform Module (TPM) version 1.2 or later. Then, select one of the following options for using TPM:
Enable BitLocker using only an external key Note
•
To use TPM only, click Enable BitLocker using TPM only.
•
To use TPM with a personal identification number (PIN), click Enable BitLocker using TPM and a PIN; and, in the PIN box, type pin (where pin is the BitLocker Drive Encryption PIN for the target computer).
•
To use TPM with a startup key, click Enable BitLocker using TPM and a startup key.
Enable BitLocker Drive Encryption, and use a randomly generated, 48-character external key.
The default setting for Windows BitLocker Drive Encryption is always enabled.
1855.Complete the Specify credentials for connecting to network shares page (shown in Figure 18) based on the information in Table 40, and then click Next. This wizard appears when the conditions in Table 39 are met. Table 39. Specify Credentials for Connecting to Network Shares Page Conditions Property
Condition
UserID_isDirty
Equal to TRUE
UserID
Equal to “”
DeploymentType
Not equal to REPLACE
DeploymentMethod
Not equal to MEDIA
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
MSDN 2.0
Figure 18. Specifying credentials These credentials are used to access network shared folders used during the deployment process. These shared folders include folders used to store user state migration data or image backups of the target computer. Table 40. Credentials Options Option
Type
User Name
user_name (where user_name is the user name of the account that has the appropriate permissions on the network shared folders used by the deployment scripts)
Domain
domain (where domain is the name of the domain where the user account, specified in the User Name box, is located)
Password
password (where password is the password for the user account specified in the User Name box)
1856.Review the information on the Ready to begin page (shown in Figure 19), and then click Begin. The Windows Deployment Wizard finishes, and deployment of the new operating system begins.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
41
Figure 19. Ready to begin page Note
To expand the details of this deployment, click Details.
Microsoft® Deployment Toolkit 2008 Troubleshooting Reference
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
MSDN 2.0
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference
xliii
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, ActiveX, BitLocker, SQL Server, Visual Basic, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion The deployment of operating systems and applications as well as the migration of user state can be a challenging endeavor even when an organization is equipped with appropriate tools and guidance. This reference, which is part of Microsoft® Deployment Toolkit (MDT) 2008, provides information on current known issues, possible workarounds for those issues, and brief troubleshooting guidance. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Kno wn Issues and Wor k-A r ounds This chapter describes known issues that may be encountered while using MDT 2008.
Deployment Workbench The following are possible solutions for issues that may arise with the Deployment Workbench.
Adding Custom Vista WIMs Problem: The following error might be displayed when trying to add a custom Windows Vista Windows Imaging Format (WIM) file to the Deployment Workbench: Error during wizard processing An unexpected error occurred while processing the wizard results. Collection was modified; enumeration operation may not execute. Possible Solution: This issue may be resolved by applying the update mentioned in Microsoft Knowledge Base article 941595 at http://support.microsoft.com/kb/941595.
Removing Operating Systems Problem: If the following steps are performed, a task sequence may become configured to reference an incorrect operating system: 1857.While working in the Operating Systems node of the Deployment Workbench, someone deletes an operating system that is referenced by one or more task sequences. 1858.Someone opens a task sequence that references the deleted operating system, and then clicks the Task Sequence tab. 1859.The Task Sequence Editor parses the TS.xml file and populates the task sequence tree view. If, while parsing the TS.xml file, the Task Sequence Editor cannot match the operating system specified in the Install Operating System task sequence step to one of the operating systems listed in the Operating Systems node of the Deployment Workbench, the Task Sequence Editor updates the Install Operating System task sequence step with the first operating system listed in the Operating Systems node. 1860.If OK or Apply is clicked, the TS.xml file is updated with the incorrect operating system reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
For example, two operating systems (Windows XP Professional with Service Pack 2 [SP2] and Windows Server 2003 Enterprise Edition SP2) are listed in the Operating Systems node. A task sequence, named ServerDeploy, has been configured to deploy Windows Server 2003 Enterprise Edition SP2. If the Windows Server 2003 Enterprise Edition SP2 operating system is deleted from the Operating Systems node and someone views the Task Sequence tab of the ServerDeploy task sequence, and then clicks OK or Apply, the ServerDeploy task sequence will now reference the Windows XP with SP2 operating system. Possible Solution: After removing an operating system from the Deployment Workbench, open each task sequence that referenced the operating system that was removed and assign an appropriate operating system to the Install Operating System task sequence step.
Windows Deployment Services Specific files must be copied to Program_files\Bin when adding images from Windows Deployment Services. Scenario 1. Copying from Windows Vista RTM source media: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
Scenario 2. Copying from Windows Server 2008 or Windows Vista SP1 source media: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
•
Wdstptc.dll
Note Program_files in the path listed above is a placeholder that points to the Program Files folder on the computer where MDT 2008 is installed. This is usually C:\Program Files\Microsoft Deployment Toolkit\Bin. Caution When copying the files, the Windows source directory or media that is used must match the platform of the operating system running on the computer where MDT 2008 is installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Unde r stand ing Logs Before effective troubleshooting of MDT 2008 can begin, a clear understanding is required of the many .log files used during an operating system deployment. When it is clear which .log files must be researched for what failure condition and at what time, certain issues that were once mysterious and difficult to understand may become clear and understandable. The MDT 2008 .log file format is designed to be read by Trace32, which is part of the Microsoft Systems Management Server 2003 Toolkit 2 (available for download from http://www.microsoft.com/downloads/details.aspx?FamilyID=61e4e21f-2652-42dd-a04db67f0573751d). This tool should be used whenever possible to read the .log files, because it makes finding errors much easier. The rest of this section details the .log files created during the deployment as well as during Windows Setup. This section also provides examples of when the files can be used for troubleshooting.
MDT 2008 Logs Each MDT 2008 script automatically creates .log files during its execution. The names of these .log files match the name of the script—for example, ZTIGather.wsf creates a .log file named ZTIGather.log. Each script also updates a common master .log file (BDD.log) that aggregates the contents of the .log files that MDT 2008 scripts create. MDT 2008 .log files reside in C:\MININT\SMSOSD\OSDLOGS during the deployment process. Depending on the type of deployment being conducted, the .log files are moved at the completion of the deployment to either %WINDIR%\SMSOSD or %WINDIR%\TEMP\SMSOSD. MDT 2008 creates the following .log files: •
BDD.log. This is the aggregated MDT 2008 .log file that is copied to a network location at the end of the deployment if the SLShare property is specified in the Customsettings.ini file.
•
DeployUpdates_Platform.log. This file is created when deployment points are updated or when updating Windows Preinstallation Environment (Windows PE). Platform represents the platform being updated—either x86 or x64. This .log file is useful when troubleshooting Windows PE driver-integration issues. It resides in the %TEMP% folder.
•
LiteTouch.log. This file is created during Lite Touch Installation (LTI) deployments. It resides in %WINDIR%\Temp\BDDLogs unless the /debug:true option is specified.
•
Scriptname.log. This file is created by each MDT 2008 script. Scriptname represents the name of the script in question.
•
SMSTS.log. This file is created by the Task Sequencer and describes all Task Sequencer transactions. Depending on the deployment scenario, it may reside in %TEMP%, %WINDIR%\System32\ccm\logs, C:\_SMSTaskSequence, or C:\SMSTSLog.
•
Wizard.log. The deployment wizards create and update this file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Understanding Logs
5
•
WPEinit.log. This file is created during the Windows PE initialization process. This .log file is useful for troubleshooting errors encountered while starting Windows PE.
•
ZeroTouchInstallation.log. This file is created during Zero Touch Installation (ZTI) deployments. It may reside in C:\Temp\SMSOSD or C:\SMSOSD unless the C:\MININT\Archive_OSD.SMS file is found.
Operating System Logs Review several Windows Setup .log files during troubleshooting activities.
Windows Vista The following list is a subset of the Windows Setup .log files that are most useful for troubleshooting deployment issues. For more detailed information about Windows Vista Setup .log files, see the Microsoft Help and Support article, “Windows Vista setup log file locations,” at http://support.microsoft.com/kb/927521. •
Netsetup.log. Resides in %WINDIR%\Debug; useful when troubleshooting domain join issues.
•
Setupact.log. Resides in %WINDIR%\panther; lists installation actions and is useful when investigating failed installations.
•
Setupapi.dev.log. Resides in %WINDIR%\inf; useful when investigating failed driver installations.
•
Setuperr.log. Resides in %WINDIR%\panther; details errors that occurred during installation.
Windows XP The following .log files, located in %WINDIR%, are the most useful when troubleshooting Windows XP with SP2: •
Netsetup.log. Resides in %WINDIR%\Debug; useful when troubleshooting domain join issues.
•
Setupact.log. Lists installation actions; useful when investigating failed installations.
•
Setupapi.log. Contains information about hardware detection during the installation; useful for investigating failed driver installations.
•
Setuperr.txt. Contains information about Setup errors during the installation.
•
Setuperr.log. Details errors that occurred during installation.
•
Setuplog.txt. Contains information about Setup actions during the installation.
System Center Configuration Manager Operating System Deployment Logs For information about what operating system deployment .log files Microsoft System Center Configuration Manager 2007 creates, see Log Files for Operating System Deployment at http://technet.microsoft.com/en-us/library/bb932135.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
SMS 2003 OSD Feature Pack Logs The following .log files, located in the C:\Minint\SMSOSD\OSDLOGS folder, are created during the deployment phases of the Systems Management Server (SMS) Operating System Deployment (OSD) Feature Pack. After the .log file name is the information contained in the file: •
IDUser.log. Provides information about user notifications.
•
IDUserNotification.log. Provides information about user notifications.
•
MachineState.log. Contains computer state migration information (computer name, IP address, registered owner, and organization).
•
OSDAgent.log. The primary .log file; the first place to look to determine which step failed.
•
OSDBootstrap.log. Contains errors if the Advanced Client Network Access account is not configured correctly.
•
OSDEnv.log. Details which SMS 2003 OSD Feature Pack environment variables are set.
•
OSDInstallWIM.log. Details image-installation options.
•
OSDInstallWizard.log. Details startup operations.
•
OSDLaunch.log. Contains errors if the Advanced Client Network Access account is not configured correctly.
•
OSDShell.log. Details the start of the OSD Install Wizard.
•
OSDSWDProgramExec.log. Details the running of the Run SWD Program actions.
•
OSDUsmtLoadstate.log. Details USMT Restore operations.
•
OSDUsmtScanstate.log. Details USMT Capture operations.
•
ScanState.log. Details USMT Scanstate information.
•
SMSCMT.log. Details Systems Management Server client migration information such as site code and client globally unique identifiers (GUIDs).
•
WinPEInstall.log. Details Windows PE installation information.
Note The C:\Minint folder is lost during the disk partitioning process. To troubleshoot issues that occur before this point, disable the disk partitioning task in the Task Sequencer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Understanding Logs
7
User State Migration Tool Logs When executing Windows User State Migration Tool (USMT) operations, MDT 2008 automatically adds the logging options to save the USMT .log files to the MDT 2008 .log file locations. The log files and when they are created are as follows: •
USMTEstimate.log. Created when estimating the USMT requirements.
•
USMTCapture.log. Created by the USMT when capturing data.
•
USMTRestore.log. Created by the USMT when restoring data.
The ZeroTouchInstallation.vbs script automatically scans the USMT progress .log files for errors and warnings. During this process, the script writes each error and warning to the ZeroTouchInstallation.log file. (The script writes at least the first 100 errors and warnings while ignoring Failed to locate the file object warnings, because these are too common.) In addition, the script generates event ID 41010 to Microsoft System Center Operations Manager 2007 with the following summary (where is ESTIMATE, SCANSTATE, or LOADSTATE; <ErrorCount> is the total number of errors found; and <WarningCount> is the total number of warnings found): ZTI USMT reported <ErrorCount> errors and <WarningCount> warnings If the error count is greater than 0, this event is an Error type. If the warning count is greater than 0 with no errors, then the event is a Warning type. Otherwise, the event is an Informational type.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Iden ti fyi ng Er r or Codes Table 1 lists the error codes that ZeroTouchInstallation.vbs returns as well as a description of each error code. These return codes are recorded in the SMS 2003 OSD Feature Pack .log file (OSDAgent.log), which is stored in one of the following locations: •
If the %TEMP% environment variable is set for the LocalSystem or default user profile, the SMS 2003 OSD Feature Pack .log file is stored in the %WINDIR%\TEMP\SMSOSD folder.
•
Otherwise, the SMS 2003 OSD Feature Pack .log file is stored in the %WINDIR%\SMSOSD folder.
Table 1. ZeroTouchInstallation.vbs Error Codes and Their Description Error code
Description
5000
Windows Script Host (WSH) is not installed.
5001
The version of WSH is prior to version 5.6.
5002
The script was unable to create the WScript.Shell object. This code indicates that WSH is operating improperly and must be reinstalled.
5003
The script was unable to create the WScript.Network object. This code indicates that WSH is operating improperly and must be reinstalled.
5004
The script was unable to create the Scripting.FileSystemObject object. This code indicates that WSH is operating improperly and must be reinstalled.
5005
The script was unable to initialize the WshShell.Environment object. This code indicates that WSH is operating improperly and must be reinstalled.
5006
The script was unable to create the MSXML2.DOMDocument object. This code indicates the Microsoft XML Parser (Microsoft XML Core Services [MSXML]) version 3.0 is operating improperly and must be reinstalled.
Listing 1 provides an excerpt from an SMS 2003 OSD Feature Pack .log file that illustrates how to find the error code in OSDAgent.log. In this excerpt, the error code reported is 5001. Listing 1. Excerpt from an OSDAgent.log File That Contains Error Code 5001 . . .
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Identifying Error Codes
9
component="OSDAgent" context="" type="3" thread="856" file="actionengine.cpp:1567"> . . .
Converting Error Codes Many error codes presented in the .log files seem cryptic and difficult to correlate to an actual error condition. However, the following process demonstrates how to convert an error code and obtain meaningful information that may assist in problem resolution. Problem: An image capture fails with error code 0x80070040. Possible Solution 1: The error code presented is in hexadecimal format that needs to be converted to decimal format. To do this, a scientific calculator is required. The calculator included with Windows operating systems is well suited for this task. Start the Windows Calculator, place it in scientific mode, click the Hex option, and then enter the last four digits of the code, in this case 0040 as shown in Figure 1. Notice in this example that leading zeros are not displayed while the calculator is in Hexadecimal mode.
Figure 1. Error conversion Next, click the Dec option. The hexadecimal value of 40 is converted to a decimal value of 64.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Finally, start the Windows Command Processor, type NET HELPMSG 64, and press ENTER. The NET HELPMSG command translates the numerical error code into meaningful text. In the case of the error code provided here, it is translated to “The specified network name is no longer available.” This information indicates that a networking problem may exist on the target computer or between the target computer and the server where the deployment point is located. These problems might include network drivers’ not being installed properly or a mismatch in speed and duplex settings. Possible Solution 2: The Microsoft Exchange Server Error Code Look-Up utility is a command-line utility that is valuable in assisting with error code translation. It can be downloaded from http://www.microsoft.com/downloads/details.aspx?familyid=be5968997bb8-4208-b7fc-09e02a13696c.
Review of Sample Logs Failure to Access the Database Problem: An error occurs while executing a deployment that used a CustomSettings.ini file containing numerous sections and specifying, via the Priority property, the priority of each section to be processed. BDD.log contains the following error messages: •
ERROR - Opening Record Set (Error Number = -2147217911) (Error Description: The SELECT permission was denied on the object 'ComputerAdministrators', database 'AdminDB', schema 'dbo'.)
•
ADO error: The SELECT permission was denied on the object 'ComputerAdministrators', database 'AdminDB', schema 'dbo'. (Error #2147217911; Source: Microsoft OLE DB Provider for SQL Server; SQL State: 42000; NativeError: 229
•
ERROR - Unhandled error returned by ZTIGather: Object required (424)
Note For clarity, the .log file contents above have been represented as they appear while being viewed using the Trace32 program.
Possible Solution: The issue, as pointed out on the first line of the .log file sample, is that permission to access the database was denied. Therefore, the script cannot establish a secure connection to the database, because OSDConnectToUNC.exe is not available, nor are a user ID and password available. As a result, the database access was attempted using the computer account. The easiest way to work around this issue is to grant everyone Read access to the database.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Tr oubleshoot ing Prior to embarking on in-depth troubleshooting processes, first verify that the following items have been reviewed and that any associated requirements have been met: •
Installation issues can result if all software and hardware prerequisites have not been met. For these requirements, see the section, “System Requirements,” in the MDT 2008 document, Getting Started Guide.
•
MDT 2008 uses the tools from the Windows XP Deploy.cab file as part of the LTI process. This process uses the System Preparation Tool (Sysprep) to properly prepare the Windows XP master image before capturing the operating system in a WIM file. The Deploy.cab file must be copied into the DistributionShare\Tools\platform folder, where DistributionShare is the name of the share and platform is the name of the platform folder. MDT 2008 will find the Deploy.cab file and extract the necessary files.
Application Installation Blocked Executables Problem: If installation source files are downloaded from the Internet, it is likely that they will be marked with one or more NTFS file system data streams. For more information about NTFS data streams, see File Streams at http://msdn2.microsoft.com/enus/library/aa364404(VS.85).aspx. The existence of NTFS file system data streams might cause an Open File – Security Warning prompt to be displayed. The installation will not proceed until Run is selected on the prompt. As Figure 2 shows, NTFS file system data streams are viewable using the More command and the Streams utility, downloadable from http://technet.microsoft.com/enus/sysinternals/bb897440.aspx.
Figure 2. NTFS data streams Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Possible Solution 1: Right-click the installation source file, select Properties, click the Unblock button, and finally, click OK. This will remove the NTFS file system data streams from the file. This process must be repeated for each installation source file that is blocked by the existence of one or more NTFS file system data streams. Possible Solution 2: Use the Streams utility, as Figure 2 shows, to remove the NTFS file system data streams from the installation source file. The Streams utility is able to remove NTFS file system data streams from one or more files or folders at once.
Lost Network Connections Problem: An installation may fail if it installs device drivers or alters device and network configurations. These changes may result in a lapse in network connectivity which will cause the installation to fail. Possible Solution: Implement the ZTICacheUtil.vbs script to enable download and execute for the installation. This script is designed to tweak the advertisement to enable download and execute. The download uses Background Intelligent Transfer Service (BITS) if the Systems Management Server distribution point (DP) is Web-based Distributed Authoring and Versioning (WebDAV) and BITS-enabled. At the same time, it also modifies the Systems Management Server program to run the ZTICache.vbs script first, which makes sure the program doesn’t delete itself during the deployment process.
The 2007 Microsoft Office System Problem: While deploying the 2007 Microsoft Office system and including an .msp file, the installation may fail with error code 30029. Further investigation in the ZTIApplications.log shows the following messages: •
About to run command: \\Server\Distribution$\Tools\X86\bddrun.exe \\Server\Share\Microsoft\Office\2007\Professional\setup.exe /adminfile \\Server\Share\Microsoft\Office\2007\Professional\file.msp
•
ZTI Heartbeat: command has been running for 12 minutes (process ID 1600) Return code from command = 30029
•
Application Microsoft Office 2007 Professional returned an unexpected return code: 30029
Possible Solution 1: Relocate the .msp file to the Updates directory and run setup.exe without specifying the /adminfile option. For more information about deploying updates during the installation, see “Setup sequence of events in the 2007 Office system” at http://technet2.microsoft.com/Office/en-us/library/97bf0177-9438-4584-b86fe608fc995d971033.mspx and “Deploying the 2007 Office system” at http://technet2.microsoft.com/Office/en-us/library/78ad4dd8-f15e-41a9-8bf192cfeaac47801033.mspx. Possible Solution 2: Verify the .msp file does not have the Suppress modal box selected. For more information about configuring this setting, see the guide, Overview of 2007 Office System Deployment, at http://technet.microsoft.com/enus/library/bb490141.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
13
BIOS Problem: While deploying to a target computer that is equipped with Intel vPro technology, the deployment may end with a stop error. Even though all updated drivers have been included as out-of-box drivers in the Deployment Workbench, the target computer does not start. Possible Solution: Review the settings in the target computer’s basic input/output system (BIOS) and determine if the default Serial Advanced Technology Attachment (SATA) mode is configured as Advanced Host Controller Interface (AHCI). Unfortunately, certain Windows operating systems do not support AHCI by default.
Database Problems Named Pipe Connections Problem: During the MDT 2008 deployment process, information can be retrieved from Microsoft SQL Server® databases. However, errors might be generated that relate to broken SQL Server connections. These can be caused by not enabling named pipe connections in SQL Server 2005 or SQL Server 2000. Possible Solution: To resolve these problems, enable named pipes in SQL Server. Also, specify the SQLShare property, because it is required when making a connection to an external database using named pipes. When connecting using named pipes, use integrated security to make the connection to the database. In the case of LTI deployments, the user account that an administrator specifies makes the connection to the database. For Zero Touch Installation (ZTI) deployments that use the SMS 2003 OSD Feature Pack or System Center Configuration Manager the network access account connects to the database. Because Windows Preinstallation Environment (Windows PE) has no security context by default, a network connection must be made to the database server to establish a security context for the user who will be making the connection. The network share that the SQLShare property specifies provides administrators a means to connect to the server to gain a proper security context. Administrators must have Read access to the share. When the connection is made, the named pipe connection to the database can then be established. The SQLShare property is not needed and should not be used when making a TCP/IP connection to the database.
Enable Named Pipe Connections in SQL Server 2005 To enable named pipe connections in SQL Server 2005, complete the following steps: 1861.On the computer running SQL Server 2005 that hosts the database to be queried, click Start, and then point to All Programs. Point to Microsoft SQL Server 2005, point to Configuration Tools, and then click SQL Server Surface Area Configuration. 1862.In the SQL Server 2005 Surface Area Configuration dialog box, click Surface Area Configuration for Services and Connections. 1863.In the Surface Area Configuration for Services and Connections – server_name dialog box (where server_name is the name of the computer running SQL Server 2005), in Select a component and then configure its services and connections, expand MSSQLSERVER, expand Database Engine, and then click Remote Connections. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1864.Click Local and remote connections, click Using both TCP/IP and named pipes, and then click Apply. 1865.In the Surface Area Configuration for Services and Connections – server_name dialog box (where server_name is the name of the computer running SQL Server 2005), in Select a component and then configure its services and connections, expand MSSQLSERVER, expand Database Engine, and then click Service. 1866.Click Stop. The MSSQLSERVER service stops. 1867.Click Start. The MSSQLSERVER service starts. 1868.Click OK. 1869.Close SQL Server 2005 Surface Area Configuration. For additional information, see the Microsoft Help and Support article, “How to configure SQL Server 2005 to allow remote connections,” at http://support.microsoft.com/kb/914277.
Enable Named Pipe Connections in SQL Server 2000 To enable named pipe connections in SQL Server 2000, complete the following steps: 1870.On the computer running SQL Server 2000 that hosts the database being queried, click Start, and then point to All Programs. Point to Microsoft SQL Server, and then click Server Network Utility. 1871.In the SQL Server Network Utility dialog box, on the General tab, ensure that Named Pipes is in the Enabled protocols list. If Named Pipes is in the Disabled protocols list, click Named Pipes, click Enable, and then click OK. 1872.Click Start, and then point to All Programs. Point to Microsoft SQL Server, and then click SQL Server Service Manager. 1873.In the SQL Server Service Manager dialog box, in Services, select SQL Server, and then click Stop. 1874.In the SQL Server Service Manager dialog box, click Start. 1875.Close SQL Server Service Manager.
Deployment Scripts Credentials_script Problem: During the last startup of a newly deployed computer, the user is prompted to provide user credentials and may receive error 0x80070035, which indicates the network path was not found. Possible Solution: Be sure that the WIM file does not include a MININT or _SMSTaskSequence folder. To delete these folders, first use the ImageX utility to mount the WIM file, and then delete the folders.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
15
Note If an Access Denied error occurs when attempting to delete the folders from the WIM file, start the Windows Command Interpreter, switch to the root of the image contained in the WIM file, and run RD MININT and RD _SMSTaskSequence.
ZTIWindowsUpdate Problem: If the ZTIWindowsUpdate.wsf script is implemented to apply software updates during deployment, note that this script may communicate directly with the Microsoft Update (MU) Web site to download and install the required Windows Update Agent binaries, scan for applicable software updates, download the binaries for the applicable software updates, and then install the downloaded binaries. This process requires that the organization’s networking infrastructure be configured to allow the target computer to gain access to the MU Web site. If the deployment share does not contain the Windows Update Agent installation files and the target computer does not have appropriate Internet access, the following error is reported in the ZTIWindowsUpdate.log and BDD.log files: “wuredist.cab not found.” Possible Solution: Follow the steps outlined in “ZTIWindowsUpdate.wsf”, located in the Scripts section of the Toolkit Reference.
Deployment Wizard Wizard Pages Are Not Skipped Problem: A wizard page is displayed even though the Deployment Workbench database or CustomSettings.ini file specify that the wizard should be skipped Possible Solution: To properly skip a wizard page, all properties that would be specified on that wizard page must be included, where appropriate, in the Deployment Workbench database or CustomSettings.ini file with appropriate values. If any property is not properly configured for a skipped wizard page, that page will be shown. For more information about what properties are required to ensure a wizard page is skipped, see “Providing Properties for Skipped Windows Deployment Wizard Pages” in the MDT 2008 document, Toolkit Reference.
Disks and Partitioning The sections that follow describe methods for resolving BitLocker™ Drive Encryption– related problems and disk partitioning errors.
BitLocker Drive Encryption Using MDT 2008 LTI deployment to deploy BitLocker Drive Encryption requires specific configuration for proper deployment. The following potential problems may be related to the configuration of the target computer: •
USB devices, CD drives, DVD drives, or other removable media devices on the target computer that appear as multiple drive letters.
•
Shrinking drive C on the target computer to provide sufficient unallocated disk space.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Devices Appear as Multiple Drive Letters Problem: Some devices can appear as multiple logical drive letters, depending on how they are partitioned. In some cases, they can emulate a 1.44-megabyte (MB) floppy disk drive and a memory storage drive. Therefore, the same device may be assigned drive letters A and B for floppy disk emulation and F for the memory storage drive. By default, MDT 2008 scripts use the lowest drive letter (in this example, A). Possible Solution: Override the default setting on the Specify the BitLocker recovery details page in the Windows Deployment Wizard. The Windows Deployment Wizard summary page displays a warning to inform the user which drive letter was selected to store BitLocker Drive Encryption recovery information. In addition, the BDD.log and ZTIBDE.log files record the removable media devices detected and which device was selected to store the BitLocker Drive Encryption recovery information.
Problems with Shrinking Disks Problem: Not enough unallocated disk space exists on the target computer to enable BitLocker Drive Encryption. To deploy BitLocker Drive Encryption on a target computer, at least 2 gigabytes (GB) of unallocated disk space is required to create the system volume. The system volume is the volume that contains the hardware-specific files needed to load Windows computers after the BIOS has booted the platform. Possible Solution 1: On existing computers, shrink drive C so that the system volume can be created. Use the Diskpart tool to shrink drive C. In some instances, though, the Diskpart tool may not be able to shrink drive C sufficiently to provide 2 GB of unallocated disk space. This may be caused by fragmented disk space within drive C. One possible solution to this problem is to defragment drive C. To do so, complete the following steps: 1876.Run the Diskpart shrink querymax command to identify the maximum amount of disk space that can be unallocated. 1877.If the value returned in step 1 is less than 2 GB, clean drive C of any unnecessary files and defragment it. 1878.Run the Diskpart shrink querymax command again to verify that more than 2 GB of disk space can be unallocated. 1879.If the value returned in step 3 is still less than 2 GB, perform one of the following tasks: •
Defragment drive C multiple times to ensure that it is fully optimized.
•
Back up the data on drive C, delete the existing partition, create a new partition, and then restore the data to the new partition. Possible Solution 2: The ZTIBDE.wsf script runs the Disk Preparation Tool (bdehdcfg.exe) and configures the system volume partition size to 2 GB by default. It is possible to customize the ZTIBDE.wsf script to change the default, if necessary. However, modifying the MDT 2008 scripts is not recommended.
Disk Partitioning Errors Problem: When LTI is used to deploy Windows XP on some hardware, the machine halts with a stop error or stops responding while loading Mup.sys after the computer attempts to start into mini-setup. This problem occurs because Windows Vista and Windows PE version 2.0 create disk partitions differently than Windows XP does. This problem occurs only on computers that use certain BIOS firmware. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
17
Possible Solution 1: See the Microsoft Help and Support article, “You cannot install Windows XP successfully after you use Windows Vista or Windows PE 2.0 to create partitions on a hard disk,” at http://support.microsoft.com/kb/931760/en-us, which describes the problem and provides an update for Windows XP that can serve as a workaround for the issue. This problem can also occur because of a hardware abstraction layer (HAL) mismatch between the source computer and the destination computer or may be the result of a missing mass storage driver. Possible Solution 2: Add data and values to the registry of Windows PE version 2.0. These settings change how Windows PE partitions and formats the hard disk before the Windows XP image is applied. Add the following settings to the Windows PE registry to work around the issue: [HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\VDS\ALIGNME NT] "LessThan4GB"=dword:00000000 "Between4_8GB"=dword:00000000 "Between8_32GB"=dword:00000000 "GreaterThan32GB"=dword:00000000 Possible Solution 3: Perform a simple change to the DistributionShare\Scripts\ZTIDiskpart.txt file (where DistributionShare is the name of the appropriate distribution share) that MDT 2008 uses. If the file is changed as follows, Windows PE partitions the drive in such a manner that there is no need for either of the above steps: •
Original ZTIDiskpart.txt file: select disk 0 clean create partition primary assign letter=c: active exit
•
Modified ZTIDiskpart.txt file: select disk 0 clean create partition primary align=16065 assign letter=c: active exit The align=16065 command solves the issue described in the Microsoft Help and Support article referenced above, because it does not create the partition in the area that the BIOS bug associated with some computer systems overrides but rather reduces the disk space by approximately 2 MB.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Driver Installation To ensure the best possible user experience, installation of both hardware device and software driver should run as seamlessly as possible, with little or no user intervention. Microsoft provides tools and guidelines to help create installation packages that meet this goal. For general information about driver installation, see Driver Lifecycle at http://www.microsoft.com/whdc/driver/install/default.mspx.
Troubleshooting Device Installation with SetupAPI.log The “Troubleshooting Device Installation with the SetupAPI Log File” white paper that is downloadable from http://www.microsoft.com/whdc/driver/install/setupapilog.mspx provides information about debugging device installation for Windows XP and later versions of the operating system. Specifically, the paper provides guidelines for driver developers and testers to interpret the SetupAPI .log file. Windows XP and later versions log system operations more extensively than previous versions of Windows do. One of the most useful .log files for debugging is the SetupAPI .log file (Setupapi.log). This plain-text file maintains the information that SetupAPI records about device installation, service pack installation, and update installation. Specifically, the file maintains a record of device and driver changes, as well as major system changes, beginning from the most recent Windows installation. This paper focuses on using the SetupAPI .log file to troubleshoot device installation; the paper does not describe the log-file sections that are associated with service pack and update installations. Included in this white paper: •
“How Is the SetupAPI Log File Organized?”
•
“Windows Installation Header Section”
•
“Device-Setup Class Installation Sections”
•
“Driver-Installation Sections”
•
“Device-Removal Sections”
•
“Common Device-Installation Problems”
•
“Appendix A: Setting the SetupAPI Logging Level”
•
“Appendix B: Message Formats”
•
“Appendix C: Section Markers”
•
“Appendix D: Definition of Example Placeholders”
•
“Call to Action and Resources”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
19
Logon Security Banners Problem: MDT 2008 task sequences are processed during an interactive user session. This requires that the target computer be allowed to log on automatically using a specified administrative account. If a Group Policy Object (GPO) is in place that enforces a logon security banner, this automatic logon will not be allowed to process because the security banner halts the logon process while it waits for a user to accept the stated policy. Possible Solution: Be sure that the GPO is applied to specific organizational units (OUs) and not included in the default domain GPO. When computers are added to the domain, specify that they should be added to an OU that is not affected by a GPO that enforces a logon security banner. In the Task Sequence Editor, include as one of the last task sequence steps, a script that relocates the computer account to the desired OU. Note If reusing existing Active Directory® Domain Services (AD DS) accounts, ensure, prior to deploying to the target computer, that the target computer’s account has been relocated to an OU that is not affected by the GPO that enforces the security logon banner.
New Computer Deployments The following sections describe issues related to failed new computer deployments.
Failure to Copy .Log Files to Shared Folders Problem: When using the New Computer or Replace Computer deployment scenarios, a warning message may appear similar to the following, even though the specified share does exist: Warning - Unable to copy local logfile (C:\MININT\SMSOSD\OSDLOGS\ZeroTouchInstallation.log) because \\servername\Logs does not exist. Possible Solution: This message can occur because the SMS 2003 OSD Feature Pack may not have the appropriate credentials to access the \\servername\Logs folder when the \\servername\Logs folder resides on a server other than the distribution point. For more information on providing the appropriate credentials for the different deployment phases, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts.
PXE Boot In brief, the Pre-Boot Execution Environment (PXE) protocol operates as follows: The client computer initiates the protocol by broadcasting a Dynamic Host Configuration Protocol (DHCP) Discover packet containing an extension that identifies the request as coming from a client computer that implements the PXE protocol. Assuming that a boot server implementing this extended protocol is available, the boot server sends an offer containing the IP address of the server that will service the client. The client uses Trivial File Transfer Protocol (TFTP) to download the executable file from the boot server. Finally, the client computer initiates execution of the downloaded image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
The initial phase of this protocol piggybacks on a subset of the DHCP messages to enable the client to discover a boot server (that is, a server that delivers executable files for new computer setup). The client computer may use the opportunity to obtain an IP address (which is the expected behavior) but is not required to do so. The second phase of this protocol takes place between the client computer and a boot server and uses the DHCP message format as a convenient format for communication. This second phase of the protocol is otherwise unrelated to the standard DHCP services. The next few pages outline the step-by-step process during PXE client computer initialization. For more information on troubleshooting PXE boot-related issues in Windows Deployment Services running in Legacy or Mixed mode, see the Microsoft Help and Support article, “Description of PXE Interaction Among PXE Client, DHCP, and RIS Server,” at http://support.microsoft.com/kb/244036.
Disable Windows PE Logging on the Windows Deployment Services Server The first procedure recommended is to make sure that logging to setupapi.log has been disabled. To do so, follow the instructions in the section, “Disable Windows PE Logging on the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for Microsoft Systems Management Server 2003.
Ensure the Proper DHCP Configuration Depending on the router models in use, the specific router configuration of DHCP broadcast forwarding may be supported to either a subnet (or router interface) or a specific host. If the DHCP servers and Windows Deployment Services servers are separate computers, ensure that the routers that forward DHCP broadcasts are designed so that both the DHCP and Windows Deployment Services servers receive the client broadcasts; otherwise, the client computer does not receive a reply to its remote boot request. Is there a router between the client computer and the remote installation server that is not allowing the DHCP-based requests or responses through? When the Windows Deployment Services client computer and the Windows Deployment Services server are on separate subnets, the router between the two systems must be configured to forward DHCP packets to the Windows Deployment Services server. This arrangement is necessary, because Windows Deployment Services client computers discover a Windows Deployment Services server by using a DHCP broadcast message. Without DHCP forwarding set up on a router, the client computers’ DHCP broadcasts do not reach the Windows Deployment Services server. This DHCP forwarding process is sometimes referred to as DHCP Proxy or IP Helper Address in router configuration manuals. Refer to the router instructions for more information about setting up DHCP forwarding on a specific router.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
21
Improve PXE IP Address Assignment Response Time Check the following elements if it is taking a long time (15–20 seconds) for the PXE client computer to get an IP address: •
Are the network adapter on the target computer and the switch or router set to the same speed (automatic, duplex, full, and so on)?
•
Is the IP address for the Windows Deployment Services server in the IP Helper file on the router through which the connection is made? If the list of IP addresses in the IP Helper file is long, can the address for the Windows Deployment Services server be moved near the top?
•
Be sure that Setupapi.log is disabled as described in the section, “Disable Windows PE Logging on the Windows Deployment Services Server,” in Preparing for Microsoft Systems Management Server 2003.
Printers Problem: Even though USMT is able to capture data stored in the registry at HKEY_CURRENT_USER\Printers, it does not migrate TCP/IP based printers. Possible Solution: Include task sequence steps that use the Microsoft Windows Server 2003 Print Migrator 3.1 utility to capture and restore printer configurations. The utility is downloadable from http://www.microsoft.com/WindowsServer2003/techinfo/overview/printmigrator3.1.mspx.
Restarting the Deployment Process Problem: While testing and troubleshooting a new or modified task sequence, it may be necessary to restart the target computer so that the deployment process can start over from the beginning. Unexpected results may occur because MDT 2008 keeps track of its progress by writing data to the hard disk and any restart of the target computer has MDT 2008 resume where it left off at the previous restart. Possible Solution: To allow the deployment process to restart from the beginning, it is necessary, prior to restarting the target computer, to delete the C:\MININT and C:\_SMSTaskSequence folders.
Sysprep Joining a Domain Problem: The target computer is not joined to the domain. Possible Solution 1: If the Sysprep.inf file contains both JoinDomain and JoinWorkgroup entries, the first one encountered takes precedence. Possible Solution 2: Verify that the specified credentials have sufficient rights to join computers to the domain.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
The Computer Account Is In the Wrong OU Problem: The target computer is properly joined to the domain, but the computer account is in the wrong OU. Possible Solution 1: If an account pre-exists for the target computer, the account will remain in its original OU. To move the account to the specified OU, add an additional task sequence step that uses an automation tool, such as a Microsoft Visual Basic® Scripting Edition (VBScript), to move the account. Possible Solution 2: Verify that the specified OU is in the correct format and that it exists. The correct OU format should be OU=Reception,OU=NYC,DC=Woodgrovebank,DC=com
Execution Limit Problem: The following Windows product activation error message is displayed after a master computer has had Sysprep run three times. Error 0x80040605 Re-arming Sysprep is limited to being run three times on an installed operating system. You cannot run Sysprep a fourth time. Note
This limitation does not affect volume licensed media.
Possible Solution 1: Never run Sysprep on the master image. Capture an image of the computer prior to running Sysprep. When the image requires updating, restore the master image, make any required changes, and recapture prior to running Sysprep. Possible Solution 2: When running Sysprep, use the –activated option to avoid resetting activations. For more information, see the Microsoft Help and Support article, “‘Error 0x80040605 Re-arming’ Error Message When You Try to Run Riprep.exe or Sysprep.exe on Windows XP,” at http://support.microsoft.com/kb/308554.
System Center Configuration Manager Problem: The error message shown in Figure 3 displays when attempting to create a System Center Configuration Manager PXE service point using the Create self-signed PXE certificate option. INCLUDEPICTURE "cid:[email protected]" \* MERGEFORMATINET INCLUDEPICTURE "cid:[email protected]"
\* MERGEFORMATINET Figure 3. PXE service point error
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
23
Possible Solution: If a PXE service point previously existed on the server being configured, the uninstallation of the PXE service point may not have deleted the selfcreated certificates. Delete the PXE certificate folder from C:\Documents and Settings\username\Application Data\Microsoft\Crypto\RSA\ where username is the name of the user who is performing the current configuration or who performed the previous configuration. The configuration wizard should successfully complete once the folder is deleted.
Systems Management Server Table 2 lists symptoms that indicate that the ZTI deployment process will fail, the possible problems, and suggested methods for resolving the problem. Table 2. Deployment Symptoms, Possible Problems, and Possible Solutions Related to Systems Management Server Symptoms
Possible problem
Resolutions
Target computers are not receiving the SMS 2003 OSD Feature Pack package advertisements.
Target computers are not included in the appropriate Systems Management Server collection.
Verify that the target computers are in the Systems Management Server collection used during the distribution of the SMS 2003 OSD Feature Pack package.
ZTI scripts do not run properly.
Target computers may not meet the hardware and software requirements.
Review target computer hardware and software requirements in the section, “System Requirements,” in the Getting Started Guide.
Appropriate permissions may not be set on MigData, .log files, or distribution point shares.
Log on as the appropriate account holder, and attempt to access files in the shares.
Updated packages and programs are not appearing on distribution points.
Scheduled distribution of updates to packages and programs may be taking longer than required.
Manually update the distribution points by using Systems Management Server Administrator Console.
Refresh Computer scenarios are incorrectly performed as Replace Computer scenarios.
The OldComputer.tag file exists on a Systems Management Server deployment point, because the OldComputer folder is incorrectly added to one of the SMS 2003 OSD Feature Pack custom action file lists.
Search for OldComputer.tag file on a Systems Management Server deployment point, and delete the file on Systems Management Server packages that are targeted for Refresh Computer scenarios.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Task Sequences Apply Network Settings Problem: When configuring the network connection name in the Deployment Workbench, a validation error is displayed that prompts the user with the following message: “Please enter a valid name for the network adapter.” Possible Resolution: Remove any spaces and invalid characters from the specified connection name.
Upgrading from BDD 2007—Missing Task Sequence Steps After upgrading a Business Desktop Deployment (BDD) 2007 distribution share to MDT 2008, customizations from the BDD 2007 task sequence are identified and moved to the new MDT 2008 task sequence using one of the following scenarios: •
If a custom task sequence step specifies an application that is matched to an application defined in the distribution share and if there is also a match between the command-line sequence of the step and the command-line sequence of the distribution share application, that task sequence step is added to the Custom Tasks group.
•
If a custom task sequence step specifies an application that cannot be matched to an application defined in the distribution share, that task sequence step is added to the Unknown Tasks group, which is disabled. Administrative intervention is required to edit the task sequence and move the step to an appropriate location within the new task sequence.
Note
Any custom task sequence steps that call a ZTI script are ignored.
Note Any custom task sequence steps that are relocated to the Custom Tasks or Unknown Tasks groups in the task sequence are disabled. To continue to use these task sequence steps in MDT 2008, the task sequence steps must be relocated to their proper location in the task sequence and enabled.
Using Continue on Error If a MDT 2008 task sequence is configured not to continue on error and that task sequence returns an error, all remaining task sequences in that task sequence group are skipped. However, the remaining, subsequent task sequence groups are processed. Consider the following. Two task sequence groups have been created, and each group contains more than one task sequence step. Group A Step A Step B Group B Step A Step B If Group A\Step A is configured not to continue on error, then Group A\Step B will not be processed. However, all task sequence steps in Group B will be processed. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
25
User State Migration Tool Missing Desktop Shortcuts Problem: While using USMT to migrate user data, shortcuts that point to network documents may not get restored. The shortcuts are captured during Scanstate; however, they never get restored to the target computer during Loadstate. Possible Resolution: Edit the MigUser.xml and comment out the following line as shown below: Original: filter='MigXmlHelper.IgnoreIrrelevantLinks()'> Modified:
USMT-Related Errors During Deployment— Error 1618 Problem: While deploying a Windows XP image that was created by the SMS 2003 OSD Feature Pack with MDT 2008 installed, the following error messages may be logged during the State Restore phase when USMT is being installed: •
USMT installer found at \\Server\Packages$\SMSPKG\E000019B\InstallUSMT301_X86.msi. ZTIUserState 18/01/2008 16:00:12 0 (0x0000)
•
About to run command: msiexec.exe /I "\\Server\Packages$\SMSPKG\E000019B\InstallUSMT301_X86.msi" /quiet /passive /norestart ZTIUserState 18/01/2008 16:00:12 0 (0x0000)
•
Return code from command = 1618 16:00:15 0 (0x0000)
•
Non-zero return code from USMT 3.0.1 installation command, rc = 1618 ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
•
FindFile: The file USMT30_X86.cab could not be found in any standard locations. ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
•
ERROR: Unable to find USMT30_X86.cab file so it is not possible to install USMT 3.0, aborting ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
•
ERROR - Unable to install USMT 3.0 to restore user state. ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
ZTIUserState
18/01/2008
The last three lines of the .log file are an attempt at recovering from the initial behavior— the MDT 2008 scripts have logic that attempts to install USMT by extracting the bits from a .cab file, but only after the initial Windows Installer–based installation fails.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
The problem is a result of a previous task sequence step in the deployment process. The 1618 message translates to, “Another installation is already in progress. Complete that installation before proceeding with this install.” This is probably the result of an incorrect command that caused execution of subsequent task sequence steps to immediately continue even though the installation was just starting. Possible Resolution A: Check the event log to see what other installations were initiated at or near the time as the USMT installation, and verify that the commands for those installations are appropriate. Possible Resolution B: This problem could be avoided by creating a USMT .cab file, but it’s likely other issues will be encountered if the cause of the original error is not corrected. Due to a bug in the Windows Vista installation program, Wusa.exe (used to install MSU files), USMT would not install quietly using the standard /quiet option. This resulted in a workaround implemented in the ZTIUserState.wsf script. The following steps should be repeated for the x86 and x64 versions of USMT to repackage the USMT files into .cab files from which MDT 2008 can extract USMT to the target computer during deployment: 1880.Manually install the x86 or x64 version of USMT, whichever is applicable to the environment, on a computer running Windows XP or Windows Vista. 1881.Copy C:\Program Files\Microsoft Deployment Toolkit\Samples\USMT30_platform.ddf, where platform is either x86 or x64, from a computer on which MDT 2008 is installed. If USMT is installed in a location other than the default (C:\Program Files\USMT301), edit USMT30_platform.ddf to indicate the correct path to the USMT program folder. 1882.Run the command Makecab /F USMT30_platform.ddf; then, copy the newly created .cab file (USMT30_platform.cab) to the \Tools\platform folder in the MDT 2008 distribution share. Possible Resolution C: An update is available for Windows Vista which may fix the USMT installation problem. If this update is included in the Windows Vista image, the steps outlined in “Possible Resolution B” in this section may not have to be performed. For more information about the update, see the Microsoft Help and Support article, “When you run Wusa.exe together with the /quiet option to try to install certain software packages on a Windows Vista-based computer, the installation fails,” at http://support.microsoft.com/kb/929761.
Windows Imaging Format (WIM) Files Corrupt WIM File Problem: When deploying an image, the deployment fails with the following entries in the BDD .log file: •
The image \\Server\Distribution$\Operating Systems\Windows XP SP2\version1.wim was not applied successfully by ImageX, rc = 2
•
LTIApply COMPLETED.
•
ZTI ERROR - Non-zero return code by LTIApply, rc = 2
Solution Accelerators
Return Value = 2
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
27
Attempting to investigate the issue by mounting the WIM file using ImageX results in an error description stating, “The data is invalid.” Further investigation shows that the date stamp of the WIM file is many years before the current date. It is possible that another process, such as a virus scanner, was holding the WIM file open after it was previously closed at the conclusion of a read/write process. Possible Solution: The WIM file must be restored from backup media.
Windows PE Discussed next are a few common problems that users experience when configuring Windows PE.
Deployment Process Not Initiated—Limited RAM Problem: When deploying to certain target computers, Windows PE starts up, runs wpeinit, goes to the Windows Command Interpreter, but does not actually start the deployment process. Attempting to troubleshoot by mapping a network drive from the target computer indicates that the network adapter drivers are not loaded. Possible Resolution 1: The deployment wizard isn’t starting because there isn’t enough random access memory (RAM). Verify that the target computer has at least 512 MB of RAM and that any shared video memory doesn't consume more than 64 MB of the 512 MB. Windows PE 2.0 is unable to run on a target computer that has less than 512 MB of RAM. Also, due to the nature of Lite Touch in MDT 2008, Lite Touch will not run with Windows PE 2005. However, the SMS 2003 OSD Feature Pack could be used with Windows PE 2005, because it will work with 256 MB of RAM. Possible Resolution 2: Be sure that that wireless drivers have been not included in the Windows PE image.
Deployment Process Not Initiated—Missing Components Problem: When troubleshooting a failed deployment, a review of the BDD .log file lists the following entry: ERROR - Unable to create ADODB.Connection object, impossible to query SQL Server: ActiveX component can't create object (429).
Possible Resolution: This may indicate that the Windows PE image was not created by MDT 2008. If using System Center Configuration Manager, do not choose to use one of the existing Windows PE images that were created by System Center Configuration Manager, but instead, create one by using the Import Microsoft Deployment Task Sequence wizard. Note The Windows PE images created by System Center Configuration Manager contain components that support scripting, XML, and Windows Management Instrumentation (WMI), but they do not contain components that support Microsoft ActiveX® Data Objects (ADO).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Deployment Process Not Initiated—Missing or Incorrect Drivers Problem: When deploying to certain target computers, Windows PE starts up, runs wpeinit, goes to the Windows Command Interpreter, but does not actually start the deployment process. Attempting to troubleshoot by mapping a network drive from the target computer indicates that the network adapter drivers are not loaded. A review of the SetupAPI .log file located in X:\Windows\System32\Inf indicates that Windows PE generates errors when it is configuring the network adapter. One of the errors said, "This driver is not meant for this platform." The drivers in the out-of-box drivers list have been injected into the image. Possible Solution: It is possible that Windows PE is having a driver conflict with another driver. When configuring the settings for the Windows PE image in the Deployment Workbench, create a Windows PE drivers group that contains only network adapter and storage drivers, and configure the deployment point to use only the Windows PE driver group. If both Windows XP and Windows Vista drivers have been included, just add the driver for Windows Vista into the Windows PE drivers group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo yment Pr ocess Flo w Cha r ts In this chapter, two sets of flow charts are provided for MDT 2008: LTI/ZTI with SMS 2003 OSD Feature Pack and ZTI with System Center Configuration Manager. Each deployment phase has a corresponding set of flow charts that provide a pictorial representation of the tasks executed during deployment.
LTI/ZTI with SMS 2003 OSD Feature Pack Flow charts are provided for the following phases: •
Validation (Figure 4)
•
State Capture (Figure 5 and Figure 6)
•
Preinstall (Figure 7, Figure 8, and Figure 9)
•
Install (Figure 10)
•
Postinstall (Figure 11 and Figure 12)
•
State Restore (Figure 13, Figure 14, Figure 15, and Figure 16)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit Reference 2008
Figure 4. Flow chart for the Validation Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
31
Figure 5. Flow chart for the State Capture Phase (1 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit Reference 2008
Figure 6. Flow chart for the State Capture Phase (2 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
33
Figure 7. Flow chart for the Preinstall Phase (1 of 3)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit Reference 2008
Figure 8. Flow chart for the Preinstall Phase (2 of 3)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
35
Figure 9. Flow chart for the Preinstall Phase (3 of 3) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit Reference 2008
Figure 10. Flow chart for the Install Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
37
Figure 11. Flow chart for the Postinstall Phase (1 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit Reference 2008
Figure 12. Flow chart for the Postinstall Phase (2 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
39
Figure 13. Flow chart for the State Restore Phase (1 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit Reference 2008
Figure 14. Flow chart for the State Restore Phase (2 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
41
Figure 15. Flow chart for the State Restore Phase (3 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit Reference 2008
Figure 16. Flow chart for the State Restore Phase (4 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
43
ZTI with System Center Configuration Manager Flow charts are provided for the following phases: •
Initialization (Figure 17)
•
Validation (Figure 18)
•
State Capture (Figure 19)
•
Preinstall (Figure 20)
•
Install (Figure 21)
•
Postinstall (Figure 22)
•
State Restore (Figure 23 and Figure 24)
•
Capture (Figure 25)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit Reference 2008
Figure 17. Flow chart for the Initialization Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
45
Figure 18. Flow chart for the Validation Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit Reference 2008
Figure 19. Flow chart for the State Capture Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
47
Figure 20. Flow chart for the Preinstall Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit Reference 2008
Figure 21. Flow chart for the Install Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
49
Figure 22. Flow chart for the Postinstall Phase Solution Accelerators
microsoft.com/technet/SolutionAccelerators
50
Microsoft Deployment Toolkit Reference 2008
Figure 23. Flow chart for the State Restore Phase (1 of 2) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
51
Figure 24. Flow chart for the State Restore Phase (2 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
52
Microsoft Deployment Toolkit Reference 2008
Figure 25. Flow chart for the Capture Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Find ing A ddit iona l H el p Microsoft Services Premier Support The MDT 2008 team has received a number of e-mail messages and questions about how to receive support from Premier Support for MDT 2008. Several individuals have been routed to the incorrect support queue while trying to receive support for MDT 2008. We apologize for their frustration and inconvenience. To be routed to the correct support queue, call Premier Support at 1-800-936-3500, or go online to http://www.microsoft.com/services/microsoftservices/srv_premier.mspx. Note When seeking support, clearly state that there is a Business Desktop Deployment/Microsoft Deployment Toolkit issue. Mentioning “deployment” in general may result in routing to the incorrect queue. Note Please note that support for MDT 2008 is done on via callback with response times generally ranging between 1 and 4 hours depending on the severity of the issue and other issues in the queue.
Internet-Based Support Many online sources are available that provide additional troubleshooting assistance for MDT 2008 beyond what is covered in this reference. These online sources include: •
•
Microsoft-hosted blogs: •
MDT 2008 Team blog at http://blogs.technet.com/msdeployment/default.aspx
•
Deployment Guys blog at http://blogs.technet.com/deploymentguys/
•
Ben Hunter’s blog at http://blogs.technet.com/benhunter/default.aspx (Ben Hunter is a consultant with Microsoft Services-New Zealand.)
•
Michael Niehaus’ blog at http://blogs.technet.com/mniehaus/default.aspx (Michael Niehaus writes on Windows and Microsoft Office deployment.)
•
Richard Smith’s blog at http://blogs.technet.com/richardsmith/default.aspx (Richard Smith is a consultant with Microsoft Services–United Kingdom.)
Microsoft-hosted newsgroups: The following newsgroups are available with support from Microsoft employees, industry peers, and Microsoft Valued Professionals (MVPs): •
microsoft.public.deployment.desktop at news://msnews.microsoft.com/microsoft.public.deployment.desktop
•
microsoft.public.sms.tools at news://msnews.microsoft.com/microsoft.public.sms.tools
•
microsoft.public.office.setup at news://msnews.microsoft.com/microsoft.public.office.setup
•
microsoft.public.usmt at news://msnews.microsoft.com/microsoft.public.usmt
54
•
MSDN 2.0
•
microsoft.public.deployment.app_compatibility at news://msnews.microsoft.com/microsoft.public.deployment.app_compatibility
•
microsoft.public.windows.app_compatibility at news://msnews.microsoft.com/microsoft.public.app_compatibility
•
TechNet forum: Windows Vista Deployment and Imaging at http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=721&SiteID=17
Deployment-related information sources from outside Microsoft: •
DeploymentForum.com at http://www.deploymentforum.com
•
DeployVista.com at http://www.deployvista.com
•
myITforum.com at http://www.myitforum.com
Microsoft® Deployment Toolkit 2008 User State Migration Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: Contents
lv
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Internet Explorer, Outlook, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This document describes how to save and retrieve user preferences during deployments using the Windows® User State Migration Tool (USMT). This guide is intended to serve as part of Microsoft® Deployment Toolkit (MDT) 2008. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
US MT Usa ge Scenario s A distinction exists between how USMT is used during deployment and the development of the control files used during the deployment. This section discusses two example scenarios of how the USMT can be used during the deployment process. In the first scenario, an administrator runs a deployment wizard on a client computer scheduled for migration. The wizard collects information about the user and the user’s computer. The wizard then runs the Scanstate.exe tool in USMT to copy the user’s documents and settings from the computer to a temporary user state store file. The deployment process installs a new Windows Vista operating system image on the computer, and then runs the Loadstate.exe tool in USMT to copy the user’s documents and settings from the server onto the new computer. An example of this scenario is the Windows Deployment Wizard in a Lite Touch Installation (LTI) deployment. In the second scenario, a software-distribution tool runs the Scanstate.exe tool to run a fully unattended sequence of programs to save user state for multiple user profiles, and then installs a new operating system image, installs application packages, and finally runs the Loadstate.exe tool to restore user state, making the computer ready for the user. An example of this scenario is deployment performed by Microsoft System Center Configuration Manager 2007 and MDT 2008. This guide does not detail the usage of USMT described in the second scenario. See the USMT version 3.0.1 Help file for a complete description of this process. This guide does, however, address why and how to alter the control files that direct the behavior of USMT during the execution. Read the appendices of this document for detailed information on creating control files and running USMT. Before using USMT to capture and restore user state, make the USMT files available to the deployment tools. For information regarding how to make the USMT files available for MDT 2008 deployments by using LTI and Microsoft Systems Management Server (SMS) 2003, see “Appendix B: Preparing the MDT 2008 Distribution Share,” later in this guide. For information on how to make the USMT files available to System Center Configuration Manager, see “Create New Task Sequences Using the Import Wizard” in the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
System Center Configuration Manager State Capture System Center Configuration Manager also captures user state. Within System Center Configuration Manager, the Request State Store task automatically determines the space requirements and whether the computer on which state is captured can hold the information for reinsertion or whether the data needs to be placed on the share defined for user state within System Center Configuration Manager. User state capture is supported only on non-server Microsoft operating systems.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: USMT Usage Scenarios
3
The state can be captured when creating task sequences within System Center Configuration Manager. When capturing state, USMT version 3.0.1 must be installed on the computer running System Center Configuration Manager. System Center Configuration Manager must be configured as a migration point for the process to finish successfully. For more information on capturing state, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide, especially the section on creating task sequences. For additional information on making System Center Configuration Manager a migration point, see Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx.
Identify Operating System Settings When planning a migration, carefully consider which operating system settings to migrate. Several key elements to consider are: •
Appearance. Includes items such as wallpaper, colors, sounds, and the location of the taskbar
•
Action. Includes items such as key repeat rate, whether double-clicking a folder opens it in a new window or in the same window, and whether users must click or double-click an item to open it
•
Internet. Includes Internet connection settings and controls how the browser operates; additional items include home page, favorites or bookmarks, cookies, security settings, and proxy settings
•
Mail. Includes the information required to connect to mail servers, signature files, views, mail rules, local mail, and contact lists
Consider any previous migration experience in addition to the results of any surveys conducted and tests that have been completed. Also take into consideration elements that could eliminate or reduce help desk calls that result from the deployment. Note Do not migrate settings that Group Policy objects (GPOs) control. These settings have no effect on the client computer and only waste time and space during the migration.
USMT Components USMT consists of the following major components: •
Scanstate. The tool used to collect system state from the source computer
•
Loadstate. The tool used to install user state on the destination computer
•
XML control files. Files that control the USMT migration process
•
Component manifests. Files that maintain lists of Windows Vista system configuration settings and data
•
Downlevel manifests. Manifest files that list and locate settings and data for earlier versions of the Windows operating system (Windows XP and Microsoft Windows 2000)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Scanstate During the USMT execution process, Scanstate.exe creates the USMT3.mig file in the default store directory (or any directory defined by command-line settings). Scanstate uses the following components: •
Scanstate.exe. This executable file runs on the source computer to capture user settings and files. A user can run Scanstate.exe to capture the settings stored in the registry and the files to which the user has permission. Alternatively, users can run Scanstate.exe in the Local System or Local Administrator security context, which permits unattended operation and capture of multiple user profiles. MDT 2008 scripts call Scanstate.exe during the deployment process.
•
MigSys.xml. When migrating from a source computer running Windows XP, this file controls which operating system and browser settings to migrate. Users can customize this file for specific needs.
•
MigApp.xml. This file controls which application settings are migrated from the source computer. Users can customize this file for specific needs.
•
MigUser.xml. This file controls which user folders, files, and file types to migrate from the source computer. Users can customize this file for specific needs. Note MDT 2008 uses generic versions of the preceding three common control files. If these files must be customized, replace the default versions or configure CustomSettings.ini (located in the Control folder) to specify the custom versions.
•
Config.xml. Create this file using the /genconfig option in the Scanstate commandline tool. This file contains all settings defined by component manifests in Windows Vista or by downlevel manifests (these terms are described in the sections “Component Manifests” and “Downlevel Manifests” later in this guide) included with USMT version 3.0.1. Specify this file in the Scanstate command-line tool. Note MDT 2008 does not currently use Config.xml, but the file can be called manually by specifying it in CustomSettings.ini.
For detailed instructions on preparing a Config.xml file, see the section, “Appendix A: Converting Control Files from Earlier Versions of USMT,” later in this guide. •
Custom.xml. A custom control file can be created to define custom rules for unique migration needs. For example, this file can contain information for migrating a custom business application. Multiple custom control files can be defined. Modify USMTMigFiles in CustomSettings.ini to call Custom.xml control files. Note For additional information on Scanstate syntax, refer to the USMT Help file (USMT.chm) located in the USMT installation directory.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: USMT Usage Scenarios
5
Loadstate Loadstate is the command-line tool that restores data to one or more user profiles. Loadstate runs in the context of an account with Administrator privileges and loads the users’ profiles before they log on for the first time. Note Loadstate requires network connectivity to a domain controller for a user’s domain to determine the security identifier (SID) of the destination profile.
Loadstate consists of the following components: •
MigSys.xml. When migrating to a Windows XP destination computer, this file controls which operating system and browser settings to migrate. This file can be customized for specific needs.
•
MigApp.xml. This file controls which application settings are migrated to the destination computer. This file can be customized for specific needs.
•
MigUser.xml. This file controls which user folders, files, and file types to migrate to the destination computer. This file can be customized for specific needs. Note MDT 2008 uses generic versions of the preceding three common control files. If these files must be customized, the default versions can be replaced or CustomSettings.ini (located in the Control folder) can be configured to specify the custom versions.
•
Custom.xml. A custom control file can be created to define custom rules for unique migration needs. For example, this file can contain information for migrating a custom business application. Multiple custom control files can be defined. Modify CustomSettings.ini to call Custom.xml control files. For details on creating a Custom.xml file, see the section, “Appendix A: Converting Control Files from Earlier Versions of USMT,” later in this guide.
•
Config.xml. Config.xml should not be specified during Loadstate unless only a subset of the settings and data from the Scanstate file are being migrated. Specify this file on the USMTMigFiles item in CustomSettings.ini. Note For information on Loadstate syntax, refer to the USMT Help file (USMT.chm) located in the USMT installation directory.
Component Manifests Component manifests are files that list settings and data important to components of Windows Vista. Scanstate reads this information during execution, creating a dynamic list of Windows Vista components, settings, and data to migrate. When Scanstate is run with the /genconfig option, it constructs a Config.xml file from information obtained in component manifests that are used to customize data collected. A collection run without a custom Config.xml collects all data that the component manifests, which cannot be modified, specify. Loadstate does not use component manifests when the destination system is running Windows XP.
Downlevel Manifests USMT includes a collection of manifests designed to act as component manifests when used to migrate user state from earlier versions of the Windows operating system. When migrating settings and data to a Windows Vista system from Windows XP or Windows 2000, these downlevel manifests determine which data to collect. Loadstate does not use downlevel manifests when the destination computer is running Windows Vista. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Tec hnica l Cons ider ations Technical considerations when planning to use USMT include: •
USMT supports migration from local user accounts and from computers that are members of workgroups. Use the /mu and /md options to migrate workgroup computers and local user accounts.
•
USMT migrates user state information only for computers on a Microsoft network. However, by modifying the destination computer user name and domain, USMT can support migration from Novell networks to Windows networks. Use the /mu and /md options to migrate computers on Novell networks.
•
USMT migrates file permissions. A domain controller must be available, and the local Administrator account (or its equivalent) must be used at the destination computer to facilitate setting appropriate access control entries.
•
USMT does not migrate passwords stored on the computer for applications such as the Microsoft Outlook® Express messaging client, Windows Internet Explorer®, and mapped network drives.
•
USMT does not migrate drivers—except for print drivers, which the USMT attempts to migrate if driver support is available on the Windows installation CD. Drivers can be specified in the distribution library. See the MDT 2008 document, Workbench Imaging Guide, for more information.
•
USMT can migrate application settings but not the applications themselves. Applications must be reinstalled on the destination computers. Note See the USMT release notes for more information about applications that must be installed before loading user state information.
•
USMT supports the migration of multiuser computers. When a single computer has multiple profiles, each with unique user data, USMT can capture all user states during a one-time Scanstate execution—including both domain and local users. For more information about how to migrate computer systems with many users, see “Migrate Data on Computers with Multiple Users” in the USMT product documentation.
•
Encrypting File Service (EFS) certificates can be migrated to Windows Vista automatically using the /efs:copyraw option. EFS certificates must be migrated to Windows XP computers manually. See the USMT product documentation in the USMT.chm file located in the USMT installation directory for use details.
•
USMT includes options to prevent migration of old profiles and to migrate specific profiles using command-line options.
•
USMT is available to use within the operating system. USMT does not have to be installed on the Components node; rather, the USMT301_platform.msi file (where platform is either x86 for 32-bit, or x64 for 64-bit) can be made available in the \Distribution\tools\platform directory.
Note Sometimes, issues exist with installation of the .msi file in Windows Vista. To correct the issues, see the information in the Microsoft Help and Support article, “When you run Wusa.exe together with the /quiet option to try to install certain software packages on a Windows Vistabased computer, the installation fails,” at http://support.microsoft.com/kb/929761/en-us. In addition, see the MDT 2008 document, Troubleshooting Reference, for information describing the creation of the USMT301_platform.cab file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix A: Co nver ting C on tr ol Fi les fr om Ear li er Ver sions of US MT Earlier versions of USMT used .inf files to control the collection and migration of documents and settings. Many organizations have spent time and resources creating migrations based on this technology. While there are significant differences between the two control file formats, an understanding of how each format controls USMT can allow developers to create XML files that closely replicate the effects of the former migration process.
USMT .Inf File Format Developers of legacy .inf files should already be familiar with the format and function of the commands in these files. Following is a brief overview of .inf file sections and syntax.
Sections of a USMT .Inf File USMT .inf files are segmented based on the type of migration being performed. Following are examples of the resulting sections: •
[Applications]. The [Applications] section defines application settings that USMT will migrate.
•
[System Settings]. The [System Settings] section migrates system configuration settings such as fonts and accessibility.
•
[User Settings]. This section migrates user preferences, such as desktop configuration, screen saver settings, and favorites.
•
[Files and Folders]. This section migrates files and folders. Migrations can be specified for individual files and folders and for files and folders based on pattern or file extension.
See the Help file in the earlier version of USMT for a complete listing of .inf file sections.
USMT .Inf File Syntax USMT .inf files use commands to control USMT operation. Examples of these commands are listed in this section. Examples of .inf command syntax follow each command.
[CopyFiles] The CopyFiles command specifies files that the migration must copy. The syntax for this command is: Path\FileName.ext, NewRootPath
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Wild cards can be used in addition to environment variables. To migrate .doc files from the My Documents folder to the same folder on the new system, use the syntax: [Copy This State] CopyFiles=WordDocs [WordDocs] %CSIDL_PERSONAL%\*\*.doc, %CSIDL_PERSONAL%
[CopyFilesFiltered] This command copies only files that are relevant to the new system. For example, if program shortcuts are being copied to the desktop of a new system and a link points to a file that will not be migrated, CopyFilesFiltered does not copy the associated .lnk file. Following is an example of the CopyFilesFiltered syntax: [Copy This State] CopyFiles=Shortcuts [Shortcuts] %CSIDL_DESKTOP%\*.lnk, %CSIDL_DESKTOP% Note The CopyFilesFiltered command performs this filtering action during Loadstate.exe execution.
[AddReg] The syntax for the AddReg command is: RegRoot\RegKey\RegSubKey [RegValue] This command migrates registry entries on the destination computer according to the syntax of the command. To migrate an entry that runs Notepad automatically on startup, use the syntax: [Copy This User State] AddReg=RunNotepad AddReg [RunNotepad AddReg] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Notepad.exe C:\Windows\system32\notepad.exe Note
The specified registry key must exist in the source system to be successfully migrated.
[DelReg] The syntax for the DelReg command is: RegRoot\RegKey\RegSubKey [RegValue] This command removes registry entries on the destination computer according to the syntax of the command. To create an entry to remove the AddReg example in the previous section, use the syntax: [Copy This User State] DelReg=RunNotepad DelReg [RunNotepad DelReg] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Notepad.exe C:\Windows\system32\notepad.exe Note This command does not actively delete the defined registry key; it merely excludes it from the migration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: Appendix A
9
The USMT Help file defines many more commands. See the Help file in the earlier version of USMT for a complete listing.
Find Equivalent Settings in XML The XML language format differs dramatically from the section-based formatting of .inf files. XML file sections are defined by the tags and . Syntax within the settings has also changed. A complete reference is included in the USMT installation folder. See USMT XML Elements Reference in USMT.chm for details on XML syntax. This section converts examples from the section “USMT .Inf File Syntax” to XML to illustrate this process.
[CopyFiles] The following example migrates all .doc files from the My Documents folder on one system to the My Documents folder on another: User Data <pattern type="File">%CSIDL_PERSONAL%\[*.doc]
[CopyFilesFiltered] Files can be filtered by first attempting to detect the condition under which the file would be migrated. If the condition is detected, then the subsequent migration actions would occur; otherwise, Loadstate.exe would ignore the subsequent child statements. User Data <detects> <detect> MigXmlHelper.DoesObjectExist("File","%CSIDL_PERSONAL%\ MyFile.Doc") Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
<pattern type="File">%CSIDL_DESKTOP%\[MyFile.lnk] Note In this example, the Detect condition must be True for the subsequent Rules instructions to be processed.
[AddReg] The following XML code migrates a specific registry setting: <migration urlid="http://www.microsoft.com/migration/1.0/migxmlext/test"> Component to migrate only registry value string <pattern type="Registry">HKCU\Software\Microsoft\Windows\CurrentVersion\Ru n [Notepad.exe] Note If the registry key specified by the script in this listing does not exist on the source system, it will not be created on the destination system.
[DelReg] The following example replicates the DelReg action of the .inf file referenced in the previous section. (Note the <exclude>… pair.) <migration urlid="http://www.microsoft.com/migration/1.0/migxmlext/test"> Component to migrate only registry value string Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: Appendix A
11
<exclude> <pattern type="Registry">HKCU\Software\Microsoft\Windows\CurrentVersion\Ru n [Notepad.exe] Note In many cases, it is sufficient simply not to define an object to exclude it from migration. The process above might be necessary when migrating a parent but excluding certain children.
Create a Complete Migration in XML A substantial amount of XML code would need to be written to create a complete conversion. It is important, therefore, to attempt to migrate most settings using the included XML control files. When this migration is complete, create a Custom.xml file for the remaining elements that must be migrated. The finished product might be executed with a command similar to the following: Scanstate /config:Migration.xml /i:Migapp.xml /i:MigUser.xml /i:CustMigration.xml /l:Migration.log /v:15
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix B: Pr epar ing the MDT 2008 Dis tr ibu tion Shar e This appendix describes the process required to prepare the distribution folder on the computer running MDT 2008 for USMT operation.
Prepare the USMT Component in the Distribution Folder MDT 2008 simplifies the process for installing any components that MDT 2008 requires. MDT 2008 requires USMT for the Replace Computer and Refresh Computer deployment scenarios. During deployment, when running the Capture User State and Restore User State task sequences, MDT 2008 automatically copies the required USMT installation files from the distribution share to the destination computer. Follow these steps to ensure that the distribution share contains the required USMT installation files. To prepare the USMT component with Internet connectivity Note If the computer running MDT 2008 has Internet connectivity, Deployment Workbench can automatically download the USMT installation files.
1883.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1884.In the Deployment Workbench console tree, go to Deployment Workbench/Information Center, and then click Components. 1885.In the details pane, in the Available for Download section, click User State Migration Tool 3.0.1 (x86) (for 32-bit operating systems) or User State Migration Tool 3.0.1 (x64) (for 64-bit operating systems). 1886.In the details pane, click Download. After downloading the USMT, Deployment Workbench copies the USMT .msi files to the distribution\Tools\platform folder (where distribution is the distribution folder that was created while preparing the deployment environment and platform is the processor architecture, which is either x86 or x64).
Template User Instructions
13
To prepare the USMT component without Internet connectivity Note If the computer running MDT 2008 does not have Internet connectivity, download USMT from another computer.
1887.Using another computer, download the USMT installation files from Microsoft Download Center at http://www.microsoft.com/downloadS/details.aspx?familyid=799AB28C-691B-4B36B7AD-6C604BE4C595. 1888.Copy the USMT installation files (InstallUSMT301_x86.msi for 32-bit operating systems or InstallUSMT301_x64.msi for 64-bit operating systems) to the computer running MDT 2008, and then place them in the distribution\Tools\platform folder (where distribution is the distribution folder that was created while preparing the deployment environment and platform is the processor architecture, which is either x86 or x64).
Locate the Store Files Create a share on a server designated during the planning process for holding the USMT store files. MDT 2008 uses values found in CustomSettings.ini to locate the user state store folder. Configure the CustomSettings.ini properties detailed in Table 1. Table 1. CustomSettings.ini Properties Property
Controls
UDShare
Network share for user store
UDDir
User store folder
UserDataLocation
User store location selection
UDProfiles
Which user profiles will be migrated
Note DVD-RW discs and local store files can also be used during a user state migration by not setting the UserDataLocation value. The Windows Deployment Wizard will ask for the user data location. See the MDT 2008 document, Toolkit Reference, for more details on configuration settings.
Place the XML Control Files USMT uses the default versions of the migration XML files unless the path to the custom XML files is indicated. Place the path to custom XML files in the CustomSettings.ini file in the Control folder of the MDT 2008 distribution share. Inserting a line for USMTMigFiles causes MDT 2008 to use the listed files from migration control. Use the following format for this line: USMTMigFiles1=MigApp.xml USMTMigFiles2=MigUser.xml USMTMigFiles3=MigSys.xml USMTMigFiles4=MigCustom.xml USMTConfigFile=Config.xml Note See the MDT 2008 document, Toolkit Reference, for more details on configuration settings.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
MSDN 2.0
Microsoft® Deployment Toolkit 2008 Workbench Imaging Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide
xv
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, ActiveX, Internet Explorer, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This technical guide is part of Microsoft® Deployment Toolkit (MDT) 2008. This document guides the creation of Lite Touch Installation (LTI) images using Deployment Workbench. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Because this guide contains guidance specific to creating LTI images in Deployment Workbench, reviewing the guides that Table 1 describes can provide additional information. Table 1. Related Guides See this guide
For more information about
Image Customization Guide
Customizing LTI images. For example, this guide describes how to customize the task sequence, answer files, and so on.
Microsoft Deployment Toolkit 2008 Samples Guide
Sample customizations that can be used as the basis for customizing images for desktop and server computers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ins tal ling Dep lo yment Wor kbenc h Use Deployment Workbench to create distribution shares and develop disk images. The first step in the process is to install Deployment Workbench on the build server, which holds the source files (scripts, Windows media, device drivers, and applications) used as part of the scripted build process. The MDT 2008 document Getting Started Guide includes systematic instructions for installing MDT 2008, including Deployment Workbench and the Windows Automated Installation Kit (Windows AIK). Note For systematic installation procedures, see the MDT 2008 documents Getting Started Guide and Preparing for LTI Tools.
Create the Distribution Share The distribution share holds the operating systems, applications, operating system packages, task sequences, and out-of-box device drivers used for imaging. Use the Create Distribution Share Wizard to create the distribution share that Deployment Workbench uses to store the files used for imaging. To create the distribution share using the Create Distribution Share Wizard 1889.In the Deployment Workbench console tree, right-click Distribution Share, and then click Create Distribution share directory to start the Create Distribution Share Wizard. 1890.On the Specify the path for the distribution share directory page, type the path to the distribution share directory in the text box provided. 1891.Click Finish to complete the process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Sta r ting Dep lo yment Wor kbenc h In Deployment Workbench, the left pane contains the console tree, the center pane—the details pane—shows the properties of the item in the console tree, and the right pane lists actions available. Table 2 lists the items available in Deployment Workbench and their descriptions. Table 2. Deployment Workbench Elements Item
Description
Information Center
Provides access to documentation, displays breaking news about MDT 2008, and lists the components required to use Deployment Workbench. Click this item to view details in the details pane.
Distribution Share
Lists operating systems, applications, operating system packages, and out-of-box drivers populated in Deployment Workbench. Click this item to view details in the details pane.
Task Sequences
Lists task sequences populated in Deployment Workbench. Click this item to view details in the details pane.
Deploy
Lists the deployment points available to Deployment Workbench and the database required to house Windows Deployment Services information.
To start Deployment Workbench •
Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. CAUTION Open only a single instance of Deployment Workbench. Opening two or more instances of Deployment Workbench can result in unpredictable behavior.
Tip The default view of the Deployment Workbench console is the Action pane. Remove it by working in the management console. To work in the console, run %programfiles%\Microsoft Deployment Toolkit\Bin\DeploymentWorkbench.msc /a. On the View menu, click Customize; clear the Action pane check box, and then click OK. Save changes by clicking Save from the File menu. When prompted whether to display a single window interface, click Yes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Up g r ading BDD 2007 to M DT 2008 It is possible to upgrade from Business Desktop Deployment (BDD) 2007 to MDT 2008. There are two options to choose from moving from BDD 2007 to MDT 2008: coexisting with BDD 2007 and upgrading from BDD 2007. For more information on upgrading to MDT 2008, see the following sections of the MDT 2008 document Getting Started Guide: •
“Coexist with BDD 2007”
•
“Upgrade from BDD 2007”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting the Dis tr ibu ti on Shar e The distribution share contains all of the information and settings that MDT 2008 uses as well as the entire contents used during the LTI process. The following section describes the process to create a new distribution share or upgrade an existing distribution share. To create a new distribution share 1892.Open Deployment Workbench, right-click Distribution Share, and then click Create distribution share directory. 1893.In the Create Distribution Share Wizard, on the Specify Directory page, click Create a new distribution share. 1894.Type the location for the distribution share on the local system in the Path for new distribution share directory text box, and then click Finish. To upgrade an existing distribution share 1895.Open Deployment Workbench, right-click Distribution Share, and then click Create distribution share directory. 1896.In the Create Distribution Share Wizard, on the Specify Directory page, click Upgrade an existing distribution share. 1897.Type the path for the distribution share in the Path to existing distribution share directory box. 1898.Select or clear the Backup existing scripts and configuration files check box as necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Popul ate the Dis tr ibu ti on Shar e Using Deployment Workbench, the distribution share can be configured in the following ways: •
Add, remove, and configure operating systems.
•
Add, remove, and configure applications.
•
Add, remove, and configure operating system packages, including updates and language packs.
•
Add, remove, and configure out-of-box device drivers.
When adding operating systems, applications, operating system packages, and out-ofbox device drivers to the distribution share, the source files are stored in the distribution share folder. These stored items will be associated with task sequences later in the configuration process. In the distribution share’s Control subfolder, Deployment Workbench stores metadata about operating systems, applications, operating system packages, and out-ofbox device drivers in the files shown in Table 3. Table 3. Metadata Files Associated with Deployment Workbench File
Description
Applications.xml
Contains metadata about applications in the distribution share
Drivers.xml
Contains metadata about the device drivers defined in the distribution share
DriverGroups.xml
Contains metadata specifying the grouping of drivers as listed on the Groups tab for each defined driver
OperatingSystems.xml
Contains metadata about operating systems in the distribution share
Packages.xml
Contains metadata about operating system packages in the distribution share, including software updates and language packs
PackageGroups.xml
Contains metadata specifying the grouping of packages as listed on the Groups tab for each defined package
TaskSequence.xml
Contains the list of task sequences referenced in \Deployment\Control and its subfolders
TS.xml
Contains metadata about the task sequence and is the task sequence definition. (A TS.xml file resides in each subfolder under \Distribution\Control.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
7
Note DriverGroups.xml exists alongside the Drivers.xml file, and TaskSequence.xml replaces the Builds.xml file previously used in BDD 2007. Tip Deployment Workbench does not sort the metadata in the .xml configuration files. However, sorting these files can make choosing applications and operating systems easier later. Use any text editor to sort them. An easier way to sort these files is by using Microsoft XML Notepad 2007, which is available from the Microsoft Download Center at http://www.microsoft.com/downloads.
Operating Systems MDT 2008 offers the ability to add the following operating system types: •
Full set of source files. Contains the files from a Windows DVD, CD, or equivalent media source
•
Custom image file. A Windows Imaging Format (WIM) image previously captured for deployment
•
Windows Deployment Services images. Located on a specified Windows Deployment Services server
This feature copies the entire set of operating system source files from the distribution media or folder containing the distribution media. Optionally, operating system images can be added from a specific Windows Deployment Services server by clicking Windows Deployment Services images on the OS Type page of the New OS Wizard. For more information, see the section, “Add Images from Windows Deployment Services,” later in this document. Or, click Custom image file on the same wizard page to add a custom image, created by using the Windows Deployment Wizard.
Add an Operating System See the MDT 2008 document Getting Started Guide for additional information on supported operating systems. To add a supported operating system to the distribution share 1899.In the Deployment Workbench console tree, expand Distribution Share, right-click Operating Systems, and then click New to start the New OS Wizard. 1900.On the OS Type page, select Full set of source files. Click Next. 1901.On the Source page, type the path containing the operating system source files to be added to the distribution share. Click Next. Note If the operating system files have been staged on the local hard disk, optionally select Move the files to the distribution share instead of copying them to speed the process.
1902.On the Destination page, type the name of the operating system folder to create in the distribution share. Accept the default name, which Deployment Workbench derives from the source files, or use a name that describes the operating system version and edition. Deployment Workbench uses this name to create a folder for the operating system in the distribution share’s Operating Systems folder. 1903.Click Finish to complete the wizard. This copy process can take several minutes to finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
After adding an operating system to the distribution share, it appears in the details pane of Operating Systems. In addition, the operating system appears in the distribution share in Operating Systems\subfolder, where subfolder is the destination specified when adding the operating system.
Remove an Operating System To remove an operating system from the distribution share, complete the following steps: 1904.In the Deployment Workbench console tree, expand Distribution Share, and click Operating Systems. 1905.In the details pane, right-click the operating system to be removed, and then click Delete. 1906.Click Yes when prompted. Note When an operating system is deleted from Deployment Workbench, it is also removed from the Operating Systems folder in the distribution share. In other words, removing an operating system from Deployment Workbench also removes it from the file system.
Rename an Operating System To rename an operating system in the distribution share, complete the following steps: 1907.In the Deployment Workbench console tree, expand Distribution Share, and then click Operating Systems. 1908.In the details pane, right-click the operating system to be renamed, and then click Properties. The operating system Properties dialog box appears. 1909.In the Operating system name box, type a new name for the operating system. Click OK.
Add Images from Windows Deployment Services MDT 2008 can deploy Windows images added to a Windows Deployment Services server. It does not copy these images to the MDT 2008 distribution share; instead, it deploys them directly from the MDT 2008 share. To add Windows images to the distribution share from a Windows Deployment Services server 1910.Copy the following files from the \sources directory of the Windows Vista or Windows Server 2008 media to the folder %programfiles%\Microsoft Deployment Toolkit\bin: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
•
Wdstptc.dll (only applicable if copying from the Windows Server 2008 or Windows Vista with Service Pack 1 [SP1] source directories)
Note The Windows source directory being used must match the platform of the operating system running on the computer where MDT 2008 is installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
9
1911.In the Deployment Workbench console tree, expand Distribution Share, right-click Operating Systems, and then click New to start the New OS Wizard. 1912.On the OS Type page, select Windows Deployment Services images, and then click Next. 1913.On the WDS Server page, type the name of the Windows Deployment Services server from which to add the operating system images, and then click Finish. The New OS Wizard makes all the operating system installation images it finds on the Windows Deployment Services server available to MDT 2008. It does not copy the source files from the Windows Deployment Services server to the distribution share, however. MDT 2008 continues to use the source files from their original location. The images appear in the details pane of Operating Systems in the Microsoft System Center Configuration Manager 2007 Configuration Manager console.
Add Custom Image Files MDT 2008 can deploy custom images or previously captured images in the WIM format. Specify the source directory in which the WIM file resides, and optionally the New OS Wizard will move the file to the distribution share. To add a custom image operating system to the distribution share 1914.In the Deployment Workbench console tree, expand Distribution Share, right-click Operating Systems, and then click New to start the New OS Wizard. 1915.On the OS Type page, select Custom image file, and then click Next. 1916.On the Setup page, specify the operating system setup files from the following selections as appropriate, and click Next: •
Setup and Sysprep files are not needed. Does not copy any setup files for a Windows Vista or Windows Server 2008 image, or System Preparation Tool (Sysprep) files for a Windows XP or Windows Server 2003 image.
•
Copy Windows Vista or Windows Server 2008 setup files from the specified path. Specifies the directory containing the Windows Vista or Windows Server 2008 setup files required to install the image specified.
•
Copy Windows XP or Windows Server 2003 Sysprep files from the specified path. Specifies the directory containing the Windows XP or Windows Server 2003 Sysprep or DEPLOY.CAB files required to install the image specified.
1917.On the Destination page, enter the destination directory for the wizard to create to contain the required operating system files, and click Finish.
Hide and Unhide Feature MDT 2008 offers the hide and unhide feature for the following nodes: •
Applications
•
OS Packages
•
Task Sequences
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
The General tab of applications, operating systems packages, and task sequences contains the Hide this application in the Deployment Wizard check box. Select this check box to see the following properties: •
•
•
Application is Enabled and Hide option cleared: •
For LAB deployment points, the task sequence, application, or package will be displayed in the LTI Wizard.
•
For NETWORK deployment points, the task sequence, application, or package will be copied to the network share deployment point when selected to copy.
•
For MEDIA deployment points, the task sequence, application, or package will be copied in the media content when selected to copy.
Application is Enabled and Hide option selected: •
For LAB deployment points, the task sequence, application, or package will not be displayed in the LTI Wizard.
•
For NETWORK deployment points, the task sequence, application, or package will be copied to the network share deployment point when selected to copy.
•
For MEDIA deployment points, the task sequence, application, or package will be copied in the media content when selected to copy.
Application is Disabled. Hide option is ignored: •
For LAB deployment points, the task sequence, application, or package will not be displayed in the LTI Wizard.
•
For NETWORK deployment points, the task sequence, application, or package will not be copied to the network share deployment point, even when selected to copy.
•
For MEDIA deployment points, the task sequence, application, or package will not be copied in the media content, even when selected to copy.
Applications Use this feature to install applications on client computers, either from source files that are copied to the distribution share or from source files stored in an existing shared folder.
Add an Application To add an application to the distribution share, complete the following steps: 1918.In the Deployment Workbench console tree, expand Distribution Share. Right-click Applications, and then click New to start the New Application Wizard. 1919.On the Application Type page, perform one of the following actions, and then click Next: •
Select Application with source files to copy the application source files to the distribution share. During deployment, MDT 2008 installs the application from source files it copied to the distribution share. Select this option when the application source files are not available to the destination computer when installing the operating system build or when they must be customized.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
•
11
Select Application without source files or elsewhere on the network. Choosing this option does not copy the application source files to the distribution share. During deployment, MDT 2008 installs the application from another location on the network. Select this option when the application source files are available during installation of the operating system build or to run a command that requires no application source files.
1920.On the Details page, provide the following information about the application, and then click Next: •
Publisher. Type the name of the application’s publisher.
•
Application Name. Type the name of the application.
•
Version. Type a version label for the application.
•
Languages. Type the language value of the Locale Identifier.
1921.On the Source page, type the path of the folder containing the application to be added, and click Next. If the application source files will be copied to the distribution share, Deployment Workbench copies everything in this folder to the distribution share; otherwise, it adds this path to the application’s metadata as the application’s installation path. If the operating system files are staged on the local hard disk, optionally select Move the files to the distribution share instead of copying them to automatically move the files to the distribution share. 1922.On the Destination page, type the name of the folder to create for the application within the distribution share, and then click Next. Note
The default value is the publisher, application name, and version label concatenated.
CAUTION When adding applications to the distribution share by using Deployment Workbench, ensure that every application has a unique full name. Otherwise, users will see multiple applications with the same name, each of which installs a different application, during an LTI installation.
1923.On the Command Details page, type the command to use to install the application silently, and click Finish. The command is relative to the working directory specified in the Working directory box. Windows Installer applications use the command msiexec.exe /i package.msi /qb REBOOT=REALLYSUPPRESS. Applications packaged by using other technologies require different command-line options. After adding an application to the distribution share, it appears in the Applications details pane. In addition, it appears in the distribution share in Applications\subfolder, where subfolder is the destination specified when adding the application.
Remove an Application To remove an application from the distribution share, complete the following steps: 1924.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1925.In the details pane, right-click the application to be removed, and then click Delete. 1926.Click Yes when prompted. Note The applications cannot be removed on which other applications have installation dependencies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Note When an application is deleted from Deployment Workbench, it is also removed from the Applications folder in the distribution share. In other words, removing an application from Deployment Workbench also removes it from the file system.
Edit an Application’s General Information The properties of an application can be edited, including the display name and working directory. Additional options allow changing the reboot properties of the application and enabling or disabling the application. To edit the properties of an application 1927.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1928.In the details pane, right-click the application to be edited, and then click Properties. 1929.On the General tab, edit the following items as necessary, and then click OK: •
Full Name of the application
•
Name of the application
•
Version of the application
•
Publisher of the application
•
Language version of the application
•
Source Directory, relative to the distribution share
•
Comments about the application
•
Hide this application in the Deployment Wizard
•
Enable this application Note MDT 2008 uses the uninstall registry key name to determine whether an application is already installed on the destination computer. This is a subkey in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninst all. If MDT 2008 detects the presence of this key, it assumes that the application is already installed and skips the installation of that application and any dependencies.
Edit an Application’s Details The details of an application can be edited. These details define the installation commands, restart option, and platform associated with the application. To edit the details of an application 1930.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1931.In the details pane, right-click the application to be edited, and then click Properties. 1932.On the Details tab, edit the following items as necessary, and then click OK: •
Application bundle.
•
Standard application. Specify the Quiet install command, the working directory relative to the distribution share, and the Uninstall registry key name.
•
Reboot the computer after installing this application.
•
This can run on any platform.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
•
13
This can run only on the specified client platforms. Specify the appropriate platforms by selecting the check boxes corresponding to the application.
Edit an Application’s Dependencies When installing an application, MDT 2008 checks the application's dependencies. MDT 2008 installs each application on which the current application is dependent prior to installing the current application. This is true regardless of whether dependent applications are selected and also regardless of rules in the MDT 2008 database or the CustomSettings.ini file. After MDT 2008 installs all dependent applications in the order specified, MDT 2008 installs the current application. To add dependencies to or remove dependencies from an application 1933.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1934.In the details pane, right-click the application to be edited, and then click Properties. 1935.Click the Dependencies tab, complete one of the following tasks, and then click OK: •
Add dependencies. Click Add, and select an application.
•
Remove dependencies. Select an application from the list, and click Remove.
•
Reorder dependencies. Select an application, and click Up or Down.
Note When adding dependencies, Deployment Workbench displays only those applications that have already been added to the distribution share. When reordering dependencies, MDT 2008 installs the dependent applications in the order specified in the Dependencies list.
Enable or Disable an Application Disabling an application prevents MDT 2008 from choosing it for installation. Disabling an application also prevents installation of an application. To enable or disable an application 1936.In the Deployment Workbench console tree, expand Distribution Share, and click Applications. 1937.In the details pane, right-click the application to enable or disable, and then click Properties. 1938.On the General tab, complete one of the following tasks, and then click OK: •
Enable an application. Select the Enable this application check box.
•
Disable an application. Clear the Enable this application check box.
Tip If an application was added that will be installed during the task sequence, disable the application by clearing the Enable this application check box. The application will still be installed during the task sequence, but it will not appear in the applications list.
Restart the Computer After Installing an Application To cause the computer to restart after application installation, complete the following steps: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1939.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1940.In the details pane, right-click the application for which the Windows Deployment Wizard must restart the computer after installation, and then click Properties. 1941.Click the Details tab; select the Reboot the computer after installing this application check box, and then click OK. Note Selecting this check box causes the Windows Deployment Wizard to restart the computer after installing the application, and then continue with the next step in the task sequence. CAUTION Do not allow the application to restart the computer. MDT 2008 must control restarts, or the task sequence will fail. For example, use the command REBOOT=REALLYSUPPRESS to prevent some Windows Installer–based applications from restarting. To prevent the 2007 Microsoft Office system from restarting the computer, add the property SETUP_REBOOT=NEVER to the Config.xml file or the M file created by using the Office Customization Tool.
Packages Use this feature to install Windows package files (including security updates, service packs, and language packs) on client computers from CAB or MSU files.
Add a Package To add operating system packages, including language packs and updates, to the distribution share, complete the following steps: 1942.In the Deployment Workbench console tree, expand Distribution Share, right-click OS Packages, and then click New to start the New Package Wizard. 1943.On the Specify Directory page, type the path containing the package files to be added to the distribution share, and then click Finish. Deployment Workbench adds all the packages it finds in the folder and its subfolders. After adding packages to the distribution share, they appear in the OS Packages details pane. In addition, the packages appear in the distribution share in the Packages folder.
Remove a Package To remove a package from the distribution share, complete the following steps: 1944.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1945.In the details pane, right-click the package to be removed, and then click Delete. 1946.Click Yes when prompted. Note When a package is deleted from Deployment Workbench, it is also removed from the Packages folder in the distribution share. In other words, removing a package from Deployment Workbench also removes it from the file system.
View a Package’s General Information To view the general information about a package in the distribution share, complete the following steps: 1947.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
15
1948.In the details pane, right-click the package to view, and then click Properties. 1949.Click the General tab; view the properties in Table 4, and then click OK to exit.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Table 4. Package Properties Property
Description
Package name
Name of the package
Type
Package type
Processor architecture Processor types available for installation by the package: x86, x64, ia64 Language
Languages of the package
Public key token
Public listing of the encryption key
Version
Package version
Product name
Products contained in the package
Product version
Version of the products contained in the package
Package path
Path to the package on the MDT 2008 server
Enable or Disable a Package To enable or disable a package on the distribution share, complete the following steps: 1950.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1951.In the details pane, right-click the package to enable or disable, and then click Properties. 1952.Click the General tab; complete one of the following tasks, and click OK: •
Enable the package. Select the Enable (approve) this package check box.
•
Disable the package. Clear the Enable (approve) this package check box.
Add a Package Group MDT 2008 allows PackageGroup functionality to be added. Package groups help to separate packages during installation. For instance, when multiple operating systems must be deployed and they use different packages or require different levels of updates or languages, assign packages to different groups. Assign the group to a particular operating system during deployment. To add a package group for association with OS Packages 1953.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1954.In the details pane, right-click the package to edit, click Properties, and then click the Groups tab. 1955.Click Add. 1956.Type the group name in the New Package Group dialog box, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
17
Change a Package Group Assignment To change a package group’s assignment, complete the following steps: 1957.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1958.In the details pane, right-click the package to edit, click Properties, and then click the Groups tab. 1959.Click Add. 1960.Type the group name in the New Package Group dialog box, and then click OK. For more information on: •
The PackageGroup property, see the section, “PackageGroup,” in the MDT 2008 document Toolkit Reference.
•
The LanguagePacks property, see the section, “LanguagePacks,” in the MDT 2008 document Toolkit Reference.
•
Customizing package groups, see the section, “OS Packages,” in the MDT 2008 document Deployment Customization Guide.
Out-of-Box Drivers Use this feature to install drivers on client computers that are not included in the Windows operating system image.
Add a Device Driver To add device drivers to the distribution share, complete the following steps: 1961.In the Deployment Workbench console tree, expand Distribution Share, right-click Out-of-Box Drivers, and then click New to start the New Driver Wizard. 1962.On the Specify Directory page, type or browse to the path containing the device drivers to be added to the distribution share using the Driver source directory text box. 1963.Select the driver group to assign the driver (defaults to All Drivers). 1964.Select or clear the Import drivers even if they are duplicates of an existing driver check box, and then click Finish. Deployment Workbench adds all the device drivers it finds in the folder and its subfolders. After adding device drivers to the distribution share, they appear in the Out-of-Box Drivers details pane. In addition, the device drivers appear in the distribution share in the Out-of-Box Drivers folder.
Remove a Device Driver To remove a device driver from the distribution share, complete the following steps: 1965.In the Deployment Workbench console tree, expand Distribution Share, and click Out-of-Box Drivers. 1966.In the details pane, right-click the device driver to remove, and then click Delete. 1967.Click Yes when prompted. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008 Note When a device driver is deleted from Deployment Workbench, it is also removed from the Out-of-Box Drivers folder in the distribution share. In other words, removing a device driver from Deployment Workbench also removes it from the file system.
View a Device Driver's General Information To view the general properties of a device driver, complete the following steps: 1968.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1969.In the details pane, right-click the device driver to view, and then click Properties. 1970.Click the General tab, view the properties listed in Table 5, and then click OK to close the window. Table 5. Device Driver Properties Property
Description
Driver name
Display name of the driver
Manufacturer
Manufacturer providing the driver
Version
Version of the driver
Driver date
Date the driver was created
Driver type (class)
Driver framework
INF path
Path to the .inf file relative to the MDT 2008 distribution share
Platforms
Platforms the driver supports (platforms include x86 and x64)
Supported OS versions
Operating systems the driver supports (supported operating systems include Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008)
Supported PnP IDs
Defines the address and IRQ of the device driver
Enable this driver
Enables or disables the device driver
Enable or Disable a Device Driver To enable and disable device drivers in the distribution share, complete the following steps: 1971.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1972.In the details pane, right-click the device driver to be enabled or disabled, and then click Properties. 1973.Click the General tab, complete one of the following tasks, and click OK: •
Enable the driver. Select the Enable this driver check box.
•
Disable the driver. Clear the Enable this driver check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
19
Change a Device Driver's Group Assignment Driver groups help resolve device-driver collisions during installation. For example, if two computer models contain a similar device that has the same Plug and Play ID but require original equipment manufacturer (OEM)–specific device drivers, assign each device driver to a different driver group. Then, assign the model-specific driver group to a particular computer model by using the make-and-model table in the MDT 2008 database. Doing so helps ensure that the correct device driver is used for each computer model. To change a device driver's group assignment 1974.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1975.In the details pane, right-click the device driver to edit, and then click Properties. 1976.Click the Groups tab, select the device drivers group to include the device driver, and then click OK. Note During deployment, choose which device driver groups to include in the installation by using rules in CustomSettings.ini or the MDT 2008 database. For more information about using device driver groups, see the DriverGroup property in the MDT 2008 document Toolkit Reference.
Add a Device Driver Group To add a device group for association with drivers, complete the following steps: 1977.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1978.In the details pane, right-click the device driver to edit, click Properties, and then click the Groups tab. 1979.Click Add. 1980.Type the group name in the New Driver Group dialog box, and then click OK.
Use Legacy $OEM$ Folders MDT 2008 supports using legacy $OEM$ folders to organize and copy supplemental files to the destination computer. However, when deploying Windows Vista or Windows Server 2008, using data WIM files is preferred over using $OEM$ folders. Note For more information about using data WIM files or $OEM$ folders with Windows Vista or Windows Server 2008, see the Windows Automated Installation Kit User’s Guide in the Windows AIK. For more information about using an $OEM$ folder with Windows XP or Windows Server 2003, see the Microsoft Windows Corporate Deployment Tools User’s Guide (Deploy.chm) and the Microsoft Windows Preinstallation Reference (Ref.chm), both of which are in the Deploy.cab file in the Support\Tools folder on the Windows media.
MDT 2008 looks in the following locations within the distribution share, in the order specified, to find an $OEM$ folder: •
Control\Build, where Build is the name or ID of the build that MDT 2008 is installing. Create $OEM$ folders in this location to create a custom folder for each build.
•
Operating Systems\Name, where Name is the name of the operating system MDT 2008 is installing. Create $OEM$ folders in this location to create a custom folder for each operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
•
Platform, where Platform is either x86 or x64. Create $OEM$ folders in this location to create a custom folder for each platform.
•
$OEM$, which is at the root of the distribution share and is the default $OEM$ folder if a folder is not found in the previous locations.
An $OEM$ folder contains supplemental files. The following list describes each folder that can be created within an $OEM$ folder to organize these files: •
$$. Windows Setup copies the contents of this folder to %SystemRoot% on each destination computer. It replicates all the folders, subfolders, and files that this folder contains in the %SystemRoot% folder of each destination computer. For Windows Setup to copy a file to %SystemRoot%\System32 on each destination computer, for example, put the file in $OEM$\$$\System32.
•
$1. Windows Setup copies the contents of this folder to %SystemDrive% on each destination computer. It replicates all the folders, subfolders, and files that this folder contains in the %SystemDrive% folder on each destination computer. This is typically drive C on most computers.
•
Drive. Drive is a drive letter (C, D, E, and so on). Windows Setup copies the contents of this folder to the root of the corresponding drive on each destination computer. It replicates all the folders, subfolders, and files that this folder contains in the corresponding drive during the setup process. For example, Windows Setup copies any files put in $OEM$\D to the root of drive D on each destination computer. Microsoft recommends that these folders not be used. The folders rely on a very specific disk configuration on the destination computer. Use $1 to represent %SystemDrive% instead. In most installations, $OEM$\$1 and $OEM$\C write to the same location: the root of drive C.
•
TEXTMODE. For Windows XP and Windows Server 2003, this folder contains hardware-specific files that Windows Setup and text-mode setup install on the destination computer during the text-mode phase of the installation process. These files may include OEM hardware abstraction layers (HALs), mass-storage device drivers, and the Txtsetup.oem file. The Txtsetup.oem file describes how to load and install these files. List these files in the [OemBootFiles] section of the answer file.
Task Sequences Use this feature to run a sequence of tasks after installing an operating system image.
Create Task Sequences To create a new task sequence, complete the following steps: 1981.In the Deployment Workbench console tree, right-click Task Sequences, and then click New to start the New Task Sequence Wizard. 1982.On the General Settings page, provide the following information, and then click Next: •
Task sequence ID. Type the unique ID for the task sequence.
•
Task sequence name. Type the descriptive name for the task sequence.
•
Task sequence comments. Type the necessary comments to help identify the properties of the task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
21
Tip Although a task sequence’s name and comments can be changed later, a task sequence’s ID cannot. Before creating task sequences, create a naming scheme to use in creating task sequence IDs that will provide meaningful information about each task sequence. An example naming scheme is Version-Edition-Level-Label, where Version is the operating system version (win2003, win2007), Edition is the operating system edition (Enterprise, Standard, Ultimate), Level is the service pack level (SP1, SP2), and Label is a descriptive label that identifies the customizations. Bear in mind the limit is 16 characters for the name.
1983.On the Select Template page, choose one of the templates listed in Table 6, and then click Next. Table 6. Task Sequence Templates Template
Description
Standard Client Task Sequence
Select this option to create the default task sequence for deploying operating system images to client computers, including desktop and portable computers.
Standard Client Replace Select this option to back up the system entirely, back up Task Sequence the user state, and wipe the disk. Custom Task Sequence
Select this option to create a customized task sequence that does not install an operating system.
Standard Server Task Sequence
Select this option to create the default task sequence for deploying operating system images to server computers.
Litetouch OEM Task Sequence
Select this option to pre-load operating systems images on computers in a staging environment prior to deploying the target computers in the production environment (typically by a computer OEM).
Note Litetouch OEM Task Sequence should only be selected when performing deployments by using a Removable media (MEDIA) deployment point type. Although the Litetouch OEM Task Sequence template can be selected from other deployment point types, the task sequence will not finish successfully.
1984.On the Select OS page, choose an operating system image to install with this task sequence, and then click Next. Note
Only the operating system images added to Operating Systems earlier are visible.
1985.On the Specify Product Key page, perform one of the following tasks, and then click Next: •
Use the specified product key. Type the product key in the Product Key box.
•
Do not use a product key when installing. Select Do not use a product key when installing.
Note For more information about volume activation and product keys in MDT 2008, see Windows Vista Volume Activation 2.0 Technical Guidance at http://go.microsoft.com/fwlink/?LinkID=75674. That documentation describes when a product key is necessary. Generally, volume license customers using a Key Management Service (KMS) host for activation (which requires 25 Windows Vista or five Windows Server 2008 computers) should select the Do not use a product key when installing option. Customers deploying Windows Vista or Windows Server 2003 or using Multiple Activation Keys (MAKs) should select the Use the specified product key option, and then type a product key in the Product Key box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
1986.On the OS Settings page, provide the following information, and then click Next: •
Full Name. The owner name for the task sequence
•
Organization. The name of the organization
•
Internet Explorer Home Page. The URL for the default Windows Internet Explorer® home page
1987.On the Admin Password page, select one of the following options, and then click Finish to complete the wizard: •
Use the specified local Administrator password. This selection prompts for the administrative password for the package and to confirm the password to complete the task.
•
Do not specify an Administrator password at this time. Choose this option if the administrative password will be configured during the deployment process.
After adding a task sequence to the distribution share, it appears in the Task Sequences details pane. In addition, it appears in the distribution share in Control\subfolder, where subfolder is the task sequence ID. Deployment Workbench stores metadata about each task sequence in TaskSequences.xml, which also resides in the distribution share’s Control folder.
Remove a Task Sequence To remove a task sequence from Deployment Workbench, complete the following steps: 1988.In the Deployment Workbench console tree, click Task Sequences. 1989.In the details pane, right-click the task sequence to be removed, and then click Delete. 1990.Select Yes when prompted.
Edit a Task Sequence’s General Information To edit the general information of a task sequence in Deployment Workbench, complete the following steps: 1991.In the Deployment Workbench console tree, click Task Sequences. 1992.In the details pane, right-click the task sequence to edit, and then click Properties. 1993.Click the General tab, and edit the elements listed in Table 7 as necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
23
Table 7. General Task Sequence Information Property
Description
Task sequence ID
Cannot be edited; set when the task sequence is edited
Task sequence name
Name to associate with the task sequence
Task sequence version
Version label to associate with the task sequence
Comments
Section in which to comment about the current package
This can run on any platform
Tells MDT 2008 that this task sequence will run on any platform
This can run only on the specified client platforms
Indicates that the task sequence will be applicable/available only for the platform(s) selected from the list
Hide this task sequence in the Deployment Wizard
Removes the ability to select the specified task sequence in the Deployment Wizard
Enable this task sequence
Enables or disables the task sequence
1994.Click OK to complete the task.
Enable or Disable a Task Sequence To enable or disable a task sequence in Deployment Workbench, complete the following steps: 1995.In the Deployment Workbench console tree, click Task Sequences. 1996.In the details pane, right-click the task sequence to be enabled or disabled, and then click Properties. 1997.Click the General tab, complete one of the following tasks, and then click OK: •
Enable the task sequence. Select the Enable this task sequence check box.
•
Disable the task sequence. Clear the Enable this task sequence check box.
Define a Task Sequence To define a task sequence in Deployment Workbench, complete the following steps: 1998.In the Deployment Workbench console tree, click Task Sequences. 1999.In the details pane, right-click the task sequence to be edited, and then click Properties. 2000.Click the Task Sequence tab, and expand the deployment phases and conditions to configure the different tasks that will be run. Use the Add, Remove, Up, and Down buttons to configure the tasks within a phase. 2001.Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Edit the Unattended Setup Answer File Associated with the Task Sequence There are two options in the current release of MDT 2008. When editing Unattend.xml for Windows Vista or Windows Server 2008, use Windows System Image Manager (Windows SIM) to edit the file. When editing the Unattend.txt file for Windows XP or Windows Server 2003, use Microsoft Notepad to edit the file. Note For more information about Unattend.xml and Windows SIM, see the Windows Automated Installation Kit User’s Guide in the Windows AIK. For more information about Sysprep.inf and Unattend.txt, see the Microsoft Windows Corporate Deployment Tools User’s Guide (Deploy.chm) and the Microsoft Windows Preinstallation Reference (Ref.chm), both of which are in the Deploy.cab file in the Support\Tools folder on the Windows installation media.
Select the Packages Groups for a Task Sequence For each task sequence created in Deployment Workbench, select a packages group to be deployed with the task sequence. A package group is a logical grouping of one or more packages defined in the OS Packages node in Deployment Workbench. When the package group is selected for a task sequence, the packages are automatically copied to the deployment point and are available to the MDT 2008 scripts. The packages reside in the distribution_point\OS Packages\driver folder (where distribution_point is the name of the folder that is the root of the distribution point and driver is the name of the driver listed in Deployment Workbench). To select the package group for a task sequence 2002.Start Deployment Workbench. 2003.In the console tree, expand Distribution Share, and then click Task sequences. 2004.In the details pane, right-click task_sequence_id (where task_sequence_id is the ID of the task sequence for which to select a package group), and then click Properties. 2005.In the task_sequence_id Properties dialog box, on the Task Sequence tab, locate the Apply Patches task sequence step; and on the Properties tab, in Package group, select package_group (where task_sequence_id is the ID of the task sequence selected and package_group is the name of the packages group to deploy). Click OK. 2006.Repeat steps 3 and 4 for each Apply Patches task sequence step in the task sequence. Note To deploy all packages with a task sequence, in the Package group box, click All Packages.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
25
Deployment Points Deployment points define the shares that clients connect to when retrieving the operating system image, applications, drivers, and other deployment components. Table 8 describes the types of deployment points that MDT 2008 offers to deploy task sequences. Table 8. Deployment Point Types Selection
Description
Lab or single-server deployment
The distribution share located on the local machine
Separate deployment share
A deployment share on the local machine or another computer containing a subset of the files contained on the local distribution share
Removable media
A directory of the files or International Organization for Standardization (ISO) image needed for deployment from removable media (DVD, USB disks, USB flash drive [UFD])
SMS 2003 OSD
A directory containing the files needed for customizing a Microsoft Systems Management Server (SMS) 2003 Operating System Deployment (OSD) Feature Pack program
Note When using a MEDIA deployment point, Windows AIK version 1.0 has a 4 gigabyte (GB) size limitation. Windows AIK version 1.1 (for use with Windows Vista with SP1) removed this limitation, allowing for a MEDIA deployment point greater than 4 GB.
Create the Deployment Point Always create a LAB deployment point in Deployment Workbench. Additionally, use LAB deployment points to build and capture LTI images. To create a LAB deployment point 2007.In the Deployment Workbench console tree, expand Deploy, right-click Deployment Points, and then click New to start the New Deployment Point Wizard. 2008.On the Choose Type page, select Lab or single-server deployment, and then click Next. 2009.On the Specify Deployment Point Name page, type a name for the deployment point, and then click Next. 2010.On the Application List page, perform one of the following tasks, and then click Next: •
Allow users to select additional applications or upgrades. Select the Allow users to select additional applications on upgrade check box.
•
Do not allow users to select additional applications or upgrades. Clear the Allow users to select additional applications on upgrade check box.
2011.On the Allow Image Capture page, select the Ask if an image should be captured check box, and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
2012.On the Allow Admin Password page, select the check box to allow users to set the local Administrator password during installation (if necessary), and then click Next. 2013.On the Allow Product Key page, select the check box to allow users to specify a product key during installation (if necessary), and then click Next. 2014.On the Network Share page, type a name for the share, and then click Next. Note The default name is Folder$, where Folder is the name of the folder containing the distribution share. The dollar sign ($) hides the share in the network browser list.
2015.On the Configure User State page, choose from the selections in Table 9, and then click Finish. Table 9. User State Selections Selection
Description
Automatically determine the location on the Network
Browses the local network to determine the location for storing the user-state data
Automatically determine the location on the Local System
Browses the local system to determine the location for storing the user-state data
Specify a location
Allows manual specification of the location in which to save user-state data
Do not save data and settings
Discards all user-state settings and data
Customize the Deployment Point To configure a deployment point, complete the following steps: 2016.In the Deployment Workbench console tree, expand Deploy, and click Deployment Points. 2017.In the details pane, right-click the deployment point to edit, and then click Properties. 2018.Click the General tab, and then edit the settings found in Table 10. Note
The settings available for editing depend on the type of deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
27
Table 10. Deployment Point Properties Property
Description
Deploy point name
Name associated with the deployment point
Type
Type of deployment point: Lab or single server deployment, Separate deployment share, Removable media, or SMS 2003 OSD
Network path
Universal Naming Convention (UNC) path location to the deployment point
Local path
Local path to the deployment point on the MDT 2008 server
Platform supported
x86 or x64
Enable multicast for this deployment point
Enables multicast broadcasts of Windows Preinstallation Environment (Windows PE) images and operating system images using Windows Deployment Services
Note Lab or Single Server and NETWORK deployment points are the only deployment point types that support multicast. For more information on multicasting, refer to the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document Preparing for LTI Tools. Note The multicast features of MDT 2008 are available using Windows Deployment Services in Windows Server 2008.
2019.Click the Rules tab, and then edit the deployment point’s settings. Note These settings reside in CustomSettings.ini, which is in the deployment point’s Control folder. For more information about the settings that can be configured on this tab, see the MDT 2008 document Toolkit Reference.
2020.Click the Edit Bootstap.ini button to customize the Bootstrap.ini file, and edit the appropriate information. 2021.Click the Windows PE tab, edit the settings described in Table 11, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Table 11. Windows PE Settings Area
Settings
Images to Generate
•
Generate a Lite Touch flat bootable ISO image. Select this option to generate flat bootable ISO images.
•
Generate a Lite Touch bootable RAM disk ISO image. Select this option to generate ISO images that start from RAM disk.
•
Generate a generic flat bootable ISO image. Select this option to generate a generic Windows PE flat bootable image that does not contain MDT 2008.
•
Generate a generic bootable RAM disk ISO image. Select this option to generate a generic Windows PE bootable image that starts from RAM disk and does not contain MDT 2008. Note Deployment Workbench always generates .wim image files containing Windows PE. These files reside in the distribution share’s Boot folder.
Optional Components
•
Optional Fonts
Select the font support to add to the Windows PE boot images that Deployment Workbench generates. Add these fonts when performing an LTI deployment of Windows Server 2008 images when the setup files are Japanese, Korean, or Chinese. The Optional Fonts area provides the following options:
ADO. Select this option to add the Microsoft ActiveX® Data Objects (ADO) optional component to the Windows PE bootable images.
•
Chinese (ZH-CN)
•
Chinese (ZH-HK)
•
Chinese (ZH-TW)
•
Japanese (JA-JP)
•
Korean (KO-KR)
Note Adding additional fonts to Windows PE boot images increases the size of the images. Add fonts only if necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
29
Area
Settings
Driver Injection
In the Driver group list, select the driver group from which MDT 2008 should select device drivers. The default group is All Drivers. Then, select any of the following options:
Windows PE Customizations
•
Include all network drivers in the selected group. Select this option to inject all network drivers found in the distribution share into the Windows PE bootable images.
•
Include all mass storage drivers in the selected group. Select this option to inject all mass storage drivers found in the distribution share into the Windows PE bootable images.
•
Include all video drivers in the selected group. Select this option to inject all video drivers found in the distribution share into the Windows PE bootable images.
•
Include all system-class drivers in the selected group. Select this option to inject all system drivers (motherboard drivers, and so on) in the distribution share into the Windows PE bootable images.
•
Custom background bitmap file. Type the path and file name of a bitmap file to use as the Windows PE background.
•
Extra directory to add. Type the path of a folder containing extra files and subfolders to add to the Windows PE bootable images.
Tip Deployment Workbench always generates .wim image files, which can be used to start destination computers using Windows Deployment Services. Choose to generate only the Windows PE bootable ISO images that are required. Limiting the number of images generated accelerates the updating process.
Update the Deployment Point After creating and configuring a deployment point in Deployment Workbench, update it to create it on the file system. Updating a deployment point creates the folder structure, Windows PE boot images, and so on. Updating a LAB deployment point shares the distribution share and creates the Windows PE boot images (WIM and ISO files) necessary to start the LTI deployment process from the share. Deployment Workbench uses the Windows AIK software development kit (SDK) to create images. Version 1.1 of the Windows AIK includes changes in the servicing stack for Windows Vista and Windows Server 2008. As a result of these changes, Deployment Workbench cannot create catalog files for some Windows images of different architecture types.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
The following list describes the architecture types running Deployment Workbench and catalogs that can be created for each architecture: •
Deployment Workbench running on x86. Can create catalogs for x86 and x64 Windows images
•
Deployment Workbench running on x64. Can create catalogs only for x64 Windows images
To update a deployment point 2022.In the Deployment Workbench console tree, expand Deploy, and then click Deployment Points. 2023. In the details pane, right-click the deployment point to edit, and then click Update. Note Deployment Workbench can update a deployment point without generating new Windows PE boot images. To update the BootStrap.ini and CustomSettings.ini files without creating new Windows PE boot images, right-click the deployment point to update in the Deployment Points details pane, and then click Update (files only).
Create a Bootable USB Flash Drive In a lab environment, when developing operating system images, starting destination computers by using a UFD is often quicker and easier than starting computers by using Windows Deployment Services or CDs. The destination computer must support booting from UFD (as do most recent models). To create a bootable UFD 2024.On a computer running Windows Vista or Windows Server 2008, insert the UFD. 2025.Run Diskpart.exe, and type the command list disk to determine the disk number associated with the UFD. 2026.Input the following commands, where N is the disk number identified in the previous step: •
select disk N
•
clean
•
create partition primary
•
select partition 1
•
active
•
format fs=fat32
•
assign
•
exit
2027.Burn the ISO file to a CD, and then copy its contents to the UFD by using the command xcopy d:\*.* e:\*.* /s /e /f, where d is the driver letter of the CD and e is the drive letter of the UFD. Alternatively, mount the ISO file using a virtual CD program, and then copy its contents to the UFD by using the same command. 2028.Copy the contents of LiteTouchPE_x86.iso to the UFD device.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea te a Co mpute r I ma ge Creating an image is essentially an LTI deployment process (containing applications, language packs, and so on), which ends by capturing an image of the destination computer in the lab. The following list outlines the overall process for using Deployment Workbench to create and capture operating system images: 2029.Prepare the distribution share by storing operating system source files, applications, out-of-box device drivers, and packages in it. The section, “Populate the Distribution Share,” in this guide describes this process. 2030.Create and configure a task sequence. A task sequence describes how to install and configure an operating system. The section, “Create Task Sequences,” earlier in this guide describes this process. 2031.Create and configure a LAB deployment point, which contains the settings necessary to connect to the distribution share and install a task sequence from it. 2032.Update the deployment point to create Windows PE images that automatically connect to the LAB deployment point, and then begin installation. 2033.Start the destination computer using the Windows PE image created in the previous step. Then, install a task sequence from the distribution share. During the initial interview, the Windows Deployment Wizard asks whether to create a custom image after LTI deployment is complete. After capturing the custom image, add the image to the distribution share as a custom operating system image. Note Capturing an image for Zero Touch Installation (ZTI) deployment is different than capturing an image for LTI.
Capture an Image for LTI To capture an image of a task sequence, create a LAB deployment point that is configured to capture an image. On the Specify whether to prompt for image capture page of the Deployment Point Wizard, select the Ask if an image should be captured check box.
Prepare the Image for Capture To capture an image, start a lab computer using the Windows PE bootable image generated by updating the deployment point. Start the Windows PE bootable image in either of two ways. First, burn to a DVD the .iso images that MDT 2008 generates when a deployment point is updated. These ISO image files reside in the \Boot folder of the distribution share. Optionally, copy the contents of the image to a UFD, as described in the section, “Update the Deployment Point,” in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment
Second, add the LiteTouchPE_x86.wim or LiteTouchPE_x64.wim image file to the Boot Images item of a Windows Deployment Services server. The .wim image files reside in the \Boot folder of the distribution share. For more information about adding boot images to a server, see the MDT 2008 document Preparing for LTI Tools. Note This section describes how to capture an image for LTI. Capturing an image for ZTI is different than capturing an image for LTI. For more information, see the section, “Capture an Image for Systems Management Server,” in this guide.
To install a task sequence and capture an image of it after starting the lab computer using the Windows PE image 2034.In the Welcome to Windows Deployment dialog box, click Run the Deployment Wizard. 2035.Click Next. 2036.In the User Credentials dialog box, type the credentials (user name, domain, and password) necessary to connect to the distribution share, and then click OK. The Windows Deployment Wizard starts automatically. 2037.On the Select a task sequence to execute on this computer page, choose one of the available task sequences, and then click Next. 2038.On the Configure the computer name page, type a computer name or accept the default, and then click Next. 2039.On the Join the computer to a domain or workgroup page, which starts automatically, click Join a workgroup. In the Workgroup box, type a workgroup name or accept the default. 2040.Click Next. Note If Join a workgroup is not selected, the Windows Deployment Wizard does not prompt to capture an image.
2041.On the Specify the product key needed to install the operating system page, perform one of the following tasks, and then click Next: •
If building a Windows Server 2003 image, type the volume license key in the Product key box.
•
If building a Windows Server 2008 image, select No product key is required.
2042.If building a Windows Vista or Windows Server 2008 image, on the Locale Selection page, perform the following tasks, and then click Next: •
In the What is your Locale list, click a locale.
•
In the Keyboard list, click a keyboard layout.
2043.On the Set the Time Zone page, select a time zone from the list, and then click Next. 2044.On the Select one or more applications to install page, select the applications to install on the image, and then click Next. 2045.On the Administrator Password page, type the password to use for the local Administrator account, confirm it, and then click Next. 2046.On the Specify whether to capture an image page, select Capture an image of this reference computer; then, in the Location box, type the UNC path of the folder in which to store the image. In the File name box, type the file name of the image, and then click Next. The default UNC path is the Captures folder of the distribution share; the name of the default image corresponds to the ID of the task sequence being installed. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Test Feature Team Guide: Appendix
33
2047.On the Ready to begin page, click Begin. After clicking Begin, the Task Sequencer begins running the task sequence. By default, it begins by partitioning and formatting the hard disk. Then, it installs and configures the operating system, runs Sysprep to prepare the computer for imaging, and restarts the computer in Windows PE to capture the image. MDT 2008 stores the captured image in the folder specified on the Specify whether to capture an image page, which by default is the distribution share’s Captures folder.
Add a Custom Image to the Distribution Share To add a captured image as an operating system, complete the following steps: 2048.In the Deployment Workbench console tree, expand Distribution Share. Right-click Operating Systems, and then click New to start the New OS Wizard. 2049.On the OS Type page, select Custom image file, and then click Next. 2050.On the Image page, type the path and file name of the .wim image file, and then click Next. 2051.On the Setup page, choose one of the options listed in Table 12, and click Next. Table 12. Operating System Setup File Specifications Selection
Description
Setup and Sysprep files are not needed
Click to add the image to the distribution share without copying operating system setup or Sysprep files.
Copy Windows Vista setup files from the specified path
Click to copy the Windows Setup files from a specific path; then, type the path from which to copy the setup files in the Setup source directory box. Adding these files is not necessary if they are already available in another operating system contained in the distribution share. The version of these files must match the version of the operating system image.
Copy Windows XP Sysprep files from the specified path
Click to copy the Windows Server 2003 Sysprep files from a specified path or Deploy.cab file; then, type the path of the folder or Deploy.cab containing the files in the Sysprep directory box. Adding these files is not necessary if the operating system image will not be used to capture a new custom image. The version of these files must match the version of the operating system image.
2052.On the Destination page, type the name of the operating system folder to create in the distribution share, and click Finish. Note Deployment Workbench uses this name to create a folder for the operating system in the distribution share’s Operating Systems folder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment
Capture an Image for Systems Management Server Capturing a disk image for deployment by using Systems Management Server is similar to the process that the section, “Capture an Image for LTI,” in this guide describes, with minor differences. This section describes how to capture an image by using the Systems Management Server 2003 Image Capture Wizard. MDT 2008 requires the SMS 2003 OSD Feature Pack Update in order to be able to support Windows Vista, Windows Server 2008, and 64-bit operating system deployments. This update supports the newly released WIM version 1.0. In addition, this update requires Systems Management Server with SP2. For more information about this update, see SMS 2003 OSD Feature Pack Update at http://technet.microsoft.com/enus/sms/bb676770.aspx. Note Images created using earlier versions of the SMS 2003 OSD Feature Pack were made using WIM version 0.9 and cannot be used with Deployment Workbench in MDT 2008. New images must be created using WIM version 1.0 to use with Deployment Workbench after installing the SMS 2003 OSD Feature Pack Update.
Create an Image Capture CD Rather than using the Windows Deployment Wizard to capture the image, use the Systems Management Server 2003 Image Capture Wizard. To create an image capture CD 2053.From SMS Administrator Console, right-click Image Packages. Point to All Tasks, and then select Create Operating System Image Capture CD. 2054.On the Operating System Image Capture CD Wizard Welcome page, click Next. 2055.On the Windows PE settings page, select the following item, and then click Next: •
Include additional network drivers from this location. Select the check box, and then type the path to any additional network drivers required in the environment.
2056.On the Create CD image page, type the path and file name of the ISO file to create, and then click Next.
Prepare the Image for Capture To prepare an image for the Systems Management Server Image Capture Wizard, start a lab computer using the Windows PE bootable image generated by updating the LAB deployment point. Start the Windows PE bootable images in either of two ways. First, burn the ISO images that MDT 2008 generates when a deployment point is updated to a DVD. These ISO image files reside in the \Boot folder of the distribution share. Optionally, copy the contents of the image to a UFD, as described in the section, “Update the Deployment Point,” in this guide. Second, add the LiteTouchPE_x86.wim or LiteTouchPE_x64.wim image file to the Boot Images item of a Windows Deployment Services server. The .wim image files reside in the \Boot folder of the distribution share.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Test Feature Team Guide: Appendix
35
To install a task sequence and capture an image of it after starting the lab computer using the Windows PE image 2057.In the Welcome to Windows Deployment dialog box, click Run the Deployment Wizard, and then click Next. 2058.In the User Credentials dialog box, type the credentials (user name, domain, and password) necessary to connect to the distribution share, and then click OK. The Windows Deployment Wizard starts automatically. 2059.On the Select a task sequence to execute on this computer page, choose one of the available task sequences, and then click Next. 2060.On the Configure the computer name page, type a computer name or accept the default, and then click Next. 2061.On the Join the computer to a domain or workgroup page, which starts automatically, click Join a workgroup. In the Workgroup box, type a workgroup name or accept the default, and click Next. Note If Join a workgroup is not selected, the Windows Deployment Wizard does not prompt to capture an image.
2062.On the Specify the product key needed to install the operating system page, perform one of the following tasks, and click Next: •
Windows Server 2003 image. Type the volume license key in the Product key box.
•
Windows Server 2008 image. Select No product key is required.
2063.If building a Windows Vista or Windows Server 2008 image, on the Locale Selection page, perform the following tasks, and then click Next: •
In the What is your Locale list, click a locale.
•
In the Keyboard list, click a keyboard layout.
•
On the Set the Time Zone page, select a time zone from the list.
2064.On the Select one or more applications to install page, select the applications to install on the image, and click Next. 2065.On the Administrator Password page, type the password to use for the local Administrator account, confirm it, and click Next. 2066.In the Specify whether to capture an image page, select Prepare to capture the machine, and click Next. This causes the Windows Deployment Wizard to copy Sysprep and its related files to the destination computer without running Sysprep. Note This option can be configured in CustomSettings.ini: Set the property DoCapture to PREPARE. In addition, set SkipCapture to YES. Doing so automatically prepares the installation for image capture while skipping this page.
2067.On the Ready to begin page, click Begin. After clicking Begin, the Task Sequencer begins running the task sequence. By default, it begins by partitioning and formatting the hard disk. Then, it installs and configures the operating system. The task sequence does not run Sysprep, however, and it does not capture an image file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment
Capture the Image Prior to using the Systems Management Server Image Capture Wizard to prepare and capture an image of the lab computer, make sure the computer is configured to boot from the CD drive. To capture an image of the lab computer using the image capture CD 2068.On the lab computer running the installed build, insert the image capture CD created as described in the section, “Create an Image Capture CD.” 2069.On the Welcome page of the Systems Management Server 2003 Image Capture Wizard, click Next. 2070.On the Image Destination page, type the name of the WIM file in the Image file name box, complete the following, and then click Next: •
In the Network location box, type the UNC path in which to store the image file. For MDT 2008, type \\server\Distribution$\Captures, where server is the name of the server containing the distribution share.
•
In the Account name box, type the name of an account that has Write permission to the network location. Specify the account using the format Domain\User.
•
In the Password box, type the password for the account.
2071.On the Sysprep information page, do the following, and then click Next: •
In the Local Administrator’s Password box, type the password for the local Administrator account.
•
In the Confirm Password box, confirm the password for the local Administrator account.
•
In the Sysprep Parameters box, edit the Sysprep command-line options, if necessary.
2072.In the Image Properties dialog box, provide any comments, version information, and developer information as necessary, and click Next. 2073.Click Finish. The Systems Management Server 2003 Image Capture Wizard runs Sysprep, and then shuts down the computer. 2074.Turn on the computer, and start the computer using the image capture CD. If prompted to press a key to boot from the CD, press any key. The Systems Management Server 2003 Image Capture Wizard captures an image of the lab computer with no interaction.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Us ing T his Gu ide This guide describes the process of packaging applications for deployment in Lite Touch Installation (LTI) and Zero Touch Installation (ZTI) deployment scenarios using Microsoft® Deployment Toolkit (MDT) 2008. MDT 2008 is the next version of Business Desktop Deployment (BDD) 2007. Learn how to install applications using MDT 2008 and how to prepare applications for deployment using software repackaging tools. Use the examples provided in this guide as a basis for application preparation. Research the list of references provided to get detailed information on repackaging methodologies using various installer technologies. Note In this document, Windows applies to Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2003, and Windows Server 2008 unless otherwise noted.
Application Installation Overview For application automation to function effectively with MDT 2008, applications must be installable without user interaction. Typically, this is accomplished by using each application’s silent installation option. Applications using Windows Installer, for instance, often use the /passive or /quiet command option for unattended installation. Command options vary depending on the installer. Some command options are provided in this guide, but always check the installer reference documentation for a complete listing of command options.
How MDT 2008 Installs Applications MDT 2008 uses options and settings stored in the MDT 2008 configuration database or in the CustomSettings.ini configuration file. These settings control many aspects of MDT 2008 operation and also provide commands for application installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppl ic ation D ep lo yment wit h MDT 2008 MDT 2008 can install applications in several scenarios. Each scenario has its own unique challenges and requires different planning. Use this section to develop an understanding of each scenario and to gain an overview understanding of application-installation methodologies.
Lite Touch Deployment LTI deployments use the Microsoft System Center Configuration Manager 2007 Task Sequencer to manage deployments, basically by executing the application’s silent installation command. This section describes how to add applications to the task sequence by using the Applications list in Deployment Workbench, by inserting custom tasks in the task sequence, or by listing the application in one or more areas of the MDT 2008 database.
The System Center Configuration Manager Task Sequencer BDD 2007 for Windows Vista and the 2007 Microsoft Office system introduced a preproduction version of the System Center Configuration Manager Task Sequencer to automate deployment processing. This tool has been updated for MDT 2008; the latest Task Sequencer offers additional options. The task sequence is maintained using Deployment Workbench. Administrators can add, modify, reorder, and remove tasks from the task sequence. In addition, they can filter tasks based on Windows Management Instrumentation (WMI) criteria to further customize the sequence for varying system platforms. To maintain the task sequence in MDT 2008 1. In the Configuration Manager console, expand Site Database, expand Computer Management, expand Operating System Deployment, and then click Task Sequences. 2. In the Task Sequences pane, select the task sequence to modify. 3. In the Actions pane, click Edit. 4. Click to select the task to modify. 5. On the Properties tab, change the parameters for the task as necessary (for example, modify the commands for the task, change properties for the task). 6. On the Options tab, modify properties as required for the task (for example, type success codes that will appear in log entries, add conditions to be evaluated when this task runs). 7. When satisfied with the changes, click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
3
The Applications List When building the MDT 2008 deployment point, import applications into the deployment point using the Applications list in Deployment Workbench. Import applications directly into the deployment point itself or call them from shared folders on a network file server at installation time. The Applications list maintains references to each application. Team members can install multiple applications and group them as a single application bundle by using a combination of the application-deployment steps here and the application publishing and advertising procedures described in the MDT 2008 document, Workbench Image Guide. Note When installing applications using the Applications list, it is important to note that all applications on the list will be installed in the order they were imported into the list. If some applications are dependent on others, ensure that they are added to the list before the dependent applications.
To add an application to the Applications list 1. In Deployment Workbench, expand Distribution Share, and then select Applications. 2. In the Actions pane, click New to begin importing the new application. The New Application Wizard displays the Application Type page. 3. Select the appropriate response, and then click Next. (Applications without source files skip steps 5 and 6 regarding location and destination.) •
Application with source files. Copies source files for an application into the deployment point.
•
Applications without source files or elsewhere on the network. Uses application files where they are or specifies an installation script.
4. On the Details page, type any detailed information that will help manage this application, and then click Next. Keep in mind that some applications may have similar names, and the extra information may help to prevent confusion. 5. On the Source page, type or browse to a source directory for this application. Select Move the files to the distribution share instead of copying. Click Next to proceed to the next page. 6. On the Destination page, type a name for the application folder in the deployment point, and then click Next. 7. Use the Command Details page to type the silent commands for the application. On Working Directory, type the folder to be used as the working directory for the application. Click Finish to begin the import process. To assign dependencies for an application 1. In Deployment Workbench, expand Distribution Share, and then click Applications. 2. Right-click the application to be modified, and then click Properties. 3. Click the Dependencies tab. 4. Click Add, and then select the dependency from the list of available applications. Repeat this step as necessary if there are multiple dependencies. Note The applications must already be added to the Applications node of the distribution share to be available for this operation.
5.
Adjust the installation order of the dependencies by using the Up and Down buttons.
6. Click OK when finished. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Another way to install required applications regardless of whether they are listed in the LTI Wizard is to modify the CS.ini file. In this file, modify the MandatoryApplications property to include the globally unique identifier (GUID) of each mandatory application. Each entry is numbered to maintain uniqueness—for example: MandatoryApplications1=GUID of application1 MandatoryApplications2=GUID of application2 To obtain the GUIDs for the applications, examine the Applications.xml file, located in the Distribution\Control folder. To install multiple mandatory applications 1. In Deployment Workbench, expand Distribution Share, and then click Task Sequences. 2. Select the task sequence to be modified, and then in the Actions pane, click Properties. 3. Click the Task Sequence tab. 4. Expand State Restore, and then click Install Applications. 5. On the Properties tab, click Install multiple applications. Doing so instructs the task sequence to install all mandatory applications as configured in the CS.ini file and optional applications configured through rules or by using the Windows Deployment Wizard. 6. Click OK. To install a single application 1. In Deployment Workbench, expand the Distribution Share, and then click Task Sequences. 2. Select the task sequence to be modified, and then in the Actions pane, click Properties. 3. Click the Task Sequence tab. 4. Expand State Restore, and then click Install Applications. 5. On the Properties tab, click Install a single application. 6. In Application to install, select the application to install. 7. Click OK.
Custom Tasks At times, it may be helpful to have tighter control over application installation. By using custom tasks in an MDT 2008 task sequence, administrators can control how an application is installed. Administrators can reorder the steps in a task sequence in any way necessary, allowing for easy management of applications with strict installation orders. In addition, if deploying software updates to Windows XP or Windows Server 2003 during deployment, they must be installed as applications and will definitely benefit from tight control of the installation sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
5
To add an application as a custom task 1. In Deployment Workbench, expand Distribution Share, and then click Task Sequences. 2. Click a task sequence to select it. In the Actions pane, click Properties, or right-click the task sequence and select Properties. 3. Click the Task Sequence tab in the Properties dialog box. Navigate to the appropriate section of the task sequence, and then click Add to insert a new task. 4. Click Add to display a menu from which you can select applications added using the Applications list. Otherwise, select Task to insert a new custom task. Note Some users disable the Install Applications step in the task sequence and add all applications manually using the task sequence controls. The benefits of this approach are being able to use the Applications list to manage commands and the ability to easily select and insert applications into the task sequence in any order necessary. This simplifies management of a large number of applications.
5. On the Properties tab for the new task, type a name, description, and commands for the application. Type the application’s source directory for the value of Start in. Abbreviate this value for applications already stored in the deployment point—for example, ./Applications/Adobe Acrobat Reader. 6. On the Options tab, type any options associated with the application. Examples include exit codes that signal a successful installation (called success codes here) and criteria to control whether the application is selected for installation (using If...then logic). 7. Click Apply to accept the new task settings. When adding an application as an installation task within a deployment task, the application is installed without having to select the application in the Windows Deployment Wizard.
The MDT 2008 Database The MDT 2008 database is a collection of tables that administrators can use to simplify complex deployment tasks. By typing criteria such as machine type or operating system, administrators can manage individualized settings to cover a large number of deployment variables. As a deployment progresses, the ZTIGather.wsf script retrieves attributes from the system that can be used to match settings in the MDT 2008 database. These settings can include custom configuration options such as System Name, Time Zone, and even the list of applications that are to be installed. Applications added to the database are called when their database entry meets criteria collected by ZTIGather.wsf. They are installed in the order that they appear in the Applications list in the database record.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
To create a new database 1. In Deployment Workbench, expand Deploy, and then click Database. 2. In the Actions pane, click New. 3. On the SQL Server Details page, provide the connection information for the instance of Microsoft SQL Server® that will host the database. The required information is the name of the computer running SQL Server (or IP address) and the type of connection to use. Click Next. 4. On the Database page, select the action to perform. Select Create a new database, and then type the name to use for the new database. You can also use an existing database and recreate the MDT 2008 tables, or select the option to use an existing database that already contains the necessary tables and views. Click Next. 5. On the SQL Share page, in SQL Share, type the name of the shared folder on the computer running SQL Server that will be used to map a drive from the Windows Preinstallation Environment (Windows PE) if you want to enable Windows-integrated security during setup. This step is optional. 6. Click Finish to create the database. To add an application to a database entry 1. In Deployment Workbench, expand Deploy, and then expand Database. 2. Select the node that contains the item to modify. Possible choices include Computers, Roles, Locations, and Make and Model. 3. Add or select an entry in the relevant database. In the Actions pane, click Properties. 4. On the Applications tab, click Add to add an application. If the application is already registered, select it from a list. If adding more than one, adjust the order in which they will be installed using the Up and Down buttons. 5. Click OK.
Zero Touch Deployment ZTI deployments typically use the facilities of Microsoft Systems Management Server (SMS) 2003 or System Center Configuration Manager to deploy applications by directly executing programs already created in Systems Management Server or System Center Configuration Manager. The System Center Configuration Manager Task Sequencer is capable of installing packages directly from a Systems Management Server or System Center Configuration Manager distribution point and can use location logic to locate the nearest distribution point for this purpose. Use this section to learn more about deploying application packages using MDT 2008 in this environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
7
Systems Management Server/System Center Configuration Manager Packages and Programs Systems Management Server and System Center Configuration Manager use packages to store applications as replication units. These packages are replicated to deployment points throughout the enterprise by the Systems Management Server/System Center Configuration Manager infrastructure. Each package is typically dedicated to one application or application suite. Within each package stored in a Systems Management Server/System Center Configuration Manager site are one or more programs that are installable elements of the package. One package might have programs designed to install specific elements of the package, install the entire package, install the package silently, and even uninstall the package. Each program is referenced by Package ID and Program ID when distributed by Systems Management Server/System Center Configuration Manager to client computers. Client computers then execute the advertised program and receive the intended configuration.
Reference Applications by Program ID When using the MDT 2008 database to manage deployment configuration settings, use the Packages tab for each database record to list Systems Management Server/System Center Configuration Manager packages and programs to be installed. Doing so enables the Task Sequencer to locate and execute application installations from Systems Management Server and System Center Configuration Manager deployment points. This simplifies configuration management, leaving the responsibility of creating and managing the applications packages to the Systems Management Server/System Center Configuration Manager administrators—a process that is already mature in many organizations. To associate a Systems Management Server/System Center Configuration Manager Program ID with a database entry 1. In Deployment Workbench, expand Deploy, and then expand Database. 2. Select the node that contains the item to modify. Possible choices include Computers, Roles, Locations, and Make and Model. 3. Add or select an entry in the relevant database. In the Actions pane, click Properties. 4. On the Packages tab, click Add, and select the System Center Configuration Manager package to be added. 5. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Deploy Applications Based on Existing Application Inventories Administrators can control application installations by analyzing which applications already exist on a target system. Systems Management Server and System Center Configuration Manager both maintain comprehensive inventories for hardware and software configuration data on each client computer. By mining this data, administrators can evaluate which applications should be replaced on a target computer. By comparing applications listed in an inventory database with a list of approved applications, administrators can replace applications dynamically, even performing upgrades during this process. Use this section to learn the basics of dynamic application replacement using this process.
Systems Management Server Add or Remove Programs Database Systems Management Server stores the results of computer software inventories in inventory tables within the Systems Management Server database. The Add or Remove Programs database is stored in GS_ADD_REMOVE_PROGRAMS and exposed through SQL Server view, v_GS_ADD_REMOVE_PROGRAMS. This information can be used to dynamically map existing applications to replacement applications. A table (PackageMapping) is included in the MDT 2008 database to accomplish this process. This table maps the name of an application from the Add or Remove Programs database to a replacement Systems Management Server/System Center Configuration Manager package or program to replace the application. Tasks that can be accomplished using this process include replacing the application with the exact version in use, upgrading the application to the latest approved version, and replacing the application with an alternate application from the approved application list. Note For details on this process, see the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide.
System Center Configuration Manager Add or Remove Programs Database System Center Configuration Manager also maintains an Add or Remove Programs database that administrators can mine for replacement applications settings using MDT 2008. System Center Configuration Manager, like Systems Management Server, lets administrators dynamically map existing applications in the Add or Remove Programs database to replacement applications, enabling version management and replacement. Note For details on this process, see the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Application Packaging Guide: Application Deployment with MDT 2008
9
Maintain the Approved Applications List The PackageMapping database table in the MDT 2008 database consists of two columns: ARPName and Packages. The ARPName field contains values found in ProdID0 in the ARP database in Systems Management Server or System Center Configuration Manager. The Packages field contains the package and program identifiers for Systems Management Server or System Center Configuration Manager. ZTI uses this value to automatically install the associated application during the State Restore Phase of the ZTI sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing A ppl ica ti ons f or Si lent Dep lo yment For best results, applications should be installed without user interaction. This is most easily accomplished by using the application’s silent installation option. Most business applications include options for unattended or silent installation. Often, this is accomplished by using specific command options; other times, it is done by calling a script to control the application installation. Occasionally, administrators may encounter legacy installers that have different command options. Although it is always best to consult the application designer regarding unattended installation, this section lists some of the more common unattended installation options.
Windows Installer Options Most applications that Microsoft distributes use Windows Installer technology. Several Independent Software Vendors (ISVs) also use Windows Installer to distribute applications. Windows Installer uses a set of command options to control installation processes. Among these are: •
/passive. Installs applications without user interaction but shows progress dialog boxes
•
/quiet. Installs applications with no visible prompts or dialog boxes
•
/q. Similar to /quiet but allows options to control the level of interaction: •
n. No user interface (UI)
•
b. Basic UI
•
r. Reduced UI
•
f. Full UI
Other options exist but are not relevant to this discussion. To use Windows Installer to deploy an application with MDT 2008, it must support an installation option that can be executed during an unattended installation. Test the application before deployment by executing Windows Installer with the appropriate option and verifying proper installation. To install an application using Windows Installer’s /quiet option 1. Execute the application’s Setup routing by calling Windows Installer: Msiexec path/application.msi /quiet 2. Verify proper installation of the application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Engineering Feature Team Guide: Developing
11
Setup.exe Command Options Several ISVs use installer technology that produces Setup.exe executable installers. These installers use a variety of command options but usually expose these options to the /? option. Many Setup.exe installers were created by earlier versions of the InstallShield application-packaging utility. Prepare these installers for unattended installation by recording an installation script to be used to control the installer. Common InstallShield Setup.exe options include: •
/s. Executes a recorded InstallShield (.iss) script
•
/f. Locates the .iss script file for silent installation
•
/r. Records the .iss script
•
/SMS. Ensures the system does not disconnect from a network share during installation
To record and use an .iss script with Setup.exe 1. Run Setup.exe with the /r option. 2. Install the application normally. 3. When the installation is complete, collect the script file (usually named Setup.iss) from the Windows directory. (Alternatively, use the /f1: option to designate a file name and location.) 4. To deploy the application silently, use the /s option in the Command Prompt window: Setup.exe /s /f1:path\filename.iss
Legacy Installers Some earlier versions of applications used several different installer technologies. Many of these were not designed for silent installation. To determine whether these applications can be automated for deployment using MDT 2008, research command options to use with the application. Test any options that appear to offer the ability to install unattended. If none exist, use the guidance in the section, “Repackaging Non-compliant Applications,” in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2007 Of fice Syste m/ Mi cr oso ft Of fice 2003 Depl oymen t Deployment Workbench has been designed to simplify the deployment of the 2007 Office system. Access to the Office Customization Tool has been included in Deployment Workbench to simplify the correct placement of Microsoft Office installation and control files. In addition, administrators can deploy Microsoft Office 2003 using standard silent installation methods. Integrate 2007 Office system installations with MDT 2008 in one of two ways: either as part of the desktop deployment image (known as a thick image) or after desktop image deployment (known as a thin image).
Thick Image Installations To preinstall the 2007 Office system on the desktop deployment image, execute the appropriate installation commands before collecting the deployment image. Microsoft Office will be installed on the image, allowing the deployment of a complete Windows Vista/2007 Office system image at one time. This increases the size of the desktop image but simplifies Deployment Workbench configuration. Note If automating the image-build process, use the instructions in the section, “Thin Image Installations,” in this guide to prepare the 2007 Office system for installation.
Thin Image Installations To integrate 2007 Office release programs into MDT 2008 as supplemental applications, use the Add Application feature of Deployment Workbench to point to the customized Microsoft Office distribution point. Deployment Workbench offers customized steps for the integration of the 2007 Office system, taking into account specific requirements of the 2007 Office system in the application settings used to deploy the package. Note To install multiple Microsoft Office programs, add each program separately to the applications list contained in Deployment Workbench.
To configure the 2007 Office system using Deployment Workbench 1. Expand Distribution Share. Right-click Applications, and then click New to start the New Application Wizard. Note See the MDT 2008 document, Computer Imaging System Feature Team Guide, for specific guidance on adding applications.
2. Complete the New Application Wizard, using the path and setup command for the 2007 Office system. Microsoft Office will be imported into the deployment point, preparing the correct folder structure for Microsoft Office deployment using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Engineering Feature Team Guide: Developing
13
3. Right-click the resulting package, and then click Properties to display the 2007 Office system properties sheet. 4. Click the Office Products tab to configure additional Microsoft Office settings. Note In addition to changing basic settings, administrators can edit the 2007 Office system Config.xml file from this location.
5. Complete configuration settings, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Repa cka ging N on- compl ian t A ppl ic ations Applications without documented unattended installation steps may require remediation to enable silent installation. Use this section to evaluate options for packaging applications. This section covers fundamentals of application packaging, introduces common repackaging tools, and details some specific guidance for using the most popular packaging applications.
Application-Packaging Fundamentals Application repackaging is the process of collecting files and registry changes made by an application installer and compiling them into a Windows Installer file that can be used to silently deploy an application. Vendors such as Wise and Macrovision produce excellent Windows Installer environments designed both to repackage applications and to be used for initial application packaging. Using an application packaging tool, administrators can run an installation, collect information about file system and registry changes, and use the features of the repackaging tool to manage these settings and create a Windows Installer deployment file. This process takes some time to perfect. Each application has different requirements, and some are more challenging to repackage than others. Most, however, can be repackaged successfully using one of these tools. Watch for the following during the repackaging process: •
Installers make decisions based on system configuration and user input. Be sure to examine all variables during package capture to ensure that unintended changes do not occur in the package output.
•
Ensure that any additional files required by the application are included in the package. Many tools allow administrators to include additional folders and files in the application package.
•
Each repackaging tool approaches the task in a different way. If unsuccessful with one tool, consider trying another. Administrators may have success with a tool that uses different repackaging methods.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Test Feature Team Guide: Planning
15
Application Repackaging Tools This section lists some of the repackaging tools that are available and provides an overview of their capabilities.
Macrovision AdminStudio Using Macrovision AdminStudio, administrators can manage repackaging projects distributed among several systems administrators and keep track of multiple repackaging projects simultaneously. Two related Macrovision products, InstallShield Professional and InstallShield Express, have limited repackaging functionality and focus instead on the packaging of new applications for developers.
Wise Package Studio The Wise Package Studio lets administrators repackage applications into .msi files for automated installation through Systems Management Server or System Center Configuration Manager. Wise Package Studio has features that allow for tracking conflicts between versions of applications, applying updates, and centralizing distribution of software packages. Use it both to package new applications and to repackage applications that otherwise do not support silent install options.
SMS Installer Originally distributed with Systems Management Server version 2.0, the SMS installer is a simple repackaging tool that captures “before” and “after” snapshots of a system during the deployment process. The differences are collected and compiled into a deployment package. Customization features in Systems Management Server allow some manipulation of the package but are not as sophisticated as the current versions available from other software vendors. Because this is a free download from Microsoft (see Installer with Installer Set-up Utility at http://www.microsoft.com/technet/sms/20/downloads/tools/installer.mspx), it is definitely worth a try before purchasing a more expensive tool.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Cha ll enging A ppl ic ations Occasionally, an application presents challenges to the best efforts at automation. Examples might include an application that is not installed using conventional installer technology, has difficult-to-replicate registry settings, or requires custom database configuration during the installation process. Use this section to explore various methods for deploying difficult applications.
Deploy Applications Using Scripting Scripting can sometimes automate a difficult application. Using Windows PowerShell scripts, administrators can take control of nearly any aspect of an installation. Microsoft Visual Basic® Scripting Edition (VBScript) also has powerful options for manipulating and managing the installation process. Deployment of applications using scripting requires substantial knowledge of scripting languages and a certain amount of patience to manage multiple iterations, but it can sometimes automate an application that cannot be deployed in any other way. For more information on scripting with Windows PowerShell, see the Scripting with Windows PowerShell Script Center at http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx.
Deploy Applications Using AutoIT When all else fails, a free software tool called AutoIT may be able to complete the packaging process for the most challenging applications. This utility has the ability to record mouse clicks, keystrokes, and even cut-and-paste operations. The results are compressed into a self-extracting AutoIT .zip executable file that can be deployed using MDT 2008. For more information on this tool and complete instructions, visit the AutoIT site at http://www.autoitscript.com.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2
Microsoft Deployment Toolkit 2008
Microsoft® Deployment Toolkit 2008 Deployment Concepts Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion If this is the first time computers have been deployed using any version of Microsoft® Deployment Toolkit (MDT), including Business Desktop Deployment (BDD) 2007, take a few minutes to learn important MDT 2008 deployment concepts. This document covers deployment methods and scenarios, imaging concepts, application deployment, testing, infrastructure security, and deployment capacity planning. For more information about deployment and MDT 2008, read the MDT 2008 document, Getting Started Guide.
Selec ting De pl oymen t M ethods MDT 2008 can be used to deploy computers with either of two techniques: •
Lite Touch Installation. Lite Touch Installation (LTI) deployment requires minimal infrastructure to operate. Operating systems can be deployed over a network using a shared folder or locally using removable storage such as a CD, DVD, USB flash drive (UFD), or other device. The deployment process can be initiated automatically (using Windows® Deployment Services) or manually. Configure LTI settings using Deployment Workbench, and then further customize CustomSettings.ini for the specific environment. Provide configuration settings for groups of computers. The configuration settings for each individual computer are usually provided manually during the deployment process. As a result, customizing LTI usually requires less effort than customizing a Zero Touch Installation (ZTI) deployment.
•
Zero Touch Installation. Zero Touch Installation (ZTI) deployment requires Microsoft System Center Configuration Manager 2007 or Systems Management Server (SMS) 2003 with Service Pack 2 (SP2) and the SMS 2003 Operating System Deployment (OSD) Feature Pack. Deploy operating systems from System Center Configuration Manager or Systems Management Server distribution points. The installation process can be initiated by System Center Configuration Manager, Systems Management Server, or Windows Deployment Services. The ZTI deployment process is always initiated automatically. As with LTI deployment, initially configure ZTI deployment using Deployment Workbench, and then further customize CustomSettings.ini for the environment. In a ZTI deployment, all configuration settings must be provided for each target computer being deployed. By definition, there is no manual configuration in ZTI deployment. As a result, customizing a ZTI deployment usually requires more effort than customizing LTI deployment.
In most instances, enterprises use a combination of both techniques to deploy operating systems to the target computers. LTI and ZTI deployments use the same common set of scripts and configuration files (such as CustomSettings.ini) for deploying the operating system. Table 1 compares LTI and ZTI deployments.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Table 1. Comparison of LTI and ZTI Deployments LTI deployment
ZTI deployment
Provides configuration settings common to Provides all necessary configuration a group of target computers settings for each target computer Requires less initial information technology Requires more initial IT administration (IT) administration configuration time configuration time Requires more user configuration time
Requires zero user configuration time
Can be used with slow connections or in instances where no network connectivity exists
Requires a high-speed, persistent connection
Requires little or no infrastructure to support deployment
Requires an infrastructure sufficient to deploy operating system images using either the SMS 2003 OSD Feature Pack or System Center Configuration Manager
Supports deployment over the network or locally
Supports only network deployments
Does not require target computers to be managed using System Center Configuration Manager or Systems Management Server (or other softwaremanagement tools)
Requires that target computers be managed using either System Center Configuration Manager or Systems Management Server
Supports security policies where automatic Supports only security where automatic software installation is prohibited software installation is allowed. Supports deployment to target computers isolated by firewalls
Requires remote procedure call (RPC) communication with target computers
Supports Upgrade Computer deployment scenarios
Does not support Upgrade Computer scenarios
For more information about: •
ZTI deployment, see the MDT 2008 documents, Preparing for Microsoft Systems Management Server 2003 or Preparing for Microsoft System Center Configuration Manager 2007.
•
LTI deployment, see the MDT 2008 document, Preparing for LTI Tools.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Selec ting De pl oymen t Scenar ios Table 2 lists the deployment scenarios and provides a brief description of each. Table 2. Deployment Scenarios and Descriptions Scenario
Description
Migrates user state
Uses existing target computer
Preserves file system
New Computer
A new installation of a Windows operating system is deployed to a new computer.
No
No
No
Upgrade Computer
The current Windows operating system on the target computer is upgraded to the deployed operating system. The existing user state migration data, user profile, and applications are retained.
Yes
Yes
Yes
Refresh Computer
A computer is refreshed, including computers that must be re-imaged for image standardization or to address a problem.
Yes
Yes
No
Replace Computer
One computer replaces another computer. The existing user state migration data is saved from the original computer. Then, a new installation of Windows is deployed to a new computer. Finally, the user state data is restored to the new computer.
Yes
No
No
Based on the existing environment, any combination of these scenarios can be selected in the deployment. For example, if the organization is only upgrading existing computers, only the Refresh Computer and Upgrade Computer scenarios may be used. If the organization is deploying new computers for some users and upgrading the remaining computers, the Upgrade Computer, Replace Computer, and Refresh Computer scenarios may be used.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Choos ing an Ima ge Str ate gy Most organizations share a common goal: to create a standard configuration that is based on a common image for each version of the operating system. Organizations want to apply a common image to any computer in any region at any time, and then customize that image quickly to provide services to users. In reality, most organizations build and maintain many images—sometimes up to 100 images. By making technical and support compromises, by making disciplined hardware purchases, and by using advanced scripting techniques, however, some organizations have reduced the number of images they maintain to approximately three or fewer. These organizations tend to have the sophisticated software distribution infrastructures necessary to deploy applications—often before first use—and to keep them updated. The following list describes costs associated with building, maintaining, and deploying disk images: •
Development costs. Development costs include creating a well-engineered image to lower future support costs and improve security and reliability. Higher levels of automation reduce development costs.
•
Test costs. These costs include the time and labor involved in testing the standard image and the applications that might reside inside it, in addition to applications applied after deployment. Test costs also include the development time required to stabilize disk images.
•
Storage costs. Storage costs include storing the distribution points, disk images, migration data, and backup images. Storage costs can be significant depending on the number of disk images, the number of computers in each deployment run, and so on.
•
Network costs. Network costs include moving disk images to distribution points and to computers. The disk imaging technologies that Microsoft provides do not support multicasting, so network costs scale linearly with the number of distribution points that must be replicated and the number of computers in the deployment project.
As the size of image files increases, costs increase. Large images have more updating, testing, distribution, network, and storage costs associated with them. Even if only a small portion of the image is updated, the entire image must be redistributed. Note Windows Vista® and Windows Server® 2008 do not require a separate image for each type of hardware abstraction layer (HAL). Different images are needed only for 32-bit and 64-bit versions of these operating systems.
Thick Image Thick images are monolithic images that contain core applications, language packs, and other files. Part of the image development process is installing core applications and language packs before capturing the disk image. The advantage of thick images is simplicity. When the organization creates a disk image that contains core applications and language packs, it performs only a single step to deploy the disk image and core applications to the target computer, with language support for all target locales. Also, thick images can be less costly to develop, because Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
7
they frequently do not require advanced scripting techniques to build. In fact, MDT 2008 can be used to build thick images with little or no scripting. Last, in thick images, core applications and language packs are available on first start. The disadvantages of thick images are maintenance, storage, and network costs. For example, updating a thick image with a new version of an application or language pack requires rebuilding, retesting, and redistributing the image. If thick images will be built that include core applications and language packs, install the core applications and language packs during the disk imaging process.
Thin Image The more an image contains, the less common and larger that image becomes. By including less in images, the number and size of images maintained are reduced, which in turn reduces the cost to build, maintain, and test images as well as storage costs. Ideally, a single, worldwide image would be maintained that is customized after deployment. Thin images contain few if any core applications or language packs. Applications and language packs are installed separately from the disk image, which typically takes more time at the computer and possibly more total bytes transferred over the network, but the transfer is spread out over a longer period of time. To mitigate the network transfer time, use trickle-down technology that many software distribution infrastructures provide, such as Background Intelligent Transfer Service (BITS). The primary disadvantage of thin images is that they can be more complex to develop initially. Deploying applications and language packs outside the disk image often requires scripting and a software distribution infrastructure. Another disadvantage of thin images is that core applications and language packs are not available on first start, which may be required in high-security scenarios. If choosing to build thin images that do not include applications or language packs, the organization should have a systems management infrastructure, such as Systems Management Server or System Center Configuration Manager, in place to deploy applications and language packs. Use this infrastructure to deploy applications and language packs after installing the thin image.
Hybrid Image Hybrid images mix thin and thick image strategies. In a hybrid image, the disk image is configured to install applications and language packs on first run, giving the illusion of a thick image but automatically installing the applications and language packs from a network source. Hybrid images have most of the advantages of thin images. However, they are not as complex to develop and do not require a software distribution infrastructure. They do require longer installation times, however, which can raise initial deployment costs. An alternative is to build one-off thick images from a thin image. Begin by building a reference thin image. Then, after the thin image is tested, add core applications and language packs, capture them, test them, and distribute a thick image based on the thin image. Testing the thick image is minimized, because the imaging process is essentially the same as a regular deployment. Be wary of applications that are not compatible with the disk imaging process, however. Hybrid images store applications and language packs on the network but include the commands to install them when deploying the disk image. This process is different from Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
installing the applications and language packs in the disk image, because the image deployment process installations that would typically occur during the disk imaging process are being deferred. Also, if a systems-management infrastructure is in place, it will likely be used to install supplemental applications and language packs after deployment.
Cr ea ting the Ima ge This section provides a conceptual overview of how to create images. For detailed instructions, refer to the MDT 2008 document, Workbench Imaging Guide.
Add Operating Systems All Windows Vista and Windows Server 2008 editions are included in a single image file, Install.wim, which is in the Sources folder on the distribution media. For more information about the Windows Server 2008 distribution media and Install.wim, see the Windows Automated Installation Kit User’s Guide. To build images based on Windows Vista or Windows Server 2008, add the Windows Vista or Windows Server 2008 media to the MDT 2008 distribution share. In addition to adding Windows Vista or Windows Server 2008 media to the distribution share, Windows Vista or Windows Server 2008 images can be added from Windows Deployment Services to the distribution share. When adding a Windows Deployment Services image to the distribution share, MDT 2008 uses the image file from the Windows Deployment Services server.
Sysprep Windows Automated Installation Kit (Windows AIK), which is available for download and installation through MDT 2008, includes the latest System Preparation Tool (Sysprep) for Windows Vista and Windows Server 2008. As a result, no other tools are needed to create custom Windows Server 2008 images. For Windows XP and Windows Server 2003, MDT 2008 copies the correct version of Sysprep from Deploy.cab, which is in the distribution media’s Support\Tools folder. MDT 2008 looks for Deploy.cab in Operating Systems\Destination\Support\Tools (where Destination is the name of the operating system), in the distribution share. If a custom $OEM$ folder structure, used only in LTI deployments, already includes Sysprep, MDT 2008 uses the instance of Sysprep in the $OEM$ folder instead of the instance of Sysprep that is in the Support\Tools folder. In this scenario, MDT 2008 copies Factory.exe, Sysprep.exe, and Setupcl.exe from the custom $OEM$ folder that contains Sysprep to the Operating Systems\Destination\$OEM$\$1\Sysprep folder.
Windows PE Windows AIK includes the correct version of Windows Preinstallation Environment (Windows PE) for deploying Windows Server 2008 and Windows Server 2003 for LTI deployments and creating custom operating system images. ZTI deployments require Windows PE version 2.0. For more information about installing the correct version of Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
9
Windows PE for ZTI deployments using System Center Configuration Manager, see the MDT 2008 document, Getting Started Guide. Windows PE media are not needed to create custom operating system images.
Add Device Drivers Depending on the type of computers in the environment and the hardware they contain, device drivers may be required from hardware vendors to make the system fully functional. For more information about managing drivers, see the MDT 2008 document, Workbench Imaging Guide.
Add Updates When developing an image, take care to ensure that all critical security updates are included in the image so that computers deployed with the image are as up to date as possible. Different approaches can be used to perform these updates, although the first option is recommended: •
Adding updates offline. Use MDT 2008 to install updates offline using a task sequence. In the Task Sequence Editor in MDT 2008, select the Install Updates Offline task.
•
Adding updates online. Use MDT 2008 to install updates online using a task sequence. In the Task Sequence Editor in MDT 2008, select the Install Updates Online task. Note For information about using System Center Configuration Manager and the built-in ConfigMgr Install Software Updates task sequence, see Install Software Updates at http://technet.microsoft.com/en-us/library/bb632402.aspx.
•
Adding updates to the master image. Download the security updates from the Microsoft Web site, and then install them as part of the image build process. This is relatively easy to perform, and additional updates can be added by placing the downloaded updates in the distribution share. However, the image is vulnerable before the updates are installed and the computer is restarted.
•
Adding updates using Windows Software Update Services (WSUS). Use WSUS, Systems Management Server, or System Center Configuration Manager to install the security update after deployment. Like the previous method, the image is vulnerable before the updates are installed and the computer is restarted. Depending on the configuration, it might take an hour or more before all updates are applied. Including the Systems Management Server or System Center Configuration Manager client in the image and setting it to communicate with a specific Systems Management Server or System Center Configuration Manager site might result in all computers built from the image communicating with only that site.
•
Slipstreaming updates to the installation source. Download the security updates from the Microsoft Update Catalog at http://go.microsoft.com/fwlink/?LinkId=8973, and then integrate them into the Windows installation source before beginning the unattended build process. While this method protects the image from known security exploits, integrating the security updates takes some effort.
The sections that follow provide details about how updates differ based on the target operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Windows Vista and Windows Server 2008 Microsoft provides Windows Vista and Windows Server 2008 operating system updates as packages. Packages include service packs, security updates, and other operating system changes. If using Deployment Workbench, add these updates to the OS Packages item of the distribution share, and MDT 2008 will install these packages during deployment.
Windows XP and Windows Server 2003 Add Windows XP and Windows Server 2003 updates as applications, and then add a task to the task sequence that installs the update. The MDT 2008 document, Image Customization Guide, describes how to add application installations to the task sequence. For security updates, create a subgroup called Security Updates in the State Restore group, and add security updates to it. Doing so installs security updates automatically, keeps them organized, and gives control over the installation sequence. To prevent users from seeing security updates in the applications list during deployment, in the Application Properties dialog box (where Application is the name of the update added to the distribution share), clear the Enable this application check box. For more information about command-line options for installing Windows Server 2003 updates, see the Guide for Installing and Deploying Updates for Microsoft Windows Server 2003 and Windows XP 64-Bit Edition Version 2003 at http://www.microsoft.com/technet/security/guidance/patchmanagement/hfdeploy.mspx. Optionally, integrate each update into Windows XP or Windows Server 2003 as described in the Microsoft Help and Support article, “How to integrate software updates into the Windows installation source files,” at http://support.microsoft.com/kb/828930/en-us. All updates released for Windows Server 2003 SP1 or later include the /integrate option described in the article. Most Windows Server 2003 core updates can be integrated, but updates to other components (such as Windows Internet Explorer®, Windows Script Host [WSH], and others) cannot. Do not include updates integrated into Windows Server 2003 in the task sequence.
Add Language Packs Language packs create a multilingual Windows environment. Windows Vista and Windows Server 2008 are language-neutral, and all language and locale resources are added through language packs (Lp.cab files). By adding one or more language packs to Windows Server 2008, those languages can be activated when installing the operating system. As a result, the same Windows Server 2008 image can be deployed to regions with different language and locale settings, reducing development and deployment time. Windows XP and Windows Server 2003 use Multi-user Interface (MUI) language packs, which require additional steps to integrate.
Add Language Packs Offline Using System Center Configuration Manager MDT 2008 or System Center Configuration Manager can be used to install language packs offline using a task sequence. In the Task Sequence Editor in MDT 2008 or System Center Configuration Manager, select the Install Language Packs Offline task. Note For additional guidance on this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
11
Add Language Pack Online Using System Center Configuration Manager MDT 2008 or System Center Configuration Manager can be used to install language packs online using a task sequence. In the Task Sequence Editor in MDT 2008 or System Center Configuration Manager, select the Install Language Packs Online task. Note For additional guidance on this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
Windows XP and Windows Server 2003 If installing Windows XP or Windows Server 2003 MUI language packs, add each language pack as an application to the distribution share. Then, install the language pack as part of the build’s task sequence, or allow the user to choose a language pack during deployment. The MDT 2008 document, Image Customization Guide, describes how to add application installations to the task sequence. For language packs, create a subgroup called Language Packs in the State Restore group, and add language packs to it. This installs language packs automatically, keeps them organized, and provides control over the installation sequence. To prevent users from seeing language packs in the applications list during deployment, in the Application Properties dialog box (where Application is the name of the language pack added to the distribution share), clear the Enable this application check box.
Windows Vista and Windows Server 2008 Windows Vista and Windows Server 2008 use language pack files. By adding one or more language packs to Windows Vista or Windows Server 2008, those languages can be activated where needed during the installation of the operating system, which provides the ability to deploy the same Windows Server 2008 image to different regions with different languages. The language packs can be installed offline or online. When using System Center Configuration Manager, add the language pack to the task sequence using the Install Language Packs Online task or the Install Language Packs Offline task.
Add Applications The first step in adding applications to a build is to add them to the distribution share. Deployment Workbench can install the application from its original network location, or it can copy the application source files to the distribution share. In either case, specify the commands for installing the application when adding it to the distribution share. Applications can also be installed as Systems Management Server packages or System Center Configuration Manager packages for ZTI deployments. Note For additional guidance on this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
After an application has been added to the distribution share, it can be installed in one of two ways: •
Add it to the task sequence. Application installations added to the task sequence— the sequence of tasks that occur during installation to prepare, install, and configure the build on the target computer—occur when MDT 2008 executes the task sequence on the target computer. Solution Accelerators microsoft.com/technet/SolutionAccelerators
12
•
Microsoft Deployment Toolkit 2008
Using Windows Deployment Wizard. The Windows Deployment Wizard presents the installer a list of applications that are available for installation. The installer can then choose which applications to install. CAUTION When using MDT 2008, do not allow an application to restart the computer. MDT 2008 must control restarts, or the task sequence will fail. Use the command-line property REBOOT=REALLYSUPPRESS to prevent applications, such as those based on Windows Installer, from restarting. To make MDT 2008 restart the computer after installing an application, in the Application Properties dialog box (where Application is the name of the application being installed) of Deployment Workbench, select the Reboot the computer after installing this application check box.
Configure Task Sequences A task sequence binds operating system source files with a configuration. The files include: •
Operating system. Choose an operating system or custom image to use for the build.
•
Unattended Setup answer file (Unattend.xml or Unattend.txt). Create an answer file that describes how to install and configure the operating system on the target computer. For example, the answer file can contain a product key, organization name, and information necessary to join the computer to a domain.
•
Task sequence. Each build has a default task sequence. This sequence can be customized.
Edit the Answer File An answer file contains settings that can be configured to perform an unattended installation of Windows. Windows Vista and Windows Server 2008 answer files are XML files that are commonly named Unattend.xml. Use Windows System Image Manager (Windows SIM) to edit Unattend.xml. The answer file associated with each task sequence added to a distribution share can be edited. Deployment Workbench loads the task sequence’s answer file in Windows SIM. Windows XP and Windows Server 2003 answer files are .txt files that are commonly named Unattend.txt. Use Windows Setup Manager or a text editor to edit Unattend.txt. As with Unattend.xml, the answer file associated with task sequences can be edited. For more information about editing both types of answer files, Unattend.xml and Unattend.txt, see the MDT 2008 document, Image Customization Guide.
Edit the Task Sequence The Task Sequencer runs the task sequence in the order specified. Each task in the sequence is a step, and steps can be organized into groups and subgroups. When creating a task sequence in Deployment Workbench, Deployment Workbench creates a default task sequence. Task sequences contain the following types of item: •
Tasks (steps). Within a task sequence, tasks do the actual work. Tasks are commands that the Task Sequencer runs during the sequence, such as partitioning the disk, capturing user state, and installing the operating system. In the default task sequence, most tasks are commands that run scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Creating the Image
•
13
Groups. The task sequence can be organized into groups, folders that can contain subgroups and tasks. Groups can be nested as necessary. For example, the default task sequence puts tasks in groups by phase and deployment type.
Tasks and groups, including the groups and tasks they contain, can be filtered based on specified conditions. Groups are especially useful for filtering, because an entire collection of tasks can be run based upon a condition such as the deployment phase or type of deployment. The MDT 2008 document, Image Customization Guide, provides detailed instructions for editing a task sequence.
Configure Deployment Points Whereas a distribution share contains the files necessary to install and configure a build on a target computer, a deployment point defines a subset of those files and how to connect to them. For example, the distribution share might contain multiple operating systems and hundreds of applications. A deployment point defines which of those files to distribute and how to access them through a network connection or removable media. MDT 2008 supports four types of deployment point: •
Lab. This is a basic, single-server deployment point. This deployment point references all the content in the distribution share. When building custom images, a lab deployment point is typically used.
•
Network. This is a subset of the distribution share that can be replicated to many servers based on the organization’s requirements. The builds, images, device drivers, updates, and applications that are replicated to a network deployment point can be chosen.
•
Media. This is a subset of the distribution share that can be put on a DVD, UFD, and so on to perform stand-alone, potentially network-disconnected deployments.
•
OSD. This is a copy of all the scripts, tools, and other files necessary to properly configure custom actions in the SMS 2003 OSD Feature Pack for performing a ZTI deployment. The images, applications, and device drivers are part of this replica. SMS 2003 OSD Feature Pack deployment points can only be used to deploy images created by the Systems Management Server 2003 Image Capture Wizard.
•
System Center Configuration Manager. This product includes the required scripts, tools, and other files necessary to create and configure custom actions for ZTI deployments. Images, applications, device drivers, and user state migration are part of the product offerings. Use System Center Configuration Manager to deploy images that LTI deployment, Systems Management Server, or Windows Deployment Services create.
For each deployment point, Windows Imaging Format (WIM) imaging files and International Organization for Standardization (ISO) Windows PE image files can be created that automatically connect to the deployment point and begin the installation. During the MDT 2008 deployment process, the user can choose which build to install from the deployment point. Note file.
The SMS 2003 OSD Feature Pack deployment point does not generate the Lite Touch .wim
Customize Windows PE Using MDT 2008, download Windows AIK (see the MDT 2008 document, Getting Started Guide), which comes with Windows PE. No additional files are necessary to create Windows PE images for MDT 2008. Deployment Workbench automatically customizes Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Windows PE WIM files when a deployment point is updated. Optionally, configure the deployment point to generate the following Windows PE images: •
LTI CD-bootable ISO image
•
LTI bootable RAM disk ISO image
•
Generic CD-bootable ISO image
•
Generic bootable RAM disk ISO image
When a deployment point is updated, Deployment Workbench generates the Windows PE WIM image and other optional ISO images. It stores these images in the distribution share’s Boot folder. Windows PE need not be manually customized to add network adapter device drivers to it. Deployment Workbench automatically adds network adapter device drivers to the Windows PE images that are added to the distribution share. An additional option is to automatically add video and system device drivers from the distribution share to the Windows PE images. After updating the deployment point and generated Windows PE images, the WIM image file can be added to Windows Deployment Services. Optionally, burn the Windows PE ISO images to DVDs using any commercial CD-burning software. Note The same platform edition of Windows PE must be used to start computers for installing each platform edition of Windows. In other words, start target computers using the x86 edition of Windows PE to install the x86 edition of Windows Server 2008. Likewise, use the x64 edition of Windows PE to install the x64 edition of Windows Server 2008. If mismatched editions are used, an error might occur, indicating that the image is for a different type of computer.
To learn more about customizing Windows PE, see the Windows Preinstallation Environment User’s Guide in Windows AIK.
Capture an Image Capturing an image based on a build is fundamentally an LTI deployment that ends with the Windows Deployment Wizard capturing an image of the target computer. When creating a deployment point, Deployment Workbench provides the option of prompting to capture an image. Select this option. When installing the build on a target computer, the Windows Deployment Wizard prompts to capture an image after installation is complete. The wizard also allows specification of a destination for the image. The default destination is the Captures folder in the distribution share, and the default file name is the name of the build. Capturing an image for deployment using ZTI methods is similar to capturing an image for deployment using LTI methods. However, use the Systems Management Server or System Center Configuration Manager Image Capture Wizard to capture the image instead of allowing Windows Deployment Wizard to capture the image. Note Disable antivirus programs on the lab computer before capturing an image of the lab computer’s disk. Antivirus programs can interfere with the configuration of the image and installation of applications during deployment. After deployment, reactivate the antivirus program. Test the interaction of antivirus programs with MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying A pp lic ations There are several reasons why an application written specifically for an earlier version of Windows—especially the versions of Windows preceding Microsoft Windows 2000 Professional and Windows 2000 Server—might manifest problems when run on Windows Vista or Windows Server 2008. Most problems fall into the following categories: •
Setup and installation
•
Kernel-mode drivers
•
Permissions
•
Heap management
•
Firewall
•
DCOM
•
Internet Explorer
For detailed information about common compatibility problems, see Application Compatibility and User Account Control at http://technet.microsoft.com/appcompat. That page provides access to tools and documents that provide the information needed to test application compatibility and resolve problems prior to deployment. In particular, download and use the Application Compatibility Toolkit (ACT) and related documentation. Note The Web site http://www.AppDeploy.com is a well-known resource for information about deploying applications. It includes a knowledge base that describes how to automate the installation or repackaging of most popular business applications.
Repackaging Applications To distribute supplemental applications without requiring administrators to manually install software on each client computer, identify a way to automate the installation. Most applications provide native support for automation. Recently published applications typically provide Windows Installer packages. Applications released before Windows Installer became a popular technology might instead use InstallShield response files for automation. If an application’s setup procedure does not support these automation technologies, automatic installation may be possible by using scripting to simulate keystrokes. If there is an application that is not designed for Windows Installer and does not support another native installation automation technique, consider repackaging it into a Windows Installer package. However, repackaged applications lack the flexibility to efficiently customize the application installation, which is a feature of applications designed to be deployed with Windows Installer. Repackaging is not a function or feature of Windows Installer. However, non-Microsoft vendors provide tools to facilitate repackaging applications in a variety of formats. Organizations have repackaged applications for years, largely for the purpose of customization. Transforms, however, eliminate the need to repackage applications based on Windows Installer for customization. In fact, repackaging an application that already
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
uses Windows Installer for installation and maintenance would be difficult and is not supported. Some organizations prefer to repackage existing applications to gain the benefits of Windows Installer and the software deployment technology based on Group Policy in Windows Server 2003 and Windows 2000 Server. Repackaging also requires a thorough knowledge of the application’s installation. The cost of repackaging in labor, time, and reliability is often underestimated. Repackaging a Windows Installer package typically involves taking a snapshot of a clean computer (including the registry settings, files, and system settings), installing the software, taking a post-installation snapshot of the computer, and cleaning the package. The repackaging software detects the difference between the two snapshots and creates the necessary installation instructions to reproduce the installation. Any changes to the registry settings, files, or system settings that occur during the capture process are included in the installation. Typically, 30 to 40 processes run on a Windows XP Professional or Windows Vista computer at any given time. Thus, any one of those processes can modify a system during the installation, and the modification appears in the repackaged application.
Dep lo yment In fr as tr uctur e Securi ty The sections that follow describe possible security risks so that they can be mitigated as part of the security risk-management process. For additional security considerations, see the section, “Evaluating Security for the Deployment Solution,” in the MDT 2008 document, Getting Started Guide.
Protect Deployment Staging Areas Staging areas where images are created, updated, and maintained pose a significant potential vulnerability. First, because computers in the staging area (including computers that have not been updated and would not meet the organization’s security requirements) are likely to run with varying degrees of security, there is an elevated risk of the computers’ being compromised. Help protect those computers from worms and viruses in particular by placing them on an isolated network segment. Using a perimeter firewall alone is not sufficient: Computers in the deployment staging area must be on a separate network that production computers cannot reach. If computers on the internal network can route traffic to the deployment staging area, there is a high risk that deployment staging servers will be infected with a worm. Worms are common on internal networks, because portable computers may become infected while connected to untrusted networks. Second, because these images form the basis for all new computers in the organization, a compromised image can have a widespread effect and a very high cost. Use the security risk-management process to evaluate this risk and assign resources to mitigate any vulnerability.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008 Deployment Concepts: Infrastructure Security
17
Third, staging areas might contain credentials (user names and passwords) used to automatically authenticate computers during the setup process. Protect these credentials to reduce the risk of an attacker’s abusing them. For more information about protecting servers that host images and other infrastructure components in the staging area, refer to the Windows Server 2003 Security Guide at http://www.microsoft.com/downloads/details.aspx?FamilyID=8A2643C1-0685-4D89B655-521EA6C7B4DB and the Windows Server 2008 Security Guide at http://www.microsoft.com/downloads/details.aspx?FamilyID=fb8b981f-227c-4af6-a44bb115696a80ac. The risk of a security compromise cannot be completely eliminated. Therefore, plan to identify and track attacks. Security auditing, built into all recent versions of the Windows operating system, is a useful tool for recording user actions. For more information, see Auditing Security Events Best Practices at http://technet2.microsoft.com/WindowsServer/en/library/5658fae8-985f-48cc-b1bfbd47dc2109161033.mspx.
Protect Production Deployment Servers Deployment servers must be protected, as well. Like the servers in the staging environment, deployment servers typically store configuration files, which might include user credentials. Protect these servers with physical controls: Only authorized personnel should have physical access to production or development deployment servers. Even then, it is better to forbid a single user access to the server and instead always require collusion. Collusion requires two or more users to work together and greatly reduces the risk that authorized users will perform a malicious act. Reduce the attack surface of the server by limiting the services that are running. For example, although the File Server role is probably necessary, definitely do not install the Application Server role on a deployment server. For the roles not installed, including the File Server role, identify security guides, such as the Windows Server 2003 Security Guide at http://www.microsoft.com/technet/security/prodtech/windowsserver2003/W2003HG/SGC H00.mspx and the Windows Server 2008 Security Guide at http://www.microsoft.com/downloads/details.aspx?FamilyID=fb8b981f-227c-4af6-a44bb115696a80ac, which will help IT personnel harden the deployment server to meet security requirements. If possible, disallow remote logon entirely. If that is not possible, restrict remote access to the deployment server to a small group of trusted staff. Use network filtering (such as that included in Windows Firewall) to restrict network connections to those originating from client computers on local area networks (LANs). Again, consider reducing the risk of a single administrator making malicious changes or installing malicious software in operating system images by requiring collusion. One easy way to require collusion is to configure deployment servers to allow only a group of special user accounts to change images. For each of those user accounts, have two administrators each type half of the user account’s password, and then share that half of the password with at least one other employee. To successfully authenticate and change an image, two administrators must work together. In this way, the risk of a single disgruntled employee compromising the servers is significantly reduced. To reduce the risk of password-cracking attacks, consider implementing multifactor authentication by requiring use of a password in conjunction with a smart card or biometric authentication, such as a fingerprint scanner. Multifactor authentication need not necessarily be deployed to an entire enterprise; multifactor authentication can be Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
required only for the most critical computers on the network, such as staging and production deployment servers. At a minimum, use the Microsoft Baseline Security Analyzer (MBSA) to audit the security configuration of deployment servers. The MBSA is available for download from the Microsoft Security TechCenter at http://www.microsoft.com/technet/security/tools/mbsahome.mspx. The Microsoft Office Visio® 2007 Connector for MBSA 2.1, available at http://www.microsoft.com/technet/security/tools/mbsavisio.mspx, can help visualize the results of the audit. Windows Firewall with Advanced Security will automatically create exceptions for required services on deployment servers. If a network firewall is added between deployment client computers and servers, the network firewall must, at a minimum, allow the following communications to the appropriate servers in the deployment environment: •
Domain Name System (DNS). User Datagram Protocol (UDP) port 53.
•
Dynamic Host Configuration Protocol (DHCP). UDP port 67.
•
Key Management Service (KMS). TCP port 1688. KMS provides activation services for Windows Vista and Windows Server 2008 volume-licensed versions.
•
Windows Deployment Services. UDP port 69 (for Trivial File Transfer Protocol [TFTP]) and UDP port 4011 (for Pre-Boot Execution Environment [PXE]).
•
File sharing (required for the distribution share). TCP ports 139 and 445 and UDP ports 137 and 138.
•
Active Directory® Domain Services (AD DS) domain controller. For detailed information about AD DS firewall requirements, see the Microsoft Help and Support article, “How to configure Windows Server 2003 SP1 firewall for a domain controller,” at http://support.microsoft.com/kb/555381.
•
Systems Management Server. For detailed information about firewall requirements for Systems Management Server, see the Microsoft Help and Support article, “Ports that Systems Management Server 2003 uses to communicate through a firewall or through a proxy server,” at http://support.microsoft.com/kb/826852. For general security information, see Scenarios and Procedures for Microsoft Systems Management Server 2003: Security at http://www.microsoft.com/technet/prodtechnol/sms/smssp2/spsecurity/cbaf0e375aa9-415f-a3a5-1baf014faf14.mspx.
•
System Center Configuration Manager. For detailed information about firewall requirements for System Center Configuration Manager, see Firewall Settings for Configuration Manager Clients at http://technet.microsoft.com/enus/library/bb694088.aspx. For general security information, see Security and Privacy for Configuration Manager 2007 at http://technet.microsoft.com/enus/library/bb680768.aspx.
•
Microsoft SQL Server®. Systems Management Server or System Center Configuration Manager may require SQL Server. For detailed information about firewall requirements for SQL Server, see the Microsoft Help and Support article, “INF: TCP Ports Needed for Communication to SQL Server Through a Firewall,” at http://support.microsoft.com/kb/287932. For general security information, see the SQL Server security site at http://www.microsoft.com/sql/technologies/security.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ana l yzi ng Depl oymen t T ar get s The sections that follow describe how to assess the computers to which Windows will be deployed, including analyzing the scope of the deployment, gathering inventories, identifying the storage requirements, verifying target computer configuration, and providing sufficient network capacity and infrastructure.
Perform a Situation Analysis Answer the following questions to assess what must be done during the deployment: •
How many computers (client and portable computers) are in the organization?
•
What is the ratio of computers to users? Are there more computers than users, or are there more users than computers?
•
Does the possibility exist for rationalization or reduction of resources—computers, applications, and software—in this project? Effective rationalization reduces the level of effort required for a successful deployment.
•
How many computers can be upgraded without requiring additional hardware? How many will require hardware upgrades? Will there be a volume purchase of new systems?
•
Of the existing application sets used in the organization, how many will be updated to more recent versions? For example, many organizations choose to implement a current version of office productivity software at the same time as the upgrade of an operating system.
•
How fast can the migration be completed using the existing infrastructure?
•
If changes to the existing infrastructure are required, where are the largest returns gained by investing in additional resources?
•
Can this information help other current or future projects?
•
Is this a one-time gathering of infrastructure information, or can this information be reused?
Gather Inventories Gather an inventory for the organization before beginning deployment, including the following details: •
Structural description of the business. The structure of the business, including a geographical map with the location of each office (if there is more than one) and the number of users in each office. In addition, this information should include an organization chart of the business that outlines each functional area and the number of users it contains. It is also useful to include other organizational information, such as the vision and mission of the business. The latter is useful for bringing outside consultants rapidly up to date on the nature of the business.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xx
•
Microsoft Deployment Toolkit 2008
Hardware and software inventories. A geographic map outlining the number and function of computers by site, including specific information about each computer: •
Processor architecture
•
Basic input/output system (BIOS) or complementary metal-oxide semiconductor (CMOS) chip type and version, including whether the computer can start from a UFD or from the network
•
Number and capacity of hard disks
•
Removable media drives available, including CD or DVD drivers
•
System memory
•
Details of and drivers required for individual hardware components, including video cards, network adapters, modems, and other accessories
•
Current operating system and updates installed
•
Applications and any relevant updates that are installed.
•
Network infrastructure diagram. A network diagram outlining LAN and wide area network (WAN) links in addition to speeds and available bandwidth. This diagram should also include remote access connections and the number of remote users and their location. If common traffic patterns, such as peak loads, are identifiable, they should also be included. Finally, this diagram should include the network’s addressing scheme.
•
Service infrastructure documentation. A server diagram including a description of each server located in any site and the server’s function and role in the overall network, including:
•
•
Authentication and other security services.
•
Collaboration services, such as e-mail, team workspaces, and instant messaging.
•
File and print services, including server size and available disk space.
•
Replication services currently in use as much for authentication as for file services.
Management infrastructure documentation. A diagram outlining how network systems are managed within the organization, including: •
Client computer management, including portable and remote computers.
•
Management toolkit outlining application names, the number of servers involved in this management toolkit, and their role and capacity for growth.
•
Technical support structure outlining the roles and responsibilities of the staff involved in computer management and computer support.
•
Standards and procedures currently in use for the management of computers, ideally including information such as existing current system builds and build methodology as well as the application portfolio management and use practices.
•
ACT database. A database that includes not only application-specific data but also basic information concerning the computer hardware. In addition, it provides useful information about the compatibility of applications with both Windows XP with SP2 and Windows Vista. This database can double as an inventory tool if no other automated tool is in place.
•
Windows Vista Hardware Assessment (WVHA) tool information. Information gathered using the WVHA tool, including the current state of hardware in the organization as well as readiness for Windows Vista.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxi
Deployment Customization Guide: Contents
•
Help desk issues list. A list of issues related to operating systems and computer builds so as many as possible can be repaired during the preparation of the new operating system build. Involving the help desk early in the process helps both the help desk and users during the deployment.
Identify the Storage Requirements for Deployment Images Ensure that sufficient storage is available for storing the target operating system images that Deployment Workbench creates. These images are stored on the deployment points that Deployment Workbench designates. Determine the size of each image and the number of images required in the deployment. Create a unique image for the following: •
Each unique HAL required for the target computers when the target operating system is Windows XP or Windows Server 2003
•
A copy of the Windows operating system to be deployed
•
Each localized operating system language version required (such as Chinese simplified or Japanese)
For planning purposes, estimate the size of an image to be in the range of 500 megabytes (MB) to 4 gigabytes (GB), including applications. If there are five unique images, the total available disk storage on a deployment point is 20 GB (4 GB × 5). Ideally, each deployment point would have at least that much available disk storage.
Reduce Storage Requirements for Deployment Images If the available disk space cannot be increased on the deployment points, reduce the storage requirements. Reduce the storage required for the deployment points by using any combination of the following methods: •
Reduce the number of images. If few target computers have a specific HAL, consider another method of installing the Windows operating system on the target computers, such as deploying from a DVD-based image or from a removable hard disk.
•
Distribute the images to specific deployment points only. In some instances, the images may be specific to a geographic location. This is especially true for languagespecific images. Distribute only those images for a specific geography to the deployment points in the corresponding geographic locations.
•
Deploy MUI versions of Windows. When possible, deploy MUI versions of the Windows operating system to reduce the number of images required as a result of language differences. Avoid using the localized versions of Windows.
Provide Sufficient Storage for User State Migration Data Determine the amount of storage required for the user state migration data that the Windows User State Migration Tool (USMT) saved during the deployment process. When the amount of storage required is known, designate local storage on the target computers or shared folders that can be used as a temporary store for user migration data. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxii
Microsoft Deployment Toolkit 2008
Determine Storage Requirements for User State Migration Data For planning purposes, estimate the user state migration storage requirements by performing the following tasks: •
Running Scanstate.exe in the USMT with the /p command option to estimate the size of the user state migration data. By using the /p command option, the disk space requirements can be estimated without actually performing the migration. For more information, refer to the MDT 2008 document, User State Migration Guide.
•
Viewing the size of the contents of the folders in the user profile. Randomly sample targeted computers to determine a typical amount of storage required to back up the user state migration. Keep in mind that there may be several profiles (user name folders) on each target computer, so include each profile to be migrated.
•
Determining how long the user state migration data must be stored. Store the user state migration data in the event the deployment fails and the configuration must be rolled back. After verifying a successful deployment and backing up the computer, delete the user state migration data.
Calculate the storage requirements for user state migration data by multiplying the size of the user migration state by the number of computers being upgraded simultaneously (size of migration × number of computers).
Determine Where to Store User State Migration Data After determining the storage requirements for the user state migration data, determine where to store the data. Store user state migration data in these locations: •
On the local computer, to reduce the time to deploy Windows and reduce network utilization (recommended) Note
•
This option can be used only in a Refresh Computer scenario.
On a shared folder located on a local server to provide a consistent method of storing user state migration data or when local storage is not available
If user state migration data will be stored locally on the target computers, designate a shared folder in which the deploy process can store the data. By default, the process attempts to store user state data on the local hard disk for the Replace Computer and Refresh Computer scenarios. However, this behavior can be overridden with configuration settings in CustomSettings.ini. In the event that there is insufficient disk space for the user state data and new image, the deployment scripts attempt to store the information in a shared folder. Providing the shared folder as an alternate storage location makes the deployment process more reliable. Place the shared folder such that a high-bandwidth connection exists between the shared folder and the target computers.
Provide Sufficient Storage for Deployment Logs The deployment logs record the process for each target computer through the imagedistribution process. Determine the amount of storage required for the deployment logs saved during the deployment process. When the amount of storage required is known, designate shared folders that can be used as temporary stores for deployment logs.
Determine Storage Requirements for Deployment Logs To estimate for planning purposes the deployment log storage requirements for a single target computer, complete the following steps: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxiii
Deployment Customization Guide: Contents
6. Run the upgrade process in the test lab to determine the size of the deployment logs. 7. Determine how long the deployment logs must be retained. 8. Multiply the size of the deployment logs for one computer by the number of computers being deployed simultaneously.
Determine Where to Store Deployment Logs After determining the storage requirements for the deployment logs, determine where to store the deployment logs. Store them in a shared folder that is connected to the target computers by a high-bandwidth connection.
Provide Sufficient Storage for Computer Backup As an optional step in the deployment process for the Refresh Computer and Upgrade Computer scenarios, a backup can be performed of a target computer before deploying the target operating system. The purpose of this backup is for recovery of user state migration data. Perform the backup to one of the following: •
Local drives on the target computer
•
Network shared folders
The backup process in MDT 2008 is performed by using the Imagex.exe tool. The backup process creates an image of the disk volume where the user state migration data is stored. To estimate for planning purposes the computer backup storage requirements for a single computer 9. Run the Refresh Computer scenario process in the test lab to determine the size of the backup file. 10. Determine how long the backup file must be retained. 11. Multiply the size of the backup file for one computer times the number of computers being deployed simultaneously. Note The MDT 2008 backup process does not normally handle multiple partitions. If multiple partitions must be backed up, consider modifying the MDT 2008 backup process or using an alternative method to back up other partitions.
Provide Sufficient Storage for Application and Operating System Source Files Each deployment point in the environment needs access to the application and operating system source files to be used in the deployment process. Provide access to these source files by creating a copy of the source files on one of the following: •
A common network shared folder that is accessible to all servers hosting the deployment points. The advantage of this method is that storage is necessary for only one copy of the source files. The disadvantage is that the distribution points must access the source files over the network, which increases network use and is slower than accessing the source files locally.
•
Each server hosting the deployment points. The advantage of this method is that accessing the source files is faster than from a network shared folder. The
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxiv
Microsoft Deployment Toolkit 2008
disadvantage is that sufficient storage is needed for the source files on each server hosting the distribution points. To estimate for planning purposes the application and operating system source-file requirements for a single deployment point (or common shared folder) 12. Create a copy of each application and operating system source file on a shared folder. 13. Determine how much disk storage all the application and operating system source files require. If using one common network shared folder to be accessed by all distribution points, select a server with sufficient available disk storage for the source files. If providing a local copy to each distribution point, ensure that each server hosting one or more distribution points has sufficient available disk storage for the source files.
Verify an Adequate Target Computer Configuration Before deploying images to a target computer, ensure that the computer has the correct configuration. To deploy an image to a target computer, first complete these tasks: •
Verify that the target computer has the correct versions of necessary software.
•
Verify that the target computer has adequate system resources.
•
Identify the differences in 64-bit and 32-bit deployments.
Verify Correct Target Computer Software Versions Before running the rest of the MDT 2008 scripts, run ZTIPrereq.vbs to ensure that the target computer meets the requirements for running the remaining scripts. These script prerequisites include the following: •
Windows 2000 Professional with SP4, Windows XP with SP2, or a later Windows operating system is in use
•
WSH version 5.6 or later is installed and running
•
Microsoft XML Core Services (MSXML) version 3.0 (any service pack level) is installed and running
•
Microsoft Data Access Components (MDAC) version 2.0 or later is installed and running Note The version of MSXML must be 3.0. MSXML versions 4.0 and 6.0 are not compatible with the MDT 2008 scripts.
Verify Adequate Target Computer Resources After ZTIPrereq.vbs determines that the computer meets the requirements for running the remaining scripts, ZTIValidate.wsf determines whether the target computer has the appropriate resources to deploy the target operating system. These requirements include the following: •
The target computer has WSH 5.6 or later installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxv
Deployment Customization Guide: Contents
•
In any scenario except New Computer (which does not migrate user data), the existing operating system must be a client operating system if the new operating system is a client operating system. Similarly, only Windows Server 2003 or Windows Server 2008 can be deployed to a computer currently running a server operating system.
•
The OSInstall property, if defined, must be set to YES for the deployment to continue.
•
The target computer memory must meet the requirements of the operating system.
•
The target computer processor must meet the requirements of the operating system.
•
The target computer must have sufficient available disk space for the image being deployed to the target computer.
•
The current operating system on the target computer must be running on the C partition (Refresh Computer scenario only).
•
Drive C must be the first partition on the first disk of the target computer (Refresh Computer scenario only).
•
Additional available disk space is required when user state migration data and deployment logs are stored locally on the target computer.
•
The target computer must have sufficient free disk space (approximately 150 MB) to hold Windows PE log files.
•
The target computer must have sufficient total disk space to hold Windows PE and the image (expanded image size plus 150 MB).
•
The target computer must have a direct network connection to Windows Deployment Services servers and deployment points. (Unsupported network connections include virtual private network [VPN] and wireless connections.) Note Target computers that attempt to install an image over a VPN or wireless connection will not be able to connect to a deployment point after restarting in Windows PE, causing the deployment process to fail.
Although the minimum requirements for the Windows Vista operating system are highlighted in the Windows Vista TechCenter, hardware performance must be validated with the intended applications and user expectations before determining the organization’s standard hardware specifications. For example, when deploying Windows Vista with the Windows Aero® theme settings, the following computer resources may be required: •
At least 2 GB of RAM
•
At least a 2 gigahertz (GHz) processor
•
A compatible graphics adapter that provides improved performance
If deploying Windows Vista with the Windows Basic theme settings, these recommendations can be considerably reduced. Customize the hardware specifications and operating system configurations based on the user roles and operational needs in the organization. For more information about customizing the hardware specifications and operating system configuration, see: •
Windows Vista Enterprise Hardware Planning Guidance at http://technet.microsoft.com/en-us/windowsvista/aa905075.aspx.
•
Windows Aero at http://www.microsoft.com/windows/products/windowsvista/features/details/aero.mspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxvi
Microsoft Deployment Toolkit 2008
Use Systems Management Server, System Center Configuration Manager, or another software inventory tool to help determine whether any existing computers have inadequate system resources. Upgrade the system resources on these target computers prior to deploying Windows, if necessary. If it is determined that some computer system resources are inadequate for deploying Windows, perform one of the following actions: •
Upgrade the system resources on the existing computers.
•
Replace the existing computers with new computers.
•
Eliminate the existing computers from being part of the upgrade.
Identify Differences in 64-bit and 32-bit Deployment In most instances, deploying 64-bit versions of the Windows operating system is the same as deploying 32-bit versions of Windows. However, there are differences that affect how 64-bit versions of Windows are deployed and how MDT 2008 detects that the target computer has a 64-bit processor. Note MDT 2008 supports only Intel EM64T–enabled processors and the AMD64 family of processors. The Intel Itanium and IA64 family of processors are not supported in MDT 2008.
Most functions and features found in 32-bit versions of Windows are the same in 64-bit versions of Windows. However, take the following differences into consideration when deploying 64-bit versions of Windows: •
The version of Windows PE must match the version of Windows being deployed. If deploying a 64-bit version of Windows Vista, use a 64-bit version of Windows PE. Similarly, if deploying a 32-bit version of Windows Vista, use a 32-bit version of Windows PE.
•
Applications are installed in separate Program Files folders. On 64-bit versions of Windows, 64-bit applications are installed in the Program Files folder and 32-bit applications are installed in the Program Files (x86) folder. Check the appropriate folder structure when looking for previously installed applications.
•
Processor architecture discovery in Windows Deployment Services may need to be forced for 64-bit computers. Not all 64-bit computers properly report the processor type; therefore, MDT 2008 may not properly detect that the processor is a 64-bit processor. Force Windows Deployment Services to deploy 64-bit versions by using the following command: WDSUTIL /set-server /architecturediscovery:yes For more information, see the Windows Deployment Services Help files.
•
64-bit versions of Windows PE 2.0 do not run 32-bit applications. Ensure that any compiled applications used by a 64-bit version of Windows PE are 64-bit versions.
•
64-bit versions of Windows require 64-bit device drivers. 32-bit device drivers cannot be used in 64-bit versions of Windows.
Provide Adequate Network Capacity Because of the size of the images being distributed to the target computers (500 MB to 4 GB), computers must have a high-speed, persistent connection to the servers used in the deployment process. These servers include: •
Windows Deployment Services servers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxvii
Deployment Customization Guide: Contents
•
Servers hosting shared folders used to store deployment images (that is, deployment points).
•
Servers hosting shared folders used to store user state migration data.
•
Servers hosting shared folders used to store deployment logs.
These servers need to be on adjacent subnets to the target computers to ensure highspeed connectivity to the computers. If the organization cannot provide sufficient network capacity to deploy images, software, and migration data to computers, perform one of the following actions: •
Temporarily place the appropriate servers (for example, servers hosting the various shared folders or Windows Deployment Services server) closer to the target computers for the duration of the migration.
•
Temporarily move the target computers to a staging area where the computers can be deployed, and then return them to their original location.
•
Store user state migration data locally on the target computers.
•
Perform automated deployments locally by using a combination of a Windows Vista or Windows PE image CD.
•
In addition, when deploying computers through a firewall, ensure that the appropriate TCP and UDP ports are open on firewalls. If deploying images with ZTI deployment, see the Microsoft Help and Support article, “Ports that SMS 2003 uses to communicate through a firewall or through a proxy server,” at http://support.microsoft.com/kb/826852.
Determine the Required Infrastructure The deployment relies on several technologies for proper operation. Most of these are in the form of a file share somewhere on the network. Three of the four main deployment server roles are simple file shares: •
Deployment Server Role. This role is used to store all deployment information and toolkits to be used during the migration. It also stores operating system image files, including the required Windows PE images.
•
User State Migration Server Role. This role is used to store user profiles either temporarily or permanently, depending on the selected approach. As computers are being deployed, existing user profiles are captured to this server role and then drawn from this server to be restored to the updated computer. Note Roaming user profiles store user data on a file server to allow a user to access their desktop, documents, and settings from multiple computers. For detailed information about planning roaming user profiles, read the Managing Roaming User Data Deployment Guide at http://technet2.microsoft.com/WindowsVista/en/library/fb3681b2-da39-4944-93addd3b6e8ca4dc1033.mspx.
•
Application Installation Server Role. This role is used to store the prepackaged installation files for the applications to be redeployed after the operating system has been replaced.
•
Activation Server Role. To support Volume Activation 2.0, a KMS host may be required to automatically activate newly configured Windows Vista or Windows Server 2008 computers. For more information about Volume Activation 2.0 and KMS, see Volume Activation 2.0 Technical Guidance in the Microsoft Download Center at http://go.microsoft.com/fwlink/?LinkID=75674. If using a Multiple Activation Key (MAK) to activate computers, a separate server may not be required. However, the Volume Activation Management Tool (VAMT) can enable MAK activation without connecting hosts directly to the Internet. For more information about VAMT, see
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
xxviii
Microsoft Deployment Toolkit 2008
Microsoft® Deployment Toolkit 2008 Deployment Customization Guide Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This document guides the imaging process when using Microsoft® Deployment Toolkit (MDT) 2008 with Microsoft Systems Management Server (SMS) 2003 and Microsoft System Center Configuration Manager 2007. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
This guide describes how to customize reference images by customizing the task sequence; how to create custom scripts and customize existing scripts; how to configure and customize variables, location, role, and make and model; and how to configure and customize the imaging databases and custom images. The guidance presented here extends the guidance found in the MDT 2008 documents, Workbench Imaging Guide and Microsoft System Center Configuration Manager 2007 Imaging Guide. Table 1 provides additional information on the reference guides that are available to assist in configuring and setting up Deployment Workbench, Systems Management Server, and System Center Configuration Manager. Table 1. Related Guidance in MDT 2008 Guide
This guide offers assistance to help
Preparing for LTI Tools
Install LTI in the environment. The guide includes information about how LTI works.
Preparing for Microsoft Systems Management Server 2003
Install ZTI in the environment and perform deployments using Systems Management Server. The guide includes information about how ZTI and Systems Management Server work together.
Preparing for Microsoft System Center Configuration Manager 2007
Create a default installation of MDT 2008 for ZTI using System Center Configuration Manager.
Image Customization Guide
Guide the process of using MDT 2008, Systems Management Server, and System Center Configuration Manager during the imaging process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Revie wi ng t he D epl oymen t Pr ocess ing R ules Before the deployment processing rules that it wants to include in the deployment process can be identified, it must identify the components that MDT 2008 uses in ZTI and LTI deployments.
Identify the Deployment Components The ZTI and LTI deployment processes use a common set of deployment components, included in MDT 2008. To configure the deployment components properly, identify how the components interact in the ZTI and LTI deployment processes. The MDT 2008 components include: •
Task sequences
•
Scripts
•
Configuration files
•
Configuration databases
•
Environment variables
•
Log files
For a visual representation of how these components work together in the MDT 2008 LTI and ZTI processes, see the section, “Deployment Process Flowcharts,” in the MDT 2008 document, Troubleshooting Reference.
Task Sequences A task sequence is a combined series of steps that complete an action. Task sequences can operate across a computer restart, and task sequence steps can be organized into groups for more control over run-time behavior. A custom task sequence can be created that will automate and perform tasks on a computer without user interaction. Custom task sequence steps can be organized into groups so that multiple task sequence steps will run on a computer. By using task sequence steps in groups, error control can be organized and configured for each individual task sequence step and group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Reviewing Deployment Processing Rules
3
Some of the information that can be specified in task sequences includes: •
Task sequence name
•
Task sequence comment.
•
Task sequence template, which can be one of the following templates in Deployment Workbench or in the Import Task Sequence Wizard in Configuration Manager console: •
Standard Client Task Sequence
•
Standard Client Replace Task Sequence
•
Standard Server Task Sequence
•
Lite Touch OEM Task Sequence Template (LTI deployments only)
•
Preload OEM Task Sequence (Pre-OEM) (System Center Configuration Manager–based deployments only)
•
Preload OEM Task Sequence (Post-OEM) (System Center Configuration Manager–based deployments only)
•
Custom Task Sequence.
•
Operating system.
•
Product key
•
Operating system configuration settings
•
Password for local Administrator user account on target computer
Scripts Scripts are used to automate the deployment process. Scripts scan the configuration files, the configuration database, and environment variables to determine the rules to be used when deploying images to target computers. Scripts create log files while they automate the deployment process. The log files record the status of the deployment process and can be used to assist in troubleshooting the deployment process. For more information about each script used in the MDT 2008 deployment process, see the section, “Deployment Process Flowcharts,” in the MDT 2008 document, Troubleshooting Reference.
Configuration Files Scripts interpret the configuration files to ensure that the appropriate steps occur to deploy the correct operating system to the correct target computer. Various MDT 2008 wizards assist in creating and maintaining the configuration files. MDT 2008 can create and manage: •
Templates configuration files. After MDT 2008 creates the template file, the file is manually customized to include the appropriate processing rules. The CustomSettings.ini file is an example of this type of configuration file. After these template files are initially created, they should be maintained manually.
•
Completed configuration files. These files require no further customization. The Applications.xml file is an example of this type of configuration file. Maintain these files using MDT 2008. Although these files can be maintained manually, using MDT 2008 is recommended to avoid introducing human-caused errors.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
The MDT 2008 configuration files and a brief description of each are listed in Table 2. Table 2. Configuration Files in MDT 2008 Configuration file
Description
CustomSettings.ini
The primary configuration file for the MDT 2008 processing rules used in all scenarios.
BootStrap.ini
The configuration file used when the target computer is not able to connect to the appropriate deployment point. This situation occurs in the New Computer scenario and in the Replace Computer scenario.
For more information about additional configuration files, see the section, “Deployment Process Flowcharts,” in the MDT 2008 document, Troubleshooting Reference.
Configuration Database The configuration database is a logical extension of configuration settings that would typically exist in CustomSettings.ini. Create and manage the configuration database on the Database node in MDT 2008. The configuration settings can be centrally stored in a relational database using a configuration database. The configuration database is referenced in the CustomSettings.ini file. The MDT 2008 scripts query the database to retrieve values for properties. Using the configuration database is appropriate when the target computers have a high-speed, persistent connection to the server running Microsoft SQL Server® on which the configuration database is stored. Otherwise, make all configuration settings in CustomSettings.ini.
Environment Variables MDT 2008 scripts automatically retrieve appropriate environment variables. The variables are referenced like properties in the deployment processing rules. The environment variables can be referenced like any property in the configuration files or configuration database.
Log Files Because MDT 2008 scripts automatically create log files, no configuration settings are necessary. Each script creates a log file that matches the name of the script. For example, ZTIGather.wsf creates a log file named ZTIGather.log. Each script also updates a common log file (Deployment.log) that aggregates the contents of all the logs. For more information about each log file, see the section, “Deployment Process Flow Charts,” in the MDT 2008 document, Troubleshooting Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom iz ing T ask Sequences The following sections offer guidance on how to customize task sequences using Deployment Workbench, Systems Management Server, or System Center Configuration Manager.
Deployment Workbench Using Deployment Workbench, packages, languages, updates, and additional items can be added to task sequences.
Task Sequences Edit a task sequence to customize it for the deployment process. The following section describes the settings available in the Task Sequence Editor: •
Task sequence ID: An un-editable field assigned to the task sequence.
•
Task sequence name: The name assigned to the task sequence.
•
Task sequence version: The version assigned to the task sequence.
•
Comments: An area in which to identify the task sequence settings or add individual task sequence comments.
•
This can run on any platform: Defines the task sequence as able to run on any Windows platform.
•
This can run only on the specified client platforms: Defines the compatible platforms on which this sequence will run.
Enable or Disable a Task Sequence To enable or Disable a task sequence, perform the following steps: 14. Start Deployment Workbench. 15. In the console tree, click Task Sequences. 16. In the details pane, right-click the task sequence to be enabled or disabled, and then click Properties. 17. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Enable this Task Sequence check box to enable the selected task sequence.
•
Clear the Enable this Task Sequence check box to disable the selected task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Hide or Unhide a Task Sequence To hide or unhide a task sequence, perform the following steps: 1. Start Deployment Workbench. 2. In the console tree, click Task Sequences. 3. In the details pane, right-click the task sequence to be hidden or unhidden, and then click Properties. 4. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Hide this task sequence in the Deployment Wizard check box to hide the selected task sequence.
•
Clear the Hide this task sequence in the Deployment Wizard check box to unhide the selected task sequence.
Note For a complete description of enabling and disabling or hiding and un-hiding task sequences, see the MDT 2008 document, Workbench Imaging Guide.
Use the Task Sequence tab in the Task Sequence Editor to customize the individual tasks and change the order of their application to the target computer. The following section describes the task sequences that are available: •
New Group: Creates a new group listing using the name specified.
•
General: Contains the Run Command Line, Set Task Sequence Variable, Run Command Line As, Restart Computer, Gather, Install Updates Offline, Validate, and Install Application task sequence steps.
•
Disks: Contains the Format and Partition Disk; and Enable BitLocker task sequence steps.
•
Images: Contains the Install Operating System task sequence step type.
•
Settings: Contains the Apply Network Settings, Capture Network Settings task sequence steps.
•
Roles: Contains the Install Roles task sequence step type.
Each task sequence group and step has configurable properties on the Properties and Options tabs that are common to all task sequence groups and steps. For detailed information about these properties and options, see the MDT 2008 document, Toolkit Reference. For detailed information about task sequences in Deployment Workbench, see the MDT 2008 document, Workbench Imaging Guide. For detailed information about task sequences in System Center Configuration Manager, see About Task Sequences at http://technet.microsoft.com/enus/library/bb693631.aspx. For detailed information about task sequences in Systems Management Server, see Operating System Deployment Task Sequence Variables at http://technet.microsoft.com/en-us/library/bb632442.aspx.
OS Packages Before deploying operating system images to target computers, add any packages that must be installed after the operating system is installed. Add the packages to be installed using the New Package Wizard on the OS Packages node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
7
Deployment Customization Guide: Customizing Task Sequences
Following are examples of packages that are installed after the operating system is installed: •
Security updates
•
Service packs
•
Language packs
Note These packages are different from Systems Management Server packages and SMS 2003 OSD Feature Pack packages. The Deployment Workbench user interface (UI) refers to these packages as OS Packages to differentiate them from packages in Systems Management Server and the SMS 2003 OSD Feature Pack.
To add new OS packages 18. Start Deployment Workbench. 19. In the console tree, right-click OS Packages, and then click New. The New Package Wizard starts. 20. On the Select the location of the package files page, in the Package source directory box, type source_directory_name (where source_directory_name is the fully qualified path to the package source files), and then click Add. Note
Alternatively, click Browse to locate source_directory_name.
The New Package Wizard finishes, and the new package name appears in the details pane. Note Repeat this procedure for each package to be added except the packages located beneath source_directory_name.
Package groups can also be created to logically group packages together for ease of deployment. For example, if multiple operating systems will be deployed, create a package group for each operating system that includes the service packs or language packs for that operating system. Also, configure package groups by customizing the PackageGroup and LanguagePacks properties or by selecting a package group for a task sequence. If: •
A package group is specified in CustomSettings.ini or in the task sequence properties, only the packages (including language packs) that are in that package group as configured in Deployment Workbench are installed.
•
No package group is specified in CustomSettings.ini or in the task sequence properties: •
All packages (including language packs) defined in the OS Packages node in Deployment Workbench are installed.
•
All language packs specified in the LanguagePacks property are installed.
For more information on: •
Creating package groups, see the section, “Add a Package Group,” in the MDT 2008 document, Workbench Imaging Guide.
•
The PackageGroup property, see the section, “PackageGroup,” in the MDT 2008 document, Toolkit Reference.
•
The LanguagePacks property, see the section, “LanguagePacks,” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Select the Packages Group for a Task Sequence For each task sequence created in Deployment Workbench, select a packages group to be deployed with the task sequence. A package group is a logical grouping of one or more packages defined in the OS Packages node in Deployment Workbench. When the package group is selected for a task sequence, the packages are automatically copied to the deployment point and are available to the MDT 2008 scripts. The packages reside in the distribution_point\OS Packages\driver folder (where distribution_point is the name of the folder that is the root of the distribution point and driver is the name of the driver listed in Deployment Workbench). To select the package group for a task sequence 21. Start Deployment Workbench. 22. In the console tree, expand Distribution Share, and then click Task sequences. 23. In the details pane, right-click task_sequence_id (where task_sequence_id is the ID of the task sequence for which to select a package group), and then click Properties. 24. In the task_sequence_id Properties dialog box, on the Task Sequence tab, locate the Apply Patches task sequence step and on the Properties tab, in Package group, select package_group (where task_sequence_id is the ID of the task sequence selected and package_group is the name of the packages group to deploy), and then click OK. 25. Repeat steps 3 and 4 for each Apply Patches task sequence step in the task sequence. Note To deploy all packages with a task sequence, in the Package group box, click All Packages.
Languages Language packs enable a multilingual Windows environment. Windows Vista is language-neutral, and all language and locale resources are added to Windows Vista through language packs (Lp.cab files). By adding one or more language packs to Windows Vista, those languages can be enabled when installing the operating system. As a result, the same Windows Vista image can be deployed to regions with different language and locale settings, reducing development and deployment time. See the following references for additional information about language packs in Windows Vista: •
For instructions on installing language packs during deployment, see the section, “Running the Windows Deployment Wizard,” in the MDT 2008 document, Preparing for LTI Tools.
•
For the configuration properties for installing language packs automatically, see the MDT 2008 document, Toolkit Reference.
•
For more information about Windows Vista language packs, see “Manage Language Packs for Windows” in Windows AIK.
If installing Windows XP Multi-user Interface (MUI) language packs, add each language pack as an application to the distribution share. Then, install the language pack as part of the task sequence or allow the user to choose a language pack during deployment. For language packs, create a subgroup called Language Packs in the State Restore group, and then add language packs to it.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
9
Deployment Customization Guide: Customizing Task Sequences
Doing so installs language packs automatically, keeps them organized, and provides control over the installation order. To prevent users from seeing language packs in the list of applications during deployment, in the Application Properties dialog box (where Application is the name of the language pack added to the distribution share), clear the Enable this application check box.
Patches Apply patches to task sequences to keep the images up-to-date for security and additional software updates. Add the patches during the initial creation of the task sequence, or add them as a secondary process after the task sequence is created. To add patches to a task sequence 26. Start Deployment Workbench. 27. Click Task Sequences, right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 28. In the Task Sequence Properties dialog box, click the Task Sequence tab. Click the location to insert the patches, and then click Add. 29. Click General, and then click Run Command Line. 30. In the Properties dialog box, in the right pane of the Task Sequence tab, in the Name box, type Apply Patches. 31. In the Command line box, type cscript.exe “%SCRIPTROOT%ZTIPatches.wsf” (including the quotation marks). 32. Click OK.
Drivers Before deploying operating system images to target computers, add any device drivers that must be installed with the operating system. Add the drivers to be installed using the: •
New Driver Wizard in Deployment Workbench.
•
$OEM$ folder structure for original equipment manufacturer (OEM)–supplied drivers.
Add Drivers Using the New Driver Wizard in Deployment Workbench In Deployment Workbench, edit the Out-of-Box Drivers listing so it contains groups that help identify which drivers are associated with different platforms and computer types. This can help identify the drivers to associate with the different images in use. To add a group classification to an Out-of-Box Drivers listing 33. Start Deployment Workbench. 34. Expand Distribution Share, click Out-of-Box Drivers, click driver (where driver is the name of the driver to add to a group), and then click Properties. 35. In the Driver Properties dialog box, click the Groups tab. Click Add to open the New Driver Group dialog box. Type the new name of the driver group into the text box, click OK, and then click OK to close the Driver Properties dialog box. The New Driver Wizard finishes, and the new driver name appears in the details pane. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Note Repeat this procedure for each set of drivers to be added except the drivers that are located beneath source_directory_name.
Add Drivers Using the $OEM$ Folder Structure In addition to the drivers configured in Deployment Workbench, OEM-supplied drivers can be added by adding the $OEM$ folder structures to the deployment point. Include drivers that are typically installed during graphical user interface (GUI)–mode setup or post-setup by standard Plug and Play enumeration. Doing so permits preloading original equipment manufacturer (OEM) Plug and Play drivers that they can use later, when the associated hardware is introduced in the system. During the LTI deployment process, LTIApply.wsf scans for $OEM$ folders that contain drivers in the following order: •
The build of the target operating system
•
The version of the target operating system
•
The processor architecture of the target computer
•
Globally, for all target computers
Note In an instance where multiple $OEM$ folders have been defined, the first driver that LTIApply.wsf finds is deployed to the target computer.
Applications During the Developing Phase, the applications were repackaged or their installation automated. Core applications are common to most computers in the organization; supplemental applications are not. The first step in adding applications to an image is to add them to the distribution share. Deployment Workbench can install the application from its original network location, or it can copy the application source files to the distribution share. In either case, specify the commands for installing the application when it is added to the distribution share.
Enable or Disable an Application To enable or disable an application, perform the following steps: 36. Start Deployment Workbench. 37. In the console tree, click Applications. 38. In the details pane, right-click the application to be enabled or disabled, and then click Properties. 39. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Enable this application check box to enable the installation of the selected application.
•
Clear the Enable this application check box to disable installation of the selected application.
Note If an application intended for installation is added during the task sequence, that application can be disabled by clearing the Enable this application check box. The application will still be installed during the task sequence, but the user will not see it in the applications list.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
11
Deployment Customization Guide: Customizing Task Sequences
Hide or Unhide an Application To hide or unhide an application, perform the following steps: 1. Start Deployment Workbench 2. In the console tree, click Applications. 3. In the details pane, right-click the application to be enabled or disabled, and then click Properties. 4. Click the General tab, complete one of the following tasks, and then click OK: •
Select the Hide this application in the Deployment Wizard check box to hide the installation of the selected application to the client.
•
Clear the Hide this application in the Deployment Wizard check box to unhide the installation of the selected application to the client.
Custom Images Custom images contain the minimum amount of information required. It is common to use custom images for applications that serve a specific purpose. In addition, a custom image might contain specific regional information; for example, language packs or specific security settings.
Create Custom Images The process for creating and deploying a custom image is identical to creating and deploying a standard image: install additional applications and updates, deploy the image, and so on. Using custom images, the process of deploying specific applications to a predefined group of computers can easily be simplified. For information on creating a custom image, see the MDT 2008 document, Image Customization Guide.
Deploy Custom Images For information on deploying custom images using Deployment Workbench, see the section “Running the Windows Deployment Wizard” in the MDT 2008 document, Preparing for LTI Tools.
Systems Management Server Using Systems Management Server, packages, languages, advertisements, drivers, custom images, and more can be added to task sequences.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Packages Systems Management Server packages contain the files and commands used to run the programs in the package in addition to other important information, such as which distribution points provide the package source files for target computers, and so on. To modify an existing package 40. In SMS Administrator Console, expand Site Database, and then expand site_code (where site_code is the name of the Systems Management Server site). 41. Expand Packages, right-click the package to edit, and then click Properties. 42. Use the Package Properties dialog box to change the settings. For additional information about packages, see the Systems Management Server 2003 Operations Guide at http://www.microsoft.com/technet/prodtechnol/sms/sms2003/opsguide/default.mspx?mfr= true.
Languages System Management Server distributes language packs as System Management Server packages. Create System Management Server packages that include the language packs, and then distribute the packages to the System Management Server distribution points. To modify an existing language for System Management Server 43. In SMS Administrator Console, expand Site Database, and then expand site_code (where site_code is the name of the Systems Management Server site). 44. Expand Packages, right-click the language to edit, and then click Properties. 45. Use the Package Properties dialog box to change the settings. For additional about modifying languages, see the section, “Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages,” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide.
Advertisements After creating and distributing the package, advertise a program associated with that package to a target collection in the Systems Management Server site. For more information about advertising packages, see the Systems Management Server 2003 Operations Guide at http://www.microsoft.com/technet/prodtechnol/sms/sms2003/opsguide/default.mspx?mfr= true.
Drivers During the ZTI deployment process, device drivers for target computers may have to be installed at the time the operating system is being deployed. Typically, device drivers are configured in Deployment Workbench and are available through the distribution point. However, multiple copies of device drivers might be created so that not all target computers are required to connect to the distribution point—for example, if packages will be deployed to branch offices and a local copy of the device drivers will be provided for each branch office. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
13
Deployment Customization Guide: Customizing Task Sequences
For ZTI deployments, create a Systems Management Server package that contains the device drivers, and then distribute the package to the distribution points. This way, the target computers can access the device drivers from a local Systems Management Server distribution point. Device drivers created in Deployment Workbench can also be distributed by using System Management Server. For more information, see “Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages” in the Microsoft Deployment Toolkit Samples Guide. For additional information about packages, see the Systems Management Server 2003 Operations Guide at http://www.microsoft.com/technet/prodtechnol/sms/sms2003/opsguide/default.mspx?mfr= true.
Custom Images Custom images contain the minimum amount of information required. It is common to use custom images for applications that serve a specific purpose. In addition, custom image might contain specific regional information; for example, language packs or specific security settings.
Create Custom Images The process for creating and deploying a custom image is identical to creating and deploying a standard image. Additional applications and updates must be installed, the image deployed, and so on. Using custom images, the process of deploying specific applications to a predefined group of computers is simplified. For information on creating a custom image, see the MDT 2008 document, Image Customization Guide.
Deploy Custom Images For information on deploying custom images using Systems Management Server, see the section, “Running the Deployment Wizard,” in the MDT 2008 document, Preparing for Microsoft Systems Management Server 2003.
SMS Installer Systems Management Server includes SMS Installer, a tool that creates software executable files. These packages are self-extracting files that contain everything necessary to install the software, including a script to control the installation. Although SMS Installer–generated executable files are created specifically to use on Systems Management Server client computers, they can also be posted to the Internet or packaged on a CD or on floppy disks. SMS Installer creates installation packages that can gather information about the current system, install and delete files, search for files, prompt users for information, and update system files and the Windows registry. The package can be customized to prompt the user for information, or it can run unattended. SMS Installer includes the Windows Installer Step-up Utility (ISU). ISU is a command-line tool that migrates setup packages from the SMS Installer format to the Windows Installer format. The resulting setup package is a Windows Installer setup package with an .msi file name extension.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
The new setup package can be run on any computer that supports Windows Installer. For more information about how to use SMS Installer, see SMS Installer Help. SMS Installer also creates Windows Installer packages and can open SMS Installer–generated executable files. For additional information about SMS Installer, see Installer Step-up Utility for MS Systems Management Server at http://www.microsoft.com/technet/sms/20/instlset.mspx.
System Center Configuration Manager Using System Center Configuration Manager, packages, advertisements, languages, drivers, and more can be added to task sequences.
Packages System Center Configuration Manager uses packages to distribute software to client computers. A package generally represents a software application to be installed on a target computer, but it might also contain individual files, updates, or even an individual command. Note Although System Center Configuration Manager can be used to easily install software on multiple computers, IT personnel must still agree to and follow the software license terms for any software installed using System Center Configuration Manager. Software metering can be used to help track license use. For more information about software metering, see Software Metering in Configuration Manager at http://technet.microsoft.com/en-us/library/bb694169.aspx.
Using packages, software can be delivered, installed, and configured to meet the individual needs of the organization’s users. This is done using programs, which identify the actions that must occur on the client computer, after the package is received. Each program defines for System Center Configuration Manager the client platform and environment within which the package can run and includes any and all appropriate references to script files or command switches. Each package must contain at least one program. For more information about programs, see About Programs at http://technet.microsoft.com/en-us/library/bb632775.aspx. Packages and programs are created and displayed in the Packages node in Configuration Manager console. They are then stored in the database for the site being administered. Packages often contain files in addition to the programs, particularly when installing a software application or update. If the package requires such files, also specify the following information: •
The source folder containing all the files needed for the package. If the package supports more than one platform, all files for all platforms are included in the source folder.
•
The distribution points for the package, on which the package files, programs, and scripts necessary for the package to run successfully will be stored. For more information about distribution points, see About Distribution Points at http://technet.microsoft.com/en-us/library/bb680614.aspx.
After creating a package with a source folder, System Center Configuration Manager sends the package source files to the distribution points specified. After programs have been defined for a package and the package data has been sent to one or more distribution points, create advertisements that make those programs available to the client computers in the specified collection. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
15
Deployment Customization Guide: Customizing Task Sequences
For more information about advertisements, see About Advertisements at http://technet.microsoft.com/en-us/library/bb694110.aspx. For additional information about package creation, property values, and using a package definition file as a template, see How to Create a Package at http://technet.microsoft.com/en-us/library/bb693627.aspx.
Advertisements After a software distribution package has been created, along with programs to tell client computers what to do with the package, advertise the program that the client computers are to run. Advertising the program makes a program available to a specified collection of client computers. System Center Configuration Manager evaluates advertisements to determine which client computers will receive a specific program to run. An advertisement specifies the following information: •
The program to run. (For more information, see About Programs at http://technet.microsoft.com/en-us/library/bb632775.aspx.)
•
The target collection of computers, users, or user groups to receive the program. (For more information, see About Collections at http://technet.microsoft.com/enus/library/bb694134.aspx.)
•
The schedule that specifies when the program is available. In the case of assigned— that is, mandatory—advertisements, additional options, such as Wake-on-LAN and ignoring maintenance windows can be used in conjunction with this schedule. (For more information, see How to Assign a Mandatory Advertisement at http://technet.microsoft.com/en-us/library/bb694124.aspx.)
The site’s client computers will not be able to receive advertised programs until the software distribution client agent on the site’s client computers is enabled. The Advertised Programs Client Agent performs the necessary software distribution–related tasks on these clients, primarily allowing the clients to receive and run the programs advertised. For additional information about advertisements, see About Advertisements at http://technet.microsoft.com/en-us/library/bb694110.aspx.
Languages System Center Configuration Manager distributes language packs as System Center Configuration Manager software distribution packages. Create software distribution packages that include the language packs, and then distribute the packages to the System Center Configuration Manager distribution points. Language packs created in Deployment Workbench can also be distributed by using System Center Configuration Manager. This process is similar to distributing language packs in System Management Server. For more information, see the section “Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages” in the MDT 2008 document Microsoft Deployment Toolkit Samples Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Deploy language packs to Windows Vista and Windows Server 2008 using one of the following methods: •
Online. Installs the language pack after the target operating system is deployed. This method is commonly used to add language packs to operating system editions that support multiple languages (such as Windows Vista Enterprise or Windows Vista Ultimate). This allows users to interactively select different operating systems. For this method, add the Install Language Packs Online action during the State Restore phase to deploy the language packs. Note When deploying a language pack to an operating system edition that does not support multiple languages when using the online method, the newly deployed language becomes the new default language and the existing default language is removed automatically within 24 hours.
•
Offline. Installs the language pack before the target operating system starts for the first time. This allows the language to be automatically selected by the MDT 2008 deployment process or by allowing the user to select the default language the first time the target operating system starts. For this method, add the Install Language Packs Offline action during the Postinstall phase to deploy the language packs.
When using either method, the language pack package must be created in System Center Configuration Manager prior to configuring the task sequence action. The only required configuration parameter for either action is to specify the language pack package to be deployed. To install a language pack using the online method 46. Create a System Center Configuration Manager package that contains the language pack(s) to be deployed to the target computers. 47. On the Task Sequences node, in the details pane, right-click task_sequence, and then click Edit (where task_sequence is the name of the task sequence to modify). 48. In the task sequence editor dialog box, in the State Restore task sequence group, click Add, click MDT, and then click Install Language Packs Online. This adds the Install Language Packs Online action to the task sequence. 49. On the Properties tab of the Install Language Packs Online action, click Browse. 50. In the Select a Package dialog box, click package (where package is the package created in step 1), and then click OK. 51. Click OK. To install a language pack using the offline method 52. Create a System Center Configuration Manager package that contains the language pack(s) to be deployed to the target computers. 53. On the Task Sequences node, in the details pane, right-click task_sequence, and then click Edit (where task_sequence is the name of the task sequence to modify). 54. In the task sequence editor dialog box, in the Postinstall task sequence group, click Add, click MDT, and then click Install Language Packs Offline. This adds the Install Language Packs Online action to the task sequence. 55. On the Properties tab of the Install Language Packs Online action, click Browse. 56. In the Select a Package dialog box, click package (where package is the package created in step 1), and then click OK. 57. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
17
Deployment Customization Guide: Customizing Task Sequences
Drivers The driver catalog helps manage the cost and complexity of deploying an operating system in an environment that contains different types of computers and devices. The driver catalog consists of two nodes in the Configuration Manager console: Drivers and Driver Packages. Storing device drivers in the driver catalog and not with each individual operating system image greatly reduces the number of operating system images that are required. When deploying an operating system image, each operating system image can install enabled device drivers that have been imported are available on a distribution point. Also multiple versions of Windows device drivers can be stored in the driver catalog. Maintaining multiple versions of device drivers provides an easy way to upgrade existing device drivers when hardware device requirements change on the network. For more information about the driver catalog, see How to Manage the Driver Catalog at http://technet.microsoft.com/en-us/library/bb693985.aspx.
Custom Images Custom images contain the minimum amount of information required. It is common to use custom images for applications that serve a specific purpose. A custom image might contain specific regional information—for example, language packs or specific security settings.
Create Custom Images The process for creating and deploying a custom image is identical to creating and deploying a standard image: Install additional applications and updates, deploy the image, and so on. Using custom images simplifies the process of deploying specific applications to a predefined group of computers. For information on creating a custom image, see the MDT 2008 document, Image Customization Guide.
Deploy Custom Images For information on deploying custom images using System Center Configuration Manager, see How to Deploy Operating System Images to a Computer at http://technet.microsoft.com/en-us/library/bb632559.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Scr ipt Custo mi za tions MDT 2008 is flexible and highly customizable. It includes several tools for getting started, but the ability to customize the deployment to fit the organization’s needs is the core of MDT 2008’s strength. In the following section are code samples that show how easily these scripts can be used to customize the deployment process. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Identify the CustomSettings.ini Syntax The syntax of the CustomSettings.ini file is similar to many .ini files. A CustomSettings.ini file includes: •
Sections
•
Properties
•
Settings
Listing 1 shows a CustomSettings.ini file that is customized for a ZTI deployment. For more information about the CustomSettings.ini file in Listing 1, see the section “Basic CustomSettings.ini File for ZTI” later in this guide. Listing 1. CustomSettings.ini File Customized for ZTI Deployment [Settings] Priority=Default, MACAddress Properties=CustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
19
OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
Sections in the CustomSettings.ini File Sections are identified by brackets that surround the section name (for example, [Settings]). In Listing 1, the sections include [Settings], [Default], [00:0F:20:35:DE:AC], and [00:03:FF:FE:FF:FF].
Required Sections Only the [Settings] section is required. All other sections are optional. The MDT 2008 scripts require the [Settings] section in CustomSettings.ini to locate the reserved properties (Priority and Properties).
Optional Sections The optional sections in the CustomSettings.ini file are used to assign a group of configuration settings to: •
A group of computers. In Listing 1, the configuration settings in the [Default] section are applied to more than one computer. For more information, see the section “Applying the Properties to Groups of Computers” later in this guide.
•
An individual computer. In Listing 1, the configuration settings in the [00:0F:20:35:DE:AC] and [00:03:FF:FE:FF:FF] sections are applied to the corresponding computer (in this case, identified by the media access control [MAC] address of the target computer). For more information, see the section “Applying the Properties to Individual Computers” later in this guide.
Properties in the CustomSettings.ini File Properties are variables to which values must be assigned. Properties are followed by an equal sign (=). The scripts scan the CustomSettings.ini file to locate the properties. The types of properties that can be used in deploying target computers include properties that are: •
Automatically declared in ZTIGather.wsf. These predefined properties are declared in the ZTIGather.wsf code and are documented in the MDT 2008 document, Toolkit Reference. In addition, the ZTIGather.wsf file automatically sets the values for these properties. These properties are not configured in CustomSettings.ini and should be treated as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
•
•
Microsoft Deployment Toolkit 2008
Declared in the ZTIGather.xml file. These predefined properties are listed in the ZTIGather.xml file and are documented in the MDT 2008 document, Toolkit Reference. The ZTIGather.wsf file retrieves these properties by scanning the ZTIGather.xml file. Divide the properties in this file into properties that: •
ZTIGather.wsf automatically assigns values. ZTIGather.wsf automatically sets the values for these properties, which must be treated as read-only.
•
Must be assigned values in CustomSettings.ini. Ensure that the value for any property to be used is set in CustomSettings.ini and is considered modifiable.
Declared in the Properties property. These are custom properties that can be declared, and they are in addition to the properties automatically declared in ZTIGather.wsf and in ZTIGather.xml.
The way properties are used for ZTI and LTI are identical. However, some properties are unique to ZTI or LTI deployment. Because ZTI deployments (in this Systems Management Server example) use Systems Management Server with the SMS 2003 OSD Feature Pack to deploy target operating system images, ZTI has properties that refer to SMS 2003 OSD Feature Pack values (such as OSDInstallPackage, OSDInstallProgram, and OSDNewMachineName). Like ZTI deployments, LTI deployments also have unique properties. Most of the LTIspecific properties relate to the Windows Deployment Wizard (such as SkipAdministratorPassword, SkipCapture, or SkipUserData). Although these properties use the same syntax as other properties, the reserved properties perform specific functions in the deployment processing rules.
Priority Reserved Property The Priority reserved property determines the sequence and section of where to find configuration values. Each section is searched in the order specified. When a property value is found, the remaining sections are not used for that property. In Listing 1, the [Default] section is parsed first, and then the section that corresponds to the MAC address of the target computer (in this case, [00:0F:20:35:DE:AC] or [00:03:FF:FE:FF:FF]). Table 3 lists the types of property value that can be assigned to the Priority property.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
21
Table 3. Priority Property Value Types and Their Descriptions Priority property value
Description
DefaultGateway
The scripts scan for a section that matches the default gateway IP address of the target computer; for example, a section named [10.1.1.1]. If the section is found, the script scans the section for properties. If the section does not exist, the script continues scanning based on the remaining values in the Priority property.
LocalDataName
Any property known to the scripts can be used to identify a section name in the configuration file. For example, specifying the HostName property causes the script to scan for a section with the target computer host name. Other properties, like MACAddress, can result in multiple section names being checked (because a computer can have multiple MAC addresses).
CustomSection
One or more specific section names can be specified, where CustomSection represents the section name. For example, if MySection were included in the Priority property, the [MySection] section would be searched for any properties not previously found.
Properties Reserved Property The Properties reserved property (shown in Listing 1) defines any custom, user-defined properties to be used in the deployment. These user-defined properties are located by ZTIGather.wsf script in the CustomSettings.ini file (or configuration database). These properties are in addition to the predefined properties in MDT 2008. In Listing 1, CustomProperty is a user-defined property, and ScanStateArgs is a predefined property. For a list of the predefined properties in MDT 2008, see the “Properties” section in the MDT 2008 document, Toolkit Reference.
Values in the CustomSettings.ini File Values are the configuration settings assigned to the properties. Values are preceded by an equal sign (=). The scripts scan the CustomSettings.ini file to locate the values. In Listing 1, the value assigned to the LoadStateArgs property is: /v:5 /c /lac
Basic CustomSettings.ini File for LTI For LTI deployments, Deployment Workbench uses a template version of the CustomSettings.ini file (stored in C:\Program Files\ Workbench\Templates) as a basis for a customized version of the CustomSettings.ini file. The template version of the CustomSettings.ini file is illustrated in Listing 2. The template version in Listing 2 does not contain sufficient settings to successfully deploy Windows Vista to a target computer. However, the file will be further customized using Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
Listing 2. Unmodified CustomSettings.ini File in the Templates Folder [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac The New Deployment Point Wizard in Deployment Workbench will modify this template of the CustomSettings.ini file based on the responses provided. Listing 3 shows the customized version of the CustomSettings.ini file after completing the New Deployment Point Wizard. Listing 3. Customized CustomSettings.ini File Modified by Deployment Workbench [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES The CustomSettings.ini file in Listing 3 contains the property values for all of the target computers to be migrated using this version of the file. This version of the file contains no values that are unique to a specific target computer. For LTI, the target computer–specific configuration values are manually provided during the installation process. Table 4 explains the properties and corresponding values used in Listing 3.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
23
Table 4. Explanation of CustomSettings.ini Properties in Listing 3 Line in CustomSettings.ini
Purpose
[Settings]
Indicates the start of the [Settings] section.
Priority=Default
Establishes the sequence in which the process parses subsections to locate values for the variables. In this example, the [Default] section is the only subsection that is parsed for variables.
Properties=MyCustomProperty Indicates any additional properties to locate. The properties listed here are in addition to the properties listed in ZTIGather.xml. ZTIGather.wsf parses ZTIGather.xml to obtain a list of the properties. [Default]
Indicates the start of the [Default] section.
OSInstall=Y
Indicates that the computer is supposed to perform an operating system deployment.
ScanStateArgs=/v:5 /o /c
Parameters passed to the Scanstate.exe tool in the USMT. These parameters are passed to Scanstate.exe during state capture.
LoadStateArgs=/v:5 /c /lac
Parameters passed to the Loadstate.exe tool in the USMT. These parameters are passed to Loadstate.exe during state restore.
UserDataLocation=NONE
Indicates where the user state migration data should be saved. The value NONE indicates that the user state migration data should not be saved.
SkipAppsOnUpgrade=YES
Indicates whether the Application to be installed during Upgrade page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
SkipCapture=YES
Indicates whether the Specify whether to prompt for image capture page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
SkipAdminPassword=YES
Indicates whether the Allow user to set Administrator Password page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
SkipProductKey=YES
Indicates whether the Allow user to specify a product key page in the Windows Deployment Wizard is displayed. If the property is set to YES, the wizard page is skipped and is not displayed.
For more information on the individual properties, see the corresponding reference section in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Basic CustomSettings.ini File for ZTI For ZTI deployments, Deployment Workbench uses a template version of the CustomSettings.ini file (stored in C:\Program Files\Workbench\Templates) as a basis for a customized version of the CustomSettings.ini file. The template version of the CustomSettings.ini file is illustrated in Listing 4. The template version in Listing 4 does not contain sufficient settings to successfully deploy Windows Vista to a target computer. However, the file will be further customized using Deployment Workbench. Listing 4. Unmodified CustomSettings.ini File in the Templates Folder [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac The New Deployment Point Wizard in Deployment Workbench modifies this template version of the CustomSettings.ini file based on the responses provided. Listing 5 shows the customized version of the CustomSettings.ini file after completing the New Deployment Point Wizard. Listing 5. Customized CustomSettings.ini File Modified by Deployment Workbench [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista The CustomSettings.ini file shown in Listing 5 contains the property values for all of the target computers to be deployed using this version of the file. This version of the file contains no values that are unique to a specific target computer. For ZTI, the target computer–specific configuration values are manually added after running the New Deployment Point Wizard before the installation process begins. Listing 6 shows the version of the CustomSettings.ini file after further customization to include target computer–specific settings. Listing 6. Customized CustomSettings.ini File Customized for Target Computer Settings [Settings] Priority=Default, MACAddress Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
25
Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista Table 5 explains the properties and corresponding values used in Listing 6. Table 5. Explanation of CustomSettings.ini Properties in Listing 6 Line in CustomSettings.ini
Purpose
[Settings]
Indicates the start of the [Settings] section.
Priority=Default, MACAddress
Establishes the sequence in which the process parses subsections to locate values for the variables. In this example, the [Default] section is parsed first, and then the section that corresponds to the MAC address of the target computer (MACAddress). The sections for the target computers ([00:0F:20:35:DE:AC] and [00:03:FF:FE:FF:FF]) contain computerspecific settings.
Properties=MyCustomProperty
Indicates any additional properties to locate. The properties listed here are in addition to the properties listed in ZTIGather.xml. ZTIGather.wsf parses ZTIGather.xml to obtain a list of the properties.
[Default]
Indicates the start of the [Default] section.
OSInstall=Y
Indicates whether the target computer is authorized to have the operating system installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Line in CustomSettings.ini
Purpose
ScanStateArgs=/v:5 /o /c
Parameters passed to the Scanstate.exe tool in the USMT. These parameters are passed to Scanstate.exe during the State Capture Phase.
LoadStateArgs=/v:5 /c /lac
Parameters passed to the Loadstate.exe tool in the USMT. These parameters are passed to Loadstate.exe during state restore.
UserDataLocation=NONE
Indicates where the user state migration data should be saved. The value NONE indicates that the user state migration data should not be saved.
OSDINSTALLSILENT=1
Controls the display of SMS OSD Feature Pack (OSD_wizards). When the property is set to a value of 1, no wizard pages are displayed.
[00:0F:20:35:DE:AC]
Section that contains all the properties and settings that are specific to the target computer with the matching MAC address. In this sample, the target computer has a MAC address of [00:0F:20:35:DE:AC].
[00:03:FF:FE:FF:FF]
Section that contains all the properties and settings that are specific to the target computer with the matching MAC address. In this sample, the target computer has a MAC address of [00:03:FF:FE:FF:FF].
OSDNEWMACHINENAME=HPD530-1 OSDNEWMACHINENAME=BVMXP
Specifies the new computer name to be assigned to the target computer by the SMS 2003 OSD Feature Pack. In this sample the computers names HPD530-1 and BVMXP are assigned to each respective target computer.
OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPACKAGE=NYC00002
Specifies the SMS 2003 OSD Feature Pack package to install on the target computer. In this sample the package names DAL00342 and NYC00002 are assigned to each respective target computer.
OSDINSTALLPROGRAM=CustomVista Specifies the name of the SMS 2003 OSD OSDINSTALLPROGRAM=SpecialVista Feature Pack program to run for the specified package (OSDInstallPackage). In this sample the package names CustomVista and SpecialVista are assigned to each respective target computer. For more information on the individual properties, see the corresponding reference section in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
27
Deployment Customization Guide: Configuration Property Customizations
Identify the BootStrap.ini Syntax In ZTI and LTI deployments, use the BootStrap.ini file to specify property settings before accessing the CustomSettings.ini file. Use the BootStrap.ini file to provide distribution point information, SMS 2003 OSD Feature Pack package and program information, logon credentials, and Windows PE keyboard locale settings. The properties configured in BootStrap.ini help the MDT 2008 scripts locate the appropriate: •
MDT 2008 distribution point.
•
SMS 2003 OSD Feature Pack package and program.
For example, in the New Computer scenario for ZTI, specify the SMS 2003 OSD Feature Pack properties in BootStrap.ini so that the scripts know which SMS 2003 OSD Feature Pack package to use (because CustomSettings.ini is in the package). The syntax of the BootStrap.ini file is identical to the CustomSettings.ini file. The BootStrap.ini file contains a subset of the properties that are used in the CustomSettings.ini file. Table 6 lists the common properties that are configured in BootStrap.ini. Table 6. Common Properties Configured in BootStrap.ini Property name
LTI
DeployRoot
SkipBDDWelcome
UserDomain
UserID
UserPassword
KeyboardLocale
ZTI
OSDInstallSilent
OSDInstallPackage
OSDInstallProgram
Deployment Workbench creates the BootStrap.ini file when a deployment point is created. After the initial creation, make all further customizations manually. Listing 7 shows the BootStrap.ini file that Deployment Workbench creates automatically for deployment point types other than SMS 2003 OSD Feature Pack (OSD), including the lab or single-server deployment (LAB), separate deployment share (Network), and Removable media (Media) deployment types. The BootStrap.ini file in Listing 7 might have to be customized (for example, to add the properties listed in Table 6). Listing 7. BootStrap.ini File As Created by Deployment Workbench for Deployment Point Types Other Than OSD [Settings] Priority=Default [Default] DeployRoot=\\NYC-BDD-01\Distribution$ Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Listing 8 illustrates the BootStrap.ini file that Deployment Workbench creates automatically for SMS OSD Feature Pack deployment points that have been customized to include the OSDInstallSilent, OSDInstallPackage, and OSDInstallProgram properties. Note
The DeployRoot property is not automatically added to an OSD deployment type.
Listing 8. BootStrap.ini File As Created by Deployment Workbench for OSD Type Deployment Points for ZTI-Based Deployments [Settings] Priority=Default [Default] OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=XXX00000 OSDINSTALLPROGRAM=Install
Con figu r ation Pr oper ty Cu stom iz ations MDT 2008 uses wizards to create and manage configuration files. For more information about the standard MDT 2008 configuration files, CustomSettings.ini and BootStrap.ini, see the section, “Configuration Files,” earlier in this guide. However, configuration files can be customized to meet the needs of the organization. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Select the Configuration Properties Before configuring the deployment process, select the properties to reference from the predefined or user-defined properties. The properties selected must include all the configuration settings to be supplied during the deployment process. For ZTI deployments, provide all configuration settings required to deploy the target operating system. For LTI deployments, provide a subset of configuration settings that are provided automatically; the remainder of the settings can be provided manually during the deployment process. The MDT 2008 process occurs in phases that are defined in the TS.xml file. Task Sequencer parses the TS.xml file to identify the appropriate sequence for performing the deployment process. The phases defined in the TS.xml file include: •
Validate Phase. Performs validation checks to make sure that the operating system installation can proceed; specifically blocks installation on server operating systems.
•
State Capture Phase. Gathers information from the configuration file, databases, and the local machine to determine how the image installation process should
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
29
proceed, including whether there is enough space to do a local USMT state backup. The scripts also invoke the USMT Scanstate.exe command as appropriate. •
Preinstall Phase. Confirms that the necessary information has been gathered in the State Capture Phase for the Refresh Computer and Upgrade Computer scenarios. In the New Computer and Replace Computer scenarios, the script gathers the necessary information in this phase because these scenarios do not perform the State Capture Phase. Also, a backup of the computer can be optionally performed for the Refresh Computer and Upgrade Computer scenarios.
•
Install Phase. Installs the target operating system on the target computers.
•
Post Install Phase. Updates the Sysprep.inf file, Sysprep.xml file, or Unattend.txt file with information gathered in the previous custom actions based on the operating system being deployed.
•
State Restore Phase. Invokes the USMT Loadstate.exe command to restore the user state that was previously backed up.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
The TS.xml file identifies the appropriate steps in each phase based on each type of deployment scenario (Upgrade Computer, Refresh Computer, Replace Computer, and New Computer). In addition, the TS.xml file identifies the steps that are run only for deployments based on the SMS 2003 OSD Feature Pack (used in ZTI only). Select the properties required during each phase of the deployment process. For more information on each of the properties used in each phase, see the section, “Properties,” in the MDT 2008 document, Toolkit Reference.
Select the Validate Phase Properties Currently, there are no properties that are specific to the Validate Phase.
Select the State Capture Phase Properties During the State Capture Phase, the user state migration information is captured and saved either locally on the target computer or to a network shared folder. The following properties are commonly used during the State Capture Phase: •
ScanStateArgs
•
UDShare
•
UDDir
•
UDProfiles
•
UserDataLocation
•
USMTMigFiles
Select the Preinstall Phase Properties During the Preinstall Phase, the scripts can initiate a backup of the target computer to a local drive or to a network shared folder. The following properties are commonly used during the Preinstall Phase: •
BackupDir
•
BackupShare
•
ComputerBackupLocation
•
DoCapture
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Property Customizations
31
Select the Install Phase Properties During the Install Phase, the appropriate operating system image is deployed to the target computer. The following properties are commonly used during the Install Phase: •
BackupDir
•
BackupShare
•
OSDInstallPackage
•
OSDInstallProgram
•
OSDInstallSilent
Select the Post Install Phase Properties During the Post Install Phase, the appropriate operating system image is deployed to the target computer. The following properties are commonly used during the Post Install Phase: •
BackupDir
•
ComputerName
•
OSDNewMachineName
Select the State Restore Properties During the State Restore Phase, the user state migration information is captured and saved either locally on the target computer or to a network shared folder. The following properties are used during the State Restore Phase: •
ScanStateArgs
•
UDShare
•
UDDir
•
UDProfiles
•
UserDataLocation
•
USMTMigFiles
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppl ying the Pr oper ti es t o Gr oups of C ompu ter s Whenever possible, use group-based rules to apply most computer configuration settings. Group-based rules allow the same configuration settings to be applied to a group of client computers. After applying group-based rules, computer-specific configuration settings can be supplied using computer-based rules. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Select the Method for Grouping Computers Different methods can be used to group client computers. After determining how to group the computers, select the appropriate properties to help group them. Using the processing rules in MDT 2008, group computers based on any property that might be applied to a group of computers (such as Make, Model, or DefaultGateway). Table 7 lists methods of grouping computers, a description of the method, and the properties that can be used to group the computers. Table 7. Methods for Grouping Computers Grouping method
Description
Properties
Geographically
Group configuration settings based on resources located within a geographic region (such as a shared folder on a computer within a geographic region).
DefaultGateway
Target computer hardware attributes
Group configuration settings based Architecture on hardware attributes (such as the CapableArchitecture make of the computer or processor architecture of the target computer). Make Model HALName
Target computer software attributes
Group configuration settings based on hardware attributes (such as the operating system version of the target computer).
OSVersion
Default attributes
Apply configuration settings to all target computers when the properties are not in other sections.
Default
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Applying the Properties to Groups of Computers
33
In most instances, computer groupings can be nested. For example, the DefaultGateway property can be used to designate the IP subnets on which a computer resides within a geographic location. Define locations using the user-defined properties in the [DefaultGateway] section, as shown in Listing 9. Note A variety of methods can be used to group computers by hardware configuration, and the script will search for the substituted value regardless. For instance, if a Priority=Make is specified, the script substitutes the value for Make that it determines through a Windows Management Instrumentation (WMI) call and will look for the corresponding section—for example, [Dell Computer Corporation].
Example: Computer Groupings Selected by Woodgrove Bank Listing 9 shows an example of how the fictional company, Woodgrove Bank, used [DefaultGateway] to designate the configuration settings for a specific location. Three subnets (172.16.0.3, 172.16.1.3, and 172.16.2.3) reside within the NYC location. A separate section, [NYC], includes the configuration settings that are specific to the NYC location. Similar sections exist for the DALLAS and WASHINGTON locations. This is a special case that allows multiple default gateways to point to the same section. In many environments, a one-to-one mapping might be expected between the [DefaultGateway] section and a corresponding section. Listing 9. Using [DefaultGateway] to Designate Location-Specific Configuration Settings [DefaultGateway] 172.16.0.3=NYC 172.16.1.3=NYC 172.16.2.3=NYC 172.16.111.3=DALLAS 172.16.112.3=DALLAS 172.16.116.3=WASHINGTON 172.16.117.3=WASHINGTON [NYC] UDShare=\\NYC-AM-FIL-01\MigData SLShare=\\NYC-AM-FIL-01\Logs Packages1=NYC00010-Install Packages2=NYC00011-Install Administrator1=WOODGROVEBANK\NYC Help Desk Staff [DALLAS] UDShare=\\DAL-AM-FIL-01\MigData SLShare=\\DAL-AM-FIL-01\Logs Administrator1=WOODGROVEBANK\DAL Help Desk Staff Note The complete source for the CustomSettings.ini file used in these examples can be found in the section, “Basic CustomSettings.ini File for ZTI,” earlier in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Apply the Properties to the Groups After identifying how to group configuration settings, determine which properties and corresponding configuration settings to apply to each group. Properties that can be grouped are properties that can be applied to multiple computers. Some examples of properties that are typically applied to groups of computers include: •
BackupDir
•
BackupShare
•
CaptureGroups
•
ComputerBackupLocation
•
Packages
•
SLShare
•
UDDir
•
UDShare
•
UDProfiles
Properties that are not applied to groups of computers are those specific to a particular computer. Examples of properties that are not appropriate to apply to groups of computers include: •
AssetTag
•
HostName
•
IPAddress
•
OSDNewMachineName
•
SerialNumber
Example: Group-Based Configuration Settings Selected by Woodgrove Bank Listing 9 showed an example in which Woodgrove Bank selects group-based configuration settings: •
In the NYC and DALLAS locations, UDShare, SLShare, and Administrator1 are specified for each location.
•
The servers that UDShare and SLSShare (NYC-AM-FIL-01 and DAL-AM-FIL-01) reference are within each respective location.
•
The Administrator accounts that Administrator1 (WOODGROVEBANK\NYC Help Desk Staff and WOODGROVEBANK\DAL Help Desk Staff) reference are unique to each respective location.
•
In NYC, location-specific packages are designated by Packages1 and Packages2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppl ying the Pr oper ti es t o Ind ivi dual Co mpute r s After determining the groupings of target computers and configuration settings to be applied to each group, determine the method for identifying individual computers and the configuration settings to assign to each computer. The rules for target computers allow the override or augmentation of group-based processing rules based on the priority of the computer-based rules. For more information about determining the priority of processing rules, see the section, “Priority Reserved Property,” earlier in this guide. Whenever possible, use group-based rules for most client computer configuration settings. Group-based rules allow the same configuration settings to be applied to a group of computers. After applying group-based rules, computer-specific configuration settings can be applied using computer-based rules.
Select the Methods for Identifying Computers As when grouping computers, more than one method is available for identifying individual computers. After selecting the method for identifying an individual target computer, select the appropriate properties. The processing rules allow the grouping of computers based on any property that might be applied to a group of computers (such as AssetTag, MACAddress, UUID, and so on). Table 8 lists the methods of identifying individual computers, a description of the method, and the properties that can be used to identify the individual computers. Table 8. Methods for Identifying Individual Computers Identification method
Description
Properties
Target computer hardware attributes
Identify the target computer using the hardware configuration.
MACAddress
Target computer software attributes
Identify the target computer using the software or firmware configuration.
Product (in conjunction with Make and Model)
Identify the target computer using attributes that are assigned to the computer but are not a part of the hardware or software configuration.
AssetTag
Target computer userdefined attributes
Solution Accelerators
UUID SerialNumber
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Example: Computer Identification Method Selected by Woodgrove Listing 10 shows an example of how Woodgrove Bank identified computer-based configuration settings. In this instance, Woodgrove used the MAC address of the computer to identify the corresponding configuration settings for the computer (for example, 00:03:FF:CB:4E:C2 and 00:0F:20:35:DE:AC). The configuration settings for each computer are listed immediately after the section that corresponds to the computer's MAC address. Listing 10. How Woodgrove Identified Client Computers [00:03:FF:CB:4E:C2] ComputerName=WasW2K OverRideProductKey= TTTTT-VVVVV-WWWWW-XXXXX-YYYYY [00:0F:20:35:DE:AC] ComputerName=HPD530-1 OverRideProductKey= AAAAA-BBBBB-CCCCC-DDDDD-EEEEE [00:03:FF:FE:FF:FF] ComputerName=BVMXP OverRideProductKey= 11111-22222-33333-44444-55555
Example: Computer-Based Configuration Settings Selected by Woodgrove Listing 10 also shows the computer-based configuration settings that Woodgrove Bank selected. Table 9 lists the computer-specific configuration settings applied to each computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Applying the Properties to Individual Computers
37
Table 9. Woodgrove Client Computers and the Corresponding Configuration Settings Target computer
Settings and description
[00:03:FF:CB:4E:C2]
ComputerName is the name of the computer after
deployment; in this case, WasW2K. OverRideProductKey is the product key to be assigned to
the computer; in this case, TTTTT-VVVVV-WWWWWXXXXX-YYYYY. [00:0F:20:35:DE:AC]
ComputerName is the name of the computer after
deployment; in this case, HPD530-1. OverRideProductKey is the product key to be assigned to
the computer; in this case, AAAAA-BBBBB-CCCCCDDDDD-EEEEE. [00:03:FF:FE:FF:FF]
ComputerName is the name of the computer after
deployment; in this case, BVMXP. OverRideProductKey is the product key to be assigned to
the computer; in this case, 11111-22222-33333-4444455555.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he D atabase Use the configuration database to store the configuration settings referenced by the CustomSettings.ini file. Using the configuration database is appropriate when the target computers have a high-speed, persistent connection to the server running SQL Server on which the configuration database is stored. Otherwise, make all configuration settings in CustomSettings.ini. For more information about the configuration database, see the section, “Configuration Database,” earlier in this guide. Note The scripts in this section were generated using the SMS 2003 OSD Feature Pack or Deployment Workbench scripting tools. Consult the MDT 2008 document, Toolkit Reference, if using a different scripting tool. Slight variances exist between tools.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu r ation Rule s MDT 2008 scripts configure computer settings based on rules and configuration settings stored in the CustomSettings.ini file. During the Microsoft Solutions Framework (MSF) Planning Phase, the appropriate processing rules to use in the organization were defined. Now, configure those rules in the CustomSettings.ini file or in the configuration database. To configure the processing rules 58. Configure the rules in CustomSettings.ini. 59. Configure the rules in the Deployment Workbench database (DWDB). 60. Modify the list of incompatible basic input/output system (BIOS) versions. 61. Modify the task sequence for a build. 62. Modify the driver groups included in a build. 63. Update deployment processing rules.
Configure the Rules in the CustomSettings.ini File Configure rules in the CustomSettings.ini file. Modify the CustomSettings.ini file based on the rules determined during the MSF Planning Phase. The template version of the CustomSettings.ini file, along with the organization’s rules, becomes the customized CustomSettings.ini file. Depending on the environment, the CustomSettings.ini template may need to be customized for LTI deployments only. For LTI deployments, configuring group-based settings might be sufficient. For ZTI deployments, add configuration settings unique to a specific client computer. These configuration settings can be in addition to or instead of the group-based rules.
Configure the Rules in the DWDB Use Deployment Workbench to configure the rules for LTI and ZTI deployments in the DWDB. The benefits of using the DWDB include: •
It has a more generic version of CustomSettings.ini. Storing the configuration settings in the DWDB removes most of the detail from the CustomSettings.ini file. This change helps make the CustomSettings.ini file more generic so that the same file can be used in multiple deployment points.
•
It is a centralized repository for all property configuration settings. Centralizing the configuration for all property settings ensures consistency across all deployment points.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
40
To configure the rules in the configuration database 64. Configure the property values in the DWDB on the Database node in Deployment Workbench. 65. Configure CustomSettings.ini to include the appropriate database queries for returning the property values stored in the DWDB.
Configure the Property Values in the DWDB The configuration of the property values in the database is organized by the method for applying the properties to the target computers. A node beneath the Database node in Deployment Workbench represents each method, as listed in Table 10. Table 10. Nodes Beneath the Database Node in Deployment Workbench Node
Use this node to define
Computers
Specific target computers based on the AssetTag, UUID, SerialNumber, and MACAddress properties. Associate property settings, applications, packages, roles, and Administrator-level accounts with a computer.
Roles
A group of computers based on the tasks performed by the users of the target computers (using the Role property). Associate property settings, applications, packages, and Administrator-level accounts with a role.
Locations
A group of computers using the DefaultGateway property of the target computers to identify a geographic location. Associate property settings, applications, packages, roles, and Administratorlevel accounts with a location.
Make and Model
A group of computers using the Make and Model properties of the target computers. Associate property settings, applications, packages, roles, and Administrator-level accounts with target computers that are of the same make and model.
Note Create the items on the Roles node before creating items beneath the other nodes (Computers, Locations, and Make and Model), because items on the other nodes can be associated with roles.
Create a New Roles Item To create a new Roles item, perform the following steps: 66. Start Deployment Workbench. 67. In the console tree, expand Deploy, expand Database, and then click Roles. 68. In the console tree, right-click Roles, and then click New. 69. In the Properties dialog box, on the Identity tab, in the Role name box, type role_name (where role_name is the name of the role). 70. Click the Details tab, and then configure the relevant property values identified earlier in the process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
41
71. Click the Applications tab, and then configure the applications to install and the order of the application installation. 72. Click the Packages tab, and then configure the packages to install and the order of the package installation. 73. Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Create a New Computers Item To create a new Computers item, perform the following steps: 74. Start Deployment Workbench. 75. In the console tree, expand Deploy, expand Database, and then click Computers. 76. In the console tree, right-click Computers, and then click New. 77. In the Properties dialog box, on the Identity tab, type the information listed in Table 11. Table 11. Information to Complete the Identity Tab for a New Computers Item In this box
Type
Description
The user-friendly description of the computer.
Asset tag
The asset tag or inventory control tag assigned to the computer.
UUID
The universally unique identifier (UUID) assigned to the target computer.
Serial number
The serial number assigned to the target computer.
MAC address
The MAC address assigned to the target computer.
For more information about the values for asset tag, UUID, serial number, and MAC address, see the AssetTag, UUID, SerialNumber, and MACAddress properties in the MDT 2008 document, Toolkit Reference. 78. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 79. Click the Applications tab, and then configure the applications to install and the order of the application installation. 80. Click the Packages tab, and then configure the packages to install and the order of the package installation. 81. Click the Roles tab, and then configure the roles to associate with the computer. 82. Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
42
Create a New Locations Item To create a new Locations item, perform the following steps: 83. Start Deployment Workbench. 84. In the console tree, expand Deploy, expand Database, and then click Locations. 85. In the console tree, right-click Locations, and then click New. 86. In the Properties dialog box, on the Identity tab, in the Location box, type location_name (where location_name is the user-friendly name to associate with the location) 87. In the Properties dialog box, on the Identity tab, in the Default gateways box, type the IP addresses for all default gateways that exist within the location. 88. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 89. Click the Applications tab, and then configure the applications to install and the order of the application installation. 90. Click the Packages tab and then configure the packages to install and the order of the package installation. 91. Click the Roles tab, and then configure the roles to associate with the computer. 92. Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Create a New Make and Model Item To create a new Make and Model item, perform the following steps: 93. Start Deployment Workbench. 94. In the console tree, expand Deploy, expand Database, and then click Make and Model. 95. In the console tree, right-click Make and Model, and then click New. 96. In the Properties dialog box, on the Identity tab, in the Make box, type make_name (where make_name is the user-friendly name to associate with the make of the manufacturer of the target computer). 97. In the Model box, type model_name (where model_name is the user-friendly name to associate with the model of the target computer). 98. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 99. Click the Applications tab, and then configure the applications to install and the order of the application installation. 100.Click the Packages tab, and then configure the packages to install and the order of the package installation. 101.Click the Roles tab, and then configure the roles to associate with the computer. 102.Click the Administrators tab, configure the accounts to be made members of the local Administrators group on the target computers, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
43
Configure CustomSettings.ini for Database Queries After configuring the property values in the database, configure the CustomSettings.ini files to perform the appropriate database queries. Do so using the Configure DB Wizard in Deployment Workbench. Run the Configure DB Wizard for each deployment point defined in Deployment Workbench that will be updated. To configure CustomSettings.ini for database queries using the Configure DB Wizard in Deployment Workbench 103.Start Deployment Workbench. 104.In the console tree, expand Deploy, and then click Deployment Points. 105.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard starts. 106.Complete the Select computer query options page using the information in Table 12, and then click Next. Table 12. Information to Complete the Select Computer Query Options Wizard Page Select this check box
To
Query for computer-specific settings
Query the settings configured on the Details tab of the Properties dialog box of the computer item.
Query for roles assigned to this computer
Query the roles associated with the computer on the Roles tab of the Properties dialog box of the computer item.
Query for applications to be installed on this computer
Query the applications to be installed on the computer as configured on the Applications tab of the Properties dialog box of the computer item.
Query for Systems Management Server packages to be installed on this computer
Query the packages to be installed on the computer as configured on the Packages tab of the Properties dialog box of the computer item.
Query for administrators to be assigned to this computer
Query the accounts that are to be made members of the local Administrators group on the target computer as configured on the Administrators tab of the Properties dialog box of the computer item.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
44
107.Complete the Select role query options page using the information in Table 13, and then click Next. Table 13. Information to Complete the Select Role Query Options Wizard Page Select this check box
To
Query for role-specific settings Query the settings configured on the Details tab of the Properties dialog box of the role item. Query for applications to be installed for this role
Query the applications to be installed on computers that perform this role, as configured on the Applications tab of the Properties dialog box of the role item.
Query for Systems Management Server packages to be installed for this role
Query the packages to be installed on computers that perform this role as configured on the Packages tab of the Properties dialog box of the role item.
Query for administrators to be assigned for this role
Query the accounts that are to be made members of the local Administrators group on computers that perform this role as configured on the Administrators tab of the Properties dialog box of the role item.
108.Complete the Select location query options page using the information in Table 14, and then click Next. Table 14. Information to Complete the Select Location Query Options Wizard Page Select this check box
To do this
Query for location names based on default gateways
Query for location names based on the IP addresses of the default gateways configured on the Identity tab of the Properties dialog box of the location item.
Query for location-specific settings
Query the settings configured on the Details tab of the Properties dialog box of the location item.
Query for roles assigned for this location
Query the roles associated with the location on the Roles tab of the Properties dialog box of the location item.
Query for applications to be installed for this location
Query the applications to be installed on the target computers within the location configured on the Applications tab of the Properties dialog box of the location item.
Query for Systems Management Server packages to be installed for this location
Query the packages to be installed on the target computers within the location as configured on the Packages tab of the Properties dialog box of the location item.
Query for administrators to be assigned for this location
Query the accounts that are to be made members of the local Administrators group on the target computers within the location as configured on the Administrators tab the Properties dialog box of the location item.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
45
109.Complete the Select make and model query options page using the information in Table 15, and then click Finish. Table 15. Information to Complete the Select Make and Model Query Options Wizard Page Select this check box
To
Query for model-specific settings
Query the settings configured on the Details tab on the Properties dialog box of the make and model item.
Query for roles assigned to computers with this make and model
Query the roles associated with the make and model on the Roles tab of the Properties dialog box of the make and model item.
Query for applications to be installed on computers with this make and model
Query the applications to be installed on the target computers with the make and model as configured on the Applications tab of the Properties dialog box of the make and model item.
Query for Systems Management Server packages to be installed on computers with this make and model
Query the packages to be installed on the target computers with the make and model as configured on the Packages tab of the Properties dialog box of the make and model item.
Query for administrators to be Query the accounts that are to be made assigned to machines with this members of the local Administrators group on make and model the target computer with the make and model as configured on the Administrators tab of the Properties dialog box of the make and model item. When the Configure DB Wizard has finished, the CustomSettings.ini file is configured to perform the selected queries. Listing 11 provides an example of the CustomSettings.ini file after the Configure DB Wizard has finished. Listing 11. The CustomSettings.ini File After the Configure DB Wizard Has Finished [Settings] Priority=CSettings, CPackages, CApps, CAdmins, CRoles, Locations, LSettings, LPackages, LApps, LAdmins, LRoles, MMSettings, MMPackages, MMApps, MMAdmins, MMRoles, RSettings, RPackages, RApps, RAdmins, Default Properties=MyCustomProperty [Default] OSInstall=Y UserDataLocation=NETWORK SkipAppsOnUpgrade=YES SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
[CSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerSettings Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerPackages Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CApps] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerApplications Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerAdministrators Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
47
[CRoles] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [Locations] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=Locations Parameters=DefaultGateway [LSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationSettings Parameters=DefaultGateway [LPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationPackages Parameters=DefaultGateway Order=Sequence [LApps] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
SQLShare=SMSClient Table=LocationApplications Parameters=DefaultGateway Order=Sequence [LAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationAdministrators Parameters=DefaultGateway [LRoles] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=LocationRoles Parameters=DefaultGateway [MMSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelSettings Parameters=Make, Model [MMPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelPackages Parameters=Make, Model Order=Sequence [MMApps] Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
49
SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelApplications Parameters=Make, Model Order=Sequence [MMAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelAdministrators Parameters=Make, Model [MMRoles] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=MakeModelRoles Parameters=Make, Model [RSettings] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RoleSettings Parameters=Role [RPackages] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RolePackages Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
50
Parameters=Role Order=Sequence [RApps] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RoleApplications Parameters=Role Order=Sequence [RAdmins] SQLServer=R33-dep-01 Instance=R33instance Database=AdminDB Netlib=DBNMPNTW SQLShare=SMSClient Table=RoleAdministrators Parameters=Role For more information about: •
Customizing the configuration database, see: •
“Automating Deployment to a Specific Computer” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
“Automating Deployment by Location” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
“Automating Deployment by Computer Make and Model” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
“Automating Deployment by Role” in the MDT 2008 document, Microsoft Deployment Toolkit Samples Guide
•
Each property, see the corresponding section for each property in the section, “Properties,” in the MDT 2008 document, Toolkit Reference.
•
The tables and views in the configuration database, see the section, “Tables and Views in the Deployment Workbench Database,” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
51
Modify the List of Incompatible BIOS Versions The default task order for a task sequence includes the Check BIOS task in the NonReplace group in the Validation group. The Check BIOS task runs the ZTIBIOSCheck.wsf script. The ZTIBIOSCheck.wsf script checks the BIOS version of the target computers against the list of incompatible BIOS versions in the ZTIBIOSCheck.xml file. Modify the ZTIBIOSCheck.xml file to contain the list of BIOS versions that are incompatible with the target operating system in the operating system build. Modify ZTIBIOSCheck.xml for each task sequence created in Deployment Workbench. The ZTIBIOSCheck.xml file is stored in the distribution_point\task_sequence_id\TS.xml file (where distribution_point is the name of the folder that is the root of the distribution point, and task_sequence_id is the name of the task sequence ID listed in Deployment Workbench). Update the attributes in the ZTIBIOSCheck.xml file listed in Table 16 for each incompatible BIOS version. Table 16. Attributes to Update in the ZTIBIOSCheck.xml File Attribute
Description
Description
Text description of the target computer that has an incompatible BIOS version, including any references to possible updates to the BIOS version.
Computer Manufacturer
Manufacturer of the target computer with an incompatible BIOS version. This value must match the value stored in the BIOS.
Model
Model of the target computer with an incompatible BIOS version. This value must match the value stored in the BIOS.
Date
Date of the BIOS of the target computer with an incompatible BIOS version. This value must match the value stored in the BIOS.
The ZTIBIOSCheck.xml file contains the source for a script (ZTIBIOS_Extract_Utility.vbs) that can help extract the attributes listed in Table 17. To use the ZTIBIOS_Extract_Utility.vbs utility to extract attributes on a target computer 110.Start Notepad. 111.Copy the script source from ZTIBIOSCheck.xml file into Notepad. 112.Save the script source in Notepad as ZTIBIOS_Extract_Utility.vbs. 113.Run ZTIBIOS_Extract_Utility.vbs on a target computer that has an incompatible BIOS. 114.Update ZTIBIOSCheck.xml to include the BIOS based on the attributes retrieved in the previous steps.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
52
Modify the Task Sequence For each task sequence defined in MDT 2008, modify the sequence of tasks defined in Deployment Workbench. The Task Sequencer that MDT 2008 uses runs this task sequence. Using Deployment Workbench, the following tasks can be performed: •
Add new tasks.
•
Modify existing tasks.
•
Remove existing tasks.
•
Change the sequence of tasks.
•
Group one or more tasks together.
•
Specify conditions for running a task. Note Although the TS.xml file can be modified directly, it is recommended that the task sequence be modified using Deployment Workbench.
To modify the task sequence 115.Start Deployment Workbench. 116.In the console tree, expand Task sequences. 117.In the details pane, right-click task_sequence_id (where task_sequence_id is the task sequence to modify), and then click Properties. 118.Click the Task Sequence tab, and then modify the task sequence by performing the relevant actions listed in Table 17. Table 17. Actions to Modify the Task Sequence Action
Step
Add a new task
Click Add, and then click Task.
Add a new group
Click Add, and then click Group.
Add a reboot step
Click Add, and then click Reboot.
Add an application to be installed
Click Add, click Application, and then click name (where name is the name of the application to install).
Remove an existing task
Click task (where task is the task to remove), and then click Remove.
Remove a group
Click group (where group is the group to remove), and then click Remove. Note Removing a group removes all tasks and subgroups within the group.
Remove a reboot step
Click reboot (where reboot is the reboot step to remove), and then click Remove.
Remove an application Click application (where application is the application to to be installed remove), and then click Remove.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuration Rules
53
Action
Step
Change the sequence
Click item (where item is the task, group, reboot step, or application to move to earlier or later in the sequence), and then click direction (where direction is Up or Down, with Up causes the item to occur earlier in the sequence, and Down causes the item to occur later in the sequence).
Modify the properties of a group
Click group (where group is the name of the group to modify), click the Properties tab, and then modify the following boxes as appropriate:
Modify the properties of a task
Modify the options of a group
•
Name. User-friendly name to be associated with the group.
•
Description. Text that describes the purpose of the group.
Click task (where task is the name of the task to modify), click the Properties tab, and then select the following check boxes as appropriate: •
Name. User-friendly name to be associated with the group.
•
Description. Text to describe the purpose of the task.
•
Command line. The program to be run by the task, including any parameters.
•
Start in. The default folder in which to run the program specified in the Command line box.
Click group (where group is the name of the group to modify), click the Options tab, and then select the following check boxes as appropriate: •
Disable this step. Select this check box to disable all the tasks within the group.
•
Continue on error. Select this check box to enable all tasks within the group to continue to run if a task encounters an error.
•
Conditions. Add criteria for determining when the group of tasks should (or should not) be run. Use the Add, Remove, and Edit buttons to modify the conditions under which the group of tasks is run. The criteria can be based on: •
An IF statement.
•
A task sequence variable.
•
The version of the target operating system.
•
A WMI Query Language (WQL) within a WMI namespace.
Note Any conditions configured for a group affect all of the tasks within a group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
54
Action
Step
Modify the options of a task
Click task (where task is the name of the task to modify), click the Options tab, and then select the following check boxes as appropriate: •
Disable this step. Select this check box to disable all tasks within the group.
•
Success codes. List of the return codes from the program (specified in the Command line box) that indicate the program completed successfully.
•
Continue on error. Select this check box to enable all tasks within the group to continue to run if a task encounters an error.
•
Conditions. Add criteria for determining when the group of tasks should (or should not) be run. Use the Add, Remove, and Edit buttons to modify the conditions under which the group of tasks is run. The criteria can be based on: •
An IF statement.
•
A task sequence variable.
•
The version of the target operating system.
•
A WQL within a WMI namespace.
119.When finished modifying the task sequence, click OK. For LTI deployments, any applications installed during the deployment process cannot restart the computer during the installation process. If the installation process for the application restarts the computer, the Task Sequencer returns a failure code, and the deployment process is terminated. For instances in which the computer must be restarted, use the Reboot task in the Task Sequencer instead of allowing the application installation process to perform a restart. For ZTI deployments, no restarts are allowed. Caution Do not allow an application to restart the computer. MDT 2008 must control restarts, or the task sequence will fail. Use the command-line property REBOOT=REALLYSUPPRESS to prevent some Windows Installer–based applications from restarting, for example. To cause MDT 2008 to restart the computer after installing an application, in the Deployment Workbench Application Properties dialog box, select the Reboot the computer after installing this application check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Disk Cu sto miz ations IT personnel can create multiple disks, formats, and partitions; convert to dynamic disks; and enable Windows BitLocker™ Drive Encryption on disks. These are just a few of the available options in Systems Management Server and System Center Configuration Manager.
Format and Partition Disks Using the Task Sequence Editor, disks can be added, edited, and deleted; new disks formatted and partitioned; conditions placed upon the task; and this step disabled. These tasks are set using either the Properties tab or the Options tab. Table 18 lists all Format and Partition Disks properties and their associated range of values on the Properties tab. Table 19 lists all options and their associated purposes on the Options tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
56
Table 18. Format and Partition Disk Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Disk Number
Selectable from 0 to 99.
Disk Type
Standard (MBR). A standard master boot record (MBR)–based hard disk can contain up to four primary partitions or three primary partitions and one extended partition. The extended partition can include additional logical drives. MBR begins with the Master Boot Code, which contains an executable binary for identifying and booting the active partition. In contrast, GUID Partition Table (GPT) relies on the extended capabilities of Extensible Firmware Interface (EFI) for these processes. An MBR entry begins the disk for protective and compatibility purposes; the GPT itself begins with the partition table header. GUID Partition Table. The GPT is a standard for the layout of the partition table on a physical hard disk. It is part of the EFI standard proposed by Intel as a replacement for the outdated PC BIOS, one of the few remaining relics of the original IBM PC. EFI uses GPT, and BIOS uses an MBR. GPT uses modern logical block addressing (LBA) in place of the cylinder-head-sector (CHS) addressing used with MBR. Legacy MBR information is contained in LBA 0, the GPT header is in LBA 1, and the partition table itself follows. In 64-bit Windows operating systems, 16,384 bytes (or 32 sectors) are reserved for the GPT, making LBA 34 the first usable sector on the disk. GPT also provides redundancy. The GPT header and partition table are written at both the beginning and the end of the disk. For additional information, see:
Volume
•
Windows and GPT FAQ at http://www.microsoft.com/whdc/device/storage/GPT_FAQ.ms px.
•
Using GPT Drives at http://www.microsoft.com/whdc/device/storage/GPT-onx64.mspx.
This property lists all available partitions. New partitions can be created or deleted, partitions can be sorted, and partition properties can be edited. At least one partition must exist.
Volume mount points have been supported since the introduction of NTFS file system version 5.0 in the Microsoft Windows 2000 operating system. They are specialized NTFS file system objects, which are used to mount and provide an entry point to other partitions. Mount points can be created in any folder and are surfaced as normal folders; accessing them provides a reference to the root folder of the mounted partition. Any empty folder can be converted to a mount point. The mounted partition is not limited to the NTFS file system but can be formatted with any file system that the Windows operating system supports.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Disk Customizations
57
For more information about volume mount points, see: •
The section “File System” in the Windows 2000 Professional Resource Kit at http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/prork/prdf_fls_ ogex.mspx?mfr=true.
•
The Microsoft Help and Support article “How to create and use NTFS mounted drives in Windows XP and in Windows Server 2003” at http://support.microsoft.com/kb/307889.
Table 19. Format and Partition Disk Options Tab Option
Purpose
Disable the Step
To disable the Format and Partition Disk task, select the Disable the Step check box. To enable the Format and Partition Disk task, clear the Disable the Step check box.
Continue on Error
To enable the Format and Partition Disk task to proceed in the event of an error, select the Continue on error check box. To stop the Format and Partition Disk task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Format and Partition Disk task.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
58
Convert Disks to Dynamic Using this task option, disks can be converted to dynamic, conditions placed upon the task, and this step disabled. These tasks are set using either the Properties tab or the Options tab. Dynamic disks offer advantages over basic disks. Basic disks use the original MSDOS®–style MBR partition tables to store primary and logical disk partitioning information. Dynamic disks use a private region of the disk to maintain a Logical Disk Manager (LDM) database. The LDM database contains volume types, offsets, memberships, and drive letters of each volume. The LDM database is also replicated, so each dynamic disk is aware of every other dynamic disk configuration. This feature makes dynamic disks more reliable and recoverable than basic disks. Table 20 lists all Convert Disks to Dynamic properties and their associated range of values on the Properties tab. Table 21 lists all options and their associated purposes on the Options tab. Table 20. Convert Disk to Dynamic Properties Tab Property
Value
Type
Not editable
Name
Name of the task; editable, 50-character limit
Description
Description of the task; editable, 125-character limit
Disk Number
Selectable from 0 to 99
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Disk Customizations
59
Table 21. Convert Disk to Dynamic Options Tab Option
Purpose
Disable the Step
To disable the Convert Disk to Dynamic task, select the Disable the Step check box. To enable the Convert Disk to Dynamic task, clear the Disable the Step check box.
Continue on Error
To enable the Convert Disk to Dynamic task to proceed in the event of an error, select the Continue on Error check box. To stop the Convert Disk to Dynamic task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Convert Disk to Dynamic task.
Enable Windows BitLocker Drive Encryption Use this task to enable the BitLocker task. Windows BitLocker Drive Encryption is a full disk encryption feature included in the Windows Vista and the Windows Server 2008 operating systems. It is designed to protect data by providing encryption for entire volumes. By default, it uses the Advanced Encryption Standard (AES), also known as Rijndael, a block cipher adopted as an encryption standard by the U.S. government. The AES algorithm in Cipher-block Chaining (CBC) mode with a 128-bit key is often combined with the Elephant diffuser for additional security. Windows BitLocker Drive Encryption is available only in Windows Vista Enterprise, Windows Vista Ultimate, and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
60
Enabling Windows BitLocker Drive Encryption Methods There are three ways to enable Windows BitLocker Drive Encryption: •
Enable the BitLocker task in the task sequence, as detailed in Table 22. Table 22. Enable BitLocker Task in the Task Sequence Steps to Enable the BitLocker Task in the task sequence q
Enable the task in the created task sequence, if this has not yet been done.
q
Make sure the BdeInstallSuppress property is set as NO (in upper case). This can be set in CustomSettings.ini or a new task sequence variable created.
q
Select the option for setting up Windows BitLocker Drive Encryption on the client computers: •
Trusted Platform Module (TPM)
•
StartupKey: Store key on a drive (hard disk or USB flash drive [UFD])
•
TPM with Startup key (hard disk/UFD)
q
Select the option to create a recovery key in Active Directory® Domain Services (AD DS), or to not create one.
q
Select the option to wait for Windows BitLocker Drive Encryption to complete before running other tasks in Task Sequencer, or to not wait.
q
Set the partition in the Format and Partition task. This is needed in NewComputer scenarios, and not in Refresh/Upgrade scenarios. The most common configurations are: •
One partition: 100%
•
One partition and some unallocated space
•
In the Windows Deployment Wizard, configure the BitLocker page. This requires that the Enable BitLocker task be enabled in the task sequence being used for deployment.
•
Windows BitLocker Drive Encryption can also be enabled within the CustomSettings.ini file by setting these properties: •
BDEInstall=TPM
•
BdeInstallSuppress=NO
•
BDeWaitForEncryption=False
•
BDEDriveSize=2000
•
BDEDriveLetter=S:
•
BDEKeyLocation=C:
For more information about enabling Windows BitLocker Drive Encryption, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide. Also see BitLocker Drive Encryption Frequently Asked Questions at http://technet2.microsoft.com/WindowsVista/en/library/58358421-a7f5-4c97-ab412bcc61a58a701033.mspx?mfr=true. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Disk Customizations
61
Disable Windows BitLocker Drive Encryption Windows BitLocker Drive Encryption provides low-level encryption of the contents of a disk volume. Use the Disable BitLocker task sequence step to disable the Windows BitLocker Drive Encryption on the current operating system drive or on a specific drive. For information about disabling Windows BitLocker Drive Encryption, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ne tw or k C us tom iza tion s The following section describes how to use the Task Sequence Editor in System Center Configuration Manager to configure the network settings of a target computer. The Task Sequence Editor network settings section is composed of two primary sections: •
Capture Network Settings. Use this setting to customize the capture of network settings from a target computer.
•
Apply Network Settings. Use this setting to customize the application of network settings to a target computer. Note Capture Network Settings always take precedence over the statically assigned values in Apply Network Settings.
Capture Network Settings Table 23 lists all Capture Network Settings properties and their associated range of values on the Properties tab. Table 24 lists all options and their associated purposes on the Options tab. Table 23. Capture Network Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Migration
In this section, select both options, either option, or neither option: •
Migrate domain and workgroup membership. Select this option to migrate domain and workgroup memberships. Otherwise, clear this option.
•
Migrate network adapter configuration. Select this option to migrate network and adapter configurations. Otherwise, clear this option.
Table 24. Capture Network Settings Options Tab Option
Purpose
Disable the Step
To disable the Capture Network Settings task, select the Disable the Step check box. To enable the Capture Network Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Capture Network Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Capture Network Settings task in the event of an error, clear the Continue on Error check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Network Customizations
63
Option
Purpose
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Capture Network Settings task.
Capture Windows Settings Table 25 lists all Capture Windows Settings properties and their associated range of values on the Properties tab. Table 26 lists all options and their associated purposes on the Options tab. Table 25. Capture Windows Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Migration
In this section, select all options, any combination of options, or no options:
Solution Accelerators
•
Migrate computer name. Select this option to migrate computer names. Otherwise, clear this option.
•
Migrate registered user and organization names. Select this option to migrate registered user and organizational names. Otherwise, clear this option.
•
Migrate time zone. Select this option to migrate time zone information. Otherwise, clear this option.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
64
Table 26. Capture Windows Settings Options Tab Option
Purpose
Disable the Step
To disable the Capture Windows Settings task, select the Disable the Step check box. To enable the Capture Windows Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Capture Windows Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Capture Windows Settings task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Capture Windows Settings task.
Apply Network Settings Table 27 lists all Apply Network Settings properties and their associated range of values on the Properties tab. Table 28 lists all options and their associated purposes on the Options tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Network Customizations
65
Table 27. Apply Network Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Domain or Workgroup Settings
In this section, choose between joining a valid domain or joining a workgroup: •
Join a workgroup. Select this option to join a valid workgroup. •
•
Network Adapters
Solution Accelerators
Workgroup. Editable text box, 31-character length.
Join a domain. Select this option to join a valid domain. •
Domain. Editable text box with an activated Browse button.
•
Domain OU. Editable text box with an activated Browse button.
•
Account. Un-editable text box with an activated Set button with to edit the account information needed to join a domain.
This data window lists all available network adapters. Create or delete adapters. The adapters can be sorted, and adapter properties can be edited.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
66
Table 28. Apply Network Settings Options Tab Option
Purpose
Disable the Step
To disable the Apply Network Settings task, select the Disable the Step check box. To enable the Apply Network Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Apply Network Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Apply Network Settings task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Apply Network Settings task.
Apply Windows Settings Table 29 lists all Apply Windows Settings properties and their associated range of values on the Properties tab. Table 30 lists all options and their associated purposes on the Options tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Network Customizations
67
Table 29. Apply Windows Settings Properties Tab Property
Value
Type
Not editable.
Name
Name of the task; editable, 50-character limit.
Description
Description of the task; editable, 125-character limit.
Username
Name of the user; editable, 50-character limit.
Organization name Name of the organization; editable, 50-character limit. Product key
Type the product key here.
Server licensing
Select one of three server licensing options from the box: •
Do not specify
•
Per seat
•
Per server
Maximum connections
Type the number of connections required. The connection number starts at five and this box is activated only when the Per server licensing option is selected.
Password
This section contains two options. Only one option can be selected, and selecting one clears the other option:
Time zone
Solution Accelerators
•
Randomly generate the local administrator password and disable the account on all supported platforms. (Recommended)
•
Enable the account and specify the local administrator password. Selecting this option will activate two additional text fields: •
Password
•
Confirm password
Click the preferred time zone.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
68
Table 30. Apply Windows Settings Options Tab Option
Purpose
Disable the Step
To disable the Apply Windows Settings task, select the Disable the Step check box. To enable the Apply Windows Settings task, clear the Disable the Step check box.
Continue on Error
To enable the Apply Windows Settings task to proceed in the event of an error, select the Continue on Error check box. To stop the Apply Windows Settings task in the event of an error, clear the Continue on Error check box.
Add Condition
In this box, add the following optional conditions to this task: •
IF Statement
•
Task Sequence Variable
•
Operating System Version
•
File Properties
•
Folder Properties
•
Registry Setting
•
Query WMI
•
Installed Software
For each option, a dialog box prompts for specific option details. Remove Condition
To remove a condition, click the specific condition, and then click Remove Condition.
Remove All
Click to clear the list and remove all conditions from the Apply Windows Settings task.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng C ondi ti onal Task Sequence Steps In certain scenarios, consider conditionally running a task sequence step based on defined criteria. Configure task sequence step conditions on the Options tab of a task sequence step. Add any combinations of these conditions to determine if the task sequence step should run. For example, the value of a task sequence variable and the value of a registry setting could be used to determine if a task sequence step should run. Using MDT 2008, conditionally run a task sequence based on: •
One or more IF statements.
•
A task sequence variable.
•
The version of the target operating system.
•
The Boolean results of a WMI query.
•
A registry setting.
•
The software installed on the target computer.
•
The properties of a folder.
•
The properties of a file.
Configure a Conditional Task Sequence Step Configure conditional task sequence steps in Deployment Workbench on the Options tab of a task sequence step. Add one or more conditions to the task sequence step to create the appropriate condition for running, or not running, the step. Note
Every conditional task sequence step needs at least one IF statement.
To view the Options tab of a task sequence step 120.Start Deployment Workbench 121.In the console tree, click Task Sequences. 122.In the details pane, right-click task_sequence (where task_sequence is the name of the task sequence to configure), and then click Properties. 123.In the task_sequence Properties dialog box, on the Task Sequence tab, click step (where step is the name of the task sequence step to configure), and then click the Options tab. On the Options tab of a task sequence step, the following actions can be performed: •
Add. Click this button to add a condition to the task sequence step.
•
Remove. Click this button to remove an existing condition in a task sequence step.
•
Edit. Click this button to modify an existing condition in a task sequence step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
70
IF Statements in Conditions All task sequence conditions include one or more IF statements. IF statements are the foundation for creating conditional task sequence steps. A task sequence step condition can include only one IF statement, but multiple IF statements can be nested beneath the top-level IF statement to create more complex conditions. An IF statement can be based on the conditions listed in Table 31, which are configured in the IF Statement Properties dialog box. Table 31. Conditions Available in IF Statements Condition
Select this option to run the task sequence if
All conditions
All the conditions beneath this IF statement must be true.
Any conditions
Any the conditions beneath this IF statement are true.
None
None the conditions beneath this IF statement are true.
Complete the condition for running the task sequence step by adding other criteria to the conditions (for example, task sequence variables or values in a registry setting). To add an IF statement condition to a task sequence step 124.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click If statement. 125.In the If Statement Properties dialog box, click condition (where condition is one of the conditions listed in Table 31), and then click OK.
Task Sequence Variables in Conditions Create conditions based on any task sequence variable (including those defined by MDT 2008). These variables also include the environment variables available in the operating system. To configure a condition based on a task sequence variable, provide the following information in the Task Sequence Variable Condition dialog box: •
Variable. This is the name of the task sequence variable to include as a condition. This name must match the exact spelling of the variable, but it is not case-sensitive.
•
Condition. This can be one of the logical operators listed in Table 32: Table 32. Logical Operators for Conditions Logical operator
Select this option to base the condition on
exists
The existence of the variable, regardless of the value of the variable.
equals
The variable being equal to the value specified in Value.
not equals
The variable being not equal to the value specified in Value.
greater than
The variable being greater than the value specified in Value.
greater than or equals
The variable being greater than or equal to the value specified in Value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
•
71
Logical operator
Select this option to base the condition on
less than
The variable being less than the value specified in Value.
less than or equals
The variable being less than or equal to the value specified in Value.
Value. This is the value of the task sequence variable to use in the condition.
To add an Task Sequence Variable condition to a task sequence step 126.On the step Options tab (where step is the name of the task sequence step to configure), click Add, and then click Task Sequence Variable. 127.In the Task Sequence Variable Condition dialog box, in the Variable box, type variable (where variable is the name of the task sequence variable). 128.In the Task Sequence Variable Condition dialog box, in the Condition box, click condition (where condition is the logical operation to use in the condition as listed in Table 32). 129.In the Task Sequence Variable Condition dialog box, in the Value box, type value (where value is the value of the task sequence variable), and then click OK.
Operating System Version in Conditions Create conditions based on the operating system version. To configure a condition based on the operating system version, provide the following information in the Task Sequence OS Condition dialog box: •
Architecture. This is the name of the instruction set on which the operating system is designed. This could be one of the two architecture types listed in Table 33. Table 33. Available Architecture Conditions
•
Architecture
Select this option to base the operating system on
x86
The term x86 refers to an operating system which has a binary compatibility with the 32-bit instruction set.
x64
The term x64 refers to an operating system which has a binary compatibility with the 64-bit instruction set.
Operating System. This can be one of the operating systems listed in Table 34.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
72
Table 34. Available Operating System Conditions Architecture Selected
Select the operating system on which to base the condition
x86
•
X86 Windows 2000 original release
•
X86 Windows 2000 with SP1
•
X86 Windows 2000 with SP2
•
X86 Windows 2000 with SP3
•
X86 Windows 2000 with SP4
•
X86 Windows XP Professional original release
•
X86 Windows XP Professional with SP1
•
X86 Windows XP Professional with SP2
•
X86 Windows Server 2003 original release
•
X86 Windows Server 2003 with SP1
•
X86 Windows Server 2003 with SP2
•
X86 Windows Vista original release
•
X86 Windows Vista with SP1
•
X86 Windows Server 2008 original release
•
X64 Windows XP Professional original release
•
X64 Windows XP Professional with SP2
•
X64 Windows Server 2003 original release
•
X64 Windows Server 2003 with SP1
•
X64 Windows Vista original release
•
X64 Windows Vista with SP1
•
X64 Windows Server 2008 original release
x64
•
Condition. This can be one of the logical operators listed in Table 32.
To add an Operating System Version condition to a task sequence step 130.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Operating System Version. 131.In the Task Sequence OS Condition dialog box, in the Architecture box, click architecture (where architecture is the name of the operating system architecture). 132.In the Task Sequence OS Condition dialog box, in the Operating system box, click the operating system to use. 133.In the Task Sequence OS Condition dialog box, in the Condition box, click condition (where condition is the logical operation to use in the condition as listed in Table 32), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
73
WMI Queries in Conditions WMI queries can be used in a task sequence condition. WMI is the primary management technology for Microsoft Windows operating systems. It enables consistent and uniform management, control, and monitoring of systems throughout the enterprise. Based on industry standards, WMI allows system administrators to query, change, and monitor configuration settings on desktop and server systems, applications, networks, and other enterprise components. System administrators can write scripts that use the WMI scripting library to work with WMI and create a wide range of systems management and monitoring scripts. For more information about WMI, see the WMI Scripting Primer at http://www.microsoft.com/technet/scriptcenter/guide/sas_wmi_overview.mspx?mfr=true. To configure a condition based on a WMI condition, provide the following information in the Task Sequence WMI Condition dialog box: •
WMI namespace. The default namespace, \root\cimv2, refers to a specific WMI
•
WQL query. This dialog box contains the query that will run when the conditions are met. WMI is generally queried in two ways: by retrieving an entire WMI object or by using
namespace. These are grouped hierarchically, and are similar to the way folders are grouped in the operating system. Within each namespace is a collection of classes that correspond to a managed resource.
a Structured Query Language (SQL)–like query. In the query, system information or querying computers could be accessed across a network.
To add a WMI condition to a task sequence step 134.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Query WMI. 135.In the Task Sequence WMI Condition dialog box, in the WMI namespace box, type WMI namespace. 136.In the Task Sequence WMI Condition dialog box, in the WQL query box, type the query script to be run, and then click OK.
Registry Settings in Conditions Evaluate registry settings during the task sequence; based on defined criteria, choose either to run or not to run additional processes. The registry contains two basic elements: keys and values. •
Registry Keys are similar to folders. Each key can contain subkeys, which in turn can contain further subkeys, all of which might contain values. Keys are referenced with a syntax similar to Windows path names, using backslashes to indicate levels of hierarchy; for example, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey Windows of the subkey Microsoft of the subkey Software of the root key HKEY_LOCAL_MACHINE.
•
Registry Values are name/data pairs stored within these keys and are referenced separately from keys. Value names can contain backslashes but doing so makes them difficult to distinguish from their key paths.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
74
To configure a condition based on a registry setting condition, provide the following information in the Registry Setting dialog box: •
Root Key. The root key of the registry key. Base the condition on one of the following: •
HKEY_CURRENT_USER
•
HKEY_LOCAL_MACHINE
•
HKEY_USERS
•
HKEY_CURRENT_CONFIG
•
Key. This is the value of the registry key that to use in the condition.
•
Condition. This can be one of the logical operators listed in Table 32.
•
Value name. This is the name of the value to use in the condition.
•
Value type. The value type can be one of the following:
•
•
REG_SZ
•
REG_EXPAND_SZ
•
REF_DWORD
Value. This is the value of the value type for the provided registry key to use in the condition.
To add a Registry Setting condition to a task sequence step 137.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Registry Setting. 138.In the Registry Setting dialog box, in the Root key box, click Root key. 139.In the Registry Setting dialog box, in the Key box, type key (where key is the remainder of the registry key minus the root key). 140.In the Registry Setting dialog box, in the Condition box, click condition (where condition is the logical operation to use in the condition as listed in Table 32). 141.In the Registry Setting dialog box, in the Value name box, type the name of the Value name. 142.In the Registry Setting dialog box, in the Value type box, click Value type. 143.In the Registry Setting dialog box, in the Value box, type the value for which testing will occur, and then click OK.
Installed Software in Conditions Installed software can be evaluated based on the product information provided in the Microsoft Installer (MSI) file. This information can be used to match a specific product using both the product code and the upgrade code, or it can be used to match any version of this product using only the upgrade code. To configure a condition based on an installed software condition, provide the following information on the Installed Software dialog box: •
MSI file. The Microsoft Installer file associated with the installed software being tested in this condition.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
75
To add an Installed Software condition to a task sequence step 144.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Installed Software. 145.In the Installed Software dialog box, in the MSI file box, browse to the specific Microsoft Installer file associated with the installed software. The product information will be extracted from the MSI file and will populate the respective boxes. 146.In the Installed Software dialog box, select one of the two following conditions: •
Match this specific product (Product Code and Upgrade Code)
•
Match any version of this product (Upgrade Code only)
147.In the Installed Software dialog box, click OK.
Folder Properties in Conditions Folders can be evaluated based on folder properties. In addition to evaluating the path of the folder to be tested, test for its time stamp under a number of conditions. To configure a condition based on a folders property, provide the following information on the Folder Properties dialog box: •
Path. The path of the folder to test.
Optional conditions that can be tested for: •
Condition. This can be one of the logical operators listed in Table 35. Table 35. Logical Operators for Conditions Logical operator
Select this option to base the condition on
equals
The time stamp being equal to the values specified in the Date and Time dialog boxes.
not equals
The time stamp being not equal to the values specified in the Date and Time dialog boxes.
greater than
The time stamp being greater than the values specified in the Date and Time dialog boxes.
greater than or equals
The time stamp being greater than or equal to the values specified in the Date and Time dialog boxes.
less than
The time stamp being less than the values specified in the Date and Time dialog boxes.
less than or equals
The time stamp being less than or equal to the values specified in the Date and Time dialog boxes.
•
Date. The date of the file.
•
Time. The time stamp of the file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
76
To add a Folder Properties condition to a task sequence step 148.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click Folder Properties. 149.In the Folder Properties dialog box, in the Path box, go to the folder to be tested. 150.In the Folder Properties dialog box, to check the time stamp of the file, select the Check the timestamp check box, set the condition of the value, set a date in the date dialog box, and set the time in the time dialog box. Otherwise leave the Check the timestamp check box cleared and the additional condition will not be tested for. 151.In the Folder Properties dialog box, click OK.
File Properties in Conditions Files can be evaluated based on the file properties. In addition to evaluating the path of the file to be tested, test for its version and time stamp under a number of conditions. To configure a condition based on a file property, provide the following information on the File Properties dialog box: •
Path. The path of the file being tested. Optional conditions for which testing can occur:
•
Version. Version of the file you being tested.
•
Condition. This can be one of the logical operators listed in Table 35.
•
Date. The date of the file.
•
Time. The time stamp of the file.
To add a File Properties condition to a task sequence step 152.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click File Properties. 153.In the File Properties dialog box, in the Path box, browse to the file to be tested. 154.In the File Properties dialog box, if you want to check the version of the file, select the Check the version check box, set the condition of the value, and type the version number to be tested for. Otherwise leave the Check the version box cleared and the additional condition will not be tested for. 155.In the File Properties dialog box, to check the time stamp of the file, select the Check the timestamp check box, set the condition of the value, set a date in the date dialog box, and set the time in the time dialog box. Otherwise leave the Check the timestamp check box cleared and the additional condition will not be tested for. 156.In the File Properties dialog box, click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng Se r ver Roles MDT 2008 can help automate the deployment of server roles in Windows Server 2008. Configure task sequence steps in MDT 2008 to deploy the server roles that are supported in MDT 2008. The Windows Server 2008 server roles supported by MDT 2008 include the following: •
AD DS
•
DNS Server
•
DHCP Server
Configure AD DS Server Role Settings This section describes the AD DS role and the process the task sequence uses to deploy the role to a destination server. This section also provides step-by-step guidance on configuring each of the multiple AD DS scenarios. AD DS stores directory data and manages communications between users and domains. This includes logon processes, authentication, and directory searches. An AD DS domain controller is a server that is running AD DS.
Requirements AD DS requires DNS services, such as those provided by the DNS Server server role, which can reside on the AD DS server or another server. This information will be provided in a subsequent release.
Automate Deployment This information will be provided in a subsequent release.
MDT 2008 Components AD DS uses the following MDT 2008 components: •
Scripts. This information will be provided in a subsequent release.
•
Properties. This information will be provided in a subsequent release.
•
Files. This information will be provided in a subsequent release.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
78
Microsoft Deployment Toolkit 2008
Deploy the AD DS Server Role The MDT 2008 AD DS deployment task sequence offers the following deployment scenarios: •
New forest. Deploys a domain controller that contains a new forest environment.
•
New domain controller replica. Deploys a replica domain controller.
•
New domain tree in existing forest. Deploys a domain controller that contains a new domain tree into an existing forest environment.
•
New domain in existing forest. Deploys a domain controller into an existing forest environment.
•
New read-only domain controller (RODC) replica. Deploys an RODC into an existing environment.
Deploy a Domain Controller with a New Forest Using this option, a domain controller can be deployed that contains a new forest environment. Use this option when deploying a new forest environment. To deploy a domain controller with a new forest 157.Start Deployment Workbench. 158.In the tree pane, expand Distribution Share. 159.In the details pane, click Task Sequences, and then click the task sequence to edit. 160.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 161.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
162.In the Create box, click New Forest. 163.In the New forest domain DNS name box, type a name for the new domain; for example, Woodgrove.com. The extension of the domain must be included—for example, .com, .net, .int, or whatever domain extension used in the organization. 164.In the NetBIOS name box, type a name for the network input/output system (NetBIOS). This is usually the domain name without .com or other type of extension. For example, the forest domain name Woodgrove.com might have the NetBIOS name woodgrove. 165.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 166.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
79
The following listing is an example of an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is rebooted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com NewDomain=forest NewDomainDnsName=woodgrove.com DomainNetbiosName=woodgrove DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=R3c0v3ry SiteName="Default_First_Site" ForestLevel=3 DomainLevel=3 RebootOnCompletion:yes
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy a Domain Controller As a New Domain Controller Replica Using this option, an existing domain controller can be deployed as a new domain controller by replicating it into an existing environment. Use this option when deploying a new domain controller into an existing environment if replication will obtain the existing domain information from AD DS. To deploy a domain controller as a new domain controller replica 167.Start Deployment Workbench. 168.In the tree pane, expand Distribution Share. 169.In the details pane, click Task Sequences, and then click the task sequence to edit. 170.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
80
Microsoft Deployment Toolkit 2008
171.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
172.In the Create box, click New domain controller replica. 173.In the Existing domain DNS name box, type the fully qualified domain name of an existing domain controller. 174.In the Replication source domain controller box, type the name of a domain controller the new server will replicate within the existing environment. The directory services database will replicate this domain controller. 175.In the Account box, type the name of an account that has permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 176.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 177.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an example of an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=replica NewDomainDnsName=child.woodgrove.com DomainNetbiosName=woodgrove DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 DomainLevel=3 RebootOnCompletion=yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
81
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy a Domain Controller with a New Domain Tree in an Existing Forest Using this option, a domain controller can be deployed that contains a new tree into an existing forest environment. Use this option when deploying a child domain into an existing forest environment. To deploy a domain controller with a new domain tree in an existing forest 178.Start Deployment Workbench. 179.In the tree pane, expand Distribution Share. 180.In the details pane, click Task Sequences, and then click the task sequence to edit. 181.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 182.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
183.In the Create box, click New domain in existing forest. 184.In the Existing forest (parent) domain DNS name box, type the name of an existing domain in the network. 185.In the NetBIOS name box, type the NetBIOS name of an existing domain in the network. This is usually the domain name without.com or other type of extension; for example, the domain Woodgrove.com might have the NetBIOS name woodgrove. 186.In the New domain tree (child) DNS name box, type a name for the child domain being created—for example, Child.Woodgrove.com (where Child is the name of the child domain). 187.In the Replication source domain controller box, type the name of the domain controller to which the new child domain will replicate. 188.In the Account box, type the name of an account with permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 189.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 190.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
82
Microsoft Deployment Toolkit 2008
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=child.woodgrove.com ChildName=child DomainNetbiosName=child DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 Domainlevel=3 RebootOnCompletion=yes
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy a Domain Controller with a New Domain in an Existing Forest Using this option, a domain controller can be deployed that contains a new domain into an existing forest environment. Use this option when deploying a new child domain into an existing forest environment. To deploy a domain controller with a new domain in an existing forest 191.Start Deployment Workbench. 192.In the tree pane, expand Distribution Share. 193.In the details pane, click Task Sequences, and then click the task sequence to edit. 194.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 195.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
196.In the Create box, click New domain in existing forest. 197.In the Existing forest (parent) domain DNS name box, type the name of an existing domain in the network.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
83
198.In the NetBIOS name box, type the NetBIOS name of an existing domain in the network. This is usually the domain name without.com or other type of extension; for example, the domain Woodgrove.com might have the NetBIOS name woodgrove. 199.In the New domain (child) DNS name box, type a name for the child domain being created; for example, Child.Woodgrove.com (where Child is the name of the child domain). 200.In the Replication source domain controller box, type the name of the domain controller to which the new child domain will replicate. 201.In the Account box, type the name of an account with permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 202.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 203.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
•
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=child.woodgrove.com ChildName=child DomainNetbiosName=child DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 Domainlevel=3 RebootOnCompletion=yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
84
Microsoft Deployment Toolkit 2008
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Deploy an RODC in an Existing Domain Using this option, a domain controller can be deployed that contains a read-only replica of the existing domain into an existing forest environment. Use this option to deploy a domain controller that contains an un-editable replica of a domain structure into an existing forest environment. To deploy an RODC in an existing domain 204.Start Deployment Workbench. 205.In the tree pane, expand Distribution Share. 206.In the details pane, click Task Sequences, and then click the task sequence to edit. 207.On the Task Sequence tab, click Add, click Roles, and then click Configure ADDS. 208.In the Properties dialog box, type the relevant information in the following boxes: •
Name: Type a name for the task.
•
Description: Type a description of the task; for example, <Server Name> <Site Name> (where Server Name is the name of the server, and Site Name is the name of the domain).
209.In the Create box, click New read-only domain controller (RODC) replica. 210.In the Existing domain DNS name box, type the name of an existing DNS server. 211.In the Replication source domain controller box, type the name of the domain controller to be replicated within the existing environment. The directory services database will replicate this domain controller. 212.In the Account box, type the name of an account with permissions to add a domain controller to the existing network. Typically this is a domain Administrator account. Click Set. 213.In the Recovery (safe mode) password box, type a password to use for safe mode recovery. This password is used to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered. 214.In the Advanced Properties section, complete the task configuration (to complete this section, see the section, “Configure AD DS Advanced Properties,” later in this guide), and then click OK. The following listing is an answer file that is provided as a parameter to Dcpromo, which is run during the deployment phase of this task sequence. The following assumptions are made in this example: •
DNS is installed using the advanced settings (listed in the section, “Configure AD DS Advanced Properties,” later in this guide).
•
The name of the domain used for deployment is Woodgrove.com.
•
The recovery password is R3c0v3ry.
•
The computer contains drives E and G.
•
The forest functional level is 3 (Windows Server 2008).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
•
85
The computer is restarted when the following task sequence is complete: [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=ReadOnlyReplica DomainNetbiosName=woodgrove DatabasePath="e:/ntds" LogPath="e:/ntdslogs" Sysvolpath="g:/sysvol" SafeModeAdminPassword=R3cov3ry SiteName=”Default_First_Site” ForestLevel=3 Domainlevel=3 RebootOnCompletion=yes
For more information about Dcpromo command-line options, go to http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx?mfr=true.
Configure AD DS Advanced Properties To configure AD DS advanced properties, perform the following steps: 215.In the
Install DNS if not already present. Select this option when creating a new forest or new domain.
•
Make this domain controller a global catalog (GC) server. This is the default option, and should be selected for new domains or forests, and for domains without a GC server.
•
Wait for critical replication only. Select this option to populate only the directory services database using replication.
Functional levels: •
Forest Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008)
•
Domain Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008)
Folders: •
Database: The default location is %systemroot$NTDS.
•
Log Files: The default location is %systemroot$NTDS.
•
SYSVOL: The default location is %systemroot$SYSVOL.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
86
Microsoft Deployment Toolkit 2008
217.In the Site name box, type the name of the site in which to install the domain controller. The default name for a new forest or site is Default_First_Site; however, this value is not entered in the Site name box by default—it must be typed. Then, click OK to complete the configuration of the AD DS Advanced Properties dialog box, and then click OK in the Task Name Properties dialog box to complete configuration of the task.
Configure DNS with the AD DS Server Role Installation Using this option, DNS can be installed and configured the AD DS server role installation. DNS is required for AD DS and should be installed either before the AD DS role or during the Dcpromo process. To install and configure DNS with AD DS server role installation 218.In the
Install DNS if not already present. Select this option when creating a new forest or new domain installation on a server that requires DNS. (This option is highlighted in bold in the following Dcpromo answer file example.) [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure the Domain Controller as a GC Server Using this option, the newly installed AD DS server role can be configured as a GC server. A GC server contains a database of all the objects in an AD DS domain. For more information about global catalogs, see What Is the Global Catalog? at http://technet2.microsoft.com/windowsserver/en/library/24311c41-d2a1-4e72-a54f150483fa885a1033.mspx?mfr=true. 220.In the
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
87
221.In the AD DS Advanced Properties dialog box, in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Options: •
Make this domain controller a global catalog (GC) server. This is the default option, and should be selected for new domains or forests, and for domains without a GC. (This option is highlighted in bold in the following Dcpromo answer file example.) [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east ConfirmGc=Yes DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Critical Replication Before Restart Using this option, IT personnel can configure the AD DS server role and wait for critical replication before the computer is restarted. For additional information about this option, see Promotion Operation at http://technet2.microsoft.com/windowsserver2008/en/library/d2521765-9e7b-44b6-9021496908f4b9521033.mspx?mfr=true. 222.In the
Wait for critical replication only. Select this option when to populate only the directory services database using replication. (This option is highlighted in bold in the following Dcpromo answer file example). [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
88
Microsoft Deployment Toolkit 2008
NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east CriticalReplicationOnly=Yes DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Forest and Domain Functional Levels Using this option, the functional level of the forest and the domain levels of AD DS can be configured. For additional information about this option, see Appendix of Functional Level Features at http://technet2.microsoft.com/windowsserver2008/en/library/34678199-98f1-465f-9156c600f723b31f1033.mspx?mfr=true. 224.In the
Forest Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008) (This option is highlighted in bold in the following Dcpromo example.)
•
Domain Functional Level: Windows 2000, Windows Server 2003, Windows Server 2008 (0 = Windows 2000; 2 = Windows Server 2003; 3 = Windows Server 2008) (This option is highlighted in bold in the following Dcpromo example.) [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
89
ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Location for Installation Folders Using this option, the location of the log, System Volume (Sysvol), and database paths can be configured during AD DS server role installation. 226.In the
Database. The location of the AD DS database NTDS.dit file. The option /databasePath is listed in bold in the following Dcpromo example.
•
Logfiles. The location of log files used for recovery of the database, and for troubleshooting AD DS. The option /logPath is listed in bold in the following Dcpromo example.
•
Sysvol. The Sysvol is a shared directory that stores the server copy of the domain’s public files that are shared for common access and replication throughout the domain. For more information about Sysvol, see the Microsoft Help and Support article, “Best Practices for Sysvol Maintenance,” at http://support.microsoft.com/kb/324175. [DCINSTALL] InstallDns=yes ParentDomainDNSName=woodgrove.com ReplicaOrNewDomain=domain NewDomain=child NewDomainDnsName=east.woodgrove.com ChildName=east DomainNetbiosName=east DatabasePath="e:\ntds" LogPath="e:\ntdslogs" Sysvolpath="g:\sysvol" SafeModeAdminPassword=FH#3573.cK SiteName=”Default_First_Site” ForestLevel=2 DomainLevel=2 RebootOnCompletion=yes
Configure Site Name Using this option, the site name can be configured during the installation of the AD DS server role. The default name for the first site in a domain is Default_First_Site. 228.In the
microsoft.com/technet/SolutionAccelerators
90
Microsoft Deployment Toolkit 2008
229.In the AD DS Advanced Properties dialog box in the Options, Functional Levels, and Folders sections, select the following options as required for the environment and AD DS scenario: Site name: •
In the Site name box, type the name of the site in which to install the domain controller. The default name for a new forest or site is Default_First_Site; however, this value is not entered in the Site name box by default—it must be typed. Then, click OK to complete the configuration of the AD DS Advanced Properties dialog box, and click OK in the
Configure DNS Server Role Settings This section describes the DNS role and the process the task sequence uses to deploy the role to a destination server. Using the Configure DNS Role task sequence, IT personnel can manage forward, reverse, primary, secondary, stub, and AD DS-integrated zones.
Requirements •
An advanced understanding of DNS zones and the DNS hierarchy is required. For more information about DNS configuration, go to http://technet.microsoft.com/enus/library/bb726935.aspx.
•
A local DNS service must be configured to look at the DNS service on the local computer or an IP address of another DNS server.
Automate Deployment This information will be provided in a subsequent release.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
91
MDT 2008 Components DNS uses the following MDT 2008 components: •
Scripts. This information will be provided in a subsequent release.
•
Properties. This information will be provided in a subsequent release.
•
Files. This information will be provided in a subsequent release.
Deploy the DNS Server Role Using this option, the DNS server role can be configured and deployed to a new computer or a DNS server operating on an existing computer replaced. By assigning the DNS server role, standard DNS primary, secondary, and stub zones can be configured. In addition, AD DS-integrated primary and stub zones can be configured. There is also an the option to manage aging, updates, types, and multiple zones—all in an automated process. This is not a migration process from an existing DNS server; rather, it is a new installation of DNS zones of all types. 230.Start Deployment Workbench. 231.In the tree pane, expand Distribution Share. 232.In the details pane, click Task Sequences, and then click the task sequence to edit. 233.On the Task Sequence tab, click Add, click Roles, and then click Configure DNS. 234.On the Properties tab of the Configure DNS step, in Name, type name (where name is the name by which the task is identified in the task sequence). 235.In Description, type description (where description is the description of the task and its role in the task sequence). 236.In the Zones section, click the yellow Add button. 237.In the DNS Zone Properties dialog box, in DNS zone name , type a name for the zone; for example, woodgrove.com. 238.In Type, click Change. 239.In the Change Zone Type dialog box, select one of the following zone types: •
Primary zone
•
Secondary zone
•
Stub zone
240.In the Change Zone Type dialog box, select the Store the zone in Active Directory check box if DNS will be installed on a domain controller, and then click OK. 241.In the DNS Zone Properties dialog box, in Dynamic updates, select one of the following: •
None
•
Nonsecure and Secure
242.Select the Scavenge stale resource records check box to enable this feature. Click OK. 243.On the Properties tab of the Configure DNS step, click Server Properties. 244.In the Server Properties dialog box, in Server Options, select the appropriate server options to enable. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
92
Microsoft Deployment Toolkit 2008
245.In the Server Properties dialog box, in Name checking, select the appropriate name checking options to enforce, and then click OK. 246.In the task_sequence Properties dialog box (where task_sequence is the name of the task sequence being edited), click OK. 247.Close Deployment Workbench.
Configure DHCP Server Role Settings This section describes the DHCP role and the process the task sequence uses to deploy the role to a destination server. All of the options available in the standard Windows Server 2008 and Windows Server 2003 DHCP console can be configured using MDT 2008.
Requirements •
An IP subnet to use in the DHCP scope
•
Credentials for authorizing the DHCP service in AD DS (Typically, this is a domain Administrator or DHCP Administrator account, activated in AD DS.)
•
AD DS
•
An understanding of BOOTP, DHCP, DHCP scopes, DHCP superscopes, broadcast protocols, and IP subnetting For additional information about using and configuring DHCP, go to http://technet.microsoft.com/en-us/network/bb643151.aspx.
Automate Deployment This information will be provided in a subsequent release.
MDT 2008 Components DHCP uses the following MDT 2008 components: •
Scripts. This information will be provided in a subsequent release.
•
Properties. This information will be provided in a subsequent release.
•
Files. This information will be provided in a subsequent release.
Deploy the DHCP Server Role Using this option, the DHCP server role can be configured and deployed using MDT 2008. All the standard options that make up scopes can be configured similar to using the standard DHCP console in Windows Server 2008 and Windows Server 2003. To implement the DHCP server role, configure the Authorize DHCP task sequence in conjunction with the Configure DHCP Server Role task sequence. To configure and deploy the DHCP server role 248.Start Deployment Workbench. 249.In the tree pane, expand Distribution Share. 250.In the details pane, click Task Sequences, and then click the task sequence to edit. 251.On the Task Sequence tab, click Add, click Roles, and then click Configure DHCP. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
93
252.In the Properties dialog box, type the relevant information in the following boxes: •
Name. The name by which the task will be identified in the task sequence list.
•
Description. A description of the task; for example, DHCP scope information, scope names.
•
Scope details. Details about the IP address the DHCP scopes configured.
•
Server options. The options passed to DHCP clients; for example, default gateway, DNS server, and WINS server addresses.
253.Click OK.
Configure DHCP Scopes Using this option, configure the DHCP scopes that contain the rules and active scopes used on the DHCP server. For more information about DHCP scope configuration options, and for guidance on using each of the configuration options, see “Chapter 6 – Dynamic Host Configuration Protocol” of TCP/IP Fundamentals for Microsoft Windows at http://technet.microsoft.com/en-us/library/bb727003.aspx. To configure and deploy DHCP scopes 254.In the task sequence Properties dialog box, click the yellow Add scope button. 255.In the Scope Properties dialog box, configure the following options as required for the environment: •
Scope name. The name used to refer to the scope.
•
Start IP address. The beginning address of the scope; for example, 192.168.0.150.
•
End IP address. The ending address of the scope; for example, 192.168.0.250.
•
Subnet mask. The mask used for the IP address scope; for example, 255.255.255.0.
•
Scope IP address. The address of the scope itself; for example, 192.168.0.1.
•
Lease duration for DHCP clients. The maximum time a client can keep the IP address assigned by the DHCP server.
•
Description. A description of the scope, for administrative reference.
256.On the Advanced tab, in the Exclude IP Address Range section, type the following information to exclude addresses for the scope created on the General tab: •
Start IP address. The beginning address for exclusion from a scope; for example, 192.168.0.251.
•
End IP address. The ending address for exclusion from a scope; for example, 192.168.0.255.
257.On the Options tab, configure the following options for the scope created on the General tab: •
003 Router. The default gateway given to DHCP clients.
•
006 DNS Servers. The DNS server address given to DHCP clients.
•
015 DNS Domain Name. The DNS domain name given to clients; for example, woodgove.com.
•
044 WINS/NBNS Servers. The WINS server IP address; for example, 192.168.0.2. Solution Accelerators microsoft.com/technet/SolutionAccelerators
94
Microsoft Deployment Toolkit 2008
•
046 WINS/NBT Node Type. The WINS node type.
•
060 PXE Client. The address used for Pre-Boot Execution Environment (PXE) client Bootstrap code.
258.Click OK.
Configure DHCP Server Options Using this option, the DHCP server options given to DHCP clients can be configured. These options include router or default gateway designation, DNS server IP information, and WINS server information. To configure and deploy DHCP server options 259.In the Properties dialog box, in the Server Options section, click Configure, and then configure the following options as required for the environment. 260.Click 003 Router, and then do the following: •
In the Server Name box, type the IP address and resolve the name.
•
Click Add to type an IP address.
•
Click an IP address, and then click Remove to remove the highlighted IP address.
261.Click 006 DNS Servers, and then do the following: •
In the Server Name box, type the IP address and resolve the name.
•
Click Add to type an IP address.
•
Click an IP address, and then click Remove to remove the highlighted IP address.
262.Click 015 DNS Domain Name, and then do the following: •
In the String Value box, type the domain name; for example, woodgrove.com.
263.Click 044 WINS/NBNS Servers, and then do the following: •
In the Server Name box, type the IP address and resolve the name.
•
Click Add to type an IP address.
•
Click an IP address, and then click Remove to remove the highlighted IP address.
264.Click 046 WINS/NBT Node Type, and then type the following information: •
Type one of the following codes: 44, 46, or 47
For more information about how to determine the correct option for the environment, see the section, “DHCP Options for WINS,” in WINS Tools and Settings at http://technet2.microsoft.com/windowsserver/en/library/e71fac63-0521-4217-899f79802bfdb7481033.mspx?mfr=true. 265.Click 060 PXE Client, and then type the following information: •
In the String Value box, type the PXE client string; typically this is PXEClient.
Authorize the DHCP Server Role in Active Directory Authorizing the DHCP service within AD DS is imperative to successfully deploying and using DHCP services within a Windows-based network. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
95
Requirements •
Account credentials with permissions to authorize DHCP services in AD DS (Typically, this is either a domain Administrator account or a DHCP Administrator account.)
To authorize the DHCP server role in AD DS 266.Start Deployment Workbench. 267.In the tree pane, expand Distribution Share. 268.In the details pane, click Task Sequences, and then click the task sequence to edit. 269.On the Task Sequence tab, click Add, click Roles, and then click Authorize DHCP. 270.In the Properties dialog box, type the relevant information in the following boxes: •
Name. The name by which the task will be referred in the task sequence list.
•
Description. A description of the task.
271.In the Account box, type the name of an account with permissions to authorize the DHCP service in AD DS. Click Set, and then type the following information in the relevant boxes: •
Username. The account that can authorize DHCP, in the format of domain\user.
•
Password. The password for the account.
•
Confirm Password. Retype the password.
272.Click OK, then click OK again.
Getting Started Guide Contents Solution Accelerators
microsoft.com/technet/SolutionAccelerators
96
Microsoft Deployment Toolkit 2008
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 delivers end-to-end guidance for the efficient planning, building, testing, and deployment of Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. MDT 2008 provides proven tools and practices with which information technology (IT) personnel can: •
Create a software and hardware inventory to assist in deployment planning.
•
Test applications for compatibility with Windows operating systems and mitigate compatibility issues discovered during the process.
•
Set up an initial lab environment with imaging and deployment servers.
•
Customize, package, and deploy applications.
•
Automate image creation and deployment.
•
Manage processes and technologies to produce comprehensive and integrated Lite Touch Installation (LTI) and Zero Touch Installation (ZTI) deployments.
•
During deployment, migrate users’ documents and settings to their new computer configurations.
•
During deployment, support the installation of all roles, such as Active Directory® Domain Services (AD DS), Domain Name System (DNS) server, Dynamic Host Configuration Protocol (DHCP) server, Microsoft Internet Information Services (IIS), Windows Deployment Services, Windows SharePoint® Services, Windows Internet Naming Service (WINS) server, and Windows Server® 2003 Terminal Services. •
•
Additionally, MDT 2008 supports the configuration of the AD DS, DNS, and DHCP roles.
Ensure that computers are hardened to improve security within the environment.
MDT 2008 brings together time-honored and proven practices in addition to the following Microsoft technologies: •
Application Compatibility Toolkit (ACT) version 5.0 for gathering application inventory and for testing and mitigating application-compatibility issues.
•
Windows User State Migration Tool (USMT) for migrating user settings and data.
•
Windows Automated Installation Kit (Windows AIK) for configuring unattended Setup answer files (Unattend.xml) and capturing images.
•
Windows Deployment Services for starting Windows Preinstallation Environment (Windows PE) on target computers across the network.
•
Windows PE version 2.0 for starting computers.
MDT 2008 contains guidance, sample templates, and technology files (such as scripts and configuration files). MDT 2008 documentation discusses in detail required software that must be downloaded from the Internet. The documentation also discusses media that must be provided. The focus of MDT 2008 is computer deployment versus the integration that organizations can achieve on the platform by combining computers and domains. MDT 2008 supports deployment in Windows Server 2008 and Windows Server 2003 domains. Note For the latest information regarding MDT 2008, see Release Notes.doc in the documentation subfolder of the MDT 2008 installation folder. Note MDT 2008 combines abstract concepts that are sometimes difficult to follow without citing specific examples. To make these concepts easier to understand, this deployment project references a sample project at a fictional company named Woodgrove Bank. This deployment
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Deployment Customization Guide: Configuring Conditional Task Sequence Steps
97
project also provides sample job aids for Woodgrove Bank. The content in each planning template is specific to Woodgrove Bank; replace it with information specific to the organization. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server 2008, and Windows Server 2003 operating systems unless otherwise noted.
Ter mino log y Table 1 describes the terminology used throughout the MDT 2008 guidance. Understanding this terminology will help IT personnel better understand the guidance in this deployment project. Table 1. MDT 2008 Terminology Term
Description
answer file
A file that contains the settings and configurations to apply to a Windows image during installation. This file is commonly named Unattend.xml, Unattend.txt, or Sysprep.inf.
catalog file
A binary file that contains the state of all the settings and packages in a Windows image. When a catalog is created, it queries the Windows image for a listing of all settings in that image. Because the contents of a Windows image can change over time, it is important to recreate the catalog file whenever updating a Windows image.
component
A part of the Windows operating system that specifies the files, resources, and settings for a specific Windows feature or part of a Windows feature. Some components include Windows unattended installation settings, which can be used by original equipment manufacturers (OEMs) and corporations for customization.
configuration pass
A phase of Windows installation. Different parts of the Windows operating system are installed in different configuration passes. Team members can specify Windows unattended installation settings to be applied in one or more configuration pass.
deployment point
A folder that contains the files necessary to complete the image deployment to target computers.
distribution share
A folder that contains the source files for Windows products that the team installs. It may also contain additional device drivers and application files.
image-based setup
The mechanism used to install, deploy, and test the installation image.
operating system packages
A group of files that Microsoft provides to OEM customers to modify Windows features. Package types include service packs, security updates, language packs, and other software updates. Examples of packages include Product, Windows
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
98
Term
Microsoft Deployment Toolkit 2008
Description Foundation, and Feature Pack packages.
reference computer
The computer that contains the reference installation image.
reference image
A configured Windows image that contains a single reference installation that can be deployed onto many target computers.
reference installation
A configured Windows computer that includes additional software and updated drivers.
target computer
The computer on which the team preinstalls Windows to be distributed to customers. Team members can either run Windows Setup on the target computer or copy a master installation onto a target computer.
task sequence
A series of steps that perform a deployment. During LTI deployments, the task sequence is associated with an Unattend.xml (or Unattend.txt and Sysprep.inf) file.
Task Sequencer
Software used to execute a task sequence on the target computer.
technician computer
The computer on which MDT 2008 is installed. Typically, the configuration sets and the distribution share are also located on this computer.
Unattend.xml
The generic name for the Windows Vista Setup answer file. Unattend.xml replaces all of the answer files in earlier versions of Windows, including Unattend.txt and Winbom.ini.
Windows Imaging Format (.wim) file
A file format that contains one or more compressed Windows images.
Windows feature
An optional feature of Windows that can be enabled or disabled.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes for MDT 2008 This section describes the system requirements for the deployment server and target computer. Deployment server requirements apply to computers on which MDT 2008 is installed and used to configure distribution shares. Target computer requirements apply to computers on which the deployment scripts are run to install the Windows operating system. The guidance describes additional requirements. MDT 2008 can be installed on both the x86 and x64 versions of the following operating system platforms: •
Windows Server 2008 (Standard and Enterprise operating systems)
•
Windows Server 2003 (Standard and Enterprise operating systems) with Service Pack 1 (SP1) or later
•
Windows Vista (Business, Enterprise, and Ultimate operating systems)
•
Windows XP Professional with SP2 or later
In addition to the hardware, operating system, and software requirements described in the guides, the following hardware and software requirements must be met on the deployment server and target computers for the Deployment Workbench and deployment scripts to function properly.
Deployment Server Prerequisites LTI Deployment Prerequisites Hardware The following hardware requirements must be met on the deployment server: •
Free space of 4 gigabytes (GB) is required on the drive containing the %TEMP% folder if a media deployment International Organization for Standardization (ISO) image will be created. Otherwise, 1 GB of free space is required on the drive containing the %TEMP% folder.
•
A minimum of 5 GB of free space is required on the drive containing the distribution share.
•
Free space of 1 GB is required on the drive containing the MDT 2008 program files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
100
Microsoft Deployment Toolkit 2008
Software The following software requirements might need to be met on the deployment server. •
Windows AIK The version of Ximage.exe that is included in the Windows AIK versions 1.0 and 1.1 can be used to capture and deploy any Windows operating system (Windows XP SP2 through Windows Server 2008). However, MDT 2008 also uses Windows AIK to generate catalogs for creating Unattend.xml files and for offline servicing. For these operations, Windows AIK version 1.0 only supports Windows Vista release to manufacturing (RTM). LTI deployments of Windows XP or Windows Server 2003 are unaffected. Note Windows AIK version 1.1 must be installed on the deployment server if Windows Vista SP1 or Windows Server 2008 will be deployed to target computers.
To install the Windows AIK, use Deployment Workbench to perform the download and installation before or after installing MDT 2008. Note Windows AIK is automatically installed on computers running Microsoft System Center Configuration Manager 2007. Note Windows AIK helps in the installation, customization, and deployment of Windows. Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 RTM deployments. Use Windows AIK version 1.1 when deploying Windows Vista with SP1 and Windows Server 2008 RTM.
•
Windows Deployment Services
•
Windows Server Update Services (WSUS) version 3.0
•
Windows Update Agent (WUA) version 3.0 MDT 2008 supports deploying an updated version of WUA as part of the operating system deployment. This helps ensure that target computers are running the correct version of WUA when Windows is deployed. This also helps eliminate the need to connect to the Internet and download the latest version of WUA after deployment. MDT 2008 can configure WUA to collect updates from internal computers running WSUS instead of connecting to Microsoft Update over the Internet. Optionally, MDT 2008 can configure WUA to use a specific computer running WSUS server using the WsusServer property. For additional information about WUA and for deployment instructions, see the TechNet article, “How to Install the Windows Update Agent on Client Computers," at http://technet.microsoft.com/en-us/library/bb932139.aspx. Obtain the latest version of the WUA stand-alone installer for: •
The x86 version (WindowsUpdateAgent30-x86.exe) at http://go.microsoft.com/fwlink/?LinkID=100334.
•
The x64 version (WindowsUpdateAgent30-x64.exe) at http://go.microsoft.com/fwlink/?LinkID=100335.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Prerequisites for MDT 2008
101
Windows Vista and Windows Server 2008 include the most recent version of WUA, so no update is necessary for these operating systems. In Windows XP and Windows Server 2003, one of the following will occur: •
If the WUA version 3.0 stand-alone installer files are in the TOOLS\architecture folder (where architecture is either x86 or x64) on the deployment point, MDT 2008 will automatically install WUA on the target computer. When downloading the WUA 3.0 stand-alone installer files, save them in the distribution\TOOLS\architecture folder (where distribution is the folder where the distribution point is created).
•
If the WUA version 3.0 stand-alone installer files are not in the TOOLS\architecture folder on the deployment point and if the existing version of WUA is configured for a WSUS server, then WUA will attempt to update itself from a WSUS server. If the existing version of WUA is not configured for a WSUS server, then MDT 2008 will attempt to download and install WUA version 3.0 from the Microsoft Update site. In this case, Internet access is required for the target computer. Note
MDT 2008 does not support authentication with proxy servers.
For more information, see Updating the Windows Update Agent at http://msdn2.microsoft.com/en-us/library/aa387285.aspx. •
USMT The USMT .msi file must be made available in the deployment share folder for access by target computers when migrating user settings to new computers. This can be accomplished using Deployment Workbench to perform the download and copy. Or, the .msi file can be downloaded and the USMT301_Platform.msi file manually copied to the distribution share folder in the \Tools\Platform folder. Note
Platform is either x86 (for 32 bit) or x64 (for 64 bit).
Note
The USMT does not actually need to be installed on the deployment server.
Note There are known occurrences of the USMT not properly installing on target computers. Steps to work around this issue are contained in the MDT 2008 document, Troubleshooting Reference. Note USMT version 3.0.1 does not support state migration on any version of Windows Server. Note USMT must be run in elevated mode on Windows Vista to ensure that all users are migrated. This is required because of Windows Vista User Access Control (UAC) protections.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
102
Microsoft Deployment Toolkit 2008
Platform-Specific Requirements The following platform-specific requirements must be met when using MDT 2008 on one of the following platforms: •
Windows Server 2008: •
•
Windows Vista: •
•
•
•
No additional software requirements
Windows Server 2003 with SP2: •
•
No additional software requirements
Microsoft .NET Framework version 2.0
Windows Server 2003 with SP1: •
Microsoft Management Console (MMC) version 3.0
•
Microsoft .NET Framework version 2.0
•
Offline servicing kernel update
Windows XP Professional with SP3: •
Microsoft .NET Framework version 2.0
•
Offline servicing kernel update
Windows XP Professional with SP2: •
MMC version 3.0
•
Microsoft .NET Framework version 2.0
•
Offline servicing kernel update
•
Windows Installer version 3.1
Note See the section, “Appendix A: Software Download Locations,” later in this guide for software download locations. Note If the MDT 2008 documentation will only be installed and viewed using Deployment Workbench, the only software requirements are Microsoft .NET Framework version 2.0, Windows Installer version 3.1, and MMC version 3.0. The remaining software in the previous list is not required to view the documentation.
ZTI Deployment for System Center Configuration Manager Prerequisites When using MDT 2008 with System Center Configuration Manager, the following requirements might need to be met in addition to those listed in “LTI Deployment Prerequisites” earlier in this guide: •
System Center Configuration Manager
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Prerequisites for MDT 2008
103
ZTI Deployment for Systems Management Server Prerequisites When using MDT 2008 with Microsoft Systems Management Server (SMS) 2003, the following requirements might need to be met in addition to those listed in “LTI Deployment Prerequisites” earlier in this guide: •
Systems Management Server 2003 with SP2 or later
•
SMS 2003 Operating System Deployment (OSD) Feature Pack update MDT 2008 requires this update to be able to support Windows Vista, Windows Server 2008, and 64-bit (x64) operating system deployments. This update supports the newly released Windows Imaging Format (WIM) version 1.0. In addition, this update requires Systems Management Server with SP2. For more information about this update, see SMS 2003 Operating System Deployment Feature Pack Update at http://technet.microsoft.com/en-us/sms/bb676770.aspx. Note Images created using earlier versions of the SMS 2003 OSD Feature Pack were made using WIM version 0.9 and cannot be used with Deployment Workbench in MDT 2008. Instead, create new images using WIM version 1.0 to use with Deployment Workbench after installing the SMS 2003 OSD Feature Pack update.
•
Windows PE 2004, supplied with the SMS 2003 OSD Feature Pack for Windows XP deployments, or Windows PE 2005, provided with Windows Server 2003 with SP1.
Target Computer Prerequisites The target computer must be a new computer without an existing operating system or run one of the following operating systems (with the additional software listed for each operating system): •
Windows Server 2008: •
•
Windows Vista: •
•
•
Windows Script version 5.6 or later
Windows XP Professional with SP3: •
•
No additional software requirements
Windows Server 2003 with SP1: •
•
No additional software requirements
Windows Server 2003 with SP2: •
•
No additional software requirements
No additional software requirements
Windows XP Professional with SP2: •
Windows Installer version 3.1
•
Windows Script version 5.6 or later
Microsoft Windows 2000 with SP4: •
Microsoft XML Core Services (MSXML) version 3.0
•
Microsoft Visual C++® runtime
•
Windows Internet Explorer® version 5.0 or later
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
104
Microsoft Deployment Toolkit 2008
•
Windows Script version 5.6 or later
Note See the section, “Appendix A: Software Download Locations,” later in this guide for software download locations. Note The Visual C++ runtime is required to run the deployment scripts on target computers that are running the Windows 2000 operating system. See the section, “Appendix B: Preparing Windows 2000 Client Computers,” later in this guide for installation instructions.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Evalu ating Securi ty and P ri vac y for the Dep lo yment Solu tion The majority of MDT 2008 is script based, with the advantage of easy customization and requiring little or no infrastructure. As a result, several concerns must be considered and managed. For example, many of the Unattend files require unencrypted values or network connections must be made requiring user credentials or relaxed share permissions. Placing sensitive information in images or in answer files to achieve complete automation increases the security risk. Carefully consider areas such as: •
Storing user credentials, product identifier (PID) keys, company information and software, licensed materials, or other restricted or sensitive data in answer files, log files, and image (.wim) files on the target computers at deployment time. Minimize the need to store credentials in answer files by choosing to answer the prompts at the target computer at deployment time. Files, including the contents of .wim files, could be tampered with and not easily detected.
•
Storing user credentials, PID keys, company information and software, licensed materials, or other restricted or sensitive data in answer files, log files, user migration data, and image (.wim) files on the server (such as the host on which Deployment Workbench or its distribution folder shares reside). Access permissions to these storage resources should be reviewed and tightened as much as possible. Files, including the contents of .wim files, could be tampered with and not easily detected.
•
CD/DVD media, which may store information that could be misused or lost. System Center Configuration Manager provides password protection of full media. After media are distributed, it is difficult to change passwords stored on those media.
•
Database access permissions. They should be restricted to the minimum level required.
•
PID keys in answer files and image files. Because these could be exposed, volume license methods take advantage of Key Management Service (KMS) help with PID key management and key loss for Windows Vista deployments.
•
The Pre-Boot Execution Environment (PXE) network boot process, which is an inherently insecure process. When possible, procedures should favor servicing only known computers. In a fully automated scenario that includes joining the computer to a domain, doing so could provide a way for unauthenticated users to gain access to corporate resources.
•
Using the PXE filter script available within MDT 2008. By doing so, the default security behavior of the System Center Configuration Manager PXE provider is bypassed, exposing corporate images to unauthenticated or unknown computers. (Normal PXE security issues apply.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
106
Microsoft Deployment Toolkit 2008
•
The computer running Windows Deployment Services. An administrator can modify the PXE filter script on that computer to perform any action in System Center Configuration Manager. However, doing so could lead to tampering with the System Center Configuration Manager database.
•
The possibility of spoofing the download location for components that are downloaded with Deployment Workbench by tampering with the Deployment Workbench configuration files. Deployment Workbench downloads specific file names as directed by the Componentlist.xml file through the Background Intelligent Transfer Service (BITS) file-transfer service, and then verifies that certain parameters match what is expected. However, Deployment Workbench has no way to verify that the contents of the .xml file have not been tampered with and are pointing to intended files. The components that are downloaded can also be installed on operator approval (file-substitution risk). Control access permissions to the Deployment Workbench configuration files. Verify that all files downloaded are the files intended before installing them.
These security exposures can be improved by implementing the SMS 2003 OSD Feature Pack (with or without the Zero Touch Deployment Kit), which helps with some network access scenarios, or using System Center Configuration Manager, which extends security coverage much further and to full media. These products use agents, which are compiled programs designed to handle sensitive data and verify content (where possible). In any case, placing sensitive data in answer files reduces the default security configuration of the complete solution. Evaluate and weigh these risks against the costs and value of the desired automation goals. ZTI deployment considerations are much the same as for LTI deployments, except that the SMS 2003 OSD Feature Pack leverages its agent’s ability to use a machine account or network access account. See the SMS 2003 OSD Feature Pack for more information. The System Center Configuration Manager integration introduces many of the same issues from LTI and ZTI deployments, because answer files, external (non-deployment point) network connections, and database connections may exist. System Center Configuration Manager offers improvements in handling USMT backup data encryption keys, provides more secure storage processes, provides content verification, restricts PXE-booted computers to a known list, and leverages certificates in some scenarios. For information on configuring System Center Configuration Manager, see the System Center Configuration Manager documentation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Up g r ade and
Mig r ation Paths
The sections that follow describe the upgrade and migration paths with MDT 2008 for operating systems as well as upgrade and migration scenarios.
MDT 2008 MDT 2008 provides efficient upgrade and migration paths from BDD 2007 and the SMS 2003 OSD Feature Pack when based on the following scenarios: •
Upgrading from Business Desktop Deployment (BDD) 2007 LTI deployment to MDT 2008 LTI deployment.
•
Upgrading from BDD 2007 ZTI deployment to MDT 2008 ZTI deployment.
•
Migrating from BDD 2007 LTI deployment to ZTI deployment with System Center Configuration Manager.
•
Migrating, with limited support, from the SMS 2003 OSD Feature Pack to ZTI deployment with System Center Configuration Manager.
Operating Systems Table 2 describes the operating system upgrade and migration paths. As shown in the table, performing an in-place upgrade from Windows XP with SP2 or later to Windows Vista is supported, as is upgrading Windows Server 2003 to Windows Server 2008. Table 2. MDT 2008 Upgrade and Migration Paths From
Migrate to Upgrade to Windows Windows XP with Vista SP2 or later using USMT
Windows 2000 with SP4
Windows XP with SP2 or later
Windows Vista
Migrate to Windows Vista using USMT
Upgrade to Upgrade to Windows Windows Server 2003 Server 2008
(to more feature-rich edition)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
108
Microsoft Deployment Toolkit 2008
From
Migrate to Upgrade to Windows Windows XP with Vista SP2 or later using USMT
Migrate to Windows Vista using USMT
Windows Server 2003 Release 2 (R2)
Upgrade to Upgrade to Windows Windows Server 2003 Server 2008
(to more feature-rich edition)
Windows Server 2003 with SP1 or later
(to more feature-rich edition)
Windows Server 2008
(to more feature-rich edition)
= supported Note
The x64-based version of Windows XP cannot be upgraded to x64-based Windows Vista.
Note If deploying Windows XP SP3, be sure to obtain the updated Windows XP SP3 Deployment Tools, which can be downloaded from the Web page listed in “Appendix A: Software Download Locations,” later in this guide.
Scenarios Table 3 describes the supported deployment scenarios for each supported operating system. As shown in the table, deployment of Windows Vista with SP1 and Windows Server 2008 is fully supported for LTI deployments. Support for deployments based on Systems Management Server and System Center Configuration Manager will be supported when support is available from the respective product teams. Table 3. MDT 2008 Upgrade and Migration Paths Operating system
MDT 2008 LTI deployment
SMS 2003 OSD Feature Pack
System Center Configuration Manager
Windows 2000 with SP4 (upgrade only)
Windows XP with SP2 or later
Windows Vista
Windows Vista with SP1
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Upgrade and Migration Paths
Operating system
MDT 2008 LTI deployment
109
SMS 2003 OSD Feature Pack
System Center Configuration Manager
Windows Server 2003
Windows Server 2008
= supported
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Pr er equ isi te In fr ast r uc tur e The sections that follow describe how to prepare the prerequisite infrastructure when using MDT 2008 with System Center Configuration Manager or Systems Management Server.
Preparing the Prerequisite Infrastructure for System Center Configuration Manager For an example of how all these steps are performed, see “Step 1: Prepare the Prerequisite Infrastructure” in the MDT 2008 document, Quick Start Guide for Microsoft System Center Configuration Manager 2007. For more information about: •
System Center Configuration Manager, see Configuration Manager Supported Configurations at http://technet.microsoft.com/enus/library/bb680717.aspx#SiteServerSystemRequirements.
•
Microsoft SQL Server® 2005, see SQL Server 2005 System Requirements at http://www.microsoft.com/sql/prodinfo/sysreqs/default.mspx.
To prepare the prerequisite infrastructure for System Center Configuration Manager 273.Ensure the computer acting as the deployment server has at least one partition formatted with the NTFS file system. 274.Create a folder structure on an NTFS-formatted volume to store the software required by MDT 2008 and System Center Configuration Manager. 275.Obtain the required software, specifically: •
System Center Configuration Manager.
•
SQL Server 2005 with SP2.
•
Device drivers for all the reference and target computers.
•
MSXML version 6.0.
276.Ensure that an AD DS infrastructure exists with a forest functional level set to Windows Server 2003 or later. 277.Ensure that IP configuration occurs, typically from DHCP services within the infrastructure. 278.Ensure that IIS 6.0 is installed and configured correctly. The application server components listed in Table 4 are required for SQL Server and System Center Configuration Manager installation. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Preparing the Prerequisite Infrastructure
111
Table 4. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
Microsoft ASP.NET
Installed
Enable network COM+ access
Installed
Enable network Microsoft Distributed Transaction Coordinator (DTC) access
Not installed
IIS: BITS server extensions
Installed
Common files
Installed
File Transfer Protocol (FTP) Service
Not installed
Microsoft Office FrontPage® server extensions
Not installed
IIS Manager
Installed
Internet printing
Not installed
Network News Transfer Protocol (NNTP) service
Not installed
Simple Mail Transfer Protocol (SMTP) service
Not installed
World Wide Web service: Active Server Pages (ASP)
Installed
Internet data connector
Not installed
Remote administration (HTML)
Not installed
Remote desktop Web connection
Not installed
Server-side includes
Installed
Web-based Distributed Authoring and Versioning (WebDAV) publishing
Installed
World Wide Web service
Installed
Message queuing
Not installed
279.Install and configure WebDAV Internet Server Application Programming Interface (ISAPI) extensions. 280.Install MSXML version 6.0. 281.Create any necessary user and service accounts: •
Service account for use by SQL Server (if not already installed)
•
Service account for use by the System Center Configuration Manager Client Network Access account
282.Install USMT files. 283.Install SQL Server with SP2 (if not already installed). 284.Add the site server to the Administrators security group in the domain (if not already a member). 285.Install System Center Configuration Manager (if not already installed). Solution Accelerators microsoft.com/technet/SolutionAccelerators
112
Microsoft Deployment Toolkit 2008
286.Configure the network access account for the System Center Configuration Manager client (if not already configured). 287.Configure the System Center Configuration Manager site boundaries (if not already configured). 288.Configure the publishing of site information in AD DS and DNS (if not already configured). 289.Configure the drive for storing package source files (if not already configured). 290.Configure the distribution points to be BITS enabled (if not already configured).
Preparing the Prerequisite Infrastructure for Systems Management Server For an example of how all these steps are performed, see “Step 1: Prepare the Prerequisite Infrastructure” in the MDT 2008 document, Quick Start Guide for Microsoft Systems Management Server 2003. For more information about: •
Systems Management Server, see Systems Management Server 2003 R2 System Requirements at http://technet.microsoft.com/en-us/sms/bb676790.aspx#EKD.
•
SQL Server 2005, see Microsoft SQL Server: System Requirements at http://www.microsoft.com/sql/prodinfo/sysreqs/default.mspx.
To prepare the prerequisite infrastructure for Systems Management Server 291.Ensure that the computer acting as the deployment server has at least one partition formatted with the NTFS file system. 292.Create a folder structure on an NTFS-formatted volume to store the software that MDT 2008 and Systems Management Server require. 293.Obtain the required software, specifically: •
System Management Server with SP3.
•
SMS 2003 OSD Feature Pack.
•
SQL Server 2005 with SP2.
•
Windows Server 2003 SP1 Microsoft OEM Preinstallation Kit (OPK) (used to obtain Windows PE 2005).
•
Windows Server 2003 SP1 distribution files from product CD (required for Windows PE 2005).
•
Device drivers for all the reference and target computers.
•
MSXML version 6.0.
294.Ensure that an AD DS infrastructure exists with a forest functional level set to Windows Server 2003 or later. 295.Ensure that IP configuration occurs, typically from DHCP services within the infrastructure. 296.Ensure that IIS 6.0 is installed and configured correctly. The application server components listed in Table 5 are required for SQL Server and Systems Management Server installation. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Preparing the Prerequisite Infrastructure
113
Table 5. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
ASP.NET
Installed
Enable network COM+ access
Installed
Enable network DTC access
Not installed
IIS: BITS server extensions
Installed
Common files
Installed
FTP service
Not installed
Office FrontPage server extensions
Not installed
IIS Manager
Installed
Internet printing
Not installed
NNTP Service
Not installed
SMTP Service
Not installed
World Wide Web service: ASP
Installed
Internet data connector
Not installed
Remote administration (HTML)
Not installed
Remote desktop Web connection
Not installed
Server-side includes
Installed
WebDAV publishing
Installed
World Wide Web service
Installed
Message queuing
Not installed
297.Install and configure WebDAV ISAPI extensions. 298.Install MSXML version 6.0 299.Create any necessary user and service accounts: •
Service account for use by SQL Server 2005 (if not already installed)
•
Service account for use by the System Center Configuration Manager Client Network Access account
300.Install SQL Server with SP2 (if not already installed) 301.Install Systems Management Server (if not already installed) 302.Install the SMS 2003 OSD Feature Pack (if not already installed) 303.Install Systems Management Server SP3 (if not already installed) 304.Configure the network access account for the Systems Management Server Advanced Client (if not already configured) 305.Configure the drive for storing package source files (if not already configured) Solution Accelerators microsoft.com/technet/SolutionAccelerators
114
Microsoft Deployment Toolkit 2008
306.Configure the default management point (if not already configured) 307.Configure the distribution points to be BITS enabled (if not already configured)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ins tal ling MD T 2008 The sections that follow describe the MDT 2008 installation scenarios and process.
New Installation After all prerequisite software has been installed, complete the following steps to install MDT 2008 (MicrosoftDeploymentToolkit_platform.msi, where platform is either x86 or x64): 308.Right-click MicrosoftDeploymentToolkit_platform.msi, and then click Install. 309.Click Next to skip the welcome page. 310.On the End-User License Agreement page, review the license agreement. If the terms are agreeable, click I accept the terms in the License Agreement, and then click Next. 311.On the Custom Setup page, choose the features to install and the destination folder for the installation, and then click Next. To change a feature’s state, click the feature, and then choose a state. To change the destination folder, click Microsoft Deployment Toolkit, and then click Browse. In the Change current destination folder dialog box, specify the desired folder name, and then click OK. The following list describes each feature: •
Documents. This feature installs the guidance and job aids. By default, this feature is installed in C:\Program Files\Microsoft Deployment Toolkit\Documentation. The prerequisites for installing this feature and using Deployment Workbench to view the documentation are Microsoft .NET Framework version 2.0 and MMC version 3.0.
•
Tools and templates. This feature installs the wizards and template deployment files, such as Unattend.xml. By default, this feature is installed in C:\Program Files\Microsoft Deployment Toolkit.
312.Click Install to install MDT 2008; then, click Finish when the installation is complete.
Upgrade from or Coexist with BDD 2007 or a Previous MDT Version It is possible to upgrade a BDD 2007 distribution share directory for use by MDT 2008. However, consider the following guidelines and requirements when installing MDT 2008 in such a way that it coexists with or is an upgrade of BDD 2007. An existing BDD 2007 distribution share directory can be upgraded to MDT 2008 with the following limitations: •
The BDD 2007 Lab share (the Distribution folder) is updated for MDT 2008. All other deployment shares, including the Media, OSD, and Network shares, must be
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
116
Microsoft Deployment Toolkit 2008
manually deleted and then recreated using Deployment Workbench. When upgraded, the BDD 2007 distribution share directory is no longer valid for use with BDD 2007. •
BDD 2007 builds are converted to MDT 2008 task sequences.
•
MDT 2008 task sequences replace tasks associated with BDD 2007 builds.
•
Settings from BDD 2007 builds are carried forward to the new task sequence.
•
Customizations from the BDD 2007 task sequence are identified and moved to the new MDT 2008 task sequence using one of the following scenarios:
•
•
If a custom task sequence step specifies an application that is matched to an application defined in the distribution share and if there is also a match between the Command Prompt window of the step and the Command Prompt window of the distribution share application, that task sequence step is added to the Custom Task group.
•
If a custom task sequence step specifies an application that cannot be matched to an application defined in the distribution share, that task sequence step is added to the Unknown Tasks group, which is disabled. Administrative intervention is required to edit the task sequence and move the step to an appropriate location within the new task sequence.
If MDT 2008 is installed on a computer on which BDD 2007 is already installed and MDT 2008 upgrades the original BDD 2007 distribution share directory, uninstalling BDD 2007 may remove files that are common to MDT 2008 and BDD 2007. For this reason, if BDD 2007 is uninstalled, it must be uninstalled before MDT 2008 is installed by backing up the distribution share directory, uninstalling BDD 2007, restoring the distribution share directory, and then installing MDT 2008.
Coexist with BDD 2007 Prior to installing MDT 2008 on a computer on which BDD 2007 is already installed, understand that BDD 2007 and MDT 2008 cannot use the same distribution share directory. The BDD 2007 distribution share directory will not be upgraded so as to allow BDD 2007 and MDT 2008 to function independently. If the steps outlined below are properly followed, BDD 2007 and MDT 2008 can be used on the same computer. To install MDT 2008 in this scenario 313.Install MDT 2008. 314.Complete the following steps to create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory. Chose one of the following distribution share options: 1. Create new distribution share directory. If MDT 2008 will create and use a new distribution share directory for its base configuration, in the Specify Directory dialog box, click Create a new distribution share, and then type the path to the location in which the distribution share directory will be created. 2. Upgrade an existing distribution share. If MDT 2008 is to upgrade and use the existing BDD 2007 distribution share directory for its base configuration, a copy of the BDD 2007 distribution share directory must be created before proceeding. Then, in the Specify Directory dialog box, click Upgrade an existing distribution share, and type the path to the copy of the BDD 2007 distribution share directory. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Installing MDT 2008
117
CAUTION To understand the limitations of upgrading a BDD 2007 distribution share directory, see the topics mentioned in the section, “Upgrade from or Coexist with BDD 2007 or a Previous MDT Version.”
c.
Click Finish.
Upgrade from BDD 2007 The following points must be understood prior to installing MDT 2008 on a computer on which BDD 2007 is already installed. MDT 2008 installation upgrades the BDD 2007 distribution share directory. •
If MDT 2008 is installed on a computer on which BDD 2007 is already installed and MDT 2008 installation upgrades the original BDD 2007 distribution share directory, uninstalling BDD 2007 may remove files that are common to MDT 2008 and BDD 2007.
•
BDD 2007 distribution share directories that MDT 2008 has upgraded are no longer valid for use with BDD 2007.
To install MDT 2008 in this scenario 315.Create a backup of the BDD 2007 distribution share directory. 316.Uninstall BDD 2007. 317.Install MDT 2008. 318.Create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory. c.
In the Specify Directory dialog box, click Upgrade an existing distribution share, and then type the path to the BDD 2007 distribution share directory previously restored. CAUTION To understand the limitations of upgrading a BDD 2007 distribution share directory, see the topics mentioned in the section, “Upgrade from or Coexist with BDD 2007 or a Previous MDT Version.”
d. Click Finish. 319.When the distribution share has been created, use Deployment Workbench to respecify the deployment points and database connections.
Upgrade from a Previous Version of MDT Using LTI Deployment The following are the basic steps to upgrade from a previous version of MDT to MDT 2008 using LTI deployment: 320.Install MDT 2008. Doing so automatically upgrades the existing MDT installation to MDT 2008. 321.Create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory. Solution Accelerators microsoft.com/technet/SolutionAccelerators
118
Microsoft Deployment Toolkit 2008
c.
Select Upgrade an existing distribution share, provide the full path to the existing distribution share directory, and then click Finish. The existing scripts and tools in the distribution share directory will be upgraded to MDT 2008. After the wizard finishes, a console refresh may be required to refresh the nodes under the Distribution Share node.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Installing MDT 2008
119
322.Update the MDT 2008 deployment points: a. In Deployment Workbench, expand Deploy, and then click Deployment Points. b. Right-click each deployment point listed, and then click Update. Doing so updates each deployment point with the new MDT 2008 files and updated Windows PE images. a. MDT 2008 does not require Windows AIK 1.1 if only Windows Vista RTM, Windows XP, or Windows Server 2003 will be deployed. But if Windows Vista SP1 or Windows Server 2008 will be deployed, update to Windows AIK 1.1. To update to Windows AIK 1.1 323.Uninstall Windows AIK 1.0. 324.Restart the computer. 325.Install Windows AIK 1.1. 326.Update the MDT 2008 deployment points: a. In Deployment Workbench, expand Deploy, and then click Deployment Points. b. Right-click each deployment point listed, and then click Update. Doing so updates each deployment point with the new Windows PE 2.1 images.
Upgrade from a Previous Version of MDT Using ZTI Deployment with Systems Management Server If the environment runs a previous version of MDT using ZTI deployment with Systems Management Server, the following are the basic steps for upgrading to MDT 2008: 327.Install MDT 2008. Doing so automatically updates the existing MDT installation to MDT 2008. 328.Create the MDT 2008 distribution share: a. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. b. Right-click the Distribution Share node, and then click Create distribution share directory to upgrade the scripts and tools in the distribution share directory. Back up the existing scripts as part of this process, if necessary. After performing this action, press F5 to refresh the nodes under the distribution share node. 329.Update each SMS 2003 OSD Feature Pack deployment point. 330.Modify the list of files needed in each SMS 2003 OSD Feature Pack program’s custom steps using SMS Administrative Console, then update the Systems Management Server distribution points. This step is necessary, because MDT 2008 includes some new files, and the upgrade removes some old files (related to servicing stacks). 331.If a ResourceRoot package or directory is used, make sure this directory contains a full copy of the Servicing directory in the distribution share directory. Be sure to update the distribution points if a package is used. This directory contains the servicing stack files for Windows Vista (RTM and SP1) and Windows Solution Accelerators
microsoft.com/technet/SolutionAccelerators
120
Microsoft Deployment Toolkit 2008
Server 2008. Without these files, MDT 2008 will be unable to inject drivers, updates, and language packs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Installing MDT 2008
121
MDT 2008 does not require Windows AIK 1.1 if only Windows Vista RTM, Windows XP, or Windows Server 2003 will be deployed. But if Windows Vista SP1 or Windows Server 2008 will be deployed, upgrade to Windows AIK 1.1. To upgrade to Windows AIK 1.1 332.Uninstall Windows AIK 1.0. 333.Restart the computer. 334.Install Windows AIK 1.1. Note The steps above are similar to those used for LTI deployment, because these two deployment methods share most of the MDT 2008 scripts and tools.
Upgrade from a Previous Version of MDT Using ZTI with System Center Configuration Manager If running a previous version of MDT using ZTI deployment with System Center Configuration Manager, the following are the basic steps for upgrading to MDT 2008: 335.Install MDT 2008. Doing so automatically upgrades the existing MDT installation to MDT 2008. 336.Integrate MDT 2008 with System Center Configuration Manager: a. Be sure Configuration Manager console is not running. b. Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Configure ConfigMgr Integration. c.
Select Install the ConfigMgr extensions, provide the name of the site server and the site code, and then click Finish. The wizard copies the new MDT 2008 dynamic link libraries (DLLs) into the Configuration Manager console installation directory (for example, C:\Program Files\Microsoft Configuration Manager Console\AdminUI\bin) and updates the Windows Management Instrumentation (WMI) classes needed for the MDT 2008 custom task sequence steps.
b. All existing task sequences will continue to function and are unchanged. However, a new MDT 2008 tools package should be created for use with any new task sequences. If desired, update existing task sequences to use the new MDT 2008 tools package; however, a new task sequence must be created before doing so, because there is no way to create only a new MDT 2008 tools package. c.
MDT 2008 does not require Windows AIK 1.1 if only Windows Vista RTM, Windows XP, or Windows Server 2003 will be deployed. But if deploying Windows Vista SP1 or Windows Server 2008, upgrade to Windows AIK 1.1.
To upgrade to Windows AIK 1.1 337.Uninstall Windows AIK 1.0. 338.Restart the computer. 339.Install Windows AIK 1.1. Note When Windows AIK 1.1 is installed on the computer that will be used to run Configuration Manager console, the MDT 2008 Import Microsoft Deployment Task Sequence Wizard creates Windows PE 2.1 boot images (instead of the Windows PE 2.0 boot images created from Windows AIK 1.0).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
122
Microsoft Deployment Toolkit 2008
Note The System Center Configuration Manager team is working on instructions for installing Windows AIK 1.1 for use with System Center Configuration Manager. The basic steps above (uninstall, restart, install) should not cause any issues, but some additional steps are needed to replace the existing default boot images that System Center Configuration Manager created when it was first installed. (To move to System Center Configuration Manager SP1, Windows AIK 1.1— or more specifically, Windows PE 2.1—is required.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Sta r ting Dep lo yment Wor kbenc h To start Deployment Workbench, click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. Figure 1 shows Deployment Workbench.
Figure 1. Deployment Workbench As shown in Figure 1, the console tree contains the following items: •
Information Center. Expand this item to access breaking news about MDT 2008 and the components required for using it.
•
Distribution Share. Expand this item to view the operating systems, applications, operating system packages, and out-of-box drivers that the distribution share contains. Click any item beneath Distribution Share to view its contents in the details pane.
•
Task Sequences. Click Task Sequences in the console tree to see a list of task sequences in the details pane. To create a task sequence, right-click Task Sequences, and then click New. To configure a task sequence, right-click it in the details pane, and then click Properties.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
124
•
Microsoft Deployment Toolkit 2008
Deploy. Expand this item to see the Deployment Points and Database items. Click Deployment Points to see a list of deployment points in the details pane. To create a deployment point, right-click Deployment Points, and then click New. To configure a deployment point, right-click a deployment point in the details pane, and then click Properties. Click Database to edit the database. For more information about the database, see the MDT 2008 documents, Deployment Customization Guide and Microsoft Deployment Toolkit 2008 Samples Guide.
CAUTION Open only a single instance of Deployment Workbench. Opening two or more instances of Deployment Workbench can result in unpredictable behavior. Note When using Deployment Workbench on an operating system other than Windows Vista for tasks other than reviewing the documentation, log on to the computer using an account that is a member of the local Administrator group. Note When using Deployment Workbench on a computer that is running Windows Vista, always log on to the computer using an account that is a member of the local Administrator group. Tip The default Deployment Workbench view includes the Actions pane. Remove the Actions pane by opening MMC in Author mode. To open MMC in Author mode, open a Command Prompt window, and then run C:\Program Files\Microsoft Deployment Toolkit\Bin\DeploymentWorkbench.msc /a. Click View, and then click Customize. Clear the Actions pane check box, and then click OK. To save changes, from the File menu, click Save. When prompted to choose whether to display a single window interface, click Yes.
Program Folders Table 6 describes the subfolders in the MDT 2008 program folder (C:\Program Files\Microsoft Deployment Toolkit\) when installation is complete. Table 6. MDT 2008 Program Folders Subfolder
Description
Bin
Contains the Deployment Workbench MMC snap-in and supporting files.
Control
Contains configuration data for Deployment Workbench.
Documentation
Contains the documentation and job aids.
Downloads
Provides storage for components that Deployment Workbench downloads.
Management Pack
Contains the management pack files.
Samples
Contains sample task sequence scripts and Windows PE desktop background graphics.
SCCM
Contains task sequence templates and automation objects used during System Center Configuration Manager integration.
Scripts
Contains scripts that Deployment Workbench uses.
Templates
Contains template files that Deployment Workbench uses.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Getting Started Guide: Starting Deployment Workbench
125
Distribution Share After the Distribution Share has been created, it contains the subfolders listed in Table 7. Table 7. MDT 2008 Distribution Folders Subfolder
Description
%OEM%
Provides storage for files to copy to the target computer during Windows installation.
Applications
Provides storage for application source files.
Boot
Provides storage for Windows PE boot images (.wim and .iso files); this folder does not appear until after updating a deployment point.
Captures
Provides storage for captured images.
Control
Contains configuration data for Deployment Workbench. The subfolders contain configuration data for each task sequence created in the workbench. Each subfolder is given a name that corresponds to the ID that was assigned to the task sequence when it was created in Deployment Workbench. Additionally, it contains folders for each deployment point. Each deployment point folder has a name based on a globally unique identifier (GUID).
Operating Systems
Contains source files for each operating system added to the distribution share using Deployment Workbench.
Out-of-Box Drivers
Provides storage for device drivers that do not ship with Windows.
Packages
Provides storage for packages to include in Windows.
Scripts
Contains deployment scripts.
Tools
Contains tools that MDT 2008 uses, including the Task Sequencer, for each supported platform (x86 and x64).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Upd ating R equ ir ed Co mponents After installing MDT 2008 and becoming familiar with Deployment Workbench, ensure that the following mandatory components are downloaded and installed: •
Windows AIK. Windows AIK is available from the Microsoft Download Center at the download location listed in the section, “Appendix A: Software Download Locations,” later in this guide. The component can be preinstalled if it is already downloaded. Also, Deployment Workbench can be used to download and install it. Note For information about which version of Windows AIK should be installed, see “Prerequisites for MDT 2008” earlier in this guide.
•
MSXML version 6.0. This component can be preinstalled, or Deployment Workbench can be used to download and install it. The Windows AIK distribution media include the MSXML version 6.0 installation file. Additionally, the installation file can be downloaded from the Web page listed in the section, “Appendix A: Software Download Locations,” later in this guide.
Deployment Workbench can download and install components. Perform the following steps to download and install components by using Deployment Workbench: 1. In Deployment Workbench, expand Information Center, and then click Components. 2. In the Available for Download section of the components pane, click a component; then, in the details pane, click Download. Deployment Workbench displays the download status in the components pane. When Deployment Workbench finishes downloading the component, it moves the component to the Downloaded section in the components pane. 3. In the Downloaded section of the components pane, click a downloaded component; then, in the details pane, click Install to install the component or click Browse to open the folder containing the component in Windows Explorer. Some components do not require installation or cannot be installed automatically by Deployment Workbench. After downloading a component that Deployment Workbench cannot install automatically, open the folder containing the component, and then install the component manually. Tip Check the Internet frequently for updated components. On the Deployment Workbench main menu bar, from the Action menu, click Check for Updates. On the Check for Updates page of the Check for Updates Wizard, select Check the Internet, and then click Check. Note The offline servicing kernel update, available with the Microsoft TechNet article, “When you use Windows Server 2003 or Windows XP to modify a Windows Vista registry hive, Windows Vista registry key flags are removed,” at http://support.microsoft.com/kb/926044, is required when using Deployment Workbench and Windows AIK on Windows XP with SP2 or Windows Server 2003 with SP1.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Team G ui dance MDT 2008 includes guides for the various teams that participate in a deployment project. The types of guides are: •
Technical guides. Focus on one particular technical area.
•
Reference guides. Contain reference content only and are formatted as lists (glossaries) and tables (properties). Reference guides do not contain narrative or step-by-step instructions.
Technical Guides MDT 2008 includes several technical guides: •
Application Packaging Guide. Provides guidance for repackaging applications.
•
Deployment Customization Guide. Describes how to customize LTI and ZTI deployments.
•
Microsoft Deployment Toolkit 2008 Samples Guide. Identifies deployment scenarios and corresponding configuration settings when deploying target computers using ZTI and LTI deployment. The sample configuration files in this guide can be used as a starting point.
•
Microsoft Deployment Toolkit 2008 Management Pack. Describes the installation and configuration of the management pack. The MDT 2008 Management Pack can provide detailed information about the MDT 2008 deployment process to IT Pros involved in the deployment and operations processes.
•
Image Customization Guide. Describes how to customize reference images by customizing the task sequence, developing custom scripts, customizing existing MDT 2008 scripts, working with SMS 2003 OSD Feature Pack variables, and so on. Includes information about customizing actions, such as disk, network, and role configuration.
•
Preparing for LTI Tools. Describes how to create a default installation of MDT 2008 for LTI deployment.
•
Preparing for Microsoft System Center Configuration Manager 2007. Describes how to create a default installation of MDT 2008 for ZTI deployment by using System Center Configuration Manager.
•
Preparing for Microsoft Systems Management Server 2003. Describes how to create a default installation of MDT 2008 for ZTI deployment by using Systems Management Server and the SMS 2003 OSD Feature Pack.
•
Microsoft System Center Configuration Manager 2007 Imaging Guide. Describes how to use System Center Configuration Manager to prepare for image creation and deployment.
•
User State Migration Guide. Describes key concepts and decisions regarding the use of USMT to migrate user state data from old configurations to the new configuration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
128
•
Microsoft Deployment Toolkit 2008
Workbench Imaging Guide. Describes how to use Deployment Workbench to prepare for image creation and deployment.
Reference Guides MDT 2008 also includes two reference guides: •
Toolkit Reference. Describes all customizable task sequence steps, properties that the customer can configure or use in scripts or in the Task Sequencer, and each script contained in the task sequence and customization points.
•
Troubleshooting Reference. Describes common error codes and failures. Where available, resolutions to certain issues are provided.
Other Documents MDT 2008 includes several templates that help teams manage the project. •
Quick Start Guide for Lite Touch Installation. This quick-start guide helps personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using MDT 2008 to install Windows operating systems by using LTI deployment.
•
Quick Start Guide for Microsoft System Center Configuration Manager 2007. This quick-start guide helps personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using MDT 2008 to install Windows operating systems by using System Center Configuration Manager.
•
Quick Start Guide for Microsoft Systems Management Server 2003. This quickstart guide helps personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using MDT 2008 to install Windows operating systems by using Systems Management Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix
A: Sof tw ar e D own load Loca ti ons
Software
Platform
Download location
MSXML version 6.0
Windows 2000; Windows Server 2003; Windows XP
http://www.microsoft.com/downloads/details.aspx?FamilyID=993C0BCF3BCF-4009-BE21-27E85E1857B1
MSXML version 3.0
Windows 2000; Windows Server 2003; Windows XP
http://www.microsoft.com/downloads/details.aspx?FamilyID=28494391052b-42ff-9674-f752bdca9582
MMC version 3.0
Windows Server 2003 x86
http://www.microsoft.com/downloads/details.aspx?FamilyID=4c84f80b908d-4b5d-8aa8-27b962566d9f
MMC version 3.0
Windows Server 2003 x64
http://www.microsoft.com/downloads/details.aspx?FamilyID=b65b9b175c6d-427c-90aa-7f814e48373b
MMC version 3.0
Windows XP Professional x86
http://www.microsoft.com/downloads/details.aspx?FamilyID=61fc1c6606f2-463c-82a2-cf20902ffae0
MMC version 3.0
Windows XP Professional x64
http://www.microsoft.com/downloads/details.aspx?FamilyID=1391d79c9699-487a-bbc5-f5471fae7169
Microsoft offline servicing kernel update
Windows XP; Windows Server 2003
http://support.microsoft.com/kb/926044/
Visual C++ runtime
Windows 2000
http://support.microsoft.com/kb/259403
Microsoft .NET Framework version 2.0
All x86
http://www.microsoft.com/downloads/details.aspx?FamilyID=0856eacb4362-4b0d-8edd-aab15c5e04f5
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
130
Microsoft Deployment Toolkit 2008
Software
Platform
Download location
Microsoft .NET Framework version 2.0
All x64
http://www.microsoft.com/downloads/details.aspx?FamilyID=b44a0000acf8-4fa1-affb-40e78d788b00
Windows Internet Explorer version 6 with SP1
All
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e1550cb5e5d-48f5-b02b-20b602228de6&displaylang=en
Windows AIK version 1.0
Windows Server 2003; Windows XP; Windows Vista
http://www.microsoft.com/downloads/details.aspx?FamilyID=C7D4BC6D15F3-4284-9123-679830D629F2
Windows AIK for Windows Vista SP1 and Windows Server 2008
Windows Server 2008; Windows http://www.microsoft.com/downloads/details.aspx?FamilyID=94bb6e34Server 2003; Windows XP; d890-4932-81a5-5b50c657de08 Windows Vista
Windows Installer version 3.1
Windows Server 2003; Windows XP; Windows 2000
http://www.microsoft.com/downloads/details.aspx?FamilyID=889482fc5f56-4a38-b838-de776fd4138c
Windows Script version 5.6
Windows XP; Windows 2000
http://www.microsoft.com/downloads/details.aspx?FamilyID=c717d9437e4b-4622-86eb-95a22b832caa
Windows Script version 5.6
Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyID=887fce82e3f5-4289-a5e3-6cbb818623aa
Windows XP SP3 Deployment Tools
Windows XP with SP2 or later
http://www.microsoft.com/downloads/details.aspx?familyid=673a10198e3e-4be0-ac31-70dd21b5afa7
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix B: Pr epar ing W indo ws 2000 Clien t Co mpute r s Complete the following steps to install the Visual C++ runtime on a computer running the Windows 2000 operating system. 340.Download the vc6redistsetup_enu.exe installation program. See the section, “Appendix A: Software Download Locations,” earlier in this guide for the download location. The installation program will not directly install in Windows 2000. 341.Extract the files by executing the command: Start /Wait <path>\vc6redistsetup_enu.exe /Q /C /T:%TEMP% && %TEMP%\vcredist.exe /C /T:%SYSTEMROOT%\Temp\KB259403 342.Copy the following extracted files from %SYSTEMROOT%\Temp\KB259403 to the %SYSTEMROOT%\System32 folder of the computer running Windows 2000: •
Asycfilt.dll
•
Atl.dll*
•
Atlu.dll
•
Comcat.dll*
•
Mfc42.dll*
•
Mfc42u.dll*
•
Msvcp60.dll*
•
Msvcirt.dll
•
Msvcrt.dll
•
Oleaut32.dll*
•
Olepro32.dll*
•
Stdole2.tlb.
Note
All files marked with an asterisk (*) require registration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix
C: Refer ences
The following educational and reference resources are available to assist in training deployment teams: •
Microsoft Help and Support article, “Description of Client Installation Wizard Screens for Remote Installation Services,” at http://support.microsoft.com/default.aspx?scid=kb;en-us;268325
•
Microsoft Help and Support article, “How to Add Third-Party OEM Network Adapters to RIS Installations,” at http://support.microsoft.com/default.aspx?scid=kb%3Benus%3B246184
•
Microsoft Help and Support article, “Ports that Systems Management Server 2003 uses to communicate through a firewall or through a proxy server,” at http://support.microsoft.com/default.aspx?scid=kb;en-us;826852
•
Microsoft Help and Support article, “‘The operating system image you selected does not contain the necessary drivers for your network adapter’ error message during the text-mode part of Setup when you deploy an operating system image by using RIS,” at http://support.microsoft.com/?id=823658
•
The white paper, “Deploying and Managing the Windows Deployment Services Update on Windows Server 2003,” at http://go.microsoft.com/fwlink/?LinkId=81031
•
Windows Deployment Services Update Step-by-Step Guide, which is included in the System Center Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx
•
Windows Server 2008 Security Guide at http://www.microsoft.com/technet/security/prodtech/windowsserver2008/default.mspx
•
Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included in the SMS 2003 OSD Feature Pack
•
Windows Vista Security Guide at http://go.microsoft.com/?linkID=5744573
Microsoft® Deployment Toolkit 2008
Template User Instructions
133
Image Customization Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, BitLocker, PowerShell, Visual Basic, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This guide describes how to customize reference images by customizing the task sequence, developing custom scripts, customizing existing scripts, adding applications, and customizing actions. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
This guidance extends the Microsoft® Deployment Toolkit (MDT) 2008 documents Workbench Imaging Guide and Microsoft System Center Configuration Manager 2007 Imaging Guide. Table 1 lists the reference guides that will assist in finding the correct information to configure and set up Deployment Workbench, Microsoft Systems Management Server (SMS) 2003, and Microsoft System Center Configuration Manager 2007. Table 1. Related Imaging Guide References Guide
This document
Getting Started Guide
Describes new MDT 2008 features, product supportability, installation prerequisites and procedures, and documentation
Workbench Imaging Guide
Describes how to use Deployment Workbench to prepare for image creation and the deployment process
Microsoft System Center Configuration Manager 2007 Imaging Guide
Describes how to use System Center Configuration Manager to prepare for image creation and the deployment process
Preparing for Microsoft System Center Configuration Manager 2007
Describes how to create a default installation of MDT 2008 for Zero Touch Installation (ZTI) using System Center Configuration Manager
Preparing for Microsoft Systems Management Server 2003
Describes how to create a default installation of MDT 2008 for ZTI using Systems Management Server and the SMS 2003 Operating System Deployment (OSD) Feature Pack
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom Ima ges In some limited situations, the new Windows Imaging Format (WIM) in Windows Vista and Windows Server 2008 can act as master images for deployment without further customization. However, most organizations will find that they must build custom images to satisfy their deployment requirements. Windows XP and Windows Server 2003 must be installed and then captured into an image format that can then be deployed using Lite Touch Installation (LTI) deployment, ZTI deployment, Systems Management Server, and System Center Configuration Manager. The most common requirements for building custom images fall into the following categories: •
Configuring common system settings for use by multiple users
•
Adding core applications to an operating system
•
Adding operating system updates or fixes
•
Adding device drivers needed to support different hardware
•
Adding additional language support for worldwide deployments
MDT 2008 provides technologies that enable all of these customizations and the choice of when to perform them.
Thick or Thin Images Image customization invariably brings up discussions of whether images should contain the operating system files only (thin image) or the application software as well (thick image). Thin images are primarily composed of the operating system files without additional applications already installed. Operating system settings may be configured as part of a thin image, but no additional files beyond those that are part of the operating system proper are included. It may be decided that the deployment process is robust enough to deploy required applications as a separate process rather than build those applications into the image. Thick images include the base operating system files and typically any core applications that the majority of the organization’s users employ. The addition of language resources, driver libraries, and (in many cases) source media for the operating system and certain applications increases the size of these images significantly. Windows Vista images are larger than their Windows XP base equivalents. Images that include Windows Vista as well as Microsoft Office images are larger still. Ultimately, the way the target computers are used may decide whether thick or thin images are used. Also, the infrastructure and tools used in the deployment process will influence whether thick or thin images are used. The same principles apply to server images. Windows Server 2008 images are larger than their Windows Server 2003 counterparts, unless the Server Core installation option of the Windows Server 2008 operating system is used.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Mod if ying Task Sequen ces This section describes the steps required to modify the default task sequences during the addition of an operating system to Deployment Workbench and System Center Configuration Manager. The Task Sequencer runs the task sequence top to bottom in the order specified. Each task in the sequence is a step, and steps can be organized into groups and subgroups. Deployment Workbench is used to create a new task sequence for that image deployment or performs similar functions in Configuration Manager console. Task sequences contain the following types of items: •
Tasks. Within a task sequence, tasks do the actual work. Tasks are commands that the Task Sequencer runs during the sequence, such as partitioning the disk, capturing user state, and installing the operating system. In the default task sequence, most tasks are commands that run scripts.
•
Groups. The task sequence can be organized into groups—folders that can contain subgroups and tasks. Groups can be nested as necessary. For example, the default task sequence puts tasks in groups by phase and deployment type.
Groups are especially useful for filtering, because an entire collection of tasks can be run based on given conditions. Note The Task Sequencer used in MDT 2008 requires that the Create Global Object right be assigned to credentials used in running Deployment Workbench and the deployment process. This right is typically available to accounts with administrative-level permissions (unless explicitly removed). The Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed through MDT 2008. For additional information, see the Windows Vista Security Guide at https://www.microsoft.com/downloads/details.aspx?familyid=A3D1BBED-7F35-4E72-BFB5B84A526C1565&displaylang=en.
Deployment Workbench Deployment Workbench uses task sequences to order tasks during the operating system deployment process. Task sequences can be customized for the needs of the imaging environment using Deployment Workbench. LTI is used to build master images for deployment with the Lite Touch Deployment Wizard and to capture them for use with the SMS 2003 OSD Feature Pack. System Center Configuration Manager has its own built-in image-build procedure that uses a task sequence in a similar fashion.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Operating System Packages To add operating-system packages, including language packs and operating system updates, to the distribution share, complete the following steps: 343.In Deployment Workbench, expand the Distribution Share node. 344.Right-click OS Packages, and then click New to start the New Package Wizard. 345.On the Select the location of the package files tab, type the path containing the package files to be added to the distribution share, and then click Add. Deployment Workbench adds all the packages it finds in the folder and subfolders. After packages are added to the distribution share, they appear in the OS Packages details pane. The packages also appear in the distribution share in the Packages folder. Note Deployment Workbench only supports the import of Windows Vista and Windows Server 2008 operating system packages.
By default, packages added to the distribution share are included as part of the LTI image-build process. But each package can be individually enabled or disabled and—in the case of language packs—hidden from the Lite Touch Deployment Wizard. Enabling a specific operating system package amounts to approving the installation as part of an image build. Note For silent installation of Windows Vista operating system updates that are natively delivered as .msu files, install the update available with the Microsoft Help and Support article, “When you run Wusa.exe together with the /quiet option to try to install certain software packages on a Windows Vista-based computer, the installation fails,” at http://support.microsoft.com/kb/929761 in all Windows Vista images. This update to the Windows Update Standalone installer fixes an issue in which updates with an embedded End User License Agreement (EULA) fail to install silently with the /quiet option.
Languages Operating system language packs are added in the same way as updates using the New Package Wizard in Deployment Workbench. Because each language pack can be hidden or disabled, it is easy to create images that have only a subset of the supported languages for delivery within a specific geographic region. Some language packs are large; therefore, it may not be the best practice to add all languages to a master image. At deployment time, the MDT 2008 database can be queried with location information to install needed language resources.
Updates Updates can be applied to task sequences to keep the images up to date for security and additional software fixes. Updates can be added during the initial creation of the task sequence or as a secondary process after the task sequence is created. The default Deployment Workbench task sequences will automatically install the needed updates when the image is deployed. This will normally be done while the system is booted into Windows Preinstallation Environment (Windows PE) by updating an Unattend.xml file with appropriate settings to allow Windows Vista or Windows Server 2008 Setup to inject the updates offline.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide
5
Some operating system updates may be considered additional features—for example, the update for Windows PowerShell™, which is available in the Microsoft TechNet article “Windows PowerShell 1.0 Installation Package for Windows Vista,” at http://support.microsoft.com/kb/928439. It may be decided that this particular update won’t be added to Windows Vista images but as a separate application. To add an operating system package such as this, create a new application in the distribution share, and then open a Command Prompt window to deploy the update through Windows Update Standalone installer (Wusa.exe) with the /quiet option.
Out-of-Box Drivers Out-of-box drivers contain drivers that either were not delivered as part of the Windows operating system itself or are later versions released since the original operating system release. It is also common for original equipment manufacturers (OEMs) to release specific versions of otherwise-generic drivers that enable particular features of their hardware implementation. The Out-of-Box Drivers listing can be edited to contain groups that help identify which drivers are associated with different platforms and computer types. Using the driver groups feature of Deployment Workbench can assist in building hardware-specific images as well as offer additional, deployment-time dynamic driver injection. In addition, the drivers will be available for use with Windows PE as well as operating system images. For Windows PE use, network drivers and storage controller drivers are needed most. To add a group classification to an Out-of-Box Drivers listing 346.Open Deployment Workbench, and then expand Distribution Share. Click Out-ofBox Drivers, select driver (where driver is the name of the driver to add to a group), and then click Properties. 347.In the Driver Properties dialog box, click the Groups tab. 348.Click Add to open the New Driver Group dialog box. Type the desired name of the driver group, click OK, and then click OK again to close the Driver Properties dialog box. Note Groups can also be created during the addition of drivers using the Add Group button on the Specify Directory page of the New Driver Wizard. For additional information about the New Driver Wizard, refer to the MDT 2008 document, Workbench Imaging Guide.
Good practice is to create a Windows PE group and add any storage controller or network adapter to this driver group to enable these drivers when customizing Windows PE.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Windows XP or Windows Server 2003 Storage Drivers Special consideration should be given to Windows XP and Windows Server 2003 drivers —especially storage-controller drivers. Create these legacy Windows images with any required storage-controller drivers present when first executing the System Preparation Tool (Sysprep). To ensure that this process works properly, complete the following steps: Note The $OEM$ structure mentioned below is a method of copying an intact folder structure from the distribution share onto the partition on which the Windows operating system is being installed. This process is thoroughly documented in the Setup documentation for every Windows operating system.
349.Download the most recent Windows Hardware Qualified drivers from the OEM. 350.Extract these drivers to the distribution share in an $OEM$ structure, such as \\Servername\Distribution$\Control\
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide
7
Applications The first step in adding applications to an image is to add them to the distribution share. Deployment Workbench can install the application from its original network location, or it can copy the application source files to the distribution share. In either case, the commands for installing the application are specified when the application is added to the distribution share. In addition, individual applications can be added as needed to an individual task sequence for more granular image builds. As mentioned earlier, an application such as Windows PowerShell, which is released as a Windows Vista update, could be added as an application by first adding it as a new application with the command WUSA.EXE /quiet to install the Windows6.0-KB928439-x86.msu file (or the Windows6.0-KB928439x64.msu file). To add Windows PowerShell 353.In Deployment Workbench, expand the Distribution share. 354.Right-click the Applications node, and then click New. 355.In the New Application Wizard, select Application with source files, and then click Next. 356.Complete the Details page appropriately with the Windows PowerShell name. (The other fields are optional.) 357.On the Source page, browse to the folder in which the Windows6.0-KB928439x86.msu file resides, and then click OK. Click Next. 358.On the Destination page, leave the default name of Windows PowerShell, and then click Next. 359.On the Command Details page, type wusa.exe /quiet Windows6.0-KB928439-x86.msu 360.Leave the Working directory field as is, and then click Finish. To hide the application in the wizard, right-click the new application, and then click Properties. In the Properties dialog box, select the Hide this application in the Deployment Wizard check box, and then click OK. To create a new task to install Windows PowerShell individually 361.In Deployment Workbench, right-click the task sequence to modify, and then click Properties. 362.On the General tab, select the Hide this task sequence in the Deployment Wizard check box to prevent the task sequence from appearing. 363.On the Task Sequence tab (which serves at the editor in Deployment Workbench), go to the State Restore phase. 364.If the task sequence has a Restore User State task, select this task, and then click Add. Beneath the general tasks, select Install Application. Note
Use the Up and Down buttons to order the added task as needed.
If the newly added application was selected, note that on the Properties tab, a single application can be installed and Windows PowerShell can be selected from the list. Note Use this method to install individual applications to give more granularity to the image customization.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
System Center Configuration Manager Unlike Systems Management Server, System Center Configuration Manager has the ability to create images natively without direct need of MDT 2008. However, the integration of MDT 2008 with System Center Configuration Manager combined with the ability to import task sequences from MDT 2008 provides additional granularity and functionality. System Center Configuration Manager does not use any of the application, operating system, or driver packages from Deployment Workbench. Instead, System Center Configuration Manager packages are defined for applications, operating system packages, and drivers as part of an image-customization process. By modifying the image-build task sequence in System Center Configuration Manager, the details of the build can be defined with significant granularity.
Use System Center Configuration Manager Packages with MDT 2008 Because System Center Configuration Manager maintains applications, operating system packages, and drivers in a fairly uniform fashion, it is easy to use the System Center Configuration Manager tools to create new packages and to add them as needed to an individual task sequence. Operating system packages (or updates) and language packs are installed as part of the new Software Update Point feature in System Center Configuration Manager. Individual updates or multiple updates or language packs are selected as needed and then individually installed as part of a task sequence.
Operating System Packages, Drivers, and Language Packs System Center Configuration Manager natively installs operating system packages, drivers, and language packs online after it has installed the operating system. For Windows Vista and Windows Server 2008, MDT 2008 can install these elements as part of a task sequence offline, while booted into Windows PE, and automate this installation in a just-in-time fashion. For example, the default MDT 2008 task sequence for import into System Center Configuration Manager has a task already configured named Auto Apply Drivers, which automatically installs all relevant drivers to an image offline. This offline driver management means that when the computer starts for the first time, all the drivers needed are already present on the computer, virtually guaranteeing a successful deployment. Language packs can be installed either offline or online by adding Install Language Packs Offline or Install Language Packs Online to the appropriate section of the task sequence used to create the master image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide
9
Add Applications to a Task Sequence Adding a specific application to a task sequence in Configuration Manager console is as simple as adding one in Deployment Workbench. To add an application to a task sequence 365.In Configuration Manager console, expand Operating System Deployment. Select the task sequence to modify, and then click Edit. 366.Locate the State Restore phase of the task sequence, and then find an appropriate location in which to add the Install Software task. Application installation should typically occur before the Restore User State step or a step such as Install Software Updates that may affect the installed application. 367.Click Add. In the General group, select the Install Software task. 368.Modify the properties, and then select the Install a single application option. Click Browse to select the application to install, and then select the associated program from the list. Note When making an addition or change to a task sequence, use the Up and Down buttons to move the task to the proper location.
369.When all necessary changes have been made, click Apply to save changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Scr ipt Use in MDT 2008 Scripts provide the automation of the image-build and overall deployment process. They scan the configuration files, query the configuration database, evaluate environment variables to determine the rules to be used when deploying the images to the target computers, and perform many other intricate deployment tasks. MDT 2008 uses both Microsoft Visual Basic® Scripting Edition (VBScript—.vbs) and Windows Script file (.wsf) scripts. Typically, there is no need to modify one of the delivered scripts. If a modification is necessary, instead of modifying one of the delivered scripts, copy the script to a new file, update it, and thoroughly test the effect of any change. The scripts create log files as the scripts automate the deployment process. The log files record the status of the deployment process and can be used to assist in troubleshooting this process.
Develop Custom Scripts New scripts can be developed for use in LTI and ZTI deployments. These scripts should be in the form of .vbs or .wsf files. For examples of scripts that Deployment Workbench uses, open the installation path of the distribution share and then open the Scripts folder. Microsoft does not support customized and custom scripts. Before describing how to create a script, it is best to review how the scripts included with MDT 2008 are constructed. The standard MDT 2008 script is a .wsf file, which allows references to be made to functions that are contained in other scripts. MDT 2008 scripts leverage this functionality by referencing a script called ZTIUtility.vbs, which is used to initialize the MDT 2008 environment and setup classes. The script defines several standard objects that need not be declared in the script: •
oFSO. File System Object
•
oShell. WScript Shell object
•
oEnv. Process Environment object
•
oNetwork. WScript Network object
Four classes are defined that perform several standard tasks: •
Environment. This class configures environment variables gathered through Windows Management Instrumentation (WMI) and MDT 2008 rule processing, allowing for direct reference from the script.
•
Logging. This class provides the logging functionality that all MDT 2008 scripts use, creating a single log file for each script and a consolidated log file of all scripts.
•
Utility. This class provides general utility functionality.
•
Database. This class performs functions such as connecting to databases and reading information from databases.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
11
Environment Class This class is referenced in scripts through the oEnvironment object. For example, change the computer name to Example by using the following command: oEnvironment.Item("ComputerName") = "Example" Or, to determine whether this is a 32-bit or 64-bit architecture, query the architecture by using the following command: oEnvironment.Item("Architecture")
Logging Class This class is referenced in scripts through the oLogging object. When creating an informational log entry, use the following command: oLogging.CreateEntry "Informational message", LogTypeInfo When creating an error log entry, use the following command: oLogging.CreateEntry "An error occurred",LogTypeError
Utility Class This class is referenced in scripts through the oUtility object. To determine the name of the current script, use the following command: oUtility.ScriptName To find the location of a file, use the following command: iRetVal = oUtility.FindFile("CustomSettings.ini", sIniFile)
Database Class This class is referenced in scripts through the oDatabase object. There is generally no need to use the database class directly; instead, use rule processing to perform database lookups.
Create New Scripts Scripts can also be created for use in the imaging process and called by adding them to the Task Sequence Editor and ultimately adding them to the TS.xml file. Listing 1 shows a template for creating custom scripts. Listing 1. Custom Script Template <job id="Z-Sample"> <script language="VBScript" src="ZTIUtility.vbs"/> <script language="VBScript"> ' //*************************************************************** ************ ' // ***** Script Header ***** ' // ' // Solution: Solution Accelerator for Microsoft Deployment Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
' // File: Z-Sample.wsf ' // ' // Purpose: Template ' // ' // Usage: cscript Z-Sample.wsf [/debug:true] ' // ' // Customer Build Version: 1.0.0 ' // Customer Script Version: 1.0.0 ' // Customer History: ' // ' // ***** End Header ***** ' //*************************************************************** ************ '//--------------------------------------------------------------------------'// '// Global constant and variable declarations '// '//--------------------------------------------------------------------------Option Explicit Dim iRetVal '//--------------------------------------------------------------------------'// End declarations '//--------------------------------------------------------------------------'//--------------------------------------------------------------------------'// Main routine '//--------------------------------------------------------------------------On Error Resume Next iRetVal = ZTIProcess ProcessResults iRetVal On Error Goto 0
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
13
'//-------------------------------------------------------------------------'// '// Function: ZTIProcess() '// '// Input: None '// '// Return: Success - 0 '// Failure - non-zero '// '// Purpose: Perform main ZTI processing '// '//-------------------------------------------------------------------------Function ZTIProcess() iRetVal = Success ZTIProcess = iRetval '!!!!!!!!!!!
INSERT YOUR CODE HERE
!!!!!!!!!!!!
End Function At a high level, complete the following steps to add a custom script: 370.Create the script based on the template. 371.Place the script in the \Distribution\Scripts folder. 372.Create an application in Deployment Workbench that references this script. 373.Add the application to the build-task sequence. Follow these guidelines when creating a script: •
Always declare variables.
•
Only create objects where required, because MDT 2008 includes most objects that are needed.
•
Verify that the ZTIUtility provides the functionality required before writing a function.
•
Script names should always start with a Z, because MDT 2008 replicates only those scripts beginning with Z to other deployment points.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Listing 2 shows an example of a script that checks for an Encrypting File System (EFS) key and beta 2007 Microsoft Office system code on the target computer. Listing 2. Script to Check for EFS Keys or Beta Versions of the 2007 Office System <job id="LTIGetFolder"> <script language="VBScript" src="ZTIUtility.vbs"/> <script language="VBScript" src="WizUtility.vbs"/> <script language="VBScript"> ' //*************************************************************** ************ ' // ' // Microsoft IT Verify ' // ' // Verify that the local machine is ready for installation.... ' // ' // Checks to see if you have any EFS Keys, or a beta version of Office 2007 ' // ' //*************************************************************** ************ Option Explicit '//--------------------------------------------------------------------------'// Main routine '//--------------------------------------------------------------------------Dim iRetVal On Error Resume Next iRetVal = ZTIProcess ProcessResults iRetVal On Error Goto 0
'//-------------------------------------------------------------------------'// '// Function: ZTIProcess() '// Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
15
'// Input: None '// '// Return: Success - 0 '// Failure - non-zero '// '// Purpose: Perform main ZTI processing '// '//-------------------------------------------------------------------------Function ZTIProcess() dim CheckForEFS, sError ZTIProcess = Success If oEnvironment.Item("DeploymentType") = "UPGRADE" then ' -------------------------------------------------------' Check for EFS keys in the registry. On Error Resume Next CheckForEFS = empty CheckForEFS = oShell.RegRead("HKCU\Software\Microsoft\Windows NT\CurrentVersion\EFS\CurrentKeys\CertificateHash") On Error goto 0 if not isempty(CheckForEFS) then sError = "Warning: Please backup your EFS certificate." & vbNewLine & "More info: http://go.microsoft.com/fwlink/?LinkId=79038" oLogging.CreateEntry sError, LogTypeWarning if MsgBox(sError & vbNewLine & "Press OK to continue", vbOKCancel) = vbCancel then ZTIProcess = Failure exit function end if end if ' -------------------------------------------------------' Ensure there are no old versions of Microsoft Office 2007 on the local machine. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
if HasOldOffice then sError = "Warning: Please Manually remove all Beta Office 2007 Components." oLogging.CreateEntry sError, LogTypeWarning if MsgBox(sError & vbNewLine & "Press OK to continue", vbOKCancel) = vbCancel then ZTIProcess = Failure exit function end if end if end if ZTIProcess = Success End Function
Function HasOldOffice DIM oApplications, oApplication DIM sQuery ' Enumerate through all applications installed on the local machine, Looking for pre-RTM Office versions. sQuery = "(Name LIKE 'Microsoft Office%2007' or Name LIKE 'Microsoft Expression Web') and Version <> '12.0.4518.1014'" set oApplications = objWMI.ExecQuery("SELECT * FROM Win32_Product WHERE " & sQuery) HasOldOffice = oApplications.Count > 0 for each oApplication in oApplications ' Filter out MUI and Proof Packages if instr(1, oApplication.Name, "MUI", vbTextCompare ) = 0 and instr(1, oApplication.Name, "Proof", vbTextCompare ) = 0 then
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Image Customization Guide: Script Use in MDT 2008
17
oLogging.CreateEntry "Old version of: '" & oApplication.Name & "' = " & oApplication.Version , LogTypeWarning end if next end function
To add a custom script to a task sequence 374.Open Deployment Workbench, and then expand Distribution Share. 375.Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Properties. 376.Click the Task Sequence tab. 377.Click Add, click General, and then click Run Command Line. Select the script to run in the task sequence by adding it to the Command Line box. Leave Start in blank, and then click OK to complete the procedure. Note To avoid excessive use of the Up and Down buttons to move the application installation task, select the appropriate section in the task sequence, and then add the task.
After completing this process, Deployment Workbench updates the TS.xml file with the changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
WM I Que ri es The Task Sequencer can filter tasks and groups based on WMI queries, which provide an efficient means to retrieve object instances or data about a computer. Use WMI Query Language (WQL), where the query string defines the specific data resulting in a successful match. For example, use a WMI query to query and return values of all the instances of a specific class. For more information about WQL, see “Querying with WQL” at http://msdn2.microsoft.com/en-us/library/aa392902.aspx. To add a WQL query to the Conditions list 378.On the Options tab, click Add, Query WMI to display the Task Sequence WMI Condition dialog box. 379.In the WMI namespace box, type the WMI namespace in which to run the query. The default namespace is root\cimv2. 380.In the WQL query box, type the WQL query. If the query returns at least one row, it evaluates to True. If it returns zero rows, it evaluates to False. Listing 3 shows an example of a WQL query that verifies at least one local fixed disk exists. Listing 3. Example of WMI Query that Verifies at Least One Local Fixed Disk Exists SELECT DeviceID FROM Win32_LogicalDisk WHERE MediaType = 12
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom iz ing A ct ions This section describes the customizable actions available for disks, network configuration, and role configuration in Deployment Workbench and System Center Configuration Manager. Using these customizations, multiple disks can be created in a task sequence and the network configuration information can be retrieved and input into the image. One reason these new capabilities are important is that the common use of larger hard disks on most new systems combined with a desire to separate data and operating system partitions brings a real need for disk management and customization. Deployment Workbench and System Center Configuration Manager gain feature parity in both disk configuration and network configuration. Another problem that has been seen in many environments is that they do not support Dynamic Host Configuration Protocol (DHCP) and thus need granular control of assigning static IP addresses. The new networking customizations give that necessary ability across the tools in a similar manner. This fixes the problems that administrators have seen with static addresses in Windows PE, as well.
Deployment Workbench Customizations Any of the task sequences used for LTI deployments and to build master images can be customized in the manner mentioned previously.
Disk Customization The primary interest in disk customization is expressed by the need for multiple partitions, typically to create secondary partitions for storing data. Custom disk partitions are only supported in New Computer scenarios, and MDT 2008 still installs the operating system to Disk 0 Partition 1 for all Windows operating systems. Automated imaging that expects to have free reign over the drive configuration is either unable to deal with such a partition in an automated fashion or fails its deployment because of this type of configuration. In addition, having coherent drive assignments when using Windows PE versus under the operating system proper has presented problems. As an example of these capabilities, this section shows how to modify the existing Format and Partition Disk action, which is part of the default LAB task sequence: 381.In Deployment Workbench, go to the Task Sequences node. 382.Right-click an operating system task sequence (such as the default LAB task sequence), and then click Properties. 383.Click the Task Sequence tab. Then, select Preinstall\New Computer Only\Format and Partition Disk. The Properties tab shows that the disk is laid out as a single primary partition with the label OSDisk. In addition, the drive is formatted as an NTFS file system.
20
MSDN 2.0
384.Click the description in the Volume box, and then click the Edit icon (the icon that shows a hand with a picture of a notepad). The Partition Properties dialog box appears. 385.To illustrate the possibilities, change the Use a percentage of remaining free space setting from the default 100% to 50%, and then click OK. 386.Click New settings (the star icon), complete the dialog box as follows, and then click OK: •
Partition name: Data
•
Partition type: Primary
•
Use a percentage of remaining free space: 50%
•
File system: NTFS
387.Select the Quick format check box. 388.Click Apply to save the changes to this task sequence. With this kind of control over the partitioning of the disk, imaging with MDT 2008 can be easily configured as needed.
Network Customization In a similar fashion to additional settings for disk configuration, the network-customization features offer increased capabilities. To modify network settings in Windows PE 389.In Deployment Workbench, go to Task Sequences. 390.Right-click an operating system task sequence, and then click Properties. 391.Click the Task Sequence tab. Then, select Preinstall\Gather Local Only. 392.Click Add, click Settings, and then click Apply Network Settings. 393.On the Properties tab in the right pane, click the yellow star to add new network settings. 394.In the Network Settings dialog box, on the General tab, type the name of the network adapter type. (This name should be one of the known network adapters on the computer—for example, Broadcom.) 395.Select Use the following IP address. Then, click the yellow star in the Network Settings group, complete the dialog box as follows, and click Add: •
IP Address: 10.10.10.100
•
Subnet mask: 255.255.248.0
396.Click the yellow star in the Gateway Settings group, type the IP address 10.10.10.1, and then click OK. 397.Click the DNS tab, and then select Use the following DNS Servers. Click the yellow star, type 10.10.10.200, and then click Add. In the DNS Suffix field, type woodgrove.com, and then click OK to save these settings. 398.Click Apply to save these task sequence settings. These are just a few of the configuration capabilities available for both disk and network configurations as part of the image-customization features.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
System Center Configuration Manager Customizations Disk customizations and network customizations can be made in System Center Configuration Manager.
Disk Customization Add and remove customized disk actions within a task sequence to meet specific organizational requirements for images. To add disk customizations in System Center Configuration Manager 399.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 400.Right-click the task sequence from the details pane, and then click Edit. 401.On the Sequence Editor tab, click Add, click Disks, select from the following options, and then click OK: Format and Partition Disk: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
In the Disk number box, type the disk to be formatted. The first disk number is 0.
•
From the Disk Type list, select MBR (Master Boot Record) or GPT (globally unique identifier [GUID] Partition Table) according to the type of partitioning system to be used. (For more information on MBR and GPT, see “Partition styles” at http://technet2.microsoft.com/windowsserver/en/library/4b35160a-4e27-42589e8b-e2088f8a757a1033.mspx).
•
Click New to create a new partition in the disk. Follow the directions in the Partition Properties dialog box.
Convert Disk to Dynamic: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
In the Disk number box, type the disk to be converted. The first disk number is 0. (For more information, see “Basic and Dynamic Disks” at http://msdn2.microsoft.com/en-us/library/aa363785.aspx.)
Enable BitLocker: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
Select Current operating system drive to encrypt the operating system drive, or select Specific drive to encrypt any other drive. (For more information on Windows BitLocker™ Drive Encryption, see the Windows Vista Products page at http://www.microsoft.com/windows/products/windowsvista/features/details/bitlock er.mspx.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
MSDN 2.0
Disable BitLocker: •
In the Name box, type a name for this task.
•
In the Description box, type an optional description.
•
Select Current operating system drive to encrypt the operating system drive, or select Specific drive to encrypt any other drive.
To remove disk customizations from a System Center Configuration Manager task sequence 402.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 403.Right-click the task sequence from the details pane, and then click Edit. 404.On the Sequence Editor tab, click one of the following options in the left pane, click Remove, and then click Yes when prompted: •
Format and Partition Disk
•
Convert Disk to Dynamic
•
Enable BitLocker
•
Disable BitLocker
Network Customization Add and remove customized network actions in a task sequence to meet specific organizational requirements for images. To add network customizations in System Center Configuration Manager 405.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 406.Right-click the task sequence from the details pane, and then click Edit. 407.On the Sequence Editor tab, click Add, and then click Settings. Select from the following options, and then click OK: Capture Network Settings: •
Select Migrate domain and workgroup membership to maintain the current domain and workgroup settings of the target computer in the new operating system installation.
•
Select Migrate network adapter configuration to maintain the current network adapter settings of the target computer in the new operating system installation.
Capture Windows Settings: •
Select Migrate computer name to maintain the current computer name of the target computer after the new operating system installation.
•
Select Migrate registered user and organization names to maintain the current user and organization names used in the target computer in the new operating system installation.
•
Select Migrate Timezone to maintain the current time zone used in the target computer in the new operating system installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
23
Apply Network Settings: •
Use this option to set the domain or workgroup configuration for the new operating system installation.
Apply Windows Settings: •
Use this option to set the user, company name, and licensing information for the new operating system installation.
To remove network customizations in System Center Configuration Manager 408.In the Configuration Manager console console tree, go to Computer Management/Operating System Install Packages. 409.Right-click the task sequence from the details pane, and then select Edit. 410.On the Sequence Editor tab, click one of the following options in the left pane, click Remove, and then click Yes when prompted: •
Capture Network Settings
•
Capture Windows Settings
•
Apply Network Settings
•
Apply Windows Settings
Microsoft® Deployment Toolkit 2008 Microsoft Deployment Toolkit Management Pack
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Solution Accelerators
MSDN 2.0
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack
xxv
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, SQL Server, Visual Basic, Windows, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Micr oso ft Depl oymen t T oolk it Mana gement Pac k The Microsoft® Deployment Toolkit (MDT) 2003 Management Pack (Management Pack) monitors the status of the MDT 2008 process, including automated deployment by using Lite Touch Installation (LTI), Microsoft System Center Configuration Manager 2007, and Microsoft Systems Management Server (SMS) 2003 operating system deployment processes. By detecting and alerting on and critical events and performance indicators, this Management Pack reduces the time required to resolve issues in deployments that MDT 2008 automates. As a result, when client computers are deployed using these methods, the Management Pack reduces the total cost of ownership (TCO). Note In addition to the reports in this Management Pack, the Microsoft System Center Operations Manager 2007 Operations Console or Web Console can be used to help resolve alerts, view events, view computer attributes, and so on.
Document Version This documentation was released in July 2008.
Get the Latest Management Pack and Management Pack Documentation The latest version of this Management Pack and the Management Pack documentation is included in the MDT 2008 .msi file. To obtain the latest version of this file, go to Solution Accelerators at http://microsoft.com/technet/SolutionAccelerators.
What’s New The Management Pack has been significantly updated and improved. Key improvements include: •
Full support of the System Center Operations Manager health model and other features. Note
The Management Pack is not compatible with Microsoft Operations Manager 2005.
•
Developed completely as a Microsoft .NET application (instead of Microsoft Visual Basic® scripts).
•
Writes tracing information to assist in debugging.
•
A service that runs on a Windows®-based computer and that collects monitoring information, then stores the information in the Operations Manager database.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2
Microsoft Deployment Toolkit 2008
•
A wizard to assist in deploying and configuring the service.
•
Collection of MDT 2008 events from multiple EventShare locations, including local folders or shared network folders.
•
Collection of status messages from multiple computers running either Systems Management Server or System Center Configuration Manager.
•
All MDT 2008 warning and error events generate alerts in System Center Operations Manager.
•
Performance counters that include: •
%Complete. Percentage of completion of a computer in the MDT 2008 deployment process
•
Is Active. Identifying as Active the deployment status of a computer in the MDT 2008 deployment process
•
Has Failed. Identifying as Failed the deployment status of a computer in the MDT 2008 deployment process
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Micr oso ft Depl oymen t T oolk it Mana gement Pack: Ge tt ing Sta r ted Before importing the Microsoft Internet Information Services (IIS) Management Pack for Microsoft Windows 2000 Server or Windows Server® 2003, evaluate the organization’s monitoring requirements for IIS.
Before Importing the Management Pack Before importing the Management Pack, evaluate the organization’s monitoring requirements for MDT 2008. During the Planning Phase, monitoring expectations can be clarified, escalation procedures defined, and the import and configuration of the Management Pack optimized.
Files to Download To monitor MDT 2008, download the Microsoft Deployment Toolkit Management Pack, which is a part of the MDT 2008 download. The Management Pack is contained in the MDT 2008 .msi file; it is installed in the Management Pack folder, which resides in the same folder in which MDT 2008 was installed.
Other Requirements The Management Pack has dependencies on the Management Packs that are installed by default with a System Center Operations Manager Management Server. Important Most optional Management Packs have dependencies on some of the default Management Packs. Therefore, do not remove the default Management Packs from a System Center Operations Manager Management Group. In case of removal, import the default Management Packs from the System Center Operations Manager installation directory.
Optional Management Packs To keep the MDT 2008 environment running smoothly and with high availability, maintain the overall health of the information technology (IT) environment. The overall health includes components specific to MDT 2008 along with components for the network, computer hardware, operating systems, and applications. It is a best practice to import the Management Packs for the operating systems, products, and technologies that are part of the MDT 2008 infrastructure. Although the Microsoft Deployment Toolkit Management Pack does not require these other Management Packs, they can help ensure the end-to-end availability and performances of the MDT 2008 infrastructure.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
To provide end-to-end monitoring of the MDT 2008 infrastructure, also consider deploying the Management Packs for the following elements (based on the environment): •
System Center Configuration Manager
•
Systems Management Server
•
Windows Server 2003
•
Windows Server 2008
•
IIS
•
Microsoft SQL Server® 2005
•
Active Directory® Domain Services (AD DS) management
•
Network hardware, such as routers Note Management Packs for hardware devices are provided by the manufacturer or third parties or can be created within the organization. For information about creating Management Packs, see the Microsoft System Center Operations Manager 2007 Management Pack Authoring Guide at http://go.microsoft.com/fwlink/?LinkId=82637.
Support for Agentless Monitoring The Management Pack gathers MDT 2008 information by using the Microsoft Deployment Management Pack Service. All features of the Management Pack are supported for agent-managed or agentless-managed systems.
Create the Service Account The Management Pack includes the Microsoft Deployment Management Pack Service, which collects events from shared folders on event collection servers, one or more System Center Configuration Manager databases, and one or more Systems Management Server databases. A domain-based user account must be created to be used as the identity for the Microsoft Deployment Management Pack Service. By default, the service runs with the LocalSystem identity. To use the LocalSystem identity to run the service, install the following elements on the same computer on which the service is installed: •
Shared folders that contain collected events, meaning that the computer is also an event-collection server
•
System Center Operations Manager
•
System Center Configurations Manager databases
•
Systems Management Server databases
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
5
To create the service account for the Microsoft Deployment Management Pack Service 411.Create a user account in AD DS by using Active Directory Users and Computers. For more information on how to create user account in AD DS in: •
Windows Server 2003, see “Create a new user account” in the Windows Server 2003 Help.
•
Windows Server 2008, see “Create a New User Account” in Windows Server 2008 Help.
412.Grant the user account created in the previous step the Log on as a service user right on the computer on which the Microsoft Deployment Management Pack Service will be installed by using the Local Security Policy Microsoft Management Console (MMC) snap-in. To configure the Log on as a service user right in: •
Windows Server 2003, edit the user right in Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment by using the Group Policy Object Editor. For more information, see “To edit the local Group Policy object” in Windows Server 2003 Help.
•
Windows Server 2008, edit the user right in Security Settings\Local Policies\User Rights Assignment by using the Local Security Policy MMC snap-in. For more information, see “Edit a Local Group Policy Object” in Windows Server 2003 Help.
Prepare the Event Collection Servers The MDT 2008 scripts write events to a shared folder on computers known as event collection servers. Specify the event collection servers by using the EventShare parameter in the CustomSettings.ini file. The EventShare parameter specifies a Universal Naming Convention (UNC) path to a shared folder in which the MDT 2008 scripts record events. The Microsoft Deployment Management Pack Service periodically collects the events from the event collection servers and creates corresponding events in the System Center Operations Manager database. The service enumerates the event collection servers configured in the Directories to Monitor setting in the Configure Management Pack Wizard to collect the events. To configure the event collection servers 413.Create the Events shared folder on the event collection servers. 414.Configure the Events shared folder permissions. 415.Configure the CustomSettings.ini file to use the appropriate event collection servers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Create the Events Shared Folder As the first step in configuring the event collection servers, create a shared folder in which to store the events. Typically, the event collection server is same server in which the user state migration data shared folder (MigData) and deployment logs shared folder (Logs) reside. For more information about these shared folders, see “Creating Additional Shared Folders” in the MDT 2008 documents, Preparing for LTI Tools, Preparing for Microsoft Systems Management Server 2003, and Preparing for Microsoft System Center Configuration Manager 2007. To create the Events shared folder 416.Identify an existing computer, or install a new computer as an event collection server. 417.Create a folder on the server identified in step 1 named EventsFolder (where EventsFolder is the name of a folder in which the log files reside), and then share the folder as Events. Note If the folder is created in any location other than C:\Events, modify the Generate ZTI Events and Discovery Data Management Pack rule to reference the location of the folder created.
Configure the Events Shared Folder Permissions After creating the Events shared folder, configure the appropriate shared folder permissions. Ensure that no unauthorized users can access user state migration information and the deployment logs. Only the computer creating the events should have access to these folders. To configure the shared folder permissions 418.In Windows Explorer, right-click EventsFolder (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), and then click Properties. 419.On the Security tab, click Advanced. 420.On the Permissions tab, clear the Allow inheritable permissions from the parent to propagate to this object and all child objects check box. 421.When the Remove when prompted to either Copy or Remove the permission entries that were previously applied from the parent dialog box appears, click Remove. 422.On the Permissions tab, click Add. 423.In the Enter the object name to select box, type Domain Computers, and then click OK. This action allows domain computers to create subfolders. 424.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), in the Apply onto list, select This folder only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
7
425.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), in the Permissions list, select Allow for the Create Files/Write Data permission, and then click OK. 426.Repeat steps 5–8, substituting Domain Users for Domain Computers. 427.On the Permissions tab, click Add. 428.In the Enter the object name to select box, type CREATOR OWNER, and then click OK. This action allows domain computers and domain users to access the subfolders they create. 429.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process and in which the log files reside), in the Apply onto list, select Subfolders and files only. 430.On the Permission Entry for EventsFolder dialog box (where EventsFolder is the name of the folder created earlier in the process, in which the log files are stored), in the Permissions list, select Allow for the Full Control permission, and then click OK. 431.Repeat steps 10–13 for the user account created as the identity for the Microsoft Deployment Management Pack Service, created earlier in the process. 432.Repeat steps 10–13 for each group to which administrative privileges will be granted. Note Examples of these groups include the credentials provided in the Systems Management Server or System Center Configuration Manager network access account and the credentials provided in the Windows Deployment Wizard.
The permissions set in these steps allow a computer to connect to the appropriate share and create a new folder in which to store user state information or logs, respectively. The folder permissions prevent other users or computers from accessing the data stored in the folder. Note The default permissions on the Systems Management Server or System Center Configuration Manager distribution point shares should provide the appropriate resource access by default.
Configure the CustomSettings.ini File Modify the CustomSetting.ini file in each respective image to include the appropriate values for the EventShare property (as show in Listing 1 and Listing 2). In the example in these listings, the [Default] section is used. However, the EventShare property could also be set in other sections (such as [DefaultGateway]). Listing 1. CustomSettings.ini File Before Adding the EventShare Values [Default] UDShare=\\NYC-AM-FIL-01\MigData SLShare=\\NYC-AM-FIL-01\Logs . . .
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Listing 2. CustomSettings.ini File After Adding the EventShare Values [Default] UDShare=\\NYC-AM-FIL-01\MigData SLShare=\\NYC-AM-FIL-01\Logs EventShare=\\NYC-AM-FIL-01\Events . . . Note For more information about adding the event collection servers, see “Manage the List of Event Collection Server Folders” later in this document.
Configure the OSDNewMachine Property When monitoring deployments performed by using Systems Management Server with MDT 2008, configure the OSDNewMachineName property in CustomSettings.ini and Bootstrap.ini. The value for the OSDNewMachineName should be set to the name of the target computer. If the OSDNewMachineName property is not configured, status messages from the Management Pack are displayed with Media Access Control (MAC) address, in addition to messages with the computer name. Configuring a value for the OSDNewMachineName property ensures only one entry is displayed for each status message. For more information on the OSDNewMachineName property, see “OSDNewMachineName” in the MDT 2008 document, Toolkit Reference.
Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases To collect status messages from the System Center Configuration Manager and Systems Management Server databases, grant the identity of the Microsoft Deployment Management Pack Service Read access to the respective databases. Collecting the status messages from the databases is optional; however, additional information can be gained about the deployment process by collecting the status messages. The service reads these databases to process the status messages recorded in the respective databases. The service requires only Read access to the databases. Note If the environment only includes System Center Configuration Manager or Systems Management Server, perform only the steps for the product deployed in the environment. If managing the environment by using both products, perform the steps for both products. If no status messages will be collected from either product, skip this step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
9
To grant the service access to the System Center Configuration Manager database 433.Start Configuration Manager console. 434.In the console tree, go to Site Database/Security Rights, and then click Users. 435.In the Actions pane, click Manage ConfigMgr Users. 436.Complete the ConfigMgr User Wizard by using the information in Table 1. Table 1. Information for Completing the ConfigMgr User Wizard On this wizard page
Do this
Welcome to the ConfigMgr Click Next. User Wizard User Name
Click Add a new user. In Add a new user, type user_name (where user_name is the user name of the account created earlier in the process in the format domain\username) or click Browse to browse for a user account, and then click Next.
User Rights
Click Add another right or modify an existing one, and then click Next.
Add a Right
In Class, select Advertisement. In Instance, select (All Instances). In Permissions, select the Read check box. Click Next.
User Rights (second time)
Complete the previous two wizard pages for each of the following classes, substituting the classes for Advertisement: •
Collection
•
Package
•
Site
•
Status Message
When all rights are assigned, click The listed rights are sufficient, and then click Next. Summary
Click Finish.
Wizard Completed
Click Close.
437.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
To grant the service access to the Systems Management Server database 438.Start SMS Administrator Console. 439.In the console tree, expand Site Database. 440.Right-click Security Rights, point to All Tasks, and then click Manage SMS Users. 441.Complete the SMS User Wizard by using the information in Table 2. Table 2. Information for Completing the SMS User Wizard On this wizard page
Do this
Welcome to the SMS User Wizard
Click Next.
User Name
Click Add a new user. In Add a new user, type user_name (where user_name is the user name of the account created earlier in the process in the format domain\username) or click Browse to browse for a user account, and then click Next.
Rights
Click Add another right or modify an existing one, and then click Next.
Add a Right
In Class, select Advertisement. In Instance, select (All Instances). In Permissions, select the Read check box. Click Next.
Rights (second time)
Complete the previous two wizard pages for each of the following classes, substituting the classes for Advertisement: •
Collection
•
Package
•
Site
•
Status Message
When all rights are assigned, click The listed rights are sufficient, and then click Next. Completing the SMS User Wizard
Click Finish.
442.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
11
Grant the Service Access to the System Center Operations Manager SDK Service Grant the identity of the Microsoft Deployment Management Pack Service access to the System Center Operations Manager SDK Service. The service collects information from the shared folders on event collection servers, the System Center Configuration Manager database, and the Systems Management Server database. The service then sends the collected information to the SDK Service running on a Root Management Server or a Management Server in the System Center Operations Manager Management Group. To record collected information the System Center Operations Manager database, the identity of the Microsoft Deployment Management Pack Service must be a member of the System Center Operations Manager Administrator role for the Management Group. Add the user account created earlier in the process to the System Center Operations Manager Administrator role in the System Center Operations Manager Operations Console. To grant the service access to the System Center Operations Manager SDK Service 443.In Operations Console, click Administration. 444.In the Administration pane, go to Administration/Security, and then click User Roles. 445.In the User Roles pane, right-click Operations Manager Administrators, and then click Properties. 446.In the Operations Manager Administrators – User Role Properties dialog box, on the General tab, click Add. 447.On the Select User or Groups page, type user_name (where user_name is the name of the user account created earlier in the process to be used as the identity of the Microsoft Deployment Management Pack Service), and then click OK. 448.In the Operations Manager Administrators – User Role Properties dialog box, click Apply, and then click OK. 449.Close all open windows and dialog boxes.
Import the Microsoft Deployment Toolkit Management Pack To import the Microsoft Deployment Toolkit Management Pack, import the Deployment.4.Managment.Pack.xml file in the ManagementPack folder beneath which MDT 2008 was installed (by default, C:\Program Files\Microsoft Deployment Toolkit\ManagementPack). For information about importing Management Packs, see the “About the Management Packs Node in Operations Manager 2007” topic in System Center Operations Manager Help.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Install the Microsoft Deployment Management Pack Service The Management Pack includes a new Microsoft Deployment Management Pack Service that must be installed and configured on a computer. Install the Microsoft Deployment Management Pack Service on a computer that is: •
A System Center Operations Manager Management Server. This computer can be a Root Management Server or a Management Server.
•
Not a System Center Operations Manager Management Server. This computer can be any other computer in the environment, such as one of the event collection servers or on the deployment server on which MDT 2008 is installed.
Perform the following steps to install the Microsoft Deployment Management Pack Service 450.If installing the service on a computer other than a Management Server, install version 3.0 of the Microsoft .NET Framework. Note To download and for information on how to install version 3.0 of the Microsoft .NET Framework, see “Microsoft .NET Framework 3.0 Redistributable Package” at http://www.microsoft.com/downloads/details.aspx?FamilyID=10CC340B-F857-4A14-83F525634C3BF043&displaylang=en.
451.Install MDT 2008 on the Management Server. Note For more information on installing MDT 2008, see the section, “Installing MDT 2008,” in the MDT 2008 document, Getting Started Guide.
452.Ensure that no other program is running on the computer. 453.Click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 454.On the General Settings page, in Management Server Name, type computer_name (where computer_name is the name of the computer that is a System Center Operations Manager Management Server). 455.On the General Settings page, in Directories to Monitor, type UNC_Paths (where UNC_Paths are the UNC paths to all the event collection servers created earlier in the process, separated with commas). 456.On the General Settings page, click Set. Note If no service account was created earlier in the process and the service will be run with the LocalSystem identity, skip this step.
The Windows User Account dialog box opens. Complete the dialog box by performing the following steps: d. In the Windows User Account dialog box, in User name, type user_name (where user_name is the user name of the user account created earlier in the process to be used as the identity for the service). e. In the Windows User Account dialog box, in Password and Confirm password, type password (where password is the password for the user account), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Getting Started
13
457.On the General Settings page, click Next. 458.On the SMS/ConfgMgr Database page, click Add New. Note If no status messages will be collected from System Center Configuration Manager or Systems Management Server databases, skip this step.
A dialog box opens. Complete the dialog box by performing the following steps: a. In SQL Server name, type server_name (where server_name is the name of the computer on which the System Center Configuration Manager or Systems Management Server database resides). b. In Database, type database (where database is the name of the System Center Configuration Manager or Systems Management Server database), and then click OK. 459.Repeat step 9 for each System Center Configuration Manager or Systems Management Server database to be added. 460.On the SMS/ConfgMgr Database page, click Next. The Summary wizard page is displayed. The status of the installation and the configuration of the Microsoft Deployment Management Pack Service is displayed. This process can take a few minutes. If an error occurs: •
During the configuration process, view the contents of the Microsoft.BDD.MPService.InstallLog and Microsoft.BDD.MPService.InstallState files in the %Program Files%\Microsoft Deployment Toolkit\ManagementPack folder.
•
Starting the Microsoft Deployment Management Pack Service, view the contents of the Microsoft.BDD.MPService.log.txt file in the %Program Files%\Microsoft Deployment Toolkit\ManagementPack folder.
461.On the Summary wizard page, click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Uninstall the Microsoft Deployment Management Pack Service The Microsoft Deployment Management Pack Service can be uninstalled if the service is no longer needed. Optionally, remove any monitoring information collected by the service from the Operations Manager database. During the uninstall process, the Microsoft Deployment Management Pack Service is stopped and then removed from the list of installed services. Note: After the service is uninstalled, events are still collected and stored on the Events shared folder.
To uninstall the Microsoft Deployment Management Pack Service 462.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 463.On the General Settings page, click Remove the MDT Management Pack Service. 464.To remove the monitoring information collected by the service, select the Remove MDT Computers from System Center Operations Manager console check box. Note: If the Remove MDT Computers from System Center Operations Manager console check box is not selected, then existing monitoring information is retained in the Configuration Manager database.
465.Click Next. The Summary page appears and the status bar indicates the progress of the uninstall process. 466.On the Summary page, click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Micr oso ft Depl oymen t T oolk it Mana gement Pack: Op ti onal Con figu r ation After installing the Microsoft Deployment Management Pack Service, changes may be needed for the configuration of the service. Make changes to the configuration by running the Configure Management Pack Wizard or by making changes directly in the Microsoft.BDD.MPService.exe.config file. The Microsoft.BDD.MPService.exe.config file is located in the %ProgramFiles%\Microsoft Deployment Toolkit\ManagementPack folder. After making changes to the configuration of the service, restart the service for the changes to take effect.
Configure the Management Server That the Service Uses Specify the System Center Operations Manager Management Server that the Microsoft Deployment Management Pack Service uses. The service updates the System Center Operations Manager database by using the SDK Service running on the Management Server. To configure the Management Server that the service uses by using the Configure Management Pack Wizard 467.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 468.On the General Settings page, in Management Server Name, type computer_name (where computer_name is the name of the System Center Operations Manager Management Server), and then click Next. 469.On the SMS/ConfgMgr Database page, click Next. 470.On the Summary page, click Finish. 471.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
To configure the Management Server that the service uses by directly modifying the Microsoft.BDD.MPService.exe.config file 472.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and then open the Microsoft.BDD.MPService.exe.config file. 473.Modify the ManagementServerName attribute as follows:
Manage the List of Event Collection Server Folders The Microsoft Deployment Management Pack Service collects events from shared folders on the event collection servers. MDT 2008 writes the events to the event collection servers. Configure the list event collection server folders anytime an event collection server is added or removed. If an event collection server folder is added or removed from this list, update the CustomSettings.ini file as well to reflect the changes. To configure the list of event collection server folders by using the Configure Management Pack Wizard 476.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 477.On the General Settings page, in Directories to Monitor, type UNC_Paths (where UNC_Paths are the UNC paths to all the event collection servers created earlier in the process, separated with commas), and then click Next. 478.On the SMS/ConfgMgr Database page, click Next. 479.On the Summary page, click Finish. 480.Restart the Microsoft.BDD.MPService service. To configure the list of event collection server folders by directly modifying the Microsoft.BDD.MPService.exe.config file 481.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and then open the Microsoft.BDD.MPService.exe.config file. 482.Modify the MonitoringFoldersList attribute as follows:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
17
Modify the Duration for Detecting Hung Computers The Microsoft Deployment Management Pack Service detects computers on which the deployment process has halted, also known as hung computers. The service detects hung computers by determining how long it has been since a computer last received a status update from the computer. The service compares the length of time: If the length of time is greater than the value in Hang Time, the computer is identified as a hung computer. When the Microsoft Deployment Management Pack Service identifies a hung computer, the service generates hung computer events for that computer. If the service has not received a status update from a computer for eight hours or longer, it identifies the computer as inactive and no longer generates hung computer events. The eight-hour cutoff time for hung computer detection is imbedded in the service and cannot be configured. Tip Configure the total length of time for the values in Idle Time and Hang Time to be less than eight hours (Idle Time + Hang Time < 8 hours). This ensures that the Microsoft Deployment Management Pack Service accurately generates hung computer events.
To configure the duration for detecting hung computers by using the Configure Management Pack Wizard 485.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 486.On the General Settings page, in Hang Time, type hang_time (where hang_time is the length of time in minutes to wait before determining that the deployment process is halted; the default value is 60 minutes), and then click Next. 487.On the SMS/ConfgMgr Database page, click Next. 488.On the Summary page, click Finish. 489.Restart the Microsoft.BDD.MPService Service. To configure the duration for detecting hung computers by using directly modifying the Microsoft.BDD.MPService.exe.config file 490.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 491.Modify the HungComputersThreshold attribute as follows:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Modify the Duration for Removing Monitored Computers After Deployment Is Complete The Microsoft Deployment Management Pack Service can automatically remove computer objects from the System Center Operations Manager database after the computer completes deployment. The service determines when to remove monitored computers by determining how long it has been since a computer completed deployment. The service compares the length of time since the computer completed deployment: If the length of time is greater than the value in Cleanup Time, the computer is removed from the System Center Operations Manager database. To configure the duration for removing monitored computers after deployment is complete by using the Configure Management Pack Wizard 494.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 495.On the General Settings page, in Cleanup Time, type cleanup_time (where cleanup_time is the length of time in days to wait before removing a monitored computer that has completed deployment; the default value is 1 day), and then click Next. 496.On the SMS/ConfgMgr Database page, click Next. 497.On the Summary page, click Finish. 498.Restart the Microsoft.BDD.MPService Service. To configure the duration for removing monitored computers after deployment is complete by directly modifying the Microsoft.BDD.MPService.exe.config file 499.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 500.Modify the CleanupComputersThreshold attribute as follows:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
19
Modify the Duration for Collecting New Monitoring Information The Microsoft Deployment Management Pack Service collects monitoring information from shared folders on event collection servers, one or more System Center Configuration Manager databases, or one or more Systems Management Server databases. The frequency with which the service collects monitoring information from these sources can be configured by changing the value in Idle Time. The Idle Time value specifies the length of time in minutes that the service waits between collecting monitoring information. The service compares the length of time since the monitoring information was collected: If the length of time is greater than the value in Idle Time, the service collects monitoring information from all the sources. Tip Configure the total length of time for the values in Idle Time and Hang Time to be less than eight hours (Idle Time + Hang Time < 8 hours). This ensures that the Microsoft Deployment Management Pack Service accurately generates hung computer events.
To configure the duration for collecting new monitoring information by using the Configure Management Pack Wizard 503.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 504.On the General Settings page, in Idle Time, type idle_time (where idle_time is the length of minutes in days to wait before collecting monitoring information; the default value is 5 minutes), and then click Next. 505.On the SMS/ConfgMgr Database page, click Next. 506.On the Summary page, click Finish. 507.Restart the Microsoft.BDD.MPService Service. To configure the duration for collecting new monitoring information by directly modifying the Microsoft.BDD.MPService.exe.config file 508.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 509.Modify the IdleTime attribute as follows:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
Change the Management Pack Service Log File Location and Name The Microsoft Deployment Management Pack Service writes information to a log file that can be used to diagnose potential problems with the service. The location and file name for the log file can be changed from the default of C:\Microsoft.BDD.MPService.Log.txt. To configure the Microsoft Deployment Management Pack Service log file location and name by using the Configure Management Pack Wizard 512.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 513.On the General Settings page, in Log File, type path\filename (where path is the fully qualified path to the folder in which to store the log file and filename is the name of the log file; the default value is C:\Microsoft.BDD.MPService.Log.txt), and then click Next. 514.On the SMS/ConfgMgr Database page, click Next. 515.On the Summary page, click Finish. 516.Restart the Microsoft.BDD.MPService Service. To configure the Microsoft Deployment Management Pack Service log file location and name by directly modifying the Microsoft.BDD.MPService.exe.config file 517.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 518.Modify the LogFilePath attribute as follows:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
21
Change the Identity That the Microsoft Deployment Management Pack Service Uses The Microsoft Deployment Management Pack Service runs in the security context of the identity specified in the value in Logon Account. To change the account to a new account or change the password of an existing account, use the Configure Management Pack Wizard or directly modify the service in the Services MMC snap-in. If the identity that the service uses is changed to a new account, also grant the new account: •
Permissions to the shared folders on all the event collection servers. For more information, see the section, “Prepare the Event Collection Servers,” in this document.
•
Access to the System Center Configuration Manager and Systems Management Server databases. For more information, see the section, “Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases,” in this document.
•
Access to the SDK Service in System Center Operations Manager. For more information, see the section, “Grant the Service Access to the System Center Operations Manager SDK Service,” in this document.
To configure the identity that the Microsoft Deployment Management Pack Service uses by using the Configure Management Pack Wizard 521.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 522.On the General Settings page, click Set. The Windows User Account dialog box opens. Fill out the Windows User Account dialog box by completing the following steps: a. In the Windows User Account dialog box, in User name, type user_name (where user_name is the user name of the user account created earlier in the process to be used as the identity for the service). b. In the Windows User Account dialog box, in Password and Confirm password, type password (where password is the password for the user account), and then click OK. 523.On the SMS/ConfgMgr Database page, click Next. 524.On the Summary page, click Finish. 525.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
To configure the identity that the Microsoft Deployment Management Pack Service uses by using the Services MMC snap-in 526.On the computer on which the service is installed, click Start, point to Administrative Tools, and then click Services. 527.In the Services console, in the details pane, right-click Microsoft.BDD.MPService, and then click Properties. 528.In the Microsoft.BDD.MPService Properties dialog box, on the Log On tab, click This account. 529.In This account, type user_name (where user_name is the user name of the user account created earlier in the process to be used as the identity for the service) or click Browse to locate the user. 530.Restart the Microsoft.BDD.MPService Service.
Manage the List of System Center Configuration Manager or Systems Management Server Databases The Microsoft Deployment Management Pack Service can collect status messages from one or more System Center Configuration Manager and Systems Management Server databases. Collecting the status messages from the databases is optional; however, additional information can be gained about the deployment process by collecting the status messages. The service reads these databases to process the status messages recorded in the respective databases. The service requires only Read access to the databases. If a new database is added to the list, grant the service access to the database. For more information, see the section, “Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases,” in this document. To configure the list of databases by using the Configure Management Pack Wizard 531.On the computer on which the service is installed, click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure Management Pack. The Configure Management Pack Wizard starts. 532.On the General Settings page, click Next. 533.On the SMS/ConfgMgr Database page, perform one of the management tasks listed in Table 3.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
23
Table 3. Management Pack Reports To perform this task Add a new database connection
Do this On the SMS/ConfgMgr Database page, click Add New. A dialog box opens. Fill in the dialog box by completing the following steps 534.In SQL Server name, type server_name (where server_name is the name of the computer where the System Center Configuration Manager or Systems Management Server database is stored). 535.In Database, type database (where database is the name of the System Center Configuration Manager or Systems Management Server database), and then click OK.
Modify an existing database connection
On the SMS/ConfgMgr Database page, in the Add new or Remove existing SQL connection strings for SMS Server 2003/SCCM Server list, click connection_string (where connection_string is the connection string to remove), and then click Edit. A dialog box opens. Fill in the dialog box by completing the following steps 536.In SQL Server name, type server_name (where server_name is the name of the computer on which the System Center Configuration Manager or Systems Management Server database resides). 537.In Database, type database (where database is the name of the System Center Configuration Manager or Systems Management Server database), and then click OK.
Remove an existing database connection
On the SMS/ConfgMgr Database page, in the Add new or Remove existing SQL connection strings for SMS Server 2003/SCCM Server list, click connection_string (where connection_string is the connection string to remove), and then click Remove.
538.On the SMS/ConfgMgr Database page, click Next. 539.On the Summary page, click Finish. 540.Restart the Microsoft.BDD.MPService Service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
To configure the list of databases by directly modifying the Microsoft.BDD.MPService.exe.config file 541.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 542.Modify the ConnectionString2008129205519 attribute as follows:
Configur e R etention of Files After Pr ocessing
the .tmp
The Microsoft Deployment Management Pack Service processes .tmp files stored in the shared folders on event collection servers. The service can: •
Delete these files after processing.
•
Move the processed files to the Processed folder.
To retain the processed .tmp files, configure the service to move the processed files to the Processed folder. Otherwise, the .tmp files will be deleted as they are processed. Typically, the.tmp files would be retained to help diagnose problems with collecting status from computers during the deployment process. To configure this feature, modify the PreserveFiles attribute in the Microsoft.BDD.MPService.exe.config file. The default value is No, which indicates that the .tmp files are deleted after they are processed. Change this value to Yes to preserve the .tmp files by moving them to the Processed folder. Note: If the.tmp files will be retained by moving them to the Processed folder, the files must be manually when they are no longer necessary.
To configure retention of the .tmp files by directly modifying the Microsoft.BDD.MPService.exe.config file 545.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and open the Microsoft.BDD.MPService.exe.config file. 546.Modify the PreserveFiles attribute as follows:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Optional Configuration
25
Configur e Fi ltering o f Ev ents Recor ded in the Oper ations Mana ger Da ta base The Microsoft Deployment Management Pack Service processes events, and then stores the events in the Operations Manager database. In some situations, specific events may be excluded from recording in the Operations Manager database. To prevent specific events from being recorded in the Operations Manager database, configure the service to exclude specific events by specifying the event IDs. Otherwise, all events are recorded. Typically, events that are unnecessary when troubleshooting any MDT 2008 deployment problems would be filtered. To configure this feature, modify the ExcludeEvents attribute in the Microsoft.BDD.MPService.exe.config file. The default value is an empty list, which indicates that all events will be recorded in the Operations Manager database. To exclude specific events from being recorded in the Operations Manager database, change this value to a list of the event IDs to be excluded. To configure the filtering of events recorded in the Operations Manager database by directly modifying the Microsoft.BDD.MPService.exe.config file 549.On the computer on which the service is installed, browse to install_folder\Management Pack (where install_folder is the fully qualified path to the folder in which MDT 2008 is installed), and then open the Microsoft.BDD.MPService.exe.config file. 550.Modify the ExcludeEvents attribute as follows (where ID_1, ID_2, and ID_3 are the IDs of the events to be excluded, separated by commas):
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Unde r stand ing the Mi cr oso ft Dep lo yment Toolk it 2003 Mana gement Pack The Microsoft Deployment Management Pack Service collects the data for MDT 2008. Figure 1 illustrates how the service collects the MDT 2008 event information and System Center Configuration Manager or Systems Management Server status.
Figure 1. Overview of the Microsoft Deployment Toolkit Management Pack Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Understanding the Management Pack
27
In Figure 1, the MDT 2008 process writes MDT 2008–related events in shared folders on the event collection servers. The System Center Configuration Manager or Systems Management Server client stores operating system and package deployment status in the System Center Configuration Manager or Systems Management Server database. The Microsoft Deployment Management Pack Service, which is installed and configured on the System Center Operations Manager Root Management Server, collects the MDT 2008–related events from the event collection servers as well as the operating system and the package deployment status from the System Center Configuration Manager or Systems Management Server database. Then, the Microsoft Deployment Management Pack Service stores the collected information in the Operations Manager database and Data Warehouse database.
Objects That the Microsoft Deployment Toolkit Management Pack Discovers The Management Pack does not perform object discovery. Instead, the Microsoft Deployment Management Pack Service collects event files from the event servers and status messages from System Center Configuration Manager or Systems Management Server. For each individual computer that records events to one of these sources, the service creates an MDT Computer object and populates the associated computer attributes listed in Table 6 (shown later is this document).
How Health Rolls Up The health of the MDT 2008 deployment process is reported to the computer. The state of the deployment rolls up to cause a computer to change its state to match the state of the deployment. For example, an unhealthy deployment status rolls up and changes the state of a healthy computer to unhealthy.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Viewing Information in the System Center Operations Manager Operations Console The Management Pack monitors the status of the computers that MDT 2008 deploys. View this monitoring information in the System Center Operations Manager Operations Console. The information that the Management Pack collects is divided into the views listed in Table 4. Table 4. Management Pack Views View
Description
Alerts
This view lists all the alerts that the Management Pack generates. All events that the Management Pack generates that have an event type of Error or Warning generate alerts. For more information on events with event types of Error or Warning, see the section, “Events,” later in this document.
Events
This view lists all the event files and status messages from Systems Management Server and System Center Configuration Manager that the Microsoft Deployment Management Pack Service processes. As soon as event files or status messages are processed, they appear in this view. For more information on the events that the Management Pack processes, see the section, “Events,” later in this document.
State View
This view lists all computers currently being deployed. The state is automatically set to: •
Successful, if no warnings or errors exist for the computer.
•
Warning, if one or more events with severity levels of Warning exist. The Warning state takes precedence over the Successful state.
•
Error, if one or more events with severity levels of Error exist. The Error state takes precedence over the Successful and Warning state.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Management Pack: Understanding the Management Pack
29
Reports Table 5 lists the reports included in this Management Pack. For each report, the date range for information displayed in the report can be specified. Note The Management Pack regularly purges information from the Operations Manager database as a normal part of Management Pack operation. For more information, see the section, “Modify the Duration for Removing Monitored Computers After Deployment Is Complete,” in this document.
Table 5. Management Pack Reports Report
Description
Deployment Status and Summary Report
Displays a summary of the computers with Active, Completed, Failed, and Inactive states. For each of these states, the summary can be expanded to display the list of individual computers that are in each respective state. For each individual computer, the report displays the computer name, percent complete, alert count, event count, and deployment duration.
Computer Details Report
Solution Accelerators
Displays three tables of information about a specific computer. The first table displays all the computer properties for the computer selected as described in Table 6, later in this document. The second table displays all the alerts generated by the selected computer. The third table displays all the events generated by the selected computer.
microsoft.com/technet/SolutionAccelerators
Tec hnica l Refer ence The following sections describe the technical characteristics of the Microsoft Deployment Toolkit Management Pack, including: •
Computer attributes.
•
Rules.
•
Events.
MDTComputer Class Attributes The Management Pack defines a new object class, MDTComputer, which is derived from the Microsoft.Windows.Computer base class in the Windows Core Library Management Pack. This allows the Microsoft Deployment Toolkit Management Pack to store additional attributes for each computer that the Microsoft Deployment Management Pack Service identifies. Because the MDTComputer class is derived class, the MDTComputer class inherits all the attributes of the Microsoft.Windows.Computer base class. Table 6 lists the MDTComputer class attributes that are in addition to the attributes defined in the Microsoft.Windows.Computer base class. All the values for these attributes are automatically populated through MDT 2008, System Center Configuration Manager, and Systems Management Server events. Table 6. MDTComputer Class Attributes Computer attributes
Description
MDT Advertisement ID
The System Center Configuration Manager advertisement ID that started the operating system deployment process.
MDT Asset Tag
The System Management BIOS (SMBIOS) asset tag of the computer (available only if Windows Management Instrumentation [WMI] is included in Windows Preinstallation Environment [Windows PE]). Some vendors might not populate this value (requires SMBIOS version 2.0 or later).
MDT Log Path
The UNC path to where the MDT log files that the MDT 2008 scripts created are stored.
MDT MAC Address 1
The MAC address of the first network adapter in the computer.
MDT MAC Address 2
The MAC address of the second network adapter in the computer (if present).
MDT MAC Address 3
The MAC address of the third network adapter in the computer (if present).
MDT MAC Address 4
The MAC address of the fourth network adapter in the computer (if present).
Template User Instructions
31
Computer attributes
Description
MDT MAC Address 5
The MAC address of the fifth network adapter in the computer (if present).
MDT Package ID
The System Center Configuration Manager package ID for this operating system deployment
MDT Phase
This is the name of the current phase, as last reported by the scripts. Valid values are: •
NEWCOMPUTER
•
OLDCOMPUTER
•
VALIDATION
•
STATECAPTURE
•
PREINSTALL
•
POSTINSTALL
•
STATERESTORE
MDT User Data Directory
The directory on the MDT User Data share (below) in which user state information that the Windows User State Migration Tool (USMT) creates should be stored. (This will be used only if there is not enough space on the local computer or if this is an “OldComputer.”)
MDT User Data Share
The UNC path where user state information that the USMT created should be stored. (This will only be used if there is not enough space on the local computer or if this is an “OldComputer”.)
MDT UUID
The SMBIOS universally unique identifier (UUID) value from the computer (populated by the manufacturer; requires SMBIOS version 2.1 or later).
Deployment Status
Indicates the current deployment status of the computer being deployed. It can have one of the following values: •
In Progress. Indicates that deployment is in progress
•
Failed. Indicates that deployment has failed
•
Complete. Indicates that deployment has successfully finished
Deployment Start Time
Indicates the time relative to coordinated universal time (UTC) when the deployment starts.
Deployment End Time
Indicates the time relative to UTC when the deployment finished successfully or failed. When a deployment begins, this value will be set to the time when the deployment started. When the deployment finishes or fails, the value will be updated to reflect the time the deployment finished or failed.
Number of Warnings
Indicates the total number of events with an event type of Warning that occurred during the deployment.
Number of Errors
Indicates the total number of events with an event type of Error that occurred during the deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
MSDN 2.0
Computer attributes
Description
Total Steps
Indicates the total number of steps in a task sequence. If the total number of steps were not specified in the discovery event, a default value of 100 is used.
Rules Table 7 lists the rules included in this Management Pack. Table 7. Management Pack Rules Rule
Description
Percent Complete
This performance counter rule determines the percentage of completion for a computer being deployed using MDT 2008.
Is Active
This performance counter rule reflects a computer that is actively in the process of being deployed using MDT 2008.
Has Failed
This performance counter rule reflects a computer that has failed during the process of being deployed using MDT 2008.
Generate alerts for Events with Severity = Warning
This event rule generates an alert for any events that have an event type of Warning.
Generate alerts for Events with Severity = Error
This event rule generates an alert for any events that have an event type of Error.
Events The Microsoft Deployment Management Pack Service processes only events for MDT 2008, status messages from System Center Configuration Manager, and status messages from Systems Management Server. Events for other software packages or advertisements in the event logs will be ignored.
MDT 2008–Related Events Table 8 lists the MDT 2008 component events that the Management Pack references. Table 8. MDT 2008 Component Events Processed by the Management Pack Event
Description
ID: Component: Type: Text:
41000 ZTIGather.wsf Informational Processing the %1 phase.
The script was started as part of the specified phase (%1).
ID: Component: Type: Text:
41001 ZTIUtility.vbs Informational %1 processing completed successfully
The script processing for the specified phase (%1) was successfully completed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event ID: Component: Type: Text:
33
Description 41002 ZTIUtility.vbs Error ZTI ERROR - Unhanded error returned by %1: %2 (%3)
An error occurred while running the scripts. This situation is not normal; further investigation is required to identify the cause of the error.
- or ZTI ERROR - Non-zero return code by %1, rc = &2 ID: Component: Type: Text:
41003 ZTIUtility.vbs Informational ZTI Heartbeat: command has been running for %1 minutes (process ID %2)
The scripts run some commands that may take a long time to finish (for example, the USMT state capture). The Zero Touch Installation (ZTI) script generates this event to indicate that it is still alive and monitoring the specified process.
ID: Component: Type: Text:
41004 ZTIUserState.wsf Informational ZTI Beginning user state estimate/capture
The scripts are going to start the USMT state capture process; waiting for it to finish.
ID: Component: Type: Text:
41005 ZTIUserState.wsf Informational ZTI Scanstate estimate was successful.
The USMT state capture process was successful.
ID: Component: Type: Text:
41006 ZTIUserState.wsf Warning/Error ZTI ERROR - Unable to run Scanstate, Error = %1 (%2)
The scripts encountered an error while running the USMT Scanstate command. See the usmtcapt.log file for more information.
- or ZTI ERROR - Non-zero return code from Scanstate, RC = %1 ID: Component: Type: Text:
41007 ZTIUserState.wsfInformational / Error ZTI Beginning user state restore
The scripts are going to start the USMT state restore process.
- or ZTI ERROR - Unable to run Loadstate, Error = %1 (%2) - or ZTI ERROR - Non-zero return code from Loadstate, RC = %1
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
MSDN 2.0
Event
Description
ID: Component: Type: Text:
41008 ZTIUserState.wsf Informational ZTI User state restored successfully
The USMT state restore process finished successfully.
ID: Component: Type: Text:
41011 ZTIPackages.wsf Informational ZTI Successfully installed %1:%2.
The scripts successfully installed the specified Systems Management Server package and program combination.
ID: Component: Type: Text:
41012 ZTIPackages.wsf Error/Warning ZTI ERROR - Unable to execute command: %1 (%2)
The scripts were unable to install the specified Systems Management Server package and program combination because of an error executing the command.
- or ZTI WARNING - Non-zero return code from command, rc = %1 ID: Component: Type: Text:
41013 ZTIUtility.vbs Error ZTI error opening SQL connection: %1
The scripts were unable to connect to the specified SQL Server database.
ID: Component: Type: Text:
41014 LiteTouch.wsfError LTI deployment failed, rc = %1
An LTI-based deployment failed.
ID: Component: Type: Text:
41015 LiteTouch.wsf Informational LTI deployment completed successfully
An LTI-based deployment finished successfully.
ID: Component: Type: Text:
41016 LiteTouch.wsf Informational LTI beginning deployment
An LTI-based deployment began.
ID: Component: Type: Text:
41017 LiteTouch.wsf Informational LTI initiating task sequencerequested reboot.
An LTI-based deployment initiated a task sequence–requested restart of the target commuter.
ID: Component: Type: Text:
41018 LTIApply.wsf Informational LTI applying Windows PE
An LTI-based deployment initiated the startup of Windows PE on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
35
Description
ID: Component: Type: Text:
41019 LTIApply.wsf Informational LTI Windows PE applied successfully
An LTI-based deployment successfully started Windows PE on the target computer.
ID: Component: Type: Text:
41020 LTIApply.wsf Informational LTI applying image %1 using SETUP.EXE
An LTI-based deployment initiated an image installation by running setup.exe.
ID: Component: Type: Text:
41021 LTIApply.wsf Informational Setup completed successfully.
An LTI-based deployment successfully completed image installation by running setup.exe.
ID: Component: Type: Text:
41022 LTIApply.wsf Error Setup failed applying image %1, rc = %2
An LTI-based deployment failed to complete image installation by running setup.exe with the return code specified in the text of the event.
ID: Component: Type: Text:
41023 LTIApply.wsf Informational LTI applying image %1 using ImageX
An LTI-based deployment initiated an image installation by using ImageX.
ID: Component: Type: Text:
41024 LTIApply.wsf Error The image %1 was not applied successfully by ImageX, rc = %2
An LTI-based deployment failed to complete image installation by using ImageX with the return code specified in the text of the event.
ID: Component: Type: Text:
41025 LTIApply.wsf Informational The image %1 was applied successfully.
An LTI-based deployment successfully completed image installation by using ImageX.
ID: Component: Type: Text:
41026 LTIApply.wsf Informational Performing unattend install from %1
An LTI-based deployment initiated an image installation by using unattended installation.
ID: Component: Type: Text:
41027 LTIApply.wsf Informational Unattended install completed successfully.
An LTI-based deployment successfully completed image installation by using unattended installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
MSDN 2.0
Event
Description
ID: Component: Type: Text:
41028 LTIApply.wsf Error Unattended install failed, rc = %1
An LTI-based deployment failed to complete image installation by using unattended installation with the return code specified in the text of the event.
ID: Component: Type: Text:
41029 ZeroTouchInstallation.wsf Informational ZTI deployment completed successfully
A ZTI-based deployment completed successfully.
ID: Component: Type: Text:
41030 ZeroTouchInstallation.wsf Error ZTI deployment failed, rc = %1 (%2)
A ZTI-based deployment failed to complete image installation with the return code specified in the text of the event.
ID: Component: Type: Text:
41031 ZTIApplications.wsf Informational ZTI installing application %1
Installation of application initiated.
ID: Component: Type: Text:
41032 ZTIApplications.wsf Error Error installing application %1: %2
Installation of application failed.
ID: Component: Type: Text:
41033 ZTIApplications.wsf Informational Application %1 installed successfully
Installation of application completed successfully.
ID: Component: Type: Text:
41034 ZTIApplications.wsf Error Application %1 returned an unexpected return code: %2
Installation of application failed with the error return code specified in the text of the event.
ID: Component: Type: Text:
41035 ZTIBackup.wsf Informational Beginning backup of drive %1
Back up of drive specified in the text of the event is initiated.
ID: Component: Type: Text:
41036 Backup of the disk specified in the text ZTIBackup.wsf of the event failed with the error return Error code specified in the text of the event. Error creating an image of drive %1, rc = %2
ID: Component: Type: Text:
41037 ZTIBackup.wsf Informational Successfully created image of drive %1
Solution Accelerators
Backup of the disk specified in the text of the event finished successfully.
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
37
Description
ID: Component: Type: Text:
41038 ZTIGather.wsf Error Unable to establish database connection using [%1] properties.
The MDT 2008 script ZTIGather.wsf was unable to establish a connection to the database referenced in the text of the event.
ID: Component: Type: Text:
41039 ZTIGather.wsf Warning Unable to execute database query.
The MDT 2008 script ZTIGather.wsf was unable to run a database query.
ID: Component: Type: Text:
41040 ZTIPackages.wsf Error Unable to find OSDSWDEXEC.EXE, so SMS packages cannot be installed.
The MDT 2008 script ZTIPackages.wsf was unable to find the file osdswdexec.exe, which is required to install packages created in Systems Management Server.
ID: Component: Type: Text:
41041 ZTIPackages.wsf Error Unable to establish database connection to look up SMS program command lines, install of '%1:%2’ cannot be completed.
The MDT 2008 script ZTIPackages.wsf is unable to locate the Systems Management Server program Command Prompt window for the package and program specified in the text of the event.
ID: Component: Type: Text:
41042 ZTIPackages.wsf Error Unable to install %1:%2 because it was not found in the SMS database.
The MDT 2008 script ZTIPackages.wsf is unable to locate the package and program specified in the text of the event.
ID: Component: Type: Text:
41043 ZTIPackages.wsf Informational About to install %1:%2.
The MDT 2008 script ZTIPackages.wsf is initiating the installation of the package and program specified in the text of the event.
ID: Component: Type: Text:
41044 ZTIValidate.wsf Error ERROR - Attempting to deploy a client operating system to a machine running a server operating system.
The MDT 2008 script ZTIValidate.wsf identified that the target computer is running a server operating system, and the process is attempting to deploy a client operating system to the target computer, which is not supported.
ID: Component: Type: Text:
41045 ZTIValidate.wsf Error ERROR - Attempting to deploy a server operating system to a machine running a client operating system.
The MDT 2008 script ZTIValidate.wsf identified that the target computer is running a client operating system, and the process is attempting to deploy a server operating system to the target computer, which is not supported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
MSDN 2.0
Event
Description
ID: Component: Type: Text:
41046 ZTIValidate.wsf Error ERROR - Machine is not authorized for upgrading (OSInstall=%1), aborting.
The MDT 2008 script ZTIValidate.wsf identified that the target computer is not authorized for upgrade.
ID: Component: Type: Text:
41047 ZTIValidate.wsf Error ERROR - %1 MB of memory is insufficient. At least %2 MB of memory is required.
The MDT 2008script ZTIValidate.wsf identified that the target computer has insufficient physical memory resources to deploy the target operating system as specified in the text of the event.
ID: Component: Type: Text:
41048 ZTIValidate.wsf Error ERROR - Processor speed of %1 MHz is insufficient. At least a %2 MHz processor is required.
The MDT 2008 script ZTIValidate.wsf identified that the target computer has insufficient processor resources to deploy the target operating system as specified in the text of the event.
ID: Component: Type: Text:
41049 ZTIValidate.wsf Error ERROR - insufficient space is available on %1. An additional %2 MB is required.
The MDT 2008 script ZTIValidate.wsf identified that the target computer has insufficient available disk space to deploy the target operating system as specified in the text of the event.
ID: Component: Type: Text:
41050 ZTIValidate.wsf Error ERROR - the current OS is not running from the C: drive. This is not currently supported.
The MDT 2008 script ZTIValidate.wsf identified that the operating system on the target computer is running on a drive volume other than the drive C volume, which is not supported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
39
System Center Configuration Manager– Related Events Table 9 lists the System Center Configuration Manager client component events that the Management Pack processes. Table 9. System Center Configuration Manager Client Component Events Referenced by the Management Pack Event
Description
ID: Component: Type: Text:
11134 Configuration Manager 2007 Client TBD The task sequence execution engine successfully completed the action (%1)
The task sequence execution engine successfully completed the action
ID: Component: Type: Text:
11135 Configuration Manager 2007 Client TBD The task sequence execution engine failed executing the action (%1). Error Code: %2
The task sequence execution engine failed to execute the action
ID: Component: Type: Text:
11140 Configuration Manager 2007 Client TBD The task sequence execution engine started execution of a task sequence.
The task sequence execution engine successfully started execution of a task sequence.
ID: Component: Type: Text:
11141 Configuration Manager 2007 Client TBD The task sequence execution engine failed execution of a task sequence.
The task sequence execution engine failed to start execution of a task sequence.
ID: Component: Type: Text:
11143 Configuration Manager 2007 Client TBD The task sequence execution engine successfully completed a task sequence.
The task sequence execution engine successfully completed a task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
MSDN 2.0
Systems Management Server–Related Events Table 10 lists the Systems Management Server client component events that the Management Pack processes. Table 10. Systems Management Server Client Component Events Processed by the Management Pack Event
Description
ID: Component: Type: Text:
10002 SMS 2003 Client Informational A new advertisement %1 was received
The Systems Management Server client received the new Systems Management Server advertisement and will run it based on the advertisement’s schedule.
ID: Component: Type: Text:
10005 SMS 2003 Client Informational Program started for advertisement %1
The Systems Management Server client successfully started running the Systems Management Server program associated with the advertisement.
ID: Component: Type: Text:
10006 SMS 2003 Client Error Program failed, return code = %11
The program being executed as part of the Systems Management Server advertisement failed to run. At this point, the Systems Management Server process has not started. See the Systems Management Server logs for more information about the cause of this error.
ID: Component: Type: Text:
10007 SMS 2003 Client Error Program failed with status MIF
The program being executed as part of the Systems Management Server advertisement failed to run. At this point, the Systems Management Server process has not started. See the Systems Management Server logs for more information about the cause of this error.
ID: Component: Type: Text:
10008 SMS 2003 Client Informational Program successful
The program associated with the Systems Management Server advertisement finished successfully. This does not mean that the Systems Management Server process has finished successfully. Instead, it means that the Systems Management Server has successfully installed and started the OSDAgent Service that will drive the remainder of the process.
ID: Component: Type: Text:
10009 SMS 2003 Client Informational Program successful
The program associated with the Systems Management Server advertisement finished successfully. This does not mean that the Systems Management Server process has finished successfully. Instead, it means that Systems Management Server has successfully installed and started the OSDAgent Service that will drive the remainder of the process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
41
Description
ID: Component: Type: Text:
10018 SMS 2003 Client Warning Advertisement rejected due to platform restrictions
A computer received the Systems Management Server advertisement, but that computer rejected it because it was not running the correct operating system platform. This event typically occurs only on computers running the Microsoft Windows 98 operating system, because Systems Management Server advertisements support Microsoft Windows 2000 Professional and later operating systems.
ID: Component: Type: Text:
10019 SMS 2003 Client Warning Advertisement rejected because it is expired
The computer received the Systems Management Server advertisement, but it will not run because the expiration date configured on that advertisement has already passed.
ID: Component: Type: Text:
10020 SMS 2003 Client Informational Program will not be run due to a slow network connection
The Systems Management Server advertisement is configured not to run the program over a slow network connection, but a slow network connection was detected.
ID: Component: Type: Text:
10023 SMS 2003 Client Informational Content download has started
The Systems Management Server advertisement has been configured to use “Download and execute” and has started downloading the package content. The package cannot begin executing until the download is complete.
ID: Component: Type: Text:
10024 SMS 2003 Client Informational Content download has completed
The contents of the Systems Management Server package have been completely downloaded so that program can run as soon as the advertisement start time arrives.
ID: Component: Type: Text:
10030 SMS 2003 Client Error Content hash mismatch
The contents of the Systems Management Server package were downloaded, but the content hash (checksum) of the local content did not match the server content. This means that the local content is corrupt and unusable.
ID: Component: Type: Text:
10031 SMS 2003 Client Informational Content download cancelled
The Systems Management Server client cancelled the Systems Management Server package download.
ID: Component: Type: Text:
10034 SMS 2003 Client Informational Program cancelled by user request
The Systems Management Server client cancelled the Systems Management Server package download at the user’s request.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
MSDN 2.0
Event
Description
ID: Component: Type: Text:
10035 SMS 2003 Client Informational Waiting for package content
The Systems Management Server package cannot run, because the Systems Management Server client has not yet located or obtained the package content. If the package is configured for “Download and execute,” it will take some time for this download to finish. If the package is configured to run from a distribution point, this status message is still generated to indicate that it is looking for a distribution point, but one should be found quickly, enabling the package execution to continue.
ID: Component: Type: Text:
10037 SMS 2003 Client Informational Waiting for another program to complete
The Systems Management Server package cannot run, because the Systems Management Server client is busy running something else. As soon as that advertisement is complete, the Systems Management Server package should run.
ID: Component: Type: Text:
10040 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10041 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10042 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10043 SMS 2003 Client Warning Program will not be rerun due to program settings
The Systems Management Server client will not re-run the Systems Management Server advertisement, because the same packageprogram combination has already successfully run on the computer.
ID: Component: Type: Text:
10045 SMS 2003 Client Warning Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
43
Description
ID: Component: Type: Text:
10050 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10051 SMS 2003 Client Error Content cannot be located, SMS 2003 client is giving up
The Systems Management Server client attempted to locate a distribution point containing the Systems Management Server package files but was unable to do so after several tries, so it gave up.
ID: Component: Type: Text:
10053 SMS 2003 Client Error Content download failed
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. No more attempts will be made.
ID: Component: Type: Text:
10054 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10057 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10058 SMS 2003 Client Error Not enough space in cache
The Systems Management Server advertisement has been configured for “Download and Execute,” but there is not enough space in the Systems Management Server client’s local disk cache to hold the package contents. The cache size must be increased before the package can download and run.
ID: Component: Type: Text:
10060 SMS 2003 Client Warning Content download failed, will retry
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. More attempts will be made to complete the download.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
MSDN 2.0
Event
Description
ID: Component: Type: Text:
10061 SMS 2003 Client Warning Content download failed, will retry
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. More attempts will be made to complete the download.
ID: Component: Type: Text:
10062 SMS 2003 Client Warning Content download failed, will retry
The Systems Management Server client experienced a problem while downloading the Systems Management Server package files from a Systems Management Server distribution point. More attempts will be made to complete the download.
Table 11 lists the SMS 2003 Operating System Deployment (OSD) Feature Pack Agent (OSD Agent) component events that the Management Pack processes. Table 11. SMS 2003 OSD Feature Pack Agent Component Events Processed by the Management Pack Event
Description
ID: Component: Type: Text:
11100 OSD Agent Informational OSD action '%1' started
The OSD Agent generates this event for each action started during the operating system deployment process.
ID: Component: Type: Text:
11101 OSD Agent Error OSD action '%1' failed with rc = %1
The OSD Agent detected that an action failed with a non-zero return code. This is a terminal error prior to the installation phase; after the installation phase, execution will continue. (The Management Pack will raise an alert for each action failure, regardless of the phase.)
ID: Component: Type: Text:
11102 OSD Agent Informational OSD deployment successfully completed
The OSD Agent successfully completed the SMS 2008 OSD Feature Pack imagedeployment process. The new operating system is fully installed and ready to use.
ID: Component: Type: Text:
11103 OSD Agent Error OSD did not receive a response from the management point
The OSD Agent attempted to contact a Systems Management Server management point to locate the closest Systems Management Server distribution point containing the specified package, but the management point did not respond, causing the operating system deployment process to fail.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
Event
45
Description
ID: Component: Type: Text:
11104 OSD Agent Error OSD found no distribution points available at the site
The OSD Agent successfully contacted a Systems Management Server management point, but that management point reported that there were no suitable Systems Management Server distribution points available given the computer’s current network location. This causes the operating system deployment process to fail. (This may mean that the site is configured to use AD DS site boundaries and that the update associated with Microsoft Help and Support article, “Deploying an operating system by using the Operating System Deployment Feature Pack fails when Active Directory sites are used as site boundaries in SMS 2003,” at http://support.microsoft.com/kb/888311 has not been installed.)
ID: Component: Type: Text:
11105 OSD Agent Error OSD was unable to connect to a distribution point
The OSD Agent successfully obtained the name of a Systems Management Server distribution point from the Systems Management Server management point but was unable to connect to that distribution point. This causes the operating system deployment process to fail. (This may mean that the server is down, that there are firewalls or Internet Protocol Security [IPsec] configurations interfering, and so on.)
ID: Component: Type: Text:
11106 OSD Agent Informational OSD Validation phase started
The OSD Agent successfully started the validation phase, the first phase in the operating system deployment process.
ID: Component: Type: Text:
11107 OSD Agent Informational OSD State Capture phase started
The OSD Agent successfully started the state capture phase (running in the original, or “old,” operating system), the second phase in the operating system deployment process. This phase typically runs the USMT to capture user settings and files.
ID: Component: Type: Text:
11108 OSD Agent Informational OSD Preinstall phase started
The OSD Agent successfully started the preinstall phase. For an operating system refresh, Windows PE is placed on the hard disk, and the computer is restarted to continue the process. For a new computer, the pre-installation phase is initiated from the Windows PE image installation CD.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
MSDN 2.0
Event
Description
ID: Component: Type: Text:
11109 OSD Agent Informational OSD Install phase started
The OSD Agent successfully started the installation phase (running in Windows PE). This phase cleans the old operating system from drive C (if there is an existing operating system) and extracts the contents of the new operating system Windows Image Format (WIM) image, placing it on the drive.
ID: Component: Type: Text:
11110 OSD Agent Informational OSD Postinstall phase started
The OSD Agent successfully started the postinstallation phase (running in Windows PE). During this phase, the new operating system can be adjusted or modified before it runs for the first time (for example, editing the sysprep.inf configuration file or adding drivers).
ID: Component: Type: Text:
11111 OSD Agent Informational OSD State Restore phase started
The OSD Agent successfully started the state restore phase (running in the “new” operating system). During this phase, the user state information captured previously is restored, and any needed applications are installed.
Microsoft® Deployment Toolkit 2008 Microsoft Deployment Toolkit Samples Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
47
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, BitLocker, SQL Server, Visual Basic, Windows, Windows NT, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This guide is intended to serve as part of Microsoft® Deployment Toolkit (MDT) 2008, to guide a specialist team through deploying the Microsoft Windows® operating system and the 2007 Microsoft Office system. Specifically, this guide is designed to provide sample configuration settings for specific deployment scenarios. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
To use this guide 1. Review the list of scenario topics in the “Contents” section (starting on page iii of this guide). 2. Select the scenario that most closely represents the organization’s deployment goals. 3. Review the sample configuration settings for the selected scenario. 4. Use the sample configuration settings as the foundation for the configuration settings in the environment. 5. Customize the sample configuration settings for the environment. In many instances, more than one scenario might be necessary to complete the configuration settings for the environment. Because this guide contains only sample configuration settings, reviewing the guides listed in Table 1 can further assist in customizing the configuration settings for the environment. Table 1. Deployment Guidance in MDT 2008 Guide
This guide offers assistance to help
Preparing for LTI Tools
Install LTI in the environment. The guide includes information about how LTI works.
Preparing for Microsoft Systems Management Server 2003
Install ZTI in the environment and perform deployments using Microsoft Systems Management Server 2003. The guide includes information about how ZTI and Systems Management Server work together.
Preparing for Microsoft System Center Configuration Manager 2007
Install ZTI in the environment and perform deployments using Microsoft System Center Configuration Manager 2007. The guide includes information about how ZTI and System Center Configuration Manager work together.
Deployment Customization Guide
Further customize the configuration files used in ZTI and LTI deployments. This guide also provides generic configuration guidance and a technical reference for configuration settings.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t to a Speci fic Co mpute r In this scenario, a deployment team is automating the deployment to a specific target computer. The computer can be identified using the AssetTag, UUID (universally unique identifier), SerialNumber, or MACAddress properties associated with the computer. For example, Woodgrove Bank uses the media access control (MAC) address of the primary network adapter of each computer to uniquely identify each computer. Although the computer’s database queries can be configured directly in the CustomSettings.ini file, the recommended method is to use Deployment Workbench to perform the customization. Doing this helps eliminate configuration errors and reduce the effort required to maintain the configuration. To automate deployment to a specific computer 1. Configure a database for Deployment Workbench to use to store configuration settings for specific computers. 2. Select the method for uniquely identifying computers in the organization. 3. Create the computers and computer settings using Deployment Workbench. 4. Create the specific roles, locations, or makes and models of computers using Deployment Workbench. 5. Configure CustomSettings.ini to perform the appropriate database queries using Deployment Workbench.
Configure a Database for Deployment Workbench To configure a database for Deployment Workbench to use to store configuration settings 553.Start Deployment Workbench. 554.In the console tree, expand Deploy, and then click Database. 555.In the Options dialog box, click New. The New DB Wizard will start. 556.On the SQL Server Details page, in the relevant boxes, type the information listed in Table 2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Specific Computer
3
Table 2. Information to Complete the SQL Server Details Page In this box
Type
SQL Server Name
The name of the Microsoft SQL Server® server computer.
Instance
The SQL Server instance (optional).
Port
The port on which the SQL Server is listening (optional).
Network Library
Click one of the following network libraries: •
Named Pipes
•
TCP/IP
557.Click Next. 558.On the Database page, click one of three options: •
Create a new database.
•
Create (or recreate) the tables and views in an existing database.
•
Use an existing database that already contains the required tables and views.
559.In the Database box beside the selected database option, type the name of the new database or click the name of an existing database. 560.Click Next. 561.On the SQL Share page, type the SQL Share name (required when using the Named Pipes option). 562.Click Finish.
Select the Method for Identifying Computers After creating a database or selecting an existing database, select the method for uniquely identifying the computers in the organization. A combination of methods can be used to do this. The predefined properties for uniquely identifying a target computer are the AssetTag, UUID, SerialNumber, and MACAddress properties. After creating a computer, specify configuration settings for its properties. These configuration settings are stored in the database and are retrieved by ZTIGather.wsf. In addition to querying the computers directly using the AssetTag, UUID, SerialNumber, or MACAddress properties, a computer can be associated with: •
A group of computers that perform a specific role using the Role property. To do this, create a new role item on the Roles node in Deployment Workbench. Then, on the Roles tab in the Properties dialog box of a computer on the Computers node in Deployment Workbench, add the role to the target computer.
•
A group of computers within a specific location using the Location or DefaultGateway properties. To do this, create a new location item on the Locations node in Deployment Workbench.
•
A group of computers that are a specific make and model using the Make and Model properties. To do this, create a new make and model item on the Make and Model node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
After identifying the computers, identify the configuration settings to associate with them. Use Deployment Workbench to associate the following properties with a computer, based on the tabs in the user interface (UI): •
Details. Configure specific properties for the target computer.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computer.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computer.
•
Roles. Configure the roles (defined in Deployment Workbench) to be associated with the target computer.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computer.
Create the Computer Settings After selecting the method for identifying the computers and the configuration settings for each computer, use Deployment Workbench to create the computers and computer settings. Perform the following steps for each computer identified in the previous section. To create computers and computer settings in Deployment Workbench 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Computers, and then click New. 3. In the Properties dialog box, on the Identity tab, configure the information listed in Table 3. A combination of this information can be provided; however, the description of at least one box must be configured in addition to Description (Asset tag, UUID, Serial number, or MAC address). Table 3. Information to Complete the Identity Tab for a New Computers Item In this box
Type
Description
The user-friendly description of the computer.
Asset tag
The asset tag or inventory control tag assigned to the computer.
UUID
The UUID assigned to the target computer.
Serial number
The serial number assigned to the target computer.
MAC address
The MAC address assigned to the target computer.
The Asset tag, UUID, Serial number, and MAC address boxes correspond to the AssetTag, UUID, SerialNumber, and MACAddress properties. For more information about the values for the asset tag, UUID, serial number, and MAC address, see the AssetTag, UUID, SerialNumber, and MACAddress properties in the MDT 2008 document, Toolkit Reference. 4. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 5. Click the Applications tab, and then configure the applications to install and the order of application installation. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Specific Computer
5
6. Click the Packages tab, and then configure the packages to install and the order of package installation. 7. Click the Roles tab, and then configure the roles to associate with the computer. 8. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Create Other Items After creating the computers and computer settings, the option is available to create other items (including roles to be assigned to the computers, locations in which the computers reside, or the specific make and model of the computers). Perform the following steps for each association to be made. Note For specific information on roles, locations, or make and model, please see their specific sections later in this guide.
To create other items 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click node (where node is the Roles, Locations, or Make and Model node), and then click New. 3. In the Properties dialog box, on the Identity tab, configure the identity values identified for each item (where the items are Roles, Locations, or Make and Model). 4. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 5. Click the Applications tab, and then configure the applications to install and the order of application installation. 6. Click the Packages tab, and then configure the packages to install and the order of package installation. 7. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each role. Perform the following steps for each deployment point to be configured. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 4. Note For System Center Configuration Manager, also copy CustomSettings.ini to the Setting Source Package directory.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Table 4. Completing the Configure DB Wizard for Computers Only Wizard page
Purpose
Computer Options
•
Query for computer-specific settings.
•
Query for roles assigned to this computer. If the role is associated with a specific computer, select the check box.
•
Query for applications to be installed on this computer.
•
Query for Systems Management Server packages to be installed on this computer.
•
Query for members of the local Administrator group to be assigned to this computer.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 1 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 4. Listing 1. CustomSettings.ini File After Completing the Configure DB Wizard [Settings] Priority=CSettings,CPackages, CApps, CAdmins, CRoles, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [CSettings] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerSettings Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CPackages] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerPackages Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Specific Computer
7
Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CApps] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerApplications Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CAdmins] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerAdministrators Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CRoles] SQLServer=W2K3-SP1 Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Note The [Default] section typically is at the end of the list of sections in the Priority property. Note
If using named pipes, the SQLShare property should show the SQL share name.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 5 lists the sections created and a brief description of the purpose of each section.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Table 5. Sections in Listing 1 and Their Purpose Section
Purpose
CSettings
Queries the ComputerSettings view to identify a computer based on any combination of the UUID, AssetTag, SerialNumber, or MACAddress properties.
CPackages
Queries the ComputerPackages view to return all the packages associated with a computer.
CApps
Queries the ComputerApplications view to return all the applications associated with a computer.
CAdmins
Queries the ComputerAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computer.
CRoles
Queries the ComputerRoles view to return all the roles associated with a computer.
For more information about the database views and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t by Loca tion In this scenario, the deployment team is automating the deployment by a location assigned to the target computer by the default gateway of the target computer. The location can be any name associated with a location in the organization. In addition, a default gateway can be associated with more than one location, allowing the logical grouping of locations within locations. For example, Woodgrove Bank defined a location for each building that contains all the default gateway IP addresses within each building. Then the company defined a location for each floor within each building that contains all the default gateway IP addresses on each floor. Thus, each default gateway IP address is defined within a location for the floor and for the building. Although the location database queries can be configured directly in the CustomSettings.ini file, the recommended method is to perform the customization using Deployment Workbench. Doing this helps eliminate configuration errors and reduces the effort required to maintain the configuration. To automate a deployment using locations 1. Identify the locations in the organization. 2. Create the locations and location settings using Deployment Workbench. 3. Use Deployment Workbench to configure CustomSettings.ini to perform the appropriate database queries.
Identify the Locations To automate the deployment by location, begin by identifying locations in the organization and how they will be used to apply configuration settings to the target computers. The locations are based on the default gateway IP addresses of the target computers. After creating a location, specify configuration settings for properties of the computers that reside within the location. These configuration settings are stored in the deployment database and are retrieved by ZTIGather.wsf. In addition to querying the locations directly by the location name or by the default gateway IP address, a location can be associated with: •
A specific computer using the AssetTag, UUID, SerialNumber, or MACAddress properties associated with the computer. To do this, configure the Locations tab in the Properties dialog box of a computer on the Computers node in Deployment Workbench.
•
A group of computers that perform a specific role using the Role properties associated with the role within each location. To do this, configure the Roles tab in the Properties dialog box of a location on the Locations node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
After identifying the locations, also identify the configuration settings to associate with each location. Using Deployment Workbench, the following items can be associated with a location: •
Details. Configure specific properties for target computers within the location.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computers within the location.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computers within the location.
•
Roles. Configure the roles (defined in Deployment Workbench) to be associated with the target computers within the location.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computers within the location.
Create the Location and Location Settings After identifying the locations and configuration settings for each location, create locations and location settings using Deployment Workbench. Perform the following steps for each role identified in the previous section. To create the location and location settings in Deployment Workbench 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Locations, and then click New. 3. In the Properties dialog box, on the Identity tab, in the Location box, type location_name (where location_name is the name of the location). 4. In the Default Gateways box, type the IP addresses for all default gateways that exist within the location. 5. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 6. Click the Applications tab, and then configure the applications to install and the order of application installation. 7. Click the Packages tab, and then configure the packages to install and the order of package installation. 8. Click the Roles tab, and then configure the roles to associate with the location. 9. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers within the location, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Location
11
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each location. Perform the following steps for each deployment point to configure. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 6. Table 6. Completing the Configure DB Wizard for Locations Only Wizard page
Purpose
Location Options
•
Query for location names based on default gateways.
•
Query for location-specific settings.
•
Query for roles assigned for this location.
•
Query for applications to be installed for this location.
•
Query for Systems Management Server packages to be installed for this location.
•
Query for members of the local Administrator group to be assigned for this location.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 2 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 6. Listing 2. CustomSettings.ini File After Completing the Configure DB Wizard [Settings] Priority=Locations, LSettings, LPackages, LApplications, LAdmins, LRoles, CSettings, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Locations] SQLServer=W2K3-SP1 Instance= Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Database=DWDB Netlib=DBNMPNTW SQLShare= Table=Locations Parameters=DefaultGateway [LSettings] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationSettings Parameters=DefaultGateway [LPackages] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationPackages Parameters=DefaultGateway Order=Sequence [LApps] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationApplications Parameters=DefaultGateway Order=Sequence [LAdmins] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationAdministrators Parameters=DefaultGateway Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Location
13
[LRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationRoles Parameters=DefaultGateway Note The [Default] section typically is at the end of the list of sections in the Priority property.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 7 lists the sections created and a brief description of purpose for each section. Table 7. Sections in Listing 2 and Their Purpose Section
Purpose
Locations
Queries the Locations view to identify the locations that are associated with the IP address of a default gateway.
LSettings
Queries the LocationSettings view to return all the property values associated with a location.
LPackages
Queries the LocationPackages view to return all the packages associated with a location.
LApps
Queries the LocationApplications view to return all the applications associated with a location.
LAdmins
Queries the LocationAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computers within a location.
LRoles
Queries the LocationRoles view to return all the roles associated with a location.
CSettings
Queries the ComputerSettings view to return all the property values associated with a specific computer.
For more information about the database views and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t by Co mpute r M ak e and Mode l In this scenario, the deployment team is automating the desktop deployment by the make and model of the target computers—that is, by the names associated with the computers’ Make and Model properties. By automating deployment this way, the property settings can be configured based on the make and model of the target computers. For example, Woodgrove Bank defined a unique make and model combination for the computers within its organization. Then the bank associated property settings, packages, roles, and user accounts to be made members of the local Administrator group for each unique make and model combination. Although the make and model database queries can be configured directly in the CustomSettings.ini file, the recommended method is to perform the customization using Deployment Workbench. Doing this helps eliminate configuration errors and reduce the effort required to maintain the configuration. To automate deployment using make and model 1. Identify the make and model combinations in the organization. 2. Use Deployment Workbench to create the make and model combinations and corresponding settings. 3. Use Deployment Workbench to configure CustomSettings.ini to perform the appropriate database queries.
Identify Make and Model Combinations To automate deployment using make and model, begin by identifying the make and model combinations in the organization and how they will be used to apply configuration settings to the target computers. The make and model combinations are based on the Make and Model properties of the target computers. After creating the make and model combinations, specify configuration settings for properties for the computers that match them. These configuration settings are stored in the database and are retrieved by ZTIGather.wsf. In addition to querying the locations directly by the make and model combination, associate a combination with a group of computers that performs a specific role using the Role properties associated with the role within each location. Do this by configuring the Roles tab in the Properties dialog box of a make and model combination item on the Make and Model node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Make and Model
15
After identifying items on the Make and Model node, identify the configuration settings to associate with each item. Using Deployment Workbench, the following items can be associated with a make and model item, based on the tabs in the UI: •
Details. Configure specific properties to target computers that match the make and model.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computers that match the make and model.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computers that match the make and model.
•
Roles. Configure the roles (defined in Deployment Workbench) to be associated with the target computers that match the make and model.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computers that match the make and model.
Create Make and Model Combinations and Settings After identifying the make and model combinations and configuration settings for each combination, create the combinations and corresponding settings using Deployment Workbench. Perform the following steps for each make and model combination identified in the previous section. To create make and model combinations and settings 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Make and Model, and then click New. 3. In the Properties dialog box, on the Identity tab, in the Make box, type make_name (where make_name is an identifiable name to associate with the make of the manufacturer of the target computers). 4. In the Model box, type model_name (where model_name is an identifiable name to associate with the model of the target computers). 5. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 6. Click the Applications tab, and then configure the applications to install and the order of application installation. 7. Click the Packages tab, and then configure the packages to install and the order of package installation. 8. Click the Roles tab, and then configure the roles to associate with the target computers. 9. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each make and model combination. Perform the following steps for each deployment point to be configured. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 8. Table 8. Completing the Configure DB Wizard for Make and Model Only Wizard page
Purpose
Make/Model Options
•
Query for model-specific settings.
•
Query for roles assigned to computers with this make and model.
•
Query for applications to be installed on computers with this make and model.
•
Query for Systems Management Server packages to be installed on computers with this make and model.
•
Query for administrators to be assigned to machines with this make and model.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 3 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 8. Listing 3. CustomSettings.ini file After Completing the Configure DB Wizard [Settings] Priority=MMSettings, MMPackages, MMAppls, MMAdmins, MMRoles, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [MMSettings] SQLServer=W2K3-SP1 Instance= Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Make and Model
17
Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelSettings Parameters=Make, Model [MMPackages] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelPackages Parameters=Make, Model Order=Sequence [MMApps] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelApplications Parameters=Make, Model Order=Sequence [MMAdmins] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelAdministrators Parameters=Make, Model [MMRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelRoles Parameters=Make, Model Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Note The [Default] section typically is at the end of the list of sections in the Priority property.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 9 lists the sections created and a brief description of purpose for each section. Table 9. Sections in Listing 3 and Their Purpose Section
Purpose
MMSettings
Queries the MakeModelSettings view to return all the property values associated with a make and model combination.
MMPackages
Queries the MakeModelPackages view to return all the packages associated with a make and model combination.
MMApps
Queries the MakeModelApplications view to return all the applications associated with a make and model combination.
MMAdmins
Queries the MakeModelAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computers that match a make and model combination.
MMRoles
Queries the MakeModelRoles view to return all the roles associated with a make and model combination.
For more information about the database views and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Automa ti ng D epl oymen t by R ol e In this scenario, the team is automating the deployment by a role assigned to the target computer. The role can be any name that is associated with a role in the organization. For example, Woodgrove Bank assigned a role of Tellers to the bank tellers who work there. Woodgrove uses this role to identify the supplemental applications that need to be installed for bank tellers after the operating system and core applications are deployed. Although the role database queries can be configured directly in the CustomSettings.ini file, the recommended method is to perform the customization using Deployment Workbench. Doing this helps eliminate configuration errors and reduce the effort required to maintain the configuration. To automate a deployment using roles 1. Identify the roles in the organization. 2. Use Deployment Workbench to create the roles and role settings. 3. Use Deployment Workbench to associate the roles with specific computers, specific locations, or specific makes and models of computers. 4. Use Deployment Workbench to configure CustomSettings.ini to perform the appropriate database queries.
Identify the Roles To automate deployment by role, begin by identifying the roles in the organization and how they will be used to apply configuration settings to the target computers. The roles can be based on the users or the actual target computers. After creating a role, specify configuration settings for properties for users or computers that perform that role. These configuration settings are stored in the database and are retrieved by ZTIGather.wsf. In addition to querying the roles directly by the role name, a role can be associated with: •
A specific computer using the AssetTag, UUID, SerialNumber, or MACAddress properties associated with the computer. To do this, configure the Roles tab in the Properties dialog box of a computer on the Computers node in Deployment Workbench.
•
A group of computers within a location using the Location or DefaultGateway properties associated with the location. To do this, configure the Roles tab in the Properties dialog box of a location on the Locations node in Deployment Workbench.
•
A group of computers that are a specific make and model using the Make and Model properties associated with the computers. To do this, configure the Roles tab in the Properties dialog box of a make and model on the Make and Model node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
After identifying the roles, identify the configuration settings to associate with them. Use Deployment Workbench to associate the following properties with a role: •
Details. Configure specific properties to target computers that perform the role.
•
Applications. Configure the applications (defined in Deployment Workbench) to be deployed to the target computers that perform the role.
•
Packages. Configure the packages (defined in Deployment Workbench) to be deployed to the target computers that perform the role.
•
Administrators. Configure the user accounts to be made members of the local Administrator group on the target computers that perform the role.
Create the Roles and Role Settings After identifying the roles and configuration settings for each role, create the roles and role settings using Deployment Workbench. Perform the following steps for each role identified in the previous section. To create roles and role settings 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, right-click Roles, and then click New. 3. In the Properties dialog box, on the Identity tab, in the Role name box, type role_name (where role_name is the name of the role). 4. Click the Details tab, and then configure the appropriate property values identified earlier in the process. 5. Click the Applications tab, and then configure the applications to install and the order of application installation. 6. Click the Packages tab, and then configure the packages to install and the order of package installation. 7. Click the Administrators tab, configure the accounts to be made members of the local Administrator group on the target computers, and then click OK.
Associate the Roles After creating the roles and the role settings, the option is available to associate the role with a computer, a location, or a specific make and model of computer. Perform the following steps for each association to be made. To associate roles 1. Start Deployment Workbench. 2. In the console tree, go to Deploy/Database, and then click node (where node is the Computers, Locations, or Make and Model node). 3. In the details pane, right-click item (where item is the Computer, Location, or Make and Model to specifically associate with the role), and then click Properties. 4. In the item Properties dialog box, click the Roles tab, click the appropriate roles, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Role
21
Configure CustomSettings.ini Next, configure CustomSettings.ini to perform the appropriate database queries and set the properties configured for each role. Perform the following steps for each deployment point to be configured. To configure CustomSettings.ini 1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Configure DB. The Configure DB Wizard will start. 4. Complete the Configure DB Wizard using the information listed in Table 10. Table 10. Completing the Configure DB Wizard for Roles Only Wizard page
Purpose
Role Options
•
Query for role-specific settings.
•
Query for applications to be installed for this role.
•
Query for Systems Management Server packages to be installed for this role.
•
Query for members of the local Administrator to be assigned for this role.
Note For each query check box selected, ZTIGather.wsf will perform a corresponding database query and logging. Selecting unnecessary check boxes can increase the time required to deploy to a target computer.
Listing 4 illustrates the CustomSettings.ini file after completing the Configure DB Wizard and selecting only the options specified in Table 10. Listing 4. CustomSettings.ini File After Completing the Configure DB Wizard [Settings] Priority=CRoles, RSettings, RPackages, RApps, RAdmins, LRoles, MMRoles, Default Properties=MyCustomProperty [Default] SkipCapture=NO SkipAppsOnUpgrade=NO UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution11$ OSInstall=Y ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c [CRoles] SQLServer=W2K3-SP1 Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [RSettings] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=RoleSettings Parameters=Role [RPackages] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=RolePackages Parameters=Role Order=Sequence [RApplications] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=RoleApplications Parameters=Role Order=Sequence [RAdmins] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: By Role
23
Table=RoleAdministrators Parameters=Role [LRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=LocationRoles Parameters=DefaultGateway [MMRoles] SQLServer=W2K3-SP1 Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=MakeModelRoles Parameters=Make, Model Note The [Default] section typically is at the end of the list of sections in the Priority property.
The Configure DB Wizard configures the Priority property and creates the corresponding section in CustomSettings.ini. Table 11 lists the sections created and a brief description of purpose for each section.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Table 11. Sections in Listing 4 and Their Purpose Section
Purpose
CRoles
Queries the ComputerRoles view to identify the roles that are associated with a computer based on any combination of the UUID, AssetTag, SerialNumber, or MACAddress properties.
RSettings
Queries the RoleSettings view to return all the property values associated with a role.
RPackages
Queries the RolePackages view to return all the packages associated with a role.
RApps
Queries the RoleApplications view to return all the applications associated with a role.
RAdmins
Queries the RoleAdministrators view to return all the user accounts to be made members of the local Administrator group on the target computers associated with a role.
LRoles
Queries the LocationRoles view to return all the roles associated with a location.
MMRoles
Queries the MakeModelRoles view to return all the roles associated with a specific make and model.
For more information about the database view and tables managed by Deployment Workbench, see the section “Tables and Views in the Deployment Workbench Database” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Running Micr osoft D epl oymen t Toolki t 2008 W ithout WIN S By default, MDT 2008 expects that the Windows Internet Naming Service (WINS) exists in the organization’s network infrastructure. Many organizations have removed all dependencies on WINS or are in the process of eliminating them. Some changes are required to support MDT 2008 in organizations without WINS. The MDT 2008 scripts connect to network resources during the deployment process. Examples of these resources include: •
Shared folders on MDT 2008 distribution points.
•
Systems Management Server or System Center Configuration Manager distribution points.
•
Computers running SQL Server.
In environments without WINS, Windows Preinstallation Environment (Windows PE) uses Domain Name System (DNS) for IP address resolution. Ensure that the DNS services include both forward and reverse lookups for MDT 2008 servers. Additionally, configure DNS to perform WINS lookups. For additional information, see WINS lookup integration at http://www.microsoft.com/windows/windows2000/en/advanced/help/sag_DNS_und_Wins LookupIntegration.htm. To ensure that MDT 2008 operates correctly in an environment without WINS 1. Configure Dynamic Host Configuration Protocol (DHCP) with appropriate DNS scope entries. 2. Configure Lmhosts files for the Windows PE CD images. 3. Configure Systems Management Server with Active Directory® directory service schema extensions.
Configure DHCP with Appropriate DNS Scope Entries The organization must have an existing DHCP infrastructure to support MDT 2008. Each DHCP scope must include primary and secondary pointers for DNS servers that support the domain in which MDT 2008 services and servers are hosted. Note In environments without WINS, the WINS settings in the DHCP scope are irrelevant and should be left blank.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Configure Lmhosts Files for the Windows PE CD Images In some environments without WINS, DNS might not be available to or configurable by the deployment team. Although using DNS for name resolution is recommended, Lmhosts files can be used to provide name resolution. Manually place the Lmhosts files into both Windows PE images. To configure Lmhosts files for the Windows PE CD images 1. Modify the Windows PE Startnet.cmd files to include WINS resolution support (necessary for versions of Windows PE earlier version 2.0 and ZTI deployments using Systems Management Server [SMS] Operating System Deployment [OSD] Feature Pack only). 2. Create the appropriate folder structure in the images. 3. Create the appropriate Lmhosts file.
Create the Appropriate Folder Structure The appropriate folder structure must be created to support Lmhosts files for Windows PE. Create the folder structure (\Drivers\Etc) in the Computer Imaging System folder, as shown in Listing 5, where InstallPath is the path where MDT 2008 is installed. Listing 5. Folder Structure to Be Created for Lmhosts Files InstallPath\Computer Imaging System\Boot Disks\WinPE\ExtraFiles\i386\System32\Drivers\Etc
Create the Appropriate Lmhosts File Create an Lmhosts file that contains entries for the organization’s servers and domain. Listing 6 shows an example of an Lmhosts file. Listing 6. Example Lmhosts File 10.10.10.10 DomainController 10.10.10.20 BDDServer 10.10.10.30 AppServer 10.10.10.40 IMGServer
#PRE #PRE #PRE #PRE
#DOM:DomainName #at least 1 DC #source server #holds apps #hosts XP images
To create the appropriate Lmhosts file 563.Use a text editor to create the Lmhosts file. 564.Place the Lmhosts file in the \Drivers\Etc folder created earlier in the process. 565.Create or refresh the Windows PE lab and deployment images using the MDT 2008 computer imaging system. Update the Lmhosts file and, subsequently, the Windows PE images, if the environment changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Running Without WINS
27
Configure Active Directory Schema Extensions Systems Management Server and System Center Configuration Manager Advanced Clients determine their appropriate assigned Systems Management Server sites and servers based on Active Directory and DNS, when available. These are determined from management point and server locator point registrations if Active Directory schema extensions are installed. Ensure that the Active Directory schema is extended.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cu stom iz ing D ep lo yment Ba sed on Chas si s T ype The deployment can be customized based on the chassis type of the server. The scripts create local variables that can be processed in the CustomSettings.ini file. The local variables IsLaptop, IsDesktop, and IsServer indicate whether the computer is a laptop, desktop, or server, respectively. Note In earlier versions of Deployment Workbench, the IsServer flag indicated that the existing operating system is a server operating system (such as Windows Server 2003 Enterprise Edition). This flag has been renamed to IsServerOS.
To implement local variables in the CustomSettings.ini file 1. In the [Settings] section, on the Priority line, add a custom section to customize deployment based on the chassis type (ByChassisType in the example in Listing 7, where Chassis represents the type of computer). 2. Create the custom section that corresponds to the custom section defined in step 1 (ByChassisType in the example in Listing 7, where Chassis represents the type of computer). 3. Define a subsection for each chassis type to detect (Subsection=Laptop%IsLaptop%, Subsection=Desktop-%IsDesktop%, Subsection=Server%IsServer% in the example in Listing 7).
4. Create a subsection for each True and False state of each subsection defined in step 3 (such as [Laptop-True], [Laptop-False], [Desktop-True], [DesktopFalse] in the example in Listing 7. 5. Under each True and False subsection, add the appropriate settings based on the chassis type. Listing 7. Example of Customizing Deployment Based on Chassis Type in the CustomSettings.ini File [Settings] Priority=...,ByLaptopType,ByDesktopType,ByServerType [ByLaptopType] Subsection=Laptop-%IsLaptop% [ByDesktopType] Subsection=Desktop-%IsDesktop% [ByServerType] Subsection=Server-%IsServer% . . Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Customization Desktop Samples: Previous Application Versions
29
. [Laptop-True] . . . [Laptop-False] . . . [Desktop-True] . . . [Desktop-False] . . . [Server-True] . . . [Server-False] . . .
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying A pp lic ations Ba sed on Ear li er A pp li ca tion Ver sions Often, when installing an operating system on an existing computer, the same applications that were previously installed on the computer will be installed. Do this using MDT 2008 scripts (in particular, ZTIGather.wsf) to query two separate sources of information: •
The Systems Management Server or System Center Configuration Manager hardware inventory database. Contains one record for each application package— in this case, listings in Program and Features in Windows Vista and Windows Server 2008 or Add or Remove Programs in Windows XP and Windows Server 2003 —installed the last time Systems Management Server or System Center Configuration Manager inventoried the computer.
•
A mapping table. Describes which package and program need to be installed for each record (because the Program and Features or Add or Remove Programs records do not specify exactly which package installed the application, making it impossible to automatically select the package based on inventory alone).
To perform a dynamic computer-specific application installation 1. Use the table in the Deployment Workbench database to connect specific packages with applications listed in the target operating system. 2. Populate the table with data that associates the appropriate package with the application listed in Program and Features or Add or Remove Programs (as illustrated in Listing 8). Listing 8. SQL Query to Populate the Table use [DWDB] go INSERT INTO [PackageMapping] (ARPName, Packages) VALUES('Office8.0', 'XXX0000F:Install Office 2003 Professional') go In Listing 8, the inserted row connects any computer that has the entry Office8.0 with the Microsoft Office 2003 Professional package. This means that Microsoft Office 2003 Professional will be installed on any computer currently running Microsoft Office 97 (Office 8.0). Add similar entries for any other packages. Any item for which there is no entry is ignored (no package will be installed). 3. Create a stored procedure to simplify joining the information in the new table with the inventory data (as illustrated in Listing 9).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Customization Desktop Samples: Earlier Application Versions
31
Listing 9. SQL Query to Create a Stored Procedure to Simplify Joining the Information with Inventory Data use [DWDB] go if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[RetrievePackages]') and OBJECTPROPERTY(id, N'IsProcedure') = 1) drop procedure [dbo].[RetrievePackages] go CREATE PROCEDURE [dbo].[RetrievePackages] @MacAddress CHAR(17) AS SET NOCOUNT ON /* Select and return all the appropriate records based on current inventory */ SELECT * FROM PackageMapping WHERE ARPName IN ( SELECT ProdID0 FROM SMS_SMS.dbo.v_GS_ADD_REMOVE_PROGRAMS a, SMS_SMS.dbo.v_GS_NETWORK_ADAPTER n WHERE a.ResourceID = n.ResourceID AND MACAddress0 = @MacAddress ) go The stored procedure in Listing 9 assumes that the Systems Management Server or System Center Configuration Manager central primary site database resides on the same computer running SQL Server as the Deployment Workbench database (DWDB). If the central primary site database resides on a different computer, the appropriate modifications need to be made to the stored procedure. In addition, the name of the database (SMS_SMS in Listing 9) must be updated. Also consider granting additional accounts Read access to the v_GS_ADD_REMOVE_PROGRAMS view in the Systems Management Server database. 4. Configure the CustomSettings.ini file to query this database table by specifying the name of a section ([DynamicPackages] in the Priority list) that points to the database information (as illustrated in Listing 10). Listing 10. Excerpt from CustomSettings.ini That Illustrates the DynamicPackages Section in the Priority List [Settings] … Priority=MacAddress, DefaultGateway, DynamicPackages, Default … Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
5. Create a [DynamicPackages] section to specify the name of a database section (as illustrated in Listing 11). Listing 11. Excerpt from CustomSettings.ini That Illustrates the DynamicPackages Section with the Name of a Database Section [DynamicPackages] SQLDefault= DB_DynamicPackages 6. Create a database section to specify the database information and query details (as illustrated in Listing 12). Listing 12. Excerpt from CustomSettings.ini That Illustrates the Database Section [DB_DynamicPackages] SQLServer=SERVER1 Database=DWDB StoredProcedure=RetrievePackages Parameters=MacAddress SQLShare=Logs Instance=SQLEnterprise2005 Port=1433 Netlib=DBNMPNTW In the example in Listing 12, the DWDB on the computer running the SQL Server named SERVER1 will be queried. The database contains a stored procedure named RetrievePackages (created in step 3). When ZTIGather.wsf runs, a SQL SELECT statement is automatically generated, and the value of the MakeModelQuery custom key is passed as a parameter to the query (shown in Listing 13). Listing 13. Sample SQL Query Created Automatically Based on the Database Section EXECUTE RetrievePackages ? The actual value of the MACAddress custom key will be substituted for the corresponding ? in Listing 13. This query returns a record set with the rows entered in step 2. A variable number of arguments cannot be passed to a stored procedure. As a result, when a computer has more than one MAC address, not all MAC addresses can be passed to the stored procedure. As an alternative, replace the stored procedure with a view that allows querying the view with a SELECT statement with an IN clause to pass all the MAC address values. Based on the scenario presented here, if the current computer has the value Office8.0 inserted into the table (step 2), the one row is returned (XXX0000F:Install Office 2003 Profession). This indicates that package XXX0000F:Install Office 2003 Professional will be installed by the ZTI process during the State Restore Phase.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Ope r ating Syste ms Us ing the Do wnload and E xecute Fea tu r e The process and scripts described in this section show how to download operating system package files to a computer’s local hard disk in advance of actual installation of the new operating system. This allows the files to be pre-staged on the computers using standard Systems Management Server or System Center Configuration Manager Advanced Client download and execute capabilities, which allow for much greater scalability (given sufficient planning). Warning The steps described in this section, in addition to the changes made by the included scripts, are not supported by Microsoft Product Support Services (PSS). Deployment teams use them at their own risk.
Systems Management Server introduced a new software distribution capability called download and execute. This feature uses the Background Intelligent Transfer Service (BITS) capabilities, which were introduced in Microsoft Windows 2000 and continued in later operating systems, to enable files to be retrieved using the Hypertext Transfer Protocol (HTTP). These file transfers can be suspended and resumed, picking up where they left off, thereby allowing for improved resiliency, especially in low-bandwidth situations. These download and execute capabilities are also useful in other situations. For example, if a large package is being installed on many computers, the package contents can be pre-cached on the computer before running the package. This is done through the appropriate configuration of an advertisement. •
The advertisement start time must be set to an appropriate time in the future.
•
The mandatory execution date must be set to a time after the advertisement start time.
When the Advanced Client encounters an advertisement with a future mandatory execution time, it automatically begins downloading the files required for that advertisement as soon as the advertisement start time is reached. If enough time is allowed between the advertisement start time and the mandatory execution time, a large number of computers could be able to cache the full package content. This allows that same large number of computers to execute the package at the same time without any adverse effect on the network. Because operating system packages are significantly larger than most packages Systems Management Server and System Center Configuration Manager typically deploy, this capability could be extremely advantageous as long as the following limitations are acknowledged: •
The client computers must have enough disk space. The computers must be able to hold the original operating system files, the user state backup (optionally, because it could be stored on the network), and the complete operating system package. The Advanced Client cache size must also be increased so that it is large enough to hold the complete operating system package, which could be gigabytes (GB) in size.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
•
Microsoft Deployment Toolkit 2008
The impact on the network must still be considered. All Advanced Client computers will begin downloading the content as soon as the advertisement start time is reached. If too many computers are specified in the collection or an advertisement start time is specified that occurs at an inappropriate time (for example, in the middle of the work day), the network and servers could be overloaded. Although this would not cause any problems with the operating system deployment package, it would likely cause other operational problems (for example, slow e-mail access, slow Internet access, or slow delivery of other packages).
Note Proper testing and impact analysis are required. These activities are beyond the scope of this guide.
To use download and execute with operating system packages and advertisements, first make modifications to the operating system programs and advertisements directly using the Systems Management Server or System Center Configuration Manager application programming interfaces (APIs), because the applications’ administrative consoles specifically prohibit these modifications. The remainder of this section describes how to make those modifications.
Configuration Process Perform the following configuration activities before using download and execute: •
Define collections that contain only the computers that meet the requirements. For example, it might be appropriate to select only the computers running Windows 2000 or later with at least 2 GB of free disk space (assuming all of those computers meet the requirements for the operating system package being deployed, such as processor speed and memory).
•
Configure the Advanced Client cache size so that there is enough capacity to store the operating system package.
•
Configure the operating system program and advertisement being used to deploy the operating system package to the collection of computers defined in the previous activity.
Define Collections Because not all computers will have enough disk space to cache the complete operating system package, create a computer collection that contains only those that can. This can be done using the following steps within Systems Management Server or System Center Configuration Manager. To define a collection 1. Create a new collection called Deploy Windows XP with Download and Execute (or some other suitable name). 2. On the Membership tab of the collection properties, click the cylinder icon to create a new query rule named Windows 2000 with sufficient disk space (or some other suitable name). 3. Edit the query statement to select only the computers running Windows 2000 and that have more than 2 GB of free disk space. Note Assuming that the operating system package is at most 1.5 GB, allow about 500 megabytes (MB) for scratch space and day-to-day functionality.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
35
The query rule should look similar to that shown in Figure 1.
Figure 1. Example query rule Or, looking at the query language, the rule should look like that in Figure 2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Figure 2. Example query language The exact requirements will vary for each organization. Be sure to verify that the collection contains the appropriate results before continuing with the following steps.
Configure Advanced Client Computers Typically, an Advanced Client computer is configured with a cache size of 256 MB to 512 MB. This cache is not sufficient for most operating system packages, which can range in size from 500 MB to several gigabytes. To support these packages, the maximum size of the cache must be increased. To increase a computer's cache size 1. Create a directory that contains a Microsoft Visual Basic® Scripting Edition (VBScript) script that changes the cache size. 2. Use this directory to create a new package. In this package, create a program that runs the VBScript script. Push this package to all Systems Management Server distribution points. 3. Distribute this script to the collection of computers defined in the previous section by creating a mandatory advertisement for the new package. (This package must run before the operating system package.) The VBScript code shown in Listing 14 is required to change the cache size.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
37
Listing 14. VBScript Code Required to Change the Cache Size Set ui = CreateObject("UIResource.UIResourceMgr") Set cacheInfo = ui.GetCacheInfo cacheInfo.TotalSize = 2000 ' Change maximum size to 2GB (approx) Note that the script needs to make the cache size bigger than what is required for the operating system package alone. In this example, assume the previous cache size was 500 MB and the operating system package is 1,500 MB (or 1.5 GB); this script makes the new cache size big enough to hold the 500 MB of existing content and the new 1.5 GB operating system package. This allows other packages to reside in the cache at the same time, which might be required depending on how long the operating system package is present in the cache (which in turn depends on the difference between the advertisement start date and the mandatory advertisement date) and how many other mandatory packages have recently run or will soon run from the cache.
Configure Operating System Programs and Advertisements To enable an operating system package to support download and execute, first create the operating system package using standard steps: capture a Windows Imaging Format (WIM) file, create the package from that file, define an operating system program with the necessary settings and custom actions, and so on. Also create an advertisement for this package, but do not yet target the full collection. Instead, target an empty collection; this collection can be used for testing purposes. When testing is complete, a new advertisement can be created for the full collection (be very careful to specify the appropriate advertisement start time and mandatory advertisement time). Microsoft has provided two scripts to enable download and execute support: •
ZTICache.vbs. This script is used as an interface for the program executable, Osdlaunch.exe. It ensures that the cached package content is moved to a safe location, C:\Minint\PackageSource, before running Osdlaunch.exe. It also protects this content so that Osdlaunch.exe cannot remove it during its normal cleanup of the C:\Minint directory structure.
•
ZTICacheUtil.vbs. This script makes API calls to modify existing operating system program and advertisement objects to enable ZTICache.vbs, and to enable download and execute on the advertisement. Note that administrators cannot see these modifications in the administrator console; the console continues to show that Run from distribution point is enabled, even when Download from distribution point has been configured.
These files should be copied to an accessible location on the server (for example, \\Server1\ZTI) where the administrator console can access them using a Universal Naming Convention (UNC) path. To make the necessary changes, the ZTICache.vbs script must first be added as a required file to an existing custom action (for example, the MDT 2008 Zero Touch Installation—Validation custom action). Doing this causes the file to be included in the package directory (required, because this script is executed when the operating system program is first started by the advertisement). When the file is added, all distribution points for the package must be updated.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
After the ZTICache.vbs script has been added, the operating system program and advertisement objects can be modified using the ZTICacheUtil.vbs script. Listing 15 shows how to use the script to enable download and execute on advertisement XXX20001; this also causes the associated operating system program to be modified to run ZTICache.vbs. Listing 15. Command to Run ZTICacheUtil.vbs cscript.exe ZTICacheUtil.vbs /server:SERVER1 /advertisement:XXX20001 /enable:true Output similar to Listing 16 is produced. Listing 16. Example Output from Running ZTICacheUtil.vbs Microsoft (R) Windows Script Host Version 5.6 Copyright (C) Microsoft Corporation 1996-2001. All rights reserved. Connecting to SMS provider server SERVER1 and site MTN. Retrieving advertisement object for advertisement XXX20001. Enabled download and execute on advertisement XXX20001. Retrieving program object for package XXX00001 and program Install XP. Enabled ZTICache.vbs on package XXX00001 program Install XP. Be sure to include ZTICache.vbs in the OS package by including it as a required file on at least one custom action. OS Package ID: OS Package Name: OS Program Name: OS Program command line: OS Program cache enabled: OS Advertisement ID: OS Advertisement flags: Download enabled:
XXX00001 XP Master Install XP wscript //b ZTICache.vbs True XXX20001 48 True
Remember that modifying the operating system program affects all advertisements that use this program, so modify only a program that is being used solely for download and execute support. This might require creating a second program on the operating system package. To undo the changes made to support download and execute, reconfigure both the advertisement and the operating system program, as shown in Listing 17 (substituting the appropriate advertisement ID, package ID, and program name). Listing 17. Undoing Changes Made to Support Download and Execute cscript.exe ZTICacheUtil.vbs /server:SERVER1 /package:XXX00001 /program:"Install XP" /enable:false cscript.exe ZTICacheUtil.vbs /server:SERVER1 /advertisement:XXX20001 /enable:false
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
39
For more information about ZTICacheUtil.vbs, run the script with no parameters. It will display a usage statement, in addition to information about every operating system package, program, and advertisement currently defined on the specified Systems Management Server or System Center Configuration Manager server. When download and execute has been enabled on an operating system program and advertisement, it must be tested. This can be done by adding one or more computers (preferably test computers) to the empty collection previously created. When satisfied with the results, create an advertisement for the main query-based collection. Be careful to specify an appropriate future time for the advertisement start date; ideally, this is a time when clients would not notice the network impact (for example, Friday at midnight). Also, remember that clients do not begin downloading the content until the advertisement is mandatory, so add an appropriate mandatory assignment date.
Scripts Used in This Process Microsoft Corporation hopes that the following sample scripts (ZTICacheUtil.vbs in Listing 18 and ZTICache.vbs in Listing 19) are valuable. Use of the sample scripts, however, is at the deployment team's sole risk. The sample scripts are provided as is, without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title, or noninfringement. Microsoft Corporation shall not be liable for any damages that might be sustained by using the sample scripts, whether direct, indirect, special, incidental, or consequential, even if it has been advised of the possibility of such damages.
Source Code for ZTICacheUtil.vbs Listing 18 contains the source code to ZTICacheUtil.vbs. Copy and paste the code listed in Listing 18 to a text editor and save it as ZTICacheUtil.vbs. Listing 18. Source Code to ZTICacheUtil.vbs '//-------------------------------------------------------------'// '// '// File: ZTICacheUtil.vbs '// '// Input: none '// '// Return: 0 = Success, anything else indicates failure '// '// Purpose: By default, the OS Deployment Feature Pack does '// not support "download and execute" with OS packages. This '// script enables that support in two ways: '// '// 1. By modifying the OSD advertisement to enable "download '// and execute". By default, the Administrator Console '// will prevent this. (Even after the script changes this '// through the APIs, the GUI will still show that it is not '// enabled.) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
'// '// 2. By modifying the OSD program to run the ZTICache.vbs '// script which ensures that the locally-cached OSD package '// files are kept in a safe location, '// C:\MININT\PackageSource. (This can be done even without '// enabling "download and execute" on the OSD '// advertisement; in this case, the ZTICache.vbs script '// will copy the OSD package files from the distribution '// point directly to C:\MININT\PackageSource. See the '// ZTICache.vbs script for more details.) '// '// This script is driven by command-line parameters. It '// assumes that the script is being run by someone with the '// necessary permissions to modify package, program, and '// advertisement objects. It also assumes that the user '// knows the package ID, program name, and advertisement ID '// of the objects that they want to modify, as well as the '// server name of the site owning those objects. '// '// This script also requires Windows Scripting Host 5.6. '// '//-------------------------------------------------------------' Initialization Set sh = CreateObject("WScript.Shell") Set argsNamed = WScript.Arguments.Named Set oLocator = CreateObject("WbemScripting.SWbemLocator")
' Get parameters sServer = UCase(argsNamed("server")) sPackage = UCase(argsNamed("package")) sProgram = argsnamed("program") sAdvertisement = UCase(argsNamed("advertisement")) sEnable = UCase(argsNamed("enable")) If argsNamed.Count = 0 then WScript.Echo "" WScript.Echo "USAGE:" WScript.Echo "" Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
41
WScript.Echo WScript.ScriptName & " [/server:<serverName>] [/package:<packageID>]" &_ " [/program:<programName>] [/advertisement:
WScript.Echo "" WScript.Echo "Options:" WScript.Echo VBTAB & "/server: (Default=This server)." WScript.Echo VBTAB & "/package: (Default=Null)." WScript.Echo VBTAB & "/program: (Default=null)." WScript.Echo VBTAB & "/advertisement: (Default=null)."
SMS/SCCM server name OS package ID OS program name OS advertisement ID
WScript.Echo "" WScript.Echo "Examples:" WScript.Echo "" WScript.Echo WScript.ScriptName & " /advertisement:XXX20001 /enable:true" WScript.Echo WScript.ScriptName & " /package:XXX00001 /program:""Install XP"" /enable:true" WScript.Echo "" End if
' Connect to SMS/SCCM provider Set oServices = oLocator.ConnectServer(sServer, "root\sms") Set oProviderLocation = oServices.ExecQuery("select * from SMS_ProviderLocation where ProviderForLocalSite = 1") For Each o In oProviderLocation sProviderServer = o.Machine sProviderSite = o.SiteCode Next Set oServices = Nothing WScript.Echo "Connecting to SMS provider server " & sProviderServer &_ " and site " & sProviderSite & "." Set oServices = oLocator.ConnectServer(sProviderServer, "root\sms\site_" &_ Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit 2008
sProviderSite)
' See what we need to do If sAdvertisement <> "" then ' Get the specified advertisement WScript.Echo "Retrieving advertisement object for advertisement " &_ sAdvertisement & "." Set oAdvert = oServices.Get("SMS_Advertisement.AdvertisementID='" &_ sAdvertisement & "'")
' Modify the program as appropriate. Select Case sEnable Case "YES", "TRUE" If oAdvert.RemoteClientFlags <> 48 then oAdvert.RemoteClientFlags = 48 oAdvert.Put_ WScript.Echo "Enabled download and execute on advertisement " &_ sAdvertisement & "." ' Force the package and program to be checked if no other values were specified. If sPackage = "" and sProgram = "" then sPackage = oAdvert.PackageID sProgram = oAdvert.ProgramName End if End if Case Else If oAdvert.RemoteClientFlags <> 40 then oAdvert.RemoteClientFlags = 40 oAdvert.Put_ WScript.Echo "Disabled download and execute on advertisement " &_ sAdvertisement & "." End if Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
43
End Select End if If sPackage <> "" and sProgram <> "" then ' Get the specified program WScript.Echo "Retrieving program object for package " & sPackage &_ " and program " & sProgram & "." Set oProgram = oServices.Get("SMS_Program.PackageID='" & sPackage &_ "',ProgramName='" & sProgram & "'")
' Modify the program as appropriate. Select Case sEnable Case "YES", "TRUE" If oProgram.CommandLine <> "wscript //b ZTICache.vbs" then oProgram.CommandLine = "wscript //b ZTICache.vbs" oProgram.Put_ WScript.Echo "Enabled ZTICache.vbs on package " & sPackage &_ " program " & sProgram & "." WScript.Echo "Be sure to include ZTICache.vbs in the OS package by including it as a" WScript.Echo "required file on at least one custom action." End if Case Else If oProgram.CommandLine <> "osdlaunch.exe" then oProgram.CommandLine = "osdlaunch.exe" oProgram.Put_ WScript.Echo "Disabled ZTICache.vbs on package " & sPackage &_ " program " & sProgram & "." End if End Select End if Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit 2008
' Finally, report on the current state Set oPackages = oServices.ExecQuery("select * from SMS_Package where ImageFlags = 1") For each oPackage in oPackages WScript.Echo " " WScript.Echo "OS Package ID: oPackage.PackageID WScript.Echo "OS Package Name:
" & " & oPackage.Name
Set oPrograms = oServices.ExecQuery("select * from SMS_Program where PackageID = '" &_ oPackage.PackageID & "'") For each oProgram in oPrograms WScript.Echo " OS Program Name: " & oProgram.ProgramName WScript.Echo " OS Program command line: " & oProgram.CommandLine If Instr(oProgram.CommandLine, "ZTICache.vbs") > 0 then bEnabled = true Else bEnabled = false End if WScript.Echo " OS Program cache enabled: " & bEnabled Set oAdverts = oServices.ExecQuery("select * from SMS_Advertisement where PackageID = '" &_ oProgram.PackageID & "' and ProgramName = '" & oProgram.ProgramName & "'") For each oAdvert in oAdverts WScript.Echo " OS Advertisement ID: " & oAdvert.AdvertisementID WScript.Echo " OS Advertisement flags: " & oAdvert.RemoteClientFlags If oAdvert.RemoteClientFlags = 48 then bDownloadEnabled = true Else bDownloadEnabled = false End if WScript.Echo " Download enabled: " & Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
45
bDownloadEnabled
' Sanity check If bDownloadEnabled and (not bEnabled) then WScript.Echo " " WScript.Echo "Warning: ZTICache.vbs must be enabled on " &_ oPackage.PackageID & " and " & oProgram.ProgramName WScript.Echo "in order for download and execute to be successful for advertisement " &_ oAdvert.AdvertisementID & "." WScript.Echo " " End if Next Next Next
' Cleanup Set oServices = Nothing
Source Code for ZTICache.vbs Listing 19 contains the source code to ZTICache.vbs. Copy and paste the code in Listing 19 to a text editor and save it as ZTICache.vbs. Listing 19. Source Code to ZTICache.vbs '//-------------------------------------------------------------'// '// '// File: ZTICache.vbs '// '// Input: none '// '// Return: Return code from OSDLaunch.exe (0 = Success) '// '// Purpose: By default, the OS Deployment Feature Pack does '// not support "download and execute" with OS packages. This Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
'// script is designed to enable this by moving or copying the '// OS package files to a safe location on the hard drive, '// C:\MININT\PackageSource, where they will not be removed when '// OSD cleans the hard drive. After doing this, it will run '// OSDLaunch.exe to kick off the normal OSD process. But '// because OSDLaunch "cleans" the C:\MININT directory when it '// starts, the script must also protect the contents of the '// C:\MININT\PackageSource directory. It does this by opening '// all the files in the directory, which prevents their '// deletion because they are in use. If the OSD advertisement '// has been set to enable "download and execute", the package '// files (and this script) will be in the SMS advanced client '// cache directory '// (typically %WINDIR\System32\ccm\cache\<package>"). '// In order to prevent there being two copies of the files on '// the hard drive, the files are moved to '// C:\MININT\PackageSource instead of copied. '// '// If this script is run on an NT 4.0 workstation (through the '// same OSD advertisement), "download and execute" is not '// available. However, the script will still copy the files to '// the hard drive before initiating the OSD process. This at '// least enables some of the benefits of download and execute '// for NT 4.0 client. '// '// This script is inserted into an existing OSD program by the '// ZTICacheUtil.vbs script. See that script for further '// information. This script must be added to one of the OSD '// custom actions as a required file so that it is included in '// the OSD package files. After doing this, the distribution '// points need to be updated. '// '//-------------------------------------------------------------' Initialization Set fso = CreateObject("Scripting.FileSystemObject") Set sh = CreateObject("WScript.Shell")
' Find the directory we are running from - that's the source. sCacheDir = fso.GetParentFolderName(WScript.ScriptFullName) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Download and Execute Feature
47
' Create the OSD directory structure If not fso.FolderExists("C:\MININT") then fso.CreateFolder "C:\MININT" End if If fso.FolderExists("C:\MININT\PackageSource") then fso.DeleteFolder "C:\MININT\PackageSource", true End if fso.CreateFolder "C:\MININT\PackageSource"
' If we are running from a local path, move the contents to the PackageSource directory. ' Otherwise, just copy it. (When running from a local path, SMS must have already copied ' the files locally using BITS.) If Left(sCacheDir,2) = "\\" then fso.CopyFile sCacheDir & "\*.*", "C:\MININT\PackageSource\", True sh.LogEvent 0, "Copied files in " & sCacheDir For each f in fso.GetFolder(sCacheDir).Subfolders sh.LogEvent 0, "Copying folder " & f.Path fso.CopyFolder f.Path, "C:\MININT\PackageSource\", true Next Else fso.MoveFile sCacheDir & "\*.*", "C:\MININT\PackageSource\" sh.LogEvent 0, "Moved files in " & sCacheDir For each f in fso.GetFolder(sCacheDir).Subfolders sh.LogEvent 0, "Moving folder " & f.Path fso.MoveFolder f.Path, "C:\MININT\PackageSource\" Next End if
' Log the count of files in the folder sh.LogEvent 0, "Files in C:\MININT\PackageSource folder: " &_ fso.GetFolder("C:\MININT\PackageSource").Files.Count
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
' Because OSDLaunch will "clean up" the C:\MININT directory, we need to keep the package ' source files from being deleted in the process. Open each one of them and keep them open ' until OSDLaunch.exe completes. sh.LogEvent 0, "Opening C:\MININT\PackageSource files" Set oFiles = CreateObject("Scripting.Dictionary") For each f in fso.GetFolder("C:\MININT\PackageSource").Files Set oFile = fso.OpenTextFile(f, 1) oFiles.Add f, oFile Next For each s in fso.GetFolder("C:\MININT\PackageSource").SubFolders For each f in s.Files Set oFile = fso.OpenTextFile(f, 1) oFiles.Add f, oFile Next Next
' Run OSDLaunch.exe from the new directory. It will try to clean up C:\MININT, but the ' open files will keep that from causing problems. OSDLaunch will then install OSDAgent ' as a service and that will drive the rest of the process. sh.LogEvent 0, "Setting working directory" sh.CurrentDirectory = "C:\MININT\PackageSource" sh.LogEvent 0, "Running OSDLaunch" rc = sh.Run("OSDLaunch.exe", 0, true) sh.LogEvent 0, "Return code from OSDLaunch = " & rc
' Quit with the return code from OSDLaunch. automatically be closed.
The files will
WScript.Quit rc
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Ope r ating Syste ms Us ing Sys tem Cen ter Con figu r ation Mana ger System Center Configuration Manager provides the tools needed to create operating system images for deploying to computers managed by System Center Configuration Manager, and to unmanaged computers using bootable media such as CD or DVD. The deployment image, a WIM file, contains the version of the Windows operating system to be deployed and can include any applications that need to be installed on the computer. System Center Configuration Manager is designed to be the primary means to deploy operating systems for both server and client platforms. It builds upon the best features from the SMS 2003 OSD Feature Pack to enhance the way operating system deployments are managed. Another important deployment feature of System Center Configuration Manager is the integrated Task Sequencer. Although many similarities exist between Systems Management Server and System Center Configuration Manager, there is one major difference: using System Center Configuration Manager, administrators no longer need to write scripts for deploying or capturing operating system images. Additionally, by taking advantage of the Task Sequencer, the operating system deployment process becomes completely hands-off. For more information about operating system deployment and the Task Sequencer, see Overview of Operating System Deployment at http://technet.microsoft.com/en-us/library/bb694101.aspx.
Deploy Operating System Images to a Computer Use this procedure to deploy an operating system image to a target computer. When deploying an operating system, the target computer should have the same architecture as the boot image that is contained in the operating system image. To complete the operating system deployment successfully, also create a System Preparation Tool (Sysprep) directory on the reference computer hard disk. For specific guidance, see How to Deploy Operating System Images to a Computer at http://technet.microsoft.com/enus/library/bb632559.aspx.
Deploy an Operating System Image to a New Computer Using Boot Media Use System Center Configuration Manager to deploy an operating system image to a new computer or a computer that is new to the System Center Configuration Manager site. For specific guidance, see How to Deploy an Operating System Image to a New Computer Using Boot Media at http://technet.microsoft.com/enus/library/bb694215.aspx. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
50
Microsoft Deployment Toolkit 2008
Deploy an Operating System Image to an Offline Computer An operating system may have to be deployed to a computer that is not connected to the network or to a computer that is connected by a low-bandwidth connection. Use System Center Configuration Manager to create offline installation media that perform the installation. For specific guidance, see How to Deploy an Operating System Image to an Offline Computer at http://technet.microsoft.com/en-us/library/bb681017.aspx.
Create Stand-Alone Media Stand-alone media can be created from which to run an operating system image deployment. The stand-alone media will contain all necessary data to run the specified operating system deployment task sequences without requiring a connection to a System Center Configuration Manager site. Stand-alone media will operate regardless of whether a System Center Configuration Manager client is installed on the target computer, and they will operate without communicating with a System Center Configuration Manager server infrastructure, such as a management point or distribution point. For specific guidance, see How to Create Stand-alone Media at http://technet.microsoft.com/enus/library/bb632784.aspx.
Create a Computer Association for a Side-by-Side Migration A computer association creates a relationship between a source and destination computer for the side-by-side migration of user state data. The source computer is an existing computer that is managed by System Center Configuration Manager and that contains the user state data and settings to be migrated to a specified destination computer. Also a computer association can be created when importing new computers into the System Center Configuration Manager database using the Import Computer Information Wizard. For specific guidance, see How to Create a Computer Association for a Side-by-Side Migration at http://technet.microsoft.com/enus/library/bb680730.aspx.
Initiate Operating System Image Deployments Using PXE Use the Pre-Boot Execution Environment (PXE) protocol to initiate operating system deployments to System Center Configuration Manager computers and servers. Use the following tasks to perform PXE-initiated operating system deployments: •
How to Configure the PXE Service Point at http://technet.microsoft.com/enus/library/bb680668.aspx
•
How to Deploy an Operating System Image using PXE at http://technet.microsoft.com/en-us/library/bb694069.aspx
•
PXE Deployment Workflow at http://technet.microsoft.com/enus/library/bb693705.aspx
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment Scenari o The main purpose of LTI is to automate the deployment process as much as possible. Although ZTI provides full deployment automation using the MDT 2008 scripts, the SMS 2003 OSD Feature Pack, and Windows Deployment Services, LTI is designed to work with fewer infrastructure requirements. The Windows Deployment Wizard used in the LTI deployment process can be automated to reduce (or eliminate) the wizard pages that are displayed. The entire Windows Deployment Wizard can be skipped by specifying the SkipWizard property in CustomSettings.ini. To skip individual wizard pages, use the following properties: •
SkipAdminPassword
•
SkipApplications
•
SkipAppsOnUpgrade
•
SkipBDDWelcome
•
SkipBitLocker
•
SkipBitLockerDetails
•
SkipTaskSequence
•
SkipCapture
•
SkipComputerBackup
•
SkipComputerName
•
SkipDeploymentType
•
SkipDomainMembership
•
SkipFinalSummary
•
SkipLocaleSelection
•
SkipPackageDisplay
•
SkipProductKey
•
SkipSummary
•
SkipTimeZone
•
SkipUserData
For more information about these individual properties, see the corresponding property in the MDT 2008 document, Toolkit Reference. For each wizard page skipped, provide the values for the corresponding properties that are normally collected through the wizard page in the CustomSettings.ini and BootStrap.ini files. For more information about the properties that must be configured in CustomSettings.ini and BootStrap.ini, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” in the MDT 2008 document, Toolkit Reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment for Refr esh Co mpute r Scenario Listing 20 illustrates a CustomSettings.ini file used for a Refresh Computer scenario to skip all Windows Deployment Wizard pages. In this sample, the properties to provide when skipping the wizard page are immediately beneath the property that skips the wizard page. Note
The properties used to skip wizard pages are in bold type in the listing.
Listing 20. CustomSettings.ini File for a Refresh Computer Scenario [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac /lae SkipAppsOnUpgrade=Yes SkipCapture=Yes SkipAdminPassword=YES SkipProductKey=YES SkipDeploymentType=Yes DeploymentType=REFRESH SkipDomainMembership=Yes JoinDomain=DomainName DomainAdmin=Administrator DomainAdminDomain=DomainName DomainAdminPassword= SkipUserData=yes UserDataLocation=AUTO UDShare=\\Servername\Sharename\Directory UDDir=%ComputerName% SkipComputerBackup=yes ComputerBackuplocation=AUTO Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Fully Automated LTI Deployment
53
BackupShare=\\Servername\Backupsharename BackupDir=%ComputerName% SkipTaskSequence=Yes TaskSequenceID=Enterprise SkipComputerName=Yes ComputerName=%ComputerName% SkipPackageDisplay=Yes LanguagePacks1={3af4e3ce-8122-41a2-9cf9-892145521660} LanguagePacks2={84fc70d4-db4b-40dc-a660-d546a50bf226} SkipLocaleSelection=Yes UILanguage=en-US UserLocale=en-CA KeyboardLocale=0409:00000409 SkipTimeZone=Yes TimeZoneName=China Standard Time SkipApplications=Yes Applications1={a26c6358-8db9-4615-90ff-d4511dc2feff} Applications2={7e9d10a0-42ef-4a0a-9ee2-90eb2f4e4b98} UserID=Administrator UserDomain=DomainName UserPassword=P@ssw0rd SkipBitLocker=Yes SkipSummary=Yes Powerusers1=DomainName\Username
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment for Up g r ade C ompu ter Scenar io Listing 21 illustrates a CustomSettings.ini file used for an Upgrade Computer scenario to skip all Windows Deployment Wizard pages. In this sample, the SkipWizard property is used to skip all the Windows Deployment Wizard pages. The properties that follow the SkipWizard property are required by the LTI process to complete the upgrade. Note
The property that is used to skip the wizard pages is in bold type in the listing.
Listing 21. CustomSettings.ini File for an Upgrade Computer Scenario [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac /lae SkipWizard=Yes DeploymentType=UPGRADE
TaskSequenceID=Enterprise ComputerName=%ComputerName% LanguagePacks1={3af4e3ce-8122-41a2-9cf9-892145521660} LanguagePacks2={84fc70d4-db4b-40dc-a660-d546a50bf226} UILanguage=en-US UserLocale=en-CA KeyboardLocale=0409:00000409 TimeZoneName=Canada Central Standard Time Applications1={a26c6358-8db9-4615-90ff-d4511dc2feff} Applications2={7e9d10a0-42ef-4a0a-9ee2-90eb2f4e4b98} UserID=Administrator UserDomain=DomainName UserPassword=P@ssw0rd Powerusers1=DomainName\Username
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ful l y A ut oma ted L TI D ep lo yment for Ne w Co mpute r Scenar io Listing 22 illustrates a CustomSettings.ini file used for a New Computer scenario to skip all Windows Deployment Wizard pages. In this sample, the properties to provide when skipping the wizard page are immediately beneath the property that skips the wizard page. Note
The properties that are used to skip wizard pages are in bold type in the listing.
Listing 22. CustomSettings.ini File for a New Computer Scenario [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac /lae SkipAppsOnUpgrade=Yes SkipCapture=YES ComputerBackupLocation=\\ServerName\Backup$\ BackupFile=MyCustomImage.wim SkipAdminPassword=YES SkipProductKey=YES SkipDeploymentType=Yes SkipDomainMembership=Yes JoinDomain=DomainName DomainAdmin=Administrator DomainAdminDomain=DomainName DomainAdminPassword=P@ssw0rd SkipUserData=Yes UserDataLocation=\\ServerName\Sharename\Directory\usmtdata SkipTaskSequence=Yes Solution Accelerators
microsoft.com/technet/SolutionAccelerators
56
Microsoft Deployment Toolkit 2008
TaskSequenceID=Enterprise SkipComputerName=Yes ComputerName=%SerialNumber% SkipPackageDisplay=Yes LanguagePacks1={3af4e3ce-8122-41a2-9cf9-892145521660} LanguagePacks2={84fc70d4-db4b-40dc-a660-d546a50bf226} SkipLocaleSelection=Yes UILanguage=en-US UserLocale=en-CA KeyboardLocale=0409:00000409 SkipTimeZone=Yes TimeZoneName=China Standard Time SkipApplications=Yes Applications1={a26c6358-8db9-4615-90ff-d4511dc2feff} Applications2={7e9d10a0-42ef-4a0a-9ee2-90eb2f4e4b98} SkipBitLocker=Yes SkipSummary=Yes Powerusers1=DomainName\Username CaptureGroups=Yes SLShare=\\ServerName\Sharename\Logs Home_page=http://www.microsoft.com/NewComputer
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ca ll ing Web Se r vices i n MDT 2008 In earlier versions of Microsoft Deployment Toolkit, rules processing was supported through CustomSettings.ini and databases, from which values could be retrieved from the local computer, typically using Windows Management Instrumentation (WMI), to make decisions on what needed to be done on each computer during deployment. In addition, SQL queries and stored procedure calls could be made to retrieve additional information from external databases. There were challenges with that approach, though, especially with making secure SQL connections. To help with this problem, MDT 2008 has the ability to make Web service calls based on simple rules defined in CustomSettings.ini. These Web service requests do not require any special security context and can use whatever TCP/IP port is needed to simplify firewall configurations. Listing 23 shows how to configure CustomSettings.ini to call a particular Web service. In this scenario, the Web service is chosen at random from an Internet search. It takes a postal code as input and returns the city, state, area code, and time zone (as a letter) for the specified postal code. Listing 23. CustomSettings.ini File to Call a Particular Web Service Scenario [Settings] Priority=Default, USZipService Properties=USZip, City, State, Zip, Area_Code, Time_Zones [Default] USZip=98052 [USZipService] WebService=http://www.webservicex.net/uszip.asmx/GetInfoByZIP Parameters=USZip Executing this code produces output similar to Listing 24. Listing 24. CustomSettings.ini File to Call a Particular Web Service Output Added new custom property USZIP Added new custom property CITY Added new custom property STATE Added new custom property ZIP Added new custom property AREA_CODE Added new custom property TIME_ZONES Using from [Settings]: Rule Priority = DEFAULT, USZIPSERVICE ------ Processing the [DEFAULT] section -----Property USZIP is now = 98052 Using from [DEFAULT]: USZIP = 98052 ------ Processing the [USZIPSERVICE] section -----Using COMMAND LINE ARG: Ini file = CustomSettings.ini CHECKING the [USZIPSERVICE] section About to execute web service call to http://www.webservicex.net/uszip.asmx/GetInfoByZIP: USZip=98052 Response from web service: 200 OK Successfully executed the web service.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
58
Microsoft Deployment Toolkit 2008
Property CITY is now = Redmond Obtained CITY value from web service: CITY = Redmond Property STATE is now = WA Obtained STATE value from web service: STATE = WA Property ZIP is now = 98052 Obtained ZIP value from web service: ZIP = 98052 Property AREA_CODE is now = 425 Obtained AREA_CODE value from web service: AREA_CODE = 425 ------ Done processing CustomSettings.ini ------
There are a few minor complications to watch for when running a Web service: •
Don’t do anything special with proxy servers. If there is an anonymous proxy present, use it, but authenticating proxies could cause problems. In most cases, a Web service will not be called.
•
CustomSettings.ini or ZTIGather.xml searches for properties defined in the XML that is returned as a result of the Web service call (just as with a database query or other rule). However, the XML search is case-sensitive. Fortunately, the Web service described here returns all uppercase property names, which is what ZTIGather expects. It is possible to remap lowercase or mixed-case entries to get around this.
•
A POST request to the Web service is recommended, so the Web service call needs to be able to support a POST.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Connec ting to Net wor k Resour ces During LTI and ZTI deployment processes, members of the deployment team might require access to a network resource on a server different from the server hosting the deployment point. Team members must be authenticated on the other server so that they can access shared folders or services there. For example, team members might want to install an application from a shared folder on a server other than the server hosting the deployment point that the MDT 2008 scripts use. Note To query SQL Server databases hosted on a server other than the server hosting the deployment point, see the Database, DBID, DBPwd, Instance, NetLib, Order, Parameters, ParameterCondition, SQLServer, SQLShare, and Table properties in the MDT 2008 document, Toolkit Reference.
Using the ZTIConnect.wsf script, connect to other servers and access resources on them. The syntax for the ZTIConnect.wsf script is as follows (where unc_path is a UNC path to connect to the server): Cscript.exe “%SCRIPTROOT%\ZTIConnect.wsf” /uncpath:unc_path In most instances, the ZTIConnect.wsf script is run as a Task Sequencer task. Run the ZTIConnect.wsf script prior to tasks requiring access to a server other than the server hosting the deployment point. To add the ZTIConnect.wsf script as a task to the task sequence of a build 1. Start Deployment Workbench. 2. In the console tree, browse to and then click Task Sequence. 3. In the details pane, right-click task_sequence (where task_sequence is the task sequence to modify), and then click Properties. 4. Click the Task Sequence tab, browse to group (where group is the group in which to run the ZTIConnec.wsf script), click Add, and then click Task. Note
Add the task before adding any tasks that require access to the target server.
5. Complete the Properties tab of the new task using the information listed in Table 12 (accept default values if none are specified), and then click Apply. Table 12. Completing the Properties Tab of the New Task In this box
Do this
Name
Type Connect to server (where server is the name of the server to which to connect).
Description
Type text that explains why the connection needs to be made.
Command
Type Cscript.exe “%SCRIPTROOT%\ZTIConnect.wsf” /uncpath:unc_path (where unc_path is the UNC path to a shared folder on the server).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
60
Microsoft Deployment Toolkit 2008
6. Complete the Options tab of the new task using the information listed in Table 13 (accept default values if none are specified), and then click OK. Table 13. Completing the Options Tab of the New Task In this box
Do this
Success codes
Type 0 3010. (The ZTIConnect.wsf script returns these codes upon successful completion.)
Conditions list box
Add any conditions that might be necessary. (In most instances this task requires no conditions.)
After adding the task that will run the ZTIConnect.wsf script, subsequent tasks can access network resources on the server specified in the /uncpath option of the ZTIConnect.wsf script.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dis tr ibu ting De vi ce D riv er s, Upd ates , and Langua ge Pac ks Us ing Sys tems Mana gement Ser ver Packa ges During the ZTI deployment process, device drivers, updates, and language packs may have to be installed for target computers at the time of operating system deployment. Typically, device drivers are configured in Deployment Workbench and are available through the MDT 2008 distribution point. However, consider creating multiple copies of the device drivers so that not all target computers are required to connect to the MDT 2008 distribution point—for example, if deploying packages to branch offices and wanting to provide a local copy of the device drivers for each branch office. For ZTI deployments, create a Systems Management Server package that contains the device drivers, and then distribute the Systems Management Server package to the Systems Management Server distribution points. This way, the target computers can access the device drivers from a local Systems Management Server distribution point. Use the same process for distributing updates and language packs. To distribute device drivers using Systems Management Server packages 1. Create a separate deployment share (Network type) deployment point using Deployment Workbench. 2. Click one application on the Applications node in Deployment Workbench. 3. Click one build on the Build node in Deployment Workbench. 4. Use Deployment Workbench to update the deployment point created in step 1. 5. Delete the folders that contain the application added in step 2 from the deployment point folder structure. 6. Delete the folders that contain the build selected in step 3 from the deployment point folder structure. 7. Create a Systems Management Server package using the UNC path to the deployment point share created in step 1. 8. Configure the ResourceRoot property in CustomSettings.ini and BootStrap.ini to use the UNC path to the Systems Management Server package created in step 7. 9. Set the value for the ResourceRoot property to be equal to the Systems Management Server package using the SMSDP environment variable as in the following example (where package_path is the UNC path to the package on the distribution point selected by the Systems Management Server Advanced Client): ResourceRoot=\\%SMSDP%\package_path For more information about the ResourceRoot property, see the section “ResourceRoot” in the MDT 2008 document, Toolkit Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
62
Microsoft Deployment Toolkit 2008
When the target computer is installed, the MDT 2008 scripts use the Systems Management Server package on the distribution point to install device drivers on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying the Co r r ect Device Dri ver s t o Co mpute r s w ith Same Ha r dwar e De vices but Dif fer en t Mak e and Mode l Variations on model numbers and names can exist with virtually no difference in the driver set. These variations in model numbers and names can unnecessarily increase time spent making multiple database entries for a given model. The following procedure shows how to define a new property using a user exit function call that returns a substring of the model number. To create model aliases 1. Create aliases for hardware types in the Make and Model sections of the Deployment Workbench database. Truncate the model type at the open parentheses “(” in the model name. For example, HP DL360 (G112) becomes HP DL360. 2. Add the custom variable ModelAlias to each section. 3. Create a new [SetModel] section. 4. Add the [SetModel] section to the Priority settings in the [Settings] section. 5. Add a line to the ModelAlias section to refer to a user exit script that will truncate the model name at the “(”. 6. Create an MMApplications database lookup where ModelAlias is equal to Model. 7. Create a user exit script and place it in the same directory as the CustomSettings.ini file to truncate the model name. Listing 25 and Listing 26 show CustomSettings.ini and the user exit script, respectively. Listing 25. CustomSettings.ini [Settings] Priority=SetModel, MMApplications, Default Properties= ModelAlias [SetModel] ModelAlias=#SetModelAlias()# Userexit=Userexit.vbs [MMApplications] SQLServer=AHSL99 Database=YOURAdminDB Netlib=DBNMPNTW SQLShare=logs Table= MakeModelSettings Parameters=Make, ModelAlias Solution Accelerators
microsoft.com/technet/SolutionAccelerators
64
Microsoft Deployment Toolkit 2008
ModelAlias=Model Order=Sequence Listing 26. User Exit Script Function UserExit(sType, sWhen, sDetail, bSkip) UserExit = Success End Function Function SetModelAlias() if Instr(oEnvironment.Item("Model"), "(") <> 0 then SetModelAlias = Left(oEnvironment.Item("Model"), Instr(oEnvironment.Item("Model"), "(") - 1) oLogging.CreateEntry "USEREXIT – ModelAlias has been set to " & SetModelAlias, LogTypeInfo else SetModelAlias = oEnvironment.Item("Model") oLogging.CreateEntry " USEREXIT - ModelAlias has not been changed." , LogTypeInfo End if End Function
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting an I ma ge o f W indo ws Ser ver 2003 R2 MDT 2008 requires all operating systems to be deployed in one image. Most Windows operating systems are stored on one disc, so there is a one-to-one correlation between the operating system source disc and the MDT 2008 image. However, Windows Server 2003 Release 2 (R2) includes two discs. MDT 2008 requires that the contents of both these discs be included in one image to work properly with MDT 2008. Create an image that contains both discs by: •
Modifying the R2comp.inf file. Use this method to select the components to be automatically installed during the operating system installation.
•
Running R2 component installation when the operating system starts for the first time. Use this method to automate the components to be installed or to manually select the components the first time the operating system starts.
Creating a Windows Server 2003 R2 Image by Modifying the R2comp.inf File To create one image that includes both discs by modifying the R2comp.inf file, do the following: •
Create an image of Windows Server 2003 (Disc 1).
•
Create the R2comp.inf file and add the Windows Server 2003 R2 installation files (Windows Server 2003 R2 Disc 2) to the image created. To create an image of Windows Server 2003 (Disc 1)
1. To start the New OS Wizard, in Deployment Workbench, click the Distribution Share node, right-click Operating Systems, and then click Next. 2. On the OS Type page, click Full set of source files, and then click Next. 3. When prompted for the location of the source directory that contains the operating system installation files, insert Windows Server 2003 R2 Disc 1 in the CD-ROM drive, and then click Next. Note Microsoft supports only the use of Microsoft media when creating a client operating system image. The use of non-Microsoft media is not supported.
4. Type the path that contains the files to be added to the distribution share, and then click Next. 5. Type a description of the operating system image; for example, Windows-Server2003. 6. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
66
Microsoft Deployment Toolkit 2008
To create the R2comp.inf file and add the Windows Server 2003 R2 installation files (Disc 2) to the image 1. Go to the image created in the previous section. The image will be located in drive:\Distribution\Operating Systems\ImageName; for example, E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition. 2. In this folder, create two sub folders: $OEM$ and Cmpnents. For example, the following folders should exist: •
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition\i386
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \$OEM$
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \Cmpnents
3. In the $OEM$ folder, create the folder $OEM$\$1\R2. 4. In the $OEM$\$1\R2 folder, create a file named R2comp.inf. 5. In R2comp.inf, create a [Version] section, and then create a [Components] section that lists the components to install. For example, the code in Listing 27 installs Active Directory Application Mode (ADAM) and Common Log File System (CLFS). Listing 27. R2comp.inf Script Sample [Version] Signature = "$Windows NT$" [Components] ADAM=on CLFS=on Note For a complete list of the components that can be installed, see Deploy.chm, located in the \Docs folder of Windows Server 2003 R2 Disc 2.
6. Copy the contents of the Cmpnents folder from Disc 2 to the folder created in step 2. For example, E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \Cmpnents. 7. Create a task sequence that includes this operating system image.
Creating a Windows Server 2003 R2 Image by Running R2 Component Installation at Startup To create one image that includes both discs by running the R2 component installation the first time the operating system starts, do the following: •
Create an image of Windows Server 2003 (Disc 1).
•
Add the Windows Server 2003 R2 installation files (Windows Server 2003 R2 Disc 2) to the image created.
•
Create a batch file that runs the R2 component installation the first time the operating system starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Creating an Image
67
To create an image of Windows Server 2003 (Disc 1) 1. To start the New OS Wizard, in Deployment Workbench, click the Distribution Share node, right-click Operating Systems, and then click Next. 566.On the OS Type page, click Full set of source files, and then click Next. 567.When prompted for the location of the source directory that contains the operating system installation files, insert Windows Server 2003 R2 Disc 1 in the CD-ROM drive, and then click Next. Note Microsoft supports only the use of Microsoft media when creating a client operating system image. The use of non-Microsoft media is not supported.
568.Type the path that contains the files to be added to the distribution share, and then click Next. 569.Type a description of the operating system image; for example, Windows-Server2003. 570.Click Finish. To add the Windows Server 2003 R2 installation files (Disc 2) to the image 1. Go to the image created in the previous section. The image will be located in drive:\Distribution\Operating Systems\ImageName; for example, E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition. 571.In this folder, create two sub folders: $OEM$ and Cmpnents. For example, the following folders should exist: •
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition\i386
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \$OEM$
•
E:\Distribution\Operating Systems\Windows-Server-2003 Standard Edition \Cmpnents
572.In the $OEM$ folder, create the folder $OEM$\$1\R2. 573.Copy the contents of the Cmpnents folder from Disc 2 to the Cmpnents folder created in step 2—for example, E:\Distribution\Operating Systems\Windows-Server2003 Standard Edition\Cmpnents. To create a batch file that runs the R2 component installation the first time the operating system starts 1. In the $OEM$\$1\R2 folder, create a file named InstallR2.cmd that includes the following text: reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup /v SourcePath /t REG_SZ /d C:\Windows\Source\i386 /f reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup /v ServicePackSourcePath /t REG_SZ /d C:\R2\CMPNENTS\R2 /f C:\R2\CMPNENTS\R2\setup2.exe /q /a /sr When completed, the InstallR2.cmd file should contain three lines. The first two lines begin with reg, and the last line begins with C:\R2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
68
Microsoft Deployment Toolkit 2008
574.Create a task sequence to deploy the operating system and modify the [GUIRunOnce] section in the Unattend.txt file for the task sequence as follows: GUIRunOnce] "C:\R2\InstallR2.cmd" "cscript.exe C:\MININT\Scripts\LiteTouch.wsf /start" "cscript.exe D:\MININT\Scripts\LiteTouch.wsf /start" "cscript.exe E:\MININT\Scripts\LiteTouch.wsf /start" "cscript.exe F:\MININT\Scripts\LiteTouch.wsf /start". When the MDT 2008 deployment process finishes and the operating system starts for the first time, the R2 Component Installation Wizard starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying Ad dit iona l Mas s Stor age D river s f or W indo ws XP and W indo ws Se r ver 2003 When an operating system is released, a large percentage of the existing hardware does not require additional mass storage drivers. However, after release, any new hardware released might require new drivers. Because Windows XP and Windows Server 2003 were released some time ago, system administrators and the deployment team must consider the need for additional mass storage. To accommodate the installation or deployment of Windows XP or Windows Server 2003 on a wider variety of hardware platforms, MDT 2008 supports unattended installation of mass storage devices. In the past, system administrators had to perform additional manual steps during this process. This manual process was time-consuming and prone to error. Note Windows Vista and Windows Server 2008 do not require any special processing for mass storage drivers, because the drivers can be easily injected. For these operating systems, this process is accomplished using MDT 2008 at the time the image is deployed.
To provide customers with the ability to increase the lifespan for both Windows XP and Windows Server 2003, the following deployment scenarios are provided.
Unattended Installation of Mass Storage Device Drivers Table 14 lists the steps for performing an unattended installation of Windows XP or Windows Server 2003 on a computer that requires a mass storage driver that is not available out of the box. Table 14. Unattended Mass Storage Driver Installation Steps required for unattended installation q
Download the driver from the manufacturer’s site.
q
Ensure that the TxtSetup.oem file exists in the same directory as the rest of the driver package. Note All mass storage drivers must have valid TxtSetup.oem files in the same directory as the .inf file (manual edits to fix path issues in the TxtSetup.oem file are supported).
q
Import the driver into MDT 2008 using the existing Deployment Workbench. Note Many drivers cannot be accurately inventoried by existing MDT 2008 routines. If importing an x86 driver, remove references to x64 in the ..\control\drivers.xml file; if importing an x64 driver, remove references to x86 in this file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
70
Microsoft Deployment Toolkit 2008
When installing Windows XP or Windows Server 2003 on a computer with this driver package, the ZTIStorageDrivers.wsf script will perform all the necessary steps to prepare the operating system to load the appropriate driver during text-mode Setup. These steps are: 1. Enumerate through all devices on the local computer, searching for a match with available drivers in the driver store. 2. Copy any drivers that match the storage devices to the local computer. 3. Copy the TxtSetup.oem file associated with the drivers to the correct location on the local disk, merging them if there are more than one. 4. Prepare the local Unattend.txt file to load the storage drivers during text-mode Setup.
Additional Considerations •
Only Windows XP Professional, Windows XP Tablet Edition, and Windows Server 2003 are supported for this process.
•
For a full explanation of the steps that ZTIStorageDrivers.wsf performs, see the Microsoft Help and Support article “HOW TO: Create an Unattended Installation of Third-Party Mass Storage Drivers in Windows Server 2003” at http://support.microsoft.com/kb/816299.
•
Files referenced in the TxtSetup.oem file that do not have the extensions .sys, .cat, or .inf are automatically copied to \$OEM$\$$\OEMDIR\ before calling Windows Setup (Winnt.exe), and then they are placed in the %WinDir%\System32 directory when the process is complete.
•
By default, ZTIStorageDrivers.wsf will skip installation of any integrated development environment (IDE) storage drivers (devices with a PCI\CC_0101 Plug and Play ID), because these devices are covered by in-box drivers.
•
ZTIStorageDrivers.wsf will only import drivers that have been imported by MDT 2008.
•
ZTIStorageDrivers.wsf will import only drivers that have matching devices on the local computer.
•
If there is more than one matching driver for a computer, ZTIStorageDrivers.wsf will install both drivers on the local system. Unless identical, the *.sys, *.inf, and *.cat files must have globally unique filenames (no other file with the same name can exist in any other package installed on the computer). The display name listed in the [scsi] section of TxtSetup.oem must be globally unique across each TxtSetup.oem file. A warning dialog box will be displayed if duplicates are found.
•
If driver packages conflict with other driver packages, typically the best thing to do is to identify the primary driver package, add it to a driver group, and add the group name to the StorageDriverGroup list item. Other storage drivers, not represented by groups defined in StorageDriverGroup, will not be installed.
•
If the property list StorageDriverGroup is defined, it will install only drivers associated with groups that are explicitly listed in this property. For example: •
StorageDriverGroup001 = AccountingStorageDriverGroup
•
StorageDriverGroup002 = SalesStorageDriverGroup
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Additional Mass Storage Drivers
71
Manually Enable the Installation of Mass Storage Device Drivers As part of the image creation process, Windows XP and Windows Server 2003 require that all mass storage drivers for all hardware that the image is intended to support be present in the image and in the operating system’s critical device database. This is done by adding entries to the Sysprep.inf configuration file, which is processed during the execution of Sysprep before the image is captured. Note To add additional mass storage driver support, the image must be rebuilt using a Sysprep.inf that contains the new, larger mass storage driver list, prepared using Sysprep, and captured again.
The basic steps required to enable image deployment to hardware requiring additional mass storage drivers are outlined in Table 15. Table 15. Deployment to Other Hardware Steps required for deployment to other hardware q
Copy all the required mass storage drivers to the reference computer so that they are included in the image.
q
Update Sysprep.inf to contain entries for each Plug and Play ID listed in the .inf file for each driver to be added. Note The Sysprep.inf file should include a BuildMassStorageSection=Yes entry so that all in-box drivers are also supported.
q
Run Sysprep to process all the drivers, which places them in the critical device database.
q
Capture the image.
Automate the Installation of Mass Storage Device Drivers Consider using MDT 2008 to automate the process of building standardized images for Sysprep to capture later in the process. These images, which have been prepared using Sysprep, can then be deployed to computers using image distribution technologies other than MDT 2008. In this scenario, a system administrator might need to pre-deploy a predefined list of nonMicrosoft mass storage drivers into the image in preparation for capture and deployment to systems with these mass storage controllers. This method allows the injection of a set of device drivers into a system when running Sysprep. Table 16 outlines the steps for automating the deployment to other hardware.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
72
Microsoft Deployment Toolkit 2008
Table 16. Automating the Deployment to Other Hardware Steps to automate the deployment to other hardware q
Import storage drivers into Deployment Workbench using known tools and procedures. Each driver package must have a TxtSetup.oem file that contains a valid list of Plug and Play IDs representing devices to be deployed.
q
Populate CustomSettings.ini (or some other method) with the StorageDriverSysPrepGroup list item. This list item contains a list all driver storage groups to be included in Sysprep: StorageDriverSysPrepGroup001 = AccountingStorageGroup StorageDriverSysPrepGroup002 = SalesStorageGroup Note Only storage drivers contained in these groups will be deployed to the Sysprep image.
q
Perform a deployment and capture to a reference computer with the defined storage groups.
q
The captured image should contain the storage drivers specified in the StorageDriverSysPrepGroup list item.
Additional Considerations •
A driver package could have more Plug and Play IDs enumerated by the system than are actually needed by Sysprep for driver preparation. This process will use only the subset of Plug and Play IDs present in the TxtSetup.oem file to populate the necessary Sysprep.inf sections. This ensures that only the Sysprep.inf file for devices that are actually supported by their respective manufacturers is populated.
•
Any MDT 2008 task sequence that deploys an operating systems includes the task sequence steps to run the ZTIStorageDrivers.wsf and ZTIStorageDriversSysPrep.wsf scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Rep laci ng an Exis ti ng C ompu ter wit h a Ne w Co mpute r U si ng Syste m C en ter Con fi gur ation Mana ger Use System Center Configuration Manager to deploy an image to a new computer that will substitute an existing computer in the enterprise architecture. This situation might occur when upgrading from one operating system to another (a new operating system might require new hardware), or because the organization needs newer, faster equipment for existing applications. When replacing an existing computer with a new computer, take into account all settings that will be migrated from one computer to another, such as user accounts and user state data, in addition to the need for a recovery solution in case the migration fails. In the following sample deployment, the scenario is replacing an existing computer by moving local accounts from the existing computer to the new computer. Move user state data, back up the existing computer before the migration, and finally deploy an existing image to the new computer. For this sample, the original computer is named COMPUTER1 and the new computer is named COMPUTER2.
Create Computer Association Before creating a task sequence to replace an existing computer, create a computer association between the existing computer and its replacement so System Center Configuration Manage can migrate user accounts and state data. Before a computer association can be established, both the existing computer and the new computer must be in the System Center Configuration Manager database. If the new computer already has an operating system installed, it can be added to the network and discovered by System Center Configuration Manager. If it is does not have an operating system installed, the computer information must be imported into System Center Configuration Manager as described at http://technet.microsoft.com/enus/library/bb633291.aspx. When the computer information for the new and existing computers is available in the System Center Configuration Manager database, a computer association must be created. To create the computer association 1. In Configuration Manager console, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Computer Associations. 2. In the actions pane, click New, and then click Computer Association.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
74
Microsoft Deployment Toolkit 2008
3. In the New Computer Association dialog box, on the Computer Association tab, in the Source Computer box, type COMPUTER1 as the name of the source computer that contains the user state data to be migrated to the new computer. Or, click Search to open the Search Computer dialog box, and then search for the source computer. 4. In the Destination Computer box, type COMPUTER2 as the name of the destination computer that will receive the user state data. Or, click Search to open the Search Computer dialog box, and then search for the destination computer. 5. Click the User Accounts tab. 6. To specify the user accounts that should be migrated from the source computer to the destination computer, click the yellow star icon to open the Add User Account dialog box, and then type the account name, or click Browse to search for accounts. For this sample, leave this box empty. Note If no user accounts are specified, all user accounts on the source computer will be migrated.
Create a Task Sequence to Save User State Information from Existing Computer When the computer association between the existing and new computers is in place, two task sequences must be created to perform a full backup of the existing computer, copy user state data, boot the new computer, apply an image to the new computer, and restore the user state data. To perform this process, create the following task sequences: 1. A task sequence to collect the user state migration information from the existing computer; create the task sequence by importing a Client Replace Task Sequence task sequence template. 2. A task sequence to deploy the operating system and restore the collected user state migration information; create the task sequence by importing a Client Task Sequence task sequence template. For the task sequences to be created, the following must be true: •
There is a boot image already available in System Center Configuration Manager. In this sample, this package will be called BOOTIMAGE.
•
There is an MDT 2008 Files package already available in System Center Configuration Manager. In this sample, this package will be called MDT2008.
•
There is an MDT 2008 Custom Settings package for the existing computer already available in System Center Configuration Manager. In this sample, this package will be called CUSTOMSETTINGS_EXISTING.
•
There is a computer image already available in System Center Configuration Manager. In this sample, this package will be called VISTAIMAGE.
•
There is a package that has the User State Migration Tool (USMT) already available in System Center Configuration Manager. In this sample, this package will be called USMT.
•
There is a package with the System Center Configuration Manager client already available in System Center Configuration Manager. In this sample, this package will be called SMSCLIENT.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Computer
75
To create a task sequence that collects the user state information from the existing computer 1. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 2. In the console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment, and then click Task Sequences. 3. In the actions pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard will start. 4. Complete the Import Microsoft Deployment Task Sequence Wizard using the information listed in Table 17; accept default values unless otherwise specified. Table 17. Information for Completing Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do the following
Choose Template
Click Client Replace Task Sequence, and then click Next.
General
In the Task sequence name box, type task_sequence (where task_sequence is the name of the task sequence). In the Task sequence comments box, type Task sequence for replacing the target computer, and then click Next.
Boot Image
In the Specify an existing boot image package box, click Browse. In the Select a Package dialog box, click BOOTIMAGE, and then click OK. Click Next.
MDT Package
In the Specify an existing Microsoft Deployment Toolkit Files package box, click Browse. In the Select a Package dialog box, click MDT2008, and then click OK. Click Next.
USMT Package
In the Specify an existing USMT package box, click Browse. In the Select a Package dialog box, click USMT, and then click OK. Click Next.
Settings Package
In the Specify an existing settings package box, click Browse. In the Select a Package dialog box, click CUSTOMSETTINGS_EXISTING, and then click OK. Click Next.
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
76
Microsoft Deployment Toolkit 2008
Modify CustomSettings.ini Properties for the Existing Computer Task Sequence After creating a task sequence for the existing computer, modify the MDT 2008 properties in CustomSettings.ini to specify where to perform the backup. Specifically, configure the BackupDir, BackupDrive, BackupShare, and ComputerBackupLocation properties. To modify CustomSettings.ini to perform a full computer backup 1. In Windows Explorer, go to the folder that contains the source for the CUSTOMSETTINGS_EXISTING package, and then double-click CustomSettings.ini. 2. In CustomSettings.ini, add the following lines (where share_name is the name of the share to which to back up the computer, and server_name is the name of the server where share_name exists): ComputerBackupLocation=Network BackupShare=\\server_name\share_name BackupDir=%ComputerName% BackupDrive=ALL 3. Save the file in the same folder. 4. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 5. In the console tree, go to Site Database/Computer Management/Software Distribution, and then click Packages. 6. In the details pane, click CUSTOMSETTINGS_EXISTING, and then click Update Distribution Points. 7. In the Confirm Update Distribution Points dialog box, click Yes. The CUSTOMSETTINGS_EXISTING package is updated to all the distribution points. This ensures the modified version of CustomSettings.ini is used in the task sequence.
Create a Task Sequence Advertisement for the Existing Computer After the task sequence for the existing computer is created, advertise the task sequence to the existing computer. This can be done by creating a collection to which the new computer belongs. Advertising the task sequence to the collection initiates the deployment process. To advertise a task sequence, follow the steps described at http://technet.microsoft.com/en-us/library/bb680317.aspx. After this task sequence is complete, the user state migration information is saved and a complete backup of the existing computer is made.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Computer
77
Create a Task Sequence to Deploy the Operating System to the New Computer Now, create a task sequence to deploy the operating system to the new computer. This task sequence will restore the user state migration information saved by the first task sequence. For the task sequence to be created, the following must be true: •
There is a boot image already available in System Center Configuration Manager. In this sample, this package will be called BOOTIMAGE.
•
There is an MDT 2008 Files package already available in System Center Configuration Manager. In this sample, this package will be called MDT2008.
•
There is an MDT 2008 Custom Settings package for the new computer already available in System Center Configuration Manager. In this sample, this package will be called CUSTOMSETTINGS_NEW.
•
There is a computer image already available in System Center Configuration Manager. In this sample, this package will be called VISTAIMAGE.
•
There is a package that has USMT already available in System Center Configuration Manager. In this sample, this package will be called USMT.
•
There is a package with the System Center Configuration Manager client already available in System Center Configuration Manager. In this sample, this package will be called SMSCLIENT.
To create a task sequence that deploys the operating system to the new computer 1. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 2. In the console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment, and then click Task Sequences. 3. In the actions pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard will start. 4. Complete the Import Microsoft Deployment Task Sequence Wizard using the information listed in Table 18; accept default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
78
Microsoft Deployment Toolkit 2008
Table 18. Information for Completing Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do the following
Choose Template
Click Client Task Sequence, and then click Next.
General
In the Task sequence name box, type task_sequence (where task_sequence is the name of the task sequence). In the Task sequence comments box, type Task sequence for deploying the target computer, and then click Next.
Boot Image
In the Specify an existing boot image package box, click Browse. In the Select a Package dialog box, click BOOTIMAGE, and then click OK. Click Next.
MDT Package
In the Specify an existing Microsoft Deployment Toolkit Files package box, click Browse. In the Select a Package dialog box, click MDT2008, and then click OK. Click Next.
USMT Package
In the Specify an existing USMT package box, click Browse. In the Select a Package dialog box, click USMT, and then click OK. Click Next.
Settings Package
In the Specify an existing settings package box, click Browse. In the Select a Package dialog box, click CUSTOMSETTINGS_NEW, and then click OK. Click Next.
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported.
Modify CustomSettings.ini Properties for the New Computer Task Sequence After creating a task sequence for the new computer, modify the MDT 2008 properties in CustomSettings.ini to specify where to perform the backup. Configure any properties that must be specified for the new computer. For example, a different set of device drivers may have to be specified in a package group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Computer
79
To modify CustomSettings.ini to perform a full computer backup 1. In Windows Explorer, go to the folder that contains the source for the CUSTOMSETTINGS_NEW package, and then double-click CustomSettings.ini. 2. Modify the CustomSettings.ini file as necessary. 3. Save the file in the same folder. 4. Click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. 5. In the console tree, go to Site Database/Computer Management/Software Distribution, and then click Packages. 6. In the details pane, click CUSTOMSETTINGS_NEW, and then click Update Distribution Points. 7. In the Confirm Update Distribution Points dialog box, click Yes. The CUSTOMSETTINGS_NEW package is updated to all the distribution points. This ensures the modified version of CustomSettings.ini is used in the task sequence.
Create a Task Sequence Advertisement for the New Computer After the task sequence for the new computer is created, advertise the task sequence to the existing computer. This can be done by creating a collection to which the new computer belongs. Advertising the task sequence to the collection initiates the deployment process. To advertise a task sequence, follow the steps described at http://technet.microsoft.com/en-us/library/bb680317.aspx. After this task sequence is complete, the new operating system is installed on the new computer and the user state migration information is restored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo ying an O per ati ng Sys tem to a N ew C ompu ter No t in the Syste m C en ter Con fi gur ation Mana ger Da tabase One of the main challenges of using System Center Configuration Manager to deploy an operating system to a brand-new computer that does not have an operating system is the fact that the target computer must exist in the System Center Configuration Manager database before deployment can occur. There are different ways of solving this problem, using either System Center Configuration Manager or MDT 2008. In System Center Configuration Manager, computer information can be imported into the database by following the steps described at http://technet.microsoft.com/enus/library/bb633291.aspx. The solution presented here works well when very few new computers are being added to the network. However, when several computers are being added, an automated way of importing data into the System Center Configuration Manager database is required. This can be done by deploying an operating system with an operating system media preexecution hook or a PXE boot. The pre-execution hook option takes advantage of an MDT 2008 Web service that can be used to verify whether computer information exists within a System Center Configuration Manager database, and add information if needed. The pre-execution hook allows this service to be called prior to initiating the deployment process to ensure the computer is added to the System Center Configuration Manager database. To use this Web service, set up the service on a Web server, edit the boot media to set up the pre-execution hook, and boot the computer using the operating system media.
Configure the Web Service Setup The MDT 2008 Web service is used to import computer information into the System Center Configuration Manager database. Configure Internet Information Services (IIS) and the Web.config file so that the Web service connects to the appropriate server locator point (SLP), and uses the appropriate credentials for connecting to the SLP. To configure the MDT 2008 Web service 1. Ensure that a System Center Configuration Manager server running the SLP exists within the network. 2. Ensure that IIS and Microsoft .NET Framework 2.0 are installed on the server running MDT 2008. 3. On the MDT 2008 server, click Start, click Administrative Tools, and then click Internet Information Services Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Deploying an Operating System to a New Computer
81
4. In the Internet Information Services Manager dialog box, click Your Server (where Your Server is the MDT 2008 server), click Web Sites, and then click Default Web Site. 5. Right-click Default Web Site, click New, and then click Virtual Directory. 6. In the Virtual Directory Creation Wizard, click Next. 7. In the Alias box, type a name for the virtual directory. This name will be used later to hook into the Web service. For example, use MicrosoftDeployment. 8. Click Next. 9. Click the Browse button, and then click the path for the folder that contains the Web service. By default, this path is %Program Files%\Microsoft Deployment Toolkit. 10. Click Next. 11. Select the Run scripts (such as ASP) check box to allow .NET pages and Web services to be used in this virtual directory. 12. Click Next, and then click Finish. When the server is set up to allow access to the Web service, configure the System Center Configuration Manager root computer name, the SLP computer name, and the identity used to access these services in the Web.config file. To configure the Web.config file for the Web service 1. Open the Web.config file located at %Program Files%\Microsoft Deployment. 2. Locate the appSettings element, and then add the System Center Configuration Manager root server name and the SLP server name to the corresponding entries; for example:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
82
Microsoft Deployment Toolkit 2008
Create the Pre-Execution Hook With the Web service up and running, create the pre-execution hook for the boot media to use to start the deployment process. To create the pre-execution media hook file 1. Use the Import Microsoft Deployment Task Sequence wizard to create a new boot image. 2. As part of that boot image creation process, indicate that a media hook should be included, and type the Web service URL; for example: http://deployment_server/MicrosoftDeployment/unknowncomputer.asmx (where deployment_server is the name of the deployment server on which the Web service is installed).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng C ondi ti onal Task Sequence Steps In some scenarios, consider running a task sequence step conditionally based on defined criteria. Any combinations of these conditions can be added to determine whether the task sequence step should run. For example, use the value of a task sequence variable and the value of a registry setting to determine whether a task sequence step should run. Using MDT 2008, run a task sequence conditionally based on: •
One or more IF statements.
•
A task sequence variable.
•
The version of the target operating system.
•
The Boolean results of a WMI query.
•
A registry setting.
•
The software installed on the target computer.
•
The properties of a folder.
•
The properties of a file.
Configure a Conditional Task Sequence Step Conditional task sequence steps are configured in Deployment Workbench, on the Options tab of a task sequence step. One or more conditions can be added to the task sequence step to create the appropriate condition for running, or not running, the step. Note
Every conditional task sequence step needs at least one IF statement.
To view the Options tab of a task sequence step 1. Start Deployment Workbench 575.In the console tree, click Task Sequences. 576.In the details pane, right-click task_sequence (where task_sequence is the name of the task sequence to configure), and then click Properties. 577.In the task_sequence Properties dialog box, on the Task Sequence tab, click step (where step is the name of the task sequence step to configure), and then click the Options tab. On the Options tab of a task sequence step, perform the following actions: •
Add. Click this button to add a condition to the task sequence step.
•
Remove. Click this button to remove an existing condition in a task sequence step.
•
Edit. Click this button to modify an existing condition in a task sequence step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
84
Microsoft Deployment Toolkit 2008
IF Statements in Conditions All task sequence conditions include one or more IF statements. IF statements are the foundation for creating conditional task sequence steps. A task sequence step condition can include only one IF statement, but multiple IF statements can be nested beneath the top-level IF statement to create more complex conditions. An IF statement can be based on the conditions listed in Table 19, which are configured in the IF Statement Properties dialog box. Table 19. Conditions Available in IF Statements Condition
Select this option to run the task sequence if
All conditions
All the conditions beneath this IF statement must be true.
Any conditions
Any the conditions beneath this IF statement are true.
None
None the conditions beneath this IF statement are true.
Complete the condition for running the task sequence step by adding other criteria to the conditions (for example, task sequence variables or values in a registry setting). To add an IF statement condition to a task sequence step 578.On the step Option tab (where step is the name of the task sequence step to configure), click Add, and then click If statement. 579.In the If Statement Properties dialog box, click condition (where condition is one of the conditions listed in Table 19), and then click OK.
Task Sequence Variables in Conditions Use the Task Sequence Variable condition to evaluate any task sequence variable created by a Set Task Sequence Variable task or by any task in the task sequence. For example, consider a network that contains Windows XP workstations that are part of a domain, and some that are in a workgroup. Knowing that the current domain policy forces all user settings to be saved on the network, user settings may need be saved only for computers that are not part of the domain—that is, computers that are in the workgroup. In such case, add a condition to the Capture User Files and Settings task that targets the computers in the workgroup. To add a condition based on a task sequence variable 1. On the step Options tab (where step is the name of the task sequence step to configure), click Add Condition, and then click Task Sequence Variable. 580.In the Task Sequence Variable Condition dialog box, in the Variable box, type OSDJoinType. Note This variable is set to 0 for computers that are joined to a domain and to 1 for those in a workgroup.
581.In the Condition box, click equal. 582.In the Value box, type 1, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Conditional Task Sequence Steps
85
Operating System Version in Conditions Use the Operating System Version condition to verify the existing operating system version of a target computer or the existing client (when capturing an image). For instance, consider a network that contains several servers that will be upgraded from Microsoft Windows 2000 Server to Windows Server 2003. Network settings should be copied and applied only to servers that are running Windows 2000 Server with Service Pack 4 (SP4). All other servers will have the default network settings used by Windows Server 2003. To add a condition based on operating system version 583.In the Task Sequence Editor, click the Capture Network Settings task. 584.Click Add Condition, and then click Operating System Version. 585.In the Architecture box, click the relevant server. For this example, click x86. 586.In the Operating system box, click the operating system and version for which to set a condition. For this example, click x86 Windows 2000 Service Pack 4. 587.In the Condition box, click the relevant condition, and then click OK.
File Properties in Conditions Use the File Properties condition to verify the version and/or times tamp of a given file to determine whether or not to run a task or a group of tasks. In this example, the production environment contains a Windows Server 2003 image that is constantly updated and used for every new server that is added to the network. All server computers in the environment run a custom application that requires the Digital Access Object (DAO) API version 3.60.6815. All existing servers are working properly. However, each new server that is added to the network with the image is unable to run the application. Because it is the responsibility of a different group to maintain and update images, it is decided that the deployment task sequence be changed to install the relevant version of DAO if the existing version of DAO deployed with the image is incorrect. To add a File Properties condition to a task sequence step 1. In System Center Configuration Manager, create a package to install DAO 3.60.6815. Call this package DAO, with a program called InstallDAO. To learn more about creating packages, visit http://technet.microsoft.com/en-us/library/bb693627.aspx. 2. Create an Install Software step to deploy the DAO package. 3. Click the Install Software task sequence step created in step 2, and then click the Options tab. 4. Click Add Condition, and then click File Properties. 5. In the Path box, type C:\Program Files\Microsoft Shared\DAO\dao360.dll. 6. Select the Check the version check box, and then click not equals for the condition. 7. In the Version box, type 3.60.6815. 8. In this case, ensure that the Check the timestamp check box is clear. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
86
Microsoft Deployment Toolkit 2008
Folder Properties in Conditions Use the Folder Properties condition to verify the time stamp of a given folder to determine whether or not to run a task or a group of tasks. For instance, consider a situation in which an internally developed application has been updated to work with Windows Vista. However, not all of the computers in the network have the most recent version of the application installed, and a data conversion process needs to be performed before the application can be upgraded. If the time stamp of the folder in which the application is installed is 12/31/2007 or earlier, then the target computer is running the incompatible version of the application and the data conversion process should be run on the target computer. Conditionally, run a task sequence step to run the data conversion process on computers that have an earlier version of the application. To add a Folder Properties condition to a task sequence step 1. Create a Command Line task to perform the data conversion process. 2. Click the task created in step 1. 3. Click Add Condition, and then click Folder Properties. 4. In the Path box, type the path of the folder that contains the application. 5. Select the Check the timestamp check box. 6. Click Less than or equals for the condition. 7. In the Date box, click 12/31/2007. 8. In the Time box, click 12:00:00 AM. 9. Click OK.
Registry Settings in Conditions Use the Registry Setting condition to verify the existence of keys and values in the registry, and the corresponding data stored in registry values. For instance, consider a case in which an application currently used on a small set of computers cannot run on Windows Vista, and a Windows Vista deployment is in place to upgrade computers that currently are running Windows XP. Create a condition on the very first task in a sequence to check the registry for an entry for the incompatible application and to interrupt the deployment process for that computer if it is found. To add a Registry Setting condition to a task sequence step 1. Open the task sequence that deploys Windows Vista. 2. Click the first task in the sequence, and then click the Options tab. 3. Click Add Condition, and then click Registry Setting. 4. In the Root key list, click HKEY_LOCAL_MACHINE. 5. In the Key box, type SOFTWARE\WOODGROVE.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Conditional Task Sequence Steps
87
6. Click not exists for the condition. In this case, the task will run, and the sequence continue, only if the key does not exist. 7. Optionally, the condition could check for the nonexistence of a value if the value name is typed in the Value name box. 8. If a condition other than exists/not exists was used, a value and value type could be specified. 9. Click OK.
WMI Queries in Conditions Use the WMI Query condition to run any WMI query. The condition is evaluated as true if the query returns at least one result. For example, consider that a deployment team needs to upgrade the operating system of all servers of a given model—Dell 1950, for instance. The team can use a WMI query to check each computer's model and proceed with the deployment only if the right model is found. To add a WMI Query condition to a task sequence step 1. Open the task sequence that will upgrade the servers. 2. Click the first task in the sequence, and then click the Options tab. 3. Click Add Condition, and then click Query WMI. 4. In the WMI Namespace box, type root\cimv2. 5. In the WQL Query box, type Select * From Win32_ComputerSystem WHERE Model LIKE "%Dell%%1950%". Click OK.
Installed Software in Conditions Use an Installed Software condition to check if a particular piece of software is currently installed on a target computer. Only software installed using .msi files can be evaluated using this condition. As an example, imagine that a deployment team wants to upgrade the operating system of all servers except those running the Systems Management Server Toolkit. To add an Installed Software condition to a task sequence step 1. Open the task sequence that will upgrade the servers. 2. Click the first task in the sequence, and then click the Options tab. 3. Click Add Condition, and then Installed Software. 4. Click Browse, and then click the .msi file for the Systems Management Server Toolkit. 5. Select the Match this specific product check box to specify that only computers with SQL Server 2005, and not any other versions, are the target computers this query should detect. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
88
Microsoft Deployment Toolkit 2008
Complex Conditions Multiple conditions can be grouped using IF statements to create complex conditions. For instance, imagine that a particular step should only be executed for Dell 1950 computers running Windows 2000 Server or Windows Server 2003. Written as a programmatic IF statement, it would look similar to the following: IF ((Computer Model IS “Dell 1950”) AND (OS=2000 OR OS=2003)) To add a complex condition 1. Click the task sequence step to which to add the condition, and then click the Options tab. 2. Click Add condition, click If Statement, and then click All conditions. Click OK. 3. Click the condition statement, then click Add condition, and then click WMI Query. 4. Ensure root\cimv2 is specified as the WMI namespace, and then, in the WQL Query box, type SELECT * FROM Win32_ComputerSystem WHERE ComputerModel LIKE “%Dell%1950%”. Click OK. 5. Click the If statement. Click Add condition, click If statement, and then click Any condition. Click OK. 6. Click the second If statement. Click Add condition, and then click Operating System Version. 7. In the Architecture box, click the architecture for the servers. For this example, click x86. 8. In the Operating system box, click the operating system and version. For this example, click x86 Windows 2000 original release. Click OK. 9. Click the second If statement. Click Add condition, and then click Operating System Version. 10. In the Architecture box, click the architecture for the servers. For this example, click x86. 11. In the Operating system box, click the operating system and version. For this example, click x86 Windows 2003 original release. Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting a H ighl y Scala ble LTI Dep lo yment In fr as tr uctur e In this scenario, no electronic software distribution is available for the deployment infrastructure to leverage, so MDT 2008 will be used to build a fully automated LTI deployment infrastructure. The scalable LTI infrastructure uses SQL Server, Windows Deployment Services, and Windows Server 2003 Distributed File System Replication (DFS-R) technologies. To scale the LTI infrastructure 1. Ensure that the appropriate infrastructure exists. 2. Prepare Windows Deployment Services. 3. Configure Distributed File System Replication (DFS-R). 4. Prepare for SQL Server replication. 5. Configure SQL Server replication. 6. Configure CustomSettings.ini. This scenario presumes that MDT 2008 is configured on a master deployment server and that the configuration of the Deployment Workbench database has already been completed as discussed at the beginning of this document.
Ensure That the Appropriate Infrastructure Exists The highly scalable LTI deployment infrastructure uses a hub-and-spoke topology for replication of content; therefore, first nominate a deployment server in the production environment that will perform the role of the master deployment server. Table 20 lists the required components for the master deployment server. Table 20. Master Deployment Server Required Component
Purpose/Comment
Windows Server 2003 R2
Required to support DFS-R.
MDT 2008
Contains the master copy of the distribution share.
SQL Server 2005
Must be a full version to allow replication of the Deployment Workbench database.
DFS-R components
Required components for replication of the distribution share.
Windows Deployment Services
Required to allow network PXE-based installations to be initiated.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
90
Microsoft Deployment Toolkit 2008
When the master deployment server has been selected, provision additional servers at each site to support LTI deployments. Table 21 lists the required components for the child deployment server. Table 21. Child Deployment Servers Required Component
Purpose/Comment
Windows Server 2003 R2
Required to support DFS-R.
SQL Server 2005 Express Edition
Receives replicated copies of the Deployment Workbench database.
DFS-R components
Required components for replication of distribution share.
Windows Deployment Services
Required to allow network PXE-based installations to be initiated.
Note Windows Deployment Services must be set up and configured on each child server, but it is not necessary to add boot or installation images.
Add Content to MDT 2008 The master deployment server should be populated with content using Deployment Workbench, and the Deployment Workbench database should be created and populated as described in the following sections. For information on populating the database with: •
Applications, see the section “Applications” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating systems, see the section “Operating Systems” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating system packages, see the section “Packages” in the MDT 2008 document, Workbench Imaging Guide.
•
Device drivers, see the section “Out-of-Box Drivers” in the MDT 2008 document, Workbench Imaging Guide.
•
Task sequences, see the section “Task Sequences” in the MDT 2008 document, Workbench Imaging Guide.
Note Ensure that the LiteTouchPE_x86.wim file created when the deployment point is updated has been added to Windows Deployment Services.
Prepare Windows Deployment Services Because the LiteTouchPE_x86.wim file will be replicated on a periodic basis through the DFS-R replication group, the boot configuration data store must be updated periodically to reflect the newly replicated Windows PE environment. Perform the following steps on each of the deployment servers. To prepare Windows Deployment Services 1. Open a Command Prompt window. 2. Type WDSUtil /set-server /BCDRefreshPolicy /Enabled:yes /RefreshPeriod:60, and then press ENTER. Note In the example presented here, the refresh period is set to 60 minutes; however, this could be configured to replicate on a period that is equal to that of the DFS-R.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
91
Configure Distributed File System Replication (DFS-R) When scaling the LTI deployment architecture, DFS-R is used as the basis for replicating the content from both the MDT 2008 deployment point and the Windows PE Lite Touch boot environment, and from the master deployment server to the child deployment servers. Note
Ensure that the DFS-R components are installed before performing the following steps.
To configure DFS-R to replicate the deployment content 1. Open DFS Management Console. 2. In the console tree, expand DFS Management. 3. Right-click Replication, and then click New Replication Group. 4. In the New Replication Group Wizard, on the Replication Group Type page, click New Multipurpose Replication Group. 5. Click Next. 6. On the Name and Domain page, type the following information: •
In the Name for replication group box, type a name for the replication group; for example, MDT 2008 Replication Group.
•
In the Optional description of replication group box, type a description of the replication group; for example, Group for replication of MDT 2008 data.
•
Ensure that the Domain box contains the correct domain name.
7. Click Next. 8. On the Replication Group Members page: c.
Click Add.
d. Type the names of all servers that are to be members of this replication group; for example, all child deployment servers and the master deployment server. e. Click OK. 9. Click Next. 10. On the Topology Selection page, click Hub and Spoke, and then click Next. 11. On the Hub Members page, click the master deployment server, and then click Add. 12. Click Next. 13. On the Hub and Spoke Connections page, ensure that for each child deployment server the master deployment server listed is the Required Hub Member. 14. Click Next. 15. On the Replication Group Schedule and Bandwidth page, specify a schedule for replicating the content between servers. 16. Click Next. 17. On the Primary Member page, in the Primary Member box, click the master deployment server. 18. Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
92
Microsoft Deployment Toolkit 2008
19. On the Folders to Replicate page, click Add, and then type the following information: a. In the Local Path of the folder to replicate box, click Browse to go to the X:\Distribution folder. b. Click Use name based on path. c.
Click OK.
d. Click Add. e. In the Add Folder to Replicate dialog box, click Browse to go to the X:\RemoteInstall\Boot folder. f.
Click Use name based on path.
20. Click Next. 21. On the Local Path of Distribution on Other Members page: a. Click all the members in the distribution group, and then click Edit. b. In the Edit Local Path dialog box, click Enabled. c.
Type the path where the Distribution folder should be stored on the child deployment server; for example, X:\Distribution, where X is the drive letter on the deployment server.
d. Click OK. 22. Click Next. 23. On the Local Path of Boot on Other Members page: a. Click all the members in the distribution group, and then click Edit. b. In the Edit Local Path dialog box, click Enabled. c.
Type the path where the Boot folder should be stored on the child deployment server; for example, X:\RemoteInstall\Boot, where X is the drive letter on the deployment server.
d. Click OK. 24. Click Next. 25. On the Remote Settings and Create Replication Group page, click Create to complete the New Replication Group Wizard. 26. On the Confirmation page, click Close to close the wizard. Note
Ensure that the new replication group is now listed beneath the Replication node.
Prepare for SQL Server Replication Before SQL Server replication can be configured, complete several pre-configuration steps to ensure that the deployment servers are correctly configured. To prepare for SQL Server replication on the master deployment server 1. Create a folder to store the database snapshots, and then configure the folder as a share. Note For more information about securing the snapshot folder, go to http://msdn2.microsoft.com/en-us/library/ms151151.aspx.
2. Ensure that the SQL Server Browser service is not disabled, and is set to automatic. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
93
3. In the SQL Server Surface Area Configuration box, click Local and Remote connections. To prepare for SQL Server replication on the child deployment server 1. In the SQL Server Surface Area Configuration box, click Local and Remote connections. 2. Optionally, create an empty database to host the replicated Deployment Workbench database. Note This database must be given the same name as the Deployment Workbench database on the master deployment server. For example, if the Deployment Workbench database on the master deployment server is called DWDB, create an empty database called DWDB on the child deployment server.
Configure SQL Server Replication After configuring the replication of files and folders required to build the deployment infrastructure, configure SQL Server to replicate the Deployment Workbench database. Note It is also possible to maintain only a single central Deployment Workbench database; however, by maintaining a replicated version of the Deployment Workbench database, greater control can be maintained over data transferring across the wide area network (WAN).
SQL Server 2005 uses a replication model that is similar to a magazine distribution model: 1. A magazine is made available (published) by a publisher. 2. Distributors are used to distribute the publication. 3. Readers can subscribe to a publication so that that publication is delivered to the subscriber periodically (a push subscription). This terminology is used through the SQL Server replication setup and configuration wizards.
Configure a SQL Server Publisher To configure the master deployment server as a SQL Server publisher 1. Open SQL Server Management Studio. 2. Right-click the Replication node, and then click Configure Distribution. 3. In the Configure Distribution Wizard, click Next. 4. On the Distributor page, click will act as its own Distributor; SQL Server will create a distribution database and log. 5. Click Next. 6. On the Snapshot Folder page, in the Preparing for SQL Server Replication section, type the UNC path to the snapshot folder created. 7. On the Distribution Database page, click Next. 8. On the Publishers page, click the master deployment server to set it as the distributor. 9. Click Next. 10. On the Wizard Actions page, click Configure Distribution, and then click Next. 11. Click Finish, and then click Close when the wizard is finished. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
94
Microsoft Deployment Toolkit 2008
Enable the Deployment Workbench Database for Replication To enable the Deployment Workbench database for replication on the master deployment server 1. In SQL Server Management Studio, right-click the Replication node, and then click Publisher Properties. 2. On the Publisher Properties page: a. Click Publisher Databases. b. Click the Deployment Workbench database, and then click Transactional. c.
Click OK.
The Deployment Workbench database is now configured for transactional and snapshot replication.
Create a Publication of the Deployment Workbench Database To create a publication of the Deployment Workbench database to which the child deployment servers can subscribe 1. In SQL Server Management Studio, expand Replication, right-click Local Publications, and then click New Publication. 2. In the New Publication Wizard, click Next. 3. On the Publication Database page, click the Deployment Workbench database. 4. Click Next. 5. On the Publication Type page, click Snapshot publication. 6. Click Next. 7. On the Articles page, click all Tables, Stored Procedures, and Views. 8. Click Next. 9. On the Articles Issues page, click Next. 10. On the Filter Table Rows page, click Next. 11. On the Snapshot Agent page: a. Click Create a snapshot immediately and keep the snapshot available to initialize subscriptions. b. Click Schedule the Snapshot Agent to run at the following times. c.
Click Change, and then create a schedule on which to run the snapshot agent.
Note
Specify a schedule that will occur one hour before the database will replicate.
12. Click Next. 13. On the Agent Security page, click the account under which the snapshot agent will run, and then click Next. 14. On the Wizard Actions page, click Create the publication. 15. Click Next. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
95
16. On the Complete the Wizard page, in the publication name box, type a descriptive publication name. 17. Click Finish to complete the wizard, and then click Close when the wizard has created the publication. Note The publication will now be visible beneath the Local Publications node in SQL Server Management Studio.
Subscribe Child Deployment Servers to the Published Deployment Workbench Database Now that the Deployment Workbench database has been published, the child deployment servers can be added as subscribers to this publication; that is, that they will receive a copy of the database on a schedule so that during a deployment the client computers can query a database that is local to the network instead of going across the WAN. To subscribe the child deployment servers to the Deployment Workbench database publication 1. In SQL Server Management Studio, go to Replication/Local Publications. 2. Right-click the publication created in the previous section, and then click New Subscriptions. 3. In the New Subscriptions Wizard, click Next. 4. On the Publication page, click the publication created in the previous section. 5. On the Distribution Agent Location page, click Run all agents at the Distributor SERVERNAME (push subscriptions). 6. Click Next. 7. On the Subscribers page, add each of the child deployment servers by performing the following steps: a. Click Add Subscriber, and then click Add SQL Server Subscriber. b. Add each of the child deployment servers. c.
For each child deployment server added, in the Subscription Database box, click the empty Deployment Workbench database on that child deployment server.
Note If the empty Deployment Workbench database has not yet been created, in the Subscription Database box, click the option to create a new database. Note This database must be given the same name as the Deployment Workbench database on the master deployment server. For example, if the Deployment Workbench database on the master deployment server is called DWDB, create an empty database called DWDB on the child deployment server.
8. Click Next. 9. On the Distribution Agent Security page, click the … button to launch the Distribution Agent Security dialog box. 10. Type the details of the account to use for the distribution agent. 11. Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
96
Microsoft Deployment Toolkit 2008
12. On the Synchronization Schedule page: a. In the Agent Schedule box, click
Configure CustomSettings.ini The LTI deployment infrastructure has now been successfully created, and each location will contain an LTI deployment server, with a replicated copy of: 1. The deployment point. 2. The Deployment Workbench database. 3. The LiteTouchPE_x86 Windows PE environment that has been added to Windows Deployment Services. Now, the CustomSettings.ini file can be configured for the deployment point to use the deployment content (deployment point and database) from its local deployment server, the server that delivers the LiteTouchPE_x86.wim environment through Windows Deployment Services. When the LiteTouchPE_x86.wim file is delivered from Windows Deployment Services, a registry key is configured with the name of the Windows Deployment Services server being used. This server name is captured by MDT 2008 in a variable (%WDSServer%) that can be used to configure CustomSettings.ini. To always use the local LTI deployment server Note The following procedure assumes that the deployment point has been created and set as the Distribution$ share.
1. Start Deployment Workbench. 2. In the console tree, expand Deploy, and then click Deployment Points. 3. In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 4. Click the Rules tab, and then modify the CustomSettings.ini file to configure the following properties: •
For each SQL Server section added, configure SQLServer to use the server name %WDSServer%; for example, SQLServer=%WDSServer%.
•
If configuring DeployRoot, configure DeployRoot to use the %WDSServer% variable; for example, DeployRoot=\\%WDSServer%\Distribution$.
5. Click the Edit Bootstrap.ini button. 6. Configure BootStrap.ini to use the %WDSServer% property by adding or changing the DeployRoot value to DeployRoot=\\%WDSServer%\Distribution$. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Highly Scalable LTI Deployment
97
7. Click File, and then click Save to save the changes to the BootStrap.ini file. 8. Click OK. 9. To update the deployment point and LiteTouchPE_x86.wim Windows PE environment, right-click deployment_point, and then click Update. Listing 28 illustrates CustomSettings.ini after performing the steps outlined in this section: Listing 28. Sample CustomSettings.ini Configured for Scalable LTI Deployment Infrastructure [Settings] Priority=CSettings,CPackages, CApps, CAdmins, CRoles, Default Properties=MyCustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [CSettings] SQLServer=%WDSServer% Instance= Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerSettings Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CPackages] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerPackages Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR Order=Sequence [CApps] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerApplications Parameters=UUID, AssetTag, SerialNumber, MacAddress Solution Accelerators
microsoft.com/technet/SolutionAccelerators
98
Microsoft Deployment Toolkit 2008
ParameterCondition=OR Order=Sequence [CAdmins] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerAdministrators Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR [CRoles] SQLServer=%WDSServer% Database=DWDB Netlib=DBNMPNTW SQLShare= Table=ComputerRoles Parameters=UUID, AssetTag, SerialNumber, MacAddress ParameterCondition=OR
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Selec ting a Local Mi cr oso ft Dep lo yment Toolk it Ser ver W hen Mu lt ip le Ser ver s Ex ist In this scenario, multiple MDT 2008 servers are being used to support a high volume of simultaneous deployments and deployments across multiple sites. When an LTI deployment is initialized, the default behavior is to request a path to the MDT 2008 server to connect to and access the required files to begin the deployment process. The MDT 2008 wizard can use the LocalServer.xml file to present a choice of known deployment servers for each location. To use the LocationServer.xml file 588.Understand the purpose and use of LocationServer.xml. 589.Create the LocationServer.xml file. 590.Add the LocationServer.xml file to the Extra Files directory. 591.Update the BootStrap.ini file. 592.Update the deployment point. This scenario assumes that MDT 2008 is configured on a deployment server.
Understand LocationServer.xml Understand How Microsoft Deployment Toolkit Uses LocationServer.xml During LTI, MDT 2008 scripts will read and process the BootStrap.ini file to gather initial information about the deployment. This happens before a connection has been made to the deployment server. Therefore, the DeployRoot property is commonly used to specify in the BootStrap.ini file the deployment server to which it should make a connection. If the BootStrap.ini file does not contain a DeployRoot property, MDT 2008 scripts load a wizard page to prompt the user for a path to the deployment server. While initializing the HTML Application (HTA) wizard page, MDT 2008 scripts check for the existence of the LocationServer.xml file, and if it exists, use LocationServer.xml to display available deployment servers.
Understand When to Use LocationServer.xml MDT 2008 offers multiple ways to determine which server to connect to during an LTI deployment. Different methods for locating the deployment server are best suited for different scenarios; therefore, it is important to understand when to use LocationServer.xml.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
100
Microsoft Deployment Toolkit 2008
MDT 2008 provides several methods for automatically discovering and using the most appropriate deployment server. These methods are listed in Table 22. Table 22. Methods for Automatically Determining the Deployment Server Method
Details
%WDSServer%
Used when the MDT 2008 server is co-hosted on the Windows Deployment Services server. When an LTI is initiated from a Windows Deployment Services server, an environmental variable, %WDSServer%, is created and populated with the name of the Windows Deployment Services server. The DeployRoot variable can use this variable to automatically connect to a deployment share on the Windows Deployment Services server; for example: DeployRoot=\\%WDSServer%\Distribution$
Location-based automation
MDT 2008 can use location-based automation in the BootStrap.ini file to determine the server to which it should deploy. The Default Gateway property is used to distinguish between different locations, and for each Default Gateway, a different MDT 2008 server is specified. For more information about using location-based automation, refer to the section ”Automating Deployment by Location” in this guide.
Each of the approaches listed in Table 22 offer one way to automate the selection of the deployment server at a given location for certain scenarios. These approaches are targeted to specific scenarios—for example, when the MDT 2008 server is co-hosted with the Windows Deployment Services server. There are other scenarios in which these approaches are not suitable; for example, if there are multiple deployment servers at a given location, or if automation logic is not possible (for example, the network is not segmented enough to allow location determination, or the MDT 2008 server is separated from the Windows Deployment Services server). In these scenarios, the LocationServer.xml file provides a flexible way to present this information at deployment time without requiring knowledge of server names and deployment share names.
Create the LocationServer.xml File To present a list of available deployment servers during an LTI deployment, create a LocationServer.xml file that contains details about each server. There is no default LocationServer.xml file in MDT 2008, so create one using the following guidance.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Selecting a Local Server
101
Create a LocationServer.xml File to Support Multiple Locations The simplest method for creating and using LocationServer.xml is to create a LocationServer.xml file and add entries for each deployment server in the environment (this can be either at the same location or at different locations). The LocationServer.xml file is constructed by creating a new section for each server, and then adding the following information: •
A unique identifier.
•
A location name, used to present an easily identifiable name for that location.
•
A UNC path to the MDT 2008 server for that location.
Listing 29 illustrates how the LocationServer.xml file is created using each of these properties using a sample LocationServer.xml file configured for multiple locations. Listing 29. Example LocationServer.xml File to Support Multiple Locations <servers>
microsoft.com/technet/SolutionAccelerators
102
Microsoft Deployment Toolkit 2008
Create a LocationServer.xml File to LoadBalance Multiple Servers at Different Locations Using LocationServer.xml, specify multiple servers per location entry, and then perform basic load balancing so that when a location is chosen, MDT 2008 automatically selects a deployment server from the list of available servers. To provide this functionality, the LocationServer.xml file supports specifying a weighting metric. Listing 31 illustrates a sample LocationServer.xml file configured for multiple servers at different locations. Listing 31. Example LocationServer.xml File for Different Locations <servers>
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Selecting a Local Server
103
Add the LocationServer.xml File to the Extra Files Directory After the LocationServer.xml file has been created, the file must be added to the LiteTouch_x86 and LiteTouch_x64 Windows PE boot images in the X:\Deploy\Control folder. Using Deployment Workbench, add other files and folders to these Windows PE images by specifying an additional directory to add in the deployment point properties. To add LocationServer.xml to the deployment point 593.Create a folder called Extra Files in the root deployment point folder (for example, D:\Distribution\Extra Files). 594.Create a folder structure in the Extra Files folder that mirrors the Windows PE location where the additional file should reside. For example, the LocationServer.xml file must reside in the \Deploy\Control folder in Windows PE; therefore, create the same folder structure under Extra Files (for example, D:\Distribution\Extra Files\Deploy\Control). 595.Copy LocationServer.xml to the \deployment_point\Extra Files\Deploy\Control folder (where deployment_point is the fully qualified path to the root folder of the deployment point). 596.Start Deployment Workbench. 597.In the console tree, expand Deploy, and then click Deployment Points. 598.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 599.In the deployment_point Properties dialog box, on the Windows PE tab, in the Windows PE Customizations section, in the Extra directory to add box, type path, (where deployment_point is the name of the deployment point, and path is the fully qualified path to the Extra Files folder; for example, D:\Distribution\Extra Files), and then click OK.
Update the BootStrap.ini File When a deployment point is created using Deployment Workbench, a DeployRoot property is automatically created and populated in the BootStrap.ini file. Because the LocationServer.xml file is used to populate the DeployRoot property, this value must be removed from the BootStrap.ini file. To remove the DeployRoot property from BootStrap.ini 600.Start Deployment Workbench. 601.In the console tree, expand Deploy, and then click Deployment Points. 602.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 603.Click the Rules tab, and then click Edit BootStrap.ini. 604.Remove the DeployRoot value (for example, DeployRoot=\\Server\Distribution$). 605.Click File, and then click Save to save the changes to the BootStrap.ini file. 606.Click OK to submit the changes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
104
Microsoft Deployment Toolkit 2008
Update the Deployment Point The deployment point must next be updated to generate a new LiteTouch_x86 and LiteTouch_x64 boot environment that contains the LocationServer.xml file and the updated BootStrap.ini file. To update the deployment point 607.Start Deployment Workbench. 608.In the console tree, expand Deploy, and then click Deployment Points. 609.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Update. Note When the update process has finished, add the new LiteTouch_x86 and LiteTouch_x64 Windows PE environments back into Windows Deployment Services, or burn them to boot media to use during deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Rep laci ng an Exis ti ng C ompu ter wit h a Ne w Co mpute r U si ng L it e Touc h In sta ll ation MDT 2008 can be used to deploy an image to a new computer that will substitute an existing computer in the enterprise architecture. This situation could arise when upgrading from one operating system to another (a new operating system could require new hardware), or if the organization needs newer, faster computers for existing applications. When replacing an existing computer with a new computer, Microsoft recommends taking into account all settings that will be migrated from one computer to another, such as user accounts and user state data. In addition, it is important to create a recovery solution in case the migration fails. In this sample deployment, replace the existing computer (WDG-EXIST-01) with a new computer (WDG-NEW-02) in the CORP domain by capturing user state data from WDGEXIST-01 and saving it to a network share. Then, deploy an existing image to WDGNEW-02, and finally restore the captured user state data to WDG-NEW-02. The deployment will be performed from a deployment server (WDG-MDT-01). In MDT 2008, the Standard Client Replace Task Sequence template can be used to create a task sequence that will perform all the necessary deployment tasks. This demonstration assumes that: •
MDT 2008 has been installed on the deployment server (WDG-MDT-01).
•
The distribution share has already been created and populated, including operating system images, applications, and device drivers.
•
An image of a reference computer has already been captured and will be deployed to the new computer (WDG-NEW-02).
•
A network shared folder (UserStateCapture$) has been created and shared on the deployment server (WDG-MDT-01) with the appropriate share permissions.
Step 1: Create a Task Sequence to Capture the User State Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. To perform the first part of the Replace Computer deployment scenario (capturing the user state on the existing computer), select the Standard Client Replace Task Sequence template in the New Task Sequence Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
106
Microsoft Deployment Toolkit 2008
To create a task sequence to capture the user state in the Replace Computer deployment scenario 610.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 611.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 612.In the details pane, click New. The New Task Sequence Wizard starts. 613.Complete the New Task Sequence Wizard by using the information in Table 23. Accept the default values unless otherwise specified. Table 23. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_EXIST. In Task sequence name, type Perform Replace Computer Scenario on Existing Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Replace Task Sequence, and then click Finish.
The New Task Sequence Wizard finishes, and the VISTA_EXIST task sequence is added to the list of task sequences.
Step 2: Create a Task Sequence to Deploy Operating System and Restore the User State Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. To perform the second part of the Replace Computer deployment scenario (deploying the operating system, and then restoring the user state on the existing computer), select the Standard Client Task Sequence template in the New Task Sequence Wizard. To create a task sequence to deploy the user state in the Replace Computer deployment scenario 614.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 615.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 616.In the details pane, click New. The New Task Sequence Wizard starts. 617.Complete the New Task Sequence Wizard by using the information in Table 24. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
107
Table 24. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_NEW. In Task sequence name, type Perform Replace Computer Scenario on New Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select captured_vista_image (where captured_vista_image is the captured image the reference computer added to the Operating Systems node in Deployment Workbench). Click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd. Click Finish.
The New Task Sequence Wizard finishes, and the VISTA_NEW task sequence is added to the list of task sequences.
Step 3: Create a LAB Deployment Point After the task sequence for performing the Replace Computer deployment scenario has been added, create a Lab or single-server deployment point. Later in the process, the Windows Deployment Wizard will be used to capture the user state from the existing computer (WDG-EXIST-01). Then, the Windows Deployment Wizard is run again to deploy Windows Vista to the new computer (WDG-NEW-01), and then restore the captured user state information to the new computer (WDG-NEW-01). To create a Lab or single-server deployment point in Deployment Workbench 618.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 619.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
108
Microsoft Deployment Toolkit 2008
620.In the details pane, click New. The New Deployment Point Wizard starts. 621.Complete the New Deployment Point Wizard by using the information in Table 25. Table 25. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click Lab or single-server deployment, and then click Next.
Specify Deployment Point Name
Click Next.
Application List
Click Next.
Allow Image Capture
Click Next.
Allow Admin Password
Click Next.
Allow Product Key
Click Next.
Network Share
Click Next.
Configure User State
Click Finish.
The New Deployment Wizard finishes, and the LAB deployment point is added to the list of deployment points. The C:\Distribution folder (distribution share) is shared as Distribution$.
Step 4: Customize the MDT 2008 Configuration Files When the MDT 2008 task sequence has been created, customize the MDT 2008 configuration files that provide the configuration settings for capturing user state information. Specifically, customize the CustomSettings.ini file by modifying the file in the properties of the LAB deployment point created earlier in the deployment process. In a later step, the LAB deployment point will be updated to ensure that the configuration file is updated in the deployment point. To customize the MDT 2008 configuration files for capturing user state information 622.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 623.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 624.In the details pane, click LAB. 625.In the Actions pane, click Properties. The LAB Properties dialog box appears. 626.In the LAB Properties dialog box, click the Rules tab. 627.On the Rules tab, modify the CustomSettings.ini file to reflect the necessary changes as shown in Listing 32. Make any additional modifications the environment requires.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
109
Listing 32. Customized CustomSettings.ini File [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y UDShare=\\WDG-MDT-01\UserStateCapture$ UDDir=%OSDCOMPUTERNAME% UserDataLocation=NETWORK SkipAppsOnUpgrade=YES SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES 628.In the LAB Properties dialog box, click OK. 629.Close all open windows and dialog boxes.
Step 5: Configure the Windows PE Options for the LAB Deployment Point After creating the LAB deployment point, configure the Windows PE configuration options for it. Configure the Windows PE options for the deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the existing computer (WDG-EXIST-01) and the new computer (WDG-NEW-01) are included with Windows Vista, skip this step and proceed with the following step.
To configure the Windows PE options for the deployment point 630.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 631.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 632.In the details pane, click LAB. 633.In the details pane, click Properties.+ The LAB Properties dialog box appears. 634.In the LAB Properties dialog box, on the Windows PE tab, in Driver group, select device_drivers (where device_drivers is the name of the device driver group), and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
110
Microsoft Deployment Toolkit 2008
Step 6: Update the LAB Deployment Point After configuring the Windows PE options for the LAB deployment point, update the deployment point. Updating the deployment point updates all the MDT 2008 configuration files and generates a customized version of Windows PE. The customized version of Windows PE is used to start the reference computer and initiate the LTI deployment process. To update the LAB deployment point in Deployment Workbench 635.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 636.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 637.In the details pane, click LAB. 638.In the Actions pane, click Update. Deployment Workbench starts updating the LAB deployment point. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share).
Step 7: Create the LTI Bootable Media A method must be provided for starting the computer with the customized version of Windows PE created when the LAB deployment point was updated. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). Create the appropriate LTI bootable media from one of these images. To create the LTI bootable media 639.In Windows Explorer, navigate to deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). 640.Based on the type of computer used for the existing computer (WDG-EXIST-01) and new computer (WDG-NEW-02), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the International Organization for Standardization (ISO) file.
•
If the reference computer is a VM, start the VM directly from the ISO file or from a CD or DVD of the ISO file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
111
Step 8: Start the Existing Computer with the LTI Bootable Media Start the existing computer (WDG-EXIST-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the existing computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, the user state migration information is stored in the UserStateCapture$ shared folder. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
To start the existing computer with the LTI bootable media 1. Start WDG-EXIST-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 641.Complete the Windows Deployment Wizard by using the information in Table 26. Accept the default values unless otherwise specified. Table 26. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system Click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Perform Replace Computer Scenario on Existing Computer
Specify where to save your data and settings
Click Next.
Click Next.
Specify where to save a Click Do not back up the existing computer. complete computer Click Next. backup Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
112
Microsoft Deployment Toolkit 2008
642.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 643.In the Deployment Summary dialog box, click Finish. The user state migration information is captured and is stored in the network shared folder (UserStateCapture$) created earlier in the process.
Step 9: Start the New Computer with the LTI Bootable Media Start the new computer (WDG-NEW-02) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the new computer and the captured user state migration information is restored to the new computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
To start the new computer with the LTI bootable media 644.Start WDG-NEW-02 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 645.Complete the Windows Deployment Wizard by using the information in Table 27. Accept the default values unless otherwise specified. Table 27. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Perform Replace Computer Scenario on New Computer, and then click Next.
Configure the computer In Computer name, type WDG-NEW-02, and then click name Next. Join the computer to a domain or workgroup
Click Next.
Specify whether to restore user data
Click Specify a location. In Location, type \\WDG-MDT01\UserStateCapture$\WDG-EXIST-01 Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Replacing an Existing Server
113
On this wizard page
Do this
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Specify whether to capture an image
Click Do not capture an image of this computer, and then click Next.
Specify the BitLocker configuration
Click Do not enable BitLocker for this computer, and then click Next.
Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 646.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 647.In the Deployment Summary dialog box, click Finish. Windows Vista is now installed on the new computer and the captured user state migration information is also restored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In te g r ati ng C us tom Dep lo yment Code in to Micr oso ft Depl oymen t Toolki t 2008 It is common for a deployment team to have complex requirements, specific to their target environment, that are not met by the Deployment Workbench predefined task sequence actions or by default MDT 2008 configuration files. In this situation, the deployment team might want to implement custom code to meet their requirements. To integrate custom deployment code into MDT 2008 648.Chose the appropriate scripting language. 649.Understand how to leverage ZTIUtility.vbs. 650.Integrate custom deployment code. The following sections assume that MDT 2008 is configured on a deployment server.
Choose the Appropriate Scripting Language Although any code that can be run on Microsoft Windows or Microsoft Windows PE can be called as an application installation or through an MDT 2008 task sequence step, Microsoft recommends using scripts in the form of .vbs or .wsf files. The advantage of using .wsf files is built-in logging in addition to some other predefined functions already used by the ZTI and LTI processes. These functions are available in the ZTIUtility script distributed with MDT 2008. When referenced from a custom script, the ZTIUtility script initializes the MDT 2008 environment and setup classes. Four classes are available: •
Logging. This class provides the logging functionality that all MDT 2008 scripts use. It also creates a single log file for each script run during deployment and a consolidated log file of all scripts. These log files are created in a format designed to be read by TRACE32; this tool is available in the System Center Configuration Manager 2007 Toolkit at http://www.microsoft.com/downloads/details.aspx?familyid=948e477e-fd3b-4a099015-141683c7ad5f&displaylang=en.
•
Environment. This class configures environment variables gathered through WMI and MDT 2008 rule processing, and allows them to be referenced directly from the script. This allows deployment properties to be read, giving access to all the configuration information used by the ZTI and LTI processes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
115
•
Utility. This class provides general utilities that are used throughout ZTI and LTI scripts. Microsoft recommends that any time custom code is developed this class should be examined to see if any code can simply be reused. Additional information about some of the functionality provided in this class is included later in this section.
•
Database. This class performs functions like connecting to databases and reading information from databases. In general, accessing the database class directly is not recommended; instead, rule processing should be used to perform database lookups.
Understand How to Leverage ZTIUtility Use the ZTIUtility Logging Class The logging class in ZTIUtiliy.vbs provides a simple mechanism for custom code to log status information, warnings, and errors in the same manner as other scripts during a ZTI or LTI deployment. This standardization also ensures that the LTI Deployment Summary dialog box correctly reports the status of any custom code that is run. Listing 33 illustrates an example custom code script that uses the oLogging.CreateEntry function to log different types of messages, depending on the amount of RAM available in the workstation. Listing 33. Example Script Using ZTIUtility Logging: Z-RAMTest.wsf <job id="Z-RAMTest"> <script language="VBScript" src="ZTIUtility.vbs"/> <script language="VBScript"> ' //************************************************************* ' // ***** Script Header ***** ' // ' // Solution: Solution Accelerator for Business Desktop Deployment ' // File: Z-RAMTest.wsf ' // ' // Purpose: Check the amount of RAM prior to upgrading a workstation ' // ' // Usage: cscript Z-RAMTest.wsf [/debug:true] ' // ' // Customer Build Version: 1.0 ' // Customer Script Version: 1.0 ' // ' // Customer History: ' // ' // ***** End Header ***** ' //************************************************************* '//-------------------------------------------------------------Solution Accelerators
microsoft.com/technet/SolutionAccelerators
116
Microsoft Deployment Toolkit 2008
'// '// Global constant and variable declarations '// '//-------------------------------------------------------------Option Explicit Dim iRetVal '//-------------------------------------------------------------'// End declarations '//-------------------------------------------------------------'//-------------------------------------------------------------'// Main routine '//-------------------------------------------------------------On Error Resume Next iRetVal = ZTIProcess ProcessResults iRetVal On Error Goto 0 '//-------------------------------------------------------------'// '// Function: ZTIProcess() '// '// Input: None '// '// Return: Success - 0 '// Failure - non-zero '// '// Purpose: Perform main ZTI processing '// '//-------------------------------------------------------------Function ZTIProcess() ZTIProcess = Failure Dim varAvailableRAM oLogging.CreateEntry "Z-RAMTest launched to evaluate available RAM in target workstation", LogTypeInfo
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
117
varAvailableRAM = oEnvironment.Item("Memory") oLogging.CreateEntry "Available RAM on target workation is: " & varAvailableRAM, LogTypeInfo If varAvailableRAM < 512 Then oLogging.CreateEntry "Not enough RAM avialable to continue upgrade process.",LogTypeError ZTIProcess = Failure ElseIf VarAvailableRAM >= 512 AND varAvailableRAM < 1024 Then oLogging.CreateEntry "Limited amount of RAM available in workstaion, upgrade continuing.",LogTypeWarning ZTIProcess = Success Else oLogging.CreateEntry "Sufficient RAM available for upgrade.",LogTypeInfo ZTIProcess = Success End If End Function
Use the ZTIUtility Environment Class The environment class in ZTIUtiliy.vbs provides access to, and the ability to update, MDT 2008 properties. In Listing 33, oEnvironment.Item("Memory") is used to retrieve the amount of available RAM; this can also be used to retrieve the value of any of the properties described in the MDT 2008 document, Toolkit Reference.
Use the ZTIUtility Utility Class The ZTIUtility.vbs script contains a number of commonly used utilities that can be used by any custom deployment script. These can be added to any script the same way as the oLogging and oEnvironment classes. Table 28 details some useful functions available, and their output. For a full list of available functions, refer to the ZTIUtility.vbs file. Table 28. Useful ZTI Utility Functions Function
Output
oUtility.LocalRootPath
Returns the path of the root folder being used by the deployment process on the target computer; for example, C:\MININT.
oUtility.BootDevice
Returns the system boot device; for example, MULTI(0)DISK(0)RDISK(0)PARTITION(1).
oUtility.LogPath
Returns the path to the logs folder being
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
118
Function
Microsoft Deployment Toolkit 2008
Output used during the deployment; for example, C:\MININT\SMSOSD\OSDLOGS.
oUtility.StatePath
Returns the path of the currently configured state store; for example, C:\MININT\StateStore.
oUtility.ScriptName
Returns the name of the script calling the function; for example, Z-RAMTest.
oUtility.ScriptDir
Returns the path to the script that is calling the function; for example, \\<ServerName>\Distribution$\Scripts.
oUtility.ComputerName
Determines the computer name that will be used during the build process; for example,
oUtility.ReadIni(file,section,item)
Allows the specified item to be read from an .ini file.
oUtility.WriteIni(file,section,item,myvalue) Allows the specified item to be written to an .ini file. oUtility.Sections(file)
Reads the sections of an .ini file and stores them in an object for reference.
oUtility.SectionContents(file,section)
Reads the contents of the specified .ini file and stores them in an object.
oUtility.RunWithHeartbeat(sCmd)
When the command is run, heartbeat information is written to the logs every 0.5 seconds.
oUtility.FindFiles(sFilename,sFoundPath)
Searches for the specified file in the DeployRoot folder and standard subfolders including Servicing, Tools, USMT, Templates, Scripts, and Control.
oUtility.findMappedDrive(sServerUNC)
Checks to see if a drive is mapped to the specified UNC path, and returns the drive letter.
oUtility.ValidateConnection(sServerUNC)
Checks to see if there is an existing connection to the server specified, and if there is not, will attempt to create one.
MapNetworkDrive(sShare,SDomID, sDomPwd)
Maps a drive letter to the UNC path specified as the share, and returns the drive letter used; returns an error if unsuccessful.
VerifyPathExists(strPath)
Verifies that the specified path exists.
Integrate Custom Deployment Code Custom deployment code can be integrated into the MDT 2008 process in several ways; however, regardless of the method used, the following two rules should be met: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
119
651.The custom deployment code script name should always begin with the letter Z. MDT 2008 replicates files only beginning with a Z; for example, Z-RAMTest. 652.The custom deployment code should be placed in the Scripts folder on the deployment share; for example, D:\Distribution\Scripts. The most frequently used methods for integrating custom code that also ensure consistent logging are: 653.Deploy the code as an MDT 2008 application. 654.Launch the code as an MDT 2008 task sequence command. 655.Launch the code as a user exit script.
Deploy Custom Code As a Microsoft Deployment Toolkit Application Custom deployment code can be imported into Deployment Workbench and managed the same way as any other application. To create a new application to run custom deployment code 656.Copy the custom deployment code to the distribution_share\Scripts folder (where distribution_share is the fully qualified path to the distribution share). 657.Start Deployment Workbench. 658.In the console tree, click Distribution, and then click Applications. 659.In the actions pane, click New. The New Application Wizard will start. 660.Complete the New Application Wizard using the information in Table 29; accept defaults unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
120
Microsoft Deployment Toolkit 2008
Table 29. Information for Completing the New Application Wizard On this page
Do this
Application Type
Click Application without source files or elsewhere on the network. Click Next.
Details
Complete this page based on the information from the application. Click Next.
Command Details
In the Command line box, type cscript.exe %SCRIPTROOT%\custom_code (where custom_code is the name of the custom code that has been developed). In the Working directory box, type working_directory (where working_directory is the name of the working directory of the custom code; this is typically the same folder specified in the Command line box). Click Finish.
The application will appear on the Applications node in Deployment Workbench.
Add the Custom Code As a Task Sequence Step Custom deployment code can be called directly from any point within a task sequence; this gives access to the usual task sequence rules and options. To add the custom deployment code to an existing task sequence 661.Copy the custom deployment code to the \distribution_share\Scripts folder (where distribution_share is the fully qualified path to the distribution share). 662.Start Deployment Workbench. 663.In the console tree, click Task Sequences. 664.In the details pane, click task_sequence (where task_sequence is the name of the task sequence that runs the custom code). 665.In the actions pane, click Properties. 666.In the task_sequence Properties dialog box, click the Task Sequence tab. 667.In the console tree, go to group (where group is the group to add the task sequence step). 668.Click Add, click General, and then click Run Command Line. 669.In the console tree, click Run Command Line, and then click the Properties tab. 670.In the Name box, type name (where name is the name of the custom code).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
121
671.On the Properties tab, in the Command line box, type command_line (where command_line is the command to run the custom code; for example, cscript.exe %SCRIPTROOT%\CustomCode.vbs). 672.In the Start in box, type path (where path is the fully qualified path to the working folder of the custom code; typically this is the same path specified in the Command line box), and then click OK. The newly created task sequence step will appear in the list of task sequences.
Run Custom Code As a User Exit Script It also is possible to run the custom code as a user exit script from CustomSettings.ini. This provides a mechanism for information to be passed into the CustomSettings.ini rule validation process and provides a dynamic update of MDT 2008 properties. A user exit script is effectively a function library that can be called during the processing of CustomSettings.ini: •
A user exit script will contain one or more functions that can be called during CustomSettings.ini processing.
•
The user exit script is called by specifying the UserExit property and assigning the property name of the script to be called; for example, UserExit=TrimAssetTag.vbs.
•
A function is called by specifying the name of a function enclosed in the # characters. For example, if the user exit script contains a function called TrimAssetTag(), it would be called by specifying #TrimAssetTag()#.
•
Parameters can be passed to the function in the usual way by specifying the parameter while calling the function. For example, to pass the variable %ASSETTAG% to the function TrimAssetTag(), the function would be called by specifying #TrimAssetTag(“%ASSETTAG%”)#.
•
The value returned by the function can be assigned to a variable by assigning the function to that variable. For example, to take the asset tag of a computer and trim it using the function TrimAssetTag(), and to then reassign the trimmed asset tag to the variable AssetTag, the CustomSettings.ini file would read AssetTag=#TrimAssetTag(“%ASSETTAG%”)#.
An example of how this could be used is to determine the task sequence to be run based on a rule that sets the TaskSequenceID property. Listing 34 is an example user exit script that determines the task sequence to be run based on the amount of available RAM. This script also uses the ZTIUtility logging class. Listing 34. Example User Exit Script Function UserExit(sType,sWhen,sDetail,bSkip) UserExit = Successfs End Function Function SetTaskSequence(vMemory) oLogging.CreateEntry "UserExit - Determining Task Sequence to run based on available RAM",LogTypeInfo If vMemory <= 2048 Then SetTaskSequence = "XP_X86" Solution Accelerators
microsoft.com/technet/SolutionAccelerators
122
Microsoft Deployment Toolkit 2008
oLogging.CreateEntry "UserExit - Available RAM: " & vMemory & ". Selecting XP_X86 TS.",LogTypeInfo Else SetTaskSequence = "Vista_X86" oLogging.CreateEntry "UserExit - Available RAM: " & vMemory & ". Selecting Vista_X86 TS.",LogTypeInfo End If End Function The user exit script should be placed in the same location as the CustomSettings.ini file in which it is referenced; this is typically the Control folder of the distribution point. To create the user exit script 673.Create and test the custom script to be used. 674.Locate the MDT 2008 Control folder (for example, D:\Distribution\Control). 675.Copy the custom script to the Control folder. With the user exit script added to the deployment point (in this case, z-RAMTest.wsf), it must then be referenced in the CustomSettings.ini file for the deployment point so it is called during deployment. To call the user exit script from CustomSettings.ini 676.Start Deployment Workbench. 677.In the console tree expand Deploy, and then click Deployment Points. 678.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Properties. 679.Click the Rules tab to display the CustomSettings.ini file. 680.Add sections to UserExit.vbs to call the required functionality using the principles described in the previous section. An example CustomSetting.ini file is shown in Listing 35. 681.Click OK to submit the changes. 682.Right click deployment_point, and then click Update (files only) to update the deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Implementing Custom Deployment Code
123
Another common use for the user exit script is to dynamically set the computer name from known MDT 2008 properties such as SerialNumber, Model, or Product. Listing 35. Example CustomSettings.ini for Calling the User Exit Script [Settings] Priority=Default [Default] OSInstall=Y TaskSequenceID=#SetTaskSequence("%MEMORY%")# UserExit=Z-RAMTest.vbs UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=YES SkipAdminPassword=NO SkipProductKey=YES
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ins tal ling De vice Dri ver s Us ing Var ious In sta ll ation Me thods In this scenario, MDT 2008 is used to deploy an operating system to different types of hardware. As part of the deployment process, device drivers must be identified and installed so that each hardware type will function correctly. There are two main types of device drivers; each must be handled differently during the deployment process: 683.Device drivers that contain an .inf file that can be used to import the device driver into Deployment Workbench. 684.Device drivers that are packaged as an application, and that must be installed as an application. Using MDT 2008 both types of drivers can be handled as part of an operating system deployment. To install device drivers using different methods 685.Determine which method to use to install each device driver. 686.Install device drivers using the out-of-box drivers method. 687.Install device drivers as applications. This scenario assumes that MDT 2008 is running on a deployment server.
Determine Which Method to Use to Install a Device Driver Hardware manufacturers release device drivers in one of two forms: 688.As a package that can be extracted and that contains .inf files that can then be used to import the driver into Deployment Workbench. 689.As an application that must be installed using traditional application installation processes. Device driver packages that can be extracted to access .inf files can use the MDT 2008 automatic driver detection and installation process by first importing the driver into the Out-of-Box Drivers node in Deployment Workbench. Device driver packages that cannot be extracted to isolate .inf files, or those that do not work correctly without first being installed using an application installer such as an .msi or Setup.exe file can use the MDT 2008 Install Application feature and install the device driver during the deployment process just as for any normal application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
125
Install Device Drivers Using the Out-ofBox Drivers Method Device driver packages that include an .inf file can be imported to Deployment Workbench and be installed automatically as part of the deployment process. To implement this type of device driver deployment, first add the device driver to Deployment Workbench. To add the device driver to Deployment Workbench 690.Download the device drivers that are required for the hardware types to be deployed, and extract the device driver package to a temporary location. 691.Start Deployment Workbench. 692.In the console tree, expand Distribution Share. 693.Right-click Out-of-Box Drivers, and then click New. 694.In the New Device Driver Wizard, in the Drive source directory section, click Browse to go to the folder that contains the new device drivers, and then click OK. Note The New Device Driver Wizard will search all subdirectories of the driver source directory; therefore, if there are multiple drivers to install, extract them into folders within the same root directory and then set the driver source directory as the root directory that holds all of the driver source folders.
695.In the These drivers can be assigned to one or more groups as they are being imported section, click or add the relevant driver groups. Note The driver groups can be used during a deployment to limit the number of drivers that will be searched by MDT 2008 scripts. For example, if all drivers for a Dell Latitude D600 were imported and assigned to a driver group called Dell Latitude D600 Drivers, CustomSettings.ini or the Deployment Workbench database could be used to specify that for any Dell Latitude D600 computer, use only drivers from that driver group. To do this, add DriverGroups1=Dell Latitude D600 Drivers to a Dell-specific section of the file or database. For more information about creating computer-specific entries in CustomSettings.ini or in the Deployment Workbench database, see the section “Install Device Drivers As an Application” in this document.
7. Click Finish to import the drivers into Deployment Workbench. If the device drivers contain boot-critical drivers such as mass storage or network class drivers, the deployment point must next be updated to generate a new LiteTouch_x86 and LiteTouch_x64 boot environment that contains the new drivers. To add device drivers to the Lite Touch Windows PE images 696.Start Deployment Workbench. 697.In the console tree, expand Deploy, and then click Deployment Points. 698.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to configure), and then click Update.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
126
Microsoft Deployment Toolkit 2008
Install Device Drivers As an Application Device drivers that are packaged as applications and which cannot be extracted to a folder containing an .inf file, in addition to additional driver files, should be added to Deployment Workbench as an application for installation during the deployment process. Applications can be specified as a task sequence step or specified in CustomSettings.ini; however, device driver applications should be installed only when the task sequence is run on a computer with the devices. To ensure this, run the task sequence step for deploying the relevant device driver applications as a conditional task sequence step. The conditional criteria can be specified for running the task sequence step using WMI queries for the device on the target computer.
Add the Device Driver Application to Deployment Workbench Each device driver application must first be imported into Deployment Workbench. To add the device driver application to Deployment Workbench 699.Download the device driver application and save it to a temporary location. 700.Start Deployment Workbench. 701.In the console tree, expand Distribution Share. 702.Right-click Applications, and then click New. 703.In the New Application Wizard, click Application with source files, and then click Next. 704.On the Details page, type relevant details about the application, and then click Next. 705.On the Source page, in the Source directory section, click Browse to go to and then click the directory that contains the device driver application source files, and then click OK. 706.Click Next. 707.On the Destination page, type a name for the destination directory, and then click Next. 708.On the Command Details page, in the Command line section, type the command that allows silent installation of the device driver application. 709.Click Finish to import the device driver application into Deployment Workbench. Note This process must be repeated for each device driver application that needs to be used during deployment. Using Deployment Workbench, whether the application should be visible during deployment in the Lite Touch Installation Application Wizard can also be specified. To do this, in the Properties dialog box of any application, select or clear the Hide this application in the Deployment Wizard check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
127
After the applications are imported into Deployment Workbench, each application must be added to the deployment process using the appropriate logic to ensure that the application installs only when running on the correct hardware. There are different methods for achieving this: 710.Specify the device driver application as part of a deployment task sequence. 711.Specify the device driver application in CustomSettings.ini. 712.Specify the device driver application in the Deployment Workbench database. Each approach is discussed in more detail in the following sections.
Specify the Device Driver Application As Part of a Task Sequence The first method for adding a device driver application to the deployment process is to use a task sequence to add additional steps for each device driver application. There are two main approaches for managing device driver applications in the task sequence: 713.Create a new task sequence group for each hardware model, and then add a query to run that group of actions if the computer matches a specific hardware type. 714.Create a task sequence group for hardware-specific applications, and then add queries for each task sequence action so that each task sequence step is evaluated against the hardware type and will run only if a match is found. To create a new task sequence group for each type of hardware 715.Start Deployment Workbench. 716.In the console tree, click Task Sequences. 717.Right-click task_sequence (where task_sequence is the deployment task sequence that will be required to install the device driver application), and then click Properties. 718.In the task_sequence Properties dialog box, on the Task Sequence tab, in the details pane, go to State Restore/Windows Update (Pre-Application Installation). 719.On the Task Sequence tab, click Add, and then click New Group. This creates a new task sequence group in the task sequence. Use this new task sequence group to create the steps for installing the hardware-specific device driver applications. 720.In the details pane, click New Group. 721.On the Properties tab, in the Name box, type group_name (where group_name is the name of the group; for example, Hardware Specific Applications – Dell Computer Corporation). 722.On the Options tab, click Add, and then click Query WMI.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
128
Microsoft Deployment Toolkit 2008
723.In the Task Sequence WMI Condition dialog box, type the following details: •
In the WMI namespace box, type root\cimv2.
•
In the WQL query box, type a WMI Query Language (WQL) query using the Win32_ComputerSystem class to ensure that the application is installed only for a specific application type. For example: Select * FROM Win32_ComputerSystem WHERE Model LIKE %hardware_model% AND Manufacturer LIKE %hardware_manufacturer% In this example, hardware_model is the name of the computer model (such as Latitude D620) and hardware_manufacturer is the name of the computer make (such as Dell Corporation). The % symbol is a wildcard character that is included in the names to allow administrators to return any computer models or manufactures that contains the value specified for hardware_model or hardware_manufacturer.
For more information about WMI and WQL queries, see the MDT 2008 document, Image Customization Guide, and see Querying with WQL at http://msdn.microsoft.com/en-us/library/aa392902.aspx. 724.Click OK to submit the query, and then click OK to submit changes to the task sequence. Note This process must be repeated for each hardware type of each device driver application to be installed.
After the hardware-specific task sequence groups have been created, device driver applications can be added to each group. To add device driver applications to hardware-specific task sequence groups 725.Start Deployment Workbench. 726.In the console tree, click Task Sequences. 727.Right-click task_sequence (where task_sequence is the deployment task sequence that will be required to install the device driver application), and then click Properties. 728.In the task_sequence Properties dialog box, click the Task Sequence tab. 729.In the details pane, go to State Restore/Hardware_Specific_Group (where Hardware_Specific_Group is the name of the hardware-specific group where the task sequence step will be added to install the device driver application ). 730.On the Task Sequence tab, click Add, click General, and then click Install Application The Install Application task sequence step appears in the details pane. 731.In the details pane, click Install Application. 732.On the Properties tab, click Install a single application, and in the Application to install list,, select hardware_application (where hardware_application is the application for installing the hardware-specific application). Note This process must be repeated for each device driver application that needs to be used during a deployment
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
129
Specify the Device Driver Application in CustomSettings.ini When an LTI or ZTI deployment begins, one of the first actions to be completed is the processing of the BootStrap.ini and CustomSettings.ini control files. Both of these files contain rules that can be used to dynamically customize the deployment. Because of the way MDT 2008 processes the CustomSettings.ini file it can be used to add applications based on specific conditions. This logic will be used to add device driver–specific applications during deployment based on specific hardware types. Applications are referenced in CustomSettings.ini by the application’s globally unique identifier (GUID), located in the Applications.xml file in the distribution share. To locate an imported application’s GUID 733.In the distribution share of the deployment server, open the Control folder; for example, D:\Distribution\Control. 734.Locate and open the Applications.xml file. 735.Locate the required application. 736.Locate the application GUID by locating the line enclosed in the application
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
130
Microsoft Deployment Toolkit 2008
The following properties can be used to specify applications in CustomSettings.ini: •
Applications. This property can be used when deployment administrators do not want to present an application wizard as part of the deployment process by specifying SkipApplications=YES in CustomSettings.ini.
•
MandatoryApplications. This property can be used if deployment administrators want to present the application wizard during the deployment to allow deployment engineers to select additional applications to be installed during the deployment.
If the application wizard is used without the MandatoryApplications property (for example, SkipApplications=NO), it will overwrite applications specified by the Applications property. Listing 36 shows how to use the %Make% and %Model% variable values to dynamically manipulate how the applications list is built. The values for the make and model of each type of hardware can be located using one of the following methods: 737.The System Information tool. Use the System Summary node in this tool to identify the System Manufacturer (make) and System Model (model). 738.Windows PowerShell™. Use the Get-WMIObject –class Win32_ComputerSystem cmdlet to determine the make and model of the computer. 739.Windows Management Instrumentation Command-line (WMIC). Use CSProduct Get Name, Vendor to return the name (model) and vendor (make) of the computer. To modify CustomSettings.ini to add hardware-specific logic 740.Start Deployment Workbench. 741.In the console tree, expand Deploy, and then click Deployment Points. 742.In the details pane, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to configure), and then click Properties. 743.Click the Rules tab. 744.Information typed on this tab is stored in the CustomSettings.ini file. Modify the CustomSettings.ini file entries to add logic for each hardware model that has a device driver–specific application, as described in the section “Specify the Device Driver Application As Part of a Task Sequence.” 745.Click OK to submit the changes. 746.Right-click deployment_point, and then click Update (files only) to submit the changes to the deployment point. By default, all available applications are displayed in the Deployment Wizard during a Lite Touch Installation (LTI). Because device driver–specific applications are applicable only to specific hardware types, IT might not want them displayed all the time. By specifying the device driver–specific application package in CustomSettings.ini, the application can be hidden using the Hide the application in the Deployment Wizard option in the application configuration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Installing Device Drivers
131
To hide an application in the Deployment Wizard 747.Start Deployment Workbench. 748.In the console tree, click Applications. 749.Right-click device_driver_application (where device_driver_application is the application to be hidden from the Deployment Wizard), and then click Properties. 750.On the General tab, select the Hide the application in the Deployment Wizard check box. 751.Click Apply, and then close the Properties dialog box.
Specify the Device Driver Application in the Deployment Workbench Database The Deployment Workbench database is a database version of the CustomSettings.ini file and can be queried at deployment time for information to be used during the deployment. For more information about using the Deployment Workbench database, see the section “Automating Deployment to a Specific Computer” in this guide. When querying the Deployment Workbench database at deployment time, there are three methods available for identifying the target computer: 752.Search for the individual computer (using the media access control [MAC] address, asset tag, or similar). 753.Search for the location of the computer (using the default gateway). 754.Search for the make and model of the computer (using WMI manufacturer/make and model queries). For each database entry that is created, administrators can specify deployment properties, applications, whether to use Systems Management Server or Configuration Manager packages, and administrators. By creating make and model entries in the database, administrators can add the required hardware-specific device driver applications. To create entries in the Deployment Workbench database to allow installation of device driver applications 755.Start Deployment Workbench. 756.In the console tree, go to Deploy/Database. 757.Right-click Make and Model, and then click New. 758.In the Properties dialog box, on the Identity tab, in the Make box, type make_name (where make_name is an easily identified name to associate with the manufacturer of the target computer). 759.In the Model box, type model_name (where model_name is an easily identified name to associate with the model of the target computer). 760.On the Applications tab, add each of the device driver applications required for that model of hardware. Note This process must be repeated for each specific hardware make and model that requires a device driver application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In it ia ti ng M icr osof t Dep lo yment Toolki t Us ing W indo ws Dep lo yment Ser vi ces Windows Server 2008 uses Windows Deployment Services as an updated and redesigned version of Remote Installation Services (RIS), the default deployment tool in Windows Server 2003 SP2. Using Windows Deployment Services, Windows operating systems can be deployed, particularly Windows Vista and Windows Server 2008, across a network using either a computer’s PXE–enabled network adapter or boot media. Although this section focuses on the Windows Deployment Services role in Windows Server 2008, all of the samples in this section, with the exception of deployments using multicasting, also apply to Windows Deployment Services installed on Windows Server 2003. Before deploying Windows Deployment Services, administrators should consider the following integration options, to determine which option best suits their environment: •
Option 1: Boot computers boot in PXE to initiate the LTI process.
•
Option 2: Deploy an operating system image from the Windows Deployment Services image store.
•
Option 3: Use multicasting with MDT 2008 and the Windows Server 2008 Windows Deployment Services server role.
•
Option 4: Configure the Windows Deployment Services PXE filter to allow System Center Configuration Manager to respond to unknown computers.
Option 1: Boot Computers in PXE to Initiate the LTI Process Help minimize the cost of managing operating system deployments by starting the MDT 2008 deployment process using Windows Deployment Services in conjunction with DHCP. This removes the requirement of creating and delivering bootable media to each target computer.
Create and Import the Deployment Workbench Windows PE Image into Windows Deployment Services When creating a new MDT 2008 deployment point or modifying an existing MDT 2008 deployment point using the Lab or single-server deployment or Separate deployment share deployment point types, a customized Windows PE boot image can be created. When the deployment point is updated, the Windows PE boot image is automatically generated and updated with information about the deployment point, and it will inject any additional drivers or components specified during the deployment point configuration. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
133
The Windows PE boot image is generated as both an .iso image file, which can be written to a CD or DVD, and as a bootable WIM file. The WIM file can be imported to a Windows Deployment Services server so that computers that can boot in PXE can download and run the LTI Windows PE boot image across a network used to initialize an installation. To create a bootable Windows PE image in Deployment Workbench 761.Start Deployment Workbench. 762.In the console tree, click Deployment Points. 763.In the details pane, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to configure), and then click Properties. 764.In the deployment_point Properties dialog box, click the Windows PE tab. 765.In the Images to Generate area, select the Generate a Lite Touch bootable RAM disk ISO image check box. 766.In the Driver Injection section, click the appropriate driver types to include. Note This step is not necessary if Windows PE already includes the necessary device drivers.
767.In the Driver Injection section, in the Driver group list, select the appropriate driver group. 768.In the deployment_point Properties dialog box, click OK. Note This step is not necessary if Windows PE already includes the necessary device drivers.
769.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point), and then click Update. When this process completes, the Boot folder in the distribution share will contain a number of boot images; for example: D:\Distribution\Boot\LiteTouchPE_x64.iso D:\Distribution\Boot\LiteTouchPE_x64.wim D:\Distribution\Boot\LiteTouchPE_x86.iso D:\Distribution\Boot\LiteTouchPE_x86.wim 770.The .iso files that have been generated can be written directly to CD or DVD, or be used to initialize the LTI process on new hardware; the boot WIM files created can be imported into Windows Deployment Services. When bootable WIM images are available, they can be imported to an existing Windows Deployment Services server, so that new computers can initialize the LTI deployment process without requiring any physical media. To import the Windows PE image into Windows Deployment Services 771.Start the Windows Deployment Services console, and then connect to the appropriate Windows Deployment Services server. 772.In the console tree, right-click Boot Images, and then click Add Boot Image. 773.Browse to the WIM image to be imported; for example, D:\Distribution\Boot\LiteTouchPE_x86.wim.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
134
Microsoft Deployment Toolkit 2008
774.The import process will automatically read the metadata from the boot image, but the Image Name and Image Description values can also be edited; the Image Name affects the boot option information displayed by Windows Boot Manager when the client boots in PXE. 775.When the boot image has been imported, any computer that boots in PXE and receives a reply from the Windows Deployment Services server will be able to download the LTI boot image and initiate an LTI installation. Installing and configuring Windows Deployment Services is not covered in this guide. For additional information about Windows Deployment Services, visit http://technet.microsoft.com/en-us/library/cc265612.aspx.
Use Windows Deployment Services to Automatically Detect the Deployment Server An additional option is available when using Windows Deployment Services to host MDT 2008 boot images when the MDT 2008 distribution share is hosted on the same server as Windows Deployment Services. When the MDT 2008 boot image is loaded by a PXE client, the name of the Windows Deployment Services server hosting the boot image is captured and placed in the MDT 2008 property WDSServer. This property can then be referenced in the boot image’s BootStrap.ini file and in the deployment point’s CustomSettings.ini file by the DeployRoot property. This results in a client that boots from the Windows Deployment Services server automatically using the deployment point hosted on the Windows Deployment Services server. This eliminates the need to specify a server name in any configuration file. To set the local Windows Deployment Services server as the deployment server 776.Start Deployment Workbench. 777.In the console tree, expand Deploy, and then click Deployment Points. 778.In the details pane, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to configure), and then click Properties. 779.Click the Rules tab. 780.Information typed on this tab is stored in the CustomSettings.ini file. Configure the DeployRoot property to use the %WDSServer% variable; for example, DeployRoot=\\%WDSServer%\Distribution$. 781.Click Edit Bootstrap.ini. 782.Configure BootStrap.ini to use the %WDSServer% property by adding or changing the DeployRoot value to DeployRoot=\\%WDSServer%\Distribution$. 783.On the File menu, click Save to save the changes to the BootStrap.ini file. 784.Click OK. 785.To update the deployment point, right-click deployment_point (where deployment_point is the name of the Lab or Network deployment point to update), and then click Update to generate updated boot images. 786.Import the updated boot WIM into Windows Deployment Services as described in the section “Import the LTI Boot Image into Windows Deployment Services.”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
135
Option 2: Deploy an Operating System Image from the Windows Deployment Services Store If an organization is already using Windows Deployment Services for operating system deployment, it can extend the functionality of MDT 2008 by configuring it to reference the Windows Deployment Services operating system images already in use rather than using its own store, and to supplement Windows Deployment Services deployments with driver management, application deployment, update installation, rule processing, and other MDT 2008 functionality. After a Windows Deployment Services operating system image has been referenced by MDT 2008 it can be treated like any operating system that has been staged to an MDT 2008 deployment point. To reference a Windows Deployment Services operating system image The following steps require that at least one operating system image has previously been imported into the Windows Deployment Services server. 787.Update MDT 2008 to be able to access Windows Deployment Services images by copying the following files from the Sources folder of the Windows Vista or Windows Server 2008 media to the \\Program Files\Microsoft Deployment Toolkit\bin folder on the Windows Deployment Services server: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
•
Wdstptc.dll (this is only applicable if copying from the Windows Server 2008 or Windows Vista with SP1 source directories)
Note The Windows source directory being used must match the platform of the operating system running on the computer where MDT 2008 is installed.
788.In the Deployment Workbench console tree, go to Distribution Share/Operating Systems. 789.In the actions pane, click New to start the New OS Wizard. 790.On the OS Type page, click Windows Deployment Services images, and then click Next. 791.Type the name of the Windows Deployment Services server to be referenced—for example, WDSSvr001—and then click Finish. 792.All of the images available on the Windows Deployment Services server will now be available to MDT 2008 task sequences. Note Importing images from Windows Deployment Services does not copy the source files from the Windows Deployment Services server to the distribution share. MDT 2008 continues to use the source files from their original location.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
136
Microsoft Deployment Toolkit 2008
Option 3: Use Multicasting with Microsoft Deployment Toolkit and Windows Server 2008 Windows Deployment Services Role With the release of Windows Server 2008, Windows Deployment Services was enhanced to support the deployment of images using multicast transmissions. MDT 2008 also includes updates to integrate MDT with Windows Deployment Services multicasting. In addition, an updated Windows Automated Installation Kit (WAIK), version 1.1, includes Wdsmcast.exe. This allows multicast sessions to be joined manually and allows the client launching Wdsmcast.exe to copy files from an active multicast session. The LTIApply.wsf script uses Wdsmcast.exe when it accesses operating system source files from the distribution point. LTIApply.wsf looks for Wdsmcast.exe on the deployment point either in the .\Tools\x86 or the .\Tools\x64 folder, depending on the version of Windows PE that is running. When LTIApply.wsf runs it will always attempt to access and download WIM images from an existing multicast stream, but it will fall back to a standard file copy if a multicast stream does not exist. This process applies only to WIM image files and is not used when performing unattended installations of Windows XP and Windows Server 2003. To prepare for MDT 2008 multicasting—deployment server prerequisites 793.The deployment server must be running Windows Server 2008. 794.The Windows Deployment Services role must be installed from the Server Management console. 795.WAIK 1.1 for Windows Server 2008 must be installed. 796.MDT 2008 must be installed. 797.As with any deployment using MDT 2008, at least one operating system WIM image must have been imported, either as a full set of source files or as a custom image with setup files. Note It is important to use the latest version of WAIK for multicasting; the copy of Windows PE included in earlier versions of WAIK—for example, WAIK 1.0—does not support downloading from a multicast server.
To configure MDT 2008 for multicasting from an existing deployment point 798.In the Deployment Workbench console tree, expand Deployment, and then click Deployment Points. 799.Select deployment_point (where deployment_point is an existing Lab or Network deployment point that to configure), and then, in the actions pane, click Properties. 800.On the General tab, select the Enable multicast for this deployment point (requires Windows Server 2008 Windows Deployment Services) check box. 801.Apply the changes to the deployment point. 802.In Deployment Workbench, click deployment_point, and then, in the actions pane, click Update to generate the Windows Deployment Services multicast transmission for the distribution share.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
137
This process creates an Auto-Cast Windows Deployment Services multicast transmission that directly uses the existing MDT 2008 distribution share. MDT 2008 does not create Scheduled-Cast transmissions. Also note that no additional images are imported into Windows Deployment Services and that it is not possible to use multicast for boot images, because the multicast client cannot be loaded until after Windows PE is running. To verify that the multicast transmission has been generated in Windows Deployment Services 803.Click Start, point to Administrative Tools, and then click Windows Deployment Services. 804.In the Windows Deployment Services console console tree, right-click Servers, and then click Add Server. 805.In the Add Servers(s) dialog box, click Local computer, and then click OK. 806.In the Windows Deployment Services console console tree, click Servers, then click server_name (where server_name is the name of the computer running Windows Deployment Services), and then click Multicast Transmissions. 807.In the details pane, a new Auto-Cast transmission for the deployment point share will be listed; for example, BDD Share Distribution$. 808.Verify that the status of the BDD Share Distribution$ Auto-Cast transmission is set to Active. After a computer has been deployed, verify that the operating system was downloaded from a multicast transmission by examining the BDD.log file in the \Windows\Temp\DeploymentLogs folder. There will be two entries in the logs folder, both beginning with Multicast transfer; check them to verify that the transfer was successful. For more information on multicast transmissions with MDT 2008 and Windows Deployment Services, see “Configuring MDT 2008 and Windows Deployment Services for Multicast Operation” in Preparing for LTI Tools.
Option 4: Configure Windows Deployment Services PXE Filter Provider to Allow Configuration Manager to Respond to Unknown Computers When a computer is booted in PXE from a System Center Configuration Manager PXE service point, the PXE service point will check the System Center Configuration Manager site database for System Center Configuration Manager computer objects that match the details of the client making the PXE boot request. If the computer is unknown, System Center Configuration Manager will ignore the client and the client will fall back to the next boot device.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
138
Microsoft Deployment Toolkit 2008
To deploy an operating system to an unknown computer using the PXE service point in System Center Configuration Manager, the computer’s details are first pre-staged in the System Center Configuration Manager database. MDT 2008 provides a Windows Deployment Services PXE filter provider that allows operating system deployments to unknown computers in System Center Configuration Manager. The MDT 2008 Windows Deployment Services PXE filter provider performs the following actions: •
Checks the System Center Configuration Manager site database for records of the computer performing the PXE request.
•
If the computer account is not found, creates a computer account in the site database.
•
If the computer account is not found, adds the new computer account to a specific System Center Configuration Manager collection.
•
Checks for up to 30 seconds for an advertisement to become available.
Install the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider Installing the Windows Deployment Services PXE filter provider requires that MDT 2008 is installed on the Windows Deployment Services server that is hosting the System Center Configuration Manager PXE service point role. To install the MDT 2008 Windows Deployment Services PXE filter provider 809.Click Start, point to All Programs, point to Microsoft Deployment Toolkit, and then click Configure WDS PXE Filter. 810.When the Install or Remove PXE Filter wizard is displayed, ensure that the Install the PXE filter provider on this computer check box is selected. 811.Click Edit PXEFilter.vbs script. 812.The PXEFilter.vbs script must be edited to specify: •
The System Center Configuration Manager site code of which the PXE service point is currently a site role. Locate sSiteCode = “CEN” in PXEFilter.vbs, and then replace CEN with the three-letter site code for the System Center Configuration Manager site.
•
The System Center Configuration Manager collection identifier to which the unknown computer should be added. Locate sCollection = “CEN0000” in PXEFilter.vbs, and then replace CEN0000 with the collection ID for the collection to which the unknown computers should be added.
Note Also consider modifying the variables sUsername and sPassword. These credentials are required only when the PXE service point server is not on the same computer as System Center Configuration Manager.
813.On the File menu, click Save to save the changes to the PXEFilter.vbs script. 814.Click Finish to complete the installation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit Samples Guide: Initiating MDT
139
Enable Logging on the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider The MDT 2008 Windows Deployment Services PXE filter provider logs information using standard Windows Deployment Services channels. To enable MDT 2008 Windows Deployment Services PXE filter logging 815.Start Regedit, and then go to HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\WDSServer\. 816.Edit the EnableFileTracing key so the value is set to 1. 817.Close Regedit. 818.Restart the Windows Deployment Services service. 819.In Notepad, open the %windir%\tracing\wdsserver.log file. 820.Review the wdsserver.log file for any errors encountered when starting Windows Deployment Services. 821.Close Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Per for ming S ta ged Dep lo yment s Us ing Micr osoft D epl oymen t Toolki t (O EM Pr eload) In many organizations, computers are loaded with the operating system image before deployment to the production network. In some instances, loading the operating system image is performed by a team within the organization that is responsible for building the computers in a staging environment. In other instances, loading the operating system image is performed by the computer hardware vendor, also known as an Original Equipment Manufacturer (OEM). Note The OEM preload process is supported in MDT 2008 only for deployments performed using LTI or System Center Configuration Manager. MDT 2008 does not support the OEM preload process for deployments based on Systems Management Server.
Overview of the OEM Preload Process in Microsoft Deployment Toolkit The OEM preload process is divided into three phases: •
Phase 1: Create a media-based image of the reference computer to be applied in the staging environment.
•
Phase 2: Apply the reference computer image to the target computer in a staging environment.
•
Phase 3: Complete deployment of the target computer in the production environment.
Phase 1 and Phase 3 are typically performed by the deployment organization. Depending on the use of the OEM preload process in the organization, Phase 2 may be performed by the organization or by the computer hardware vendor that supplies the computers. If the organization performs Phase 2, then the staging environment is within the organization. If an OEM performs Phase 2, then the staging environment is in the OEM’s environment.
Overview of Microsoft Deployment Toolkit Configuration Files in the OEM Preload Process Separate MDT 2008 configuration files (CustomSettings.ini and Bootstrap.ini) are used by the task sequences run during Phase 1 and Phase 3 of the OEM preload process. However, both configuration files exist simultaneously in different folder structures. In the first phase, the configuration files are used during the creation of the reference computer and are stored in the folder specific to the task sequence used in that phase. The configuration files used in the third and last phase of the OEM preload process are stored in the folder that is specific to the task sequence used in that phase.
Template User Instructions
141
When making modifications to the configuration files, ensure that changes to the configuration file are made that corresponds to the appropriate task sequence in each OEM preload process phase.
Overview of Microsoft Deployment Toolkit Log Files in the OEM Preload Process Separate MDT 2008 log files are generated during Phase 1 and Phase 3 of the OEM preload process. •
The MDT 2008 log files for Phase 1 are stored in the C:\MININT and C:\SMSTSLog folders.
•
The MDT 2008 log files for Phase 3 are stored in the %WINDIR%\System32\CCM\Logs folder for x86-based deployments or in the %WINDIR%\SysWow64\CCM\Logs folder for x64-based deployments.
Use the appropriate folder when diagnosing or troubleshooting MDT-related deployment problems.
Staged Deployments Using Lite Touch Installation For LTI-based deployments, the OEM preload process must be performed using a Removable media (Media) deployment point type. Other deployment point types are not supported for the OEM preload process. To perform the OEM preload process, create a task sequence based on the Litetouch OEM Task Sequence task sequence template, in addition to any task sequences that will be used to deploy the target operating system. Then create a Removable media (Media) deployment point that will ultimately create an .iso file of the deployment point contents, specifically the LiteTouchPE_x86.iso file or LiteTouchPE_x64.iso file (based on the target computer’s processor platform). The deployment point update process also creates a folder structure for that can be used to create Universal Disk Format (UDF) media.
LTI OEM Preload Process - Phase 1: Create a Media-Based Image The first phase in the OEM preload process is performed by the deployment organization. The final deliverable of this phase is a bootable image (such as an .iso file) or media (such as a DVD) that is sent to the OEM or to the staging environment within the deployment organization. Most of these steps are performed in Deployment Workbench. To create a media-based image for delivery to the OEM or to the staging environment within the deployment organization 1. Populate the following nodes for the distribution share in Deployment Workbench: •
Operating Systems
•
Applications
•
Packages
•
Out-of-Box Drivers
For more information about performing this step, see “Populating the Distribution Share” in the MDT 2008 document Workbench Imaging Guide. Solution Accelerators microsoft.com/technet/SolutionAccelerators
142
MSDN 2.0
822.Create a new task sequence based on the Litetouch OEM Task Sequence task sequence template in Deployment Workbench. For more information about performing this step, see “Task Sequences” in the MDT 2008 document Workbench Imaging Guide. 823.Create one or more task sequences that will be used to deploy the target operating system on the target computer after deployment in the production environment. For more information about performing this step, see “Task Sequences” in the MDT 2008 document Workbench Imaging Guide. 824.Create a Removable media (Media) deployment point in Deployment Workbench. For more information about performing this step, see “Deployment Points” in the MDT 2008 document Workbench Imaging Guide. 825.On the deployment_point Properties dialog box, on the Task Sequences tab, select the task sequences created in step 2 and step 3 (where deployment_point is the deployment point created in step 4). For more information on performing this step, see “Deployment Points” in the Workbench Imaging Guide. 826.Update the Removable media (Media) deployment point created in Deployment Workbench in the previous step. When the deployment point is updated, Deployment Workbench creates the LiteTouchPE_x86.iso file or LiteTouchPE_x64.iso file (based on the target computer’s processor platform). For more information about performing this step, see “Update the Deployment Point” in the MDT 2008 document Workbench Imaging Guide. 827.Burn a DVD of the LiteTouchPE_x86.iso file or LiteTouchPE_x64.iso file created in the previous step. Note If delivering the .iso file to the OEM or to the organization’s staging environment, this step is not necessary.
In addition, the media could be a bootable USB flash drive. For more information about creating a bootable USB flash drive, see “Creating Bootable USB Flash Drive” in the MDT 2008 document Workbench Imaging Guide. 828.Deliver the .iso file or the DVD to the OEM or to the organization’s staging environment.
LTI OEM Preload Process - Phase 2: Apply the Image to the Target Computer The second phase of the OEM preload process is performed by the OEM or by the deployment team in the staging environment of the deployment organization. During this phase of the process, the .iso file or DVD created in Phase 1 is applied to the target computers. The deliverable of this phase is the image deployed on the target computers so that they are ready for deployment in the production environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
143
To apply the image to the target computers 1. Start a target computer with the media created in the Phase 1. Windows PE will start, and then the Windows Deployment Wizard will start. 829.In the Windows Deployment Wizard, click the OEM Preinstallation Task Sequence for Staging Environment task sequence. The task sequence will start and the contents of the bootable media will be copied to the local hard disk of the target computer. 830.When the Windows Deployment Wizard is completed for the OEM Preinstallation Task Sequence for Staging Environment task sequence, the hard disk will be ready to initiate the remainder of the deployment process by running the Windows Deployment Wizard for the other task sequences that are used to deploy the operating system. The OEM Preinstallation Task Sequence for Staging Environment task sequence is responsible for deploying the image to the target computer and initiating the LTI process. The Windows Deployment Wizard will start a second time to run the task sequences used to deploy the operating system on the target computer. 831.Clone the contents of the first hard disk to as many target computers in the staging environment as required. 832.The target computers are delivered to the production environment for deployment.
LTI OEM Preload Process - Phase 3: Complete Target Computer Deployment The third and final phase of the OEM preload process is performed in the deployment organization’s production environment. During this phase of the process, the target computer is started and the bootable media image, placed on the hard disk in the staging environment during the previous phase, starts. To complete deployment of the target computers in the production environment 1. Start the target computer. Windows PE will start, and then the Windows Deployment Wizard will start. 833.Complete the Windows Deployment Wizard using the specific configuration information for each target computer. For more information about completing this step, see “Running the Windows Deployment Wizard” in the MDT 2008 document Preparing for LTI Tools. When this phase is complete, the target computer will be ready to use in the production environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
144
MSDN 2.0
Staged Deployments Using System Center Configuration Manager and Microsoft Deployment Toolkit For deployments using System Center Configuration Manager, the standard client deployment task sequence is divided into the following task sequences: •
Preload OEM Task Sequence (Pre-OEM). This task sequence runs during the first phase of the OEM preload process.
•
Preload OEM Task Sequence (Post-OEM). This task sequence runs during the third and final phase of the OEM preload process.
Table 30 lists the high-level deployment phases and how those phases are divided into the Preload OEM Task Sequence (Pre-OEM) and Preload OEM Task Sequence (PostOEM) task sequences. Table 30. Deployment Phases Divided for OEM Task Sequences Deployment Phase
Preload OEM Task Sequence (Pre-OEM)
Initialization
Initialization (the Set Diskpart BIOS Compatibility Mode task sequence step is disabled)
Validation
Validation
State Capture
State Capture
Preinstall
Preinstall (the Set Diskpart BIOS Compatibility Mode task sequence step is disabled)
Install
Includes only the Apply Operating System Image and Prepare Computer for OEM Capture task sequence steps
Preload OEM Task Sequence (Post-OEM)
Post-Install
Post-Install
State Restore
State Restore (the Enable BitLocker task sequence step is disabled)
System Center Configuration Manager OEM Preload Process - Phase 1: Create a MediaBased Image The first phase of the OEM preload process is performed by the deployment organization. The final deliverable of this phase is an image of a reference computer that is sent to the OEM or to the staging environment within the deployment organization. This image can be created as a .wim file using ImageX or other format file types created by other imaging software. Most of these steps are performed in Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
145
To create a media-based image for delivery to the OEM or to the staging environment within the deployment organization 1. Install System Center Configuration Manager with SP1 on all site server roles. For more information about completing this step, see “Preparing the Prerequisite Infrastructure for System Center Configuration Manager 2007” in the MDT 2008 document Getting Started Guide. 834.Install MDT 2008 on the site server that is used to manage deployments. For more information about completing this step, see “Installing MDT 2008” in the MDT 2008 document Getting Started Guide. 835.Run the MDT 2008 Configure ConfigMgr Integration script on the site server on which MDT 2008 is installed. For more information about completing this step, see “Enable Configuration Manager Console Integration” in the MDT 2008 document Preparing for Microsoft System Center Configuration Manager 2007. 836.Create a new task sequence in Configuration Manager console using the Import Microsoft Deployment Task Sequence Wizard; on the Choose Template wizard page, click the Preload OEM Task Sequence (Pre-OEM) task sequence template, and then click the remainder of the configuration choices based on the deployment environment. Note In the OEM preload process for Configuration Manager, specify a .wim image file that is captured from a reference computer. Full operating source files cannot be used with this task sequence.
For more information about completing this step, see “Import MDT 2008 Task Sequences” in the MDT 2008 document Microsoft System Center Configuration Manager 2007 Imaging Guide or “Step 3-1: Create an MDT 2008 Task Sequence for the Reference Computer” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 837.Add the reference computer to the System Center Configuration Manager site database using the Import Computer Information Wizard. Note In the OEM preload process, the reference computer and all target computers are categorized as unknown computers. Unknown computers are computers that do not currently exist in the System Center Configuration Manager site database.
Manually add the reference computer to the System Center Configuration Manager site database using the Import Computer Information Wizard. For target computers, configure the MDT 2008 Web service to import computer information into the System Center Configuration Manager site database; this is discussed in the section “Configuration Manager OEM Preload Process - Phase 3: Completing the Deployment of the Target Computer” later in this guide. For more information about completing this step, see “Step 4-1: Add the Reference Computer to the Configuration Manager Site Database” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 838.Deploy the target operating system to the reference computer. When this step is completed, the reference computer is ready to be captured. The reference computer was configured to boot into an instance of Windows PE for the new computer (also known as a “New Computer” Windows PE configuration). The “New Computer” Windows PE boot image is used in the third and final phase to automatically find the correct distribution point and to complete the deployment process. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
146
MSDN 2.0
For more information about completing this step, see “Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 839.Capture an image of the reference computer. Capture the image by using any imaging software, for example ImageX. Send the captured image to the OEM or your staging environment to be applied to the target computers. 840.Select the method for starting the “New Computer” Windows PE image based on the information in Table 31. Table 31. Methods to Automatically Determine the Deployment Server Start Windows PE image from
Description
Windows Deployment Services
The image is started using PXE. Advantages: •
The System Center Configuration Manager distribution point can be dynamically selected based on the computer running Windows Deployment Services.
Disadvantages:
Local hard disk
•
Makes assumptions about the BIOS start order (a PXE boot is higher in the boot order than other boot methods).
•
Requires the PXE boot environment to be deployed and configured to support this method.
The image is stored on the local hard disk and is configured to boot the “New Computer” Windows PE image. Advantages: •
Makes few assumptions about the target computer configuration and production network environment.
Disadvantages: •
Solution Accelerators
The System Center Configuration Manager distribution point is statically configured as part of the image in the staging environment.
microsoft.com/technet/SolutionAccelerators
Template User Instructions
147
Start Windows PE image from
Description
Local DVD-ROM
The image is burned onto a DVD-ROM and used to manually start the target computers using the “New Computer” Windows PE image. Advantages: •
Allows System Center Configuration Manager distribution points to easily be maintained.
•
Makes few assumptions about the target computer configuration and production network environment.
Disadvantages: •
A large number of DVD-ROMs might be complex to manage and maintain.
841.Deliver the .wim file to the OEM or staging environment within the organization.
System Center Configuration Manager OEM Preload Process - Phase 2: Apply the Image to the Target Computer The second phase of the OEM preload process is performed by the OEM or by the deployment team in the staging environment of the deployment organization. During this phase of the process, the image captured in the previous phase is applied to the target computers. The deliverable of this phase is the image deployed on the target computers so that they are ready for deployment in the production environment. In addition, during this phase of the OEM preload process, the “New Computer” Windows PE image created during the previous phase can be placed on the hard disk in the staging environment, and then be used to start the computer. To apply the image to the target computers 1. Apply the image captured in the previous phase to the hard disk on a target computer. 842.If starting the “New Computer” Windows PE image from the local hard disk, complete the following steps: f.
Place the “New Computer” Windows PE image on a separate partition on the hard disk.
g. Set this partition as the active partition on the local hard disk so that the “New Computer” Windows PE image will start. h. Configure the MDT 2008 configuration files to select the appropriate System Center Configuration Manager distribution point based on where the target computers will be deployed. 843.Replicate the contents of the .wim file to as many target computers in the staging environment as required by: •
Applying the image captured in the previous phase using the process outlined in step 1.
•
Cloning the contents of the hard disk used in step 1.
844.The target computers are delivered to the production environment for deployment. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
148
MSDN 2.0
System Center Configuration Manager OEM Preload Process - Phase 3: Complete Target Computer Deployment The third and final phase of the OEM preload process is performed in the deployment production environment. During this phase of the process, the target computer is started using the “New Computer” Windows PE image. The “New Computer” Windows PE image can be: •
Placed on the hard disk in the staging environment during the previous phase and then started when the computer starts.
•
Started by PXE-booting the “New Computer” Windows PE image from a computer running Windows Deployment Services.
•
Started from a DVD-ROM that was created during the previous phase.
To complete deployment of the target computers in the production environment 1. Create a new task sequence in Configuration Manager console using the Import Microsoft Deployment Task Sequence Wizard; on the Choose Template wizard page, click the Preload OEM Task Sequence (Post-OEM) task sequence template, and then click the remainder of the configuration choices based on the production environment. For more information about completing this step, see “Import MDT 2008 Task Sequences” in the MDT 2008 document Microsoft System Center Configuration Manager 2007 Imaging Guide or “Step 5: Import and Configure a Task Sequence to Deploy the Target Computer” in the MDT 2008 document Quick Start Guide for System Center Configuration Manager 2007. 845.Make any necessary configuration changes to the MDT 2008 configuration files based on the deployment environment. For more information about completing this step, see “Configuring the Appropriate Processing Rules” in the MDT 2008 document Preparing for Microsoft System Center Configuration Manager 2007. 846.Configure the MDT 2008 Web service to automatically import computer information into the System Center Configuration Manager site database. For more information about completing this step, see “Deploying an Operating System to a New Computer Not in the System Center Configuration Manager Database” in the MDT 2008 document Microsoft Deployment Toolkit Samples Guide. 847.Start the target computer using the “New Computer” Windows PE image, based on the boot method selected in the previous step. The “New Computer” Windows PE will start, and then select the task sequence based on the Preload OEM Task Sequence (Post-OEM) template. Then the task sequence will start. The remainder of the deployment process will complete (see the Preload OEM Task Sequence (Post-OEM) column in Table 25). When this phase is completed, the target computer will be ready to use in the production environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
149
Microsoft® Deployment Toolkit 2008 Office Deployment Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, Excel, Groove, InfoPath, Microsoft Press, Outlook, PowerPoint, SharePoint, Visual Basic, Visual Studio, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Qu ic k-S tar t G ui de and Che ckl is t This section provides a high-level overview of the planning and deployment phases of 2007 Office system deployment.
Planning Phase The primary focus in this phase is to determine how to install 2007 Office system programs on client computers. Project team members along with customer subject matter experts (SMEs) will determine the mix of applications and settings to be deployed. Table 1 shows the high-level steps in the Planning Phase. Table 1. Planning Checklist High-level steps in the Planning Phase q
Determine Microsoft Office application installation requirements. Working with the organization’s SMEs, develop a plan that specifies which 2007 Office system programs will be deployed and which settings will be configured as part of 2007 Office system deployment.
q
Create a data migration plan. The Microsoft Office deployment team will also inventory existing Microsoft Office System data, developing a plan to migrate data to the new applications.
q
Choose a thick or thin image deployment plan. Decide whether Microsoft Office will be deployed as part of the desktop image (thick image) or after operating system image deployment (thin image).
2
Microsoft Deployment Toolkit 2008
Developing Phase Table 2 shows the high-level steps in the Developing Phase. Table 2. Developing Checklist High-level steps in the Developing Phase q
Configure Microsoft Office deployment and customization. Using the Office Customization Tool, create a customized Microsoft Office deployment.
q
Integrate the Microsoft Office deployment with Microsoft Deployment Toolkit 2008. Integrate Microsoft Office into the desktop image (thick image) or to integrate it as a follow-on installation step (thin image).
Stabilizing Phase Table 3 shows the major steps required to accomplish during the Stabilizing Phase. Table 3. Stabilizing Checklist High-level steps in the Stabilizing Phase q
Test the Microsoft Office deployment. Test Microsoft Office installation as part of the overall desktop deployment process, resolving any issues that arise during this phase.
Deploying Phase Monitor installation progress during this phase and respond to any issues. The team may also manage data-migration issues during this phase. Table 4 shows the high-level steps in the Deploying Phase. Table 4. Deploying Checklist High-level steps in the Deploying Phase q
Monitor 2007 Office system deployment. Monitor 2007 Office system deployment during this phase, resolving any issues that may arise with undiscovered hardware configurations.
q
Manage Microsoft Office data conversions. During this phase, users will begin using the new 2007 Office system programs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Applications are an integral part of computer deployments in many organizations today. Because Microsoft Office is often a corporate standard application suite and because of its size, the Microsoft Deployment Toolkit 2008 project treats it as a core application to be included in the base computer image used during the corporate deployment of the Windows Vista® operating system. In this scenario, the Image Engineering and Application Management feature teams install the 2007 Office system on the disk image, and then deploy that disk image throughout the organization. This is called a thick image deployment. In addition to describing how to customize the 2007 Office system, this guide describes an alternative scenario for organizations that have already deployed Windows Vista but have not yet deployed the 2007 Office system. Note The follow-on installation scenario described above is used when deploying Windows Vista as a thin image.
Prerequisites To create a custom 2007 Office system installation, the lab must contain the following items: •
Microsoft Office 2007 Resource Kit
•
A network share to store the 2007 Office release source files
•
A computer on which to install, configure, and customize the 2007 Office system
•
The 2007 Office system volume-licensed media
Ov er vi ew of 2007 Of fice Sys tem Dep lo yment Figure 1 provides an overview of the 2007 Office system upgrade process.
Figure 1. Overview of a 2007 Office system deployment The 2007 Office system deployment process should follow specific milestones that integrate well with overall MDT 2008 milestones and objectives. This guide describes each of the following stages: •
Creating a project plan. As with any project, careful planning leads to greater chances of success. In this phase, the team analyzes current Microsoft Office deployments, plans migration of documents and settings, determines optimal placement of deployment servers, and acquires resources for completing the project.
•
Creating an installation point. The first phase of development, creation of the 2007 Office system installation point, creates a shared folder containing the 2007 Office release installation files.
•
Customizing installation. Most organizations require some changes to the default settings for the 2007 Office release. Consolidate these settings into a Microsoft Office customization file that can then be applied to the installation point.
•
Testing Microsoft Office deployment. Before releasing the 2007 Office system to production, careful testing of the 2007 Office system deployment process ensures that there are no surprises in the field.
•
Deploying to production. The deployment policies are activated to provide the 2007 Office release to client computers.
•
Transitioning to Information Technology (IT) Operations. After the deployment plan has been executed, the deployment infrastructure is handed off to IT Operations for long-term operation and management.
Template User Instructions
5
Plan for Deployment Figure 2 provides a detailed breakdown of the activities accomplished during the Planning Phase. These activities are divided into two categories: establishing the lab and identifying the deployment issues that the feature team must address over the course of the project.
Figure 2. Deployment planning activities
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
MSDN 2.0
Choose the Right Package The 2007 Office release is available in a variety of suites and stand-alone products. Rarely does a single suite meet all an organization’s requirements. For example, the team might deploy Microsoft Office Professional 2007 to most users in the organization but deploy Microsoft Office Professional Plus 2007 to those users who require Microsoft Office InfoPath® 2007 or Microsoft Office Groove® 2007. For the 2007 Office release suites that will be available, see 2007 Microsoft Office System Packaging at http://office.microsoft.com/en-us/products/FX101635841033.aspx.
Define the 2007 Office System Settings Extensive customizations can be made before installing the 2007 Office system on users’ computers. The team can also customize many aspects of the installation process itself. Begin by evaluating who the users are and how they will use the 2007 Office release programs. Some users may work exclusively in English, for example, whereas others may routinely view or edit documents in multiple languages. Consider the following points when planning 2007 Office system customizations, and document them in the Office Upgrade Configuration Plan: •
Should there be a uniform configuration throughout the organization? If multiple users share one computer or if users roam from one computer to another, establish a standard Microsoft Office configuration.
•
How many different configurations of the 2007 Office system are needed and for which groups of users? The Application Management feature team can distribute different configurations of Microsoft Office from a single administrative installation point or compressed CD image.
•
Will the deployment of 2007 Office release programs be staged? Some organizations stagger their deployment of 2007 Office release programs. By using the Office Customization Tool (OCT), the team can specify settings for applications that will be installed later. Use the Office Setup Controller to add 2007 Office release programs to an existing configuration. For example, the team can schedule a Microsoft Office Outlook® 2007 installation to coincide with a mail server upgrade rather than with Microsoft Office installation.
•
What other products will be included in the 2007 Office system installation? The team can specify additional Windows® Installer packages to install with the 2007 Office release. 2007 Office system Setup coordinates these installations after Microsoft Office installation is complete.
•
Should users be able to change the default settings and customize the 2007 Office release programs for themselves, or will settings be enforced? Settings that are distributed in a setup update (.msp) file appear as the default settings when users install 2007 Office release programs, but users can modify them. To enforce settings, use policies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
7
•
Do some users need to keep earlier versions of Microsoft Office programs on their computers? By default, when the 2007 Office system Setup runs in quiet mode, all earlier versions of Microsoft Office programs are removed. The team can specify earlier versions that should be kept, but the flexibility of coexisting versions is limited. For more information, see the Microsoft Help and Support article, “Information about using 2007 Office suites and programs on a computer that is running another version of Office,” at http://support.microsoft.com/kb/928091/en-us.
•
What is the best way to customize Office Outlook 2007 to work in the organization’s messaging environment? In the OCT, Office Outlook 2007 profiles can be created or modified, new e-mail accounts can be set up, or Office Outlook 2007 can be configured to work with a computer running Microsoft Exchange Server.
Four tools are available for analyzing, customizing, and deploying 2007 Office release programs. Some of these tools are built into the 2007 Office release, while others are available as free downloads at the 2007 Office Resource Kit (http://technet2.microsoft.com/Office/en-us/library/9df1c7d2-30a9-47bb-a3b25166b394fbf51033.mspx?mfr=true). Microsoft Office Migration Management Technologies include: •
The OCT.
•
Microsoft Office Migration Planning Manager.
•
Microsoft Office File Conversion Tool.
•
Microsoft Office Setup Controller.
Office Deployment Tools The sections that follow describe the Microsoft Office Migration Management Technologies in detail.
The Office Customization Tool When planning customizations, the OCT is the primary tool, so it is an obvious place to start. Think of the process as taking a dry run through the Setup wizard. During this run, team members can configure settings for each 2007 Office release program, and then save the result to a customization (.msp) file. After a few test runs, team members may want to clear the Completion notice and Suppress modal check boxes and set the Display level to none to create a setup update file for a silent installation. Although the initial settings will likely change, a dry run jump-starts the configuration by showing the possibilities. Spend some time looking at the settings on the Modify User Settings folder to get an idea of which customizations are available. Also, spend some time looking at the Office Security Settings folder. Each setup update (.msp) file that is used roughly corresponds to a configuration for one group of users. Document in the deployment plan each unique configuration and its corresponding setup patch. For example, if the team is deploying two 2007 Office system configurations—one for the majority of the organization and one for users who require Microsoft Office Access 2007—document the updates for each configuration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
MSDN 2.0
Office Migration Planning Manager The Office Migration Planning Manager is a command-line tool with which desktop administrators scan any client computer, file server, Microsoft Office SharePoint® Server 2007 computer, or any other Web-based Distributed Authoring and Versioning (WebDAV)–enabled document library. The Office Migration Planning Manager takes an inventory of all Microsoft Office system files and determines their properties. Known issues are identified within those files so that they can be addressed before they are opened with, or converted to, 2007 Office release programs.
Office File Conversion Tool In the process of upgrading to the 2007 Office system, organizations may want to move all or many of their existing documents to the new Office Open XML Formats. Using the Office File Conversion Tool, desktop administrators can convert documents saved in Microsoft Office 97 through Microsoft Office 2003 formats to the new Office Open XML Formats. By using output from the Office Migration Planning Manager, the Office File Conversion Tool can be employed to run documents through an open-and-save-as process.
Office Setup Controller The Office Setup Controller manages the overall 2007 Office system installation experience. It is responsible for making sure that the local installation source is present and complete. After verifying that each computer has been properly prepared, the Setup engine installs and configures the chosen programs. Changes are made to both the file system and the registry by using the underlying Windows Installer technology, which helps ensure maximum compatibility and robustness for all users. Unlike earlier releases, the 2007 Office system cannot be installed without the use of Setup.exe.
Identify the Upgrade Issues Three primary issues must be addressed when upgrading from earlier Microsoft Office versions to the 2007 Office system. The primary issues are: •
Feature installation states.
•
Settings migration.
•
File-conversion issues.
•
Custom Microsoft Office–based solutions, such as macros and Microsoft Visual Basic® for Applications (VBA).
•
File coexistence with multiple versions of Microsoft Office.
In addition to the packaging and customization, these issues could have a significant effect on the user experience after the 2007 Office system is installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
9
Feature State Migration When running the 2007 Office system Setup interactively, users can choose which applications and features are installed by selecting options from the feature tree that the Setup program displays. 2007 Office system features can be installed in any of the following states: •
Copied to the local hard disk
•
Installed on first use, which means that the 2007 Office system Setup does not install the feature until the first time it is used
•
Not installed but accessible to users through the Add or Remove Programs Control Panel item or in a Command Prompt window
•
Not installed, not displayed during installation, and not accessible to users after installation
By using the OCT, choices can be made for users ahead of time. When users run the 2007 Office system Setup interactively, the installation states that what team members specify in the setup update (.msp) file appear as the default selections. When the 2007 Office system Setup runs quietly, team members’ choices determine how the features are installed. To make an installation more efficient, the 2007 Office system Setup automatically sets default feature installation states in the following circumstances: •
When upgrading to the 2007 Office system, Setup detects and matches feature installation states from the earlier Microsoft Office version. For example, if Microsoft Office Word 2003 is installed to run from the network, the 2007 Office system Setup installs Microsoft Office Word 2007 to run from the network. If Microsoft Office PowerPoint® 2003 is set to Not Available, Setup does not install Microsoft Office PowerPoint 2007.
•
When installing the 2007 Office system under Windows Server® 2003 Terminal Services, Setup applies the most efficient installation state for each feature. For example, because the speech-recognition feature does not run efficiently over most networks and might not be supported by all clients, Terminal Services automatically changes the feature installation state from Installed on First Use to Not Available.
The OCT provides even more control of feature installation states than this section has described. For example, the Application Management feature team can disable featureinstallation states that require a network connection. The team can lock featureinstallation states to prevent users from changing them. For more information about these settings, see the link to the 2007 Office Resource Kit in the section, “Education and References,” earlier in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
MSDN 2.0
Settings Migration By default, if an earlier version of Microsoft Office is installed on a user’s computer, Windows Installer copies the earlier application settings for that version to the 2007 Office system. Migrated settings are applied the first time each user starts a 2007 Office release program, and the user's migrated settings overwrite any duplicate settings added to the setup update. On the Modify user settings page of the OCT, team members can change this behavior. When users install the 2007 Office system with the update, Setup migrates relevant settings from an earlier version. If team members specify their settings on the Modify user settings page and clear the Migrate user settings check box, the migrated settings will not be used. Note The 2007 Office system does not use .ops files for transformations as Microsoft Office 2003 did. Instead, it uses the same setup update file to specify Microsoft Office features and user settings.
File-Conversion Issues The 2007 Office system uses a new, XML-based file format—Office Open XML Formats. This format is currently used in the 2007 Office system programs Excel® 2007, Word 2007, and PowerPoint 2007 files. The new XML-based file formats in these programs enable broader integration and interoperability between Microsoft Office documents and enterprise applications. In addition, 2007 Office system files are all wrapped by using extraction technologies, which allows for easy access to the content parts as well as standard compression, reducing file sizes and improving reliability and data recovery. Users can migrate files created in earlier versions of Microsoft Office programs to Office Open XML Formats by using the Office File Conversion Tool. Because of the new file format, conversion issues may surface during deployment and should be dealt with early in the deployment project life cycle. When identifying file-conversion issues, consider the following: •
Word, Excel, and PowerPoint in Microsoft Office 97, Microsoft Office 2000, Microsoft Office 2003, and Microsoft Office XP share the same file format. Documents created with these versions of Microsoft Office require conversion to edit them with the corresponding 2007 Office release programs.
•
The 2007 Office release programs can convert individual files created with earlier versions of the corresponding Microsoft Office programs, and the 2007 Office release includes the Office File Conversion Tool for converting multiple documents at a time.
•
For backward compatibility, the 2007 Office system can be configured in compatibility mode so that files saved in Word, Excel, and PowerPoint can use the same binary format used by earlier versions of those Microsoft Office programs.
•
For interoperability, apply updates to computers running Microsoft Office XP and Microsoft Office 2003 to allow those versions to save files in Office Open XML Formats.
•
Office Access 2007 uses a new file format, .accdb. For interoperability, save Office Access 2007 files in the Microsoft Office Access 2003 or Office Access 2000 format (.mdb). Office Access 2007 can also open .mdb files for editing.
Note For more information about Office Open XML Formats, see “Microsoft Office Open XML Formats Overview” at http://office.microsoft.com/en-us/products/HA102058151033.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
11
Custom Microsoft Office–Based Solutions Many organizations have used the advanced features of Microsoft Office to develop custom solutions. These organizations apply macros and application programming constructs such as VBA and Microsoft Visual Studio® 2005 Tools for the Microsoft Office System to extend the base functionality of Microsoft Office. Like data-file structures, these macros and programming structures have evolved with Microsoft Office and may require migration strategies to ensure that business requirements continue to be met after the migration to the 2007 Office system. When planning to deploy the 2007 Office system, consider the following questions: •
Is an inventory available of the non-Microsoft and internally built programs and customizations based on the Microsoft Office System?
•
Has each non-Microsoft and internally built Microsoft Office–based solution been tested for compatibility with the 2007 Office system?
When the list of custom Microsoft Office–based applications is complete, develop a plan to modify each application to use 2007 Office system components, if necessary, for coexistence with 2007 Office release applications. Include this plan in the overall 2007 Office system deployment plan.
Coexistence Issues Although an organization may have the goal of migrating everyone to the 2007 Office system, the complete migration of the organization is not likely to occur instantly. A plan must be devised and implemented that permits users of the 2007 Office system to collaborate on documents with teammates who are using earlier versions of the Microsoft Office System. The Migration feature team must understand these issues and identify the effect of each issue on the organization. For example, a company that is migrating from Microsoft Office XP to the 2007 Office system is likely to experience more issues than a company migrating from Microsoft Office 2003. Consider the following questions: •
Which versions of the Microsoft Office System are users running?
•
Which groups of users share documents with which other groups of users? Do they need to share documents in one direction, or will users of the earlier Microsoft Office release be using 2007 Office release documents?
During a 2007 Office system deployment, a variety of solutions is available to enable users to share documents among various Microsoft Office System versions. If the organization is migrating from Microsoft Office 97 to the 2007 Office system, for example, these solutions ensure that users who have not yet migrated can still exchange information with users who have. The solutions that the Application Management feature team uses depend on whether users share documents with other groups. The solutions also depend on whether users share documents one way or two ways and whether they need to change the documents they share. The Application Management feature team can migrate groups of users who do not share documents with other groups to the 2007 Office system at any time without reducing their productivity.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
MSDN 2.0
If a group of users shares documents with other groups, however, the Application Management feature team must decide whether document recipients require read-only access to those documents or whether they must be able to edit and return those documents. If they require read-only access, a larger variety of solutions is available, including file viewers, saving documents as Web pages, and so on. If users must edit and return documents to the sending group, consider restricting both groups to a common file format until both groups have fully migrated to the 2007 Office system. Also, to ensure continuity, plan to migrate dependent groups at the same time.
Identify SMEs In those areas or departments in which 2007 Office system developers have reason to believe that significant issues might arise with the 2007 Office system, ask the department to provide an SME to act as a liaison with the developers. For example, having an SME from the accounting department available to the developers is generally helpful to ensure that all 2007 Office system issues related to the use of Office Excel 2007 are identified and addressed, because accounting departments often use complex Excel workbooks.
Identify Chained Applications Using the 2007 Office system Setup, the Application Management feature team can deploy the 2007 Office release and related applications in one seamless process by chaining additional packages (.msi files) or executable programs. In this scenario, the Setup program first completes the core 2007 Office system installation, and then immediately calls Windows Installer to install the additional programs in the order specified on the Add installations and run programs page of the OCT.
Install 2007 Office System Updates The 2007 Office system Setup automatically installs any updates included in the Updates folder under the installation share. Updates are only installed during Setup. The Application Management feature team can also include security updates and other updates released as .msp files in this folder. The Setup installer automatically includes these updates at installation time.
Additional Considerations The following list describes additional development work that most organizations perform and where to find detailed information in the 2007 Office Resource Kit for each: •
Messaging. A close review of the organization’s messaging needs helps plan the optimal Office Outlook 2007 deployment. Among the configuration and installation choices made are deciding which e-mail messaging server to use with Office Outlook 2007 and timing the Office Outlook 2007 deployment to suit the organization’s needs. Look for ORKMessaging.doc in the 2007 Office Resource Kit documentation folder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
13
•
Multilingual deployment. The Application Management feature team can install, customize, and maintain a single version of the 2007 Office system that meets the organization’s multilingual needs. Through the plug-in language features in the 2007 Office system and Microsoft Office multilingual resources, such as the Multilingual User Interface pack (MUI pack), users in international locales can work in their own languages. The 2007 Office system consists of a language-neutral core to which multilingual packs can be added. Find more information in ORKDeployment.doc and ORKPlan.doc.
•
Security. Security was a major focus in the development of the 2007 Office system. More emphasis was placed on eliminating security flaws than in any earlier release of the Microsoft Office System, which helped produce the most robust level of security to date. However, improper configuration of settings and user methods can still expose administrative and user-level security vulnerabilities. This section addresses specific security issues an administrator should take into consideration when deploying or maintaining a Microsoft Office configuration in a corporate setting. Along with this information are suggestions and recommendations for how to limit exposure to attacks and how to manage the security of a deployed installation through securityrelated policies. For additional information on 2007 Office System security, see the 2007 Office Resource Kit at http://technet2.microsoft.com/Office/enus/library/9df1c7d2-30a9-47bb-a3b2-5166b394fbf51033.mspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
MSDN 2.0
Customize the 2007 Office System Figure 3 shows at a high level the development process for customizing the 2007 Office system.
Figure 3. Process for packaging the 2007 Office system
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
15
Creating a customized 2007 Office system installation is a multi-step process. After creating and testing this package, insert it into the MDT 2008 imaging process so that the customized 2007 Office system configuration can be included automatically in all computer images. To create the custom 2007 Office system installation 848.Create a distribution point. Copy the contents of the 2007 Office system DVD to a network share. Apply any available service packs and updates to the distribution point. 849.Create an .msp file. Start the OCT by running setup /admin. Specify features, user settings, and security settings to be applied. 850.Manually test the configuration. Before adding the 2007 Office system configuration to the MDT 2008 image, manually test it in a lab environment to ensure that it is correct. To do so, copy the .msp file to the \Updates folder and then run Setup. 851.Change the .msp file to perform a silent installation. Run setup/admin again, open the .msp file to be changed, and change the Licensing and user interface page by clearing the Completion notice and Suppress modal check boxes and setting the display level to none.
Create a Distribution Point To create the first distribution point, simply copy all the content on the 2007 Office system DVD to a network share. After copying the Setup files, verify whether any service releases are available for the 2007 Office system and place them in the Updates folder under the network share. The OCT can be used to specify multiple network shares to be used during installation when the distribution point that a given computer uses for installation is offline. When creating such distribution points, it is important to keep all distribution points synchronized, which the team can do by using file replication or a software distribution tool such as Microsoft Systems Management Server (SMS) 2003. Document all distribution points before moving on to the next step.
Integrate Service Releases The 2007 Office system service packs are interim upgrades that address performance, reliability, and security issues. If the deployment plans require it, integrate the latest service release with the existing 2007 Office system source files. Note Download service packs from Office Admin Update Center at http://office.microsoft.com/en-us/FX011511561033.aspx. Service packs are update files with the .msp extension. Use a software-distribution process such as Systems Management Server 2003 to install the service releases.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
MSDN 2.0
Update the 2007 Office system distribution points with current service packs before deploying them. To integrate a service release into a Setup share, copy the .msp files to the Updates folder in the share. (Microsoft Office applications will automatically install any updates found in this folder.) Note Many organizations use Microsoft Update or Windows Server Update Services (WSUS) to download and distribute updates and security fixes to Microsoft operating systems and Microsoft Office. Bear in mind, however, that the amount of time a system remains vulnerable after installation increases proportionally to the amount of time it takes to be fully updated. For this reason, it is helpful to maintain a fully updated 2007 Office system distribution point.
Create a Setup Customization File Use the OCT to define 2007 Office system features, user settings, and security settings for use during 2007 Office system installation. For the 2007 Office release, use the OCT to save settings by application or group of applications. This feature is particularly useful when staging the 2007 Office system deployment; the settings saved in the .msp file can be limited to only those applications the team is deploying at a given time. When creating an .msp file, the OCT allows team members to perform the following tasks: •
Define the path in which the 2007 Office system is installed on users’ computers.
•
Accept the End User License Agreement (EULA), and type a product key on behalf of users who are installing the 2007 Office system from a compressed DVD image.
•
Define the default installation state for 2007 Office release programs and features. For example, the Application Management feature team can install Office Word 2007 immediately on the local computer but set Office PowerPoint 2007 to be installed on demand.
•
Specify 2007 Office system security settings to be applied to the computers.
•
Modify user settings, such as whether Office Word 2007 should use AutoRecovery.
•
Modify 2007 Office release program shortcuts, specifying where they are installed and customizing their properties.
•
Define a list of servers for the 2007 Office system to use if the primary installation source is unavailable.
•
Specify other products to install or programs to run on users’ computers after Setup is complete.
•
Configure Office Outlook 2007 mail settings. For example, specify a default user profile.
•
Specify which earlier versions of Microsoft Office are removed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
17
To create an .msp file 852.On any computer, run setup /admin from the network share previously created. For example, run \\servername\Office12\Setup.exe /admin, where servername is the name of the server on which the source 2007 Office system files reside. 853.Select Create a new Setup customization file for the following product. 854.Select Microsoft Office Professional Plus 2007 (or the chosen edition) from the list of available products, and then click OK. 855.Customize settings on the different pages available through the OCT. 856.From the File menu, click Save As, and then save the .msp file in the network share. (Save all .msp files to the Updates folder.)
Manually Test the Configuration To manually test the custom 2007 Office system package, start with a clean Windows Vista computer that has been recently built, preferably with no other applications installed. Install the 2007 Office system package with a command similar to the following: \\server\share\Setup.exe /config \\server\share\suite.WW\Config.xml (where \\server\share is the server name and share name, respectively, of the distribution point for 2007 Office system and suite.WW is the path to the config.xml file for the Microsoft Office edition being installed). Note
Setup customization files placed in the Updates folder are used automatically.
Team members can iterate through creating and testing the transforms until they meet the organization’s requirements. After these requirements have been met with manual installation, team members can proceed to integrate the package into the MDT 2008 imaging and deployment processes.
Change the Setup Customization File to Perform a Silent Installation After the settings specified in the configuration file are working according to the organization’s policies, Application Management feature team members can change the .msp file so that user interaction is not required during installation. To do so, change the .msp file to perform a silent installation. To change an .msp file 857.On any computer, run setup /admin from the network share previously created—for example, \\servername\Office12\Setup.exe /admin. 858.Select Open an existing Setup customization, and then select the file to be changed. 859.On the Licensing and user interface page, clear the Completion notice and Suppress modal check boxes, and then set the display level to none. 860.Save the file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
MSDN 2.0
Integrate 2007 Office Release Programs into MDT 2008 Team members can integrate 2007 Office system installations with MDT 2008 in one of two ways—either as part of the desktop deployment image (known as a thick image) or after desktop image deployment (known as a thin image).
Thick Image Installations To preinstall the 2007 Office system on the desktop deployment image, execute the appropriate installation commands before collecting the deployment image. Microsoft Office will be installed on the image, allowing the deployment of a complete Windows Vista/2007 Office system image at one time. Doing so increases the size of the desktop image but simplifies Deployment Workbench configuration.
Thin Image Installations To integrate 2007 Office release programs into MDT 2008 as supplemental applications, use the Add Application feature of Deployment Workbench to point to the customized Microsoft Office distribution point. (See the MDT 2008 document, Image Engineering Feature Team Guide, for more details on adding applications.) Deployment Workbench offers customized steps for the integration of the 2007 Office system, taking into account specific requirements of the 2007 Office system in the application settings used to deploy the package. Note To install multiple Microsoft Office programs, add each separately to the applications list contained in Deployment Workbench.
To configure the 2007 Office system using the Deployment Workbench 861.Right-click Applications, and then click New to start the New Application Wizard. Note See the Image Engineering Feature Team Guide for specific guidance on adding applications.
862.Complete the New Application Wizard, using the path and setup commands for the 2007 Office system. 863.Right-click the resulting package, and then click Properties to display the properties sheet for the 2007 Office system (see Figure 4).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
19
Figure 4. Customizing 2007 Office system settings 864.Click the Office Products tab to configure additional Microsoft Office settings. Note In addition to basic settings, this tab also provides access to edit the config.xml file and to run the OCT.
865.Complete configuration settings, and then click Apply or OK to accept changes.
Test 2007 Office System Deployment With the application servers updated with the custom 2007 Office system configuration, the team can begin testing. When the team is satisfied that the 2007 Office system installation is working as planned, the 2007 Office system package is ready for pilot. Testing must be performed to ensure that the 2007 Office system configuration and planned deployment solution function as designed. Divide the testing tasks by functional area, such as the following: •
The deployment server
•
2007 Office system configuration
•
Deployment process testing
Perform testing on a variety of hardware that represents the hardware present throughout the organization. Document all test results for review.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
MSDN 2.0
Pilot 2007 Office System Deployment The solution is ready for the pilot deployment as soon as a full build has been through testing and passed. Follow the pilot plan, revising it as necessary to incorporate new developments in the project. Use the communications and training materials developed to keep users informed as to the nature and progress of the pilot. A well-planned pilot of a sufficiently tested solution should present few surprises.
Candidates for Pilot Deployment SMEs chosen to assist during the 2007 Office system deployment process are natural selections for the pilot deployment. Others can be nominated based on their ability to test critical aspects of the system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
Deploy the 2007 Office System to Production With the Developing and Stabilizing Phases complete, the servers are ready to process computer deployments. Figure 5 provides the detailed task breakdown for the Deploying Phase.
Figure 5. Deploying Phase activities The Deploying Phase includes the following three steps: •
Initiate deployment. The MDT 2008 project deploys the 2007 Office system on client computers by including it in the desktop image (thick image deployments) or by linking it to the image deployment through use of Deployment Workbench (thin image deployments). Subsequent deployments will use the 2007 Office system distribution point. Use Group Policy to publish or assign the 2007 Office system to organizational units (OUs) containing client computers. When a client system is re-imaged, the 2007 Office system is installed as the Group Policy settings direct.
•
Monitor file migration. Migration of existing Microsoft Office program data files may take some time. In addition, some files might not migrate properly. Monitor this process, and intervene when appropriate to ensure business continuity.
•
Resolve deployment issues. Unforeseen issues can arise during a large-scale deployment. Monitor the deployment process closely, and intervene if necessary to preserve business continuity.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
MSDN 2.0
Use Group Policy Microsoft Windows 2000 and later operating systems include tools with which administrators can install and maintain software applications through Group Policy with the Microsoft Active Directory® directory service. For small- or medium-sized organizations that do not have Systems Management Server 2003 and have Active Directory installed, Group Policy can be used to assign computer startup scripts for 2007 Office deployment. For more information, see the Microsoft TechNet article, “Use Group Policy to assign computer startup scripts for 2007 Office deployment,” at http://technet2.microsoft.com/Office/en-us/library/a57c8446-b959-4025-a866b690ddcaa66d1033.mspx?mfr=true.
Transition to IT Operations After the initial deployment is complete and the Application Management feature team has verified that the computers are operating properly, the project is transitioned from the Deployment feature team to IT Operations. The IT Operations group is then responsible for ongoing computer maintenance and support. This process is typically well structured and formal, and documentation, knowledge, and other materials are formally transferred from one group to another.
Microsoft® Deployment Toolkit 2008 Preparing for Microsoft System Center Configuration Manager 2007
Published: July 2008
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
23
For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, Visual Basic, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® System Center Configuration Manager 2007 contains operating system deployment features and, when used with Microsoft Deployment Toolkit (MDT) 2008, offers many advantages over using System Center Configuration Manager alone. Using both tools together provides the benefits of each product—for example, the Pre-Boot Execution Environment (PXE) service point in System Center Configuration Manager and the configuration database in MDT 2008. The MDT 2008 database and existing task sequences can be imported into System Center Configuration Manager using the Import Microsoft Deployment Task Sequence Wizard. MDT 2008 integrates seamlessly into System Center Configuration Manager; combined, these tools offer greater flexibility and time savings by allowing the upgrade of existing Solution Accelerator for Business Desktop Deployment (BDD) 2007 environments to use in the new environment. The deployment process described in this guide takes advantage of and combines the results of other processes in MDT 2008 to accomplish the following tasks: •
Collect hardware and software inventory information using System Center Configuration Manager.
•
Migrate existing user profile information using the Windows® User State Migration Tool (USMT) version 3.0.1 (non-server operating systems only).
•
Configure Windows Deployment Services to start the Windows Preinstallation Environment (Windows PE).
•
Install a Windows Vista®, Windows Server® 2008, Windows Server 2003, Windows XP Professional, or Windows XP Tablet PC Edition operating system image on target computers.
•
Automatically install a Windows Vista, Windows XP Professional, or Windows XP Tablet PC Edition operating system image on target computers using MDT 2008 scripts and the operating system deployment features available in System Center Configuration Manager.
•
Monitor the deployment process using Microsoft System Center Operations Manager 2007 and the MDT 2008 Management Pack.
•
Optionally, copy existing user data and preferences from the target computer to a network deployment server.
•
Optionally, create a backup image of the target computer locally or to a shared folder on a server.
•
Optionally, repartition and format the existing primary hard drive (in New Computer and Replace Computer scenarios).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
2
Microsoft Deployment Toolkit 2008
•
Install an operating system image that includes enterprise applications such as the various editions of Microsoft Office 2003 or the 2007 Microsoft Office system.
•
Dynamically install applications that are specific to the target computer model, such as DVD software.
•
Optionally, restore the user data and preferences that were previously stored on the network deployment server.
Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Pr ocess ing Rules At this step in the planning process, configure the appropriate processing rules in the MDT 2008 database based on the environment. The Zero Touch Installation (ZTI) deployment process uses rules defined in the MDT 2008 database to configure target computers. ZTI and Lite Touch Installation (LTI) use a common set of components, which are included in MDT 2008. The six MDT 2008 components are: •
Configuration files. Made up of the BootStrap.ini and CustomSetting.ini files
•
Configuration database. Contains the CustomSettings.ini configuration settings
•
Scripts. Automate the deployment process
•
Task sequences. Comprise a series of steps that complete an overall process without the need for user interaction during the deployment process
•
Environment variables. Contain properties referenced during the deployment process
•
Log files. Contain the log output of the scripts used to complete the deployment process Each of these components is an integral part of MDT 2008. These components must be customized to fully access the rich functionality and features of MDT 2008.
Note that the configuration database contains the elements used to customize the CustomSettings.ini file, which is used during the deployment process to define the settings used on the destination—whether client or server—computer. For a visual representation of the tasks that comprise the deployment process, see the flow charts in the MDT 2008 document, Troubleshooting Reference. For more information about configuring the appropriate processing rules in the MDT 2008 database, see the MDT 2008 document, Deployment Customization Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Dep lo yment En vir onmen t Before deploying images to target computers, ensure that the deployment environment is properly configured to run ZTI. Some of these steps might have already been completed. Skip steps that are complete. To prepare the deployment environment to run ZTI with System Center Configuration Manager, complete the following tasks: •
Install System Center Configuration Manager.
•
Upgrade BDD 2007 to MDT 2008, or install MDT 2008. Note There is a specific upgrade path from BDD 2007 to MDT 2008. For additional information, see the MDT 2008 document, Getting Started Guide.
•
Enable MDT 2008 integration with Configuration Manager console in System Center Configuration Manager.
Install System Center Configuration Manager In most instances, System Center Configuration Manager will already be installed on the deployment server. In instances where this task has not yet been completed and for more information on how to install System Center Configuration Manager on the deployment server, see Configuration Manager Setup Overview at http://technet.microsoft.com/enus/library/bb693836.aspx.
Install MDT 2008 In most instances, MDT 2008 will already be installed on the deployment server. In instances where this task has not yet been completed and for more information on how to install MDT 2008 on the deployment server, see the MDT 2008 document, Getting Started Guide. Note For integrated System Center Configuration Manager support with Deployment Workbench, install MDT 2008 on each computer running Configuration Manager console. In this way, the Configuration Manager 2007 Integration option can be run and data specified for MDT 2008 packages.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
5
Enable Configuration Manager Console Integration Before the System Center Configuration Manager integration features of MDT 2008 can be used, run the Configure Configuration Manager 2007 Integration script. The Configure Configuration Manager 2007 Integration script copies the appropriate System Center Configuration Manager integration files to the Configuration Manager 2007_root (where Configuration Manager 2007_root is the folder in which System Center Configuration Manager is installed). The script also adds Windows Management Instrumentation (WMI) classes for the new MDT 2008 custom actions. The classes are added by compiling a new Managed Object Format (.mof) file that contains the new class definitions. To run the Configure Configuration Manager 2007 Integration script 866.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Configure ConfigMgr 2007 Integration. The Configure Configuration Manager 2007 Integration script starts. 867.In the Site Server Name dialog box, type ConfigMgr_server_name (where ConfigMgr_server_name is the name of the System Center Configuration Manager server on which to install MDT 2008 integration), and then click OK. 868.In the Site Code dialog box, type ConfigMgr_site_code (where ConfigMgr_site_code is the System Center Configuration Manager site code that installs MDT 2008 integration), and then click OK. Note
Configuration Manager console should be closed when performing this procedure.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Resour ce Access During deployment to target computers, the System Center Configuration Manager client connects to the distribution point shares and shared folders. Create accounts within System Center Configuration Manager for the System Center Configuration Manager client to use when accessing these resources. To configure the appropriate resource access 869.Configure the System Center Configuration Manager Network Access account. 870.Create additional shared folders. 871.Configure shared folder permissions. 872.Configure access to other resources.
Configure the Network Access Account The System Center Configuration Manager client needs an account to provide credentials when accessing the System Center Configuration Manager distribution points, MDT 2008 deployment points, and shared folders. This account is called the Network Access account. To configure the Network Access account 873.Create the user account and password in an Active Directory® Domain Services (AD DS) domain. 874.On a computer that has the System Center Configuration Manager administration tools installed, start Configuration Manager console. 875.In the Configuration Manager console console tree, go to Site Database/site/Site Settings, and then click Client Agents. 876.In the details pane, right-click Computer Client Agent, and then click Properties. 877.In the Computer Client Agent Properties dialog box, click the General tab. In Network Access Account, in Account (domain\user), click Set. 878.Complete the Windows User Account dialog box using the information in Table 1, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: Resource Access
7
Table 1. Information Required to Complete the Windows User Account Dialog Box For this
Do this
User name
Type Domain\UserName (where UserName is the name of the user account to be used and Domain is the name of the domain where the user account is located).
Password
Type Password (where Password is the password for the user account to be used).
Confirm password
Type Password (where Password is the password for the user account to be used).
879.Close any open windows.
Create Additional Shared Folders System Center Configuration Manager uses a state migration point (SMP) to store migration data. During the state migration process the data is stored automatically in the SMP, which consists of a share defined in System Center Configuration Manager. The share must be accessible to the computer on which the SMP resides. After configuring the Network Access account, create an additional shared folder in which to store deployment logs. Table 2 lists the shared folder to create and describes the purpose of the folder. System Center Configuration Manager uses an SMP to store migration data, so there is no need to store migration data in this folder. For System Center Configuration Manager to capture and restore user data, it must be configured as a user SMP. For more information about setting up System Center Configuration Manager for this role, see Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx. Table 2. Shared Logs Folder and its Description Shared folder
Description
Logs
Stores the deployment logs during the deployment process. Usually the logs folder resides in SMS_CCM\logs or %windir%\system32\CCM\logs folder when collocated with a client.
Note When configuring the state migration point, refer to the shared folders that will be used for user state storage.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Configure Shared Folder Permissions The shared permissions on the logs folder should include the Systems Management Server Advanced Client account. The default permissions set on the Systems Center Configuration Manager distribution point shares should provide the appropriate resource access. The permissions set allow a target computer to connect to the appropriate share and create deployment logs. The folder permissions should prevent other users or computers from accessing the data stored in the folder.
Configure Access to Other Resources In addition to the shared folders just created, the MDT 2008 scripts might require access to other resources. The most common resources are: •
The distribution point, which uses the user credentials supplied by the Network Access account.
•
The System Center Configuration Manager databases hosted in Microsoft SQL Server® 2005.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng Sys tem Ce nte r Con figu r ation Mana ger to Respond to PXE B oot Requests PXE is a broadcast protocol used to boot a client computer using a network adapter to a PXE service point, which uses Trivial File Transfer Protocol (TFTP) to send information concerning the boot process to the PXE client. The computer requesting services from a PXE service point is the PXE client. The service point in this instance is System Center Configuration Manager, which sends bootstrap code to the PXE client, allowing the computer to start and optionally be controlled for image capture or deployment. System Center Configuration Manager can be configured to respond to PXE boot requests using Windows Deployment Services. This allows System Center Configuration Manager to directly service PXE boot requests received by Windows Deployment Services as a PXE service point, which in turn allows target computers to boot images that System Center Configuration Manager manages using PXE. System Center Configuration Manager can service PXE clients that are defined within the Configuration Manager site database. (System Center Configuration Manager cannot manage computers that are not defined in the System Center Configuration Manager database.) See the section, “Define Computers to System Center Configuration Manager,” later in this document to define computers in System Center Configuration Manager. This section also describes how to integrate Windows Deployment Services into the System Center Configuration Manager environment to assist with PXE requests. Configure a computer running System Center Configuration Manager with the PXE service point role. The PXE service point responds to PXE boot requests made by computers defined in System Center Configuration Manager, and then interacts with System Center Configuration Manager infrastructure to determine the appropriate deployment actions to take. Note In addition to the methods described here, traditional Windows Deployment Services methods can be used for responding to PXE boot requests. For more information, see the Windows Deployment Services Help file included with Windows Deployment Services.
To configure System Center Configuration Manager to respond to PXE boot requests 880.Ensure that the required infrastructure exists to support integration (especially AD DS, Dynamic Host Configuration Protocol [DHCP], and Windows Deployment Services). 881.Configure a computer running System Center Configuration Manager with the PXE service point role. For more information on configuring the PXE service point role in System Center Configuration Manager, see “How to Configure the PXE Service Point” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
882.Import the target computer information, and assign the computer to a System Center Configuration Manager collection. For more information about importing the target computer information, see “How to Add a New Computer to the Configuration Manager 2007 Database” in the Configuration Manager Documentation Library included with System Center Configuration Manager and the section “Define Computers to the System Center Configuration Manager” later in this document. 883.Create and advertise the PXE operating system deployment task sequence to the target collection or device (imported in the previous step). For additional information about: •
Creating task sequences, see “How to Manage Task Sequences” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
•
Advertising task sequences, see “How to Advertise Task Sequences” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Note The task sequence must be advertised by selecting the Make this task sequence available to boot media and PXE check box. If this box is not selected, the task sequence will not be available for PXE deployments.
Define Computers to System Center Configuration Manager System Center Configuration Manager does not support running task sequences on computers that have not been defined in the Configuration Manager site database. To work around this limitation, MDT 2008 offers two scenarios: an operating system media pre-execution hook and PXE boot.
Boot Media MDT 2008 provides an operating system media pre-execution hook. This hook is executed before System Center Configuration Manager checks to determine whether the computer is defined in the Configuration Manager site database. The hook allows the executed command to take steps to add the computer to the Configuration Manager site database. It also adds the computer to a collection so that the computer receives at least one task sequence. To add the script files needed to run a new wizard as part of the pre-execution hook to the boot image being created, in the New Boot Image pane of the Import Microsoft Deployment Task Sequence Wizard, select the Add media hook files for unknown computer support with boot media check box. A URL for a Web service can verify whether the computer is defined to System Center Configuration Manager. The Web service must be deployed to a Web server, and the computer must be added to Configuration Manager console and to a collection. Note For more information about the operating system media pre-execution hook, see Operating System Media Pre-Execution Hook at http://technet.microsoft.com/enus/library/bb694075.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: PXE Boot Requests
11
To set up a Web service to use with the operating system media pre-execution hook 884.Verify that a System Center Configuration Manager server configured with the Service Location Protocol (SLP) exists in the environment. Note This would normally be the central site server, because it needs to know the boundaries of all System Center Configuration Manager sites in the hierarchy. The MDT 2008 Web service will contact the SLP to determine the System Center Configuration Manager site code in which a computer is assigned.
885.Verify that MDT 2008 is installed on a server running Microsoft Internet Information Services (IIS). This does not have to be the same computer used for other MDT 2008 functions, although it typically would exist on that server. The server must have Microsoft .NET Framework version 2.0 installed. Note If Microsoft .NET Framework 2.0 was installed after IIS was installed, run Aspnet_regiis.exe to add Microsoft ASP.NET support to IIS. For more information, see ASP.NET IIS Registration Tool (Aspnet_regiis.exe) at http://msdn2.microsoft.com/enus/library/k6h9cz8h(VS.80).aspx.
886.In the IIS Manager Microsoft Management Console (MMC) snap-in, right-click the default Web site (or any other appropriate Web site), and then click Add Application. 887.Type an alias—for example, MicrosoftDeployment—and then the path; for example, %programfiles%\Microsoft Deployment Toolkit. Note Step 3 works as described for Windows Server 2008. For Windows Server 2003, rightclick the default Web site, click New, and then click Virtual Directory. Type the alias and path, and then click both Read and Execute permissions.
888.Edit the Web.config file in the installation directory—for example, %programfiles%\Microsoft Deployment Toolkit\Web.config—to specify the name of the System Center Configuration Manager server running the SLP, in addition to the name of the server running the central site System Center Configuration Manager provider. Usually, both of these will be set to the same server name. Note The Web service will normally run as the Network Service account. If System Center Configuration Manager is running on the same computer, NT AUTHORITY\NETWORK SERVICE would need permissions to System Center Configuration Manager. If System Center Configuration Manager. is running on a different computer, the computer account (Domain\Computer$) would need permissions. In either case, Web.config can be edited to indicate the account to be used. To do this, remove comments from the
889.Test the Web service using a Web browser. Specify a URL using the server name and the application created in the previous step. For example, http://servername/MicrosoftDeployment/UnknownComputer.asmx. A Web page will be displayed that indicates the following operations are supported: •
AddComputer
•
GetADSite
•
GetAssignedSite
•
IsComputerKnown
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
890.Click the GetADSite link, and then click Invoke on the resulting page to test the GetADSite Web service. This Web service returns the AD DS site name for the TCP/IP address the client used to connect to the Web service. Note This might not return a valid name if the Web service is executed from a Web browser on the same host, because the loopback address 127.0.0.1 is not a member of an AD DS site.
891.On the original Web page that lists the supported operations, click the GetAssignedSite link. Specify the IP address and subnet address of a client that is within the boundaries of one of the System Center Configuration Manager sites in the hierarchy, and then click Invoke. The subnet address is the IP address with the mask applied. Note If the client's IP address is 10.1.1.1 with a subnet mask of 255.255.255.0, the subnet address would be 10.1.1.0. Verify that the returned site code is correct. If no site code is returned, verify the SLP server name configured earlier, and make sure the site boundaries are configured correctly.
892.On the original Web page that lists the supported operations, click the IsComputerKnown link. Specify either a media access control (MAC) address or a system management basic input/output system (SMBIOS) globally unique identifier (GUID), or both, for a computer already known to a System Center Configuration Manager site, and the site code for that site, and then click Invoke. Verify the results. 893.On the original Web page that lists the supported operations, click the AddComputer link. Specify a site code to which the computer should be added, the computer name to be assigned (this can be a temporary name, because it will be overridden when the computer becomes a System Center Configuration Manager client), at least one of the MAC address and SMBIOS GUID properties, and, optionally, a collection to which the computer should be added. Note This collection must be owned by the specified site. Typically this would be a collection associated with an operating system deployment task sequence.
894.When all of the Web services have been validated, use the Import Microsoft Deployment Task Sequence Wizard to create a new boot image. As part of that boot image creation process, specify that a media hook should be included, and specify the Web service URL that was used in step 6.
PXE Boot System Center Configuration Manager integrates with Windows Deployment Services to support PXE boot known computers. If the computer is not known to the local System Center Configuration Manager site, it will not respond to the PXE request. To work around this problem, MDT 2008 offers a PXE filter, which hooks into Windows Deployment Services and adds new computers to the Configuration Manager site database before Configuration Manager console sees the request. This way, System Center Configuration Manager can respond to the request. A wizard is used to install the new PXE filter. To execute the wizard, click Start, and then click Configure WDS PXE Filter. This action requires that MDT 2008 exist on the Windows Deployment Services server and that Windows Deployment Services be running the Systems Management Server PXE role. The PXE filter calls PXEFilter.vbs, a Microsoft Visual Basic® Scripting Edition (VBScript) file located in the %ProgramFiles%\Microsoft Deployment Toolkit\scripts folder, which determines whether to add the computer to the Configuration Manager site database. Edit the script for each installation to specify the name of the System Center Configuration Manager server, the site code of the server, the collection ID to which new computers are added, and the credentials required for a remote connection to the System Center Configuration Manager provider. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: PXE Boot Requests
13
Note Credentials are required only when the PXE server is not on the same computer as System Center Configuration Manager, because the PXEFilter.vbs script runs in the security context of Local System. If credentials are provided in this scenario, PXEFilter.vbs will not run correctly.
Making these changes to the scripts will result in System Center Configuration Manager responding to PXE requests from all unknown computers. Ensure that operating systems are not deployed to computers for which they were not intended. It might be necessary to edit the scripts to filter the requests using the IP address of the request, or handle only requests received from computers on dedicated staging subnets, and ignore requests without adding the computers to the Configuration Manager site database. Enable logging in Windows Deployment Services to provide additional help with troubleshooting problems related to configuring the PXE filter. For more information on how to enable logging in Windows Deployment Services, see the Microsoft Help and Support article, “How to enable logging in Windows Deployment Services (WDS) in Windows Server 2003,” at http://support.microsoft.com/kb/936625. Note This process is currently only tested and supported for Windows Deployment Services running on Windows Server 2003.
To make the unknown computer support option work correctly 895.Add the PXE server computer account to the Microsoft Systems Management Server (SMS) 2003 Admins security group. 896.Add the following rights within System Center Configuration Manager: •
Sites Class: Administer
•
Collections Class: Create, Modify, Modify Resource, Read, Read Resource
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Iden ti fyi ng t he P ac ka ges and Ima ges Requ ir ed by the Task Sequence Templ ate s Table 3 lists the packages and images that are required by the task sequence templates in MDT 2008. These packages and images must exist (or be created) for the task sequences to run correctly. Table 3. Packages and Images Required by the Task Sequence Templates Included in MDT 2008 This package or image
Contains the
Boot image package
Boot image used to initiate the ZTI deployment process.
Microsoft Deployment Files package
Contents of the MDT 2008 distribution share directory. The files used from the distribution share directory are the scripts and control files.
OS image
Image of the operating system to be deployed to the target computer.
Client package
System Center Configuration Manager client installation files.
USMT package
USMT files used to capture and restore user state.
Custom Settings package
Contains unattended files and customsettings.ini.
Sysprep files package
Contains the specific System Preparation Tool (Sysprep) files defined for a package.
Note Do not use Lite Touch Windows Imaging Format (WIM)–generated boot images from Deployment Workbench (LiteTouchPE_x86.wim) in System Center Configuration Manager. Instead, use the generic WIM image generated from Deployment Workbench in conjunction with System Center Configuration Manager, if needed.
In addition to the packages and images required by the task sequence templates, consider creating and including the following elements in the task sequences to provide similar functionality in Deployment Workbench: •
Application packages. This package includes any applications that will be installed as part of the operating system deployment (similar to the Applications node in Deployment Workbench). These packages are created as packages and programs in System Center Configuration Manager. For more information on how to create these packages, see “Tasks for Software Distribution” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007: Import Task Sequences
•
15
Windows package file packages. These packages include any Windows package files (such as language packs, security updates, and service packs) that will be installed as part of the operating system deployment (similar to the OS Packages node in Deployment Workbench). These packages are created as packages in System Center Configuration Manager. For more information on how to create these packages, see “Tasks for Software Distribution” in the Configuration Manager Documentation Library included with System Center Configuration Manager. Note For more information about creating a package that contains language packs, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
•
Device driver package. System Center Configuration Manager uses driver packages to control the distribution of drivers to distribution points. System Center Configuration Manager always considers all available drivers when deciding what is needed for a particular computer. For more information about how to include device drivers in the operating system image, see “How to Install Drivers on a Configuration Manager Client Using a Task Sequence” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ad ver ti sing the Task Sequence Initiate the ZTI deployment process by advertising the task sequences created in System Center Configuration Manager. If System Center Configuration Manager is configured to respond to PXE boot requests, advertising the task sequence automatically configures the boot image referenced in the task sequence for PXE boot. For more information, see the section “Configuring System Center Configuration Manager to Respond to PXE Boot Requests,” earlier in this document. Advertise task sequences to collections using the New Advertisement Wizard. Before running the New Advertisement Wizard, the target collections and desired run-time behavior for the advertisement being created must be known. Read access to the task sequence is required to advertise the task sequence, and the task sequence must exist prior to creating the advertisement. For more information on advertising task sequences, see “How to Advertise Task Sequences” in the Configuration Manager Documentation Library included with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Upd ating P ac ka ges, Ima ges, and Task Sequences As part of the ongoing management of the deployment process, update the packages, images, and task sequences that are used in the deployment process. These entities are updated using the standard methods that System Center Configuration Manager provides. For example, to update the CustomSettings.ini file used by a task sequence, create a new task sequence in the Import Microsoft Deployment Task Sequence Wizard. For systematic guidance to complete this process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide. For more information on updating package data on distribution points, see “How to Update Package Data on Distribution Points” in the Configuration Manager Documentation Library included with System Center Configuration Manager. Use similar methods for updating other packages and images used in the task sequences. Any modifications to the task sequences are automatically incorporated the next time a target computer runs the task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ne xt Steps When System Center Configuration Manager has been prepared for the deployment process, it is ready to begin the imaging process. For additional procedural guidance on using System Center Configuration Manager in the imaging process, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide. That guide helps determine the best way to use System Center Configuration Manager and MDT 2008 to help with the imaging and deployment processes used by corresponding teams in the organization’s deployment process.
Microsoft® Deployment Toolkit 2008 Preparing for Microsoft Systems Management Server 2003
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Template User Instructions
19
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
In tr oduct ion The deployment process described in this guide takes advantage of and combines the results of the other processes in Microsoft® Deployment Toolkit (MDT) 2008 to accomplish the following tasks: •
Collect hardware and software inventory information using Microsoft Systems Management Server (SMS) 2003 with Service Pack 2 (SP2) or later. Note Use the Windows® User State Migration Tool (USMT) version 3.0.1 to migrate existing user profile information. USMT supports the migration of multi-user computers. When a single computer has multiple profiles, each with unique user data, USMT need no longer be executed for each user to capture all user states. USMT can capture all user states during a one-time Scanstate execution—including both domain and local users. For more information about how to migrate computer systems with many users, see “Migrate Data on Computers with Multiple Users” in the USMT product documentation.
•
Configure Windows Deployment Services to start Windows Preinstallation Environment (Windows PE).
•
Install a Windows operating system image on target computers automatically using the SMS 2003 Operating System Deployment (OSD) Feature Pack and Zero Touch Installation (ZTI) deployment scripts.
•
Monitor the deployment process using Microsoft System Center Operations Manager 2007 and the MDT 2008 Management Pack. Note To report the proper information in the MDT 2008 Management Pack, the OSDNewMachine property must be properly configured. For more information about ensuring proper operation of Systems Management Server with MDT 2008 and the MDT 2008 Management Pack, see the section, “Configure the OSDNewMachineProperty,” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Management Pack.
•
Optionally, copy existing user data and preferences from the target computer to a network deployment server.
•
Optionally, create a backup image of the user computer to a network deployment server.
•
Optionally, repartition and format the existing primary hard disk (in New Computer and Replace Computer scenarios).
•
Install a Windows operating system image that includes application suites such as Microsoft Office 2003 or the 2007 Microsoft Office system.
•
Dynamically install applications that are specific to the target computer model, such as DVD software.
•
Automatically install previously packaged software specific to the user of the target computer.
•
Optionally, restore the user data and preferences that were previously stored on the network deployment server.
2
Microsoft Deployment Toolkit 2008
In addition, this document provides guidance on where to place deployment servers and other planning information. Note An upgrade feature is available for upgrading to MDT 2008 from Business Desktop Deployment (BDD) 2007. For more information about upgrading to MDT 2008, see the MDT 2008 document, Getting Started Guide. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2003, and Windows Server 2008 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Dep lo yment En vir onmen t Before deploying images to target computers, ensure that the deployment environment is properly prepared to run ZTI. Table 1 shows the high-level steps in ZTI deployment environment preparation. Some of these steps might have already been completed. Skip steps that are complete. Table 1. ZTI Deployment Environment Preparation Checklist High-level steps in ZTI deployment environment preparation q
Install the SMS 2003 OSD Feature Pack.
q
Install MDT 2008.
q
Create the SMS 2003 OSD deployment point.
Install the SMS 2003 OSD Feature Pack Install the SMS 2003 OSD Feature Pack on either a Systems Management Server site server or on a target computer running the SMS Administrator Console. As indicated earlier in this guide, Systems Management Server 2003 with SP1 must be installed on all site servers to support the SMS 2003 OSD Feature Pack. In addition, the SMS Administrator Console included in Systems Management Server with SP1 must be installed. To ensure that more than one target computer can administer the SMS 2003 OSD Feature Pack, install the SMS 2003 OSD Feature Pack on a Systems Management Server site server (recommended). To install the SMS 2003 OSD Feature Pack 897.Extract the setup files that come with the product. 898.Install the SMS 2003 OSD Feature Pack on a Systems Management Server site server and on the SMS Administrator Console. Note Back up the Systems Management Server site server before upgrading Systems Management Server or adding a feature pack. Note For more information about installing the SMS 2003 OSD Feature Pack, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM.
Install MDT 2008 In most instances, MDT 2008 will already be installed on the deployment server. In instances where this task has not been completed and for more information on how to install MDT 2008 on the deployment server, see the section, “Installing MDT 2008,” in the MDT 2008 document, Getting Started Guide.
4
Microsoft Deployment Toolkit 2008
Create the SMS 2003 OSD Deployment Point After MDT 2008 is installed, create the deployment point using the Deployment Point Wizard in Deployment Workbench. Using the Deployment Point Wizard, the following types of deployment points can be managed: •
Lab or single-server deployment (LAB). By default, Deployment Workbench creates a distribution point (shared as Distribution$). Select this option to use the Distribution$ share as the deployment point.
•
Separate deployment share (Network). This option allows creation of a new network share that can be used as a new distribution point. Create the network on the computer running Deployment Workbench or on another computer.
•
Removable media (Media). This option allows creation of a shared folder that can be used to create images for deployment on removable media. This includes deploying from DVDs, external hard disks, or USB storage devices.
•
SMS 2003 OSD (OSD). This option allows creation of a shared folder that can be used to create SMS 2003 OSD Feature Pack–managed images. This option should only be used for ZTI-based deployments.
Note For ZTI deployments, always select the SMS 2003 OSD deployment point; only steps related to that deployment point type will be displayed. Note Create a Lab or single-server deployment point before creating an SMS 2003 OSD deployment point.
To create the deployment point 899.Start Deployment Workbench. 900.In the console tree, right-click Deploy, and then click New. The Windows Deployment Wizard starts. 901.On the Builds can be deployed in several ways page, click SMS 2003 OSD, and then click Next. 902.On the Specify a descriptive name page, in the Deployment point name box, type deployment_point_name (where deployment_point_name is the descriptive name selected), and then click Next. 903.Complete the Specify the location of the network share to hold the files and folders necessary for this deployment type page based on the information listed in Table 2, and then click Next. Table 2. Configuration Options for the Specify the Location of the Network Share to Hold the Files and Folders Necessary for This Deployment Type Wizard Page In this Box
Type
Servername
computer_name (where computer_name is the name of the computer that will host the shared folder)
Sharename
share_name (where share_name is the name of the share to be created on the computer that will host the shared folder)
Path for share
path_name (where path_name is the fully qualified path folder to share on the computer that will host the shared folder)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Preparing the Deployment Environment
5
904.On the Specify where to obtain SMS 2003 OSD files page, in the SMS 2003 OSD path box, type path (where path is the path to the SMS 2003 OSD installation directory), or browse to the file by clicking Browse, and then click Finish. 905.Review the information displayed in the More configuration required dialog box, and then click OK. The Deployment Point Wizard finishes, and the new deployment point name appears in the details pane. The ZTI$ shared folder is created as the deployment point for SMS 2003 OSD Feature Pack deployment point types.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng A pp r opr ia te R esour ce Acces s During deployment to target computers, the Systems Management Server client connects to the distribution point shares and shared folders. Create accounts within Systems Management Server for the Systems Management Server client to use when accessing these resources. Table 3 shows the high-level steps in configuring resources access. Table 3. Resource Access Configuration Checklist High-level steps in configuring resource access q
Configure Systems Management Server client access accounts.
q
Create additional shared folders.
q
Configure shared folder permissions.
q
Configure access to other resources.
q
Configure credentials used in the Package Selection Phase.
Configure Client Access Accounts The Systems Management Server client needs an account to provide as credentials when accessing the Systems Management Server distribution points, the MDT 2008 deployment point, and shared folders. The account to configure is listed in Table 4. Table 4. Accounts That Must Be Configured Account
Description
Systems Management Server Advanced Client Network Access account
Used by the SMS 2003 OSD Feature Pack on Microsoft Windows 2000 Professional and later operating systems to access the distribution point that contains the operating system package.
To configure the client access accounts 906.Create the user account and password in an Active Directory® Domain Services (AD DS) domain. 907.In SMS Administrator Console, right-click the Client node, point to New, and then click Windows User Account. 908.In the Connection Account Properties dialog box, click Set. 909.Complete the Windows User Account dialog box using the information listed in Table 5, and then click OK.
Preparing for Microsoft Systems Management Server 2003: Configure Resource Access
7
Table 5. Information Required to Complete the Windows User Account Dialog Box In this box
Type
User name
UserName (where UserName is the name of the user account to be used)
Password
Password (where Password is the password for the user account to be used)
Confirm password
Password (where Password is the password for the user account to be used)
910.Repeat steps 2–4 for each client access account to be created. 911.In SMS Administrator Console, click the Component Configuration node. 912.In the details pane, right-click Software Distribution, and then click Properties. 913.In the Software Distribution Properties dialog box, click the General tab, type the corresponding account in the Advanced Client Network Access Account box, and then click OK. 914.Close any open windows.
Create Additional Shared Folders After configuring the Systems Management Server client access accounts, create additional shared folders in which to store user state migration data and deployment logs. Table 6 lists the shared folders to create and describes the purpose of each shared folder. For more information about planning for these share folders, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts. Table 6. Shared Folders and Their Descriptions Shared folder
Description
MigData
Stores the user state migration data during the deployment process.
Logs
Stores the deployment logs during the deployment process.
Note The files in Table 6 are recommended shared folder names. Any names can be used for these shared folders. However, the remainder of the deployment process will refer to these shared folders by these names.
Configure Shared Folder Permissions After creating additional shared folders, configure the appropriate shared folder permissions. Ensure that unauthorized users are unable to access user state migration information and deployment logs. Typically, only Write access is required for the Systems Management Server Advanced Client Network Access account, as described in the previous section. In addition, during the “old computer” portion of the Replace Computer scenario, the target computer account must have Write access to save the user state migration information and to write any necessary deployment logs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
To configure the shared folder permissions for each folder listed in Table 6 915.In Windows Explorer, right-click SharedFolder (where SharedFolder is one of the shared folders listed in Table 6), and then click Properties. 916.On the Security tab, click Advanced. 917.On the Permissions tab, clear the Allow inheritable permissions from the parent to propagate to this object and all child objects check box. 918.When the Remove when prompted to either Copy or Remove the permission entries that were previously applied from the parent dialog box appears, click Remove. 919.On the Permissions tab, click Add. 920.In the Enter the object name to select box, type Domain Computers, and then click OK. This action allows domain computers to create subfolders. 921.In the Permission Entry for SharedFolder dialog box, in the Apply onto list, click This folder only. 922.In the Permission Entry for SharedFolder dialog box, in the Permissions list, click Allow for the Create Folders/Append Data permission, and then click OK. 923.Repeat steps 5–8, substituting the account specified for the Systems Management Server Advanced Client Network Access account in the “Configure Client Access Accounts” section. 924.On the Permissions tab, click Add. 925.In the Enter the object name to select box, type CREATOR OWNER, and then click OK. This action allows domain computers and domain users to access the subfolders they create. 926.In the Permission Entry for SharedFolder dialog box, in the Apply onto list, click Subfolders and files only. 927.In the Permission Entry for SharedFolder dialog box, in the Permissions list, click Allow for the Full Control permission, and then click OK. 928.Repeat steps 10–13 for each group or user account to which these required privileges will be granted. The permissions set in these steps allow a target computer to connect to the appropriate share and create a new folder in which to store user state information or deployment logs, respectively. The folder permissions prevent other users or computers from accessing the data stored in the folder. Note The default permissions on the Systems Management Server distribution point shares should provide the appropriate resource access by default.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Configure Resource Access
9
Configure Access to Other Resources In addition to the shared folders created in the previous section, MDT 2008 scripts might require access to other resources. These resources include application or database servers such as Microsoft SQL Server® 2005, SQL Server 2000, Microsoft Exchange Server 2007, or the following: •
•
The distribution point, using the user credentials supplied by the: •
Systems Management Server Advanced Client Network Access account
•
UserID, UserDomain, and UserPassword properties in CustomSettings.ini
Other servers, using the Connect to UNC action
Supply credentials when configuring a Connect to UNC action. In addition to a connection to shared folders, use the credentials supplied in the Connect to UNC action to authenticate to application or database servers. To authenticate on these application or database servers, use the Connect to UNC action to connect to any share on that server. Other connections, such as Named Pipes or Remote Procedure Call (RPC), will use the same credentials supplied in the Connect to UNC action.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Configure the Package Selection Phase Credentials Deployment of the operating system packages to the target computer can be broken down into the phases described in Table 7. These phases occur during different sequences in the deployment process. Table 7. Operating System Deployment Phases and the Credentials Available Phase
Credentials available
Validation
Systems Management Server Advanced Client Network Access account
State Capture
Systems Management Server Advanced Client Network Access account
Package Selection
Systems Management Server Advanced Client Network Access account These credentials in Ripinfo.ini provide access to the distribution point and provide access to the shared folder specified in the [UserCommand] section. Note These credentials are specified when creating the SMS 2003 OSD Feature Pack image installation CD and are encoded and stored in Ripinfo.ini.
Preinstall
Systems Management Server Advanced Client Network Access account
Postinstall
Systems Management Server Advanced Client Network Access account
State Restore
Systems Management Server Advanced Client Network Access account
The account defined when the Image Installation CD image was created is used to make a connection to the share that contains the package automation script (ZeroTouchInstallation.vbs). The Systems Management Server Advanced Client Network Access account is used to access the package source directory, log directories, user data directories, and databases unless the package selection automation script is located on the same server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he ZT I O per ati ng Syste m I ma ge Before configuring the ZTI operating system image, first create an image. For guidance on creating images using the SMS 2003 OSD Feature Pack, see SMS 2003 OSD Image Capture CD topics in Systems Management Server Help. The SMS 2003 OSD Feature Pack defines phases, listed in Table 8, that occur during the deployment of the SMS 2003 OSD Feature Pack image to the target computer. Configure each phase with the appropriate ZTI script settings to fully automate the Windows Vista or Windows XP deployment. Table 8. SMS 2003 OSD Feature Pack Phases, the Custom Action Names, and Their Descriptions Phase
Custom action name Phase description
Validation
Zero Touch Installation— Validation
Performs validation checks to make sure the operating system installation can proceed; specifically blocks installation on server operating systems.
State Capture
Zero Touch Installation—State Capture
Gathers information from the configuration file, databases, and the local computer to determine how the image installation process should proceed, including whether there is enough space to do a local USMT state backup; invokes USMT Scanstate as appropriate.
Preinstall
Zero Touch Confirms that the necessary information has Installation—Preinstall been gathered (or, in a New Computer or Replace Computer scenario, gathers it) It also backs up the computer, if requested.
Postinstall
Zero Touch Installation— Postinstall
Updates the Sysprep.inf file with information gathered in the previous three custom actions and injects drivers, updates, and language packs. Note file.
State Restore
Zero Touch Installation—State Restore
Windows Vista updates the Unattend.xml
Invokes USMT Loadstate to restore the user state that was previously backed up and also installs any packages specified.
12
Microsoft Deployment Toolkit 2008
Before continuing, create an SMS 2003 OSD Feature Pack package and program for the target operating system. For more information on performing these tasks, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM. Note For troubleshooting purposes in the lab environment, consider including the /debug:true option at the end of the command in each phase. This causes the SMS 2003 OSD Feature Pack to preserve the full contents of the C:\Minint folder so that the logs can be reviewed when errors occur.
Capture an Image with the SMS 2003 OSD Feature Pack Before using the Systems Management Server 2003 Image Capture Wizard to prepare and capture an image of the lab computer, make sure the computer is configured to start from the CD drive. Complete the following steps to use the Image Capture CD to capture an image of the lab computer: 929.On the lab computer running the installed build, insert the Image Capture CD created as described in the section, “Creating an Image Capture CD.” 930.On the welcome page of the Systems Management Server 2003 Image Capture Wizard, click Next. 931.On the Image Destination page, complete the following steps, and then click Next: i.
In the Image file name box, type the name of the Windows Imaging Format (WIM) file to create.
j.
In the Network location box, type the Universal Naming Convention (UNC) path in which to store the image file. For MDT 2008, type \\server\Distribution$\Captures, where server is the name of the server that contains the distribution share.
k.
In the Account name box, type the name of an account that has Write permission to the network location. Specify the account using the format Domain\User.
l.
In the Password box, type the password for the account.
932.On the Sysprep information page, complete the following steps, and then click Next: m. In the Local Administrator’s Password box, type the password for the local Administrator account. n. In the Confirm Password box, confirm the password for the local Administrator account. o. In the Sysprep Parameters box, edit the System Preparation Tool (Sysprep) command-line options, if necessary. 933.In the Image Properties dialog box, provide any comments, version information, and developer information as necessary, and then click Next. 934.Click Finish. The Systems Management Server 2003 Image Capture Wizard will run Sysprep, and then shut down the computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Configure the ZTI Image
13
Start the computer using the Image Capture CD. If prompted to press a key to boot from the CD, press any key. The Systems Management Server 2003 Image Capture Wizard captures an image of the lab computer with no interaction. For more information, see the SMS 2003 OSD Image Capture CD topics in Systems Management Server Help.
Configure the OSD Phase Actions Configure the actions to be performed for each OSD phase (listed in Table 8). The action for each OSD phase is essentially the same: Run the ZeroTouchInstallation.vbs script and include all the files in \\servername\ZTI$\TaskSequenceFolder (where servername is the name of the server hosting the distribution point shared folder). The folder \\servername\ZTI$\TaskSequenceFolder is created when an SMS 2003 OSD deployment point is created in Deployment Workbench. This folder is referenced in the various phase actions so that the files located in the folder are included in the OSD operating system image that is distributed to the target computers.
Configure the Validation Phase Actions To configure the Validation Phase actions, perform the following steps: 935.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 936.In the details pane, double-click Program (where Program is the name of the program to configure). 937.In the Program Properties dialog box, click the Advanced tab. 938.In the Phase list, click Validation, and then click Add. The Validation dialog box appears. 939.In the list of action types, click Custom, and then click OK. 940.Complete the custom actions using the information listed in Table 9 (where servername is the name of the server hosting the distribution point shared folder). Table 9. Configuration Information for the Validation Phase Actions Field
Value
Name
Zero Touch Installation—Validation
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Configure the State Capture Phase Actions To configure the State Capture Phase actions, perform the following steps: 941.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 942.In the details pane, double-click Program (where Program is the name of the program to configure). 943.In the Program Properties dialog box, click the Advanced tab. 944.In the Phase list, click State Capture, and then click Add. The State Capture dialog box appears. 945.In the list of action types, click Custom, and then click OK. 946.Complete the custom actions using the information listed in Table 10 (where servername is the name of the server hosting the distribution point shared folder). Table 10. Configuration Information for the State Capture Phase Actions Field
Value
Name
Zero Touch Installation—State Capture
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Configure the Preinstall Phase Actions To configure the Preinstall Phase actions, perform the following steps: 947.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 948.In the details pane, double-click Program (where Program is the name of the program to configure). 949.In the Program Properties dialog box, click the Advanced tab. 950.In the Phase list, click Preinstall, and then click Add. The Preinstall dialog box appears. 951.In the list of action types, click Custom, and then click OK. 952.Complete the custom actions using the information listed in Table 11 (where servername is the name of the server hosting the distribution point shared folder).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Configure the ZTI Image
15
Table 11. Configuration Information for the Preinstall Phase Actions Field
Value
Name
Zero Touch Installation—Preinstall
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Configure the Postinstall Phase Actions To configure the Postinstall Phase actions, perform the following steps: 953.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 954.In the details pane, double-click Program (where Program is the name of the program to configure). 955.In the Program Properties dialog box, click the Advanced tab. 956.In the Phase list, click Postinstall, and then click Add. The Postinstall dialog box appears. 957.In the list of action types, click Custom, and then click OK. 958.Complete the custom actions using the information listed in Table 12 (where servername is the name of the server hosting the distribution point shared folder). Table 12. Configuration Information for the Postinstall Phase Actions Field
Value
Name
Zero Touch Installation—Postinstall
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Configure the State Restore Phase Actions To configure the State Restore Phase actions, perform the following steps: 959.In SMS Administrator Console, go to Image Packages/Package (where Package is the name of the package to configure), and then click Programs. 960.In the details pane, double-click Program (where Program is the name of the program to configure). 961.In the Program Properties dialog box, click the Advanced tab.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
962.In the Phase list, click State Restore, and then click Add. The State Restore dialog box appears. 963.In the list of action types, click Custom, and then click OK. 964.Complete the custom actions using the information listed in Table 13 (where servername is the name of the server hosting the distribution point shared folder). Table 13. Configuration Information for the State Restore Phase Actions Field
Value
Name
Zero Touch Installation—State Restore
Command line
ZeroTouchInstallation.vbs
Files
\\servername\ZTI$\TaskSequenceFolder\*.*
Note During testing, in a Command Prompt window, type ZeroTouchInstallation.vbs /debug:true to create log files for debugging purposes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting an O ld C ompu ter Syste ms Mana gement Ser ver Pac ka ge and Pr og r am When replacing an existing computer, capture the user state from the existing computer so that it can be restored to the migrated target computer. In this scenario, do not deploy an operating system to the existing computer. Instead, create a Systems Management Server package and program to capture the user state information. This is a standard Systems Management Server package and program—not an SMS 2003 OSD Feature Pack package and program. In a typical deployment scenario, after creating the Systems Management Server package and program, the package and program would be advertized to the existing computers (the computers being migrated). Deployment Workbench automatically creates the source files required to create the Systems Management Server package and program to perform user state capture. The files are stored in the OldComputer folder immediately beneath the folder that is the root folder for the deployment point. For example, if the root folder of the deployment point is C:\ZTI, then the path to the source files for creating the Systems Management Server package is C:\ZTI\OldComputer. The OldComputer folder is created for all SMS 2003 OSD Feature Pack deployment points. However, task sequence–specific folders are created only for task sequences associated with SMS 2003 OSD Feature Pack images. Note Do not use the OldComputer folder to configure an SMS 2003 OSD Feature Pack program or package (using the advance properties of an SMS 2003 OSD Feature Pack program or package). Use the OldComputer folder only to create the standard Systems Management Server package and program.
To create the Systems Management Server package and program to perform user state capture 965.On a computer that has Systems Management Server administration tools installed, open SMS Administrator Console. 966.In the console tree, right-click Packages, point to New, and then click Package. 967.Complete the Package Properties dialog box using the information listed in Table 14, and then click OK. Note Table 14 contains the steps and information required to complete the Package Properties dialog box. Configure other information as appropriate for the environment.
18
Microsoft Deployment Toolkit 2008
Table 14. Completing the Package Properties Dialog Box On this tab
Perform these steps
General
In the Name box, type package_name (where package_name is an appropriate name for the package; for example, Microsoft Deployment Old Computer Package).
Data Source
Click This package contains source files. Click Set. In the Set Source Directory dialog box, in the Source directory, type unc_path (where unc_path is the UNC path to the OldComputer folder on the distribution point; for example, \\nyc-fs-01\ZTI$\OldComputer), and then click OK.
968.In the console tree, go to Packages/package_name (where package_name is the name of the package created in the previous step). Right-click Programs, point to New, and then click Program. 969.Complete the Program Properties dialog box using the information listed in Table 15, and then click OK. Note Table 15 contains the steps and information required to complete the Program Properties dialog box. Configure other information as appropriate for the environment.
Table 15. Completing the Program Properties Dialog Box On this tab
Perform these steps
General
In the Name box, type program_name (where program_name is an appropriate name for the program; for example, Old Computer State Capture). In the Command line box, type ZeroTouchInstallation.vbs /debug:true.
Environment
In the Program can run box, click Whether or not a user is logged on.
970.In the console tree, right-click Advertisements, point to All Tasks, and then click Distribute Software. 971.Complete the Distribute Software Wizard using the information listed in Table 16; accept defaults unless otherwise instructed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating an SMS Package and Program
19
Table 16. Completing the Distribute Software Wizard On this page
Do this
Welcome to the Distribute Software Wizard
Click Next.
Package
Click Select an existing package. In the Packages box, click the package created in step 3, and then click Next.
Distribution Points Click the appropriate distribution points for the environment, and then click Next. Advertise a Program
Click Next.
Select a Program to Advertise
In the Programs box, click the program created in step 5, and then click Next.
Advertisement Target
Click or create a collection that contains the computers to replace (the old computers), and then click Next.
Advertisement Name
In the Name box, type advertisement_name (where advertisement_name is the name for the advertisement), and then click Next.
Advertise to Subcollections
Click to advertise to subcollections as appropriate for the collection selected.
Advertisement Schedule
Click the appropriate schedule for the environment.
Assign Program
Click if the program is mandatory after a period of time based on the environment.
Completing the Distribute Software Wizard
Review the information in the Details box.
Solution Accelerators
Click Finish.
microsoft.com/technet/SolutionAccelerators
Cr ea ting a C us tom iz ed W indo ws PE I ma ge f or t he SMS 2003 OSD Fea tur e Pac k To completely automate the ZTI deployment process using the SMS 2003 OSD Feature Pack, create a customized version of Windows PE for the SMS 2003 OSD Feature pack to use. All deployment scenarios use Windows PE to gather deployment information from target computers or to configure the target computers prior to the deployment of Windows Vista or Windows XP. In ZTI deployments, initiate Windows PE automatically using Windows Deployment Services. To initiate Windows PE using Windows Deployment Services, prepare the Windows PE CDs and legacy images that Windows Deployment Services will use. Prepare the Windows PE CDs and legacy images using Deployment Workbench or manually. Although the Windows PE CDs and legacy images can be created manually, Microsoft recommends using Deployment Workbench. Note The steps in this section must be completed regardless of the method used to initiate Windows PE (including Windows Deployment Services or Systems Management Server advertisement).
Create a Windows PE boot image file using the SMS 2003 OSD Feature Pack. Note that the image file that the SMS 2003 OSD Feature Pack creates cannot be customized and does not include Windows Management Instrumentation (WMI). To create a customized Windows PE boot image, use Deployment Workbench or a custom process. Deployment Workbench adds WMI and makes other necessary changes to the Windows PE boot image. Note If the image being created will not be used on a Windows Deployment Services server, skip any instructions in this section that refer to Windows Deployment Services or Remote Installation Service (RIS).
To prepare the Windows PE CDs and legacy images 972.Customize Windows PE using Deployment Workbench or manually. 973.Provide access to the contents of the International Organization for Standardization (ISO) file created in step 1. 974.Import the customized version of Windows PE into the SMS 2003 OSD Feature Pack. 975.Create the SMS 2003 OSD Feature Pack Image Installation CD based on the customized Windows PE image.
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
21
Customize Windows PE Customize the version of Windows PE used in ZTI-based deployment manually or using Deployment Workbench. For ZTI-based deployments, use Windows PE 2004 or Windows PE 2005. When customizing Windows PE, operating system source files are required to provide the files needed to build a bootable version of Windows PE. Table 17 lists the versions of Windows PE and the operating system source files required to build the corresponding version of Windows PE. Table 17. Windows PE Versions and Required Operating System Source Files Windows PE version
Required operating system source files
Windows PE 2004
Windows XP with SP2
Windows PE 2005
Windows Server 2003 with SP1
Customize Windows PE Using Deployment Workbench Use Deployment Workbench to prepare a Windows PE ISO file. First burn the ISO file onto a CD; then, create an SMS 2003 OSD Feature Pack image from the CD. From there, create an SMS 2003 OSD Feature Pack package based on the Systems Management Server image. Transfer the same image to a Windows Deployment Services server as a legacy image. Note If customizing the Windows PE image manually, skip this section and continue in the section, “Customize Windows PE Manually,” later in this document.
To prepare the Windows PE CDs and legacy images using Deployment Workbench 976.Add the appropriate operating systems to Deployment Workbench. 977.Configure the Windows PE 2004/2005 tab. 978.Update the deployment point. Note Updating the deployment point creates both an ISO file and a “flat” source folder that can be used to update Systems Management Server without actually burning the created ISO file to CD media.
Add the Appropriate Operating Systems Before preparing the Windows PE CDs and legacy images, add the Windows PE 2004 or Windows PE 2005 operating system to Deployment Workbench. These become the Windows PE source for MDT 2008 ZTI deployments using the SMS 2003 OSD Feature Pack. In addition, add a version of Windows XP with SP2 or Windows Server 2003 with SP1 to Deployment Workbench. Customizing Windows PE 2004 or Windows PE 2005 for ZTI to use requires certain files from these operating systems. Add the version of Windows (Windows XP with SP2 for Windows PE 2004 or Windows Server 2003 with SP1 for Windows PE 2005) using the New OS Wizard in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
To add the new operating system Note Skip any wizard pages that are not displayed based on the operating system source selected.
979.Open Deployment Workbench. 980.In the console tree, expand Distribution Share, right-click Operating System, and then click New. The New OS Wizard starts. 981.On the OS Type page, click one of the options listed in Table 18 based on requirements, and then click Next. Table 18. Operating System Type Options Option
Description
Full set of source files
An operating system when files are the source. These files can be stored on a DVD or other folder structure made from a product DVD.
Custom Image File
A custom image file.
Windows Deployment Services images
An operating system in which the source is stored in an image file on a Windows Deployment Services server.
982.Based on the option selected in Table 18, complete the steps listed in Table 19. Table 19. Tasks to Perform for the Operating System Type Options Option
Perform these steps
Full set of source files
On the Source page, in the Source directory box, type source_directory_name (where source_directory_name is the fully qualified path to the operating system source files), and then click Next.
Custom Image File
On the Image page, in the Source file box, type source_file_name (where source_file_name is the fully qualified path to the WMI file), and then click Next.
Windows Deployment Services images
On the WDS Server page, in the Server name box, type server_name (where server_name is the name of the Windows Deployment Services server on which the image to add resides), and then click Next.
983.On the Specify the destination page, in the Destination directory name box, type destination_directory_name (where destination_directory_name is the fully qualified path to the folder into which the operating system will be copied), and then click Finish. The New OS Wizard finishes, and the new operating system appears in the details pane. Note
Repeat this procedure for each operating system to be added.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
23
Configure the Windows PE 2004/2005 Tab Before creating the ISO file that contains a customized version of Windows PE, configure the Windows PE 2004/2005 tab in the properties sheet of an SMS 2003 OSD Feature Pack deployment point. Configuring the Windows PE 2004/2005 tab provides Deployment Workbench with the necessary information to automatically customize Windows PE. To configure the Windows PE 2004/2005 tab 984.Open Deployment Workbench. 985.In the console tree, expand Deploy, and then click Deployment Points. 986.In the details pane, right-click osd_deployment_point (where osd_deployment_point is a deployment point used to prepare Windows PE), and then click Properties. Note Windows PE 2004 and Windows PE 2005 operating system source directories are used only in conjunction with SMS 2003 OSD Feature Pack deployment points.
987.In the osd_deployment_point Properties dialog box (where osd_deployment_point is the deployment point used to prepare Windows PE), click the Windows PE 2004/2005 tab. 988.In the Windows PE source box, click windows_pe_source (where windows_pe_source is the source for Windows PE that the New OS Wizard created in the Operating Systems node under the Distribution Share node in Deployment Workbench). 989.In the Windows source box, click windows_source (where windows_source is the source for Windows XP with SP2 for Windows PE 2004 or Window Server 2003 with SP1 for Windows PE 2005 that the New OS Wizard created in the Distribution Share/Operating Systems in Deployment Workbench). 990.In the Images to Generate section, select the Generate a flat bootable ISO image check box. 991.In the Driver Injection section, in the Driver group box, click driver_group (where driver_group is the driver group in the Out-of-Box Drivers node under the Distribution Share node in Deployment Workbench). Only the drivers contained in this group will be injected. 992.In the Driver Injection section, click Include all network drivers in the selected group to include all network drivers, and then click driver_group (where driver_group is the driver group in the Out-of-Box Drivers node under the Distribution Share node in Deployment Workbench). Note The SMS 2003 OSD Feature Pack uses only x86 versions of Windows PE. Even if a 64bit operating system is being deployed, the appropriate x86 drivers must be included for the Windows PE version that the SMS 2003 OSD Feature Pack uses.
993.Optionally, in the Windows PE Customizations section, in the Custom background bitmap file box, type bitmap (where bitmap is fully qualified path and file name for the bitmap image file). 994.Optionally, in the Windows PE Customizations section, in the Extra directory to add box, type folder (where folder is the fully qualified path to a folder to include in the Windows PE image). 995.Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Update the Deployment Point To create or update the ISO file that contains the customized version of Windows PE, update the deployment point. Updating the deployment point instructs Deployment Workbench to create a customized version of Windows PE using the configuration settings on the Windows PE 2004/2005 tab. To update the deployment point 996.Open Deployment Workbench. 997.In the console tree, expand Deploy, and then click Deployment Points. 998.In the details pane, right-click osd_deployment_point (where osd_deployment_point is a deployment point that contains the Windows PE image to update), and then click Update. Note Windows PE 2004 and Windows PE 2005 operating source directories are used only in conjunction with SMS 2003 OSD Feature Pack deployment points.
The update finishes, and the Generic_OSD_x86.iso file appears in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). In addition, a “flat” folder structure is created in the deployment_point_share\Boot\Source folder for directly updating the SMS 2003 OSD Feature Pack.
Customize Windows PE Manually To prepare Windows PE CDs and legacy images manually, perform the following steps: 999.Add support to Windows PE for additional network adapters. 1000.Add WMI support to Windows PE. 1001.Create customized Windows PE images. 1002.Create the ISO file that will be used to create a CD that the SMS 2003 OSD Feature Pack Wizard will use. For more information about Windows PE, Windows Deployment Services, and using Windows Deployment Services to deploy Windows PE, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, included on the SMS 2003 OSD Feature Pack CD-ROM. Note The SMS 2003 OSD Feature Pack uses only x86 versions of Windows PE. Even if an 64-bit operating system is being deployed, the appropriate x86 drivers must be included for the Windows PE version that the SMS 2003 OSD Feature Pack uses.
Add Network Adapter Support to Windows PE Ensure that Windows PE has the appropriate network adapter support for all the adapters in the organization. Deployment Workbench can automatically include any device drivers defined in Deployment Workbench in the Windows PE image. Or, the device drivers can be restricted to only network adapters. The steps for adding device driver support to Windows PE using Deployment Workbench are discussed in the section, “Configure the Windows PE 2004/2005 Tab,” earlier in this guide. For more information about adding support to Windows PE for additional network adapters manually or using other methods, see the following information: •
Microsoft Deployment Toolkit 2008 Deployment Concepts. This MDT 2008 guide provides information about building a custom Windows PE image that contains all the necessary drivers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
•
25
Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide. This guide provides information about using the Operating System Image Installation CD Wizard to update the SMS 2003 OSD Feature Pack version of Windows PE if drivers must be added that were missed when building the custom Windows PE image.
Add WMI Support to Windows PE The version of Windows PE created by Deployment Workbench automatically includes WMI support. If a different method is used to create Windows PE images, add WMI support to the Windows PE images. For example, if the version of Windows PE that is included with the SMS 2003 OSD Feature Pack does not include WMI support. Note WMI support is required for ZTI to function. Add WMI support to any customized Windows PE image that will be used with ZTI.
Although Windows PE images can be created manually, Microsoft recommends using Deployment Workbench. Windows PE images can be built, configured, and customized using Deployment Workbench. For more information about creating images using Deployment Workbench, see the MDT 2008 document, Workbench Imaging Guide. For more information about how to add WMI support to Windows PE, see the Microsoft Windows Preinstallation Environment User’s Guide (Winpe.chm) in the Docs folder of the Windows PE 2004 CD.
Create a Customized Windows PE Image After adding support for additional network adapters and WMI, begin creating customized Windows PE CDs. To create a customized Windows PE image manually 1003.Use Mkimg.cmd to create the Windows PE image. Note For more information about using Mkimg.cmd to create the Windows PE image, see the Microsoft Windows original equipment manufacturer (OEM) Preinstallation Kit (OPK), or review the Winpe.chm file in the Docs folder of the Windows PE version 1.5 CD.
1004.Make the appropriate modifications to Winbom.ini. 1005.Customize the Windows PE splash screen (necessary only if the image is to be used on Windows Deployment Services servers). 1006.Create the ISO file the SMS 2003 OSD Feature Pack wizards will use.
Modify Winbom.ini To make the appropriate modifications to Winbom.ini, perform the following steps: 1007.Open the Winbom.ini file in Microsoft Notepad. 1008.In the WinPE section, on a new line type Quiet=Yes. 1009.Save the file, and then close Notepad. 1010.Copy the Winbom.ini file to the I386\System32 folder in the Windows PE image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Customize the Windows PE Splash Screen Note This step is necessary only if the Windows PE image will be used on Windows Deployment Services servers.
To replace the default Windows PE splash screen with a custom splash screen 1011.On the Windows Deployment Services server, open Windows Explorer. 1012.Go to RISSourcePath (where RISSourcePath is the path to the WinPE folder in the Windows PE image to modify—for example, D:\WinPE15\Winpe). 1013.Rename the existing Winpe.bmp file as Winpe_Original.bmp. 1014.Copy PersonalizedBMP (where PersonalizedBMP is the file name of the customized splash screen to be displayed) to Winpe.bmp, and then close Windows Explorer. An additional step must be performed if creating the Windows PE image manually: •
Create the directory structure \Documents and Settings\All Users\Application Data. These directories will be empty, but they are required for the Rsaenh.dll file the task sequencer uses. If these directories are not present, the task sequencer cannot execute.
Create the ISO File for the SMS 2003 OSD Feature Pack Wizards To create the ISO file for the SMS 2003 OSD Feature Pack wizards, perform the following steps: 1015.In a Command Prompt window, go to WindowsPEFiles (where WindowsPEFiles is the folder where the Windows PE files are located). 1016.Type oscdimg -betfsboot.com -n -h sourcefolder isofile (where sourcefolder is the folder where the Windows PE source files are located and isofile is the fully qualified path and file name of the ISO file to create), and then press ENTER. For example: oscdimg -betfsboot.com -n -h “e:\WindowsPE_2005_Source” d:\Distribution\Boot\Generic_OSD_x86.iso This example creates a no-emulation bootable (-betfsboot.com) ISO image with long file name support (-n). When the image is built, any hidden files are included (-h). The source directory is E:\WindowsPE_2005_Source. The output file is Generic_OSD_x86.iso and placed in the D:\Distribution\Boot folder. 3. Store the ISO file created in step 2 in the Boot folder of the distribution point to be used. Name the ISO file Generic_OSD_x86.iso for 32-bit versions of Windows PE. Note The remaining steps in the process assume that the ISO naming convention indicated in the preceding steps is used and that the ISO file resides in the Boot folder of the target distribution point. If using a different naming convention or storing the ISO file in a different folder, substitute the custom ISO file name and folder in the remaining steps.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
27
Provide Access to the Contents of the Windows PE ISO File To import the customized Windows PE image ISO file into the SMS 2003 OSD Feature Pack, provide access to the contents of the ISO file. The Update Windows PE Wizard in the SMS 2003 OSD Feature Pack must copy the contents of the ISO file to create a WIM file that the SMS 2003 OSD Feature Pack can use. To provide the Update Windows PE Wizard to the contents of the Windows PE ISO file •
Burn the contents of the ISO file to a CD. The ISO file that was created contains the customized version of Windows PE. The CD burned will be a copy of that image. Note Do not burn the image file itself onto the CD (that is, do not create a CD that contains the ISO file). Instead, burn the contents of the image onto the CD (the files inside the ISO file).
•
For servers without local CD-ROM drives, load the ISO file on the computer running Systems Management Server (with a site server role) using the Microsoft Virtual CD-ROM Control Panel item or another, similar software tool. Install Virtual CD-ROM Control Panel on the computer with the Systems Management Server site server role that has the SMS 2003 OSD Feature Pack installed.
•
Use the contents of the source directory E:\WindowsPE_2005_Source.
For more information about these methods, see the Microsoft Help and Support article, “How to customize Windows PE by using the source files that are included with the Microsoft SMS 2003 Operating System Deployment (OSD) Feature Pack,” at http://support.microsoft.com/kb/916902.
Import the Customized Version of Windows PE into the SMS 2003 OSD Feature Pack To import the Windows PE image into the SMS 2003 OSD Feature Pack, perform the following steps: 1017.On the computer with the Systems Management Server site server role on which the SMS 2003 OSD Feature Pack is installed, start SMS Administrator Console. 1018.Right-click Image Packages, point to All Tasks, and then click Update Windows PE. 1019.Complete the Update Windows PE Wizard using the information listed in Table 20.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Table 20. Information for Completing the Update Windows PE Wizard On this page
Do this
Welcome to the Update Windows PE Wizard
Click Next.
Windows PE Settings
In the Source folder box, type the path to the flat folder contents of the Windows PE ISO file or to the deployment_point\Boot\Source folder that Deployment Workbench creates, and then click Next.
Window PE Update Complete
Click Finish.
Note The source folder location cannot be a network UNC path. It must be a locally accessible folder, because the SMS 2003 OSD Feature Pack will skip empty folders when accessed over a network path. This causes WMI not to function correctly in the resulting Windows PE image.
1020.Close SMS Administrator Console.
Create the SMS 2003 OSD Feature Pack Operating System Installation CD After importing the customized version of Windows PE into the SMS 2003 OSD Feature Pack, create the ISO file that contains the SMS 2003 OSD Feature Pack operating system installation CD. Use the SMS 2003 OSD Feature Pack operating installation CD to initiate the ZTI deployment process when unable to initiate the process using the Systems Management Server client or Windows Deployment Services. Start the target computer with the SMS 2003 OSD Feature Pack operating system installation CD to initiate the ZTI deployment process. When the process is initiated, the rest of the ZTI deployment process occurs without user interaction. To create the SMS 2003 OSD Feature Pack operating system image installation CD 1021.In SMS Administrator Console, right-click the Image Packages node, point to All Tasks, and then click Create Operating System Image Installation CD. 1022.Complete the Operating System Image Installation CD Wizard using the information listed in Table 21.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Creating a Windows PE Image
29
Table 21. Completing the Operating System Image Installation CD Wizard On this page
Do this
Welcome to the Operating System Image Installation CD Wizard
Click Next.
Installation Settings
Select the Automatically choose the OS Package to install by running a custom program or a script check box, and then click Next.
Install from SMS Distribution Points
Ensure that the central site server is specified in the list of servers, click Select All, and then click Next.
Automatically Select Operating System Package
In the File name box, type \\servername\ZTI$\ZeroTouchInstallation.vbs (where servername is the name of the server hosting the shared folder). Note The ZeroTouchInstallation.vbs file must reside on the same server as the distribution point on which the image packages reside, because a second set of credentials cannot be provided to connect to a different server (Connect to UNC). Note In the lab environment, add the /debug:true option to the end of the argument to provide additional debugging and troubleshooting information using dialog boxes in Windows PE.
In the User name box, type SMSClientAccount (where SMSClientAccount is the name of the client account created in the section, “Configure Client Access Accounts,” earlier in this document). In the Password box and Confirm password box, type Password (where Password is the password of the client account created earlier in the deployment process). Note This account can actually be any account with appropriate access to the network shares, but using the Network Access account is a typical choice.
Click Next. Note The account credentials are stored on the installation CD in an encrypted format.
Windows PE Settings
If additional network drivers are required, select the Include additional network drivers from this location check box, and then type DriverPath (where DriverPath is the fully qualified path to any additional network drivers required in the environment). If additional storage drivers are required, select the Include additional storage drivers from this location check box, and then type DriverPath (where DriverPath is the fully qualified path to any additional storage drivers required in the environment). Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
On this page
Do this
Create CD Image
In the Name box, type CDName (where CDName is the name of the CD image). In the File name box, type CDFileName (where CDFileName is the file name for the CD image).
Wizard Complete
Click Finish.
1023.Generate a CD of the operating system image contents. Note Do not burn the image file itself onto the CD (that is, do not create a CD that contains the ISO file). Instead, burn the contents of the image onto the CD (the files inside the ISO file).
The SMS 2003 OSD Feature Pack Operating System Installation image contains the Ripinfo.ini file, which in turn contains: •
The commands for the script used to automate the installation.
•
The list of available packages in the image.
•
Encrypted credentials used to access required network shares.
•
The management point name and port.
Update the images when any of the listed items change. Although the Ripinfo.ini file can be edited directly, a new image should be created using the Operating System Image Installation CD Wizard. The wizard will automatically update Ripinfo.ini to reflect any changes in the commands or available packages. Note If the image just created will be used on a Windows Deployment Services server, skip to the section, “Preparing the Windows Deployment Services Server.” Otherwise, continue the process in the section “Running the Deployment Wizard.”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the W indo ws Dep lo yment Ser vi ces Se r ver When deploying to target computers that are not managed by Systems Management Server, initiate the image installation process using Windows Deployment Services. In the ZTI deployment process, the Windows Deployment Services servers are responsible for installing Windows PE on the target computers. Start Windows PE from Windows Deployment Services to prepare the target computer for operating system image deployment. Note Windows Deployment Services performs the same functions as RIS in SMS 2003 OSD Feature Pack–based deployments. The SMS 2003 OSD Feature Pack is required by ZTI and is only compatible with RIS methods of deployment.
Ensure that the Windows Deployment Services servers have: •
Appropriate flat file image structures.
•
Copies of the Windows PE images when they become available from the development team that creates them. These images might not be ready until the end of the Developing Phase.
For more information about: •
Setting up and configuring the Windows Deployment Services server running in Legacy or Mixed mode, see “Deploying the OS Deployment Package Using RIS” in the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM.
•
Adding additional network drivers to the Windows Deployment Services legacy image on a Windows Deployment Services server, see the section, “Add Network Adapter Support to the Windows Deployment Services Legacy Image” later in this document.
Select the Windows Deployment Services Operational Mode Windows Deployment Services performs the same functions as RIS in SMS 2003 OSD Feature Pack–based deployments. The SMS 2003 OSD Feature Pack is required by ZTI and is only compatible with RIS methods of deployment. To use Windows Deployment Services, run Windows Deployment Services in Legacy mode or Mixed mode. Table 22 compares the operating modes of Windows Deployment Services.
32
Microsoft Deployment Toolkit 2008
Table 22. Windows Deployment Services Operating Modes Mode
Description
Legacy
Functionally equivalent to RIS. This configuration only supports:
Mixed
Native
•
OSChooser as the boot operating system.
•
Images created using Risetup.exe or Riprep.exe.
•
Administration using the normal RIS tools.
Allows compatibility with RIS and Windows Deployment Services. This configuration only supports: •
OSChooser or Windows PE as the boot operating system.
•
Risetup.exe, Riprep.exe, or WIM images.
•
Administration using the normal RIS tools or Windows Deployment Services management tools.
Provides support only for Windows Deployment Services and is incompatible with the SMS 2003 OSD Feature Pack and ZTI. This configuration only supports: •
Windows PE as the boot operating system.
•
WIM images.
•
Administration using the Windows Deployment Services management tools.
Note The SMS 2003 OSD Feature Pack only supports RIS compatibility. In Mixed mode, only the functionality that Legacy mode provides for ZTI deployments can be used. However, other Windows Deployment Services features can be used for LTI deployments.
In ZTI deployments that use the SMS 2003 OSD Feature Pack, using Windows Deployment Services is identical to using RIS. To configure Windows Deployment Services for ZTI and the SMS 2003 OSD Feature Pack, follow any RIS-related guidance in this document. For more information on configuring Windows Deployment Services to run in Legacy or Mixed modes, see: •
Windows Deployment Services Update Step-by-Step Guide, included in Windows Deployment Services.
•
Windows Deployment Services Help files.
Configure the Windows Deployment Services Server Perform additional Windows Deployment Services legacy (that is, RIS) image configuration specific to using Windows PE in the ZTI deployment process. To configure the Windows Deployment Services server to support Windows PE in the ZTI deployment process 1024.Disable the creation of the Windows PE computer account in the AD DS domain. 1025.Disable Windows PE logging on the Windows Deployment Services server. 1026.Automate the Windows Deployment Services Client Installation Wizard. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
33
1027.Add support to the Windows Deployment Services legacy (RIS) image for additional network adapters. 1028.Transfer the Windows PE CD images to the Windows Deployment Services servers. 1029.Restart the Windows Deployment Services service on the Windows Deployment Services servers on which the Windows Deployment Services legacy images were installed.
Disable Creation of the Windows PE Computer Account in the AD DS Domain During the ZTI deployment process, Windows PE creates a computer account in the AD DS domain by default. The computer name that Windows PE uses is temporary, and the account is no longer needed after Windows PE has prepared the target computer for Windows XP deployment. To modify the Ristndrd.sif file to disable the creation of computer accounts in the AD DS domain 1030.On the Windows Deployment Services server, open Notepad. 1031.In Notepad, open RISTemplatePath\Ristndrd.sif (where RISTemplatePath is the path to the Template folder of the Windows PE image to modify—for example, \RemoteInstall\Setup\English\Images\RIS\I386\Templates). 1032.In the [OSChooser] section, change ImageType =Flat (illustrated in Listing 1) to ImageType =WinPE, (illustrated in Listing 2). Listing 1. Ristndrd.sif Before the Modification of ImageType to Use Windows PE [OSChooser] Description ="Build 3608" Help ="SMS 2003 SP1 Build 3174.1017, OSD Build 3608, WinPE Source" LaunchFile = "%INSTALLPATH%\%MACHINETYPE%\templates\startrom.com" ImageType =Flat Version="5.1 (0)" After modification, the [OSChooser] section should resemble Listing 2. Listing 2. Ristndrd.sif After the Modification of ImageType to Use Windows PE [OSChooser] Description ="Build 3608" Help ="SMS 2003 SP1 Build 3174.1017, OSD Build 3608, WinPE Source" LaunchFile = "%INSTALLPATH%\%MACHINETYPE%\templates\startrom.com" ImageType =WinPE Version="5.1 (0)" 1033.Save the file, and then close Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008 Note In addition to completing these steps, select only Tools in the Choice Option dialog box. For more information, see the section, “Enable Tools Only in the Choice Options Dialog Box,” later in this document.
Disable Unexpected Write Access to the Windows Deployment Services Server Two problems commonly reported by users of RIS or Windows Deployment Services result from the \\servername\Reminst share having unnecessary write access. The following events occur: •
The first copy of Windows PE accessed attempts to write a Setupapi.log file to the server.
•
The WMI repository becomes corrupt after the first Windows PE boot from the server.
To prevent both of these problems, change the share permissions on the \\servername\Reminst share to: •
Ensure that the share is Read Only for all users.
•
Ensure that any account used to log on to RIS or Windows Deployment Services has Read Only access to the share.
Automate the Windows Deployment Services Client Installation Wizard Although enabling the Windows PE Tools option is automatic, the process still requires manual intervention to complete the installation of Windows PE. If a single image of Windows PE is being installed, automate the Client Installation Wizard pages in Windows Deployment Services. To automate the Windows Deployment Services Client Installation Wizard 1034.In the Choice Options dialog box, select the Tools check box, and clear all other options. 1035.Modify the Tools.osc file (and the Tlchoice.osc file for Windows Server 2003 with SP1) to enable automated installation. 1036.Modify the Login.osc file to further automate installation. 1037.Modify the Welcome.osc, Install.osc, and Oschoice.osc files to further automate installation.
Enable Tools Only in the Choice Options Dialog Box To enable the Tools (Maintenance and Troubleshooting) option in the Client Installation Wizard, perform the following steps: 1038.Open Active Directory Users and Computers. 1039.In the console tree, go to GroupPolicyContainer (where GroupPolicyContainer is either the domain or the organizational unit [OU] that contains the Windows Deployment Services servers), right-click GroupPolicyContainer, and then click Properties. 1040.On the Group Policy tab, click the default domain policy, and then click Edit. 1041.In the console tree of the Group Policy Object Editor, expand User Configuration, expand Windows Settings, and then click Remote Installation Services.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
35
1042.In the details pane, double-click Choice Options.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
1043.In the Tools section of the Choice Options Properties dialog box, click Enabled. 1044.In the Automatic Setup section, click Disabled. 1045.In the Custom Setup section, click Disabled. 1046.In the Restart Setup section, click Disabled, and then click OK. 1047.Close the Group Policy Object Editor. 1048.Close Active Directory Users and Computers.
Modify the Tools.osc and Tlchoice.osc Files Modify Tools.osc (or the Tlchoice.osc file for Windows Server 2003 with SP1) that Windows Deployment Services automatically selects as the default tool without waiting for user interaction. Note In the version of RIS in Windows Server 2003 with SP1 and later versions, two files must be modified: Tools.osc and Tlchoice.osc.
To modify the Tools.osc file (or the Tlchoice.osc file for Windows Server 2003 with SP1) 1049.On the server running Windows Deployment Services, open Notepad. 1050.In Notepad, open ToolsPath\Tools.osc (or Tlchoice.osc for SP1) (where ToolsPath is the path to the Template folder of the Windows PE image to modify—for example, \RemoteInstall\Setup\English\Images\RIS\I386\Templates). 1051.In the Tools.osc file (or the Tlchoice.osc file for SP1), locate the entry <SELECT NAME="SIF" NOAUTO SIZE=12>, shown in Listing 3. Listing 3. Original Version of Tools.osc (or Tlchoice.osc for SP1)
Use the arrow keys to select one of the following options:
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
37
<TIPAREA>
Use the arrow keys to select one of the following options:
To modify the Tools.osc file for Windows Server 2003 with SP1 or later 1054.On the Windows Deployment Services server, open Notepad. 1055.In Notepad, open ToolsPath\Tools.osc (where ToolsPath is the path to the Template folder of the Windows PE image to modify—for example, \RemoteInstall\Setup\English\Images\RIS\I386\Templates). 1056.In the Tools.osc file, search for <TITLE>. 1057.Insert a new line immediately above <TITLE>. 1058.On the new line, type <META ACTION=AUTOENTER>. 1059.Save the file, and then close Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
Customize Login.osc To customize Login.osc to provide credentials for authentication, perform the following steps: 1060.On the Windows Deployment Services server, open Notepad. 1061.In Notepad, open the file \RemoteInstall\OSChooser\English\login.osc. 1062.Replace the string "*****" with the user name and password values appropriate for the environment, as shown in Listing 5. Listing 5. Original Version of Login.osc For example, if the USERNAME value used is OSDUser and the PASSWORD value is Deploy101, the edited lines are illustrated in Listing 6. Listing 6. Modified Version of Login.osc
Customize Welcome.osc, Install.osc, and Oschoice.osc To customize Welcome.osc, Install.osc, and Oschoice.osc to provide credentials for authentication, perform the following steps: 1063.On the server running Windows Deployment Services, open Notepad. 1064.In Notepad, open OSCFile (where OSCFile is \RemoteInstall\OSChooser\Welcome.osc). 1065.In the file, search for <TITLE>. 1066.Insert a new line immediately above <TITLE>. 1067.On the new line, type <META ACTION=AUTOENTER>. 1068.Save the file, and then close Notepad. 1069.Complete steps 2–6 for the following files: •
\RemoteInstall\OSChooser\English\Install.osc
•
\RemoteInstall\OSChooser\English\Oschoice.osc
An additional copy of the Welcome.osc file is located in the \RemoteInstall\OSChooser\English folder. This is the language-specific version of the file. Modify only the version of Welcome.osc in the \RemoteInstall\OSChooser folder. Note Windows Deployment Services uses Oschoice.osc when there is more than one legacy image to choose from. It prompts the user for the appropriate image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft Systems Management Server 2003: Prepare the Server
39
Add Network Adapter Support to the Windows Deployment Services Legacy Image Add support for additional network adapters that are not available in the default configuration of Windows Deployment Services. The network drivers can be added to the Windows Deployment Services legacy image. Note Before completing this procedure, obtain the correct network drivers from the software vendor. Also obtain the Windows XP versions of the network drivers.
To add support to the Windows Deployment Services legacy image for additional network adapters, copy the files shown in Table 23. Table 23. Source Network Driver Files and Where to Copy Them in a Windows Deployment Services Legacy Image Copy these files
To
*.sys
Copy from RIS Image Path\i386\system32\drivers to RIS Image Path\i386 (where RISImagePath is the path to the root of the Windows Deployment Services legacy image—for example, D:\RemoteInstall\Setup\English\Images\WinPE15).
*.inf
Copy from RIS Image Path\i386\inf to RIS Image Path\i386.
*.din, *.bin, *.exe, or other files
RISImagePath\I386 and RISImagePath\I386\system32.
For more information about adding additional network adapters to Windows Deployment Services in Legacy or Mixed mode, see the following resources: •
Microsoft Help and Support article, “How to deploy Microsoft Windows Preinstallation Environment from an RIS server by using PXE-enabled clients,” at http://support.microsoft.com/kb/304992.
•
Microsoft Help and Support article, “‘The operating system image you selected does not contain the necessary drivers for your network adapter’ error message during the text-mode part of Setup when you deploy an operating system image by using RIS,” at http://support.microsoft.com/?id=823658. This error message occurs during the text-mode part of Setup when using Windows Deployment Services to deploy an operating system image.
•
Microsoft Help and Support article, “How to Add Third-Party OEM Network Adapters to RIS Installations,” at http://support.microsoft.com/default.aspx?scid=kb%3Benus%3B246184.
Restart Windows Deployment Services on the Windows Deployment Services Servers After adding support for additional network adapters, restart the Windows Deployment Services service on any Windows Deployment Services server on which the Windows Deployment Services legacy images are installed. This ensures that the Windows Deployment Services service recognizes the updates made in the preceding steps. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Running the De pl oymen t W izar d The high-level steps for completing the Deployment Wizard include: 1070.Verify that the folders in Table 24 no longer exist on the target computer. The ZTI process creates and uses the folders listed in Table 24 during the deployment process. If an earlier deployment terminated with errors, these folders might still exist on the target computer. Remove these folders, if they exist, before initiating a new deployment. These folders would reside on os_drive (where os_drive is the drive where the operating system is installed). Table 24. Folders to Remove Before Initiating the Deployment Wizard Folder
Description
os_drive:\Minint
This folder is preserved through the deployment process and contains deployment state information (such as user state migration information and log files).
os_drive:\_SMSTaskSequence This folder contains state information specific to the Systems Management Server Task Sequencer. 1071.In SMS Administrator Console, go to OSDImage (where OSDImage is the name of the SMS 2003 OSD Feature Pack operating system image to be deployed). 1072.Click the appropriate distribution points. 1073.Click the applications to advertise. 1074.Click the target collection for the image. For more information about how to run the Deployment Wizard, see the Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack Users Guide, which is included on the SMS 2003 OSD Feature Pack CD-ROM.
A ppendix : Extend ing Sys tems Mana gement Se r ver by Ed it ing SMS_de f.mof The Systems Management Server hardware inventory collection process can be extended by editing the SMS_def.mof file. The file edit causes the inventory collection process to retrieve the additional WMI items that MDT 2008 places on the target computer during the ZTITatoo.wsf script phase. To edit the SMS_def.mof file 1075.Open SMS_def.mof. 1076.Add the following code to the bottom of the SMS_def.mof file: #pragma namespace ("\\\\.\\root\\cimv2\\sms") [ SMS_Report (True), SMS_Group_Name ("Microsoft BDD Info"), SMS_Class_ID ("MICROSOFT|MicrosoftBDDInfo|1.0") ] class Microsoft_BDD_Info : SMS_Class_Template { [SMS_Report (TRUE), key ] string InstanceKey; [SMS_Report (TRUE) ] string DeploymentMethod; [SMS_Report (TRUE) ] string DeploymentType; [SMS_Report (TRUE) ] string DeploymentTimeStamp; [SMS_Report (TRUE) ] string BuildID; [SMS_Report (TRUE) ] string BuildName; [SMS_Report (TRUE) ] string BuildVersion; [SMS_Report (TRUE) ] string OSDPackageID; [SMS_Report (TRUE) ]
42
MSDN 2.0
string OSDProgramName; [SMS_Report (TRUE) ] string OSDAdvertisementID; }; 1077.To check the syntax of the file, open a Command Prompt window, and then type mofcomp.exe sms_def.mof -check. 1078.To compile the .mof file with the new entries on the server, open a Command Prompt window, and then type mofcomp.exe sms_def.mof. 1079.Use the command mofcomp.exe sms_def.mof to create a Systems Management Server package to push the updated .mof file to the Systems Management Server Advanced Client computers in the organization. The Systems Management Server Advanced Client computers will need updated machine policies to know that they must inventory the new entries. Following policy updates, the next hardware inventories for the computers will be uploaded to the server for reporting.
Microsoft® Deployment Toolkit 2008 Quick Start Guide for Microsoft System Center Configuration Manager 2007
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
43
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, FrontPage, SQL Server, Windows, Windows Server, Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 provides technology for deploying Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. This quick-start guide helps Information Technology personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using it to install Windows Vista® with Microsoft System Center Configuration Manager 2007. This quick-start guide demonstrates how to perform the New Computer deployment scenario. The New Computer deployment scenario covers the deployment of Windows Vista to a new computer. This scenario assumes that there is no user data or profile to preserve. Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
After using this guide to evaluate MDT 2008, review the rest of the MDT 2008 guidance to learn more about the technology’s advanced features. Note The infrastructure setup described here is for evaluation purposes and not intended for a production system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes MDT 2008 has the following prerequisites.
Required Software To complete this guide, the following software is required: •
Windows Server 2003 Release 2 (R2) with Service Pack 2 (SP2)
•
Windows Vista
•
System Center Configuration Manager
•
Windows Automated Installation Kit (Windows AIK) to help install, customize, and deploy Windows operating systems Note Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 release to manufacturing (RTM) deployments. However, Windows AIK version 1.1 is compatible with all currently supported operating system releases.
•
Windows Preinstallation Environment (Windows PE) version 2.0 (included in Windows AIK)
•
Networking services, including Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP)
•
Active Directory® Domain Services (AD DS)
Note The task sequencer used in MDT 2008 deployments requires the Create Global Object right be assigned to credentials used to access and run Deployment Workbench and the deployment process. This right is normally available to accounts with Administrator-level permissions (unless explicitly removed). Also, the Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
3
Computer Configuration To complete this guide, set up the computers listed in Table 1. These computers can be either physical computers or virtual machines (VMs) with the system resources designated. Table 1. Computers Used in This Guide Computer
Description and system resources
WDG-MDT-01
This computer runs the MDT 2008 infrastructure and System Center Configuration Manager. The computer runs Windows Server 2003 with SP2 with the following networking services installed: •
AD DS
•
DNS Server
•
DHCP Server
•
Windows Deployment Services
The system resources of the computer are as follows:
WDG-REF-01
•
Processor running at 1.4 gigahertz (GHz) or faster
•
512 megabytes (MB) or greater physical memory
•
One disk partition that has 16 gigabytes (GB) or more available disk space and that will become the drive C partition
•
One CD-ROM or DVD-ROM drive that will be assigned the drive letter D
•
One disk partition that has 16 GB or more available disk space and that will become partition E.
This is the target computer, which runs no current operating system. The system resources of the computer are as follows:
WDG-CLI-01
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
This is the target computer, which runs no current operating system. The system resources of the computer are as follows:
Solution Accelerators
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
The resources listed in Table 1 reflect the system resources recommended to perform the steps in this guide. For information on the minimum system resource requirements for: •
Windows Server 2003, see System Requirements at http://technet.microsoft.com/en-us/windowsserver/bb430827.aspx.
•
Windows Vista, see Windows Vista recommended system requirements at http://www.microsoft.com/windows/products/windowsvista/editions/systemrequiremen ts.mspx.
•
System Center Configuration Manager, see Configuration Manager Supported Configurations at http://technet.microsoft.com/enus/library/bb680717.aspx#SiteServerSystemRequirements.
•
Microsoft SQL Server® 2005, see SQL Server 2005 System Requirements at http://www.microsoft.com/sql/prodinfo/sysreqs/default.mspx.
Note This guide assumes that MDT 2008 is being evaluated on 32-bit (x86) physical or virtual computers. If evaluating MDT 2008 on 64-bit (x64) platforms, download and install the x64 editions of MDT 2008 and the components that this guide describes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 1: Pr epar e the Pr er equis ite In fr ast r uc tur e For the purposes of this guide, all the prerequisite infrastructure services run on the computer named WDG-MDT-01. Install the prerequisite software, server roles, and services on this computer before installing MDT 2008. Note This section assumes that a new System Center Configuration Manager infrastructure will be created for MDT 2008. If an existing System Center Configuration Manager infrastructure will be used, review the steps in this section and substitute existing resource names for the resources created in this section (such as computer name and shared network folders). After reviewing this section, proceed to “Step 2: Prepare the MDT 2008 Environment.”
The steps for preparing the prerequisite infrastructure before installing the MDT 2008 are: 1080.Install Windows Server 2003 with SP2. 1081.Create the required folders and network shares. 1082.Obtain the software required to perform the steps in this guide. 1083.Install AD DS. 1084.Install the DHCP Server. 1085.Install Microsoft Internet Information Services (IIS) version 6.0. 1086.Enable the Web-based Distributed Authoring and Versioning (WebDAV) Internet Services Application Programming Interface (ISAPI) extensions in IIS 6.0. 1087.Install the additional software. 1088.Create the user and service accounts required to perform the steps in this guide. 1089.Install the Windows User State Migration Toolkit (USMT) source files. 1090.Install SQL Server 2005 with SP2 to be used by System Center Configuration Manager. 1091.Add the site server to the Administrators security group. 1092.Install System Center Configuration Manager. 1093.Configure the network access account that System Center Configuration Manager clients use to access System Center Configuration Manager distribution points. 1094.Configure the System Center Configuration Manager site boundaries. 1095.Configure the publishing of site information in AD DS and DNS. 1096.Configure the drive to be used for storing System Center Configuration Manager package source files. 1097.Configure the System Center Configuration Manager distribution point to be Background Intelligent Transfer Service (BITS) enabled.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Step 1-1: Install Windows Server 2003 with SP2 Install Windows Server 2003 with SP2 by using the information in Table 2. Accept default values unless otherwise specified. Table 2. Information for Installing Windows Server 2003 with SP2 When prompted for
Provide these values
Where do you want to install Windows?
Disk 0 Unallocated Space
Password
Any strong password.
Computer name
WDG-MDT-01
Format for volumes C and E
NTFS
TCP/IP configuration
Configure with a static IP address configuration with the other TCP/IP configuration options as appropriate for the environment.
Step 1-2: Create Required Folders and Shares The MDT 2008 deployment process requires additional folders that are used as the source for files or to store files created during the MDT 2008 deployment process. Some of these folders need to be shared so that they can be accessed from other computers. To create the required folders and shares 1098.Create the E:\Source$ folders, and share the folder as Source$ with the following permissions: •
Administrators: Full Control
•
Everyone: Read
1099.Create the following folders: •
E:\Source$\Drivers
•
E:\Source$\Vista
•
E:\Source$\MDT_2008
•
E:\Source$\USMT_301
1100.Copy the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) to E:\Source$\Drivers.
Step 1-3: Obtain the Required Software Besides Windows Server 2003 with SP2, Windows Vista, and System Center Configuration Manager, software is required to evaluate MDT 2008 based on the processes in this guide. Table 3 lists the software required to perform deployments using MDT 2008, where to obtain the software, and where to place the software on WDG-MDT01. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
7
Table 3. Additional Software Required for Deployment Using MDT 2008 Obtain this software
Place in this folder
MDT 2008, available at http://microsoft.com/technet/SolutionAccelerators
E:\Source$\MDT_2008
Windows Vista distribution files from the product CD
E:\Source$\Vista
USMT version 3.0.1 at http://www.microsoft.com/downloads/details.aspx?FamilyID =799ab28c-691b-4b36-b7ad6c604be4c595&DisplayLang=en
E:\Source$\USMT_301
Device drivers required for the target computer WDG-CLI01
E:\Source$\Drivers
SQL Server 2005 from the product CD
E:\Source$\SQL2005
SQL Server 2005 SP2 at E:\Source$\SQL2005SP2 http://www.microsoft.com/downloads/details.aspx?FamilyId= d07219b2-1e23-49c8-8f0c-63fa18f26d3a&DisplayLang=en System Center Configuration Manager
E:\Source$\ConfigMgr
Microsoft XML core Services (MSXML) version 6.0 at http://www.microsoft.com/downloads/details.aspx?FamilyID =993C0BCF-3BCF-4009-BE21-27E85E1857B1
E:\Source$\MSXML60
Step 1-4: Install AD DS AD DS is required to provide authentication and act as a repository for configuration values for the Microsoft products and technologies that MDT 2008 uses, such as SQL Server 2005 and System Center Configuration Manager. To install AD DS, run the DCPROMO Wizard to configure the computer as a domain controller. Install AD DS by using the information provided in Table 4 and accepting any defaults unless otherwise specified. Table 4. Information for Installing AD DS When prompted for
Do the following
Domain type
Create a new domain in a new forest.
Fully qualified domain name (FQDN)
Type corp.woodgrovebank.com
Forest functional level
Windows Server 2003
Install DNS Server service as a part of the domain controller installation process.
Click Yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Step 1-5: Install DHCP Server DHCP Server is required to provide automatic IP configuration for the target computers. Install DHCP Server by using the information provided in Table 5 and accepting any defaults unless otherwise specified. Note If a virtualized environment will be used, disable any DHCP configuration provided by the computer virtualization software. Ensure that the DHCP Server service running WDG-MDT-01 is the only provider of IP configuration by using DHCP.
Table 5. Information for Installing DHCP Server On this wizard page
Do this
Authorize DHCP server in Active Directory
Authorize WDG-MDT-01 to provide client IP configuration.
DHCP scopes
Create an appropriate scope that can be used to automatically configure TCP/IP for WDGREF-01 and WDG-CLI-01.
Step 1-6: Install IIS 6.0 Install IIS version 6.0 with the application server components listed in Table 6. Unless otherwise specified, use the default values. The application server components listed in Table 6 are required for SQL Server 2005 and System Center Configuration Manager installation. Table 6. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
Microsoft ASP.NET
Installed
Enable network COM+ access
Installed
Enable network Microsoft Distributed Transaction Coordinator (DTC) access
Not installed
IIS: BITS Server Extensions
Installed
Common files
Installed
File Transfer Protocol (FTP) service
Not installed
Microsoft Office FrontPage® 2002 Server Extensions
Not installed
IIS Manager
Installed
Internet printing
Not installed
Network News Transfer Protocol (NNTP) Service
Not installed
Simple Mail Transfer Protocol (SMTP) Service
Not installed
World Wide Web Service: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
Application server component
9
Status
Active Server Pages (ASP)
Installed
Internet Data Connector
Not installed
Remote Administration (HTML)
Not installed
Remote Desktop Web Connection
Not installed
Server Side Includes
Installed
WebDAV Publishing
Installed
World Wide Web Service
Installed
Message Queuing
Not installed
Step 1-7: Enable the WebDAV ISAPI Extension The WebDAV Publishing component runs as an ISAPI extension in IIS. After installing the WebDAV Publishing Application Server component, allow the WebDAV ISAPI extension to run in IIS. By default, the WebDAV ISAPI extension is prohibited from running after installation. To enable the WebDAV ISAPI extension 1101.Start IIS Manager. 1102.In the IIS Manager console tree, click Web Service Extension. 1103.In the details pane, click WebDAV, and then click Allow. The status of the WebDAV should change to Allowed. 1104.Close all open windows and dialog boxes.
Step 1-8: Install Additional Software Additional software must be installed in Windows Server 2003 with SP2 to support MDT 2008. Install the following software using the default installation options: •
MSXML version 6.0
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Step 1-9: Create the User and Service Accounts System Center Configuration Manager and SQL Server 2005 require user accounts during the installation process. Table 7 lists the information needed for creating the user and service accounts. Table 7. Information for Creating the Required Accounts Create this account
With these settings
SQL Service account
In First name, type SQL. In Last name, type Service Account. In User logon name, type SQLSvcAcct. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. Make the account a member of the Domain Admins security group. In Description, type Service account used to run SQL Server 2005 services.
System Center Configuration Manager Client Network Access account
In First name, type CM 2007. In Last name, type Client Network Access. In User logon name, type CMNetAccess. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. In Description, type Service account used as the network access account for Configuration Manager 2007 Client.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
11
Step 1-10: Install USMT The USMT is used to save and restore user state migration information. For deployments based on System Center Configuration Manager, create a package that contains the USMT files so that MDT 2008 deployment process can use them. Install USMT on WDG-MDT-01 to extract the files needed to create the System Center Configuration Manager package. USMT is run on the target computers, not on WDGMDT-01. This installation only acts as a source for the package. To install USMT 1105.In Windows Explorer, go to E:\Source$\USMT_301, and then double-click: •
InstallUSMT301_x86.msi.for x86-based computers.
•
InstallUSMT301_x64.msi.for x64-based computers.
1106.Complete the installation wizard by accepting all the default values. This installs USMT in C:\Program Files\USMT301. 1107.Copy the USMT source files from C:\Program Files\USMT301 to E:\Source$\USMT301.
Step 1-11: Install SQL Server 2005 with SP2 Before installing System Center Configuration Manager, install SQL Server 2005 with SP2. Note To enable all SQL Server 2005 features, install the Web Server (IIS) server role before installing SQL Server 2005.
To install SQL Server 2005 with SP2 1108.Install SQL Server 2005 by using the information in Table 8 and accepting defaults unless otherwise specified. Table 8. Information for Installing SQL Server 2005 When prompted for
Provide these values
Components to Install
Select SQL Server Database Services. Select Reporting Services.
Service account
In User name, type SQLSvcAcct. In Password, type P@ssw0rd. In Domain, type CORP.
1109.Install SQL Server 2005 with SP2 by accepting all defaults for installing the Service Pack Installation Wizard. Tip This service pack was downloaded earlier in the process and saved in E:\Source$\SQL2005SP2.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Step 1-12: Add Site Server to the Administrators Security Group When all computers are in the same forest, manually add the site server computer account to the local Administrators group on each computer. Complete this step before configuring the computer as a site system. To add the site server to the Administrators security group 1110.Click Start, point to Administrative Tools, and then click Active Directory Users and Computers. 1111.In the Active Directory Users and Computers console tree, go to corp.woodgrovebank.com/Builtin. 1112.In the details pane, right-click Administrators, and then click Properties. 1113.In the Administrators Properties dialog box, click the Members tab, and then click Add. 1114.In the Select Users, Contacts, Computers, or Groups dialog box, click Object Types. 1115.In the Object Types dialog box, in Object types, select Computers, and then click OK. 1116.In the Select Users, Contacts, Computers, or Groups dialog box, in Enter the object names to select, type WDG-MDT-01, click Check Names, and then click OK. 1117.Close any open windows.
Step 1-13: Install System Center Configuration Manager When the other products and technologies have been installed, install System Center Configuration Manager. Before installing System Center Configuration Manager, however, extend the Active Directory schema so that computers can locate the distribution points, service locator points, and other server roles. Also, the schema can be extended after System Center Configuration Manager has been installed. To extend the Active Directory schema for System Center Configuration Manager 1118.In Windows Explorer, go to \SMSSETUP\BIN\platform on the installation media, and then double-click extadsch.exe (where platform is the processor platform). 1119.In Windows Explorer, go to C:\, and then open the ExtADSch.log file. 1120.Review the ExtADSch.log file, and ensure that the schema was extended successfully. After extending the Active Directory schema, install System Center Configuration Manager. The configuration of WDG-MDT-01 supports System Center Configuration Manager for this sample. The configuration of computers in the production network may vary. To find out more about the prerequisites for installing System Center Configuration Manager, see Prerequisites for Installing Configuration Manager at http://technet.microsoft.com/en-us/library/bb694113.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
13
To install System Center Configuration Manager 1121.Install System Center Configuration Manager by using the information in Table 9. Accept the defaults unless otherwise specified. Table 9. Information for Installing System Center Configuration Manager On this wizard page
Do this
Site Settings
In Site code, type NYC. In Site name, type New York City Site.
Site Mode
Click Configuration Manager Mixed Mode.
Updated Prerequisite Components
Select the appropriate option for obtaining client prerequisite component files. Files can either be downloaded as part of Setup, an alternate location where the client prerequisite component files have already been downloaded to can be used.
Updated Prerequisite Component Path
Specify the path to store client prerequisite component files downloaded during Setup or the path to the alternate location where client prerequisite component files have previously been downloaded to. Note The Setup command-line option Setup /download path_to_files can be used to download client prerequisite component files without running the complete Configuration Manager Setup wizard.
At the end of this step, System Center Configuration Manager is installed. To find more help in troubleshooting any installation-related problems, see Troubleshooting Configuration Manager 2007 at http://technet.microsoft.com/enus/library/bb632812.aspx.
Step 1-14: Configure the Network Access Account The System Center Configuration Manager client needs an account to provide credentials when accessing the System Center Configuration Manager distribution points, MDT 2008 deployment points, and shared folders. This account is called the Network Access account. The CMNetAccess account was created earlier in the process to use as the Network Access account. To configure the Network Access account 1122.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1123.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site/Site Settings/Client Agents. 1124.In the details pane, right-click Computer Client Agent, and then click Properties.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1125.In the Computer Client Agent Properties dialog box, click the General tab. In Network Access Account, in Account (domain\user), click Set. 1126.Complete the Windows User Account dialog box using the information in Table 10, and then click OK. Table 10. Information Required to Complete the Windows User Account Dialog Box For this
Do this
User name
Type CORP\CMNetAccess.
Password
Type P@ssw0rd.
Confirm password
Type P@ssw0rd.
1127.Close any open windows.
Step 1-15: Configure the Configuration Manager Site Boundaries The System Center Configuration Manager client needs to know the boundaries for the site. Unless the site boundaries are specified, the client assumes that the computer running System Center Configuration Manager is in a remote site. Add a site boundary based on the IP subnet used by WDG-MDT-01, WDG-REF-01, and WDG-CLI-01. To configure the System Center Configuration Manager site boundaries 1128.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1129.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site/Site Settings/Boundaries. 1130.In the details pane, click New Boundary. 1131.Complete the New Site Boundary dialog box using the information in Table 11, and then click OK. Note For this sample, the site boundary is specified by network address. However, site boundaries can also be specified by using an AD DS site name or an IP address range.
Table 11. Information Required to Complete the New Site Boundary Dialog Box For this
Do this
Description
Type IP Subnet Boundary.
Network
Type network_address (where network_address is the network address of the subnet where the computers are installed).
Subnet mask
Type subnet_mask (where subnet_mask is the subnet mask of the subnet where the computers are installed).
1132.Close any open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 1
15
Step 1-16: Configure Publishing of Site Information The System Center Configuration Manager client needs to locate the various System Center Configuration Manager server roles. Modify the site properties to publish the site information in AD DS and in DNS. To configure the publishing of site information in AD DS and in DNS 1133.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1134.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site. 1135.In the details pane, click Properties. 1136.Complete the Advanced tab of the NYC - New York City Site Properties dialog box by performing the following steps, and then click OK: p. Select the Publish this site in Active Directory Domain Services check box. q. Select the Publish the default management point in DNS (intranet only) check box. 1137.Close any open windows.
Step 1-17: Configure the Drive for Storing Package Source Files System Center Configuration Manager stores the source packages on a local drive. By default, System Center Configuration Manager stores the source packages on drive C. Configure System Center Configuration Manager to store the source packages on drive E. To configure the drive for storing System Center Configuration Manager package source files 1138.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1139.In the Configuration Manager console console tree, go to Site Database/Site Management/NYC - New York City Site/Site Settings/Component Configuration. 1140.In the details pane, right-click Software Distribution, and then click Properties. 1141.In the Software Distribution Properties dialog box, in Drive on site server, type E:\, and then click OK. 1142.Close any open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Step 1-18: Configure the Distribution Point to Be BITS Enabled Using BITS-enabled distribution points in System Center Configuration Manager helps control bandwidth throttling between the clients and distribution points. Enabling the BITS setting does not guarantee that the client will always download content from the distribution point using BITS. However, if this setting is not enabled, the client will never download packages using BITS. To configure a distribution point to be BITS enabled 1143.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1144.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Site Management/NYC - New York City Site/Site Settings/Site Systems/WDG-MDT-01. 1145.In the details pane, right-click ConfigMgr distribution point, and then click Properties. 1146.In the ConfigMgr Distribution Point Properties dialog box, on the General tab, select the Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS (required for device clients and Internet-based clients) check box, and then click OK. 1147.Close any open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 2: Pr epar e the MDT 2008 En vir onmen t The first step in the process is to prepare the MDT 2008 environment. When this step is completed, the reference computer can be created and a captured image of the reference computer deployed to the target computer (WDG-CLI-01) using System Center Configuration Manager integration with MDT 2008. To prepare the MDT 2008 environment 1148.Install MDT 2008. 1149.Enable Configuration Manager Console integration by running the Configure ConfigMgr 2007 Integration script.
Step 2-1: Install MDT 2008 To install MDT 2008, perform the following steps: 1150.In Windows Explorer, go to E:\Source$\MDT_2008. 1151.Double-click MicrosoftDeploymentToolkit_x86.msi (for 32-bit operating systems) or MicrosoftDeploymentToolkit_x64.msi (for 64-bit operating systems), and then click Install. 1152.Click Next to skip the welcome page. 1153.On the End-User License Agreement page, review the license agreement, select I accept the terms in the License Agreement, and then click Next. 1154.On the Custom Setup page, click Next. 1155.Click Install. The installation process status is displayed, then finishes. 1156. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Step 2-2: Enable Configuration Manager Console Integration Before the System Center Configuration Manager integration features of MDT 2008 can be used, run the Configure ConfigMgr 2007 Integration script. The Configure ConfigMgr 2007 Integration script copies the appropriate integration files to the folder where System Center Configuration Manager is installed. The script also adds Windows Management Instrumentation (WMI) classes for the new MDT 2008 custom actions. The classes are added by compiling a new Managed Object Format (.mof) file that contains the new class definitions. To enable Configuration Manager console integration Note
Ensure that Configuration Manager console is closed while performing these steps.
1157.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Configure ConfigMgr 2007 Integration. The Configure ConfigMgr 2007 Integration script starts. 1158.In the Configure ConfigMgr Integration dialog box, in Site server name, verify the value is WDG-MDT-01. 1159.In Site code, verify that the value is NYC, and then click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 3: Impor t and Co nf igur e a Task Sequence t o Cr ea te a Refer ence Co mpute r After the MDT 2008 environment is prepared, create the reference computer. The reference computer is used as the template for deploying new images to the target computers. Configure this computer (WDG-REF-01) exactly as the target computers will be configured. An image of the reference computer will be captured and the image deployed to the target computers. To create the reference computer, WDG-REF-01 1160.Create an MDT 2008 task sequence template to deploy Window Vista to the reference computer. 1161.Select the distribution points for the new packages and images created by the Import Microsoft Deployment Task Sequence Wizard. 1162.Add the necessary device drivers to a new drive package and to the appropriate boot images. 1163.Configure the MDT 2008 configuration files for the reference computer—specifically, the CustomSettings.ini file. 1164.Update the System Center Configuration Manager distribution points for the Custom Settings Files package. 1165.Customize the task sequence for the reference computer.
Step 3-1: Create an MDT 2008 Task Sequence for the Reference Computer Create task sequences in System Center Configuration Manager that are integrated with MDT 2008 by using the Import Microsoft Deployment Task Sequence Wizard in Configuration Manager console. MDT 2008 includes task sequence templates that can be imported into System Center Configuration Manager. Table 12 lists the task sequence templates that are included in MDT 2008, the file name for each template, and a description of the template. The template files are located in the install_folder\SCCM folder (where install_folder is the folder in which MDT 2008 was installed).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
Table 12. Task Sequence Templates Included in MDT 2008 Template
File name
Select this template to
Standard Client Task Sequence
SCCM_Client.xml
Deploy to client computers for all scenarios except the Replace Computer scenario.
Standard Client Replace Task Sequence
SCCM_ClientReplace.xml
Deploy to client computers for the Replace Computer scenario.
Custom Task Sequence
SCCM_Custom.xml
Create a custom task sequence that installs applications without an operating system installation.
Standard Server Task Sequence
SCCM_Server.xml
Deploy to server computers for all scenarios.
Import the Standard Client Task Sequence template to deploy Windows Vista to the reference computer (WDG-REF-01). The Import Microsoft Deployment Task Sequence Wizard substitutes the packages and images selected for the placeholders in the task sequence templates. After completing the wizard, the new imported task sequence references the appropriate packages and images. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
To create a task sequence for deploying the reference computer 1166.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1167.In the Configuration Manager console tree, go to Site Database/Computer Management/Task Sequences. 1168.In the details pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard starts. 1169.Complete the Import Microsoft Deployment Task Sequence Wizard by using the information in Table 13. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
21
Table 13. Information for Completing the Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do this
Choose Template
Select Client Task Sequence, and then click Next.
General
In Task sequence name, type Windows Vista Reference Deployment. In Task sequence comments, type Task sequence for deploying Windows Vista to the reference computer (WDG-REF-01), and then click Next.
Details
Click Join a workgroup. In Workgroup, type WORKGROUP. In User name, type Woodgrove Bank Employee. In Organization name, type Woodgrove Bank. In Product key, type product_key (where product_key is the product key for Windows Vista). In Capture destination, type \\WDG-MDT01\Capture$\WDG-REF-01.wim. In Capture Account, click Set, and then complete the Windows User Account dialog box by performing the following steps: 1170.In User name, type CORP\Administrator. 1171.In Password and Confirm password, type P@ssw0rd. 1172.Click OK. Click Next.
Boot Image
Click Create a new boot image package. In Package source folder to be created, type \\WDGMDT-01\Packages$\WINPE_Custom, and then click Next.
Boot Image: General Settings
In Name, type Windows PE Custom. In Version, type 1.00. In Comments, type Customized version of Windows PE to be used in deployment of reference and target computers, and then click Next.
Boot Image: Image Options
Click Next.
MDT Package
Click Create a new Microsoft Deployment Toolkit Files package. In Package source folder to be created, type \\WDGMDT-01\Packages$\MDT_2008_Files, and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
On this wizard page
Do this
MDT Package: MDT Details
In Name, type MDT 2008 Files. In Version, type 1.00. In Comments, type Provides access to MDT 2008 software during Configuration Manager deployment process, and then click Next.
OS Image
Click Create a new OS install package. In OS installation folder location, type \\WDG-MDT01\Source$\Vista. In Package source folder to be created, type \\WDGMDT-01\Packages$\Vista, and then click Next.
OS Image: Image Details
In Name, type Windows Vista. In Version, type 1.00. In Comments, type Windows Vista package used to deploy to reference computers, and then click Next.
Client Package
Click Create a new ConfigMgr client package, and then click Next.
USMT Package
Click Create a new USMT package. In Path to USMT executables and related files, type \\WDG-MDT-01\Source$\USMT301. In Package source folder to be created, type \\WDGMDT-01\Packages$\USMT301, and then click Next.
USMT Package: USMT Details
In Name, type USMT. In Version, type 3.01. In Comments, type USMT files used to capture and restore user state migration information, and then click Next.
Settings Package
Click Create a new settings package. In Package source folder to be created, type \\WDGMDT-01\Packages$\CustomSettings_Reference, and then click Next.
Settings Package: Settings Details
In Name, type MDT 2008 Reference Computer Custom Settings. In Version, type 1.00. In Comments, type Configuration settings for MDT 2008 deployment process (such as CustomSettings.ini) for the reference computer, and then click Next.
Sysprep Package
Solution Accelerators
Click Next.
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
23
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported. Note
This process can take several minutes to finish.
Step 3-2: Select Distribution Points for Packages and Images The Import Microsoft Deployment Task Sequence Wizard creates a number of packages and images. After these packages and images are created, select the distribution points from which the packages and images will be copied and available to target computers. Note In this sample, there is only one distribution point (WDG-MDT-01). However, most production networks have multiple distribution points. When performing this step in a production environment, select the appropriate distribution points for the network.
Select the distribution points for software distribution packages, boot images, and operating system install packages. To select the distribution points for software distribution packages 1173.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Software Distribution/Packages. 1174.In the details pane, click MDT 2008 Reference Computer Custom Settings. 1175.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1176.Complete the Manage Distribution Points Wizard by using the information in Table 14. Accept default values unless otherwise specified. Table 14. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1177.Repeat steps 2–4 of this procedure, substituting each of the following packages for MDT 2008 Reference Computer Custom Settings: •
MDT 2008 Files
•
USMT
•
Configuration Manager Client Upgrade
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
To select the distribution points for boot images 1178.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Boot Images. 1179.In the details pane, click Windows PE Custom. 1180.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1181.Complete the Manage Distribution Points Wizard by using the information in Table 15. Accept the default values unless otherwise specified. Table 15. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
To select the distribution points for operating system installation packages 1182.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Operating System Install Packages. 1183.In the details pane, click Windows Vista. 1184.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1185.Complete the Manage Distribution Points Wizard by using the information in Table 16. Accept the default values unless otherwise specified. Table 16. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1186.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
25
Step 3-3: Add Necessary Device Drivers When the MDT 2008 task sequence has been imported, add any device drivers required for the reference computer (WDG-REF-01) to the Windows PE boot image and to the Windows Vista image. Add the device drivers in the Drivers node in Configuration Manager console. Create a package that contains the device drivers, and inject the drivers into the custom Windows PE image created earlier in the process. After creating the package that contains the device drivers, select the distribution point on which the package will be deployed. To add the necessary device drivers 1187.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1188.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Drivers. 1189.In the console tree, right-click Drivers, and then click Import. The Import New Driver Wizard starts. 1190.Complete the Import New Driver Wizard by using the information in Table 17. Accept the default values unless otherwise specified. Table 17. Information for Completing the Import New Driver Wizard On this wizard page
Do this
Locate Driver
In Source folder, type \\WDG-MDT01\Source$\Drivers, and then click Next.
Locate Driver: Driver Details
Click Next.
Locate Driver: Add Driver to Packages
Click New Package. Complete the New Driver Package dialog box by performing the following steps: 1191.In Name, type device_driver_name Package (where device_driver_name is a descriptive name for the device drivers). 1192.In Comment, type Device drivers that are necessary for the reference and target computers. 1193.In Driver package source, type \\WDG-MDT01\Packages$\Drivers, and then click OK. Click Next.
Locate Driver: Add Driver to Boot Images
In the list of images, select the Windows PE Custom check box. Select the Update distribution points when finished check box, and then click Next.
Summary
Click Next.
Confirmation
Click Close.
To select the distribution points for the driver package Solution Accelerators microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
1194.In the Configuration Manager console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Driver Packages. 1195.In the details pane, click device_driver_name Package (where device_driver_name is a descriptive name for the device drivers). 1196.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1197.Complete the Manage Distribution Points Wizard by using the information in Table 18. Accept default values unless otherwise specified. Table 18. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1198.Close all open windows and dialog boxes.
Step 3-4: Customize MDT 2008 Configuration Files When the MDT 2008 task sequence has been imported, customize the MDT 2008 configuration files that provide the configuration settings for deploying Windows Vista to the target computer. Specifically, customize the CustomSettings.ini file. When the CustomSettings.ini file customization is finished, save the updated files to the source folder for the MDT 2008 Reference Computer Custom Settings package created earlier in the process (E:\Packages$\CustomSettings_Reference). Then, add the DoCapture property and value to the CustomSettings.ini file so that the MDT 2008 deployment process captures an image of the reference computer (WDGREF-01) after deploying Windows Vista.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 3
27
To customize the MDT 2008 configuration files for the reference computer 1199.In Windows Explorer, go to E:\Packages$\CustomSettings_Reference, and then double-click CustomSettings.ini. 1200.In Microsoft Notepad, add DoCapture=Yes to the end of the CustomSettings.ini file, as shown in Listing 1. Listing 1. CustomSettings.ini File After Adding the DoCapture Property [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y DoCapture=Yes 1201.In Notepad, save the file, and then exit Notepad.
Step 3-5: Update Distribution Points for the Custom Settings Package When the source folder has been updated for the MDT 2008 Reference Computer Custom Settings package in System Center Configuration Manager, update the distribution points for the MDT 2008 Reference Computer Custom Settings Files package. Updating the distribution points copies the updated version of the CustomSettings.ini file to the deployment points specified in the package. To update the distribution points for the Custom Settings package 1202.Click Start, point to All Programs, and then click Microsoft System Center. Click Configuration Manager 2007, and then click ConfigMgr Console. 1203.In the Configuration Manager console tree, go to Site Database/Computer Management/Software Distribution/Packages, and then click MDT 2008 Reference Computer Custom Settings 1.00. 1204.In the details pane, click Update Distribution Points. 1205.In the Confirm Update Distribution Points dialog box, click Yes. 1206.Close all open windows and dialog boxes. System Center Configuration Manager starts updating the distribution points with the latest versions of the CustomSettings.ini file. This process could take several minutes. Check the status of the package until the State value of the package status is Installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Step 3-6: Customize the Reference Computer Task Sequence For most deployments, the Windows Vista Reference Deployment task sequence created earlier in the process performs all the necessary steps without modification. In this sample, modify the task sequence to set the password for the local Administrator account to a known value. By default, the task sequence sets the password for the local Administrator account to a random value. Further customization of the task sequence may be required depending on the environment. To customize the Windows Vista Reference Deployment task sequence 1207.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1208.In the Configuration Manager console console tree, go to Site Database/Computer Management/Operating System Deployment/Task Sequences. 1209.In the details pane, click Windows Vista Reference Deployment. 1210.In the details pane, click Edit. 1211.In the Windows Vista Reference Deployment Task Sequence Editor dialog box, go to PostInstall/Apply Windows Settings. 1212.On the Properties tab, click Enable the account and specify the local administrator password. 1213.On the Properties tab, in Password and Confirm Password, type P@ssw0rd, and then click Apply. 1214.Make any additional modifications to the task sequence that environment requires, and then click OK. 1215.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 4: Depl oy W indo ws V ist a and Ca ptur e an I ma ge o f the Refer ence Co mpute r When the task sequence has been created to deploy Windows Vista to the reference computer and an image of the reference computer captured, start the task sequence. Create the operating system capture by using the Task Sequence Media Wizard in Configuration Manager console. To deploy Windows Vista and capture an image of the reference computer 1216.Add the reference computer to the Configuration Manager site database. 1217.Create a collection that contains the reference computer added in the previous step. 1218.Create an advertisement for the reference computer task sequence. 1219.Create a task sequence bootable media disk by using the Task Sequence Media Wizard. 1220.Start the reference computer with the task sequence bootable media disk.
Step 4-1: Add the Reference Computer to the Configuration Manager Site Database To deploy an operating system to a new computer without stand-alone media that System Center Configuration Manager does not currently manage, the new computer must be added to the Configuration Manager site database prior to initiating the operating system deployment process. Although System Center Configuration Manager can automatically discover computers on the network that have a Windows operating system installed, if the computer has no operating system installed, import the new computer information by using the Import Computer Information Wizard. To add the reference computer to the Configuration Manager site database 1221.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1222.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Computer Associations. 1223.In the details pane, click Import computer Information. The Import Computer Information Wizard starts. 1224.Complete the Import Computer Information Wizard by using the information in Table 19. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
Table 19. Information for Completing Import Computer Information Wizard On this wizard page
Do this
Select Source
Click Import single computer, and then click Next.
Single Computer
In Computer Name, type WDG-REF-01. In MAC address, type mac_address (where mac_address is the media access control (MAC) address of the primary network adapter for the reference computer, WDG-REF-01). Click Next.
Data Preview
Click Next.
Choose Target Collection
Click Next.
Summary
Click Next.
Wizard Completed
Click Close.
For more information on adding a new computer to the Configuration Manager site database, see “How to Add a New Computer to the Configuration Manager Database” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 4-2: Create a Collection for the Reference Computer In Configuration Manager console, create a collection that includes the reference computer (WDG-REF-01). This computer collection is used later when advertising the task sequence created earlier in the process. To create a collection that includes the reference computer 1225.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1226.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Collections. 1227.In the details pane, click New Collection. The New Collection Wizard starts. 1228.Complete the New Collection Wizard by using the information in Table 20. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 4
31
Table 20. Information for Completing the New Collection Wizard On this wizard page
Do this
General
In Name, type Microsoft Deployment – Reference Computer In Comment, type Computer that is to be the reference computer for the target computers to be deployed. Click Next.
Membership Rules
Click the Computer icon. Complete the Create Direct Membership Rule Wizard by performing the following steps: 1229.On the Welcome page, click Next. 1230.On the Search for Resources page, in Resource class, select System Resource; in Attribute name, select Name; in Value, type WDG-REF-01; and then click Next. 1231.On the Collection Limiting page, click Next. 1232.On the Select Resources page, select WDG-REF01, and then click Next. 1233.On the Finished page, click Finish. Click Next.
Advertisements
Click Next.
Security
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Create a Collection,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
Step 4-3: Create an Advertisement for the Reference Computer Task Sequence In Configuration Manager console, create an advertisement for the task sequence created earlier in the process. Advertise the task sequence to the collection that includes the reference computer created earlier in the process. To create an advertisement for the task sequence 1234.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1235.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Task Sequences. 1236.In the details pane, click Windows Vista Reference Deployment. 1237.In the details pane, click Advertise. The New Advertisement Wizard starts. 1238.Complete the New Advertisement Wizard by using the information in Table 21. Accept the default values unless otherwise specified. Table 21. Information for Completing the New Advertisement Wizard On this wizard page
Do this
General
In Comment, type Advertisement to deploy Windows Vista to the reference computer and then capture an image of the reference computer. In Collection, click Browse. In the Browse Collection dialog box, click Microsoft Deployment – Reference Computer, and then click OK. Select the Make this task sequence available to boot media and PXE check box. Click Next.
Schedule
Click Next.
Distribution Points
Click Next.
Interaction
Click Next.
Security
Click Next.
Summary
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Advertise Task Sequences,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 4
33
Step 4-4: Create Task Sequence Bootable Media A method must be provided for starting the computer with Windows PE and the necessary software to initiate the MDT 2008 process. Create the task sequence bootable media by using the Task Sequence Media Wizard in Configuration Manager console. Use the Task Sequence Media Wizard to create bootable media that can be stored on a USB flash drive (UFD), CD, or DVD. To create task sequence bootable media 1239.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1240.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Task Sequences. 1241.In the details pane, click Create Task Sequence Media. The Task Sequence Media Wizard starts. 1242.Complete the Task Sequence Media Wizard by using the information in Table 22. Accept the default values unless otherwise specified. Table 22. Information for Completing the Task Sequence Media Wizard On this wizard page
Do this
Select Media Type
Click Bootable media, and then click Next.
Media type
In Media file, type \\WDG-MDT01\Capture$\CM2007_TS_Boot_Media.iso, and then click Next.
Security
In Password and Confirm password, type P@ssw0rd, and then click Next.
Boot image
In Boot image, click Browse. In the Select a Boot Image dialog box, click Windows PE Custom, and then click OK. Click Next.
Summary
Click Next.
Confirmation
Click Close.
The wizard creates the CM2007_TS_Boot_Media.iso file in the \\WDG-MDT01\Capture$ shared folder. 1243.If WDG-REF-01 is a physical computer, create a CD or DVD of the International Organization for Standardization (ISO) file. If WDG-REF-01 is a VM, start the VM directly from the ISO file. For more information on creating the task sequence bootable media, see the section, “How to Create Task Sequence Bootable Media,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Step 4-5: Start the Reference Computer with the Task Sequence Bootable Media Start the reference computer (WDG-REF-01) with the task sequence bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 process. At the end of the MDT 2008 process, Windows Vista is deployed on the reference computer and an image of the reference computer is saved to \WDG-MDT-01\Capture$\WDG-REF-01.wim. Note The MDT 2008 process can also be initiated by starting the target computer from Windows Deployment Services. For more information, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts.
To start the reference computer with the task sequence bootable media 1244.Start WDG-REF-01 with the task sequence bootable media created earlier in the process. Windows PE starts, and then the Task Sequence Wizard starts 1245.Complete the Task Sequence Wizard by using the information in Table 23. Accept the default values unless otherwise specified. Table 23. Information for Completing the Task Sequence Wizard On this wizard page
Do this
Welcome to the Task Sequence Wizard
In Password, type P@ssw0rd, and then click Next.
Select a Task Sequence In the list box, select Windows Vista Reference Deployment, and then click Next. The wizard starts, and the operating system deployment starts. If any problems occur during the deployment, consult the MDT 2008 document, Troubleshooting Reference. When completed, a captured image of the reference computer should exist in \\WDGMDT-01\Capture$\WDG-REF-01.wim.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 5: Impor t and Co nf igur e a Task Sequence t o Dep lo y the Tar ge t C ompu ter After the task sequence to deploy the reference computer (WDG-REF-01) finishes, a captured image of the reference computer is stored in \\WDG-MDT-01\Capture$\WDGREF-01.wim. Now, create a task sequence that will deploy the captured image of reference computer to the target computer (WDG-CLI-01). When this step is complete, the captured image of the reference computer can be deployed to the target computer. To import and configure a task sequence to deploy the target computer 1246.Create an MDT 2008 task sequence template to deploy the captured image of the reference computer to the target computer using the Import Microsoft Deployment Task Sequence Wizard. 1247.Select the distribution points for the new packages and images created by the Import Microsoft Deployment Task Sequence Wizard. 1248.Customize the MDT 2008 configuration files for the target computer—specifically, the CustomSettings.ini file. 1249.Update the System Center Configuration Manager distribution points for the Custom Settings Files package. 1250.Customize the task sequence for the target computer.
Step 5-1: Create an MDT 2008 Task Sequence for the Target Computer After the image is captured, create a task sequence to deploy the captured image of the reference computer (WDG-REF-01) to the target computer (WDG-CLI-01). Most of the packages needed for this task sequence were created earlier in the process. However, a new MDT 2008 Custom Settings package must be created that has the proper configuration settings for the target computer and creates an operating system image of the captured image of the reference computer. To create a task sequence to deploy the captured image to the target computer 1251.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1252.In the Configuration Manager console console tree, go to Site Database/Computer Management/Task Sequences. 1253.In the details pane, click Import Microsoft Deployment Task Sequence. The Import Microsoft Deployment Task Sequence Wizard starts. 1254.Complete the Import Microsoft Deployment Task Sequence Wizard by using the information in Table 24. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Table 24. Information for Completing Import Microsoft Deployment Task Sequence Wizard On this wizard page
Do this
Choose Template
Select Client Task Sequence, and then click Next.
General
In Task sequence name, type Windows Vista Target Deployment. In Task sequence comments, type Task sequence for deploying captured reference computer image to the target computer (WDG-CLI-01), and then click Next.
Details
Click Join a domain. In Domain, type corp.woodgrovebank.com. In Account, click Set, and then complete the Windows User Account dialog box by performing the following steps: 1255.In User name, type CORP\Administrator. 1256.In Password and Confirm password, type P@ssw0rd. 1257.Click OK. In User name, type Woodgrove Bank Employee. In Organization name, type Woodgrove Bank. In Product key, type product_key (where product_key is the product key for Windows Vista). In Capture destination, type \\WDG-MDT01\Capture$\WDG-CLI-01.wim. In Capture Account, click Set, and then complete the Windows User Account dialog box by performing the following steps: 1258.In User name, type CORP\Administrator. 1259.In Password and Confirm password, type P@ssw0rd. 1260.Click OK. Click Next.
Boot Image
In Specify an existing boot image package, click Browse. In Select a Package dialog box, click Windows PE Custom, and then click OK. Click Next.
MDT Package
In Specify an existing Microsoft Deployment Toolkit Files package, click Browse. In the Select a Package dialog box, click MDT 2008 Files, and then click OK. Click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 5
On this wizard page
Do this
OS Image
Click Create a new OS image.
37
In OS image file (WIM) location, type \\WDG-MDT01\Capture$\WDG-REF-01.wim. In Package source folder to be created, type \\WDGMDT-01\Package$\WDG-REF-01_Image. Click Next. OS Image: Image Details
In Name, type Windows Vista Reference Image. In Version, type 1.00. In Comments, type Windows Vista captured image of reference computer (WDG-REF-01) used to deploy to target computers, and then click Next.
Client Package
In Specify an existing ConfigMgr client package, click Browse. In the Select a Package dialog box, click Configuration Manager Client Upgrade, and then click OK. Click Next.
USMT Package
In Specify an existing USMT package, click Browse. In the Select a Package dialog box, click USMT, and then click OK. Click Next.
Settings Package
Click Create a new settings package. In Package source folder to be created, type \\WDGMDT-01\Packages$\CustomSettings_Target, and then click Next.
Settings Package: Settings Details
In Name, type MDT 2008 Target Computer Custom Settings. In Version, type 1.00. In Comments, type Configuration settings for MDT 2008 deployment process (such as CustomSettings.ini) for the target computer, and then click Next.
Sysprep Package
Click Next.
The Summary wizard page displays a status bar that shows the progress of the tasks defined in the wizard. The Import Microsoft Deployment Task Sequence Wizard closes when the task sequence is imported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
Step 5-2: Select Distribution Points for Packages and Images Running the Import Microsoft Deployment Task Sequence Wizard to create the task sequence for the target creates a new software distribution package and a new image. After the package and image are created, you need to select the distribution points where the package and image will be copied and available to target computers. Note In this sample, there is only one distribution point (WDG-MDT-01). However, in most production networks there are multiple distribution points. When performing this step in a production environment, select the appropriate distribution points for the network.
Select the distribution points for the software distribution package (for the new target computer custom settings package MDT 2008 Target Computer Custom Settings) and the operating system image package (for the new captured .wim of the reference computer Windows Vista Reference Image). To select the distribution points for software distribution package 1261.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Software Distribution/Packages. 1262.In the details pane, click MDT 2008 Target Computer Custom Settings. 1263.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1264.Complete the Manage Distribution Points Wizard by using the information in Table 25. Accept the default values unless otherwise specified. Table 25. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
To select the distribution points for operating system images 1265.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Operating System Images. 1266.In the details pane, click Windows Vista Reference Image. 1267.In the details pane, click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1268.Complete the Manage Distribution Points Wizard by using the information in Table 26. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 5
39
Table 26. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome
Click Next.
Select Destination Distribution Point
Click Next.
Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completion
Click Next.
Wizard Completed
Click Close.
1269.Close all open windows and dialog boxes.
Step 5-3: Customize the MDT 2008 Configuration Files When the MDT 2008 task sequence has been imported, customize the MDT 2008 configuration files that provide the configuration settings for deploying Windows Vista to the target computer. Specifically, customize the CustomSettings.ini file. When the CustomSettings.ini file has been customized, save the updated files to the source folder for the MDT 2008 Custom Settings package created earlier in the process (E:\Packages$\CustomSettings_Target). To customize the MDT 2008 configuration files for the target computer 1270.In Windows Explorer, go to E:\Packages$\CustomSettings_Target folder, and then double-click CustomSettings.ini. 1271.In Notepad, add any necessary properties to the CustomSettings.ini file, as shown in Listing 2, that the environment requires. Listing 2. Default CustomSettings.ini File [Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y 1272.In Notepad, save the file and then exit Notepad.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
Step 5-4: Update Distribution Points for the Custom Settings Package When the source folder has been updated for the MDT 2008 Target Computer Custom Settings package in System Center Configuration Manager, update the distribution points for the MDT 2008 Target Computer Custom Settings package. Updating the distribution points copies the updated version of the CustomSettings.ini file to the deployment points specified in the package. To update the distribution points for the Custom Settings package 1273.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1274.In the Configuration Manager console console tree, go to Site Database/Computer Management/Software Distribution/Packages, and then click MDT 2008 Target Computer Custom Settings 1.00. 1275.In the details pane, click Update Distribution Points. 1276.In the Confirm Update Distribution Points dialog box, click Yes. 1277.Close all open windows and dialog boxes. System Center Configuration Manager starts updating the distribution points with the latest versions of the CustomSettings.ini file. This process could take several minutes. Check the status of the package until the State value of the package status is Installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft System Center Configuration Manager 2007: Step 5
41
Step 5-5: Customize the Target Computer Task Sequence For most deployments, the Windows Vista Target Deployment task sequence created earlier in the process performs all the necessary steps without modification. In this sample, modify the task sequence to set the password for the local Administrator account to a known value. By default, the task sequence sets the password for the local Administrator account to a random value. The task sequence may require further customization depending on the environment. To customize the Windows Vista Target Deployment task sequence 1278.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1279.In the Configuration Manager console console tree, go to Site Database/Computer Management/Operating System Deployment/Task Sequences. 1280.In the details pane, click Windows Vista Target Deployment. 1281.In the details pane, click Edit. 1282.In the Windows Vista Reference Deployment Task Sequence Editor dialog box, go to PostInstall/Apply Windows Settings. 1283.On the Properties tab, click Enable the account and specify the local administrator password. 1284.On the Properties tab, in Password and Confirm Password, type P@ssw0rd, and then click Apply. 1285.Make any additional modifications to the task sequence that the environment requires, and then click OK. 1286.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 6: Depl oy the Ca ptur ed Ima ge of t he R ef er ence C ompu ter to the Tar ge t Co mpute r After the image of the reference computer is captured and the task sequence is imported and configured, deploy the captured image. Configure MDT 2008 to provide all the necessary configuration settings to deploy to the target computer. After initiating the deployment process, the image of the reference computer running Windows Vista is automatically deployed to the target computer and configured with the settings defined. To deploy the captured image 1287.Add the target computer to the Configuration Manager site database. 1288.Create a computer collection that includes the target computer. 1289.Create a System Center Configuration Manager advertisement for the task sequence earlier in the process. 1290.Start the target computers with the task sequence bootable media.
Step 6-1: Add the Target Computer to the Configuration Manager Site Database To deploy an operating system to a new computer without stand-alone media that System Center Configuration Manager does not currently manage, the new computer must be added to the Configuration Manager site database prior to initiating the operating system deployment process. Although System Center Configuration Manager can automatically discover computers on the network that have a Windows operating system installed, if the computer has no operating system installed, import the new computer information by using the Import Computer Information Wizard. To add the target computer to the Configuration Manager site database 1291.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1292.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Computer Associations. 1293.In the details pane, click Import computer Information. The Import Computer Information Wizard starts. 1294.Complete the Import Computer Information Wizard by using the information in Table 27. Accept the default values unless otherwise specified.
Template User Instructions
43
Table 27. Information for Completing Import Computer Information Wizard On this wizard page
Do this
Select Source
Click Import single computer, and then click Next.
Single Computer
In Computer Name, type WDG-CLI-01. In MAC address, type mac_address (where mac_address is the MAC address of the primary network adapter for the target computer, WDG-CLI-01). Click Next.
Data Preview
Click Next.
Choose Target Collection
Click Next.
Summary
Click Next.
Wizard Completed
Click Close.
For more information on adding a new computer to the Configuration Manager site database, see the section, “How to Add a New Computer to the Configuration Manager Database,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 6-2: Create a Collection for the Target Computer In Configuration Manager console, create a collection that includes the target computer (WDG-CLI-01). This computer collection is used later when advertising the task sequence created earlier in the process. To create a collection that includes the target computer 1295.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1296.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Collections. 1297.In the details pane, click New Collection. The New Collection Wizard starts. 1298.Complete the New Collection Wizard by using the information in Table 28. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
MSDN 2.0
Table 28. Information for Completing the New Collection Wizard On this wizard page
Do this
General
In Name, type Microsoft Deployment – Batch 01 In Comment, type Computers that are to be included in the first batch of computers deployed. Click Next.
Membership Rules
Click the Computer icon. Complete the Create Direct Membership Rule Wizard by performing the following steps: 1299.On the Welcome page, click Next. 1300.On the Search for Resources page, in Resource class, select System Resource; in Attribute name, select Name; in Value, type WDG-CLI-01; and then click Next. 1301.On the Collection Limiting page, click Next. 1302.On the Select Resources page, select WDG-CLI01, and then click Next. 1303.On the Finished page, click Finish. Click Next.
Advertisements
Click Next.
Security
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Create a Collection,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 6-3: Create an Advertisement for the Task Sequence In Configuration Manager console, create an advertisement for the task sequence created earlier in the process. Advertise the task sequence to the collection of target computers created earlier in the process. To create an advertisement for the task sequence 1304.Click Start, point to All Programs, and then point to Microsoft System Center. Point to Configuration Manager 2007, and then click ConfigMgr Console. 1305.In the Configuration Manager console console tree, go to System Center Configuration Manager/Site Database/Computer Management/Operating System Deployment/Task Sequences. 1306.In the details pane, click Windows Vista Target Deployment. 1307.In the details pane, click Advertise. The New Advertisement Wizard starts. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
45
1308.Complete the New Advertisement Wizard by using the information in Table 29. Accept the default values unless otherwise specified. Table 29. Information for Completing the New Advertisement Wizard On this wizard page
Do this
General
In Comment, type Advertisement to deploy Windows Vista reference image. In Collection, click Browse. In the Browse Collection dialog box, click Microsoft Deployment – Batch 01, and then click OK. Select the Make this task sequence available to boot media and PXE check box. Click Next.
Schedule
Click Next.
Distribution Points
Click Next.
Interaction
Click Next.
Security
Click Next.
Summary
Click Next.
Confirmation
Click Close.
For more information, see the section, “How to Advertise Task Sequences,” in Configuration Manager Documentation Library, which is installed with System Center Configuration Manager.
Step 6-4: Start the Target Computer with the Task Sequence Bootable Media Start the target computer (WDG-CLI-01) with the task sequence bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 process. At the end of the MDT 2008 process, Windows Vista is deployed on the target computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts.
To start the target computer with the task sequence bootable media 1309.Start WDG-CLI-01 with the task sequence bootable media created earlier in the process. Windows PE starts, and then the Task Sequence Wizard starts 1310.Complete the Task Sequence Wizard by using the information in Table 30. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
MSDN 2.0
Table 30. Information for Completing the Task Sequence Wizard On this wizard page
Do this
Welcome to the Task Sequence Wizard
In Password, type P@ssw0rd, and then click Next.
Select a Task Sequence In the list box, select Windows Vista Target Deployment, and then click Next. The wizard starts and the operating system deployment starts. If any problems occur during the deployment, consult the MDT 2008 document, Troubleshooting Reference. When successfully completed, the target computer is running a Windows Vista operating system configured like the reference computer.
Microsoft® Deployment Toolkit 2008 Quick Start Guide for Lite Touch Installation
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation
xlvii
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, Hyper-V, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 provides technology for deploying Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. This quick-start guide helps Information Technology (IT) personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using it to install the Windows Vista® operating system through Lite Touch Installation (LTI). This quick-start guide demonstrates how to perform the New Computer deployment scenario using a LAB deployment point. The New Computer deployment scenario covers the deployment of Windows Vista to a new computer. This scenario assumes that there is no user data or profile to preserve. Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
After using this guide to evaluate MDT 2008, review the rest of the MDT 2008 guidance to learn more about the technology’s advanced features. Note The infrastructure setup described here is for evaluation purposes and not intended for a production system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes To deploy operating systems and applications by using MDT 2008 and Microsoft Systems Management Server (SMS) 2003, the environment must meet the following software and computer configuration prerequisites.
Required Software To complete this guide, the following software is required: •
Windows Server 2003 Release 2 (R2) with Service Pack 2 (SP2)
•
Windows Vista
•
Windows Automated Installation Kit (Windows AIK) to help install, customize, and deploy Windows operating systems Note Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 release to manufacturing (RTM) deployments. However, Windows AIK version 1.1 is compatible with all currently supported operating system releases.
•
Windows Preinstallation Environment (Windows PE) version 2.0 (included in Windows AIK)
•
Networking services, including Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP)
•
Windows User State Migration Tool (USMT) version 3.0.1 (not available for server operating systems)
•
Windows Deployment Services (used only for Pre-Boot Execution Environment [PXE] boot requirements)
•
The Hyper-V™ server role, if computers are virtualized and running on a Windows Server 2008 host operating system
•
Microsoft Virtual Server 2005 R2 with SP1, if computers are virtualized and running on a Windows Server 2003 host operating system
•
Microsoft Virtual PC 2007, if computers are virtualized and running on a Windows XP or Windows Vista host operating system
•
Active Directory® Domain Services (AD DS) infrastructure, including logical and physical design of infrastructure.
Note The task sequencer used in MDT 2008 deployments requires the Create Global Object right be assigned to credentials used to access and run Deployment Workbench and the deployment process. This right is normally available to accounts with Administrator-level permissions (unless explicitly removed). Also, the Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
3
Computer Configuration To complete this guide, set up the computers listed in Table 1. These computers can be either physical computers or virtual machines (VMs) with the system resources designated. Table 1. Computers Used in This Guide Computer
Description and system resources
WDG-MDT-01
This computer runs the MDT 2008 infrastructure and Windows Vista. The system resources of the computer are as follows:
WDG-REF-01
•
Processor running at 1.4 gigahertz (GHz) or faster
•
512 megabytes (MB) or greater physical memory
•
One disk partition that has 15 gigabytes (GB) or more available disk space and that will become the drive C partition
•
One CD-ROM or DVD-ROM drive that will be assigned the drive letter D
This is the target computer and runs no current operating system. The system resources of the computer are as follows:
WDG-CLI-01
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
16 GB or more available disk space
This is the target computer and runs no current operating system. The system resources of the computer are as follows: •
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
Note This guide assumes that MDT 2008 is being evaluated on 32-bit (x86) physical or virtual computers. If evaluating MDT 2008 on 64-bit (x64) platforms, download and install the x64 editions of MDT 2008 and the components that this guide describes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 1: Pr epar e the Pr er equis ite In fr ast r uc tur e This guide assumes that Windows Vista is installed on a computer named WDG-MDT-01. If the computer being used is named differently, substitute the name of that computer for WDG-MDT-01. Note
This section assumes that a new infrastructure will be created for MDT 2008.
The step for preparing the prerequisite infrastructure before installing the MDT 2008 is: •
Obtain the software required to perform the steps in this guide.
Step 1-1: Obtain the Required Software The software required to perform deployments using MDT 2008 includes: •
MDT 2008, available at http://microsoft.com/technet/SolutionAccelerators.
•
Windows Vista distribution files from the product CD.
•
Device drivers required for the target computer, WDG-CLI-01.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 2: Pr epar e the MDT 2008 En vir onmen t The first step in the process is to prepare the MDT 2008 environment. When this step is complete, create the reference computer and deploy a captured image of the reference computer to the target computer (WDG-CLI-01) by using MDT 2008. To prepare the MDT 2008 environment 1311.Install MDT 2008. 1312.Install Windows AIK.
Step 2-1: Install MDT 2008 To install MDT 2008 1313.Double-click MicrosoftDeploymentToolkit_x86.msi, and then click Install. 1314.Click Next to skip the welcome page. 1315.On the End-User License Agreement page, review the license agreement, click I accept the terms in the License Agreement, and then click Next. 1316.On the Custom Setup page, click Next. 1317.Click Install. The installation process status is displayed and eventually finishes. 1318. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Step 2-2: Install Windows AIK To install Windows AIK when the computer has Internet connectivity 1319.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1320.In the Deployment Workbench console tree, go to Deployment Workbench/Information Center/Components. 1321.In the details pane, in the Available for Download section, click Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems). 1322.In the details pane, click Download. After downloading Windows AIK, Deployment Workbench copies the Windows AIK files to C:\Program Files\Microsoft Deployment Toolkit\WAIK. 1323.In the details pane, in the Downloaded section, click Windows Automated Installation Kit (x86) (for 32-bit operating systems) or Windows Automated Installation Kit (x64) (for 64-bit operating systems), and then click Install. The Windows Automated Installation Kit Setup Wizard starts. 1324.Complete the Windows Automated Installation Kit Setup Wizard by using the information in Table 2. Table 2. Information for Completing the Windows Automated Installation Kit Setup Wizard On this wizard page
Do this
Welcome to the Windows Automated Installation Kit Setup Wizard
Click Next.
License Terms
Click I Agree, and then click Next.
Select Installation Folder
Click Next.
Confirm Installation
Click Next.
Completed Installation
Click Close.
1325.In the details pane, in the Installed section, notice that Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems) is installed 1326.Close all open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 3: Conf igur e MD T 2008 to Cr ea te t he R ef er ence C ompu ter After the MDT 2008 environment is prepared, create the reference computer. The reference computer is used as the template for deploying new images to the target computers. Configure this computer exactly as the target computers will be configured. Windows Vista will be deployed to the reference computer (WDG-REF-01), an image of the reference computer will be captured, and then the captured image will be deployed to the target computer (WDG-CLI-01). To configure MDT 2008 to create a reference computer 1327.Create the distribution share. 1328.Add operating system files to the distribution share. 1329.Add device drivers to the distribution share. 1330.Create a task sequence for the reference computer. 1331.Create a LAB deployment point. 1332.Configure the Windows PE options for the LAB deployment point. 1333.Update the LAB deployment point.
Step 3-1: Create the Distribution Share Before deployment can begin with MDT 2008 and Systems Management Server, create the distribution share in Deployment Workbench. The distribution share is the repository for the operating system images, language packs, applications, device drivers, and other software deployed to the target computers. Later in the process, a Lab deployment point will be created that the reference and target computers will use. To create the distribution share in Deployment Workbench 1334.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1335.In the Deployment Workbench console tree, navigate to Deployment Workbench/Distribution Share. 1336.In the console tree, right-click Distribution Share, and then click Create distribution share directory. The Create Distribution Share Wizard starts. 1337.Complete the Create Distribution Share Wizard by using the information in Table 3.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Table 3. Information for Completing the Create Distribution Share Wizard On this wizard page
Do this
Specify Directory
In Path for new distribution share directory, type C:\Distribution, and then click Finish.
The Create Distribution Share Wizard finishes, and the distribution share is created.
Step 3-2: Add Operating System Files to the Distribution Share MDT 2008 acts as a repository for the operating system files that are deployed to the reference computer (WDG-REF-01) and target computer (WDG-CLI-01). In this sample, add the Windows Vista operating system files to the distribution share created earlier in the process. Add the device drivers in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. To add the Windows Vista operating system files to the distribution share 1338.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1339.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1340.In the details pane, click New. The New OS Wizard starts. 1341.Complete the New OS Wizard by using the information in Table 4. Table 4. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type C:\Source$\Vista, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows Vista operating system is added to the list of operating systems in the details pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
9
Step 3-3: Add the Device Drivers After the Windows Vista operating system has been added to Deployment Workbench, add any device drivers required for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01). These device drivers will be added to Windows PE and deployed with Windows Vista. Add the device drivers in the Out-of-box Drivers node in Deployment Workbench by using the New Driver Wizard. The New Driver Wizard copies the device driver files to the distribution share in Out-of-Box Drivers\subfolder. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To add the device drivers for the reference and target computers to the distribution share 1342.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1343.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Out-of-Box Drivers. 1344.In the details pane, click New. The New Driver Wizard starts. 1345.Complete the New Driver Wizard by using the information in Table 5. Table 5. Information for Completing the New Driver Wizard On this wizard page
Do this
Specify Directory
In Driver source directory, type C:\Source$\Drivers. Click Add Group. In the New Driver Group dialog box, type device_driver_name, and then click OK (where device_driver_name is a descriptive name for the device drivers). Select the device_driver_name check box (where device_driver_name is a descriptive name for the device driver group created). Click Finish.
The New Driver Wizard finishes. The device drivers are added to the list of operating systems in the details pane and are copied to the distribution\Out-of-box Drivers folder (where distribution is the distribution folder created earlier in the process).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Step 3-4: Create a Task Sequence for the Reference Computer Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. Table 6 lists the task sequence templates that are included in MDT 2008 and a description of the template. Table 6. Task Sequence Templates Included in MDT 2008 Template
Select this template to
Standard Client Task Sequence
Deploy to client computers for all scenarios except the Replace Computer scenario.
Standard Client Replace Task Sequence
Deploy to client computers for the Replace Computer scenario.
Custom Task Sequence
Create a custom task sequence that installs applications without an operating system installation.
Standard Server Task Sequence
Deploy to server computers for all scenarios.
Select the Standard Client Task Sequence template to deploy Windows Vista to the reference computer (WDG-REF-01). To create a task sequence for deploying the reference computer 1346.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1347.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1348.In the details pane, click New. The New Task Sequence Wizard starts. 1349.Complete the New Task Sequence Wizard by using the information in Table 7. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
11
Table 7. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_REFERENCE. In Task sequence name, type Deploy Vista to Reference Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence. Click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select Windows Vista edition (where edition is the edition of Windows Vista added to the Operating Systems node in Deployment Workbench). Click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd. Click Finish.
The New Task Sequence Wizard finishes, and the VISTA_REFERENCE task sequence is added to the list of task sequences.
Step 3-5: Create a LAB Deployment Point After the task sequence for deploying Windows Vista has been added to the reference computer, create a Lab or single-server deployment point that is used to deploy Windows Vista to the reference computer. Later in the process, the Windows Deployment Wizard will be used to deploy Windows Vista to the reference computer (WDG-REF-01), and then capture an image of the reference computer. Then, the captured image will be deployed to the target computer (WDG-CLI-01) by using the Windows Deployment Wizard in MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
To create Lab or single-server deployment point in Deployment Workbench 1350.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1351.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1352.In the details pane, click New. The New Deployment Point Wizard starts. 1353.Complete the New Deployment Point Wizard by using the information in Table 8. Table 8. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click Lab or single-server deployment, and then click Next.
Specify Deployment Point Name
Click Next.
Application List
Click Next.
Allow Image Capture
Click Next.
Allow Admin Password
Click Next.
Allow Product Key
Click Next.
Network Share
Click Next.
Configure User State
Click Finish.
The New Deployment Wizard finishes, and the LAB deployment point is added to the list of deployment points. The C:\Distribution folder (distribution share) is shared as Distribution$.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
13
Step 3-6: Configure the Windows PE Options for the LAB Deployment Point After creating the LAB deployment point, configure the Windows PE configuration options for it. Configure the Windows PE options for the deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To configure the Windows PE options for the deployment point 1354.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1355.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1356.In the details pane, click LAB. 1357.In the details pane, click Properties. The LAB Properties dialog box appears. 1358.In the LAB Properties dialog box, on the Windows PE tab, in Driver group, select device_drivers (where device_drivers is the name of the device driver group created earlier in the deployment process), and then click OK.
Step 3-7: Update the LAB Deployment Point After configuring the Windows PE options for the LAB deployment point, update the deployment point. Updating the deployment point updates all the MDT 2008 configuration files and generates a customized version of Windows PE. The customized version of Windows PE is used to start the reference computer and initiate the LTI deployment process. To update the LAB deployment point in Deployment Workbench 1359.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1360.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1361.In the details pane, click LAB. 1362.In the details pane, click Update. Deployment Workbench starts updating the LAB deployment point. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 4: Depl oy W indo ws V ist a and Ca ptur e an I ma ge o f the Refer ence Co mpute r After creating the task sequence to deploy Windows Vista to the reference computer and capturing an image of the reference computer, start the task sequence. Initiate the operating system deployment and capture by starting the reference computer with the LTI bootable media. To deploy Windows Vista and capture an image of the reference computer 1363.Create the LTI bootable media disk. 1364.Start the reference computer with the LTI bootable media disk.
Step 4-1: Create the LTI Bootable Media A method must be provided for starting the computer with the customized version of Windows PE created when the LAB deployment point was updated. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) or LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). Create the appropriate LTI bootable media from one of these images. To create the LTI bootable media 1365.In Windows Explorer, navigate to C:\Distribution\Boot. 1366.Based on the type of computer used for the reference computer (WDG-REF-01), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the International Organization for Standardization (ISO) file.
•
If the reference computer is a VM, start the VM directly from the ISO file or from a CD or DVD of the ISO file.
Step 4-2: Start the Reference Computer with the LTI Bootable Media Start the reference computer (WDG-REF-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the reference computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 3
15
To start the reference computer with the LTI bootable media 1367.Start WDG-REF-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 1368.Complete the Windows Deployment Wizard by using the information in Table 9. Accept the default values unless otherwise specified. Table 9. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Next.
Configure the computer In Computer name, type WDG-REF-01, and then click name Next. Join the computer to a domain or workgroup
Click Next.
Specify whether to restore user data
Click Next.
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Specify whether to capture an image
Click Next.
Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 1369.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 1370.In the Deployment Summary dialog box, click Finish. Windows Vista is now installed on the reference computer, and the captured Windows Imaging Format (WIM) file of the reference computer (VISTA_REFERENCE.wim) is stored in the deployment_point_share\Captures folder (where deployment_point_share is the shared folder used as the deployment point share).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 5: Conf igur e MD T 2008 to Dep lo y W ind ows V ista to the Tar ge t C ompu ter After the image of the reference computer (MDT-REF-01) is captured, deploy the captured image to the target computer (MDT-CLI-01). The captured image will be imported into Deployment Workbench by using the New OS Wizard. Then, an MDT 2008 task sequence will be created to deploy the captured image to the target computer. Also the LAB deployment created earlier in the process will be configured to use the new task sequence and captured image. To configure MDT 2008 to deploy Windows Vista to the target computer 1371.Add the captured image of the reference computer to Deployment Workbench. 1372.Create a task sequence for the target computer.
Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench To deploy the captured image of the reference computer to the target computer, add the captured image to the list of operating systems in the Operating Systems node in Deployment Workbench. The New OS Wizard copies the operating system files to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process). To add the captured image of the reference computer to Deployment Workbench 1373.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1374.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1375.In the details pane, click New. The New OS Wizard starts. 1376.Complete the New OS Wizard by using the information in Table 10.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Lite Touch Installation: Step 5
17
Table 10. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Custom image file, and then click Next.
Image
In Source file, type C:\Distribution\Captures\VISTA_REFERENCE.wim. Select the Move the files to the distribution share instead of copying them check box, and then click Next.
Setup
Click Next.
Destination
Click Finish.
The New OS Wizard finishes. The captured image of the reference computer (WDGREF-01) operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process). 1377.Close all open windows and dialog boxes.
Step 5-2: Create a Task Sequence for the Target Computer Create an MDT 2008 task sequences for the target computer in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. This task sequence is used to deploy the captured image of the reference computer to the target computer. To create a task sequence for deploying the captured image to the target computer 1378.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1379.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1380.In the details pane, click New. The New Task Sequence Wizard starts. 1381.Complete the New Task Sequence Wizard by using the information in Table 11. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Table 11. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_TARGET. In Task sequence name, type Deploy Captured Image to Target Computer, and then click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select VISTA_REFERENCECDrive in “VISTA_REFERENCE\VISTA_REFERENCE.wim”, and then click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd, and then click Finish.
The New Task Sequence Wizard finishes, and the VISTA_TARGET task sequence is added to the list of task sequences. 1382.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 6: Depl oy the Ca ptur ed Ima ge of t he R ef er ence C ompu ter to the Tar ge t Co mpute r After the image of the reference computer is captured and the task sequence is created and configured, deploy the captured image. Configure MDT 2008 to provide all the necessary configuration settings to deploy to the target computer. After initiating the deployment process, the image of the reference computer running Windows Vista is automatically deployed to the target computer and configured with the settings defined. To deploy the captured image of the reference computer to the target computer •
Start the target computer with the LTI bootable media disk.
Step 6-1: Start the Target Computer with the LTI Bootable Media Start the target computer (WDG-CLI-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the target computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the target computer. Note The MDT 2008 process can also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for LTI Tools.
To start the target computer with the LTI bootable media 1383.Start WDG-CLI-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 1384.Complete the Windows Deployment Wizard by using the information in Table 12. Accept the default values unless otherwise specified.
20
MSDN 2.0
Table 12. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Deploy Captured Image to Target Computer, and then click Next.
Configure the computer In Computer name, type WDG-CLI-01, and then click name Next. Join the computer to a domain or workgroup
Click Join a domain.
Specify whether to restore user data
Click Next.
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Specify the BitLocker configuration
Click Next.
Ready to begin
Click Begin.
In Domain, type CORP, and then click Next.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box appears. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 1385.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings and record any diagnostic information. 1386.In the Deployment Summary dialog box, click Finish. The image of Windows Vista captured from the reference computer is now installed on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
Microsoft® Deployment Toolkit 2008 Quick Start Guide for Microsoft Systems Management Server 2003
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, FrontPage, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion Microsoft® Deployment Toolkit (MDT) 2008 provides technology for deploying Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. This quick start guide helps Information Technology (IT) personnel quickly evaluate MDT 2008 by providing condensed, step-by-step instructions for using it to install Windows Vista® with Microsoft Systems Management Server (SMS) 2003. This quick-start guide demonstrates how to perform the New Computer deployment scenario using a LAB and an OSD deployment point. The New Computer deployment scenario covers the deployment of Windows Vista to a new computer. This scenario assumes that there is no user data or profile to preserve. Note In this document, Windows applies to the Windows Vista, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
After using this guide to evaluate MDT 2008, review the rest of the MDT 2008 guidance to learn more about the technology’s advanced features. Note The infrastructure setup described here is for evaluation purposes and not intended for a production system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr er equ isi tes To deploy operating systems and applications by using MDT 2008 and Systems Management Server, the environment must meet the following software and computer configuration prerequisites. Note Only client operating systems can be deployed, such as Windows Vista or Windows XP, with MDT 2008 and Systems Management Server. Deployment of server operating systems, such as Windows Server 2008 or Windows Server 2003, is not supported using MDT 2008 and Systems Management Server.
Required Software To complete this guide, the following software is required: •
Windows Server 2003 Release 2 (R2) with Service Pack 2 (SP2)
•
Windows Vista
•
Systems Management Server with SP3
•
Windows Automated Installation Kit (Windows AIK) to help install, customize, and deploy Windows operating systems Note Windows AIK version 1.0 does not support Windows Vista with SP1 or Windows Server 2008 release to manufacturing (RTM) deployments. However, Windows AIK version 1.1 is compatible with all currently supported operating system releases.
•
Windows Preinstallation Environment (Windows PE) version 2.0 (included in Windows AIK)
•
Networking services, including Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP)
•
Active Directory® Domain Services (AD DS)
Note The task sequencer used in MDT 2008 deployments requires the Create Global Object right be assigned to credentials used to access and run Deployment Workbench and the deployment process. This right is normally available to accounts with Administrator-level permissions (unless explicitly removed). Also, the Specialized Security – Limited Functionality (SSLF) security profile removes the Create Global Object right and should not be applied to computers being deployed using MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for Microsoft System Center Configuration Manager 2007
3
Computer Configuration To complete this guide, set up the computers listed in Table 1. These computers can be either physical computers or virtual machines (VMs) with the system resources designated. Table 1. Computers Used in This Guide Computer
Description and system resources
WDG-MDT-01
This computer runs the MDT 2008 infrastructure and Systems Management Server. The computer runs Windows Server 2003 with SP2 with the following networking services installed: •
AD DS
•
DNS Server
•
DHCP Server
The system resources of the computer are as follows:
WDG-REF-01
•
Processor running at 1.4 gigahertz (GHz) or faster
•
512 megabytes (MB) or greater physical memory
•
One disk partition that has 16 gigabytes (GB) or more available disk space and that will become the drive C partition
•
One CD-ROM or DVD-ROM drive that will be assigned the drive letter D
•
One disk partition that has 16 GB or more available disk space and that will become partition E.
This is the target computer and runs no current operating system. The system resources of the computer are as follows:
WDG-CLI-01
•
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
This is the target computer and runs no current operating system. The system resources of the computer are as follows: •
Processor running at 1.4 GHz or faster
•
512 MB or more physical memory
•
15 GB or more available disk space
Note This guide assumes that MDT 2008 is being evaluated on 32-bit (x86) physical or virtual computers. If evaluating MDT 2008 on 64-bit (x64) platforms, download and install the x64 editions of MDT 2008 and the components that this guide describes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 1: Pr epar e the Pr er equis ite In fr ast r uc tur e For the purposes of this guide, all the prerequisite infrastructure services run on the computer named WDG-MDT-01. Install the prerequisite software, server roles, and services on this computer before installing MDT 2008. Note This section assumes that a new Systems Management Server infrastructure will be created for MDT 2008. If an existing Systems Management Server infrastructure is being used, review the steps in this section and substitute existing resource names for the resources created in this section (such as computer name and shared network folders). After reviewing this section, proceed to “Step 2: Prepare the MDT 2008 Environment.”
The steps for preparing the prerequisite infrastructure before installing the MDT 2008 are: 1387.Install Windows Server 2003 with SP2. 1388.Create the required folders and network shares. 1389.Obtain the software required to perform the steps in this guide. 1390.Install AD DS. 1391.Install the DHCP Server. 1392.Install Microsoft Internet Information Services (IIS) version 6.0. 1393.Enable the Web-based Distributed Authoring and Versioning (WebDAV) Internet Services Application Programming Interface (ISAPI) extensions in IIS 6.0. 1394.Install the additional software. 1395.Create the user and service accounts required to perform the steps in this guide. 1396.Install Microsoft SQL Server® 2005 with SP2 to be used by Systems Management Server. 1397.Install Systems Management Server. 1398.Install the SMS 2003 Operating System Deployment (OSD) Feature Pack. 1399.Install Systems Management Server SP3. 1400.Configure the network access account that Systems Management Server Advanced Clients use to access Systems Management Server distribution points. 1401.Configure the drive to be used for storing Systems Management Server package source files. 1402.Configure the default management point in Systems Management Server. 1403.Configure the Systems Management Server distribution point to be Background Intelligent Transfer Service (BITS) enabled. Note If the site has multiple site servers, add all the site servers to the Site System and Site Server Connection local security groups on all the site servers. In this sample, there is only one site server (WDG-MDT-01), so this step is not necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
5
Step 1-1: Install Windows Server 2003 with SP2 Install Windows Server 2003 with SP2 by using the information in Table 2. Accept default values unless otherwise specified. Table 2. Information for Installing Windows Server 2003 with SP2 When prompted for
Provide these values
Where do you want to install Windows?
Disk 0 Unallocated Space
Password
Any strong password.
Computer name
WDG-MDT-01
Format for volumes C and E
NTFS
TCP/IP configuration
Configure with a static IP address configuration with the other TCP/IP configuration options as appropriate for the environment.
Step 1-2: Create Required Folders and Shares The MDT 2008 deployment process requires additional folders that are used as the source for files or to store files created during the MDT 2008 deployment process. Some of these folders need to be shared so that they can be accessed from other computers. To create the required folders and shares 1404.Create the E:\Source$ folder, and share the folder as Source$ with the following permissions: •
Administrators: Full Control
•
Everyone: Read
1405.Create the following folders: •
E:\Source$\Drivers
•
E:\Source$\Vista
•
E:\Source$\MDT_2008
Step 1-3: Obtain the Required Software Besides Windows Server 2003 with SP2, Windows Vista, and Systems Management Server, software is required to evaluate MDT 2008 based on the processes in this guide. Table 3 lists the software required to perform deployments using MDT 2008, where to obtain the software, and where to place the software on WDG-MDT-01.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Table 3. Additional Software Required for Deployment Using MDT 2008 Obtain this software
Place in this folder
MDT 2008, available at http://microsoft.com/technet/SolutionAccelerators
E:\Source$\MDT_2008
Windows Vista distribution files from the product CD
E:\Source$\Vista
Windows Server 2003 SP1 Original Equipment Manufacturer (OEM) Preinstallation Kit (OPK) as a part of Software Assurance or to approved users at http://oem.microsoft.com/script/contentpage.aspx?PageID= 560519 (used to obtain Windows PE 2005)
E:\Source$\W2K3_SP1_ OPK
Windows Server 2003 SP1 distribution files from the product CD (required for Windows PE 2005).
E:\Source$\Win2K3_SP1 `
Device drivers required for the target computer WDG-CLI01
E:\Source$\Drivers
SQL Server 2005 with SP2, available at E:\Source$\SQL2005SP2 http://www.microsoft.com/downloads/details.aspx?FamilyId= d07219b2-1e23-49c8-8f0c-63fa18f26d3a&DisplayLang=en Systems Management Server
E:\Source$\SMS_2003
SMS 2003 OSD Feature Pack
E:\Source$\SMS_2003_ OSD_FP
Systems Management Server SP3
E:\Source$\SMS_2003_S P3
Microsoft XML Core Services (MSXML) version 6.0 at http://www.microsoft.com/downloads/details.aspx?FamilyID =993C0BCF-3BCF-4009-BE21-27E85E1857B1
E:\Source$\MSXML60
Step 1-4: Install AD DS AD DS is required to provide authentication and act as a repository for configuration values for the Microsoft products and technologies that MDT 2008 uses, such as SQL Server 2005 and Systems Management Server. To install AD DS, run the DCPROMO Wizard to configure the computer as a domain controller. Install AD DS by using the information provided in Table 4 and accepting any defaults unless otherwise specified. Table 4. Information for Installing AD DS When prompted for
Do the following
Domain type
Create a new domain in a new forest.
Fully qualified domain name (FQDN)
Type corp.woodgrovebank.com
Forest functional level
Windows Server 2003
Install the DNS Server service as a part of the domain controller installation process.
Click Yes
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
7
Step 1-5: Install DHCP Server DHCP Server is required to provide automatic IP configuration for the target computers. Install DHCP Server by using the information provided in Table 5 and accepting any defaults unless otherwise specified. Note If a virtualized environment will be used, disable any DHCP configuration provided by the computer virtualization software. Ensure that the DHCP Server service running WDG-MDT-01 is the only provider of IP configuration by using DHCP.
Table 5. Information for Installing DHCP Server When prompted for
Do the following
Authorize DHCP server in Active Directory
Authorize WDG-MDT-01 to provide client IP configuration.
DHCP scopes
Create an appropriate scope that can be used to automatically configure TCP/IP for WDGREF-01 and WDG-CLI-01.
Step 1-6: Install IIS 6.0 Install IIS version 6.0 with the application server components listed in Table 6. Unless otherwise specified, use the default values. The application server components listed in Table 6 are required for SQL Server 2005 and Systems Management Server installation. Table 6. Information for Installing IIS 6.0 Application server component
Status
Application Server console
Installed
Microsoft ASP.NET
Installed
Enable network COM+ access
Installed
Enable network DTC access
Not installed
IIS BITS Server Extensions
Installed
Common Files
Installed
File Transfer Protocol (FTP) Service
Not installed
Microsoft Office FrontPage® 2002 Server Extensions
Not installed
Internet Information Services Manager
Installed
Internet Printing
Not installed
Network News Transfer Protocol (NNTP) Service
Not installed
Simple Mail Transfer Protocol (SMTP) Service
Not installed
World Wide Web Service: Active Server Pages (ASP)
Installed
Internet Data Connector
Not installed
Remote Administration (HTML) Solution Accelerators
Not installed microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Application server component
Status
Remote Desktop Web Connection
Not installed
Server Side Includes
Installed
WebDAV Publishing
Installed
World Wide Web Service
Installed
Message Queuing
Not installed
1406.Close all open windows and dialog boxes.
Step 1-7: Enable the WebDAV ISAPI Extension The WebDAV Publishing component runs as an ISAPI extension in IIS. After installing the WebDAV Publishing Application Server component, allow the WebDAV ISAPI extension to run in IIS. By default, the WebDAV ISAPI extension is prohibited from running after installation. To enable the WebDAV ISAPI extension 1407.Start IIS Manager. 1408.In the IIS Manager console tree, click Web Service Extension. 1409.In the details pane, click WebDAV, and then click Allow. The status of the WebDAV should change to Allowed. 1410.Close all open windows and dialog boxes.
Step 1-8: Install Additional Software Additional software that must be installed in Windows Server 2003 with SP2 to support MDT 2008. Install the following software using the default installation options: •
MSXML version 6.0
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
9
Step 1-9: Create the User and Service Accounts Systems Management Server and SQL Server 2005 require user accounts during the installation process. Table 7 lists the information needed for creating the user and service accounts. Table 7. Information for Creating the Required Accounts Create this account
With these settings
SQL Service account
In First name, type SQL. In Last name, type Service Account. In User logon name, type SQLSvcAcct. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. Make the account a member of the Domain Admins security group. In Description, type Service account used to run SQL Server 2005 services.
Systems Management Server 2003 In First name, type SMS 2003. Client Network Access account In Last name, type Client Network Access. In User logon name, type SMSNetAccess. In Password and Confirm password, type P@ssw0rd. Clear the User must change password at next logon check box. Select the Password never expires check box. In Description, type Service account used as the network access account for Systems Management Server 2003 Client. 1411.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Step 1-10: Install SQL Server 2005 with SP2 Before installing Systems Management Server, install SQL Server 2005 with SP2. Note To enable all SQL Server 2005 features, install the Web Server (IIS) server role before installing SQL Server 2005.
To install SQL Server 2005 with SP2 1412.Install SQL Server 2005 by using the information in Table 8 and accepting defaults unless otherwise specified. Table 8. Information for Installing SQL Server 2005 When prompted for
Provide these values
Components to Install
Select SQL Server Database Services. Select Reporting Services.
Service account
In User name, type SQLSvcAcct. In Password, type P@ssw0rd. In Domain, type CORP.
1413.Install SQL Server 2005 with SP2 by accepting all defaults for installing the Service Pack Installation Wizard. Tip This service pack was downloaded earlier in the process and saved in the E:\Source$\SQL2005SP2 folder.
1414.Close all open windows and dialog boxes.
Step 1-11: Install Systems Management Server After installing the other products and technologies, install Systems Management Server. As Systems Management Server is installed, extend the Active Directory schema so that computers can locate the distribution points, service locator points, and other server roles. The configuration of WDG-MDT-01 supports Systems Management Server for this sample. The configuration of computers in the production network may vary. To find out more about the prerequisites for installing Systems Management Server, see SMS 2003 Supported Configurations for SP3 at http://download.microsoft.com/download/5/c/a/5cab7c25-9dba-4462-a8871977337e369e/SMS2003SP3SupportedConfigurations.htm.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
11
To install Systems Management Server 1415.Install Systems Management Server by using the information in Table 9. Accept the defaults unless otherwise specified. Table 9. Information for Installing Systems Management Server On this wizard page
Do this
Welcome to the Microsoft Systems Management Server Setup Wizard
Click Next.
System Configuration
Click Next.
Setup Options
Click Install an SMS primary site, and then click Next.
Installation Options
Click Custom Setup, and then click Next.
System Management Server License Agreement
Click I Agree, and then click Next.
Product Registration
In CD Key, type cd_key (where cd_key is the product key for Systems Management Server).
SMS Site Information
In Site code, type NYC. In Site name, type New York City Site. Click Next.
SMS Active Directory Schema
Select Extend the Active Directory schema, and then click Next.
SMS Security Information
Click Next.
SMS 2.0 Site Interoperability
Click Next.
SMS Primary Site Client Load
Click Next.
Installation Options
Click Next.
Asset Intelligence Installation Options
Click Next.
SQL Server Information for SMS Site Database
Click Next.
Creation of SMS Site Database
Click Next.
SMS Site Database Name
Click Next.
SQL Server Directory Path for SMS Site Database
Click Next.
Concurrent SMS Administrator Consoles
Click Next.
Completing the Systems Management Server Setup Wizard
Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
1416.Close all open windows and dialog boxes. At the end of this step, Systems Management Server is installed. To find more help in troubleshooting any installation-related problems, see Systems Management Server 2003 Troubleshooting Flowcharts at http://technet.microsoft.com/enus/library/cc180097.aspx.
Step 1-12: Install the SMS 2003 OSD Feature Pack After installing Systems Management Server, install the SMS 2003 OSD Feature Pack. MDT 2008 requires this feature pack to deploy operating systems to the reference and target computers. The configuration of WDG-MDT-01 supports the SMS 2003 OSD Feature Pack for this sample. The configuration of computers in the production network may vary. To find out more about the prerequisites for installing the feature pack, see the readme.htm and OSD_FP_Guide.doc files included in the SMS 2003 OSD Feature Pack. To install the SMS 2003 OSD Feature Pack 1417.Install the SMS 2003 OSD Feature Pack by using the information in Table 10. Accept the defaults unless otherwise specified. Table 10. Information for Installing the SMS 2003 OSD Feature Pack On this wizard page
Do this
Microsoft Systems Management Server OS Deployment Feature Pack
Click Next.
License agreement
Click I accept the license agreement, and then click Next.
Security warning
Click Next.
Installation
Click Next.
Setup Complete
Click Finish.
1418.Close all open windows and dialog boxes. At the end of this step, the SMS 2003 OSD Feature Pack is installed. To find more help in troubleshooting any installation-related problems, see the readme.htm and OSD_FP_Guide.doc files included in the feature pack.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
13
Step 1-13: Install Systems Management Server SP3 MDT 2008 requires Systems Management Server SP3. After installing Systems Management Server and the SMS 2003 OSD Feature Pack, apply Systems Management Server SP3 to the existing installation. Note If Systems Management Server and the SMS 2003 OSD Feature Pack were installed from a distribution source that has SP3 already installed, skip this step.
To install Systems Management Server SP3 1419.In Windows Explorer, go to E:\Source$\SMS_2003_SP3, and then double-click SMS2003sp3.exe. The Software Update Installation Wizard starts. 1420.Complete the Software Update Installation Wizard by using the information in Table 11. Table 11. Information for Completing the Software Update Installation Wizard On this wizard page
Do this
Welcome to the Update for SMS 2003 (KB899738) Installation Wizard
Click Next.
License Agreement
Click I Agree, and then click Next.
Asset Intelligence Options
Click Finish.
Confirm Installation
Click Next.
Completed Installation
Click Close.
1421.Close all open windows and dialog boxes.
Step 1-14: Configure the Network Access Account The Systems Management Server Advanced Client needs an account to provide credentials when accessing the Systems Management Server distribution points, MDT 2008 deployment points, and shared folders. This account is called the Network Access account. The SMSNetAccess account was created earlier in the process to use as the Network Access account. To configure the Network Access account 1422.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1423.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Connection Accounts/Client. 1424.In the console tree, right-click Client, click New, and then click Windows User Account. 1425.In the Connection Account Properties dialog box, click Set. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1426.Complete the Windows User Account dialog box by using the information in Table 12, and then click OK Table 12. Information Required to Complete the Windows User Account Dialog Box For this
Do this
User name
Type CORP\SMSNetAccess.
Password
Type P@ssw0rd.
Confirm password
Type P@ssw0rd.
1427.In the Connection Account Properties dialog box, click OK. 1428.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Component Configuration. 1429.In the details pane, right-click Software Distribution, and then click Properties. 1430.In the Software Distribution Properties dialog box, in the Advanced Client Network Access Account area, click Set. 1431.Complete the Windows User Account dialog box by using the information in Table 12 and then click OK. 1432.In the Software Distribution Properties dialog box, click OK. 1433.Close all open windows and dialog boxes.
Step 1-15: Configure the Drive for Storing Package Source Files Systems Management Server stores the source packages on a local drive. By default, Systems Management Server stores the source packages on drive C. Configure Systems Management Server to store the source packages on drive E. To configure the drive for storing Systems Management Server package source files 1434.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1435.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Component Configuration. 1436.In the details pane, right-click Software Distribution, and then click Properties. 1437.In the Software Distribution Properties dialog box, in the Location of stored packages area, in Drive on site server, type E:\. 1438.In the Software Distribution Properties dialog box, click OK. 1439.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
15
Step 1-16: Configure the Default Management Point The Systems Management Server Advanced Client contacts a Systems Management Server management point to exchange data with the site services. Because there is only one computer in this scenario, configure WDG-MDT-01 as the default management point for the site. To configure the default management point 1440.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1441.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Site Systems. 1442.In the details pane, right-click WDG-MDT-01, and then click Properties. 1443.In the WDG-MDT-01 Site System Properties dialog box, on the Management Point tab, select the Use this site system as a management point check box, and then click OK. The WDG-MDT-01 Site System dialog box prompts to make the site system the default management point. 1444.In the WDG-MDT-01 Site System dialog box, click Yes. 1445.Close all open windows and dialog boxes.
Step 1-17: Configure the Distribution Point to Be BITS Enabled Using BITS-enabled distribution points in Systems Management Server helps control bandwidth throttling between the clients and distribution points. Enabling the BITS setting does not guarantee that the client will always download content from the distribution point using BITS. However, if this setting is not enabled, the client will never download packages using BITS. To configure a distribution point to be BITS enabled 1446.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1447.In the SMS Administrator Console console tree, go to Site Database/Site Hierarchy/NYC - New York City Site/Site Settings/Site Systems. 1448.In the details pane, right-click WDG-MDT-01, and then click Properties. 1449.In the WDG-MDT-01 Site System Properties dialog box, on the Distribution Point tab, select Enable Background Intelligent Transfer Service (BITS), and then click OK. 1450.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 2: Pr epar e the MDT 2008 En vir onmen t The first step in the process is to prepare the MDT 2008 environment. When this step is completed, create the reference computer and deploy a captured image of the reference computer to the target computer (WDG-CLI-01) by using Systems Management Server integration with MDT 2008. To prepare the MDT 2008 environment 1451.Install MDT 2008. 1452.Install Windows AIK.
Step 2-1: Install MDT 2008 To install MDT 2008 1453.In Windows Explorer, go to E:\Source$\MDT_2008. 1454.Double-click MicrosoftDeploymentToolkit_x86.msi (for 32-bit operating systems) or MicrosoftDeploymentToolkit_x64.msi (for 64-bit operating systems), and then click Install. 1455.Click Next to skip the welcome page. 1456.On the End-User License Agreement page, review the license agreement, click I accept the terms in the License Agreement, and then click Next. 1457.On the Custom Setup page, click Next. 1458.Click Install. The installation process status is displayed and eventually finishes. 1459. Click Finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 1
17
Step 2-2: Install Windows AIK MDT 2008 simplifies the process for installing any components that MDT 2008 requires. Windows AIK is one required component. To install Windows AIK when there is Internet connectivity 1460.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1461.In the Deployment Workbench console tree, go to Deployment Workbench/Information Center/Components. 1462.In the details pane, in the Available for Download section, click Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems). 1463.In the details pane, click Download. After downloading Windows AIK, Deployment Workbench copies the Windows AIK files to C:\Program Files\Microsoft Deployment Toolkit\WAIK. 1464.In the details pane, in the Downloaded section, click Windows Automated Installation Kit (x86) (for 32-bit operating systems) or Windows Automated Installation Kit (x64) (for 64-bit operating systems), and then click Install. The Windows Automated Installation Kit Setup Wizard starts. 1465.Complete the Windows Automated Installation Kit Setup Wizard by using the information in Table 13. Table 13. Information for Completing the Windows Automated Installation Kit Setup Wizard On this wizard page
Do this
Welcome to the Windows Automated Installation Kit Setup Wizard
Click Next.
License Terms
Click I Agree, and then click Next.
Select Installation Folder
Click Next.
Confirm Installation
Click Next.
Completed Installation
Click Close.
1466.In the details pane, in the Installed section, notice that Windows Automated Installation Kit (x86) 1.1 (for 32-bit operating systems) or Windows Automated Installation Kit (x64) 1.1 (for 64-bit operating systems) is installed. 1467.Close all open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 3: Conf igur e MD T 2008 and Syste ms Mana gement Ser ver t o Cr ea te t he R ef er ence C ompu ter After the MDT 2008 environment is prepared, create the reference computer. The reference computer is used as the template for deploying new images to the target computers. Configure this computer exactly as the target computers will be configured. Windows Vista is deployed to the reference computer (WDG-REF-01), then an image of the reference computer is captured that will be subsequently deployed to the target computer (WDG-CLI-01). Lite Touch Installation (LTI) in MDT 2008 is used to deploy Windows Vista to the reference computer. The SMS 2003 OSD Feature Pack in Systems Management Server cannot be used to deploy the reference computer, because the feature pack can only deploy images that it creates using the SMS 2003 OSD Feature Pack Operating System Image Capture CD. Later in the process, the Operating System Image Capture CD is used to capture an image of the reference computer. Then, the captured image is deployed to the target computer. To configure MDT 2008 and Systems Management Server to create a reference computer 1468.Create the distribution share. 1469.Add operating system files to the distribution share. 1470.Add device drivers to the distribution share. 1471.Add Windows PE 2005 to the distribution share. 1472.Add Windows Server 2003 SP1 to the distribution share. 1473.Add a Systems Management Server Advance client application to the distribution share. 1474.Create a task sequence for the reference computer. 1475.Create a LAB deployment point. 1476.Configure the Windows PE options for the LAB deployment point. 1477.Update the LAB deployment point. 1478.Create an SMS 2003 OSD deployment point. 1479.Configure the Windows PE options for the SMS 2003 OSD deployment point. 1480.Update the SMS 2003 OSD deployment point. 1481.Update the version of Windows PE in the SMS 2003 OSD Feature Pack. 1482.Create the OSD Operating System Image Capture CD. 1483.Create the OSD Operating System Image Capture CD bootable media.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
19
Step 3-1: Create the Distribution Share Before deployment with using MDT 2008 and Systems Management Server can begin, create the distribution share in Deployment Workbench. The distribution share is the repository for the operating system images, language packs, applications, device drivers, and other software deployed to the target computers. Later in the process, an SMS 2003 OSD deployment point is created that Systems Management Server will use. To create the distribution share in Deployment Workbench 1484.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1485.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share. 1486.In the console tree, right-click Distribution Share, and then click Create distribution share directory. The Create Distribution Share Wizard starts. 1487.Complete the Create Distribution Share Wizard by using the information in Table 14. Table 14. Information for Completing the Create Distribution Share Wizard On this wizard page
Do this
Specify Directory
In Path for new distribution share directory, type E:\Distribution, and then click Finish.
The Create Distribution Share Wizard finishes, and the distribution share is created.
Step 3-2: Add Operating System Files to Distribution Share MDT 2008 acts as a repository for the operating system files that are deployed to the reference computer (WDG-REF-01) and target computer (WDG-CLI-01). In this sample, add the Windows Vista operating system files to the distribution share created earlier in the process. Add the device drivers in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
To add the Windows Vista operating system files to the distribution share 1488.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1489.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1490.In the details pane, click New. The New OS Wizard starts. 1491.Complete the New OS Wizard by using the information in Table 15. Table 15. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type E:\Source$\Vista, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows Vista operating system is added to the list of operating systems in the details pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Step 3-3: Add the Device Drivers After the Windows Vista operating system has been added to Deployment Workbench, add any device drivers required for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01). These device drivers will be added to Windows PE and deployed with Windows Vista. Add the device drivers in the Out-of-box Drivers node in Deployment Workbench by using the New Driver Wizard. The New Driver Wizard copies the device driver files to the distribution share in Out-of-Box Drivers\subfolder. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To add the device drivers for the reference and target computers to the distribution share 1492.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1493.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Out-of-Box Drivers. 1494.In the details pane, click New. The New Driver Wizard starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
21
1495.Complete the New Driver Wizard by using the information in Table 16. Table 16. Information for Completing the New Driver Wizard On this wizard page
Do this
Specify Directory
In Driver source directory, type E:\Source$\Drivers. Click Add Group. In the New Driver Group dialog box, type device_driver_name, and then click OK (where device_driver_name is a descriptive name for the device drivers). Select the device_driver_name check box (where device_driver_name is a descriptive name for the device driver group created). Click Finish.
The New Driver Wizard finishes. The device drivers are added to the list of operating systems in the information pane and are copied to the distribution\Out-of-box Drivers folder (where distribution is the distribution folder created earlier in the process).
Step 3-4: Add Windows PE 2005 After the Windows Vista operating system and device drivers have been added to Deployment Workbench, add the Windows PE operating system to Deployment Workbench. Windows PE is used to start the reference (WDG-REF-01) and target (WDGCLI-01) computers. Add Windows PE in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. Windows PE 2005 was installed with the Windows Server 2003 SP1 OPK earlier in the process. Add this version of Windows PE to the Operating Systems node in Deployment Workbench. To add Windows PE to the distribution share 1496.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1497.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1498.In the details pane, click New. The New OS Wizard starts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
1499.Complete the New OS Wizard by using the information in Table 17. Table 17. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type E:\Source$\W2K3_SP1_OPK, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows PE 2005 operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Step 3-5: Add Windows Server 2003 with SP1 After Windows PE 2005 has been added, add the Windows Server 2003 with SP1 operating system to Deployment Workbench. MDT 2008 requires Windows Server 2003 with SP1 to build customized version of Windows PE 2005. Windows PE 2005 is based on Windows Server 2003 SP1 source code. Add Windows PE in the Operating Systems node in Deployment Workbench by using the New OS Wizard. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. To add Windows Server 2003 with SP1 to the distribution share 1500.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1501.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1502.In the details pane, click New. The New OS Wizard starts. 1503.Complete the New OS Wizard by using the information in Table 18.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
23
Table 18. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Full set of source files, and then click Next.
Source
In Source directory, type E:\Source$\W2K3_SP1, and then click Next.
Destination
Click Finish.
The New OS Wizard finishes. The Windows Server 2003 with SP1 operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process).
Step 3-6: Add a Systems Management Server Advanced Client Application The Systems Management Server Advanced Client must be installed on all target computers. Add the Advanced Client files as an application in the Application node in Deployment Workbench. Add the application containing the Systems Management Server Advanced Client files in any task sequence. The Systems Management Server Advanced Client can also be deployed to the target computers after the operating system is deployed to the target computers. However, the Systems Management Server Advanced Client should be deployed as an application with the operating system image. To create an application for the Systems Management Server Advanced Client by using the Application node in Deployment Workbench 1504.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1505.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Applications. 1506.In the details pane, click New. The New Application Wizard starts. 1507.Complete the New Application Wizard by using the information in Table 19.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Table 19. Information for Completing the New Application Wizard On this wizard page
Do this
Application Type
Click Next.
Details
In Application Name, type SMS 2003 Advanced Client, and then click Next.
Source
In Source directory, type E:\SMS\Client, and then click Next.
Destination
Click Next.
Command Details
In Command line, type Ccmsetup.exe SMSSITECODE=AUTO. In Working directory, type .\Applications\SMS 2003 Advanced Client\i386. Click Finish.
The New Application Wizard finishes, and the Systems Management Server Advanced Client is added to the list of applications.
Step 3-7: Create a Task Sequence for the Reference Computer Create MDT 2008 task sequences in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. Table 20 lists the task sequence templates included in MDT 2008 and a provides description of the template. Table 20. Task Sequence Templates Included in MDT 2008 Template
Select this template to
Standard Client Task Sequence
Deploy to client computers for all scenarios except the Replace Computer scenario.
Standard Client Replace Task Sequence
Deploy to client computers for the Replace Computer scenario.
Custom Task Sequence
Create a custom task sequence that installs applications without an operating system installation.
Standard Server Task Sequence
Deploy to server computers for all scenarios.
Select the Standard Client Task Sequence template to deploy Windows Vista to the reference computer (WDG-REF-01). The Import Microsoft Deployment Task Sequence Wizard substitutes the packages and images selected for the placeholders in the task sequence templates. After completing the wizard, the new imported task sequence references the appropriate packages and images. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
25
To create a task sequence for deploying the reference computer 1508.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1509.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1510.In the details pane, click New. The New Task Sequence Wizard starts. 1511.Complete the New Task Sequence Wizard by using the information in Table 21. Accept the default values unless otherwise specified. Table 21. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_REFERENCE. In Task sequence name, type Deploy Vista to Reference Computer. Click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select Windows Vista edition (where edition is the edition of Windows Vista added to the Operating Systems node in Deployment Workbench). Click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd. Click Finish.
The New Task Sequence Wizard finishes, and the VISTA_REFERENCE task sequence is added to the list of task sequences.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Step 3-8: Create a LAB Deployment Point After the task sequence to deploy Windows Vista has been added to the reference computer, create a Lab or single-server deployment point that is used to deploy Windows Vista to the reference computer. Because the SMS 2003 OSD Feature Pack only deploys images captured by the Operating System Image Capture CD in the SMS 2003 OSD Feature pack, Windows Vista must be deployed to the reference computer by using LTI in MDT 2008. Later in the process, the Operating System Image Capture CD is used to capture an image of the reference computer (WDG-REF-01). Then, the captured image is deployed to the target computer (WDG-CLI-01) by using MDT 2008 and the SMS 2003 OSD Feature Pack in Systems Management Server. To create Lab or single-server deployment point in Deployment Workbench 1512.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1513.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1514.In the details pane, click New. The New Deployment Point Wizard starts. 1515.Complete the New Deployment Point Wizard by using the information in Table 22. Table 22. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click Lab or single-server deployment, and then click Next.
Specify Deployment Point Name
Click Next.
Application List
Click Next.
Allow Image Capture
Click Next.
Allow Admin Password
Click Next.
Allow Product Key
Click Next.
Network Share
Click Next.
Configure User State
Click Finish.
The New Deployment Wizard finishes, and the LAB deployment point is added to the list of deployment points. The E:\Distribution folder (distribution share) is shared as Distribution$.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
27
Step 3-9: Configure the Windows PE Options for the LAB Deployment Point After the LAB deployment point has been created, configure the Windows PE configuration options for the deployment point. Configure the Windows PE options for the deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
To configure the Windows PE options for the deployment point 1516.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1517.In the Deployment Workbench console tree, navigate to Deployment Workbench/Deploy/Deployment Point. 1518.In the details pane, click LAB. 1519.In the details pane, click Properties. The LAB Properties dialog box appears. 1520.In the LAB Properties dialog box, click the Windows PE tab. In Driver group, select device_drivers (where device_drivers is the name of the device driver group created earlier in the deployment process), and then click OK.
Step 3-10: Update the LAB Deployment Point After configuring the Windows PE options for the LAB deployment point, update the deployment point. Updating the deployment point updates all the MDT 2008 Configuration files and generates a customized version of Windows PE. The customized version of Windows PE is used to start the reference computer and initiate the LTI deployment process. To update the LAB deployment point in Deployment Workbench 1521.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1522.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1523.In the details pane, click LAB. 1524.In the details pane, click Update. Deployment Workbench starts updating the LAB deployment point. When the process completes and the update is complete, Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Step 3-11: Create SMS 2003 OSD Deployment Point When the appropriate files have been added to Deployment Workbench, create the MDT 2008 deployment point to be used as the source for the SMS 2003 OSD Feature Pack, which is known as an SMS 2003 OSD–type deployment point. Create the SMS 2003 OSD–type deployment point in the Deployment Point node in Deployment Workbench by using the New Deployment Point Wizard. The New Deployment Point Wizard copies the appropriate files from the distribution share to the new SMS 2003 OSD deployment point. To create an SMS 2003 OSD deployment point in Deployment Workbench 1525.Click Start, and then point All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1526.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1527.In the details pane, click New. The New Deployment Point Wizard starts. 1528.Complete the New Deployment Point Wizard by using the information in Table 23. Table 23. Information for Completing the New Deployment Point Wizard On this wizard page
Do this
Choose Type
Click SMS 2003 OSD, and then click Next.
Specify Deployment Point Name
Click Next.
Network Share
In Path for share, type E:\ZTI, and then click Next.
Configure User State
Click Next.
OSD File Path
In SMS 2003 OSD path, type E:\SMS\OSD. Click Finish.
The New Deployment Wizard finishes, and the SMS 2003 OSD deployment point is added to the list of deployment points. However, the E:\ZTI folder is not created until the deployment point is updated later in the deployment process.
Step 3-12: Configure the Windows PE Options for the SMS 2003 OSD Deployment Point When the SMS 2003 OSD deployment point has been created, configure the Windows PE configuration options for the SMS 2003 OSD deployment point. Configure the Windows PE options for the SMS 2003 OSD type deployment point in the Deployment Point node in Deployment Workbench. Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows Vista, skip this step and proceed with the following step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
29
To configure the Windows PE options for the SMS 2003 OSD deployment point in Deployment Workbench 1529.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1530.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1531.In the details pane, click OSD. 1532.In the details pane, click Properties. The OSD Properties dialog box appears. 1533.In the OSD Properties dialog box, click the Windows PE 2004/2005 tab. 1534.Complete the Windows PE 2004/2005 tab by completing the following steps: r.
In Windows PE source, select Windows PE 2005.
s.
In Windows source, select Windows Server 2003 edition (where edition is the edition of Windows Server 2003 installed earlier in the deployment process).
t.
In Driver group, select device_drivers (where device_drivers is the name of the device driver group created earlier in the deployment process).
u. Click OK. The Windows PE configuration options for the SMS 2003 OSD deployment point are updated. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
Step 3-13: Update the SMS 2003 OSD Deployment Point When the SMS 2003 OSD deployment point has been created, configure the Windows PE configuration options for the SMS 2003 OSD deployment point. Configure the Windows PE options for the SMS 2003 OSD type deployment point in the Deployment Point node in Deployment Workbench. To configure the Windows PE options for the SMS 2003 OSD deployment point in Deployment Workbench 1535.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1536.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1537.In the details pane, click OSD. 1538.In the details pane, click Update. Deployment Workbench starts updating the SMS 2003 OSD deployment point. At the end of the update process, the E:\ZTI$ folder is created and shared as the OSD distribution point for MDT 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
Deployment Workbench creates the Generic_OSD_x86.iso file in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). In addition, a “flat” folder structure is created in the deployment_point_share\Boot\Source folder for directly updating the SMS 2003 OSD Feature Pack. The deployment_point_share\Boot\Source folder is used later in the deployment process to update the version of Windows PE that the SMS 2003 OSD Feature Pack in Systems Management Server uses.
Step 3-14: Update the Version of Windows PE in the SMS 2003 OSD Feature Pack The SMS 2003 OSD Feature Pack comes with an earlier version of Windows PE. The version of Windows PE that the SMS 2003 OSD Feature Pack uses must be updated to the version that MDT 2008 generated earlier in the deployment process. Later in the process, an SMS 2003 OSD Operating System Installation CD will be created that that will be used to install the reference and target computers. To update the version of Windows PE in the SMS 2003 OSD Feature Pack 1539.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1540.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1541.In the console tree, right-click Image Packages, click All Tasks, and then click Update Windows PE. The Update Windows PE Wizard starts. 1542.Complete the Update Windows PE Wizard using the information listed in Table 24. Table 24. Information for Completing the Update Windows PE Wizard On this wizard page
Do this
Welcome to the Update Windows PE Wizard
Click Next.
Windows PE settings
In the Source folder box, type E:\ZTI\Boot\Source, and then click Next.
Window PE Update Complete
Click Finish.
Note The source folder location cannot be a network Universal Naming Convention (UNC) path. It must be a locally accessible folder, because the SMS 2003 OSD Feature Pack will skip empty folders when accessed over a network path. This causes Windows Management Instrumentation (WMI) not to function correctly in the resulting Windows PE image.
1543.Close SMS Administrator Console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 3
31
Step 3-15: Create the OSD Operating System Image Capture CD SMS 2003 OSD Feature Pack–captured images can only be deployed by using the SMS 2003 OSD Feature Pack. An SMS 2003 OSD Feature Pack–compatible image of a reference computer is created by starting the reference computer with the OSD Operating System Image Capture CD. The OSD Operating System Image Capture CD is created by running the Operating System Image Capture CD Wizard in the Image Packages node in SMS Administrator Console. To create the OSD Operating System Image Capture CD 1544.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1545.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1546.In the console tree, right-click Image Packages, point to All Tasks, and then click Create Operating System Image Capture CD. The Operating System Image Capture CD Wizard starts. 1547.Complete the Operating System Image Capture CD Wizard using the information listed in Table 25. Table 25. Information for Completing the Operating System Image Capture CD Wizard On this wizard page
Do this
Welcome to the Operating System Image Capture CD Wizard
Click Next.
Windows PE settings
Click Next.
Create CD image
In File name, type E:\Images$\OSD_Image_Capture.iso.
CD Creation Complete
Click Finish.
1548.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
Step 3-16: Create the OSD Operating System Image Capture CD Bootable Media Provide a method for starting the reference computer with the OSD Operating System Image Capture CD created when the Operating System Image Capture CD Wizard was run in SMS Administrator Console. The OSD_Image_Capture.iso file was saved in the E:\Images$ folder. To create the OSD Operating System Image Capture CD bootable media 1549.In Windows Explorer, go E:\Images$. 1550.Based on the type of computer used for the reference computer (WDG-REF-01), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the OSD_Image_Capture.iso file.
•
If the reference computer is a VM, start the Operating System Image Capture CD Wizard directly from the OSD_Image_Capture.iso file or from a CD or DVD of the OSD_Image_Capture.iso file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 4: Depl oy W indo ws V ist a and Ca ptur e an I ma ge o f the Refer ence Co mpute r When the task sequence to deploy Windows Vista to the reference computer has been created and an image of the reference computer captured, start the task sequence. Initiate the operating system deployment and capture by starting the reference computer with the LTI bootable media. To deploy Windows Vista and capture an image of the reference computer 1551.Create the LTI bootable media disk. 1552.Start the reference computer with the LTI bootable media. 1553.Run the SMS 2003 Image Capture Wizard on the reference computer.
Step 4-1: Create the LTI Bootable Media A method must be provided for starting the computer with the customized version of Windows PE created when the LAB deployment point was updated. Deployment Workbench creates the LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files in the deployment_point_share\Boot folder (where deployment_point_share is the shared folder used as the deployment point share). Create the appropriate LTI bootable media from one of these images. To create the LIT bootable media 1554.In Windows Explorer, go to E:\Distribution\Boot. 1555.Based on the type of computer used for the reference computer (WDG-REF-01), perform one of the following tasks: •
If the reference computer is a physical computer, create a CD or DVD of the .iso file.
•
If the reference computer is a VM, start the VM directly from the .iso file or from a CD or DVD of the .iso file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Step 4-2: Start the Reference Computer with the LTI Bootable Media Start the reference computer (WDG-REF-01) with the LTI bootable media created earlier in the process. This CD starts Windows PE on the reference computer and initiates the MDT 2008 deployment process. At the end of the MDT 2008 deployment process, Windows Vista is deployed on the reference computer. Note The MDT 2008 process can also be initiated by starting the target computer from Windows Deployment Services. For more information, see the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for Lite Touch Tools.
To start the reference computer with the LTI bootable media 1556.Start WDG-REF-01 with the LTI bootable media created earlier in the process. Windows PE starts, and then the Windows Deployment Wizard starts. 1557.Complete the Windows Deployment Wizard by using the information in Table 26. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 4
35
Table 26. Information for Completing the Windows Deployment Wizard On this wizard page
Do this
Welcome to Deployment
Click Run the Deployment Wizard to install a new operating system, and then click Next.
Specify Credentials for connecting to network shares.
In User Name, type Administrator. In Password, type P@ssw0rd. In Domain, type CORP. Click OK.
Select a task sequence to execute on this computer.
Click Next.
Configure the computer In Computer name, type WDG-REF-01, and then click name Next. Join the computer to a domain or workgroup
Click Next.
Specify whether to restore user data
Click Next.
Locale Selection
Click Next.
Set the Time Zone
Click Next.
Select one or more applications to install
Select the SMS 2003 Advanced Client SP3 check box, and then click Next.
Administrator Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd, and then click Next.
Specify whether to capture an image
Click Prepare to capture the machine, and then click Next.
Ready to begin
Click Begin.
The wizard starts, and the operating system deployment starts. At the end of the MDT 2008 deployment process, the Deployment Summary dialog box is displayed. Typically, no errors or warnings should occur in the MDT 2008 deployment process. However, if any errors or warnings should occur, consult the MDT 2008 document, Troubleshooting Reference. 1558.In the Deployment Summary dialog box, click Details. If any errors or warnings occurred, review the errors or warnings, and record any diagnostic information. 1559.In the Deployment Summary dialog box, click Finish. Windows Vista is now installed on the reference computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Step 4-3: Run the SMS 2003 Image Capture Wizard After Windows Vista is deployed to the reference computer, capture an image of the reference computer by using the SMS 2003 Image Capture Wizard. The SMS 2003 Image Capture Wizard is on the OSD Operating System Image Capture CD created earlier in the deployment process. Run the SMS 2003 Image Capture Wizard in Windows Vista immediately after Windows Vista is deployed. Note The SMS 2003 Image Capture Wizard requires that the Systems Management Server Advance Client be installed on the reference computer.
To run the SMS 2003 Image Capture Wizard 1560.Insert the SMS 2003 OSD Operating System Image Capture CD in the reference computer. 1561.In Windows Explorer, go to the root of the CD, and then double-click osdicw.exe. SMS 2003 Image Capture Wizard starts. 1562.Complete the SMS 2003 Image Capture Wizard by using the information in Table 27. Accept the default values unless otherwise specified. Table 27. Information for Completing the SMS 2003 Image Capture Wizard On this wizard page
Do this
Welcome to the SMS 2003 Image Capture Wizard
Click Next.
Image Destination
In Image file name, type WDG-REF-01.wim. In Network location, type \\WDG-MDT-01\Capture$. In Account name, type CORP\Administrator In Password, type P@ssw0rd. Click Next.
Sysprep information
In Local Administrator’s Password and Confirm Password, type P@ssw0rd. Click Next.
Image Properties
Click Next.
Capture Image
Click Finish.
The reference computer shuts down after the SMS 2003 Image Capture Wizard finishes. Note When restarting the reference computer, do so from the SMS 2003 OSD Operating System Image Capture CD.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 4
37
1563.Start reference computer with the OSD Operating System Image Capture CD bootable media. The customized version of Windows PE on the SMS 2003 OSD Operating System Image Capture CD bootable media starts, and the SMS 2003 Image Capture Wizard starts automatically. In a virtualized environment, this process can take more than an hour to finish. When the SMS 2003 Image Capture Wizard finishes, the SMS 2003 Image Capture dialog box appears. 1564.In the SMS 2003 Image Capture dialog box, click OK. The reference computer restarts in Windows Vista. 1565.Shutdown the reference computer. A captured image of the reference computer should exist in \\WDG-MDT01\Capture$\WDG-REF-01.wim.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 5: Conf igur e MD T 2008 and Syste ms Mana gement Ser ver t o Dep lo y W ind ows V ista to the Tar ge t C ompu ter After the image of the reference computer (MDT-REF-01) is captured, deploy the captured image to the target computer (MDT-CLI-01). The captured image is imported into Deployment Workbench by using the New OS Wizard. Then, create an MDT 2008 task sequence to deploy the captured image to the target computer. Also, configure the SMS 2003 OSD deployment point (OSD) created earlier in the process to use the new task sequence and captured image. To configure MDT 2008 and Systems Management Server to deploy Windows Vista to the target computer 1566.Add the captured image of the reference computer to Deployment Workbench. 1567.Create a task sequence for the target computer. 1568.Configure the task sequence for the SMS 2003 OSD deployment point. 1569.Customize the MDT 2008 configuration files. 1570.Customize the target computer task sequence. 1571.Update the SMS 2003 OSD deployment point. 1572.Create the Systems Management Server operating system package. 1573.Create the target computer operating system program. 1574.Customize the target computer operating system program. 1575.Select the disruption points for the operating system package.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
39
Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench To deploy the captured image of the reference computer to the target computer, add the captured image to the list of operating systems in the Operating Systems node in Deployment Workbench. The New OS Wizard copies the operating system files to the distribution share in Operating Systems\subfolder. To add the captured image of the reference computer to Deployment Workbench 1576.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1577.In the Deployment Workbench console tree, go to Deployment Workbench/Distribution Share/Operating Systems. 1578.In the details pane, click New. The New OS Wizard starts. 1579.Complete the New OS Wizard by using the information in Table 28. Table 28. Information for Completing the New OS Wizard On this wizard page
Do this
OS Type
Click Custom image file, and then click Next.
Image
In Source file, type E:\Capture$\WDG-REF01.wim. Click Next.
Setup
Click Next.
Destination
Click Finish.
The New OS Wizard finishes. The captured image of the reference computer (WDGREF-01) operating system is added to the list of operating systems in the information pane and is copied to the distribution\Operating Systems\subfolder folder (where distribution is the distribution folder created earlier in the process). 1580.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
Step 5-2: Create a Task Sequence for the Target Computer Create an MDT 2008 task sequences for the target computer in the Task Sequences node in Deployment Workbench by using the New Task Sequence Wizard. This task sequence is used to deploy the captured image of the reference computer to the target computer. To create a task sequence for deploying the captured image to the target computer 1581.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1582.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1583.In the details pane, click New. The New Task Sequence Wizard starts. 1584.Complete the New Task Sequence Wizard by using the information in Table 29. Accept the default values unless otherwise specified. Table 29. Information for Completing the New Task Sequence Wizard On this wizard page
Do this
General Settings
In Task sequence ID, type VISTA_TARGET. In Task sequence name, type Deploy Captured Image to Target Computer, and then click Next.
Select Template
In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next.
Select OS
In The following operating system images are available to be deployed with this task sequence. Select one to use, select SMS OSDImage in “WDG-REF-01\WDG-REF01.wim, and then click Next.
Specify Product Key
Click Do not specify a product key at this time, and then click Next.
OS Settings
In Full Name, type Woodgrove Employee. In Organization, type Woodgrove Bank. In Internet Explorer Home Page, type http://www.woodgrovebank.com. Click Next.
Admin Password
In Administrator Password and Please confirm Administrator Password, type P@ssw0rd, and then click Finish.
The New Task Sequence Wizard finishes, and the VISTA_TARGET task sequence is added to the list of task sequences. 1585.Close all open windows and dialog boxes. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
41
Step 5-3: Configure the Task Sequence for the SMS 2003 OSD Deployment Point When the task sequence to deploy the captured image of the reference computer to the target computer has been created, configure the task sequences for the SMS 2003 OSD deployment point to use. Configure which task sequences are available in the Deployment Point node in Deployment Workbench. To configure the task sequences for the SMS 2003 OSD deployment point to use 1586.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1587.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1588.In the details pane, click OSD. 1589.In the details pane, click Properties. The OSD Properties dialog box appears. 1590.In the OSD Properties dialog box, click the Task Sequences tab. 1591.In the Select the task sequences that should be supported by this deployment point list, clear the Deploy Vista to Reference Computer check box, and then click OK. 1592.Close all open windows and dialog boxes.
Step 5-4: Customize the MDT 2008 Configuration Files When the MDT 2008 task sequence has been created, customize the MDT 2008 configuration files that provide the configuration settings for deploying Windows Vista to the target computer. Specifically, customize the CustomSettings.ini file by modifying the file in the properties of the SMS 2003 OSD deployment point created earlier in the deployment process. In a later step, the SMS 2003 OSD deployment point will be updated to ensure that the configuration file is updated in the deployment point. To customize the MDT 2008 configuration files for the target computer 1593.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1594.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1595.In the details pane, click OSD. 1596.In the details pane, click Properties. The OSD Properties dialog box appears. 1597.In the OSD Properties dialog box, click the Rules tab. 1598.On the Rules tab, modify the CustomSettings.ini file to reflect the necessary changes as shown in Listing 1. Make any additional modifications the environment requires.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit 2008
Listing 1. Customized CustomSettings.ini File [Settings] Priority=Default [Default] OSInstall=Y [SMS] SQLServer=WDG-MDT-01 Database=SMS_NYC Table=v_Program Parameters=PackageID,ProgramName SQLShare=SMSClient 1599.On the Rules tab, click Edit Bootstrap.ini. Microsoft Notepad starts and loads Bootstrap.ini. 1600.In Notepad, modify the BootStrap.ini file to reflect the necessary changes as shown in Listing 2. Make any additional modifications the environment requires. Listing 2. Customized BootStrap.ini File [Settings] Priority=Default [Default] OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=NYC00001 OSDINSTALLPROGRAM=Windows Vista Target Program Note NYC00001 is the Package ID of the Windows Vista Target Image operating system image package created earlier in the process by using the test environment configured for this sample. If these steps are performed in the existing test environment, ensure that the OSDINSTALLPACKAGE value is set to the Package ID in the environment.
1601.In Notepad, on the File menu, click Exit. 1602.In the Notepad dialog box, click Yes. 1603.In the OSD Properties dialog box, click OK. 1604.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
43
Step 5-5: Customize the Target Computer Task Sequence For most deployments, the target computer task sequence created earlier in the process performs all the necessary steps without modification. However, the task sequence may have to be customized depending on the environment. Note No modifications are required for the task sequence to deploy the target computer in this sample. However, this is the point in the process where any changes to the task sequence for the target computers in the environment would be made.
To customize the target computer task sequence 1605.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1606.In the Deployment Workbench console tree, go to Deployment Workbench/Task Sequences. 1607.In the details pane, click VISTA_TARGET. 1608.In the details pane, click Properties. The VISTA_TARGET Properties dialog box appears. 1609.In the VISTA_TARGET Properties dialog box, click the Task Sequence tab. 1610.Make any modifications to the task sequence the environment requires, and then click OK. 1611.Close all open windows and dialog boxes.
Step 5-6: Update the SMS 2003 OSD Deployment Point When the task sequences available to the SMS 2003 OSD deployment point have been configured, update the deployment point to update the configuration files by using the Update action in the Deployment Point node in Deployment Workbench. To update the SMS 2003 OSD deployment point 1612.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1613.In the Deployment Workbench console tree, go to Deployment Workbench/Deploy/Deployment Point. 1614.In the details pane, click OSD. 1615.In the details pane, click Update. 1616.Close all open windows and dialog boxes. Deployment Workbench begins updating the SMS 2003 OSD deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit 2008
Step 5-7: Create the Systems Management Server Operating System Package Now that MDT 2008 has been fully configured to deploy the captured image, add the captured image to Systems Management Server. Add the captured image to Systems Management Server by using the New Operating System Package Wizard in the Image Packages node in SMS Administrator Console. To create the Systems Management Server operating system package 1617.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1618.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1619.In the console tree, right-click Image Packages, point to New, and then click Operating System Image Package. The New Operating System Package Wizard starts. 1620.Complete the New Operating System Package Wizard using the information listed in Table 30. Table 30. Information for Completing the New Operating System Package Wizard On this wizard page
Do this
Welcome to the New Operating System Package Wizard
Click Next.
Operating System Package settings
In Package name, type Windows Vista Target Image. In Image file, type \\WDG-MDT-01\Capture$\WDG-REF01.wim. In Package source, type \\WDG-MDT01\Packages$\Vista_Target. Click Next.
New Operating System Click Finish. Package Wizard Complete This process can take a few minutes to finish, and then the New Operating System Package Wizard dialog box appears. 1621.In the New Operating System Package Wizard dialog box, click OK. The New Operating System Package Wizard finishes, and the Windows Vista Target Image operating system package is added to the list of image packages. 1622.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
45
Step 5-7: Create the Target Computer Operating System Program To deploy the Windows Vista Target Image operating system package, create the program for deploying the operating system package. The image package program describes which commands to run to initiate the image deployment for each of the OSD phases. Create the operating system program by using the New Operating System Program Wizard in the Program node of the image package in SMS Administrator Console. To create the target computer operating system program 1623.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1624.In the SMS Administrator Console console tree, go to Site Database/Image Packages/Windows Vista Target Image/Programs. 1625.In the console tree, right-click Programs, point to New, and then click Operating System Program. The New Operating System Program Wizard starts. 1626.Complete the New Operating System Program Wizard using the information listed in Table 31. Table 31. Information for Completing the New Operating System Program Wizard On this wizard page
Do this
Welcome to the New Operating System Program Wizard
Click Next.
New Operating System In Name, type Windows Vista Target Program, and then Program options click Next. Licensing settings
Click Product key not required, and then click Next.
Membership settings
Click Domain. In Domain, type CORP. In Account, click Set. In the Set Account dialog box, perform the following steps: v.
In Account, type CORP\Administrator.
w. In Password and Confirm Password, type P@ssw0rd. x.
Click OK.
Click Next. New Operating System Click Finish. Program Wizard Complete This process can take a few minutes to finish. The New Operating System Program Wizard dialog box appears. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
1627.In the New Operating System Program Wizard dialog box, click OK. The New Operating System Program Wizard finishes, and the Windows Vista Target Program operating system program is added to the list of programs. 1628.Close all open windows and dialog boxes.
Step 5-8: Customize the Target Computer Operating System Program Before the operating system image package can be deployed to the target computer, the operating system program must be customized. The operating system program needs to know which commands to run for each SMS 2003 OSD Feature Pack phase, including the Validation, State Capture, Preinstall, Postinstall, and State Restore SMS 2003 OSD phases. As part of this configuration process, specify the folder containing the MDT 2008 files, and Systems Management Server will automatically make the MDT 2008 files available to the target computer during the deployment process. To customize the target computer operating system program 1629.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1630.In the SMS Administrator Console console tree, go to Site Database/Image Packages/Windows Vista Target Image/Programs. 1631.In the details pane, right-click Windows Vista Target Program, and then click Properties. 1632.In the Windows Vista Target Program Properties dialog box, click the Advanced tab. 1633.In Phase, select Validation, and then click Add. The Add Action: Validation dialog box appears. 1634.In the Add Action: Validation dialog box, click OK. The Custom Action dialog box appears. 1635.In the Custom Action dialog box, perform the following tasks: y.
In Name, type Microsoft Deployment – Validation.
z.
In Command line, type ZeroTouchInstallation.vbs
aa. Click Add. bb. In the Open dialog box, navigate to \\WDG-MDT-01\ZTI$\VISTA_TARGET. cc. In the Open dialog box, in Files of type, select All files (*.*). dd. In the Open dialog box, select all files in the VISTA_TARGET folder. Note
To select all files, press Ctrl + A in the Open dialog box.
ee. In the Open dialog box, then click OK. 1636.In the Custom Action dialog box, click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Quick Start Guide for Microsoft Systems Management Server 2003: Step 5
47
1637.Repeat steps 5–8, substituting the values for Phase and Name as listed in Table 32. Table 32. Information for Configuring the Operating System Program Advanced Properties Phase
Name
State Capture
Microsoft Deployment – State Capture
Preinstall
Microsoft Deployment – Preinstall
Postinstall
Microsoft Deployment – Postinstall
State Restore
Microsoft Deployment – State Restore
1638.In the Windows Vista Target Program Properties dialog box, click OK. This process can take a few minutes to finish while the wizard copies the file listed in each phase. Eventually, the Windows Vista Target Program Properties dialog box appears. 1639.In the Windows Vista Target Program Properties dialog box, click OK. 1640.Close all open windows and dialog boxes.
Step 5-9: Select Distribution Points for the Operating System Package As a final step in making the operating system package available to the target computer, select the Systems Management Server distribution points on which the package will be available. Later in the deployment process, the Operating System Image Installation CD bootable media will be created, and the target computer will be started with the bootable media. When the bootable media starts, the operating system package and operating system program created will be selected and deployed. Note In this sample, there is only one distribution point (WDG-MDT-01). However, most production networks have multiple distribution points. When performing this step in a production environment, select the appropriate distribution points for the network.
To select the distribution points for the operating system package 1641.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1642.In the SMS Administrator Console console tree, go to Site Database/Image Packages/Windows Vista Target Image. 1643.In the console tree, right click Windows Vista Target Image, point to All Tasks, and then click Manage Distribution Points. The Manage Distribution Points Wizard starts. 1644.Complete the Manage Distribution Points Wizard by using the information in Table 33. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
Table 33. Information for Completing the Manage Distribution Points Wizard On this wizard page
Do this
Welcome to the Manage Distribution Points Wizard
Click Next.
Manage Distribution Points
Click Next.
Copy Package
In Distribution points, select WDG-MDT-01, and then click Next.
Completing the Manage Distribution Points Wizard
Click Finish.
Wizard Completed
Click Close.
1645.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Step 6: Depl oy the Ca ptur ed Ima ge of t he R ef er ence C ompu ter to the Tar ge t Co mpute r After the image of the reference computer is captured and the task sequence is created and configured, deploy the captured image. Configure MDT 2008 and Systems Management Server to provide all the necessary configuration settings to deploy to the target computer. After initiating the deployment process, the image of the reference computer running Windows Vista is automatically deployed to the target computer and configured with the settings defined. To deploy the captured image of the reference computer to the target computer 1646.Create the Operating System Image Installation CD. 1647.Create the Operating System Image Installation CD bootable media. 1648.Start the target computer with the Operating System Image Installation CD bootable media.
Step 6-1: Create the Operating System Image Installation CD To deploy an operating system to a new computer that Systems Management Server does not currently manage, the new computer must be added to the Systems Management Server site database prior to initiating the operating system deployment process. Although Systems Management Server can automatically discover computers on the network that have a Windows operating system installed, if the computer has no operating system installed, the new computer information must be imported by using the Import Computer Information Wizard. To create the Operating System Image Installation CD 1649.Click Start, and then point to All Programs. Point to Systems Management Server, and then click SMS Administrator Console. 1650.In the SMS Administrator Console console tree, go to Site Database/Image Packages. 1651.In the console tree, right click Image Packages, point to All Tasks, and then click Create Operating System Image Installation CD. The Operating System Image Installation CD Wizard starts. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
l Release Notes
1652.Complete the Operating System Image Installation CD Wizard by using the information in Table 34. Accept the default values unless otherwise specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Release Notes
li
Table 34. Information for Completing the Operating System Image Installation CD Wizard On this wizard page
Do this
Welcome to the Operating System Image Installation Wizard
Click Next.
Installation settings
Select the Automatically choose the Operating System Package to install by running a custom program or script check box, and then click Next.
Install from SMS distribution points
In Operating System packages, select Windows Vista Target Image, and then click Next.
Automatically select Operating System Package
In File name, type \\WDG-MDT01\ZTI$\ZeroTouchInstallation.vbs. In User name, type CORP\Administrator. In Password and Confirm password, type P@ssw0rd. Click Next.
Windows PE settings
Click Next.
Create CD image
In Name, type MDT_2008_Install_CD. In File name, type \\WDG-MDT01\Images$\OSD_Image_Install.iso. Click Next.
CD Creation Complete
Click Finish.
When completed, the Operating System Installation CD Wizard creates the OSD_Image_Install.iso file in the E:\Images$ folder. This process can take a few minutes to finish. 1653.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
lii Release Notes
Step 6-2: Create the Operating System Image Installation CD Bootable Media A method must be created for starting the target computer with the OSD Operating System Image Installation CD created when the Operating System Image Installation CD Wizard was run in SMS Administrator Console. The OSD_Image_Install.iso file was saved in the E:\Images$ folder. To create the OSD Operating System Image Installation CD bootable media 1654.In Windows Explorer, go to E:\Images$. 1655.Based on the type of computer used for the target computer (WDG-CLI-01), perform one of the following tasks: •
If the target computer is a physical computer, create a CD or DVD of the OSD_Image_Install.iso file.
•
If the target computer is a VM, start the SMS 2003 Image Capture Wizard directly from the OSD_Image_Install.iso file or from a CD or DVD of the OSD_Image_Install.iso file.
Step 6-3: Start the Target Computer with the Operating System Image Installation CD Bootable Media Start the target computer (WDG-CLI-01) with the operating system image installation CD bootable media created earlier in the process. This bootable media starts Windows PE on the target computer and initiates the MDT 2008 process. At the end of the MDT 2008 process, Windows Vista is deployed on the target computer. Note The MDT 2008 process could also be initiated by starting the target computer from Windows Deployment Services.
To start the target computer with the operating system image capture CD bootable media 1656.Start WDG-CLI-01 with the operating system image bootable media created earlier in the process. Windows PE starts, and then the MDT 2008 deployment process starts. If problems occur during the deployment, consult the MDT 2008 document, Troubleshooting Reference. When successfully finished, the target computer is running Windows Vista and configured like the reference computer. 1657.Close all open windows and dialog boxes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Release Notes
liii
Release Notes Microsoft® Deployment Toolkit 2008 Update 1 Published: July 2008
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
liv Release Notes
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, BitLocker, Internet Explorer, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Introduction Welcome to Microsoft® Deployment Toolkit (MDT) 2008 Update 1. MDT 2008 Update 1 is the next version of MDT 2008, which updated Business Desktop Deployment (BDD) 2007. This release supports the deployment of the Windows Vista® (including Windows Vista with Service Pack 1 [SP1]), Windows® XP, Windows Server® 2008, and Windows Server 2003 operating systems. See the Getting Started Guide for information about installing MDT 2008 Update 1, updating BDD 2007, and becoming familiar with MDT 2008 Update 1 tools and guidance. Also see the Quick Start Guide for Lite Touch Installation, Quick Start Guide for Microsoft Systems Management Server 2003, or Quick Start Guide for Microsoft System Center Configuration Manager 2007 for an overview of the MDT 2008 Update 1 process, the goal of which is to deploy the Windows Vista operating system to a test computer. The following sections describe new features, known issues, and limitations of MDT 2008 Update 1.
Contents Using This Guide Application Installation Overview How MDT 2008 Installs Applications Application Deployment with MDT 2008 Lite Touch Deployment The System Center Configuration Manager Task Sequencer The Applications List Custom Tasks The MDT 2008 Database Zero Touch Deployment Systems Management Server/System Center Configuration Manager Packages and Programs Reference Applications by Program ID Deploy Applications Based on Existing Application Inventories Systems Management Server Add or Remove Programs Database System Center Configuration Manager Add or Remove Programs Database Maintain the Approved Applications List Preparing Applications for Silent Deployment Windows Installer Options Setup.exe Command Options Legacy Installers 2007 Office System/Microsoft Office 2003 Deployment Thick Image Installations
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
56
Microsoft Deployment Toolkit 2008
Thin Image Installations Repackaging Non-compliant Applications Application-Packaging Fundamentals Application Repackaging Tools Macrovision AdminStudio Wise Package Studio SMS Installer Deploying Challenging Applications Deploy Applications Using Scripting Deploy Applications Using AutoIT Introduction Selecting Deployment Methods Selecting Deployment Scenarios Choosing an Image Strategy Thick Image Thin Image Hybrid Image Creating the Image Add Operating Systems Sysprep Windows PE Add Device Drivers Add Updates Windows Vista and Windows Server 2008 Windows XP and Windows Server 2003 Add Language Packs Add Language Packs Offline Using System Center Configuration Manager Add Language Pack Online Using System Center Configuration Manager Windows XP and Windows Server 2003 Windows Vista and Windows Server 2008 Add Applications Configure Task Sequences Edit the Answer File Edit the Task Sequence Configure Deployment Points Customize Windows PE Capture an Image Deploying Applications
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
57
Repackaging Applications Deployment Infrastructure Security Protect Deployment Staging Areas Protect Production Deployment Servers Analyzing Deployment Targets Perform a Situation Analysis Gather Inventories Identify the Storage Requirements for Deployment Images Reduce Storage Requirements for Deployment Images Provide Sufficient Storage for User State Migration Data Provide Sufficient Storage for Computer Backup Provide Sufficient Storage for Application and Operating System Source Files Verify an Adequate Target Computer Configuration Verify Correct Target Computer Software Versions Verify Adequate Target Computer Resources Identify Differences in 64-bit and 32-bit Deployment Provide Adequate Network Capacity Determine the Required Infrastructure Introduction Reviewing the Deployment Processing Rules Identify the Deployment Components Task Sequences Scripts Configuration Files Configuration Database Environment Variables Log Files Customizing Task Sequences Deployment Workbench Task Sequences OS Packages Select the Packages Group for a Task Sequence Languages Patches Drivers Applications Custom Images
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
58
Microsoft Deployment Toolkit 2008
Systems Management Server Packages Languages Advertisements Drivers Custom Images SMS Installer System Center Configuration Manager Packages Advertisements Languages Drivers Custom Images Script Customizations Identify the CustomSettings.ini Syntax Sections in the CustomSettings.ini File Required Sections Optional Sections Properties in the CustomSettings.ini File Priority Reserved Property Properties Reserved Property Values in the CustomSettings.ini File Basic CustomSettings.ini File for LTI Basic CustomSettings.ini File for ZTI Identify the BootStrap.ini Syntax Configuration Property Customizations Select the Configuration Properties Select the Validate Phase Properties Select the State Capture Phase Properties Select the Preinstall Phase Properties Select the Install Phase Properties Select the Post Install Phase Properties Select the State Restore Properties Applying the Properties to Groups of Computers Select the Method for Grouping Computers Example: Computer Groupings Selected by Woodgrove Bank Apply the Properties to the Groups
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
59
Example: Group-Based Configuration Settings Selected by Woodgrove Bank Applying the Properties to Individual Computers Select the Methods for Identifying Computers Example: Computer Identification Method Selected by Woodgrove Example: Computer-Based Configuration Settings Selected by Woodgrove Configuring the Database Configuration Rules Configure the Rules in the CustomSettings.ini File Configure the Rules in the DWDB Configure the Property Values in the DWDB Create a New Roles Item Create a New Computers Item Create a New Locations Item Create a New Make and Model Item Configure CustomSettings.ini for Database Queries Modify the List of Incompatible BIOS Versions Modify the Task Sequence Disk Customizations Format and Partition Disks Convert Disks to Dynamic Enable Windows BitLocker Drive Encryption Enabling Windows BitLocker Drive Encryption Methods Disable Windows BitLocker Drive Encryption Network Customizations Capture Network Settings Capture Windows Settings Apply Network Settings Apply Windows Settings Configuring Conditional Task Sequence Steps Configure a Conditional Task Sequence Step IF Statements in Conditions Task Sequence Variables in Conditions Operating System Version in Conditions WMI Queries in Conditions Registry Settings in Conditions Installed Software in Conditions Folder Properties in Conditions
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
60
Microsoft Deployment Toolkit 2008
File Properties in Conditions Configuring Server Roles Configure AD DS Server Role Settings Requirements Automate Deployment MDT 2008 Components Deploy the AD DS Server Role Configure DNS Server Role Settings Requirements Automate Deployment MDT 2008 Components Deploy the DNS Server Role Configure DHCP Server Role Settings Requirements Automate Deployment MDT 2008 Components Deploy the DHCP Server Role Authorize the DHCP Server Role in Active Directory Introduction Terminology Prerequisites for MDT 2008 Deployment Server Prerequisites LTI Deployment Prerequisites ZTI Deployment for System Center Configuration Manager Prerequisites ZTI Deployment for Systems Management Server Prerequisites Target Computer Prerequisites Evaluating Security and Privacy for the Deployment Solution Upgrade and Migration Paths MDT 2008 Operating Systems Scenarios Preparing the Prerequisite Infrastructure Preparing the Prerequisite Infrastructure for System Center Configuration Manager Preparing the Prerequisite Infrastructure for Systems Management Server Installing MDT 2008 New Installation Upgrade from or Coexist with BDD 2007 or a Previous MDT Version
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
61
Coexist with BDD 2007 Upgrade from BDD 2007 Upgrade from a Previous Version of MDT Using LTI Deployment Upgrade from a Previous Version of MDT Using ZTI Deployment with Systems Management Server Upgrade from a Previous Version of MDT Using ZTI with System Center Configuration Manager Starting Deployment Workbench Program Folders Distribution Share Updating Required Components Team Guidance Technical Guides Reference Guides Other Documents Appendix A: Software Download Locations Appendix B: Preparing Windows 2000 Client Computers Appendix C: References Introduction Custom Images Thick or Thin Images Modifying Task Sequences Deployment Workbench Operating System Packages Languages Updates Out-of-Box Drivers Applications System Center Configuration Manager Use System Center Configuration Manager Packages with MDT 2008 Operating System Packages, Drivers, and Language Packs Add Applications to a Task Sequence Script Use in MDT 2008 Develop Custom Scripts Environment Class Logging Class Utility Class Database Class Create New Scripts
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
62
Microsoft Deployment Toolkit 2008
WMI Queries Customizing Actions Deployment Workbench Customizations Disk Customization Network Customization System Center Configuration Manager Customizations Disk Customization Network Customization Microsoft Deployment Toolkit Management Pack Document Version Get the Latest Management Pack and Management Pack Documentation What’s New Microsoft Deployment Toolkit Management Pack: Getting Started Before Importing the Management Pack Files to Download Other Requirements Optional Management Packs Support for Agentless Monitoring Create the Service Account Prepare the Event Collection Servers Create the Events Shared Folder Configure the Events Shared Folder Permissions Configure the CustomSettings.ini File Configure the OSDNewMachine Property Grant the Service Read Access to the System Center Configuration Manager and Systems Management Server Databases Grant the Service Access to the System Center Operations Manager SDK Service Import the Microsoft Deployment Toolkit Management Pack Install the Microsoft Deployment Management Pack Service Uninstall the Microsoft Deployment Management Pack Service Microsoft Deployment Toolkit Management Pack: Optional Configuration Configure the Management Server That the Service Uses Manage the List of Event Collection Server Folders Modify the Duration for Detecting Hung Computers Modify the Duration for Removing Monitored Computers After Deployment Is Complete Modify the Duration for Collecting New Monitoring Information
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
63
Change the Management Pack Service Log File Location and Name Change the Identity That the Microsoft Deployment Management Pack Service Uses Manage the List of System Center Configuration Manager or Systems Management Server Databases Configure Retention of the .tmp Files After Processing Configure Filtering of Events Recorded in the Operations Manager Database Understanding the Microsoft Deployment Toolkit 2003 Management Pack Objects That the Microsoft Deployment Toolkit Management Pack Discovers How Health Rolls Up Viewing Information in the System Center Operations Manager Operations Console Reports Technical Reference MDTComputer Class Attributes Rules Events MDT 2008–Related Events System Center Configuration Manager–Related Events Systems Management Server–Related Events Introduction Automating Deployment to a Specific Computer Configure a Database for Deployment Workbench Select the Method for Identifying Computers Create the Computer Settings Create Other Items Configure CustomSettings.ini Automating Deployment by Location Identify the Locations Create the Location and Location Settings Configure CustomSettings.ini Automating Deployment by Computer Make and Model Identify Make and Model Combinations Create Make and Model Combinations and Settings Configure CustomSettings.ini Automating Deployment by Role Identify the Roles
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
64
Microsoft Deployment Toolkit 2008
Create the Roles and Role Settings Associate the Roles Configure CustomSettings.ini Running Microsoft Deployment Toolkit 2008 Without WINS Configure DHCP with Appropriate DNS Scope Entries Configure Lmhosts Files for the Windows PE CD Images Create the Appropriate Folder Structure Create the Appropriate Lmhosts File Configure Active Directory Schema Extensions Customizing Deployment Based on Chassis Type Deploying Applications Based on Earlier Application Versions Deploying Operating Systems Using the Download and Execute Feature Configuration Process Define Collections Configure Advanced Client Computers Configure Operating System Programs and Advertisements Scripts Used in This Process Source Code for ZTICacheUtil.vbs Source Code for ZTICache.vbs Deploying Operating Systems Using System Center Configuration Manager Deploy Operating System Images to a Computer Deploy an Operating System Image to a New Computer Using Boot Media Deploy an Operating System Image to an Offline Computer Create Stand-Alone Media Create a Computer Association for a Side-by-Side Migration Initiate Operating System Image Deployments Using PXE Fully Automated LTI Deployment Scenario Fully Automated LTI Deployment for Refresh Computer Scenario Fully Automated LTI Deployment for Upgrade Computer Scenario Fully Automated LTI Deployment for New Computer Scenario Calling Web Services in MDT 2008 Connecting to Network Resources Distributing Device Drivers, Updates, and Language Packs Using Systems Management Server Packages Deploying the Correct Device Drivers to Computers with Same Hardware Devices but Different Make and Model Creating an Image of Windows Server 2003 R2
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
65
Creating a Windows Server 2003 R2 Image by Modifying the R2comp.inf File Creating a Windows Server 2003 R2 Image by Running R2 Component Installation at Startup Deploying Additional Mass Storage Drivers for Windows XP and Windows Server 2003 Unattended Installation of Mass Storage Device Drivers Additional Considerations Manually Enable the Installation of Mass Storage Device Drivers Automate the Installation of Mass Storage Device Drivers Additional Considerations Replacing an Existing Computer with a New Computer Using System Center Configuration Manager Create Computer Association Create a Task Sequence to Save User State Information from Existing Computer Modify CustomSettings.ini Properties for the Existing Computer Task Sequence Create a Task Sequence Advertisement for the Existing Computer Create a Task Sequence to Deploy the Operating System to the New Computer Modify CustomSettings.ini Properties for the New Computer Task Sequence Create a Task Sequence Advertisement for the New Computer Deploying an Operating System to a New Computer Not in the System Center Configuration Manager Database Configure the Web Service Setup Create the Pre-Execution Hook Configuring Conditional Task Sequence Steps Configure a Conditional Task Sequence Step IF Statements in Conditions Task Sequence Variables in Conditions Operating System Version in Conditions File Properties in Conditions Folder Properties in Conditions Registry Settings in Conditions WMI Queries in Conditions Installed Software in Conditions Complex Conditions Creating a Highly Scalable LTI Deployment Infrastructure Ensure That the Appropriate Infrastructure Exists
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
66
Microsoft Deployment Toolkit 2008
Add Content to MDT 2008 Prepare Windows Deployment Services Configure Distributed File System Replication (DFS-R) Prepare for SQL Server Replication Configure SQL Server Replication Configure a SQL Server Publisher Enable the Deployment Workbench Database for Replication Create a Publication of the Deployment Workbench Database Subscribe Child Deployment Servers to the Published Deployment Workbench Database Configure CustomSettings.ini Selecting a Local Microsoft Deployment Toolkit Server When Multiple Servers Exist Understand LocationServer.xml Understand How Microsoft Deployment Toolkit Uses LocationServer.xml Understand When to Use LocationServer.xml Create the LocationServer.xml File Create a LocationServer.xml File to Support Multiple Locations Create a LocationServer.xml File to Load-Balance Multiple Servers at Different Locations Add the LocationServer.xml File to the Extra Files Directory Update the BootStrap.ini File Update the Deployment Point Replacing an Existing Computer with a New Computer Using Lite Touch Installation Step 1: Create a Task Sequence to Capture the User State Step 2: Create a Task Sequence to Deploy Operating System and Restore the User State Step 3: Create a LAB Deployment Point Step 4: Customize the MDT 2008 Configuration Files Step 5: Configure the Windows PE Options for the LAB Deployment Point Step 6: Update the LAB Deployment Point Step 7: Create the LTI Bootable Media Step 8: Start the Existing Computer with the LTI Bootable Media Step 9: Start the New Computer with the LTI Bootable Media Integrating Custom Deployment Code into Microsoft Deployment Toolkit 2008 Choose the Appropriate Scripting Language Understand How to Leverage ZTIUtility Use the ZTIUtility Logging Class
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
67
Use the ZTIUtility Environment Class Use the ZTIUtility Utility Class Integrate Custom Deployment Code Deploy Custom Code As a Microsoft Deployment Toolkit Application Add the Custom Code As a Task Sequence Step Run Custom Code As a User Exit Script Installing Device Drivers Using Various Installation Methods Determine Which Method to Use to Install a Device Driver Install Device Drivers Using the Out-of-Box Drivers Method Install Device Drivers As an Application Add the Device Driver Application to Deployment Workbench Specify the Device Driver Application As Part of a Task Sequence Specify the Device Driver Application in CustomSettings.ini Specify the Device Driver Application in the Deployment Workbench Database Initiating Microsoft Deployment Toolkit Using Windows Deployment Services Option 1: Boot Computers in PXE to Initiate the LTI Process Create and Import the Deployment Workbench Windows PE Image into Windows Deployment Services Use Windows Deployment Services to Automatically Detect the Deployment Server Option 2: Deploy an Operating System Image from the Windows Deployment Services Store Option 3: Use Multicasting with Microsoft Deployment Toolkit and Windows Server 2008 Windows Deployment Services Role Option 4: Configure Windows Deployment Services PXE Filter Provider to Allow Configuration Manager to Respond to Unknown Computers Install the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider Enable Logging on the Microsoft Deployment Toolkit Windows Deployment Services PXE Filter Provider Performing Staged Deployments Using Microsoft Deployment Toolkit (OEM Preload) Overview of the OEM Preload Process in Microsoft Deployment Toolkit Overview of Microsoft Deployment Toolkit Configuration Files in the OEM Preload Process Overview of Microsoft Deployment Toolkit Log Files in the OEM Preload Process Staged Deployments Using Lite Touch Installation LTI OEM Preload Process - Phase 1: Create a Media-Based Image LTI OEM Preload Process - Phase 2: Apply the Image to the Target Computer
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
68
Microsoft Deployment Toolkit 2008
LTI OEM Preload Process - Phase 3: Complete Target Computer Deployment Staged Deployments Using System Center Configuration Manager and Microsoft Deployment Toolkit System Center Configuration Manager OEM Preload Process - Phase 1: Create a Media-Based Image System Center Configuration Manager OEM Preload Process - Phase 2: Apply the Image to the Target Computer System Center Configuration Manager OEM Preload Process - Phase 3: Complete Target Computer Deployment Quick-Start Guide and Checklist Planning Phase Developing Phase Stabilizing Phase Deploying Phase Introduction Prerequisites Overview of 2007 Office System Deployment Plan for Deployment Choose the Right Package Define the 2007 Office System Settings Office Deployment Tools Identify the Upgrade Issues Identify SMEs Identify Chained Applications Install 2007 Office System Updates Additional Considerations Customize the 2007 Office System Create a Distribution Point Create a Setup Customization File Manually Test the Configuration Change the Setup Customization File to Perform a Silent Installation Integrate 2007 Office Release Programs into MDT 2008 Test 2007 Office System Deployment Pilot 2007 Office System Deployment Candidates for Pilot Deployment Deploy the 2007 Office System to Production Use Group Policy Transition to IT Operations Introduction
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
69
Configuring the Appropriate Processing Rules Preparing the Deployment Environment Install System Center Configuration Manager Install MDT 2008 Enable Configuration Manager Console Integration Configuring the Appropriate Resource Access Configure the Network Access Account Create Additional Shared Folders Configure Shared Folder Permissions Configure Access to Other Resources Configuring System Center Configuration Manager to Respond to PXE Boot Requests Define Computers to System Center Configuration Manager Boot Media PXE Boot Identifying the Packages and Images Required by the Task Sequence Templates Advertising the Task Sequence Updating Packages, Images, and Task Sequences Next Steps Introduction Preparing the Deployment Environment Install the SMS 2003 OSD Feature Pack Install MDT 2008 Create the SMS 2003 OSD Deployment Point Configuring Appropriate Resource Access Configure Client Access Accounts Create Additional Shared Folders Configure Shared Folder Permissions Configure Access to Other Resources Configure the Package Selection Phase Credentials Configuring the ZTI Operating System Image Capture an Image with the SMS 2003 OSD Feature Pack Configure the OSD Phase Actions Configure the Validation Phase Actions Configure the State Capture Phase Actions Configure the Preinstall Phase Actions Configure the Postinstall Phase Actions Configure the State Restore Phase Actions
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
70
Microsoft Deployment Toolkit 2008
Creating an Old Computer Systems Management Server Package and Program Creating a Customized Windows PE Image for the SMS 2003 OSD Feature Pack Customize Windows PE Customize Windows PE Using Deployment Workbench Customize Windows PE Manually Provide Access to the Contents of the Windows PE ISO File Import the Customized Version of Windows PE into the SMS 2003 OSD Feature Pack Create the SMS 2003 OSD Feature Pack Operating System Installation CD Preparing the Windows Deployment Services Server Select the Windows Deployment Services Operational Mode Configure the Windows Deployment Services Server Disable Creation of the Windows PE Computer Account in the AD DS Domain Disable Unexpected Write Access to the Windows Deployment Services Server Automate the Windows Deployment Services Client Installation Wizard Add Network Adapter Support to the Windows Deployment Services Legacy Image Restart Windows Deployment Services on the Windows Deployment Services Servers Running the Deployment Wizard Appendix: Extending Systems Management Server by Editing SMS_def.mof Introduction Prerequisites Required Software Computer Configuration Step 1: Prepare the Prerequisite Infrastructure Step 1-1: Install Windows Server 2003 with SP2 Step 1-2: Create Required Folders and Shares Step 1-3: Obtain the Required Software Step 1-4: Install AD DS Step 1-5: Install DHCP Server Step 1-6: Install IIS 6.0 Step 1-7: Enable the WebDAV ISAPI Extension Step 1-8: Install Additional Software Step 1-9: Create the User and Service Accounts
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
71
Step 1-10: Install USMT Step 1-11: Install SQL Server 2005 with SP2 Step 1-12: Add Site Server to the Administrators Security Group Step 1-13: Install System Center Configuration Manager Step 1-14: Configure the Network Access Account Step 1-15: Configure the Configuration Manager Site Boundaries Step 1-16: Configure Publishing of Site Information Step 1-17: Configure the Drive for Storing Package Source Files Step 1-18: Configure the Distribution Point to Be BITS Enabled Step 2: Prepare the MDT 2008 Environment Step 2-1: Install MDT 2008 Step 2-2: Enable Configuration Manager Console Integration Step 3: Import and Configure a Task Sequence to Create a Reference Computer Step 3-1: Create an MDT 2008 Task Sequence for the Reference Computer Step 3-2: Select Distribution Points for Packages and Images Step 3-3: Add Necessary Device Drivers Step 3-4: Customize MDT 2008 Configuration Files Step 3-5: Update Distribution Points for the Custom Settings Package Step 3-6: Customize the Reference Computer Task Sequence Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer Step 4-1: Add the Reference Computer to the Configuration Manager Site Database Step 4-2: Create a Collection for the Reference Computer Step 4-3: Create an Advertisement for the Reference Computer Task Sequence Step 4-4: Create Task Sequence Bootable Media Step 4-5: Start the Reference Computer with the Task Sequence Bootable Media Step 5: Import and Configure a Task Sequence to Deploy the Target Computer Step 5-1: Create an MDT 2008 Task Sequence for the Target Computer Step 5-2: Select Distribution Points for Packages and Images Step 5-3: Customize the MDT 2008 Configuration Files Step 5-4: Update Distribution Points for the Custom Settings Package Step 5-5: Customize the Target Computer Task Sequence Step 6: Deploy the Captured Image of the Reference Computer to the Target Computer
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
72
Microsoft Deployment Toolkit 2008
Step 6-1: Add the Target Computer to the Configuration Manager Site Database Step 6-2: Create a Collection for the Target Computer Step 6-3: Create an Advertisement for the Task Sequence Step 6-4: Start the Target Computer with the Task Sequence Bootable Media Introduction Prerequisites Required Software Computer Configuration Step 1: Prepare the Prerequisite Infrastructure Step 1-1: Obtain the Required Software Step 2: Prepare the MDT 2008 Environment Step 2-1: Install MDT 2008 Step 2-2: Install Windows AIK Step 3: Configure MDT 2008 to Create the Reference Computer Step 3-1: Create the Distribution Share Step 3-2: Add Operating System Files to the Distribution Share Step 3-3: Add the Device Drivers Step 3-4: Create a Task Sequence for the Reference Computer Step 3-5: Create a LAB Deployment Point Step 3-6: Configure the Windows PE Options for the LAB Deployment Point Step 3-7: Update the LAB Deployment Point Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer Step 4-1: Create the LTI Bootable Media Step 4-2: Start the Reference Computer with the LTI Bootable Media Step 5: Configure MDT 2008 to Deploy Windows Vista to the Target Computer Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench Step 5-2: Create a Task Sequence for the Target Computer Step 6: Deploy the Captured Image of the Reference Computer to the Target Computer Step 6-1: Start the Target Computer with the LTI Bootable Media Introduction Prerequisites Required Software Computer Configuration Step 1: Prepare the Prerequisite Infrastructure
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
73
Step 1-1: Install Windows Server 2003 with SP2 Step 1-2: Create Required Folders and Shares Step 1-3: Obtain the Required Software Step 1-4: Install AD DS Step 1-5: Install DHCP Server Step 1-6: Install IIS 6.0 Step 1-7: Enable the WebDAV ISAPI Extension Step 1-8: Install Additional Software Step 1-9: Create the User and Service Accounts Step 1-10: Install SQL Server 2005 with SP2 Step 1-11: Install Systems Management Server Step 1-12: Install the SMS 2003 OSD Feature Pack Step 1-13: Install Systems Management Server SP3 Step 1-14: Configure the Network Access Account Step 1-15: Configure the Drive for Storing Package Source Files Step 1-16: Configure the Default Management Point Step 1-17: Configure the Distribution Point to Be BITS Enabled Step 2: Prepare the MDT 2008 Environment Step 2-1: Install MDT 2008 Step 2-2: Install Windows AIK Step 3: Configure MDT 2008 and Systems Management Server to Create the Reference Computer Step 3-1: Create the Distribution Share Step 3-2: Add Operating System Files to Distribution Share Step 3-3: Add the Device Drivers Step 3-4: Add Windows PE 2005 Step 3-5: Add Windows Server 2003 with SP1 Step 3-6: Add a Systems Management Server Advanced Client Application Step 3-7: Create a Task Sequence for the Reference Computer Step 3-8: Create a LAB Deployment Point Step 3-9: Configure the Windows PE Options for the LAB Deployment Point Step 3-10: Update the LAB Deployment Point Step 3-11: Create SMS 2003 OSD Deployment Point Step 3-12: Configure the Windows PE Options for the SMS 2003 OSD Deployment Point Step 3-13: Update the SMS 2003 OSD Deployment Point Step 3-14: Update the Version of Windows PE in the SMS 2003 OSD Feature Pack
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
74
Microsoft Deployment Toolkit 2008
Step 3-15: Create the OSD Operating System Image Capture CD Step 3-16: Create the OSD Operating System Image Capture CD Bootable Media Step 4: Deploy Windows Vista and Capture an Image of the Reference Computer Step 4-1: Create the LTI Bootable Media Step 4-2: Start the Reference Computer with the LTI Bootable Media Step 4-3: Run the SMS 2003 Image Capture Wizard Step 5: Configure MDT 2008 and Systems Management Server to Deploy Windows Vista to the Target Computer Step 5-1: Add the Captured Image of Reference Computer to Deployment Workbench Step 5-2: Create a Task Sequence for the Target Computer Step 5-3: Configure the Task Sequence for the SMS 2003 OSD Deployment Point Step 5-4: Customize the MDT 2008 Configuration Files Step 5-5: Customize the Target Computer Task Sequence Step 5-6: Update the SMS 2003 OSD Deployment Point Step 5-7: Create the Systems Management Server Operating System Package Step 5-7: Create the Target Computer Operating System Program Step 5-8: Customize the Target Computer Operating System Program Step 5-9: Select Distribution Points for the Operating System Package Step 6: Deploy the Captured Image of the Reference Computer to the Target Computer Step 6-1: Create the Operating System Image Installation CD Step 6-2: Create the Operating System Image Installation CD Bootable Media Step 6-3: Start the Target Computer with the Operating System Image Installation CD Bootable Media Introduction New Features General Installation Deployment Workbench Deployment Points Image Capture Deployment Process Account Access Device Drivers Disks and Partitioning
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
75
Windows BitLocker Drive Encryption User State Migration Internet Explorer Language Support Network Configuration Lite Touch Installation Zero Touch Installation Replace Computer Scenario Upgrade Computer Scenario Open Issues and Ways to Work Around Them in MDT 2008 Update 1 Installing System Center Configuration Manager Configuration Manager Console Start Configuration Manager Console Preparing System Center Configuration Manager for Deployment Import MDT 2008 Task Sequences Create New Task Sequences Using the Import Wizard Create a New Driver Package Import Drivers to System Center Configuration Manager Add Language Packs Add Updates Create an Operating System Image Capture Image Install an Existing Image Package Using the Import Microsoft Deployment Task Sequence Wizard and the Client Task Sequence Create a Client Replace Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard Create a Server Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard Targeting Drivers to a Specific Computer Introduction Task Sequence Steps Common Properties and Options for Task Sequence Step Types Common Properties Common Options Specific Properties and Settings for Task Sequence Step Types Apply Network Settings Authorize DHCP Capture Network Settings Configure ADDS Configure DHCP
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
76
Microsoft Deployment Toolkit 2008
Configure DNS Enable BitLocker Format and Partition Disk Gather Install Application Install Operating System Install Roles and Features Install Language Packs Offline Install Language Packs Online Install Updates Offline Restart Computer Run Command Line Run Command Line As Set Task Sequence Variable Validate Out-of-Box Task Sequence Steps Add Mass Storage Drivers to Sysprep.inf for XP and 2003 Apply Network Settings Apply Patches Apply Windows PE Backup Capture Groups Capture User State Check BIOS Configure Copy Media CD to Local Hard Disk for OEM Pre-installation Copy Scripts Copy Sysprep Files Create BitLocker Partition Enable BitLocker Enable OEM Disk Configuration End Phase Execute Sysprep Format and Partition Disk Gather Local Only Generate Application Migration File Inject Drivers Inject Storage Drivers for XP and 2003
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
77
Install Applications Install Operating System Install Packages Next Phase Post Apply Cleanup Prepare Computer for OEM Capture Restart Computer Restore Computer from OEM Capture Restore Groups Restore User State Set Diskpart BIOS Compatibility Mode Tatoo Validate Windows Update (Pre-Application Installation) Wipe Disk Properties Property Definition _SMSTSOrgName Administrators AdminPassword Applications Architecture AreaCode AssetTag BackupDir BackupDrive BackupShare BDEDriveLetter BDEDriveSize BDEInstall BDEInstallSuppress BDEKeyLocation BDEPin BDERecoveryKey BDEWaitForEncryption BitsPerPel BuildID CapableArchitecture
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
78
Microsoft Deployment Toolkit 2008
CaptureGroups ComputerBackupLocation ComputerName CountryCode Database DBID DBPwd DefaultGateway DeployDrive DeploymentMethod DeploymentType DeployRoot Dialing DoCapture DomainAdmin DomainAdminDomain DomainAdminPassword DomainOUs DriverGroup DriverPaths EventShare FullName Groups HALName Home_Page HostName InputLocale Instance IPAddress IsDesktop IsLaptop IsServer IsServerCoreOS IsServerOS JoinDomain JoinWorkgroup KeyboardLocale LanguagePacks
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
79
LoadStateArgs Location LongDistanceAccess MACAddress MachineObjectOU Make MandatoryApplications Memory Model NetLib Order OrgName OSDBitLockerCreateRecoveryPassword OSDBitLockerMode OSDBitLockerRecoveryPassword OSDBitLockerStartupKey OSDBitLockerStartupKeyDrive OSDBitLockerTargetDrive OSDBitLockerWaitForEncryption OSDComputerName OSCurrentBuild OSCurrentVersion OSDInstallPackage OSDInstallProgram OSDInstallSilent OSDMP OSDNewMachineName OSDSiteCode OSFeatures OSInstall OSRoles OSRoleService OSVersion OverrideProductKey PackageGroup Packages Parameters ParameterCondition
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
80
Microsoft Deployment Toolkit 2008
Phase Port PowerUsers Priority ProcessorSpeed Product ProductKey Properties ResourceDrive ResourceRoot Role ScanStateArgs SerialNumber SkipAdminPassword SkipApplications SkipAppsOnUpgrade SkipBDDWelcome SkipBitLocker SkipBuild SkipCapture SkipComputerBackup SkipComputerName SkipDeploymentType SkipDomainMembership SkipFinalSummary SkipLocaleSelection SkipPackageDisplay SkipProductKey SkipSummary SkipTaskSequence SkipTimeZone SkipUserData SkipWizard SLShare SQLServer SQLShare StorageDriverGroup StorageDriverSysprepGroup
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
81
StoredProcedure Table TaskSequenceID TimeZone TimeZoneName TPMOwnerPassword UDDir UDProfiles UDShare UILanguage UserDataLocation UserDomain UserID UserLocale UserPassword USMTConfigFile USMTMigFiles UUID VRefresh WDSServer WipeDisk WUMU_ExcludeKB WUMU_ExcludeID WSUSServer XResolution YResolution Providing Properties for Skipped Windows Deployment Wizard Pages Scripts BDD_Autorun.wsf Arguments Properties BDD_Welcome_ENU.xml Arguments Properties Credentials_ENU.xml Arguments Properties Credentials_scripts.vbs
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
82
Microsoft Deployment Toolkit 2008
Arguments Properties DeployWiz_Definition_ENU.xml Arguments Properties DeployWiz_Initialization.vbs Arguments Properties DeployWiz_Validation.vbs Arguments Properties LiteTouch.vbs Arguments Properties LiteTouch.wsf Arguments Properties LTIApply.wsf Arguments Properties LTICleanup.wsf Arguments Properties LTICopyScripts.wsf Arguments Properties LTIGetFolder.wsf Arguments Properties LTIOEM.wsf Arguments Properties LTISysprep.wsf Arguments Properties NICSettings_Definition_ENU.xml Arguments Properties
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
83
Summary_Definition_ENU.xml Arguments Properties Summary_scripts.vbs Arguments Properties Wizard.hta Arguments Properties WizUtility.vbs Arguments Properties ZeroTouchInstallation.vbs Arguments Properties ZeroTouchInstallation.wsf Arguments Properties ZTIApplications.wsf Arguments Properties ZTIAppXmlGen.wsf Arguments Properties ZTIAuthorizeDHCP.wsf Arguments Properties ZTIBackup.wsf Arguments Properties ZTIBCDUtility.vbs Arguments Properties ZTIBde.wsf Arguments Properties ZTIBIOSCheck.wsf Arguments
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
84
Microsoft Deployment Toolkit 2008
Properties ZTICoalesce.wsf Arguments Properties ZTIConfigure.wsf Arguments Properties ZTIConfigureADDS.wsf Arguments Properties ZTIConfigureDHCP.wsf Arguments Properties ZTIConfigureDNS.wsf Arguments Properties ZTIConnect.wsf Arguments Properties ZTICopyLogs.wsf Arguments Properties ZTIDeterminePartition.wsf Arguments Properties ZTIDiskpart.wsf Arguments Properties ZTIDiskUtility.vbs Arguments Properties ZTIDrivers.wsf Arguments Properties ZTIGather.wsf Arguments Properties ZTIGroups.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
85
Arguments Properties ZTILangPacksOnline.wsf Arguments Properties ZTIMoveStateStore.wsf Arguments Properties ZTINextPhase.wsf Arguments Properties ZTINICConfig.wsf Arguments Properties ZTINICUtility.vbs Arguments Properties ZTIOEM.wsf Arguments Properties ZTIOSRole.wsf Arguments Properties ZTIPackages.wsf Arguments Properties ZTIPatches.wsf Arguments Properties ZTIPrereq.vbs Arguments Properties ZTISCCM.wsf Arguments Properties ZTISetVariable.wsf Arguments Properties
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
86
Microsoft Deployment Toolkit 2008
ZTIStorageDrivers.wsf Arguments Properties ZTIStorageDriversSysprep.wsf Arguments Properties ZTITatoo.wsf Arguments Properties ZTIUserState.wsf Arguments Properties ZTIUtility.vbs Arguments Properties ZTIValidate.wsf Arguments Properties ZTIWindowsUpdate.wsf Arguments Properties ZTIWipeDisk.wsf Arguments Properties Support Files Applications.xml BootStrap.ini CustomSettings.ini Databases.xml Deploy.xml Drivers.xml DriverGroups.xml ListOfLanguages.xml OperatingSystems.xml Packages.xml ServerManager.xml TaskSequences.xml TS.xml
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
87
Variables.dat Wimscript.ini ZTIBIOSCheck.xml ZTIConfigure.xml ZTIDiskpart.txt ZTIGather.xml ZTISupportedPlatforms.xml ZTITatoo.mof Utilities BCDEdit.exe Arguments BDDRun.exe Arguments BdeHdCfg.exe Arguments Bootsect.exe Arguments Compact.exe Arguments Diskpart.exe Arguments Expand.exe Arguments ImageX.exe Arguments Microsoft.BDD.PnpEnum.exe Arguments Mofcomp.exe Arguments Netsh.exe Arguments Reg.exe Arguments Regsvr32.exe Arguments Wdsmcast.exe Arguments Wpeutil.exe
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
88
Microsoft Deployment Toolkit 2008
Arguments Tables and Views in the Deployment Workbench Database Tables in the Deployment Workbench Database Views in the Deployment Workbench Database Introduction Preparing the Deployment Environment Ensure the Required Infrastructure Exists Install MDT 2008 Create Deployment Points Select the Appropriate Deployment Point Types Create Additional Deployment Points Update Deployment Point Content Configuring the Appropriate Processing Rules Preparing the Windows Deployment Services Server Select the Windows Deployment Services Operational Mode Add Boot Images to the Windows Deployment Services Server Pre-stage Target Computers for Windows Deployment Services Configuring MDT 2008 and Windows Deployment Services for Multicast Operation Enabling Multicast Deployments on a Lab or Single-Server Deployment (Lab) Deployment Point Enabling Multicast Deployments on a Separate deployment share (Network) Deployment Point Configuring the Appropriate Resource Access Create Additional Shared Folders Configure Shared Folder Permissions Configure Access to Other Resources Updating the Deployment Points Running the Windows Deployment Wizard Introduction Known Issues and Work-Arounds Deployment Workbench Adding Custom Vista WIMs Removing Operating Systems Windows Deployment Services Understanding Logs MDT 2008 Logs Operating System Logs Windows Vista
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
89
Windows XP System Center Configuration Manager Operating System Deployment Logs SMS 2003 OSD Feature Pack Logs User State Migration Tool Logs Identifying Error Codes Converting Error Codes Review of Sample Logs Failure to Access the Database Troubleshooting Application Installation Blocked Executables Lost Network Connections The 2007 Microsoft Office System BIOS Database Problems Named Pipe Connections Deployment Scripts Credentials_script ZTIWindowsUpdate Deployment Wizard Wizard Pages Are Not Skipped Disks and Partitioning BitLocker Drive Encryption Disk Partitioning Errors Driver Installation Troubleshooting Device Installation with SetupAPI.log Logon Security Banners New Computer Deployments Failure to Copy .Log Files to Shared Folders PXE Boot Printers Restarting the Deployment Process Sysprep Joining a Domain The Computer Account Is In the Wrong OU Execution Limit System Center Configuration Manager
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
90
Microsoft Deployment Toolkit 2008
Systems Management Server Task Sequences Apply Network Settings Upgrading from BDD 2007—Missing Task Sequence Steps Using Continue on Error User State Migration Tool Missing Desktop Shortcuts USMT-Related Errors During Deployment—Error 1618 Windows Imaging Format (WIM) Files Corrupt WIM File Windows PE Deployment Process Not Initiated—Limited RAM Deployment Process Not Initiated—Missing Components Deployment Process Not Initiated—Missing or Incorrect Drivers Deployment Process Flow Charts LTI/ZTI with SMS 2003 OSD Feature Pack ZTI with System Center Configuration Manager Finding Additional Help Microsoft Services Premier Support Internet-Based Support Introduction USMT Usage Scenarios System Center Configuration Manager State Capture Identify Operating System Settings USMT Components Scanstate Loadstate Component Manifests Downlevel Manifests Technical Considerations Appendix A: Converting Control Files from Earlier Versions of USMT USMT .Inf File Format Sections of a USMT .Inf File USMT .Inf File Syntax Find Equivalent Settings in XML [CopyFiles] [CopyFilesFiltered] [AddReg]
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
91
[DelReg] Create a Complete Migration in XML Appendix B: Preparing the MDT 2008 Distribution Share Prepare the USMT Component in the Distribution Folder Locate the Store Files Place the XML Control Files Introduction Installing Deployment Workbench Create the Distribution Share Starting Deployment Workbench Upgrading BDD 2007 to MDT 2008 Creating the Distribution Share Populate the Distribution Share Operating Systems Add an Operating System Remove an Operating System Rename an Operating System Add Images from Windows Deployment Services Add Custom Image Files Hide and Unhide Feature Applications Add an Application Remove an Application Edit an Application’s General Information Edit an Application’s Details Edit an Application’s Dependencies Enable or Disable an Application Restart the Computer After Installing an Application Packages Add a Package Remove a Package View a Package’s General Information Enable or Disable a Package Add a Package Group Change a Package Group Assignment Out-of-Box Drivers Add a Device Driver Remove a Device Driver
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
92
Microsoft Deployment Toolkit 2008
View a Device Driver's General Information Enable or Disable a Device Driver Change a Device Driver's Group Assignment Add a Device Driver Group Use Legacy $OEM$ Folders Task Sequences Create Task Sequences Remove a Task Sequence Edit a Task Sequence’s General Information Enable or Disable a Task Sequence Define a Task Sequence Edit the Unattended Setup Answer File Associated with the Task Sequence Select the Packages Groups for a Task Sequence Deployment Points Create the Deployment Point Customize the Deployment Point Update the Deployment Point Create a Bootable USB Flash Drive Create a Computer Image Capture an Image for LTI Prepare the Image for Capture Add a Custom Image to the Distribution Share Capture an Image for Systems Management Server Create an Image Capture CD Prepare the Image for Capture Capture the Image
New Features The following list highlights the new features that have been included in this release of MDT 2008: •
Lite Touch OEM-Preload. In this case, MDT 2008 takes the contents of a media deployment point (USB, DVD, and so on) and loads it onto the hard drive, configuring it to automatically start up into Windows Preinstallation Environment (Windows PE). The original equipment manufacturer (OEM) can duplicate this hard drive (or a sector-based image of it), and the drive or image will run through an LTI deployment when it starts up but without generating network traffic for the bits because they are all already present on the hard drive. A new script, LTIOEM.wsf, and a new task sequence template are provided that set up the hard disk for duplication.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
93
•
System Center Configuration Manager OEM-Preload. In this case, a standard deployment task sequence, ConfigMgr OS MDT 2008, is broken into two parts. The first half (pre), a new task sequence template, applies an operating system image to the hard disk, saves some information about the environment, and marks the hard drive as inactive (so that it doesn’t accidentally start into the new operating system before it is customized). The second half (post), another new task sequence template, must be run using unknown computer support (such as a startup CD or Pre-Boot Execution Environment [PXE] filter). The second task sequence customizes the machine in Windows PE (using the already applied operating system image on disk) and then starts into the operating system to install any needed applications or other customizations. A new ZTIOEM.wsf script has been provided to help with this (to save some task sequence variables from the first task sequence so that they can be used by the second).
•
Microsoft System Center Operations Manager 2007 with SP1 Management Pack for MDT 2008. Monitors the events and performance indicators for LTI deployment, Zero Touch Installation (ZTI) deployment using Systems Management Server, and ZTI deployment with System Center Configuration Manager deployment processes.
General •
MDT 2008 Update 1 supports only a single partition in Refresh and Upgrade scenarios. New Computer and Replace Computer scenarios format Disk 0 by default. Using MDT 2008 Update 1 on computers with OEM partitions or multiple fixed or external hard disks may require additional configuration and scripting, in addition to thorough testing.
•
Using brackets ([ ] or <>) in data—for example, in passwords—that MDT 2008 Update 1 stores in .xml files causes the deployment to fail. Do not use special characters that are contained in .xml files when configuring settings.
•
Language packs, applications, and device drivers that are disabled in Deployment Workbench are not installed, unless they are added manually to the CustomSettings.ini file.
Installation •
After uninstalling MDT 2008 Update 1 using the Control Panel, the Distribution share directory (if created) must be removed manually. MDT 2008 Update 1 does not remove files or folders that it did not initially install.
•
Completely remove all beta versions of MDT 2008, Windows User State Migration Tool (USMT), the Windows Automated Installation Kit (Windows AIK), and the directory created by earlier installations of MDT 2008 (including the beta version) before installing MDT 2008 Update 1. Matched versions of the tools are required, and some configuration file schemas have been changed. This release supports Windows AIK versions 1.0 and 1.1. Windows AIK 1.1 was released with Windows Vista and is required to deploy Windows Vista with SP1 and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
94
Microsoft Deployment Toolkit 2008
•
When using MDT 2008 Update 1 extensions (add-in wizards) with System Center Configuration Manager, MDT 2008 Update 1 must be installed on every System Center Configuration Manager server used to administer operating system deployments.
•
Earlier versions of MDT 2008 must be closed when updating to MDT 2008 Update 1.
•
If uninstalling MDT 2008, manually remove the Management Pack service before uninstalling MDT 2008. If MDT 2008 is installed and being updated to MDT 2008 Update 1, the display name of the Management Pack service will not match the display name in the documentation. To fix this, use the Configure Management Pack Wizard to remove and then reinstall the Management Pack service.
Deployment Workbench •
To use Deployment Workbench for tasks other than reviewing the documentation, log on to the computer using an account that is a member of the local Administrator group.
•
Open only a single instance of Deployment Workbench at a time. Opening two or more instances of Deployment Workbench can result in unpredictable behavior.
•
If Deployment Workbench displays an error and closes after the error is dismissed, restart Deployment Workbench and continue working.
•
Deployment Workbench gives the option, when it attempts to add duplicate drivers, to ignore the duplicates or to create two folders, both which contain the same device driver. The second folder will have a numeric suffix that indicates it is a duplicate, helping to avoid adding duplicate device drivers to a distribution share. The suffixnaming feature supports storing two versions of the same device driver that have the same name if they are required for device compatibility reasons. During import, Deployment Workbench also helps by placing them in separate driver groups.
•
When adding applications to the distribution share using Deployment Workbench, ensure that every application has a unique, full name. Typically, the application name should include a version number and a platform (such as 32-bit or 64-bit). Otherwise, users will see multiple applications with the same name, each of which installs a different application during an LTI deployment.
•
Occasionally, Deployment Workbench appears to incorrectly display items in the details pane of the console. For example, clicking the Task Sequences node may not display task sequences, even though several exist. To display the items, click Refresh in the action pane, or right-click in the details pane, and then click Refresh.
•
Occasionally, Deployment Workbench displays an error on the Application page of the LTI wizard. To avoid this, pause between making selections.
•
Windows Server 2008 language packs are designated as SP1 Language Packs. The language packs will work correctly with Windows Server 2008, however.
•
When adding an operating system to Deployment Workbench, the wizard may accept an invalid name for the Windows Deployment Services server. After completing the wizard, Deployment Workbench then may display an error message when the Windows Deployment Services server cannot be contacted. To avoid this, specify the correct name of the Windows Deployment Services server initially.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
95
•
If an update, language pack, or driver from MDT 2008 Update 1 that is part of a package group is removed, MDT 2008 Update 1 does not remove the corresponding entries from the Packagegroups.xml file. The entries are removed from the Packages.xml file, however, which removes them from the MDT 2008 Update 1 user interface. Therefore, when removing updates, language packs, or drivers, the Packagegroups.xml file must be manually edited to remove the entries after removing them using MDT 2008 Update 1.
•
When creating a distribution share for an LTI Upgrade scenario, the wizard displays backup pages. These are not used in this scenario and can be disregarded.
•
When performing a Refresh deployment from a 64-bit Windows Server 2008 platform to a 64-bit Windows Server 2008 platform, the wizard displays user state migration pages even though user state migration is not supported for server deployments. The pages can be disregarded.
•
When IP addresses (for example, when identifying Domain Name System [DNS] and Windows Internet Naming Service [WINS] servers) are specified, they must exclude unnecessary zero prefixes, which will be misevaluated. For example, the IP address is typed 10.010.10.1, Deployment Workbench will evaluate it as 10.8.10.1. To avoid this problem, enter IP addresses carefully and do not add unnecessary zeroes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
96
Microsoft Deployment Toolkit 2008
Deployment Points •
The Priority property in CustomSettings.ini has no maximum line length. However, if it is longer than 55 characters when the Configure Database Wizard runs, the wizard will truncate the Priority property, and the property will need to be manually edited. To work around this, run the Configure Database Wizard before performing any other customization, or clear the check boxes for queries in the wizard that are not needed.
•
When creating deployment points on computers that have 8.3 file names disabled (see the Microsoft Knowledge Base article, “How to Disable the 8.3 Name Creation on NTFS Partitions,” at http://support.microsoft.com/kb/121007/), Deployment Workbench fails to generate the Windows PE image, and an exception is logged in DeployUpdates_platform.log, where platform is either x86 (for 32-bit) or x64 (for 64bit). If 8.3 file names have been disabled, re-enable them by setting the \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\Ntfs Disable8dot3NameCreation registry value to 0.
•
MDT 2008 Update 1 supports deployment from a USB flash drive (UFD). See Windows AIK for information about preparing the device, then copy (using the xcopy command) all files and folders from the \Media\content folder to the UFD.
•
The MDT 2008 Update 1 documentation frequently refers to media deployments. Starting up from a CD is not considered a media deployment because the CD is used only to start the computer, and the rest of the deployment is performed across the network. By definition, media deployments store all content locally and do not require a network connection.
•
When running MDT 2008 Update 1 on 64-bit versions of Windows Server 2008 or 64bit Windows Vista with SP1 and attempting to update an SMS 2003 Operating System Deployment (OSD) Feature Pack deployment point, an error message appears while MDT is generating the .iso file. The message reads, “An unexpected error occurred while updating the deployment point.” To work around this issue, generate a generic .iso file using another deployment point server running Windows Server 2003, a 32-bit version of Windows Server 2008, or a 32-bit version of Windows Vista with SP1. This does not occur on 32-bit versions of Windows Server 2008 or Windows Vista with SP1, or on any version of Windows Server 2003.
•
Windows AIK 1.1 servicing stack files are copied to the Servicing directory of the distribution share. This is done by updating a deployment point for the platform (x86 and x64).
•
Windows AIK 1.0 servicing stack files are removed from the Tools directory and from any ZTI directories specific to builds or task sequences created on an SMS 2003 OSD deployment point. This requires updating the Systems Management Server Image Program to remove those old servicing stack files manually.
Image Capture •
Turn off antivirus programs on the lab computer before capturing an image of the lab computer’s disk. Antivirus programs can interfere with the configuration of the image and the installation of applications during deployment. After deployment, reactivate the antivirus program. Before beginning deployment, test the interaction of antivirus programs with MDT 2008 Update 1.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
97
•
When the System Preparation Tool (Sysprep) uses the Windows Deployment Wizard to capture an image and the reference computer is joined to a domain that requires complex passwords, Sysprep does not remove that policy. The reference computer must be removed from the domain, and the local password complexity policy must be reset or the computer must use a complex password.
•
If custom images captured by directly running ImageX.exe (without using MDT 2008 Update 1 to capture the image) do not work properly, troubleshoot the issues by capturing and adding the image using MDT 2008 Update 1 to ensure that all prerequisites are configured properly. Be sure setup files are added to Deployment Workbench by adding a complete operating system distribution or by pointing the wizard to the location of source files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
98
•
Microsoft Deployment Toolkit 2008
When manually capturing images, use the Wimscript.ini file supplied by MDT 2008 Update 1 in the \Distribution\tools\_platform folder, where platform is either x86 (for 32-bit) or x64 (for 64-bit), to exclude the folders or files from the image. Also be aware of preexisting Unattend.xml files in the image. Specify the correct /FLAGS value when capturing Windows Vista images using ImageX.exe or Windows Deployment Services capture processes.
Deployment Process •
If the product key specified for a build is invalid, Windows Vista Setup prompts for a valid key during deployment. However, even after a valid key is provided, the deployment fails. Ensure that the product key specified for each build is valid before beginning deployment.
•
At the completion of MDT 2008 Update 1 deployment, a summary page displays warnings about errors encountered during the process. (This page won't be displayed when conducting a Server Core installation option of the Windows Server 2008 operating system because a Server Core installation does not include the Windows Internet Explorer® components required for this display.) It is possible for deployment to finish but still trigger several errors or warnings if the errors are nonfatal. It is useful to inspect these errors and warnings and determine whether they are unexpected. This might involve opening corresponding log files and running verification tests.
•
Dialing properties that are not configured, even if present in the answer file, include the country code, area code, long-distance access, and dialing rules. To work around this issue, configure dialing rules by creating and testing a .reg file in a lab environment, and then import that .reg file as a custom task during the task sequence.
•
MDT 2008 Update 1 cannot completely remove the C:\Minint folder from the target computer after deployment because it cannot remove the Task Sequencer dynamiclink libraries (DLLs) while they are in use. MDT 2008 Update 1 does, however, move the log files to %SystemRoot%.
•
When deploying an image that has never been started or that is missing the \%SystemRoot%\Prefetch directory, updates installed using Setup.exe or PkgMgr.exe can fail. To work around this, create the \%SystemRoot%\Prefetch directory in the operating system image.
•
Windows AIK 1.0 does not allow creating a media deployment International Organization for Standards (ISO) image of 4 gigabytes (GB) or larger. This limitation has been removed in Windows AIK 1.1.
•
The media ISO image must be smaller than 2.2 GB for media deployment to a Microsoft Virtual PC or Microsoft Virtual Server virtual machine. If the ISO image is larger than 2.2 GB, the deployment may result in an error.
•
Do not use system variables to configure the Active Directory® folder paths in the Configure ADDS task sequence. Instead, create the folder paths without system variables. For example, instead of %SystemRoot%, use C:\Windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
99
Account Access •
In Windows Vista and Windows Server 2008, if a user with a limited account maps a drive (such as Z:) to the MDT 2008 Update 1 distribution share (\\server\distribution$, where server is the name of the computer hosting the distribution share), runs LiteTouch.vbs, and then provides Administrator credentials in the User Credentials dialog box, MDT 2008 Update 1 displays the error, “Cannot find script file ’Z:\Scripts\LiteTouch.wsf‘ because the account that the user provided in the User Credentials dialog box cannot access the mapped drive created by the limited user account.” To resolve this issue, use an account with Administrator credentials to map the drive to the distribution share.
•
Active Directory user credentials set using the ADDSUserPassword attribute in CustomSetting.ini are used during the answer file generation of the Configure ADDS configuration task. To resolve this, change the ADDSUserPassword attribute to ADDSPassword in the ZTIGather.xml file, and then set the ADDSPassword property in CustomSettings.ini.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
100
Microsoft Deployment Toolkit 2008
Device Drivers •
Some device drivers can stall the deployment process. If this happens, isolate the device driver and remove it from the target computer, or contact the vendor for an updated version of the device driver.
•
If a TxtSetup.oem file is in the \Out-of-Box Drivers\ store directory, it must reference all storage drivers in the same directory. If a driver is matched to a device in the ZTIStorageDrivers.wsf tool, and the drivers files are not properly referenced in the TxtSetup.oem file, it can cause the setup phase of Windows XP or Windows Server 2003 to fail and block installation. If the storage drivers are not critical during installation, then the Inject Storage Drivers for XP and 2003 task can be disabled during the Preinstall phase.
Disks and Partitioning •
After starting Windows PE, the drive letters assigned to each storage device may change. For example, if the destination computer has a CD-ROM assigned to drive D and a hard disk drive assigned to drive E, the hard disk drive will be on drive D and the CD-ROM will be on drive E when Windows PE starts. This can prevent the local USMT and backup process from working properly when storing these files on a local storage device. If a DVD deployment fails, check that the drives have not been reassigned on the target computer. To simplify deployment, save user data to a network location instead of to a local drive.
•
Avoid editing the Unattend.xml files to format or alter the partitions. MDT 2008 Update 1 might store state and user data on the partition before calling Setup.exe (in LTI scenarios), and instructions added to Unattend.xml would cause Setup to destroy that data and cause a deployment failure.
•
While configuring the Format and Partition Disk task, always specify the extended and logical partitions together and do not add a primary partition in-between, which gives undesirable results when a logical partition size is configured using a percentage. In other words, do not add a primary partition between an extended and logical partition.
Windows BitLocker Drive Encryption •
Windows BitLocker™ Drive Encryption during LTI deployment requires at least two partitions. The first partition is the primary partition and can be any size; it stores operating system files and user data. In Windows BitLocker Drive Encryption terminology, this is called the boot partition. The second partition should be at least 2 GB; it stores startup files required during the first phase of startup. This is called the system partition. LTI deployment automatically configures the required 2-GB system partition if Windows BitLocker Drive Encryption is being deployed.
•
If activating Windows BitLocker Drive Encryption during installation fails in Refresh and Upgrade scenarios, verify that MDT 2008 Update 1 is able to shrink the partition as required by following these steps:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
101
1. At the command prompt, type diskpart shrink querymax, and note the value that is displayed. 2. If the value is less than 2,000 megabytes (MB), then defragment the disk. 3. If defragmenting the disk does not resolve the issue, back up the computer’s hard disk, create a new partition, and repeat these steps until typing diskpart shrink querymax returns a value greater than 2,000 MB. There might be files in specific areas of the partition that cannot be relocated or removed. •
The BDERequired flag is no longer used. All sample templates that enable Windows BitLocker Drive Encryption and that encounter an error will stop by default. The task sequence can be edited to enable deployment to continue if an error occurs.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
102
Microsoft Deployment Toolkit 2008
•
MDT 2008 Update 1 can configure Windows BitLocker Drive Encryption during LTI deployments and System Center Configuration Manager task sequences. Enabling Windows BitLocker Drive Encryption during a Systems Management Server 2003 ZTI deployment is not supported because Systems Management Server 2003 does not support restarts during the State Restore Phase, in which reassignment of the active partition would occur. The Windows BitLocker Drive Encryption Disk Preparation Tool must be downloaded and added to the \Distribution\Tools\_platform folder, where _platform is either x86 (for 32-bit) or x64 (for 64-bit), preserving the language subfolder. See Microsoft Knowledge Base article, “Description of the BitLocker Drive Preparation Tool,” at http://support.microsoft.com/kb/930063 for instructions on acquiring the tool. System Center Configuration Manager provides native support for Windows BitLocker Drive Encryption.
•
Windows BitLocker Drive Encryption deployments using MDT 2008 Update 1 integration scripts with System Center Configuration Manager are only fully tested for new computer deployment scenarios; however, Windows BitLocker Drive Encryption support is provided natively by System Center Configuration Manager using the Enable BitLocker action.
•
When performing computer upgrades using a DVD deployment point and generating an external Windows BitLocker Drive Encryption key, MDT 2008 Update 1 generates key files with the name -.txt instead of %ComputerName%.txt.
•
In New Computer scenarios on computers running Windows Vista that have Windows BitLocker Drive Encryption disabled (a state in which the volume is still encrypted, but the key is stored in clear text to allow automatic startup), running Diskpart to clean the disk causes the computer to stop responding. To work around this issue, enable Windows BitLocker Drive Encryption again, or turn off Windows BitLocker Drive Encryption to decrypt the volume and ensure that decryption completes. If the computer stops responding, restart deployment.
•
Active Directory can be used to back up Windows BitLocker Drive Encryption and Trusted Platform Module (TPM) data. Recovery information includes the recovery password for each encrypted value, the TPM owner password, and the information necessary to associate recovery information with computers and volumes. Another option is to save a package containing the keys used to encrypt data, in addition to the recovery password required to access those keys. For more information, go to Configuring Active Directory to Back up Windows BitLocker Drive Encryption and Trusted Platform Module Recovery Information at http://www.microsoft.com/downloads/details.aspx?FamilyID=3a207915-dfc3-457990cd-86ac666f61d4.
•
When enabling Windows BitLocker Drive Encryption, key files are generated as hidden, read-only system files. To see them, set the Windows Explorer option to show hidden and system files.
•
If a Windows BitLocker Drive Encryption recovery prompt appears after restarting the target computer (because the Windows BitLocker Drive Encryption key required to unlock the volume could not be obtained), work around the problem by using one of the following approaches: •
Remove the media (such as the deployment DVD) while Windows PE is still running. This prevents the operating system from seeing the DVD when it starts.
•
Change the boot order of the computer so that the DVD drive follows the hard disk in boot order.
•
Deploy the computer with no startup media; for example, use a PXE deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
103
User State Migration •
USMT version 3.0.1 .msi files are supported to migrate user data during deployment. Use the following steps to install USMT 3.0.1: 1. Install the Microsoft Knowledge Base package 929761 from http://support.microsoft.com/kb/929761. 2. Copy the USMT 3.0.1 .msi files to tools\_platform, where platform is either x86 (for 32-bit) or x64 (for 64-bit) in the distribution share.
•
The USMT 3.0.1 .msi file requires Windows Installer version 3.1 or later. Ensure that target computers have Windows Installer 3.1 installed; otherwise, deployment will fail during USMT installation. To install Windows Installer 3.1, and for more information, go to http://support.microsoft.com/?id=893803.
Internet Explorer •
Internet Explorer home page can be configured in a task sequence, using CustomSettings.ini, or in the MDT 2008 Update 1 database. Configuring the Internet Explorer home page works only in Windows Vista or Windows XP unattended installations. Sysprep does not support configuring the Internet Explorer home page for Windows XP images. Instead, for Windows XP, add a custom action to the task sequence that configures the home page.
Language Support •
During LTI deployments to new computers, some pages (such as the User Locale and Keyboard Locale pages) do not display text correctly if required fonts are not installed in Windows PE. In Refresh and Upgrade scenarios, the same symptoms appear if required fonts are not installed in the operating system being replaced.
•
Some keyboard layouts might require language packs or input method editors that MDT 2008 Update 1 does not automatically include in the Windows PE startup image. MDT 2008 Update 1 does not verify that the keyboard layout is valid. For more information, see How to add Input Method Editor (IME) support to Windows PE 2.0 at http://support.microsoft.com/kb/926181.
•
When refreshing a computer running a localized edition of Windows XP with a Windows Vista image that is using a different language, Windows Vista Setup will prompt for the keyboard layout, language, and time and currency settings during the Windows PE phase.
•
MDT 2008 Update 1 supports Windows Vista language pack selection during deployment for all scenarios if the language packs are configured in Deployment Workbench. Selecting multiple language packs is possible when deploying Windows Vista Enterprise or Windows Vista Ultimate. When other editions of Windows Vista are deployed, only one language pack can be selected because of Windows Vista licensing restrictions. If the deployment fails in Upgrade scenarios and three or more
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
104
Microsoft Deployment Toolkit 2008
language packs are selected, try reducing the number of language packs until the deployment succeeds.
Network Configuration •
A maximum of two WINS server addresses can be added when configuring static IP configuration settings for a network adapter. If more than two WINS server addresses are added using MDT 2008 Update 1, only the first two WINS server addresses are used.
•
An error stating, “Network settings have been applied except for the following: SetGateways (Gateway, GatewayMetric),” can be safely ignored. Click OK to continue. This error appears when attempting to apply static IP settings to a network adapter that already has received dynamic IP settings from a Dynamic Host Configuration Protocol (DHCP) server.
•
The ZTINicConfig.wsf script supports modifying critical settings for network cards, including static IP addresses. However, because the ZTINicConfig.wsf script makes calls to the Windows shell, it will fail on Windows Server 2008 Server Core installations.
Lite Touch Installation •
Support for deployments using a Windows PE flat ISO image has been removed in this release.
•
Because Windows PE version 2.0 lacks the security .dll file needed to make an integrated security connection to Microsoft SQL Server®, Deployment Workbench obtains a copy of this .dll file from the existing operating system (Windows Vista, Windows Server 2003, or Windows XP) when Deployment Workbench generates a Windows PE image. It then adds the .dll file to the Windows PE image. This is possible only if the existing operating system is the same platform as the Windows PE image being generated (for example, both are 32-bit). This problem is solved in Windows PE 2.1.
•
The network credentials specified for accessing network resources (the USMT store location, computer backup location, and so on) are not validated if a user is logged on to the computer using a domain account and if the computer already has a connection established to another share on the same server.
•
When a custom image is added to the OS node in Deployment Workbench and the capture image option in the Lite Touch Installation Wizard is selected, the computer may issue an exception after the operating system installation. The exception displays the message, "ZTI ERROR - Unhandled error returned by ZTIStorageDriversSysprep: Invalid procedure call or argument (5)." To work around this, add a step to the task sequence to copy the Sysprep.inf file to C:\Sysprep.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
105
Zero Touch Installation •
A new MDT Tools package to support Windows Vista with SP1 and Windows Server 2008 must be created when updating from MDT 2008 to MDT 2008 Update 1. The tools package created by earlier versions of MDT 2008 do not support these target platforms.
•
Applications and Systems Management Server packages that run during a ZTI deployment of Windows XP must run without requiring user interaction.
•
When deploying Windows Vista Business or Home Basic editions using System Center Configuration Manager, disable the BitLocker task, or set it to Continue on Error. Windows Vista Business and Home Basic editions do not support Windows BitLocker Drive Encryption.
•
Some applications remove the file association between .wsf files and the Windows Script Host (WSH) files Cscript.exe or Wscript.exe. As a result, scripts added to the SMS 2003 OSD Feature Pack program custom action command that do not include Cscript.exe or Wscript.exe in the command line will not run correctly. To ensure scripts run correctly in the task sequence, at the command prompt, type wscript.exe scriptname.wsf.
•
If the path for an SMS 2003 OSD Feature Pack package contains spaces, SMS 2003 OSD Feature Pack fails and displays the message, “Could not connect to the installation package on path,” where path is the path name that was typed. Use share names that do not contain spaces.
•
In ZTI deployments, an additional SQL Server database or instance can be added to a computer licensed for SMS 2003 with Microsoft SQL Server 2005 Technology or System Center Configuration Manager 2007 with Microsoft SQL Server 2005 Technology without requiring additional SQL Server or SQL Server client licenses.
•
A custom image captured using the SMS 2003 OSD Feature Pack Image Capture CD must contain the folder %SystemRoot%\Panther. Otherwise, deployment fails during the Restore Computer Settings action.
•
During ZTI deployments, Systems Management Server usually connects to the Systems Management Server distribution point using the computer account. When using MDT 2008 Update 1 with an SQL database, the SQL connection string specifies different credentials because the configured SQL database share will likely not grant access to computer accounts. This is primarily a problem when launching a New Computer deployment using Windows PE. When access fails in OSDConnectToUNC.exe, Systems Management Server tries to connect using the Systems Management Server Network Access account. However, because the computer is already connected to the same server with the computer account, the reconnect fails, and the connection to the database fails because of insufficient rights. If an SQLShare property is not specified, and the computer is making a named pipe connection to an SQL database server, the computer account is used. To work around this issue, either try a different name for the server, such as the fully qualified DNS name or IP address, or give database access to the Everyone group.
•
In ZTI New Computer scenarios using Windows PE 2004 on a SMS 2003 OSD Feature Pack installation CD, the computer may stop responding during the partitioning step. Click the mouse anywhere on the screen to make the process continue normally.
•
The ZTI process does not support packages with the reboot option. The SMS 2003 OSD Feature Pack does not support rebooting during the State Restore phase of
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
106
Microsoft Deployment Toolkit 2008
deployment. See the SMS 2003 OSD Feature Pack documentation for more information. •
Hash value errors may occur in Systems Center Configuration Manager during download on demand or when creating a media deployment DVD. This can occur if the packages on the distribution points are inconsistent with the information in the System Center Configuration Manager database. To correct this, open System Center Configuration Manager console, expand the Boot Image or Package nodes, expand Distribution Points, right-click the distribution point, and then click Refresh Distribution Point.
•
During an SMS 2003 OSD ZTI deployment, an issue can occur in which MDT 2008 Update 1 is unable to install USMT 3.0.1 on computers silently during deployment. Repeat the following steps for the x86 and x64 versions of USMT 3.0.1 to repackage their files into cabinet files from which MDT 2008 Update 1 can extract USMT 3.0.1: 1. Manually install the x86 or x64 version USMT 3.01 on a computer running Windows XP or Windows Vista. 2. Copy %Program Files%\Microsoft Deployment Toolkit\Samples\USMT30_platform.ddf, where platform is either x86 (for 32bit) or x64 (for 64-bit), from a computer on which MDT 2008 Update 1 is installed. If USMT 3.0.1 is installed in a location other than the default (%Program Files%\USMT30), edit USMT30_platform.ddf to indicate its path. 3. Run the command makecab /F USMT30_platform.ddf; then, copy the .cab file it creates (USMT30_platform.cab) to \Tools\platform folder in the MDT 2008 Update 1 distribution share.
•
The Configure ADDS action fails on Windows Server 2008 x64 operating systems when used with System Center Configuration Manager. To avoid this problem, perform the following steps: 1. Add the Configure ADDS step to the task sequence. Configure this task to continue on error. 2. Add a Run Command Line step immediately after this Configure ADDS step. Configure it to run the command dcpromo.exe /answer:"%TEMP%\AD_Answer.txt". Please make sure to configure this step to "Disable 64-bit file system redirection" (otherwise Dcpromo.exe won't be found, as 64-bit servers only have a 64-bit version of this executable file), and specify success codes on the Options tab as 1 2 4.
•
The Install Roles and Features action fails on Windows Server 2008 x64 operating systems when used with System Center Configuration Manager. To avoid this problem, perform the following steps: 1. Add the Install Roles and Features step to the task sequence. Select the needed roles. 2. Add a Run Command Line step immediately after the Install Roles and Features step. Configure it to run the command ServerManagerCmd.exe -inputpath %TEMP%\Roles.xml -LogPath %TEMP%\ServerMgr.log. Select the Disable 64-bit File System Redirection option and specify success codes on the Options tab of 0 1003 3010. Please make sure to configure this step to "Disable 64-bit file system redirection" (otherwise ServerManagerCmd.exe won't be found, as 64-bit servers only have a 64-bit version of this executable file), and specify success codes on the Options tab of 0 1003 3010.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
107
•
When deploying Windows Server 2003 using System Center Configuration Manager, the deployment process does not automatically copy the Windows installation files to the %WinDir%\Source folder, as it does for other deployment methods. As a result, System Center Configuration Manager can display popup dialog boxes requesting missing DLLs needed to complete a server role installation. To work around this, add a step to the task sequence to copy the source files and set the registry keys that identifies the source folder (SourcePath and ServicePackSourcePath in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\setup).
•
When deploying using System Center Configuration Manager and backing up the computer data locally, computers with two partitions may not be able to retain the backup. To prevent backups from being removed, save to a network location instead of to a local drive.
•
In a System Center Configuration Manager task sequence, the Format and Partition task might not run successfully on a computer if it has only one unformatted partition. To work around this issue, either remove the partition or format it.
Replace Computer Scenario •
During an LTI Replace scenario, first specify a path in which to store the user state data. Then, after replacing the computer and installing a build, the Specify whether to restore user state data dialog box prompts the administrator for the location from which to restore user state data. The same path used when saving user state data must be specified.
•
When performing a Replace scenario deployment for Windows XP, Windows XP will fail to start after the deployment because Windows PE 2.0 (which is used during the deployment process) does not automatically restore the Windows XP startup sector. To work around this, add a step to the Replace task sequence that runs the command “%TOOLROOT%\Bootsect.exe” /NT52 C: to restore the Windows XP startup sector.
Upgrade Computer Scenario •
Before using the Windows Deployment Wizard to upgrade a computer, ensure that the local Administrator account is enabled.
•
Upgrading from 64-bit editions of Windows XP Professional to 64-bit editions of Windows Vista is not supported.
•
Before running the Windows Deployment Wizard on target computers that are running the Microsoft Windows 2000 operating system, be sure that Msvcp60.dll is installed. Copy Msvcp60.dll from the %SystemRoot%\System32 folder of a computer running Windows XP Professional with SP2 to the %SystemRoot%\System32 folder on each computer running Windows 2000.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
108
Microsoft Deployment Toolkit 2008
Open Issues and Ways to Work Around Them in MDT 2008 Update 1 The following section describes known issues and limitations of this MDT 2008 release. •
When performing an automated capture of a Windows XP or Windows Server 2003 operating system after deploying the operating system from a captured image, the deployment may fail with an unhandled exception error in ZTIStorageDriversSysprep.wsf. To work around this issue, add a task to copy Sysprep.inf from the deployment point to C:\Sysprep. If injecting mass storage drivers is not required, this step can be disabled in the task sequence.
•
When configuring the Active Directory folder paths in CustomSettings.ini, using system variables such as %SystemRoot% incorrectly sets the value to the Windows PE drive X. To work around this issue, use the physical path instead of the system variable.
•
In LTI deployments, several kinds of information are set in the Create Task Sequence Wizard. The user interface (UI) does not provide an option to edit these at a later time. However, they can be edited directly in the Unattend.xml file (for Windows Vista or Windows Server 2008) or in Sysprep.inf and Unattend.txt (for Windows XP or Windows Server 2003). The information includes:
•
•
•
Organization name
•
Full name
•
Internet Explorer home page
•
Local Administrator password
Some pages might not be displayed if the user changes the options on the domain membership page. The following pages might be affected: •
Windows BitLocker Drive Encryption pages. If the user chooses not to perform an image capture and then chooses to enable Windows BitLocker Drive Encryption in the Windows Deployment Wizard, and then decides to go back to the Image Capture page and choose Capture, Windows BitLocker Drive Encryption is still enabled. The image capture would be attempted against an encrypted partition.
•
Image Capture page. This page should be displayed only when a user tries to join a workgroup. If the user specifies the path for image capture and then goes back to the Domain Join page, and then joins a domain, the Image Capture page will still be displayed. This problem occurs because the image capture process runs Sysprep and should only be performed on computers not joined to a domain.
A Missing Wdi.dll file warning dialog box may be displayed during a New Computer deployment. Close the warning dialog box, and the deployment process will continue. This occurs when specific wireless drivers are added to Windows PE. Windows PE does not support wireless networking, so these drivers should be removed. Create a driver group that contains the wired network drivers and configure Deployment Workbench to use only the drivers in that group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
109
•
No user state configuration settings can be or need to be specified using the CustomSettings.ini file for System Center Configuration Manager scenarios. The network location is determined automatically by the Request State Store task.
•
For System Center Configuration Manager deployments to work without errors, certain properties must be configured by editing the task sequence, or the properties must be configured in the CustomSetting.ini file. Some properties in the task sequence can be configured only by editing the task sequence.
•
In System Center Configuration Manager deployments, multiple application packages can be installed on a computer by specifying them in the CustomSettings.ini file according to the following parameters: •
A base variable named PACKAGES should be specified in the task sequence in the Install Software task.
•
Each PACKAGES variable name should have a suffix starting with 001.
•
The PACKAGESxxx value should have the format PACKAGEID:ProgramName (use a colon between items).
•
The ProgramName value is case-sensitive. An example of specifying packages in CustomSettings.ini:
PACKAGES001=DEP0002B:Install Office 2007 PACKAGES002=DEP00011:Install Office Communicator •
The Microsoft Deployment Toolkit Management Pack runs only on Microsoft System Center Operations Manager 2007.
•
The BDD 2007 Management Pack does not work with MDT 2008 Update 1.
•
The MDT 2008 Update 1 Management Pack does not work with earlier versions of MDT 2008 or BDD 2007.
•
The MDT database name should not contain spaces.
•
Alerts are not generated on the Alerts node of the Microsoft Deployment Toolkit Management Pack. Some events, such as a deployment failure or system stop, may not generate a proper alert.
•
When monitoring LTI deployments using the MDT 2008 Management Pack, the Name and Logging Computer boxes display the Windows PE phase self-generated computer name. To control the computer name reported to System Center Operations Manager, set the OSDNEWMACHINENAME variable using CustomSettings.ini, and the value specified there will be used throughout the process.
•
In LTI New Computer deployments, applications marked as hidden in Deployment Workbench are not installed when the Application page is not skipped in the wizard and the application globally unique identifier (GUID) is specified in CustomSettings.ini. Hidden applications can be specified using the MandatoryApplications property instead of the Applications property.
•
System Center Configuration Manager in Unknown Computer scenarios allows specification only of a collection that exists on the site to which the client belongs. Pointing at a collection on the parent site is not supported.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
110
Microsoft Deployment Toolkit 2008
•
Close System Center Configuration Manager console before running the integration option from MDT 2008 Update 1. Otherwise, some files may not be properly updated.
•
For LTI deployment, configuring static IP addresses is best done using CustomSetting.ini or the Windows Deployment Wizard. Configuring IP addresses using the Apply Network Settings step in the task sequence causes mapped drives to fail if the adapter had already mapped drives using DHCP-assigned addresses. Because multiple computers normally use a task sequence, setting a specific static IP address value in a task sequence wizard in MDT 2008 Update 1 is not recommended. Other general settings might be appropriate.
•
Sometimes the Import Microsoft Deployment Toolkit Task Sequence Wizard does not complete successfully. In this case, the XML for the new task sequence has already been generated and is available at the %Temp% directory. This .xml file can be imported manually using the System Center Configuration Manager Import Task Sequence Wizard to create the task sequence. The .xml file will not be available at the %Temp% directory if the initial import was successful.
•
During the Scanstate and Loadstate processes, multiple copies of log files may be created. A new USMT template can be used for excluding the log files or log directories while running Scanstate and Loadstate.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
111
Microsoft System Center Configuration Manager 2007 Imaging Guide
Contents Introduction This guide is part of Microsoft® Deployment Toolkit (MDT) 2008. This document provides guidance on the process of using Microsoft System Center Configuration Manager 2007 in the deployment process. The guides listed in Table 1 provide additional information about using System Center Configuration Manager and its functions and can assist in finding the information needed to configure and set up the environment. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Table 1. Related System Center Configuration Manager Guidance Guide
This guide offers assistance to help
Configuration Manager Setup Overview
Guide installation of the System Center Configuration Manager environment. See this guide at http://technet.microsoft.com/en-
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
112
Microsoft Deployment Toolkit 2008
us/library/bb693836.aspx. Preparing for Microsoft System Center Configuration Manager 2007
Guide in the preparation of System Center Configuration Manager for the deployment process.
Ins tal ling Syste m C ente r Con figu r ation Mana ger System Center Configuration Manager is used to create and distribute disk images and packages for Zero Touch Installation (ZTI) with System Center Configuration Manager deployments. The first step in the process is to install System Center Configuration Manager on a server computer. See “Configuration Manager Setup Overview” at http://technet.microsoft.com/en-us/library/bb693836.aspx for guidance on installing System Center Configuration Manager.
Con figu r ation Mana ger Con sole Configuration Manager console is used to manage all the features of System Center Configuration Manager. The console is divided into three sections: the left pane, which contains the console tree; the center pane, which contains details about the item selected in the console tree; and the right pane, which shows possible actions for the item selected in the console tree. Table 2 lists and describes the tree listings in the left pane of Configuration Manager console. Table 2. Configuration Manager Console Tree Listings and Their Descriptions Tree listing
Description
Site Database
Contains the site database and all System Center Configuration Manager settings.
Site Management
Provides access to settings that define the site hierarchy of System Center Configuration Manager and to the configuration of each site.
Computer Management
Provides access to the settings that define the management of computers within the System Center Configuration Manager sites.
System Status
Provides the status of System Center Configuration Manager components.
Security Rights
Provides access to System Center Configuration Manager security parameters.
Tools
Contains the ConfigMgr Service Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Planning
113
Start Configuration Manager Console To start Configuration Manager console, click Start, and then point to All Programs. Point to Microsoft System Center, point to Configuration Manager 2007, and then click ConfigMgr Console. After opening Configuration Manager console, begin managing the installation of System Center Configuration Manager and prepare the images, software, and migration data for deployment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing Syste m C ente r Con figu r ation Mana ger for Dep lo yment Using Configuration Manager console, prepare images, drivers, driver packages, applications, operating systems, and other packages for deployment. When these items are added to System Center Configuration Manager, the files that System Center Configuration Manager will eventually distribute to the production environment are essentially stored in System Center Configuration Manager. When the items are in place, associate these stored items with task sequences in the configuration process. The following sections of this document provide guidance on ways Configuration Manager console can be used to import and prepare the images and packages that System Center Configuration Manager will use during deployment.
Import MDT 2008 Task Sequences Although new task sequences can be created manually using System Center Configuration Manager, MDT 2008 includes task sequence template files that can be imported into System Center Configuration Manager. These task sequence templates dramatically reduce the effort required to create task sequences in System Center Configuration Manager to use in MDT 2008. To import the MDT 2008 task sequence templates, use the System Center Configuration Manager Import Microsoft Deployment Task Sequence Wizard.
Create New Task Sequences Using the Import Wizard To create task sequences, the Import Microsoft Deployment Task Sequence Wizard moves the necessary files to System Center Configuration Manager. Configuration Manager console contains the Import Microsoft Deployment Task Sequence Wizard, which can be used to create the task sequences required for successful deployment of ZTI images. This functionality is new in MDT 2008 and requires the installation of MDT 2008 to operate correctly in Configuration Manager console. This integrated functionality does not exist between System Center Configuration Manager and MDT 2008 by default and requires that the Configure ConfigMgr Integration Wizard be run. Note Run the Configure ConfigMgr Integration Wizard to install the Import Microsoft Deployment Task Sequence Wizard in System Center Configuration Manager. To complete this process, refer to the section “Enable Configuration Manager Console Integration” in the MDT 2008 document, Preparing for Microsoft System Center Configuration Manager 2007.
Table 3 lists the task sequences templates that are included in MDT 2008, the file name for each template, and a description of the template. The template files are located in the install_folder\SCCM folder (where install_folder is the folder in which MDT 2008 was installed). Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
115
Table 3. Task Sequence Templates Included in MDT 2008 Template
File name
Select this template to
Standard Client Task Sequence
SCCM_Client.xml
Deploy to client computers for all scenarios except the Computer Replace scenario.
Standard Client Replace Task Sequence
SCCM_ClientReplace.xml
Deploy to client computers for the Computer Replace scenario.
Custom Task Sequence
SCCM_Custom.xml
Creates a task sequence completely customizable by the imaging team.
Standard Server Task Sequence
SCCM_Server.xml
Deploy to server computers for all scenarios.
The Import Microsoft Deployment Task Sequence Wizard guides the process of creating these packages and images (or specifying existing packages and images). The task sequence templates contain placeholders for each of the packages and images listed in Table 3. The Import Microsoft Deployment Task Sequence Wizard substitutes the packages and images selected for the placeholders in the task sequence templates. After completing the wizard, the new imported task sequence references the appropriate packages and images. Note Always use the Import Microsoft Deployment Task Sequence Wizard to import the task sequence templates. Although the task sequence templates can be manually imported, this process is not recommended.
Using the Import Microsoft Deployment Task Sequence Wizard, choose the template type to create, and then customize it for the needs of the environment. Table 4 describes the different sections of the Import Microsoft Deployment Task Sequence Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
116
Microsoft Deployment Toolkit 2008
Table 4. Import Microsoft Deployment Task Sequence Wizard Sections and Descriptions Wizard page
Use this page to
Choose Template
Create the Standard Client, Standard Client Replace, and Standard Server task sequences, and the Custom Task Sequence.
General
Set the task sequence name and add task sequence comments.
Details
Specify the workgroup or domain; type the registrant user name, organization name, and product key; and specify the capture destination and authorized account for capture.
Boot Image
Specify an existing boot image package or create a new boot image package.
General Settings
Provide the name, version, and comments for the boot image.
Image Options
Choose components, optional fonts, additional files, and platforms for the image.
Microsoft Deployment Package
Specify an existing MDT 2008 files package or create a new MDT 2008 files package.
Microsoft Deployment Details
Specify MDT 2008 file package properties, including name, version, language, manufacturer, and comments.
OS Image
Specify an operating system image or an operating system image package, or create a new operating system image or operating system installation package.
Install Source
Set options for installation sources to use with System Center Configuration Manager packages.
Client Package
Specify the ConfigMgr client package.
USMT Packages
Specify an existing Windows User State Migration Tool (USMT) package or create a new USMT package.
USMT Details
Specify the name, version, language, and manufacturer, and supply comments for the USMT package.
Settings Package
Specify or create the settings package to use. This package contains CustomSettings.ini and unattended installation files needed for operating system deployment.
Settings Details
Specify the name, version, language, manufacturer, and comments for the settings package.
Sysprep Package
Specify or create a System Preparation Tool (Sysprep) package to use, if required.
Sysprep Details
Specify the name, version, language, manufacturer, and comments for the Sysprep package.
Summary
See the status of package import or creation tasks.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
117
To import task sequences into Configuration Manager console 1658.In Configuration Manager console, expand Computer Management, right-click Task Sequences, and then click Import Microsoft Deployment Task Sequence. 1659.On the Choose Template page, click Client Task Sequence, and then click Next. 1660.On the General page, in the Task Sequence Name box, type the name of the task sequence to create. In the Comments box, type a comment (optional) that describes the sequence, and then click Next. 1661.On the Details page, click either Join a workgroup or Join a domain, and then type the name of the workgroup or domain name in the relevant box. 1662.Click Set, and then in the Account box, type the credentials for joining the domain. 1663.In the Windows Settings section, in the User name box, type the registered user name; in the Organization name box, type the registered organization; and in the Product key box, type the product key. 1664.In the Capture Operating System Image Settings section, in the Capture Destination box, type the location for captures; in the Capture account box, type the authorized account for capture placement; and then click Next. 1665.On the Boot Image page, click Create a New Boot Image Package. Type the Universal Naming Convention (UNC) path to the package, and then click Next. 1666.On the General Settings page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the boot image.
•
Version: The package version.
•
Comments: Optional comments.
1667.On the Image Options page, type the relevant information or click the relevant options, and then click Next: •
Platform section: Click the relevant operating system.
•
Optional Components section: Click ADO, if required.
•
Optional Fonts section: Click additional fonts, if required.
•
Additional Files section: Click Browse to add a custom a background bitmap image file, and then click Browse to add an extra additional directory, if required.
Note
The background bitmap file must be specified using a UNC path.
1668.On the Microsoft Deployment Package page, click Create a New Microsoft Deployment Files Package; in the UNC path box, type the UNC path (for example, \\DeploymentServer\packages$\Deployment4files) for the deployment files package the wizard will create, and then click Next. 1669.On the Microsoft Deployment Details page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the MDT 2008 files.
•
Version: The version of the MDT 2008 files (optional).
•
Language: The language of the MDT 2008 files.
•
Comments: Optional comments.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
118
Microsoft Deployment Toolkit 2008
1670.On the OS Image page, click Create a new OS install package; in the OS installation folder location box, type or browse to the relevant location; in the Package source folder to be created box, type or browse to the relevant UNC location; and then click Next. Note The OS installation folder contents are copied from the specified UNC location to the package source folder, which are then used to create the package.
1671.On the Install Source page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the operating system image.
•
Version: The operating system package version.
•
Comments: Optional comments.
1672.On the Client Package page, click Create a new ConfigMgr client package, and then click Next. 1673.On the USMT Package page, click Create a new USMT package, type the relevant information in the following boxes, and then click Next: •
Path to the USMT executables and related files: The path to the location on the network where USMT files are stored.
•
Package source folder to be created: The name of the package source folder to create.
CAUTION A network location for USMT cannot be specified in the CustomSettings.ini file for a task sequence. The Request state store task automatically determines the location. For this to work, define a state migration point. See the Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx for additional guidance on this process. Note The default location of USMT files is C:\Program Files\USMT301. If USMT will be used with System Center Configuration Manager, run the USMT 3.0.1 .msi file on the System Center Configuration Manager server and specify this location as the source location. For additional information about configuring System Center Configuration Manager to use USMT, refer to the Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx.
1674.On the Specify USMT package properties page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the USMT package.
•
Version: The version of the USMT package.
•
Language: The USMT package language.
•
Manufacturer: The manufacturer of the USMT package.
•
Comments: Optional comments.
CAUTION For more information on using roaming profiles, see the Managing Roaming User Data Deployment Guide at http://technet2.microsoft.com/WindowsVista/en/library/fb3681b2-da39-4944-93addd3b6e8ca4dc1033.mspx?mfr=true. USMT will back up and restore locally cached user profiles but not network copies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
119
1675.On the Settings Package page, click Create a new settings package, type the UNC path for the location where the wizard will create the package, and then click Next. 1676.On the Settings Details page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the settings package.
•
Version: The version of the settings package.
•
Language: The settings package language.
•
Manufacturer: The manufacturer of the settings package.
•
Comments: Optional comments.
1677.On the Sysprep Package page, click Create a new Sysprep package; in the Path to Sysprep executables and related files box, type the UNC path for the location where the wizard will create the Sysprep package; in the Package source folder to be created box, type or browse to the location where the wizard will create the package source folder; and then click Next. Note This selection is optional and does not apply to Windows Vista or Windows Server 2008 deployments if no custom image is captured.
1678.On the Sysprep Details page, type the relevant information in the following boxes, and then click Next: •
Name: The name of the Sysprep package.
•
Version: The version of the Sysprep package.
•
Language: The Sysprep package language.
•
Manufacturer: The manufacturer of the Sysprep package.
•
Comments: Optional comments.
The Summary page displays a status bar that shows the progress of the tasks defined in the wizard. The wizard closes when it completes the tasks.
Create a New Driver Package Complete the following steps to create a new driver package in System Center Configuration Manager. System Center Configuration Manager creates a package file in the UNC share path defined in the Import Microsoft Deployment Task Sequence Wizard. 1679.In Configuration Manager console, expand Computer Management, expand Operating System Deployment, and then click Driver Packages to start the New Driver Package Wizard. 1680.Type the relevant information in the following boxes, and then click OK: •
Name: The name of the new driver package.
•
Comments: Optional comments.
•
Driver Package Source: The path to the new driver package.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
120
Microsoft Deployment Toolkit 2008
Import Drivers to System Center Configuration Manager To import drivers into System Center Configuration Manager 1681.In Configuration Manager console, expand Computer Management, and then expand Operating System Deployment. Right-click Drivers, and then click Import to start the Import New Driver Wizard. 1682.On the Locate Driver page, click one of the following options; then, type or browse to the UNC path of the source folder that holds the drivers to import, and then click Next: •
Import all drivers in the following network path (UNC)
•
Import a specific driver by specifying the network path (UNC) to its .inf or txtsetup.oem file
1683.On the Driver Details page, the driver name is shown in the Name box. Click Enable this driver and allow computer to install it, and then click Next. 1684.On the Applicability page, click one of the following options, and then click Next: •
This driver can be run on any platform
•
This driver can run only on the specified platforms, and then select your OS option(s)
1685.On the Add Driver to Package page, click one of the following options, and then click Next: •
Select All
•
Clear All
•
New Package
•
Update distribution points when finished
Note A package must be created to add a package. If no package is listed, add the drivers to one or more packages later.
1686.Click the package to the drivers will be added or create a new package. Note Click Update distribution points when finished to force the wizard to perform the update.
1687.On the Add Driver to Boot Image page, add updated mass storage drivers, network drivers, or critical drivers for the system boot, as appropriate. Click the boot image (x86 or x64), and then click Next. Note Boot images must be refreshed on distribution points before the new drivers are available for use.
1688.The Summary page shows the details of the selections made while completing the wizard. To change an option or setting, click Previous, make the necessary changes to the selections, and then click Next. The Progress page displays a status bar that indicates the wizard is processing. Then, the Confirmation page shows the success or failure of the wizard’s ability to complete the tasks defined for the driver creation. 1689.Click Close to return to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
121
Add Language Packs Language packs can be added to packages in System Center Configuration Manager either offline or online. Before adding language packs, first create a package that contains the language pack. To create a package containing a language pack 1690.Create a folder that will contain the package source for the language files. Note Create this folder where previously created packages are stored or where space is available.
1691.Add the language pack folders downloaded from Microsoft into the folder created in step 1. Note Language packs already in .cab format are available to download on the Microsoft Volume Licensing Web site.
1692.In the Configuration Manager console console tree, go to Computer Management/Software Distribution/Packages. Right-click Packages, and then click New Package. 1693.In the Name box, type Vista Language Packs, and then click Next. 1694.Click This package contains source files, and then click Set to set the source directory. 1695.Type the path to the source directory, and then click OK. 1696.Click Enable binary differential replication, and then click OK. 1697.On the Data Access page, click Next. 1698.On the Distribution Settings page, click Next. 1699.On the Reporting page, click Next. 1700.On the Security page, click Next. 1701.On the Summary page, click Next, then click Close. To add language packs offline to Windows Vista and Windows Server 2008 1702.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1703.In the Task Sequence Editor dialog box, go to the Postinstall phase. 1704.Under the Postinstall phase, go to the Setup Windows and ConfigMgr task. 1705.Click the task immediately above this task, so that the new added task will be positioned just above the Setup Windows and ConfigMgr task. 1706.Click Add, click MDT, and then click Install Language Packs Offline. 1707.Type the relevant information in the Name and Description boxes, and then click Browse to select an appropriate language pack package to install. 1708.Click OK to save the settings, and then close the Task Sequence Editor. Note When used with MDT 2008, the term offline means that the computer is booted into Windows Preinstallation Environment (Windows PE), and thus the image can be modified offline—not in the currently booted operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
122
Microsoft Deployment Toolkit 2008
To add language packs online to Windows Vista and Windows Server 2008 1709.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1710.In the Task Sequence Editor dialog box, click Add, click General, and then click Install Language Packs Online. 1711.In the Task Sequence Editor dialog box, go to the State Restore phase. 1712.Click the Restart Computer task. 1713.Click Add, click MDT, and then click Install Language Packs Online. 1714.Type the relevant information in the Name and Description boxes, and then click Browse to select a language pack package to install. 1715.Click OK to save the settings, and then close the Task Sequence Editor. Note When used in MDT 2008, the term online means that the computer is booted into an operating system but run as an Administrator user so that final configurations can be made to the running operating system.
Add Updates Use System Center Configuration Manager to add updates during the task sequence. Updates can be added online or offline. Manage software updates in System Center Configuration Manager using a server configured as a software update point. For detailed information on software updates using System Center Configuration Manager, see Tasks for Software Updates at http://technet.microsoft.com/en-us/library/bb693776.aspx. Use deployment packages to deploy software updates. For more information about configuration and deployment of software update packages, see Download Updates Wizard at http://technet.microsoft.com/en-us/library/bb632835.aspx. To install operating system updates online, the updates need to be added to a Deployment Management item. Create a Deployment Management item using the Deploy Package Wizard. For more information on deploying packages and deployment management, see the Configuration Manager Library at http://technet.microsoft.com/enus/library/bb693754.aspx. To add offline updates to Windows Vista 1716.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1717.Beneath the Postinstall phase, locate the Setup Windows and ConfigMgr task. 1718.Click the task immediately above this task, so that the new added task will be positioned just above the Setup Windows and ConfigMgr task. 1719.In the Task Sequence Editor dialog box, click Add, click MDT, and then click Install Updates Offline. 1720.Type the relevant information in the Name and Description boxes, and then click Browse to select an appropriate updates package to install. 1721.Click OK to save the settings, and then close the Task Sequence Editor.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
123
To add online updates to Windows XP, Windows Server 2003, Windows Server 2008, or Windows Vista 1722.In Configuration Manager console, expand Computer Management, and then expand Task Sequence. Right-click task_sequence (where task_sequence is the name of the task sequence to edit), and then click Edit. 1723.In the Task Sequence Editor dialog box, go to the State Restore phase. 1724.Click the Restart Computer task. 1725.Click Add, click MDT, and then click Install Updates Online. 1726.Type the relevant information in the Name and Description boxes, and then click Browse to select an appropriate updates package to install. 1727.Click OK to save the settings, and then close the Task Sequence Editor. Note The Software Update Point role and Windows Server Update Services (WSUS) must be set for this purpose. Use the Install Software Updates task to accomplish this task.
Create an Operating System Image Capture Image When a reference computer must be captured to be deployed using System Center Configuration Manager, first capture that image and add it to Configuration Manager console as an operating system image package. The image is created using an operating system deployment media task sequence. For additional guidance on this process, see “Sample Build and Capture Operating System Image Task Sequence” in the Configuration Manager Documentation Library.
Install an Existing Image Package Using the Import Microsoft Deployment Task Sequence Wizard and the Client Task Sequence To install an existing image package using the MDT 2008 client task sequence, perform the following steps: 1728.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1729.Right-click Task Sequences, and then point to Import Microsoft Deployment Task Sequence. Click Client Task Sequence, and then click Next. 1730.On the General page, type the relevant information in the following boxes, and then click Next: •
Task Sequence Name: A name for the task sequence.
•
Comments: Optional comments.
1731.On the Details page, in the Join workgroup or domain section, click the relevant settings to add the computer to a workgroup if building a reference image, or to a domain, if required.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
124
Microsoft Deployment Toolkit 2008
1732.If adding the computer to a domain, click Set to type credentials for adding the computer to the designated domain. 1733.In the Windows Settings section, type the relevant information in the following boxes, and then click Next: •
User Name: The owner of this copy of Windows.
•
Organization name: The organization name.
•
Product key: The product key; usually a 25-character alphanumeric value.
1734.In the Capture Operating System Image settings box, type a UNC path to a location and file name, and then click Next. •
Capture destination: \\servername\sharename\%computername%.wim.
•
Capture account: Click Set to type credentials with Write access to the capture destination share location.
1735.On the Boot Image page, click Browse to locate an existing boot image package in the Select a Package dialog box, and then click Next. 1736.On the MDT Package page, click one of the following options: •
Specify a new Microsoft Deployment Files package: Click Browse to select an existing MDT 2008 tools package.
•
Create a new Microsoft Deployment Files package: Browse to the location of the appropriate deployment point created in Deployment Workbench.
1737.On the OS Image page, browse to select an existing image package for deployment, and then click Next. Note This page also allows for creation of a new operating system package by browsing to a Windows Imaging Format (WIM) file that will create a new System Center Configuration Manager package.
1738.On the Client Package page, click Browse to select an existing System Center Configuration Manager client package to install, and then click Next. 1739.On the USMT Package page, specify the USMT package, and then click Next. •
Specify an existing USMT Package: Click Browse to select a USMT package.
1740.On the Settings Package page, browse to select a settings package. 1741.On the Select a Sysprep Package page, if deploying Windows, click No Sysprep Package is required, because Sysprep in already in the operating system image. 1742.If deploying Windows XP with SP2, select one of the following options, and then click Finish: •
Select an existing Sysprep package: Browse to select an existing Sysprep package.
•
Create a new Sysprep package: Browse to the location of the existing Sysprep files, such as C:\Sysprep, and type the package path to store the created package.
1743.The Summary page shows the details of the selections made while completing the wizard. Click Close to return to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
125
Create a Client Replace Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard MDT 2008 provides a Client Replace task sequence. This task sequence is primarily used to capture the user state data from an existing computer so it can be restored on a user’s new destination computer. To create a Client Replace task sequence, import the MDT 2008 Client Replace task sequence to use in Replace Computer scenarios. A computer must be associated with System Center Configuration Manager before running the client task sequence. Without the computer association, it is not possible to restore the captured user state on the new computer. It is also not possible to add a computer association with System Center Configuration Manager after the user state has already been captured from the old computer. To create a Client Replace task sequence 1744.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1745.Right-click Task Sequences, point to Import Microsoft Deployment Task Sequence, click Client Replace Task Sequence, and then click Next. 1746.On the General page, type the relevant information in the following boxes, and then click Next: •
Task Sequence Name: An appropriate name for the task sequence.
•
Comments: Optional comments.
1747.Click Next. 1748.On the Boot Image page, click Browse to locate an existing boot image package in the Select a Package dialog box. 1749.Click Next. 1750.On the MDT Package page, click one of the following options: •
Specify a new Microsoft Deployment files package: Click Browse to select an existing MDT tools package.
•
Create a new Microsoft Deployment files package: Browse to the location of the relevant deployment point created in Deployment Workbench.
1751.Click Next. 1752.On the USMT Package page, browse to select a USMT package. Click Next. 1753.On the Settings Package page, click Browse to select a settings package, and then click Next. The wizard finishes and returns to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
126
Microsoft Deployment Toolkit 2008
Create a Server Task Sequence Using the Import Microsoft Deployment Task Sequence Wizard MDT 2008 provides a task sequence that can be used for server deployment. This task sequence is used to completely automate the build, capture, and deployment of Windows Server 2008 or Windows Server 2003. To create a server task sequence, import the MDT 2008 server task sequence into Configuration Manager console. To create a server task sequence 1754.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1755.Right-click Task Sequences, point to Import Microsoft Deployment Task Sequence, click Server Task Sequence, and then click Next. 1756.On the General page, type the relevant information in the following boxes, and then click Next: •
Task Sequence Name: An appropriate name for the task sequence.
•
Comments: Optional comments.
1757.On the Details page, in the Join workgroup or domain section, click the relevant settings to add the computer to a workgroup if building a reference image, or to a domain, if required. 1758.If adding the computer to a domain, click Set to type credentials for adding the computer to the designated domain. 1759.In the Windows Settings section of the dialog box, type the relevant information in the following boxes: •
User Name: The owner of this copy of Windows.
•
Organization name: The organization name.
•
Product key: A product key; usually a 25 character alphanumeric value.
1760.In the Capture Operating System Image settings box, type a UNC path to a location and filename, such as: •
Capture destination: \\servername\sharename\%computername%.wim.
•
Capture account: Click Set to type credentials with Write access to the capture destination share location.
1761.Click Next. 1762.On the Boot Image page, click Browse to locate an existing boot image package in the Select a Package dialog box. Note Alternatively, in the Create a new boot image package box, type a UNC path to store the newly created image package, and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft System Center Configuration Manager 2007 Imaging Guide: Prepare for Deployment
127
1763.On the MDT Package page, click one of the following to: •
Specify a new Microsoft Deployment Files package: Click Browse to select an existing MDT 2008 tools package.
•
Create a new Microsoft Deployment Files package: Browse to the location of the relevant deployment point created with Deployment Workbench.
1764.Click Next. 1765.On the OS Image page, click one of the following options: •
Specify an existing OS image: Browse to select an existing server image package.
•
Create a new OS Image: Browse to the location of an existing server WIM image, and then define the location to store the resulting server image package.
•
Specify an existing OS Install Package: Browse to select an existing server OS install package.
•
Create a new OS Install Package: Click this option to install and capture a new Windows Server 2003 operating system installation package from the original CD operating system source files.
1766.Click Next. 1767.On the Client Package page, click one of the following: •
Specify an existing ConfigMgr Client package: Browse to select a System Center Configuration Manager client installation package.
•
Create a new ConfigMgr Client package: If this option is selected, the wizard creates a new System Center Configuration Manager client package. Note This page is for the installation of the System Center Configuration Manager client and is not specific to the client operating system installation.
1768.Click Next. 1769.On the Settings Package page, click Browse to select a settings package. 1770.On the Select a Sysprep Package page, if deploying Windows Server 2008, click No Sysprep Package is required, because Sysprep in already part of the operating system image. 1771.If deploying a version of Windows Server 2003, click one of the following options: •
Select an existing Sysprep Package: Browse to select an existing Sysprep package.
•
Create a new Sysprep package: Browse to the location of the existing Sysprep files, such as C:\Sysprep, and type the package path to store the created package.
1772.Click Next. The wizard finishes and returns to Configuration Manager console.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Tar ge ting Driv er s to a Spec if ic Co mpute r To install specific drivers to a target computer, use the Auto-apply Drivers task sequence to install drivers from a specific driver category. The driver category used is not important, because the CustomSettings.ini file overrides it. To add specific drivers to a target computer 1773.In the Configuration Manager console console tree, go to Computer Management/Operating System Deployment. 1774.Click Task Sequences, and then click task_sequence (where task_sequence is the sequence to edit). Right-click Task Sequence, and then click Edit. 1775.Create multiple Auto-apply Drivers tasks in the task sequence. For each task, choose the specific driver category. Set a condition on the tasks so that a Windows Management Instrumentation (WMI) query is made for the make and model of the computer, and so the correct task will be associated with the correct make and model or role. 1776.Use the OSDAutoApplyDriverCategoryList variable, available in Configuration Manager console. To do this, add the following lines to the CustomSettings.ini file: [Settings] Properties=OSDAutoAPplyDriverCategoryList [Default] or some other location OSDAutoApplyDriverCategoryList=DriverCategories:GUID Where GUID is the globally unique identifier (GUID) assigned to the driver category.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Contents
cxxix
1777.Obtain the GUID information by running the following Microsoft Visual Basic® Scripting Edition (VBScript) code: strSiteCode = "CEN" strServer = "SMSSERVER" strDriverCatName = "Dell" set objWMIService= GetObject("winmgmts:{impersonationlevel=impersonate}!\\" & strServer & "\root\sms\site_" & strSiteCode) set DriverGUIDS = objWMIService.ExecQuery("select CategoryInstance_UniqueID from sms_categoryinstance where LocalizedCategoryInstanceName = '" & strDriverCatName & "'") For each DriverGuid in DriverGuids wscript.echo DriverGuid.CategoryInstance_UniqueID Next 1778.Replace strSiteCode, the strServer server, and strDriverCatName with information pertinent to the environment.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
cxxx
Microsoft Deployment Toolkit 2008
Microsoft® Deployment Toolkit 2008 Toolkit Reference Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This reference is part of Microsoft® Deployment Toolkit (MDT) 2008 and provides configuration settings that can be used in the deployment process. Reviewing the guides listed in Table 1 can further assist in customizing configuration settings for the deployment environment. Table 1. Guidance for Configuring Deployment Settings Guide
This guide offers assistance to help
Deployment Customization Guide
Further customize the configuration files used in Zero Touch Installation (ZTI) and Lite Touch Installation (LTI) deployments. This guide also provides generic configuration guidance and a technical reference for configuration settings.
Image Customization Guide
Guides the process of using MDT 2008, Microsoft Systems Management Server 2003, and Microsoft System Center Configuration Manager 2007 during the imaging process.
Microsoft Deployment Toolkit 2008 Samples Guide
Identify deployment scenarios and corresponding configuration settings when deploying target computers using ZTI and LTI. The sample configuration files in this guide can be used as a starting point for the configuration in the environment.
Preparing for LTI Tools
Create a default installation of MDT 2008 for LTI deployment.
Preparing for Microsoft System Center Configuration Manager 2007
Install ZTI in the environment and perform deployments using System Center Configuration Manager. The guide includes information about how ZTI and System Center Configuration Manager work together, including flowcharts and troubleshooting.
Preparing for Microsoft Systems Management Server 2003
Install ZTI in the environment and perform deployments using Systems Management Server. The guide includes information about how ZTI and Systems Management Server work together.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Task Sequence S
teps
Task sequences are created by the Task Sequence Editor and consist of a combined series of steps that are designed to complete an action. Task sequences can operate across a computer restart and can be configured to automate tasks on a computer without requiring user intervention. In addition, task sequence steps can be added to a task sequence group, which help keep similar task sequence steps together for better organization and error control. Each task sequence step performs a specific task, such as validating that the target computer is capable of receiving the deployment image, storing user data in a safe location, deploying an image to a target computer, restoring saved user data, and so on. These task sequence steps accomplish their tasks by using utilities and scripts provided with the MDT 2008 solution or by the deployment team. Use this reference to help determine the correct task sequence groups and task sequence steps to configure the deployment process and the valid properties and options to use. The following information is provided for each task sequence group and step: •
Name. The name of the task sequence group or step.
•
Description. A description of the purpose of the task sequence group or step and any pertinent information regarding its customization.
•
Properties. Indicates the valid configuration properties that can be specified for the task sequence group or step that define how the task is performed.
•
Options. Indicates the valid configuration options that can be specified for the task sequence group or step that define if and when the task is performed and what is considered a successful exit code from the task. For more information about the Task Sequence Editor, see Operating System Deployment: Task Sequence Editor at http://technet.microsoft.com/enus/library/bb680396.aspx.
Common Properties and Options for Task Sequence Step Types Each task sequence group and step has configurable settings on the Properties and Options tabs that are common to all task sequence groups and steps. These common settings are briefly described in the following sections.
Common Properties Table 2 shows the settings that are available on the Properties tab of each task sequence step. For more information about the Properties tab for a particular task sequence step, see the topic that corresponds to the step later in this reference. Note The task sequence step types listed here are those that are available in Deployment Workbench. Additional task sequence step types might be available when configuring task sequences using System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
3
Table 2. Settings Available on the Properties Tab Name
Description
Type
A read-only value that indicates the task sequence group or step type. The type will be set to one of these values: •
Apply Network Settings
•
Authorize DHCP
•
Capture Network Settings
•
Configure ADDS
•
Configure DHCP
•
Configure DNS
•
Enable BitLocker
•
Format and Partition Disk
•
Gather
•
Group
•
Install Application
•
Install Operating System
•
Install Roles and Features
•
Install Updates Offline
•
Restart Computer
•
Run Command Line
•
Run Command Line As
•
Set Task Sequence Variable
•
Validate
Group
Step
Name
A user-defined name that should allow easy identification and differentiation from other task sequence steps.
Description
A user-defined description that should make the task sequence step requirements and tasks easily understandable.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Common Options Table 3 shows the settings that are available on the Options tab of a task sequence step. For more information about the Options tab, see Task Sequence Options Tab at http://technet.microsoft.com/en-us/library/bb693661.aspx. Table 3. Settings Available on the Options Tab Name
Description
Group
Disable this step
Select this option to disable this task sequence step.
Success codes
Exit codes of the utility associated with this task sequence step that indicates it has completed successfully.
Step
Continue on error Select this option to allow the Task Sequencer to process additional task sequence steps if a failure occurs.
Conditional statements
One or more conditions that limit the running of this task sequence group or step. These conditional are based on the following: •
File Properties
•
Folder Properties
•
Operating system version: •
Is a certain architecture
•
Is a certain version
•
Query Windows Management Instrumentation (WMI)
•
Registry Setting: •
Exists
•
Does not exist
•
Equals
•
Does not equal
•
Greater than
•
Greater than or equals
•
Less than
•
Less than or equals
•
Installed Software
•
Task sequence variable:
Solution Accelerators
•
Exists
•
Equals
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
Name
5
Description •
Does not equal
•
Greater than
•
Greater than or equals
•
Less than
•
Less than or equals
Group
Step
These conditions can be grouped using IF statements that test all conditions, any condition, or no condition that evaluates as true. Note Additional conditional statements might be available when using System Center Configuration Manager to configure task sequence steps.
Specific Properties and Settings for Task Sequence Step Types Some properties and parameters of each task sequence step type are unique to that type. Each type with unique properties and settings is shown in the following sections, with its unique task sequence step properties and settings.
Apply Network Settings This task sequence step configures the network adapter on the target computer. For more information about what script accomplishes this task and what properties are used, see ZTINICConfig.wsf in the “Scripts” section of this reference. The unique properties and settings for the Apply Network Settings task sequence step type are:
Properties Name
Value
Type
Apply Network Settings
Settings Name
Value
Name
The name to be assigned to the network connection.
Obtain an IP address automatically
When selected, Dynamic Host Configuration Protocol (DHCP) will be used to obtain the required IP configuration settings for the network connection. This is the default selection.
Use the following IP address
When selected, one or more IP address and subnet mask combinations can be provided in addition to gateways that will be assigned to the network connection.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
Name
Value
Obtain a Domain Name System (DNS) server automatically
When selected, DHCP will be used to obtain the required IP configuration settings for the network connection. This is the default selection.
Use the following DNS servers
When selected, one or more DNS server IP address can be provided that will be assigned to the network connection.
DNS Suffix
The DNS suffix that will be applied to all network connections that use TCP/IP.
Register this connection’s address in DNS
Specifies that the computer will attempt dynamic registration of the IP addresses (through DNS) of this connection with the full computer name of this computer.
Use this connection’s DNS suffix in DNS registration
Specifies whether DNS dynamic update is used to register the IP addresses and the connection-specific domain name of this connection.
WINS server addresses
One or more Windows Internet Naming Service (WINS) server IP address can be provided that will be assigned to the network connection.
Enable LMHOSTS lookup
Specifies whether a local area network (LAN) Manager Hosts (LMHOSTS) file for network basic input/output system (NetBIOS) name resolution is used.
Default
Specifies whether this network connection obtains the setting to enable or disable NetBIOS over TCP/IP (NetBT) from a DHCP server. This is the default selection.
Enable NetBIOS over TCP/IP
Specifies that this network connection uses NetBT and WINS.
Disable NetBIOS over TCP/IP
Specifies that this network connection does not use NetBT and WINS.
Authorize DHCP This task sequence step authorizes the target computer as a DHCP server. For more information about what script accomplishes this task and what properties are used, see ZTIAuthorizeDHCP.wsf in the “Scripts” section of this reference. The unique properties and settings for the Authorize DHCP task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Authorize DHCP Server.
Settings Name
Description
Account
A user account that is a member of the Enterprise Admins group, to be used when authorizing DHCP for the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
7
Capture Network Settings This task sequence step gathers the network adapter settings from the target computer. For more information about what script accomplishes this task and what properties are used, see ZTINICConfig.wsf in the “Scripts” section of this reference. The unique properties and settings for the Capture Network Settings task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Capture Network Settings.
Settings Name
Description
None
Configure ADDS This task sequence step configures the target computer as an Active Directory® Domain Services (AD DS) domain controller. For more information about the settings listed in the following table, and which are configurable by this task sequence step, see the Microsoft Help and Support article, “Unattended promotion and demotion of Windows 2000 and Windows Server 2003 domain controllers,” at http://support.microsoft.com/kb/223757. The unique properties and settings for the Configure ADDS task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Configure ADDS.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Settings Name
Description
Create
Specifies the configuration set that will be used to configure the target computer. The configuration sets are: •
New domain controller replica. Creates an additional domain controller in an existing AD DS domain.
•
New read-only domain controller (RODC) replica. Creates a read-only domain controller (Windows Server® 2008 only).
•
New domain in existing forest. Creates a domain in an existing AD DS forest.
•
New domain tree in existing forest. Creates a new tree in an existing AD DS forest.
•
New forest. Creates a new AD DS forest.
Domain DNS name
The name of DNS domain.
Domain NetBIOS name
The NetBIOS name that is used by pre-AD DS clients to access the domain. This name must be unique on the network.
DNS name
The DNS name.
Replication source domain controller
The name of the domain controller from which to source AD DS on new replica or backup domain controller upgrade installations. If no value is supplied, the closest domain controller from the domain being replicated will be selected by default.
Account
The account to be used to perform the configuration.
Recovery (safe mode) password
The password for the offline Administrator account that is used in AD DS repair mode.
Install DNS if not already present
When selected, DNS will be installed if it has not already been installed.
Make this domain controller a global catalog (GC) server
Specifies whether the replica will also be a GC server. When selected, the target computer will be configured as a GC server if the replication source domain controller is a GC server.
Wait for critical replication only
When selected, this setting specifies that only critical replication is sourced during the replication phase of Dcpromo. Noncritical replication resumes when the computer restarts as a domain controller.
Forest functional level
Specifies the functional level for a new forest. Available options are:
Solution Accelerators
•
Level 1 = Microsoft Windows® 2000
•
Level 2 = Windows Server 2003
•
Level 3 = Windows Server 2008
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
9
Name
Description
Domain functional level
Specifies the functional level for a new domain. Available options are: •
Level 1 = Windows 2000
•
Level 2 = Windows Server 2003
•
Level 3 = Windows Server 2008
Database
Fully qualified, non–Universal Naming Convention (UNC) directory on a hard disk drive of the local computer that will host the AD DS database (NTDS.dit). If the directory exists, it must be empty. If it does not exist, it will be created. Free disk space on the logical drive selected must be 200 megabytes (MB) and possibly larger when rounding errors are encountered and to accommodate all objects in the domain. For best performance, the directory should be located on a dedicated hard disk.
Log files
Fully qualified, non-UNC directory on a hard disk on the local computer to host the AD DS log files. If the directory exists it must be empty. If it does not exist, it will be created.
SYSVOL
Fully qualified, non-UNC directory on a hard disk drive of the local computer that will host the AD DS System Volume (SYSVOL) files. If the directory exists it must be empty. If it does not exist it will be created. The directory must be located on a partition that is formatted with the NTFS version 5.0 file system. For best performance, the directory should be located on a different physical hard disk than the operating system.
Site name
The value of an existing AD DS site on which to locate the new domain controller. If not specified, an appropriate site will be selected. This option only applies to the new tree in a new forest scenario. For all other scenarios, a site will be selected using the current site and subnet configuration of the forest.
Configure DHCP This task sequence step configures the DHCP server service on the target computer. For more information about what script accomplishes this task and what properties are used, see ZTIConfigureDHCP.wsf in the “Scripts” section of this reference. The unique properties and settings for the Configure DHCP task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Configure DHCP Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Settings Name
Description
Name
Configure DHCP
Scope Details
These options apply to any client computers that obtain a lease within that particular scope. Configured scope option values always apply to all computers obtaining a lease in a given scope unless they are overridden by options assigned to class or client reservation. Within the Scope Details setting, the following sub-settings are configurable:
Solution Accelerators
•
Scope Name. A user-definable name.
•
Start IP address. The starting IP address for the scope.
•
End IP address. The ending IP address for the scope.
•
Subnet mask. The subnet mask of the client subnet.
•
Lease duration for DHCP clients. The duration that the DHCP lease is valid for the client.
•
Description. A description of the scope.
•
Exclude IP address range, Start IP address. The starting IP address for the range of IP addresses that are to be excluded from the scope.
•
Exclude IP address range, End IP address. The ending IP address for the range of IP addresses that are to be excluded from the scope.
•
003 Router. A list of IP addresses for routers on the client subnet.
•
006 DNS Servers. A list of IP addresses for DNS name servers available to the client.
•
015 DNS Domain Name. The domain name that the DHCP client should use when resolving unqualified domain names with the DNS.
•
044 WINS/NBNS Servers. Lists the IP addresses for NetBIOS name servers (NBNSes) on the network.
•
046 WINS/NBT Node Type. Configures the client node type for NetBT clients.
•
060 PXE Client. The address used for Pre-Boot Execution Environment (PXE) client bootstrap code.
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
11
Name
Description
Server Options
These options apply globally for all scopes and classes defined at each DHCP server and for any clients that a DHCP server services. Configured server option values always apply unless they are overridden by options assigned to other scope, class, or client reservation. Within the Server Options setting, the following sub-settings are configurable: •
003 Router. A list of IP addresses for routers on the client subnet.
•
006 DNS Servers. A list of IP addresses for DNS name servers available to the client.
•
015 DNS Domain Name. The domain name that the DHCP client should use when resolving unqualified domain names with the DNS.
•
044 WINS/NBNS Servers. Lists the IP addresses for NBNSes on the network.
•
046 WINS/NBT Node Type. Configures the client node type for NetBT clients.
•
060 PXE Client. The address used for Pre-Boot Execution Environment (PXE) client bootstrap code.
Configure DNS This task sequence step configures DNS on the target computer. For more information about what script accomplishes this task and what properties are used, see ZTIConfigureDNS.wsf in the “Scripts” section of this reference. The unique properties and settings for the Configure DNS task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Configure DNS Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Settings Name
Description
Name
Configure DNS
Zones
Within the Scope Details setting, the following sub-settings are configurable:
Server Properties
•
DNS zone name. A user-definable name.
•
Type. The type of DNS zone to be created.
•
Replication. Specifies the replication scheme used to share information between DNS servers.
•
Zone file name. The zone’s DNS database file.
•
Dynamic updates. Enables DNS client computers to register and dynamically update their resource records with a DNS server whenever changes occur.
•
Scavenge stale resource records. Removes stale resource records.
Within the Server Properties setting, the following subsettings are configurable: •
Disable recursion. Specifies that the DNS server will not perform recursion on any query.
•
BIND secondaries. Specifies whether to use fast transfer format to transfer a zone to DNS servers running legacy Berkeley Internet Name Domain (BIND) implementations.
•
Fail on load if bad data. Specifies the DNS server should parse files strictly.
•
Enable round robin. Specifies the DNS server should use the round robin mechanism to rotate and reorder a list of resource records if multiple resource records exist of the same type exist for a query answer.
•
Enable netmask ordering. Specifies whether the DNS server should reorder resource records within the same resource record set in its response to a query based on the IP address of the source of the query.
•
Secure cache against pollution. Specifies whether the DNS server will attempt to clean up responses to avoid cache pollution.
Note For more information about these server properties, see Optimizing DNS at http://technet2.microsoft.com/windowsserver/en/library/3a1388f8-269f-42f3-ad0ecc76e95226531033.mspx. Note The Configure DNS task sequence step uses the Dnscmd tool, which is included in Windows Support Tools, to configure DNS. Be sure that Windows Support Tools has been installed before running the Configure DNS task sequence step.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
13
Enable BitLocker This task sequence step configures BitLocker™ Drive Encryption on the target computer. For more information about this step type, see Enable BitLocker at http://technet.microsoft.com/en-us/library/bb632526.aspx. The unique properties and settings for the Enable BitLocker task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Enable BitLocker.
Settings Name
Description
Current operating system drive
When selected, the operating system drive will be configured. This is the default selection.
Specific drive
When selected, the specified drive will be configured.
TPM only
When selected, the Trusted Platform Module (TPM) is required. This is the default selection.
Startup key on USB only When selected, a startup key is required on the specified USB drive. TPM and startup key on USB
When selected, the TPM is required, in addition to a startup key on the specified USB drive.
In Active Directory
When selected, the recovery key is stored in AD DS. This is the default selection.
Do not create a recovery key
When selected, the recovery key is not created. Using this option is not recommended.
Wait for BitLocker to complete
When selected, this step will not finish until after BitLocker Drive Encryption has completed processing all drives.
Format and Partition Disk This task sequence step partitions and formats disks on the target computer. For more information about this step type, see Format and Partition Disk at http://technet.microsoft.com/en-us/library/bb680345.aspx. The unique properties and settings for the Format and Partition Disk task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Format and Partition Disk.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
Settings Name
Description
Disk number
The physical number of the disk to be configured.
Disk type
The type of drive to be created. Values are Standard—Master Boot Record (MBR) and GUID (globally unique identifier) Partition Table (GPT). The default selection is MBR.
Volume
Within the Volume setting, the following sub-settings are configurable: •
Partition Name. A user-definable name.
•
Partition Type. Values are Primary or Extended.
•
Use a percentage of remaining space.
•
Use specific drive size. Values are in increments of 1 MB or 1 GB.
•
Make this a boot partition.
•
File System. Values are NTFS or FAT32.
•
Quick Format. When selected, a quick format is performed.
•
Variable. The drive letter that was assigned to this newly configured partition.
Note When using the CustomSettings.ini file to specify the hard disk and partition configurations, only the first hard disk and first two partitions will be configured. Edit ZTIGather.xml to configure additional hard disks or partitions.
Gather This task sequence step gathers data and processing rules for the target computer. The unique properties and settings for the Gather task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Gather.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
15
Settings Name
Description
Gather only local data
When selected, this step will process only the properties contained in the ZTIGather.xml file.
Gather local data and process rules
When selected, this step will process the properties contained in the ZTIGather.xml file and the properties contained in the file specified by the Rules file. This is the default selection.
Rules file
The name of the Rules file to process. If left blank, the task sequence step will attempt to locate and process the CustomSettings.ini file.
Install Application This task sequence step installs applications on the target computer. For more information about this step type, see Install Software at http://technet.microsoft.com/en-us/library/bb680842.aspx. The unique properties and settings for the Install Application task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Application.
Settings Name
Description
Install multiple applications
Install mandatory applications that have been specified by the MandatoryApplications property and optional applications that are specified by the Applications property. These properties are configured by rules or are specified during the Windows Deployment Wizard interview process. This is the default selection.
Install a single application
The specific application to install. The application is selected from a drop-down list which is compiled of applications that have been configured on the Applications node of Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Install Operating System This task sequence step installs an operating system on the target computer. The unique properties and settings for the Install Operating System task sequence step type are:
Properties Name
Description
Type
This read-only type is set as Install Operating System.
Settings Name
Description
Operating system to install
The name of the operating system to be installed on the target computer. The operating system is selected from a drop-down list which is compiled from operating systems that have been configured on the Operating Systems node of Deployment Workbench.
Install Roles and Features This task sequence step installs the selected roles and features on the target computer. The unique properties and settings for the Install Roles and Features task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Roles and Features.
Settings Name
Description
The list of roles and features that should be installed
One or more roles and features can be specified for installation on the target computer. These roles are: •
AD DS domain controller
•
DHCP server
•
DNS server
Install Language Packs Offline This task sequence step installs updates to the image on the target computer after the operating system has been deployed but before the target computer has been restarted. These updates include language packs. For more information about what script accomplishes this task and what properties are used, see ZTIPatches.wsf in the “Scripts” section of this reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
17
The unique properties and settings for the Install Language Packs Offline task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Updates Offline.
Settings Name
Description
Package Name
The name of the language pack package that should be applied to the target computer.
Note This task sequence step is valid only when deploying Windows Vista® or Windows Server 2008 using MDT 2008 with System Center Configuration Manager.
Install Language Packs Online This task sequence step installs language packs to the image on the target computer after the operating system has been deployed and after the target computer has been restarted. For more information about what script accomplishes this task and what properties are used, see ZTILangPacks.wsf in the “Scripts” section of this reference. The unique properties and settings for the Install Language Packs Online task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Language Packs Online.
Settings Name
Description
Package Name
The name of the language pack package that should be applied to the target computer.
Note This task sequence step is valid only when using MDT 2008 with System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Install Updates Offline This task sequence step installs updates to the image on the target computer after the operating system has been deployed, but before the target computer has been restarted. These updates include language packs. For more information about what script accomplishes this task and what properties are used, see ZTIPatches.wsf in the “Scripts” section of this reference. The unique properties and settings for the Install Updates Offline task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Install Updates Offline.
Settings Name
Description
Package Group
The name of the package group that should be applied to the target computer. Note When using MDT 2008 with System Center Configuration Manager, specify the name of the update package that should be applied.
Note This task sequence step is valid only when deploying Windows Vista or Windows Server 2008.
Restart Computer This task sequence step restarts the target computer. The unique properties and settings for the Restart Computer task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Restart Computer.
Settings Name
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
19
Run Command Line This task sequence step will run the specified commands on the target computer. For more information about this step type, see Run Command Line at http://technet.microsoft.com/en-us/library/bb632992.aspx. The unique properties and settings for the Run Command Line task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Run Command Line.
Settings Name
Description
Command Line
The command to be run when this task sequence step is processed.
Start in
The starting folder for the application. The path must be a valid path on the target computer.
Run Command Line As This task sequence step will run the specified commands on the target computer while impersonating the specified user. The unique properties and settings for the Run Command Line As task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Run Command Line.
Settings Name
Description
Command Line
The commands to be run when this task sequence step is processed.
Start in
The starting folder for the application. The path must be a valid path on the target computer.
Account
The user credentials that will be used to run the specified command.
Load the user’s profile
When selected, the user profile for the specified account is loaded.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
Set Task Sequence Variable This task sequence step sets the specified task sequence variable to the specified value. For more information about this step type, see Set Task Sequence Variable at http://technet.microsoft.com/en-us/library/bb694306.aspx. The unique properties and settings for the Set Task Sequence Variable task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Set Task Sequence Variable.
Settings Name
Description
Task Sequence Variable
The name of the variable to modify.
Value
The value to assign to the specified variable.
Validate This task sequence step validates that the target computer meets the specified deployment prerequisite conditions. The unique properties and settings for the Validate task sequence step type are:
Properties Name
Description
Type
This read-only type is set to Validate.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
21
Settings Name
Description
Ensure minimum memory
When selected, this step will verify that the amount of memory, in MB, installed on the target computer meets or exceeds the amount specified. This is a default selection.
Ensure minimum processor speed
When selected, this step will verify that the speed of the processor, in megahertz (MHz), installed on the target computer meets or exceeds the amount specified. This is a default selection.
Ensure specified image size will fit
When selected, this step will verify that the amount of free disk space, in MB, on the target computer meets or exceeds the amount specified.
Ensure current operating system to be refreshed
When selected, this step will verify that the operating system installed on the target computer meets the requirement specified. This is a default selection.
Out-of-Box Task Sequence Steps The following task sequence steps are referenced by one or more of the available task sequence templates that are included with MDT 2008. Each of the following examples lists the preconfigured properties, parameters, and options, and can be used as a basis for building custom task sequences. Only the task sequence step properties, parameters, and options, and their corresponding values, are listed in the examples. For more information about each task sequence step, see the corresponding topics in the sections, “Common Properties and Options for Task Sequence Step Types” and “Specific Properties and Parameters for Task Sequence Step Types” sections of this reference.
Add Mass Storage Drivers to Sysprep.inf for XP and 2003 This task sequence step adds mass storage drivers to the System Preparation Tool (Sysprep) file on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIStorageDriversSysprep.wsf in the “Scripts” section of this reference. The default configuration of the Add mass storage drivers to sysprep.inf for XP and 2003 task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Add mass storage drivers to Sysprep.inf for XP and 2003
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIStorageDriversSysprep.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Apply Network Settings This task sequence step configures the network adapter on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTINICConfig.wsf in the “Scripts” section of this reference. The default configuration of the Apply Network Settings task sequence step is:
Properties Name
Value
Type
Apply Network Settings
Name
Apply Network Settings
Description
Not specified.
Settings Name
Value No parameters are preconfigured for this step. This causes this step, by default, to configure the network adapter to use DHCP.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
23
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Note When using the CustomSettings.ini file to specify the network adapter configurations, only the first network adapter will be configured. Edit ZTIGather.xml to configure additional network adapters.
Apply Patches This task sequence step installs updates to the image on the target computer after the operating system has been deployed, but before the target computer has been restarted. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIPatches.wsf in the “Scripts” section of this reference. The default configuration of the Install Updates Offline task sequence step is:
Properties Name
Value
Type
Install Updates Offline
Name
Apply Patches
Description
Not specified.
Settings Name
Value
Package Group
All Packages
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Apply Windows PE This task sequence step prepares the target computer to start in Windows Preinstallation Environment (Windows PE). Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTIApply.wsf in the “Scripts” section of this reference. The default configuration of the Apply Windows PE task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Apply Windows PE
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTIApply.wsf" /PE
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Backup This task sequence step backs up the target computer before starting the operating system deployment. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIBackup.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
25
The default configuration of the Backup task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Backup
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIBackup.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Capture Groups This task sequence step captures group membership of local groups that exist on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIGroups.wsf in the “Scripts” section of this reference. The default configuration of the Capture Groups task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Capture Groups
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIGroups.wsf" /capture
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Capture User State This task sequence step captures the user state for user profiles that exist on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIUserState.wsf in the “Scripts” section of this reference. For more information about this step type, see Capture User State at http://technet.microsoft.com/en-us/library/bb680924.aspx. The default configuration of the Capture User State task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Capture User State
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIUserState.wsf" /capture
Start in
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
27
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Check BIOS This task sequence step checks the BIOS of the target computer to ensure that it is compatible with the operating system that is to be deployed. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIBIOSCheck.wsf in the “Scripts” section of this reference. The default configuration of the Check BIOS task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Check BIOS
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIBIOSCheck.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Configure This task sequence step configures the Unattend.xml, Sysprep.inf, or Unattend.txt files with the required property values that are applicable to the operating system being deployed to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIConfigure.wsf in the “Scripts” section of this reference. The default configuration of the Configure task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Configure
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIConfigure.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Copy Media CD to Local Hard Disk for OEM Pre-installation This task sequence step copies the contents of the media deployment point to the target computer, in preparation for original equipment manufacturer (OEM) duplication. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIOEM.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
29
The default configuration of the Copy Media CD to Local Hard Disk for OEM preinstallation task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Copy Media CD to Local Hard Disk for OEM pre-installation
Description
Not specified.
Settings Name
Value
Command line
cscript.exe //nologo "%SCRIPTROOT%\LTIOEM.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Copy Scripts This task sequence step copies the deployment scripts used during the deployment processes to a local hard drive on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTICopyScript.wsf in the “Scripts” section of this reference. The default configuration of the Copy Scripts task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Copy Scripts
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTICopyScripts.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
DeploymentMethod does not equal OSD Note When performing a non- SMS 2003 Operating System Deployment (OSD) Feature Pack deployment, the conditional qualifier will not be specified.
Copy Sysprep Files This task sequence step copies the Sysprep files to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTISysprep.wsf in the “Scripts” section of this reference. The default configuration of the Copy Sysprep Files task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Copy Sysprep Files
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTISysprep.wsf"
Start in
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
31
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Create BitLocker Partition This task sequence step sets the BDEInstall property to True, indicating that BitLocker Drive Encryption should be installed on the target computer. The unique properties and settings for the Create BitLocker Partition task sequence step type are:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Create BitLocker Partition
Description
None
Settings Name
Value
Task Sequence Variable
BDEInstall
Value
True
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Enable BitLocker This task sequence step enables BitLocker Drive Encryption on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIBde.wsf in the “Scripts” section of this reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit 2008
The default configuration of the Enable BitLocker task sequence step is:
Properties Name
Value
Type
Enable BitLocker
Name
Enable BitLocker
Description
None
Settings Name
Value
Current operating system drive
Selected.
TPM only
Selected.
Startup key on USB only Not selected. TPM and startup key on USB
Not selected.
Specific drive
Not selected.
In Active Directory
Selected.
Do not create a recovery key
Not selected.
Wait for BitLocker to complete
Not selected.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
33
Enable OEM Disk Configuration This task sequence step sets the DeploymentType property to NEWCOMPUTER, which allows the target computer’s disk to be partitioned and formatted. The unique properties and settings for the Enable OEM Disk Configuration task sequence step type are:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Enable OEM Disk Configuration
Description
None
Settings Name
Value
Task Sequence Variable
DeploymentType
Value
NEWCOMPUTER
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
End Phase This task sequence step ends the current deployment phase and restarts the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. The default configuration of the End Phase task sequence step is:
Properties Name
Value
Type
Restart Computer
Name
End Phase
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit 2008
Settings Name
Value
None
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Execute Sysprep This task sequence step starts Sysprep on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTISysprep.wsf in the “Scripts” section of this reference. The default configuration of the Execute Sysprep task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Execute Sysprep
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTISysprep.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
35
Format and Partition Disk This task sequence step configures and formats disk partitions on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIDiskpart.wsf in the “Scripts” section of this reference. The default configuration of the Format and Partition Disk task sequence step is:
Properties Name
Value
Type
Format and Partition Disk
Name
Format and Partition Disk
Description
Not specified.
Settings Name
Value
Disk number
0
Disk type
Standard (MBR)
Volume
Within the Volume setting, the following sub-settings are configured: •
Partition Name. OSDisk.
•
Partition Type. Primary.
•
Use a percentage of remaining space. Selected.
•
Size(%). 100
•
Use specific drive size. Not selected.
•
Make this a boot partition. Selected.
•
File System. NTFS.
•
Quick Format. Selected.
•
Variable. Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit 2008
Note When using the CustomSettings.ini file to specify the hard disk and partition configurations, only the first hard disk and first two partitions will be configured. Edit ZTIGather.xml to configure additional hard disks or partitions.
Gather Local Only This task sequence step gathers deployment configurations settings from local sources that apply to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIGather.wsf in the “Scripts” section of this reference. The default configuration of the Gather Local Only task sequence step is:
Properties Name
Value
Type
Gather
Name
Gather Local Only
Description
Not specified.
Settings Name
Value
Gather only local data
Selected.
Gather local data and process rules
Not selected.
Rules file
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
None
Generate Application Migration File This task sequence step generates the ZTIAppXmlGen.xml file, which contains a list of file associations that are installed on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIAppXmlGen.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
37
The default configuration of the Generate Application Migration File task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Generate Application Migration File
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIAppXmlGen.wsf" /capture
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
None
Inject Drivers This task sequence step injects drivers that have been configured for deployment to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIDrivers.wsf in the “Scripts” section of this reference. The default configuration of the Inject Drivers task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Inject Drivers
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIDrivers.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Inject Storage Drivers for XP and 2003 This task sequence step injects mass storage drivers to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIStorageDrivers.wsf in the “Scripts” section of this reference. The default configuration of the Inject Storage Drivers for XP and 2003 task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Inject Storage Drivers for XP and 2003
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIStorageDrivers.wsf"
Start in
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
39
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Install Applications This task sequence step installs applications on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIApplications.wsf in the “Scripts” section of this reference. The default configuration of the Install Applications task sequence step is:
Properties Name
Value
Type
Install Applications
Name
Install Applications
Description
Not specified.
Settings Name
Value
Install multiple applications
Selected.
Install a single application
Not selected.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit 2008
Install Operating System This task sequence step installs an operating system on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. The default configuration of the Install Operating System task sequence step is:
Properties Name
Value
Type
Install Operating System
Name
Install Operating System
Description
Not specified.
Settings Name
Value
Operating system to install
This value corresponds to the operating system that was selected when the task sequence was created.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Install Packages This task sequence step installs software packages that are designated for deployment on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIPackages.wsf in the “Scripts” section of this reference. The default configuration of the Install Packages task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Install Packages
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
41
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIPackages.wsf"
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
DeploymentMethod does not equal OSD
Next Phase This task sequence step updates the Phase property to the next phase in the deployment process. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTINextPhase.wsf in the “Scripts” section of this reference. The default configuration of the Next Phase task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Next Phase
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTINextPhase.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit 2008
Post Apply Cleanup This task sequence step cleans up unnecessary files after the installation of an image on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see LTIApply.wsf in the “Scripts” section of this reference. The default configuration of the Post Apply Cleanup task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Post Apply Cleanup
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\LTIApply.wsf" /post
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
DeploymentMethod does not equal OSD
Prepare Computer for OEM Capture This task sequence step prepares the target computer for OEM duplication. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIOEM.wsf in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
43
The default configuration of the Prepare Computer for OEM Capture task sequence step is: Note
This task sequence step is available only when using ZTI for ConfigMgr.
Properties Name
Value
Type
Run Command Line
Name
Prepare Computer for OEM Capture
Description
Not specified.
Settings Name
Value
Command Line
cscript.exe "%deployroot%\scripts\ZTIOEM.wsf" /PREOEM
Disable 64-bit file system redirection
Not selected.
Start in
Not specified.
Package
Not selected.
Time-out
Not selected.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Restart Computer This task sequence step restarts the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. The default configuration of the Restart Computer task sequence step is:
Properties Name
Value
Type
Restart Computer
Name
Restart Computer
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit 2008
Settings Name
Value
None
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Restore Computer from OEM Capture This task sequence step reconfigures the target computer to allow starting from hard disk and restores certain preconfigured task sequence properties. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIOEM.wsf in the “Scripts” section of this reference. The default configuration of the Restore Computer from OEM Capture task sequence step is: Note
This task sequence step is available only when using ZTI for ConfigMgr.
Properties Name
Value
Type
Run Command Line
Name
Restore Computer from OEM Capture
Description
Not specified.
Settings Name
Value
Command Line
cscript.exe "%deployroot%\scripts\ZTIOEM.wsf" /POSTOEM
Disable 64-bit file system redirection
Not specified.
Start in
Not specified.
Package
Not specified.
Time-out
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
45
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Restore Groups This task sequence step restores the previously captured group membership of local groups on the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIGroups.wsf in the “Scripts” section of this reference. The default configuration of the Restore Groups task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Restore Groups
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIGroups.wsf" /restore
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
If all conditions are true:
Solution Accelerators
•
DoCapture not equals YES
•
DoCapture not equals PREPARE
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit 2008
Restore User State This task sequence step restores previously captured user state to the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIUserState.wsf in the “Scripts” section of this reference. For more information about this step type, see Restore User State at http://technet.microsoft.com/en-us/library/bb632881.aspx. The default configuration of the Restore User State task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Restore User State
Description
Not specified.
Settings Name
Value
Command Line
cscript.exe "%SCRIPTROOT%\ZTIUserState.wsf" /restore
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
If all conditions are true: •
If DeploymentType not equals UPGRADE
•
If DoCapture not equals YES
•
If DoCapture not equals PREPARE
Set Diskpart BIOS Compatibility Mode This task sequence step sets the OSDDiskpartBiosCompatibilityMode property to TRUE. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
47
The default configuration of the Set Diskpart BIOS Compatibility Mode task sequence step is:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Set Diskpart BIOS Compatibility Mode
Description
Not specified.
Settings Name
Value
Task Sequence Variable
OSDDiskpartBiosCompatibilityMode
Value
TRUE
Options Name
Value
Disable this step
Selected.
Success codes
0
Continue on error
Not selected.
Conditional qualifier
Not specified.
Tatoo This task sequence step tattoos the target computer with identification and version information. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTITatoo.wsf in the “Scripts” section of this reference. The default configuration of the Tatoo task sequence step is:
Properties Name
Value
Type
Set Task Sequence Variable
Name
Set Diskpart BIOS Compatibility Mode
Description
Not specified.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit 2008
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTITatoo.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Selected.
Conditional qualifier
Not specified.
Validate This task sequence step validates that the target computer meets the specified deployment prerequisite conditions. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIValidate.wsf in the “Scripts” section of this reference. The default configuration of the Validate task sequence step is:
Properties Name
Value
Type
Validate
Name
Validate
Description
Not specified.
Settings Name
Value
Ensure minimum memory (MB)
Selected. The value selector is set to 512.
Ensure minimum processor speed (MHz)
Selected. The value selector is set to 800.
Ensure specified image size will fit (MB)
Not selected.
Ensure current operating system to be refreshed
Selected. The value selector is set to “Server” or “Client,” depending on the template used to create the task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Task Sequence Steps
49
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Not selected.
Conditional qualifier
Not specified.
Windows Update (Pre-Application Installation) This task sequence step installs updates to the target computer prior to the installation of applications. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIWindowsUpdate.wsf in the “Scripts” section of this reference. The default configuration of the Windows Update (Pre-Application Installation) task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Windows Update (Pre-Application Installation)
Description
Not specified.
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIWindowsUpdate.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Selected.
Conditional qualifier
If all conditions are true:
Solution Accelerators
•
If DoCapture not equals YES
•
If DoCapture not equals PREPARE microsoft.com/technet/SolutionAccelerators
50
Microsoft Deployment Toolkit 2008
Note This task sequence step is the same as the Windows Update (Post-Application Installation) task sequence step.
Wipe Disk This task sequence step formats the disks of the target computer. Following is a brief listing of the settings that show how this step was originally configured in one of the MDT 2008 task sequence templates. For more information about what script accomplishes this task and what properties are used, see ZTIWipeDisk.wsf in the “Scripts” section of this reference. The default configuration of the Wipe Disk task sequence step is:
Properties Name
Value
Type
Run Command Line
Name
Wipe Disk
Description
This will only run if WipeDisk=TRUE in CustomSettings.ini
Settings Name
Value
Command line
cscript.exe "%SCRIPTROOT%\ZTIWipeDisk.wsf"
Start in
Not specified.
Options Name
Value
Disable this step
Not selected.
Success codes
0 3010
Continue on error
Selected.
Conditional qualifier
If all conditions are true:
Solution Accelerators
•
If DoCapture not equals YES
•
If DoCapture not equals PREPARE
microsoft.com/technet/SolutionAccelerators
Pr oper ti es The scripts used in LTI and ZTI reference properties to determine the process steps and configuration settings used during the deployment process. The scripts create some of these properties automatically. Other properties must be configured in the CustomSettings.ini file. Some of these properties are: •
Specific to ZTI only.
•
Specific to LTI only.
•
For use in both ZTI and LTI.
Use this reference to help determine the correct properties to configure and the valid values to include for each property. For each property the following information is provided: •
Description. Provides a description of the purpose of the property and any pertinent information regarding the customization of the property. Note
Unless explicitly specified for ZTI or LTI only, a property is valid for both ZTI and LTI.
•
Value and Description. Indicates the valid values to be specified for the property and a brief description of what each value means. (Values in italics indicate that a value is substituted—for example the value user1, user2 indicates that user1 and user2 would be replaced with the actual name of user accounts.)
•
Example. Provides an example of a property use as it might appear in the .ini files. For more information about these and other task sequence properties that might be referenced while performing a ZTI deployment, see Operating System Deployment Task Sequence Variables at http://technet.microsoft.com/enus/library/bb632442.aspx.
Property Definition _SMSTSOrgName Customizes the Task Sequencer engine's display banner. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
name
The name that will be used in the Task Sequencer engine’s display banner.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
52
Example [Settings] Priority=Default [Default] _SMSTSOrgName=Woodgrove Bank Note If MDT 2008 is used with the Systems Management Server (SMS) 2003 Operating System Deployment (OSD) Feature Pack, create a Variables.dat file and place it in the OSD package source folder. The file should have the following contents: <MediaVarList Version="4.00.5345.0000">My CorpName (where My CorpName is the name of the organization). When the file has been properly updated, update the Systems Management Server distribution points with the new package source.
Administrators A list of user accounts and domain groups that will be added to the local Administrator group on the target computer. The Administrators property is a list of text values that can be any non-blank value. The Administrators property has a numeric suffix (for example, Administrators1 or Administrators2). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
name
The name of a user or group that is to be added to the local Administrator group.
Example [Settings] Priority=Default [Default] Administrators1=WOODGROVEBANK\NYC Help Desk Staff Administrators2=WOODGROVEBANK\North America East Help Desk Staff PowerUsers1=WOODGROVEBANK\User01 PowerUsers2=WOODGROVEBANK\User02
AdminPassword Defines the password that will be assigned to the local Administrator user account on the target computer. If not specified, the pre-deployment password of the Administrator user account will be used. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
53
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
admin_password
The password that is to be assigned to the Administrator user account on the target computer.
Example [Settings] Priority=Default [Default] Administrators1=WOODGROVEBANK\NYC Help Desk Staff AdminPassword=admin_password
Applications A list of application GUIDs that should be installed on the target computer. These applications are specified on the Applications node in Deployment Workbench. These GUIDs are stored in the Applications.xml file. The Applications property is a list of text values that can be any non-blank value. The Applications property has a numeric suffix (for example, Applications001 or Applications002). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
application_guid
The GUID is specified by Deployment Workbench for the application to be deployed to the target computer. The GUID corresponds to the application GUID stored in the Applications.xml file.
Example [Settings] Priority=Default [Default] Applications001={1D7DF331-47B7-472C-87B3-442597EC2F7D} Applications002={9d2b8999-5e4d-4f3d-bb05-edaaf4fe5628}
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
54
Architecture The processor architecture of the processor that is currently running, which is not necessarily the processor architecture supported by the target computer. For example, when running a 32 bit–compatible operating system on a 64-bit processor, Architecture will indicate that the processor architecture is 32-bit. Use the CapableArchitecture property to identify the actual processor architecture supported by the target computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
x86
Processor architecture is 32-bit.
x64
Processor architecture is 64-bit.
Example None
AreaCode The area code to be configured for the operating system on the target computer. This property allows only numeric characters. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
area_code
The area code where the target computer is to be deployed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
55
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9
AssetTag The asset tag number associated with the target computer. The format for asset tag numbers is undefined. Use this property to create a subsection that contains settings targeted to a specific computer. Note This property is dynamically set by MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only. However, this property can be used within CustomSettings.ini, as shown in the following examples, to aid in defining the configuration of the target computer.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
asset_tag
The format of the asset tag is undefined and is determined by the asset tag standard of each organization.
Example 1 [Settings] Priority=Default [Default] ComputerName=HP-%AssetTag%
Example 2 [Settings] Priority=AssetTag, Default [Default] OSInstall=YES
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
56
Example 2 [0034034931] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [0034003233] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
BackupDir The folder in which backups of the target computer are stored. This folder exists beneath the UNC path specified in the BackupShare property. If the folder does not already exist, the folder is created automatically. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
folder
The name of the folder that exists beneath the shared folder specified in the BackupShare property.
Example [Settings] Priority=Default [Default] DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% BackupDrive=C:
BackupDrive The drive to include in the backup of the target computer. This property defaults to the drive that contains disk 0 partition 1. It can be also set to ALL.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
57
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
backup_drive
The drive letter of the drive to back up.
ALL
Back up all drives on the target computer.
Example [Settings] Priority=Default [Default] DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% BackupDrive=C:
BackupShare The shared folder in which backups of the target computer are stored. The credentials used to access this shared folder for: •
LTI are the credentials entered in the Windows Deployment Wizard.
•
ZTI are the credentials used by the Systems Management Server Advanced Client Network Access account.
The permissions required on this share are as follows: •
Domain Computers. Allow the Create Folders/Append Data permission.
•
Domain Users. Allow the Create Folders/Append Data permission.
•
Creator Owner. Allow the Full Control permission.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path of the shared folder. Note The UNC path specified in this property must exist before deploying the target operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
58
Example [Settings] Priority=Default [Default] DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% BackupDrive=C:
BDEDriveLetter The drive letter for the partition that is not encrypted by BitLocker Drive Encryption, also known as the System Volume (SYSVOL). SYSVOL is the directory that contains the hardware-specific files needed to load Windows computers after the BIOS has booted the platform. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_letter
The letter designation for the logical drive for the System Volume (such as S or T). The default value is S.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEDriveSize The size of the partition that is encrypted by BitLocker Drive Encryption, also known as the operating system volume. The value is specified in megabytes. In the example, the Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
59
size of the BitLocker Drive Encryption partition to create is almost 2 gigabytes (GB) (2,000 MB). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_size
The size of the partition in megabytes.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEInstall The type of BitLocker Drive Encryption installation to be performed. Protect the target computer using one of the following methods: •
A TPM microcontroller
•
A TPM and an external startup key (using a key that is typically stored on a USB flash drive)
•
A TPM and personal identification number (PIN)
•
An external startup key
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
60
Value
Description
TPM
Protect the computer with TPM only. The TPM is a microcontroller that stores keys, passwords, and digital certificates. The microcontroller is typically an integral part of the computer motherboard.
TPMKey
Protect the computer with TPM and a startup key. Use this option to create a startup key and to save it on a USB flash drive. The startup key must be present in the port each time the computer starts.
TPMPin
Protect the computer with TPM and a pin. Use this option in conjunction with the BDEPin property.
Key
Protect the computer with an external key (the recovery key) that can be stored in a folder, in AD DS, or printed.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEInstallSuppress Indicates whether the deployment process should skip the BitLocker Drive Encryption installation. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
YES
Do not attempt to install BitLocker Drive Encryption.
NO
Attempt to install BitLocker Drive Encryption.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
61
Example [Settings] Priority=Default [Default] BDEInstallSuppress=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
BDEKeyLocation The location for storing the BitLocker Drive Encryption recovery key and startup key. Note If this property is configured using the Windows Deployment Wizard, the property must be the drive letter of a removable disk. If the SkipBitLocker property is set to True so that the Specify the BitLocker configuration wizard page is skipped, this property can be set to a UNC path in CustomSettings.ini or in the Deployment Workbench database.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
location
Specifies where the recovery key will be stored. Must be a UNC path or the drive letter of a removable disk. If not set, the first available removable drive will be used.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
62
BDEPin The PIN to be assigned to the target computer when configuring BitLocker Drive Encryption and the BDEInstall or OSDBitLockerMode properties are set to TPMPin. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
Pin
The PIN to be used for BitLocker Drive Encryption. The PIN can be between 4 and 20 digits long.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMPin BDEPin=123456789
BDERecoveryKey A Boolean value that indicates whether the process creates a recovery key for BitLocker Drive Encryption. The key is used for recovering data encrypted on a BitLocker Drive Encryption volume. This key is cryptographically equivalent to a startup key. If available, the recovery key decrypts the volume master key (VMK), which, in turn, decrypts the full volume encryption key (FVEK). Note
The recovery key is stored in the location specified in the BDEKeyLocation property.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
AD
A recovery key is created.
Not specified
A recovery key is not created.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
63
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=AD BDEKeyLocation=C:
BDEWaitForEncryption Specifies that the deployment process should not proceed until BitLocker Drive Encryption has completed the encryption process for all specified drives. Specifying TRUE could dramatically increase the time required to complete the deployment process. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
TRUE
Specifies that the deployment process should wait for drive encryption to complete.
FALSE
Specifies that the deployment process should not wait for drive encryption to complete.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerStartupKeyDrive=C: OSDBitLockerCreateRecoveryPassword=AD BDEWaitForEncryption=TRUE
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
64
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
BitsPerPel A setting for displaying colors on the target computer. The property can contain numeric digits and corresponds to the color quality setting. In the example, 32 indicates 32 bits per pixel for color quality. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 Hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
bits_per_pixel
The number of bits per pixel to use for color. The default value is the default for the operating system being deployed.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
BuildID Identifies the operating system task sequence to be deployed to the target computer. The task sequence ID is created on the Task Sequences node in Deployment Workbench. The BuildID property allows alphanumeric characters, hyphens (-), and underscores (_). The BuildID property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
65
Value
Description
build_id
Identifier of the operating system task sequence as defined in Deployment Workbench for the target operating system being deployed. Note Make certain to use the TaskSequenceID specified in the Deployment Workbench UI, and not the GUID of the TaskSequenceID.
Example [Settings] Priority=Default [Default] BuildID=Vista_BareMetal
CapableArchitecture The processor architecture of the processor supported by the target computer, not the current processor architecture that is running. For example, when running a 32-bitcompatible operating system on a 64-bit processor, CapableArchitecture will indicate that the processor architecture is 64-bit. Use the Architecture property to see the processor architecture that is currently running. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
x86
Processor architecture is 32-bit.
x64
Processor architecture is 64-bit.
Example None
CaptureGroups Controls whether the group membership of local groups on the target computer is captured. This group membership is captured during the State Capture Phase and is restored during the State Restore Phase.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
66
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
NO
Captures no group membership information.
ALL
Captures the membership of all local groups on the target computer.
YES
Captures the membership of the Administrator and Power Users built-in groups and the groups listed in the groups’ properties. This is the default value if some other value is specified. (YES is the typical value.)
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ CaptureGroups=YES Groups1=NYC Application Management Groups2=NYC Help Desk Users Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
ComputerBackupLocation The network shared folder where the computer backup is stored. If the target folder does not already exist, it is automatically created. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
blank
Same as AUTO.
UNC_path
The UNC path to the network shared folder where the backup is stored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
67
Value
Description
AUTO
Creates a backup on a local hard disk if space is available. Otherwise, the backup is saved to a network location specified in the BackupShare and BackupDir properties.
NETWORK
Creates a backup on a network location specified in BackupShare and BackupDir.
NONE
No backup will be performed.
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ ComputerBackupLocation=NETWORK BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
ComputerName The name to be assigned to the target computer during the deployment of the target operating system. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
computer_name
The name to be assigned to the target computer. Note In a Refresh Computer scenario, ZTI will rename the computer if the following line was included in the [Default] section: ComputerName=%OSDNEWMACHINENAME%.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
68
Example [Settings] Priority=Default [Default] ComputerName=%OSDNEWMACHINENAME%
CountryCode The country code to be configured for the operating system on the target computer. This property allows only numeric characters. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
country_code
The country code where the target computer is to be deployed.
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9
Database The property that specifies the database to be used for querying property values from columns in the table specified in the Table property. The database resides on the computer specified in the SQLServer property. The instance of Microsoft SQL Server® on the computer is specified in the Instance property.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
69
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
database
The name of the database to be used for querying property values.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
DBID Specifies the user account used to connect to the computer running SQL Server (specified by the SQLServer property) using SQL Server authentication. The DBPwd property provides the password for the user account in the DBID property. Note SQL Server authentication is not as secure as Integrated Windows authentication. Integrated Windows authentication is the recommended authentication method. Using the DBID and DBPwd properties stores the credentials in clear text in the CustomSettings.ini file and therefore is not secure. For more information about using Integrated Windows authentication, see the SQLShare property. Note This property is configurable only by manually editing the CustomSettings.ini and BootStrap.ini files.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
70
Value
Description
user_id
The name of the user account credentials used to access the computer running SQL Server using SQL Server authentication.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 DBID=SQL_User-01 DBPwd=complex_password NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
DBPwd Specifies the password for the user account specified in the DBID property. The DBID and DBPwd properties provide the credentials for performing SQL Server authentication to the computer running SQL Server (specified by the SQLServer property). Note SQL Server authentication is not as secure as Integrated Windows authentication. Integrated Windows authentication is the recommended authentication method. Using the DBID and DBPwd properties stores the credentials in clear text in the CustomSettings.ini file and therefore is not secure. For more information about using Integrated Windows authentication, see the SQLShare property. Note This property is configurable only by manually editing the CustomSettings.ini and BootStrap.ini files.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
71
Value
Description
user_password
The password for the user account credentials specified in the DBID property for using SQL Server authentication.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 DBID=SQL_User-01 DBPwd=complex_password NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
DefaultGateway The IP address of the default gateway being used by the target computer. The format of the IP address returned by the property is standard dotted-decimal notation; for example, 192.168.1.1. Use this property to create a subsection that contains settings targeted to a group of computers based on the IP subnets on which they are located. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
default_gateway
The IP address of the default gateway in standard dotteddecimal notation.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
72
Example [Settings] Priority=DefaultGateway, Default [Default] OSInstall=YES [DefaultGateway] 192.168.0.1=HOUSTON 11.1.1.11=REDMOND 172.28.20.1=REDMOND [REDMOND] Packages001=XXX00004:Program4 Packages002=XXX00005:Program5 [HOUSTON] Packages001=XXX00006:Program6 Packages002=XXX00007:Program7 Packages003=XXX00008:Program8
DeployDrive The value used by the scripts to access files and run programs in the deployment point share created by Deployment Workbench. The property returns the drive letter mapped to the DeployRoot property. ZTIApplications.wsf uses the DeployDrive property when running any command-line programs with a .cmd or .bat extension. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_letter
The letter designation for the logical drive where the target operating system is to be installed (such as C or D).
Example None Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
73
DeploymentMethod The method being used for the deployment (Network, Media, or OSD). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
Network
The deployment is made to the target computer over the network.
Media
The deployment is made from local media (such as DVD or hard disk) at the target computer.
OSD
The deployment occurs using the SMS 2003 OSD Feature Pack from OSD distribution points. This is the method used by ZTI.
Example None
DeploymentType The type of deployment being performed based on the deployment scenario. For ZTI, this property is set dynamically by MDT 2008 scripts and is not configured in CustomSettings.ini. For LTI, the page in the Windows Deployment Wizard can be bypassed on which the deployment type is selected. When skipping this page in the wizard (using the SkipDeploymentType property), set this value in CustomSettings.ini to identify the type of deployment to be performed. Additionally, the deployment type can be specified by passing one of the values listed below to the LiteTouch.wsf script as a command-line option. Note Use the DeploymentType property in conjunction with the SkipDeploymentType property to skip the page in the Windows Deployment Wizard. All values must be specified in upper case to function properly.
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
NEWCOMPUTER
The target computer is a new computer that has never been a member of the network.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
74
Value
Description
REFRESH
The target computer is an existing computer on the network that needs the desktop environment standard to be redeployed.
REPLACE
An existing computer on the network is being replaced with a new computer. The user state migration data is transferred from the existing computer to a new computer.
UPGRADE
An existing computer on the network is running an earlier version of the Microsoft Windows operating system and needs to be upgraded to the most current desktop environment standard.
Example [Settings] Priority=Default [Default] DeploymentType=UPGRADE
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
DeployRoot The deployment point share created by Deployment Workbench. Use this property to select a specific deployment point. The most common use of this property is in the BootStrap.ini file to identify a deployment point before the connection to the deployment point is established. All other deployment point folders are relative to this property (such as device drivers, language packs, or operating systems). Note For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path to the deployment point share. The default share name is Distribution$.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
75
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE
Dialing The type of dialing supported by the telephony infrastructure where the target computer is located. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
PULSE
The telephony infrastructure supports pulse dialing.
TONE
The telephony infrastructure supports touch-tone dialing.
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9 Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
76
DoCapture Indicator of whether an image of the target computer is to be captured. If it is, Sysprep is run on the target computer to prepare for image creation. After Sysprep has run, a new Windows Imaging Format (WIM) image is created and stored in the folder within the shared folder designated for target computer backups (BackupDir and BackupShare, respectively). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Run Sysprep on the target computer and capture a WIM image.
NO
Do not run Sysprep on the target computer and do not capture a WIM image.
PREPARE
Copies the necessary files to run Sysprep on the target computer but does not run Sysprep or other image capture processes. This value is used when the SMS 2003 OSD Feature Pack is used to capture an image of the target computer.
Example [Settings] Priority=Default [Default] DoCapture=YES DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
DomainAdmin The user account credentials used to join the target computer to the domain specified in JoinDomain. Specify as Domain\UserName or [email protected]. Note For ZTI, the credentials that the SMS 2003 OSD Feature Pack specifies typically are used. If the DomainAdmin property is specified, the credentials in the DomainAdmin property override the credentials that the SMS 2003 OSD Feature Pack specifies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
77
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_admin
The name of the user account credentials.
Example [Settings] Priority=Default [Default] DomainAdmin=NYCAdmin DomainAdminDomain=WOODGROVEBANK DomainAdminPassword=complex_password::
DomainAdminDomain The domain in which the user’s credentials specified in DomainAdmin reside. Note For ZTI, the credentials that the SMS 2003 OSD Feature Pack specifies typically are used. If the DomainAdmin property is specified, the credentials in the DomainAdmin property override the credentials that the SMS 2003 OSD Feature Pack specifies.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_admin_domain
The name of the domain where the user account credentials reside.
Example [Settings] Priority=Default [Default] DomainAdmin=NYCAdmin DomainAdminDomain=WOODGROVEBANK DomainAdminPassword=complex_password::
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
78
DomainAdminPassword The password used for the domain Administrator account specified in the DomainAdmin property to join the computer to the domain. Note For ZTI, the credentials that the SMS 2003 OSD Feature Pack specifies typically are used. If the DomainAdmin property is specified, the credentials in the DomainAdmin property override the credentials that the SMS 2003 OSD Feature Pack specifies.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_admin_password
The password for the domain Administrator account on the target computer.
Example [Settings] Priority=Default [Default] DomainAdmin=NYCAdmin DomainAdminDomain=WOODGROVEBANK DomainAdminPassword=complex_password
DomainOUs A list of AD DS organizational units (OUs) where the target computer account can be created. The DomainOUs property lists text values that can be any non-blank value. The DomainOUs property has a numeric suffix (for example, DomainOUs1 or DomainOUs2). In addition, the same functionality can be provided by configuring the DomainOUList.xml file. The format of the DomainOUList.xml file is as follows:
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
79
Value
Description
OU
The OU where the target computer account can be created.
Example [Settings] Priority=Default [Default] OSInstall=Y DomainOUs1=\WOODGROVEBANK\NYC\Tellers\Computers DomainOUs2=\WOODGROVEBANK\NYC\Managers\Computers
DriverGroup A list of text values that associates out-of-box drivers created in Deployment Workbench with each other (typically based on the make and model of a computer). A driver can be associated with one or more driver groups. The DriverGroup property allows the drivers within one or more groups to be deployed to a target computer. The text values in the list can be any non-blank value. The DriverGroup property value has a numeric suffix (for example, DriverGroup001 or DriverGroup002). After it is defined, a driver group is associated with a computer. A computer can be associated with more than one driver group. For example, there are two sections for each of the computer manufacturers [Mfgr01] and [Mfgr02]. Two driver groups are defined for the manufacturer Mfgr01: Mfgr01 Video Drivers and Mfgr01 Network Drivers. For the manufacturer Mfgr02, one driver group is defined, Mfgr02 Drivers. One driver group, Shared Drivers, is applied to all computers found in the [Default] section. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
driver_group_name
The name of the driver group defined in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
80
Example [Settings] Priority=Make, Default [Default] DriverGroup001=Shared Drivers :: [Mfgr01] DriverGroup001=Mfgr01 Video Drivers DriverGroup002=Mfgr01 Network Drivers [Mfgr02] DriverGroup001=Mfgr02 Drivers
DriverPaths A list of UNC paths to shared folders where additional device drivers are located. These device drivers are installed with the target operating system on the target computer. The MDT 2008 scripts copy the contents of these folders to the C:\Drivers folder on the target computer. The DriverPaths property is a list of text values that can be any non-blank value. The DriverPaths property has a numeric suffix (for example, DriverPaths001 or DriverPaths002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
UNC path to the shared folder where the additional drivers are located.
Example [Settings] Priority=Default [Default] DriverPaths001=\\NYC-AM-FIL-01\Drivers$ DriverPaths002=\\NYC-AM-FIL-03\VistaDrvs::
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
81
EventShare The UNC path to the event collection servers for the Microsoft Deployment Toolkit Management Pack for Microsoft System Center Operations Manager 2007. The EventShare property points to a shared folder in which the MDT 2008 scripts record events. By default, the shared folder is created in C:\Events. If the folder will be created in any location other than C:\Events, modify the Generate ZTI Events and Discovery Data Management Pack rule to reference the location of the folder. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path to the shared folder where the Microsoft Deployment Toolkit Management Pack stores event information. The default share name is Events.
Example [Settings] Priority=Default [Default] EventShare=\\NYC-AM-FIL-01\Events DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$
FullName The full name of the user of the target computer provided during the installation of the operating system. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note This value is different from the user credentials created after the operating system is deployed. The FullName property is provided as information to system administrators about the user running applications on the target computer.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
full_name Solution Accelerators
The full name of the user of the target computer. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
82
Value
Description
Example [Settings] Priority=MACAddress, Default Properties=CustomProperty, ApplicationInstall [Default] CustomProperty=TRUE OSDINSTALLSILENT=1 OrgName=Woodgrove Bank [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista ApplicationInstall=Custom FullName=Woodgrove Bank User [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista ApplicationInstall=Minimum FullName=Woodgrove Bank Manager
Groups The list of local groups on the target computer whose membership will be captured. This group membership is captured during the State Capture Phase and is restored during the State Restore Phase. (The default groups are Administrators and Power Users.) The Groups property is a list of text values that can be any non-blank value. The Groups property has a numeric suffix (for example, Groups001 or Groups002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
group_name
The name of the local group on the target computer for
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
Value
83
Description which group membership will be captured.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
84
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ CaptureGroups=YES Groups001=NYC Application Management Groups002=NYC Help Desk Users
HALName The descriptive name of the hardware abstraction layer (HAL) currently running on the target computer. Note This property is required only for Windows XP and Windows Server 2003 deployment. Also, this property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
hal_name
The name of the HAL running on the target computer.
Example None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
85
Home_Page The URL to be used as the Windows Internet Explorer® home page after the target operating system is deployed. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
URL
The URL of the Web page to be used as the home page for Internet Explorer on the target computer.
Example [Settings] Priority=Default [Default] Home_Page=http://portal.woodgrovebank.com ComputerName=%OSDNEWMACHINENAME%
HostName The IP host name of the target computer (the name assigned to the target computer). Note This is the computer name of the target computer, not the NetBIOS computer name of the target computer. The NetBIOS computer name can be shorter than the computer name. Also, this property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
host_name
The IP host name assigned to the target computer.
Example None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
86
InputLocale A list of input locales to be used with the target operating system. More than one input locale can be specified for the target operating system. Each locale must be separated by a semicolon (;). If not specified, the Windows Deployment Wizard uses the input locale configured in the image being deployed. Exclude this setting in the Windows User State Migration Tool (USMT) when backing up and restoring user state information. Otherwise, the settings in the user state information will override the values specified in the InputLocale property. Note
This property is used only for deploying Windows XP and Windows Server 2003.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
input_locale1; input_locale2
The locale for the keyboard attached to the target computer.
Example [Settings] Priority=Default [Default] UserLocale=0409:00000409 InputLocale=0409:00000409;0413:00020409;0413:00000409;0409:00020409
Instance The instance of SQL Server used for querying property values from columns in the table specified in the Table property. The database resides on the computer specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
instance
The name of the instance of SQL Server to be used for querying property values.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
87
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
IPAddress The IP address of the target computer. The format of the IP address returned by the property is standard dotted-decimal notation; for example, 192.168.1.1. Use this property to create a subsection that contains settings targeted to a specific target computer based on the IP address. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
ip_address
The IP address of the target computer in standard dotteddecimal notation.
Example None
IsDesktop Indicator of whether the computer is a desktop, because the Win32_SystemEnclosure ChassisType property value is 3, 4, 5, 6, 7, or 15. Note Only one of the following properties will be true at a time: IsDesktop, IsLaptop, IsServer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
88
Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The target computer is a desktop computer.
FALSE
The target computer is not a desktop computer.
Example None
IsLaptop Indicator of whether the computer is a portable computer, because the Win32_SystemEnclosure ChassisType property value is 8, 10, 12, 14, 18, or 21. Note Only one of the following properties will be true at a time: IsDesktop, IsLaptop, IsServer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The target computer is a portable computer.
FALSE
The target computer is not a portable computer.
Example None
IsServer Indicator of whether the computer is a server, because the Win32_SystemEnclosure ChassisType property value is 23. Note Only one of the following properties will be true at a time: IsDesktop, IsLaptop, IsServer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
89
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The target computer is a server.
FALSE
The target computer is not a server.
Example None
IsServerCoreOS Indicator of whether the current operating system running on the target computer is the Windows Server 2008 Core operating system. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The operating system on the target computer is Windows Server 2008 Core.
FALSE
The operating system on the target computer is not Windows Server 2008 Core.
Example None
IsServerOS Indicator of whether the current operating system running on the target computer is a server operating system (such as Windows Server 2003). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
90
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TRUE
The operating system on the target computer is a server operating system.
FALSE
The operating system on the target computer is not a server operating system.
Example None
JoinDomain The domain that the target computer joins after the target operating system is deployed. This is the domain where the computer account for the target computer is created. The JoinDomain property can contain alphanumeric characters, hyphens (-), and underscores (_). The JoinDomain property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain_name
The name of the domain that the target computer joins.
Example [Settings] Priority=Default [Default] JoinDomain=WOODGROVEBANK MachineObjectOU=OU=Reception,OU=NYC,DC=Woodgrovebank,DC=com ComputerName=%OSDNEWMACHINENAME%
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
91
JoinWorkgroup The workgroup that the target computer joins after the target operating system is deployed. The JoinWorkgroup property can contain alphanumeric characters, hyphens (-), and underscores (_). The JoinWorkgroup property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
workgroup_name
The name of the workgroup that the target computer joins.
Example [Settings] Priority=Default [Default] JoinWorkgroup=WDGV_WORKGROUP
KeyboardLocale A list of keyboard locales to be used with the target operating system. More than one keyboard locale can be specified for the target operating system. Each locale must be separated by a semicolon (;). If not specified, the Windows Deployment Wizard uses the keyboard locale configured in the image being deployed. Exclude this setting in USMT when backing up and restoring user state information. Otherwise, the settings in the user state information will override the values specified in the KeyboardLocale property. Note This property is used only for deploying Windows Vista and Windows Server 2008. For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
92
Value
Description
keyboard_locale1; keyboard_locale2
The locale of the keyboard attached to the target computer. The value can be specified in the following formats: •
Text (en-us)
•
Hexadecimal (0409:00004009)
Example 1 [Settings] Priority=Default [Default] UserLocale=en-us KeyboardLocale=en-us
Example 2 [Settings] Priority=Default [Default] UserLocale=en-us KeyboardLocale=0409:00004009;1809:00001809;041A:0000041A;083b:0001083b
LanguagePacks A list of the GUIDs for the language packs to be deployed on the target computer. Deployment Workbench specifies these language packs on the OS Packages node. These GUIDs are stored in the Packages.xml file. The LanguagePacks property has a numeric suffix (for example, LanguagePacks001 or LanguagePacks002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
language_pack_guid
The GUID that Deployment Workbench specifies for the language packs to install on the target computer. The GUID corresponds to the language pack GUID stored in Packages.xml.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
93
Example [Settings] Priority=Default [Default] LanguagePacks001={a1923f8d-b07b-44c7-ac1e-353b7cc4c1ad}
LoadStateArgs The arguments passed to the USMT Loadstate process. The ZTI script inserts the appropriate logging, progress, and state store parameters. If this value is not included in the settings file, the user state restore process is skipped. If the Loadstate process finishes successfully, the user state information is deleted. In the event of a Loadstate failure (or non-zero return code), the local state store is moved to %WINDIR%\StateStore to prevent deletion and to ensure that no user state information is lost. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
Arguments
The command-line arguments passed to Loadstate.exe. The default arguments specified by Deployment Workbench are as follows: •
/v. Enables verbose output in the Loadstate log. The default is 0. Specify any number from 0 to 15. The value 5 enables verbose and status output.
•
/c. When specified, Loadstate will continue to run even if there are nonfatal errors. Without the /c option, Loadstate exits on the first error.
•
/lac. Specifies that if the account being migrated is a local (non-domain) account, and it does not exist on the destination computer, then USMT will create the account but it will be disabled.
For more information about these and other arguments, see the USMT Help files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
94
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName%
Location The geographic location of the target computers. A list of IP addresses that correspond to the default gateways defined for the computers within that location defines the Location property. An IP address for a default gateway can be associated with more than one location. Typically, the value for the Location property is set by performing a database query on the database managed using Deployment Workbench. Deployment Workbench can assist in creating the locations, defining property settings associated with the locations, and then in configuring CustomSettings.ini to perform the database query for the Location property and the property settings associated with the locations. For example, a LocationSettings section in CustomSettings.ini can query the LocationSettings view in the database for a list of locations that contain the value specified in the DefaultGateway property listed in the Parameters property. The query returns all settings associated with each default gateway. Then the scripts parse each section that corresponds to the locations returned in the query. For example, the value [Springfield]and the section [Springfield-123 Oak Street-4th Floor] in CustomSettings.ini can represent the corresponding locations. This is an example of how one computer can belong to two locations. The [Springfield] section is for all computers in a larger geographic area (an entire city), and the [Springfield-123 Oak Street-4th Floor] section is for all computers on the fourth floor at 123 Oak Street, in Springfield. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
95
Value
Description
location1,
The list of locations to be assigned to an individual computer or a group of computers.
location2 Example [Settings]
Priority=LSettings, Default [Default] UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution$ OSInstall=YES ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c [LSettings] SQLServer=w2k3-sp1 Instance=MDT2008 Database=DWDB Netlib=DBNMPNTW SQLShare=SQL$ Table=LocationSettings Parameters=DefaultGateway [Springfield] UDDir=%ComputerName% UDShare=\\Springfield-FIL-01\UserData [Springfield-123 Oak Street-4th Floor] DeployRoot=\\Springfield-BDD-01\Distribution1$
LongDistanceAccess The dialing digits to gain access to an outside line to dial long distance. The property can contain only numeric digits. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
96
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
long_distance_access
The digits used to get an outside line to dial long distance where the target computer is to be deployed.
Example [Settings] Priority=Default [Default] AreaCode=206 CountryCode=001 Dialing=TONE LongDistanceAccess=9
MACAddress The media access control (MAC) layer address of the primary network adapter of the target computer. The MACAddress property is included on the Priority line so that property values specific to a target computer can be provided. Create a section for each MAC address for each of the target computers (such as [00:0F:20:35:DE:AC] or [00:03:FF:FE:FF:FF]) that contain target computer–specific settings. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
mac_address
The MAC address of the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
97
Example [Settings] Priority=MACAddress, Default [Default] CaptureGroups=YES Groups1=NYC Application Management Groups2=NYC Help Desk Users [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
MachineObjectOU The AD DS OU in the target domain where the computer account for the target computer is created. Note
The OU specified in this property must exist before deploying the target operating system.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
OU_name
The name of the OU where the computer account for the target computer will be created.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
98
Example [Settings] Priority=Default [Default] JoinDomain=WOODGROVEBANK MachineObjectOU=OU=Reception,OU=NYC,DC=Woodgrovebank,DC=com ComputerName=%OSDNEWMACHINENAME%
Make The manufacturer of the target computer. The format for Make is undefined. Use this property to create a subsection that contains settings targeted to a specific computer manufacturer (most commonly in conjunction with the Model and Product properties). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
make
The manufacturer of the target computer.
Example [Settings] Priority=Make, Default [Default] [Dell Computer Corporation] Subsection=Dell-%Model% [Dell-Latitude D600] Packages001=XXX00009:Program9 Packages002=XXX0000A:Program10
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
99
MandatoryApplications A list of application GUIDs that will be installed on the target computer. These applications are specified on the Applications node in Deployment Workbench. The GUIDs are stored in the Applications.xml file. The MandatoryApplications property is a list of text values that can be any non-blank value. The MandatoryApplications property has a numeric suffix (for example, MandatoryApplications001 or MandatoryApplications002). Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
application_guid
The GUID specified by Deployment Workbench for the application to be deployed to the target computer. The GUID corresponds to the application GUID stored in the Applications.xml file.
Example [Settings] Priority=Default [Default] MandatoryApplications001={1D7DF331-47B7-472C-87B3-442597EC2F7D} MandatoryApplications002={9d2b8999-5e4d-4f3d-bb05-edaaf4fe5628} Administrators1=WOODGROVEBANK\NYC Help Desk Staff
Memory The amount of memory installed on the target computer in megabytes. For example, the value 2038 indicates 2,038 MB (or 2 GB) of memory is installed on the target computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
memory
The amount of memory installed on the target computer in megabytes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
100
Example None
Model The model of the target computer. The format for Model is undefined. Use this property to create a subsection that contains settings targeted to a specific computer model number for a specific computer manufacturer (most commonly in conjunction with the Make and Product properties). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
model
The model of the target computer.
Example [Settings] Priority=Make, Default [Default] [Dell Computer Corporation] Subsection=Dell-%Model% [Dell-Latitude D600] Packages001=XXX00009:Program9 Packages002=XXX0000A:Program10
NetLib The protocol to be used to communicate with the computer running SQL Server specified in the SQLServer property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
101
Value
Description
DBNMPNTW
Use named pipes protocol to communicate.
DBMSSOCN
Use TCP/IP sockets to communicate.
Example [Settings] Priority=Computers, Default [Default] ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
Order The sorting order for the result set on a database query. The result set is based on the configuration settings of the Database, Table, SQLServer, Parameters, and ParameterCondition properties. More than one property can be provided to sort the results by more than one property. For example, if Order=Sequence is specified in the CustomSettings.ini file, then an ORDER BY Sequence clause is added to the query. Specifying Order=Make, Model adds an ORDER BY Make, Model clause to the query. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
property1, property2, …
Properties to define the sort order for the result set (where propertyn represents the properties in the sort criteria).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
102
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ NetLib=DBNMPNTW Database=DWDB Instance=SQLEnterprise2005 Table=MakeModelSettings Parameters=SerialNumber, AssetTag ParameterCondition=OR Order=Make, Model
OrgName The name of the organization that owns the target computer. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
org_name
The name of the organization that owns the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
103
Example [Settings] Priority=MACAddress, Default Properties=CustomProperty, ApplicationInstall [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 OrgName=Woodgrove Bank [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista ApplicationInstall=Custom FullName=Woodgrove Bank User [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista ApplicationInstall=Minimum FullName=Woodgrove Bank Manager
OSDBitLockerCreateRecoveryPassword A Boolean value that indicates whether the process creates a recovery key for BitLocker Drive Encryption. The key is used for recovering data encrypted on a BitLocker Drive Encryption volume. This key is cryptographically equivalent to a startup key. If available, the recovery key decrypts the volume master key (VMK), which, in turn, decrypts the full volume encryption key (FVEK). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini Deployment Database Solution Accelerators
ZTI for SMS ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
104
Value
Description
AD
A recovery key is created.
Not specified
A recovery key is not created.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerStartupKeyDrive=C:
OSDBitLockerMode The type of BitLocker Drive Encryption installation to be performed. Protect the target computer using one of the following methods: •
A TPM microcontroller
•
A TPM and an external startup key (using a key that is typically stored on a USB flash drive)
•
A TPM and PIN
•
An external startup key.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
TPM
Protect the computer with TPM only. The TPM is a microcontroller that stores keys, passwords, and digital certificates. The microcontroller is typically an integral part of the computer motherboard.
TPMKey
Protect the computer with TPM and a startup key. Use this option to create a startup key and to save it on a USB flash drive. The startup key must be present in the port each time the computer starts.
TPMPin
Protect the computer with TPM and a pin. Use this option in conjunction with the BDEPin property. Note
Solution Accelerators
This value is not valid when using ZTI for ConfigMgr. microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
105
Value
Description
Key
Protect the computer with an external key (the recovery key) that can be stored in a folder, in AD DS, or printed.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPM OSDBitLockerCreateRecoveryPassword=AD
OSDBitLockerRecoveryPassword Instead of generating a random recovery password, the Enable BitLocker task sequence action uses the specified value as the recovery password. The value must be a valid numerical BitLocker Drive Encryption recovery password. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
password
A valid 48-digit password.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerRecoveryPassword=621280128854709621167486709731081433315062587367 OSDBitLockerStartupKeyDrive=C:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
106
OSDBitLockerStartupKey Instead of generating a random startup key for the key management option Startup Key on USB only, the Enable BitLocker task sequence action uses the value as the startup key. The value must be a valid, Base64-encoded BitLocker Drive Encryption startup key. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
startupkey
Base64-encoded BitLocker Drive Encryption startup key.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=KEY OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerStartupKey=8F4922B8-2D8D-479E-B776-12629A361049
OSDBitLockerStartupKeyDrive The location for storing the BitLocker Drive Encryption recovery key and startup key. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
location
The storage location for the recovery key and startup key (either local to the target computer or to a UNC that points to a shared network folder).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
107
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLocker CreateRecoveryPassword=AD OSDBitLockerStartupKeyDrive=C:
OSDBitLockerTargetDrive Specifies the drive to be encrypted. The default drive is the drive that contains the operating system. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
drive
The drive that is to be encrypted.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 BDERecoveryPassword=TRUE OSDBitLockerMode=TPMKey OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerTargetDrive=C:
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
108
OSDBitLockerWaitForEncryption Specifies that the deployment process should not proceed until BitLocker Drive Encryption has completed the encryption process for all specified drives. Specifying TRUE could dramatically increase the time required to complete the deployment process. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
TRUE
Specifies that the deployment process should wait for drive encryption to complete.
FALSE
Specifies that the deployment process should not wait for drive encryption to complete.
Example [Settings] Priority=Default [Default] BDEInstallSuppress=NO BDEDriveLetter=S: BDEDriveSize=2000 OSDBitLockerMode=TPMKey OSDBitLockerStartupKeyDrive=C: OSDBitLockerCreateRecoveryPassword=AD OSDBitLockerWaitForEncryption=TRUE Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSDComputerName The new computer name to assign to the target computer. Note
This property is valid when using MDT 2008 with System Center Configuration Manager.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for SMS ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
109
Value
Description
computer_name
The new computer name to assign to the target computer.
Example [Default] OSDComputerName=%_SMSTSMachineName% Note This property can also be set within a task sequence using a customized Set Task Sequence Variable task sequence step.
OSCurrentBuild The build number of the currently running operating system. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
2195
Microsoft Windows 2000
2600
Windows XP
3790
Windows Server 2003
6000
Windows Vista, Windows PE 2.0
6001
Windows Vista with Service Pack 1 (SP1), Windows Server 2008
Example None
OSCurrentVersion The version of the operating system that is currently running. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
110
Value
Description
5.0.2195
Windows 2000
5.1.2600
Windows XP
5.2.3790
Windows Server 2003
6.0.6000
Windows Vista, Windows PE 2.0
6.0.6001
Windows Vista with SP1, Windows Server 2008
Example None
OSDInstallPackage The SMS 2003 OSD Feature Pack package that the operating system image installation CD installs, using a Systems Management Server package advertisement or Windows Deployment Services. This is set by the custom program or script specified in the Operating System Image Installation CD Wizard. During the Validation Phase, if the value of the OSDInstallPackage property (the value gathered by ZTIGather.wsf) is not equal to the value of the OSDPackageID for the currently running package, the scripts log the following warning message: Warning: The OSDINSTALLPACKAGE value gathered (XXX00000) does not match the actively-running package (XXX00001). The intended package may not be installing due to SMS advertisement targeting problems. Note For this property to function properly, the OSDInstallProgram, OSDInstallSilent, and OSDNewMachineName properties must also be specified. In addition, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected. Note This property is used only in the New Computer scenario for CD or Windows Deployment Services installations. This property is not used for other scenarios or installation types.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
package_name
The SMS 2003 OSD Feature Pack package name to be installed on the target computer.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
111
Example OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDInstallProgram The SMS 2003 OSD Feature Pack program that the operating system image installation CD installs, using a Systems Management Server package advertisement or Windows Deployment Services. This property is set by the custom program or script specified in the Operating System Image Installation CD Wizard. Note For this property to function properly, the OSDInstallPackage, OSDInstallSilent, and OSDNewMachineName properties must also be specified. In addition, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected. Note This property is used only in the New Computer scenario for CD or Windows Deployment Services installations. This property is not used for other scenarios or installation types.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
program_name
The name of the SMS 2003 OSD Feature Pack program to be run for the SMS 2003 OSD Feature Pack package specified in OSDInstallPackage.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDInstallSilent Indicator of whether the SMS 2003 OSD Feature Pack Image Installation Wizard is displayed. For ZTI, this property is typically set to 1. If this property is defined, however, the SMS 2003 OSD Feature Pack Image Installation Wizard is hidden. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
112
Note For this property to work properly, the OSDInstallPackage, OSDInstallProgram, and OSDNewMachineName properties must be specified, as well. In addition, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
1
Hide the SMS 2003 OSD Feature Pack Image Installation Wizard.
blank
Display the SMS 2003 OSD Feature Pack Image Installation Wizard.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDMP The server that is the Systems Management Server management point for the target computer. Set this property for a New Computer scenario so that the Systems Management Server client on the target computer can communicate with the Systems Management Server management point. Specify the computer name or IP address and the IP port number on which the management point is listening. The default port number is 80 but can be changed using SMS Administrator Console. Note For this property to work properly, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
113
Value
Description
server_name:port_numbe r
The server name and port number of a Systems Management Server management point.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO OSDMP=NYC-AM-SMS-01:80 OSDSiteCode=001 ComputerName=WasWIN2000PRO TimeZone=004
OSDNewMachineName The name to assign to a computer when a new operating system is installed. This property is used in the New Computer and Replace Computer installation scenarios when running the operating system image installation CD or Remote Installation Service (RIS). In a Refresh Computer scenario, ZTI can rename the computer if the following line is included in the default section: ComputerName=%OSDNEWMACHINENAME% Note In a New Computer scenario, ensure that ComputerName and OSDNEWMACHINENAME are the same (if both are populated). Otherwise, because .log file names and computer names in events use OSDNEWMACHINENAME, if ComputerName has a different value, the names will be inconsistent for the same computer.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
computer_name
The name that the SMS 2003 OSD Feature Pack assigns the target computer.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
114
Example OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO ComputerName=WasWIN2000PRO TimeZone=004
OSDSiteCode The site code for the Systems Management Server site. Set this property for New Computer scenarios so that the Systems Management Server client on the target computer can communicate with the Systems Management Server management point. Note For this property to work properly, the property must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contain CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
site_code
The site code of the Systems Management Server management point.
Example [00:03:FF:CB:4E:C2] UDShare=\\SERVER\MigData SLShare=\\SERVER\Logs OSDINSTALLSILENT=1 OSDINSTALLPACKAGE=SMS00001 OSDINSTALLPROGRAM=ZTI Install OSDNEWMACHINENAME=WasWIN2000PRO OSDMP=NYC-AM-SMS-01:80 OSDSiteCode=CEN ComputerName=WasWIN2000PRO TimeZone=004
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
115
OSFeatures A comma-delimited list of server feature IDs that will be installed on the target computer. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
ID1,ID2
The server features that are to be installed on the target computer. Valid values are located in the program_files\Microsoft Deployment Toolkit\Bin\ServerManager.xml file on the MDT 2008 server.
Example [Settings] Priority=Default [Default] OSFeatures=CMAK,MSMQ-Multicasting,RSAT Note Not all features listed in the ServerManager.xml file are compatible with all server operating systems. Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSInstall Indicates whether the target computer is authorized to have the target operating system installed. If the OSInstall property is not listed, the default is to allow deployment of operating systems to any target computer. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Deployment of an operating system to the target computer is authorized. This is the default value.
NO
Deployment of an operating system to the target computer is not authorized.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
116
Example [Settings] Priority=Default [Default] OSInstall=YES
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSRoles A comma-delimited list of server role IDs that will be installed on the target computer. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
ID1,ID2
The server role that is to be installed on the target computer. Valid values are: •
ADDS
•
DNS
•
DHCP
Example [Settings] Priority=Default [Default] OSRoles=ADDS Note
Not all roles are compatible with all server operating systems.
Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
OSRoleService A comma-delimited list of server role service IDs that will be installed on the target computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
117
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
ID
The server role service that will be installed on the target computer. Valid values are: •
ADDS-Domain-Controller
Example [Settings] Priority=Default [Default] OSRoleService=ADDS-Domain-Controller Note
Not all server role service IDs are compatible with all server operating systems.
OSVersion The version of the currently running operating system. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
WinPE
Windows PE
2000
Windows 2000
XP
Windows XP
2003
Windows Server 2003
Vista
Windows Vista
2008
Windows Server 2008
Example None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
118
OverrideProductKey The Multiple Activation Key (MAK) string to be applied after the target operating is deployed to the target computer. The value specified in this property is used by the ZTILicensing.wsf script during the State Restore Phase to apply the MAK to the target operating system. The script also configures the volume licensing image to use MAK activation instead of Key Management Service (KMS). The operating system needs to be activated with Microsoft after the MAK is applied. This is used when the target computer is unable to access a server that is running KMS. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
MAK
The MAK string to be provided to the target operating system.
Example [Settings] Priority=Default [Default] ProductKey=AAAAA-BBBBB-CCCCC-DDDDD-EEEEE-FFFFF OverrideProductKey=AAAAA-BBBBB-CCCCC-DDDDD-EEEEE-FFFFF
PackageGroup A list of text values that associates operating system (OS) packages with each other (typically based on the type of OS package). An OS package can be associated with one or more package groups. The PackageGroup property allows the OS packages within one or more groups to be deployed to a target computer. The text values in the list can be any non-blank value. The PackageGroup property value has a numeric suffix (for example, PackageGroup001 or PackageGroup002). After it is defined, a package group is associated with a computer. A computer can be associated with more than one package group. Note
The PackageGroup property applies only to Windows Vista and Windows Server 2008.
Note
OS packages are created on the OS Packages node in Deployment Workbench.
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
119
Value
Description
package_group_name
Name of the package group to be deployed to the target computer.
Example [Settings] Priority=Default [Default] PackageGroup001=Updates Note The PackageGroup property can be specified in the format PackageGroup1=Updates or PackageGroup001=Updates.
Packages The list of Systems Management Server or System Center Configuration Manager packages to be deployed to the target computer. The Packages property has a numeric suffix (for example, Packages001 or Packages002). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
package_id:program_nam e
Name of the package to be deployed to the target computer.
Example [Settings] Priority=Default [Default] Packages001=NYC00010:Install Packages002=NYC00011:Install Note The Packages property can be specified in the format Packages1=NYC00010:Install or Packages001=NYC00010:Install.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
120
Parameters The parameters to be passed to a database query that returns property values from columns in the table specified in the Table property. The table is located in the database specified in the Database property on the computer specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
parameter1, parameter2
The list of parameters to pass to the database query.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
ParameterCondition Indicator of whether a Boolean AND or OR operation is performed on the properties listed in the Parameters property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
121
Value
Description
AND
A Boolean AND operation is performed on the properties listed in the Parameters property. Only results that match all properties specified in the Parameters property are returned. This is the default value.
OR
A Boolean OR operation is performed on the properties listed in the Parameters property. Results that match any property specified in the Parameters property are returned.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Phase The current phase of the deployment process that corresponds to the SMS 2003 OSD Feature Pack phases. The Task Sequencer uses these phases to determine which tasks must be completed. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
VALIDATION
Identifies that the target computer is capable of running the
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
122
Value
Description scripts necessary to complete the deployment process.
STATECAPTURE
Saves any user state migration data before deploying the new target operating system.
PREINSTALL
Completes any tasks that need to be done (such as creating new partitions) before the target operating system is deployed.
INSTALL
Installs the target operating system on the target computer.
POSTINSTALL
Completes any tasks that need to be done before restoring the user state migration data. These tasks customize the target operating system before starting the target computer the first time (such as installing updates or adding drivers).
STATERESTORE
Restores the user state migration data saved during the State Capture Phase.
Example None Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Port The number of the port that should be used when connecting to the SQL Server database instance that is used for querying property values from columns in the table specified in the Table property. The database resides on the computer specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. The port used during connection is specified in the Port property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
port
The number of the port used when connecting to SQL Server.
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
123
Example [Computers] SQLServer=NYC-SQL-01 Database=DWDB Instance=MDT2008 Port=1433 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
PowerUsers A list of user accounts and domain groups to be added to the local Power Users group on the target computer. The PowerUsers property is a list of text values that can be any non-blank value. The PowerUsers property has a numeric suffix (for example, PowerUsers1 or PowerUsers2). Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
name
Name of the user or group to be added to the local Power Users group.
Example [Settings] Priority=Default [Default] Administrators1=WOODGROVEBANK\NYC Help Desk Staff PowerUsers1=WOODGROVEBANK\User01 PowerUsers2=WOODGROVEBANK\User02
Priority The reserved property that determines the sequence for finding configuration values. The Priority reserved property lists each section to be searched and the order in which the sections are searched. When a property value is found, the ZTIGather.wsf script quits searching for the property, and the remaining sections are not scanned for that property.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
124
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
section1, section2
The sections to be searched in the order they are to be searched.
Example [Settings] Priority=MACAddress, Default [Default] UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1 OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista
ProcessorSpeed The speed of the processor installed on the target computer in MHz. For example, the value 1995 indicates the processor on the target computer is running at 1,995 MHz or 2 gigahertz (GHz). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
125
Value
Description
processor_speed
The speed of the processor on the target computer in megahertz.
Example None
Product The product name of the target computer. With some computer vendors, the make and model might not be sufficiently unique to identify the characteristics of a particular configuration (for example, hyperthreaded or non-hyperthreaded chipsets). The Product property can help to differentiate. The format for Product is undefined. Use this property to create a subsection that contains settings targeted to a specific product name for a specific computer model number for a specific computer manufacturer (most commonly in conjunction with the Make and Model properties). Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
product
The product name of the target computer.
Example None
ProductKey The product key string to be configured for the target computer. Before the target operating system is deployed, the product key specified is automatically inserted into the appropriate location in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
126
Value
Description
product_key
The product key to be assigned to the target computer.
Example [Settings] Priority=Default [Default] ProductKey=AAAAA-BBBBB-CCCCC-DDDDD-EEEEE-FFFFF
Properties A reserved property that defines any custom, user-defined properties. These user-defined properties are located by the ZTIGather.wsf script in the CustomSettings.ini file, BootStrap.ini file, or the Deployment Workbench database (DWDB). These properties are additions to the predefined properties in MDT 2008. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
custom_property1,
Custom, user-defined properties to be resolved.
custom_property2 Example [Settings] Priority=MACAddress, Default Properties=CustomProperty, ApplicationInstall [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE CustomProperty=TRUE OSDINSTALLSILENT=1 [00:0F:20:35:DE:AC] OSDNEWMACHINENAME=HPD530-1
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
127
Example OSDINSTALLPACKAGE=DAL00342 OSDINSTALLPROGRAM=CustomVista ApplicationInstall=Custom [00:03:FF:FE:FF:FF] OSDNEWMACHINENAME=BVMXP OSDINSTALLPACKAGE=NYC00002 OSDINSTALLPROGRAM=SpecialVista ApplicationInstall=Minimum
ResourceDrive The drive letter mapped to the ResourceRoot property for the ZTIDrivers.wsf and ZTIPatches.wsf scripts to use to install drivers and patches to the target computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
drive_letter
The letter designation for the logical drive that contains the resources.
Example None
ResourceRoot The value of this property is used by the ZTIDrivers.wsf and ZTIPatches.wsf scripts to install drivers and patches to the target computer. Note For LTI, the scripts automatically set the ResourceRoot property to be the same as the DeployRoot property. For ZTI, the values in the DeployRoot and ResourceRoot properties can be unique.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
128
Value
Description
UNC_path
The UNC path to the shared folder that contains the resources.
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceDrive=R: ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE
Role The purpose of a computer based on the tasks performed by the user on the target computer. The Role property lists text values that can be any non-blank value. The Role property value has a numeric suffix (for example, Role1 or Role2). When defined, a role is associated with a computer. A computer can perform more than one role. Typically, the value for the Role property is set by performing a database query in the DWDB database. Deployment Workbench can assist in creating the role and property settings associated with the role, and then Deployment Workbench can configure CustomSettings.ini to perform the database query for the Role property and the property settings associated with the role. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
role
The roles to be assigned to an individual computer or a group of computers.
Example 1 [Settings] Priority=RoleSettings, Default [Default] SkipCapture=NO SkipAppsOnUpgrade=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
129
Example 1 UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution$ OSInstall=YES ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c [RoleSettings] SQLServer=w2k3-sp1 Instance=MDT2008 Database=DWDB Netlib=DBNMPNTW SQLShare=SQL_Share Table=RoleSettings Parameters=Role
Example 2 [Settings] Priority=RoleSettings, Default [Default] SkipCapture=NO SkipAppsOnUpgrade=NO UserDataLocation=AUTO DeployRoot=\\W2K3-SP1\Distribution$ OSInstall=YES ScanStateArgs=/v:15 /o /c LoadStateArgs=/v:7 /c Role1=Teller Role2=Woodgrove User [RoleSettings] SQLServer=w2k3-sp1 Instance=MDT2008 Database=DWDB Netlib=DBNMPNTW SQLShare=SQL_Share Table=RoleSettings Parameters=Role
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
130
ScanStateArgs Arguments passed to the USMT Scanstate process. The scripts call Scanstate.exe and then insert the appropriate logging, progress, and state store parameters. If this value is not included in the settings file, the user state backup process is skipped. Note Use the USMTMigFiles property to specify the .xml files to be used by Scanstate.exe instead of using the /I parameter in the ScanStateArgs property. This prevents the ZTIUserState.wsf script from potentially duplicating the same list of .xml files.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
arguments
The command-line arguments passed to Scanstate.exe. The default arguments specified by Deployment Workbench are as follows: •
/v. Enables verbose output in the Scanstate log. The default is 0. Specify any number from 0 to 15. The value 5 enables verbose and status output.
•
/o. Overwrites any existing data in the store. If not specified, Scanstate will fail if the store already contains data. This option cannot be specified more than once in a Command Prompt window.
•
/c. When specified, Scanstate will continue to run even if there are nonfatal errors. Without the /c option, Scanstate exits on the first error.
For more information about these and other arguments, see the USMT Help files. Example [Settings] Priority=Default [Default] ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName%
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
131
SerialNumber The serial number of the target computer. The format for serial numbers is undefined. Use this property to create a subsection that contains settings targeted to a specific computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
serial_number
The format of the serial number is undefined and is determined by the serial number standard of each computer manufacturer.
Example None
SkipAdminPassword Indicates whether the Administrator Password wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
132
Example SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipApplications Indicates whether the Select one or more applications to install wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
133
Example SkipApplications=YES SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipAppsOnUpgrade Indicates whether the Select one or more applications to install wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
134
Example SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipBDDWelcome Indicates whether the Welcome to Windows Deployment wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Note For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini. This is because BootStrap.ini is processed before a deployment point (which contains CustomSettings.ini) has been selected.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipComputerBackup=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
135
Example SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipBitLocker Indicates whether the Specify the BitLocker configuration wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipBitLocker=YES SkipBitLockerDetails=YES SkipComputerBackup=NO SkipDomainMembership=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
136
Example SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipBuild Indicates whether the Select a task sequence to execute on this computer wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipBuild=Yes SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
137
Example SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipCapture Indicates whether the Specify whether to capture an image wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
138
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipComputerBackup Indicates whether the Specify where to save a complete computer backup wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
139
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=YES SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipComputerName Indicates whether the Configure the computer name wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
140
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipComputerName=YES SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipDeploymentType Indicates whether the Choose a migration type wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
141
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipDomainMembership Indicates whether the Join the computer to a domain or workgroup wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
142
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=NOSkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NOSkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipFinalSummary Indicates whether the Operating system deployment completed successfully wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
143
Example SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipLocaleSelection Indicates whether the Locale Selection wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
144
Example SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipPackageDisplay Indicates whether the Packages wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
145
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=YES SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipProductKey Indicates whether the Specify the product key needed to install this operating system wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
146
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipSummary Indicates whether the Ready to begin wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
147
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipTaskSequence=Yes SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipTaskSequence Indicates whether the Select a task sequence to execute on this computer wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Note Specify the SkipBuild property when using Deployment Workbench to configure the Windows Deployment Wizard to skip the Select a task sequence to execute on this computer wizard page.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini Deployment Database
Solution Accelerators
ZTI for SMS ZTI for ConfigMgr
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
148
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipTaskSequence=NO SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NOSkipTaskSequence=Yes Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipTimeZone Indicates whether the Set the Time Zone wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
149
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipBDDWelcome=YES SkipTaskSequence=Yes SkipComputerBackup=NO SkipComputerName=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipFinalSummary=NO SkipSummary=NO SkipTimeZone=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipUserData Indicates whether the Specify whether to restore user data and Specify where to save your data and settings wizard page is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
150
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
YES
Wizard page is not displayed, and the information on that page is not collected.
NO
Wizard page is displayed, and the information on that page is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=NO SkipCapture=NO SkipAdminPassword=YES SkipApplications=NO SkipAppsOnUpgrade=NO SkipComputerBackup=NO SkipDomainMembership=NO SkipDeploymentType=NO SkipUserData=NO SkipPackageDisplay=NO SkipLocaleSelection=NO SkipProductKey=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SkipWizard Indicates whether the entire Windows Deployment Wizard is skipped. For other properties that must be configured when this property is set to YES, see the section “Providing Properties for Skipped Windows Deployment Wizard Pages” later in this reference. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
151
Value
Description
YES
Entire wizard is not displayed, and none of the information on the wizard pages is collected.
NO
Wizard is displayed, and the information on the enabled wizard pages is collected. This is the default value.
Example [Settings] Priority=Default [Default] SkipWizard=YES Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
SLShare The network shared folder in which the script logs are stored. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
shared_folder
The name of the network shared folder in which script logs are stored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
152
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES
SQLServer The identity of the computer running SQL Server that performs a database query that returns property values from columns in the table specified in the Table property. The query is based on parameters specified in the Parameters and ParameterCondition properties. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
SQL_server
The name of the computer running SQL Server.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
153
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=SQLEnterprise2005 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
SQLShare The name of a shared folder on the computer running SQL Server (specified by the SQLServer property). The credentials used for authentication are provided by the UserDomain, UserID, and UserPassword properties (for LTI and ZTI) or by the Systems Management Server Advanced Client account credentials (ZTI only). Note This property must be specified to perform Integrated Windows authentication. This is the recommended authentication method, rather than using the DBID and DBPwd properties (which support the SQL Server authentication method).
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
shared_folder
The name of a shared folder on the computer running SQL Server.
Example [Settings] Priority=Computers, Default Properties=MyCustomProperty
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
154
Example [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=MDT2008 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
StorageDriverGroup The name of the storage driver group that contains drivers to be added to the target computer during unattended installation of Windows XP or Windows Server 2003. For more information about using the StorageDriverGroup property, see “Deploying Additional Mass Storage Drivers for Windows XP and Windows Server 2003” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
group_name
The name of the storage driver group that contains drivers to be added to the target computer.
Example [Settings] Priority=Default [Default] StorageDriverGroup001=Laptops StorageDriverGroup001=Universal
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
155
StorageDriverSysprepGroup The name of the storage driver group that contains drivers to be added to the target computer during image-based deployment of Windows XP or Windows Server 2003. For more information about using the StorageDriverSysprepGroup property, see “Automate the Installation of Mass Storage Device Drivers” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
group_name
The name of the storage driver group that contains drivers to be added to the target computer.
Example [Settings] Priority=Default [Default] StorageDriverGroup001=SCSI StorageDriverGroup002=Universal
StoredProcedure The name of the stored procedure used when performing a database query that returns property values from columns in the table or view. The stored procedure is located in the database specified in the Database property. The computer running SQL Server is specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. The name of the stored procedure is specified in the StoredProcedure property. For more information about using a stored procedure to query a SQL Server database, see “Deploying Applications Based on Earlier Application Versions” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
stored_procedure
The name of the stored procedure used to query the SQL Server database.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
156
Example [Settings] Priority=DynamicPackages, Default [Default] OSInstall=YES [DynamicPackages] SQLDefault=DB_DynamicPackages [DB_DynamicPackages] SQLServer=SERVER1 Database=DWDB StoredProcedure=RetrievePackages Parameters=MacAddress SQLShare=Logs Instance=MDT2008 Port=1433 Netlib=DBNMPNTW
Table The name of the table or view to be used in performing a database query that returns property values from columns in the table or view. The query is based on parameters specified in the Parameters and ParameterCondition properties. The table or view is located in the database specified in the Database property. The computer running SQL Server is specified in the SQLServer property. The instance of SQL Server on the computer is specified in the Instance property. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
ZTI for ConfigMgr
Deployment Database Value
Description
table_name
The name of the table or view to be queried for property values.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
157
Example [Settings] Priority=Computers, Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac [Computers] SQLServer=NYC-SQL-01 SQLShare=SQL$ Database=DWDB Instance=MDT2008 Table=Computers Parameters=SerialNumber, AssetTag ParameterCondition=OR
TaskSequenceID Identifies the operating system task sequence to be deployed to the target computer. The task sequence ID is created on the Task Sequences node in Deployment Workbench. The TaskSequenceID property allows alphanumeric characters, hyphens (-), and underscores (_). The TaskSequenceID property cannot be blank or contain spaces. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
Deployment Database
ZTI for SMS ZTI for ConfigMgr
Value
Description
task_sequence_id
Identifier of the operating system task sequence defined in Deployment Workbench for the target operating system being deployed. Note Be sure to use the TaskSequenceID specified in the Deployment Workbench UI, and not the GUID of the TaskSequenceID.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
158
Example [Settings] Priority=Default [Default] TaskSquenceID=Vista_BareMetal
TimeZone The time zone in which the target computer is located. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003. Note This property is currently supported only for Windows XP and Windows Server 2003. For Windows Vista and Windows Server 2008, use the TimeZoneName property.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
time_zone_offset
The numeric value that indicates the time zone where the target computer is located. For more information, see the TimeZone entry for Unattend.txt in the Ref.chm file included in the Deploy.cab file in the \support\tools folder of the Windows Server 2003 installation CD.
Example [Settings] Priority=Default [Default] TimeZone=004 DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
159
TimeZoneName The time zone in which the target computer is located. This value is inserted into the appropriate configuration settings in Unattend.xml for Windows Vista and Windows Server 2008. Note This property is currently supported only for Windows Vista and Windows Server 2008. For Windows XP and Windows Server 2003, use the TimeZone property.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
time_zone_name
The text value that indicates the time zone where the target computer is located.
Example [Settings] Priority=Default [Default] TimeZoneName=Pacific Standard Time DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE
TPMOwnerPassword The TPM password (also known as the TPM Administration Password) for the owner of the target computer. The password can be saved to a file or stored in AD DS. Note If the TPM ownership is already set or TPM ownership is not allowed, then the TPMOwnerPassword property is ignored. If the TPM password is needed and the TPMOwnerPassword property is not provided, the TPM password is set to the local Administrator password.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
160
Value
Description
password
The TPM password for the owner of the target computer.
Example [Settings] Priority=Default [Default] BDEDriveLetter=S: BDEDriveSize=2000 BDEInstall=TPMKey BDERecoveryKey=TRUE BDEKeyLocation=C: TPMOwnerPassword=complex_password BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName%
UDDir The folder in which the user state migration data is stored. This folder exists beneath the network shared folder specified in UDShare. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
folder
The name of the folder that exists beneath the network shared folder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
161
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO
UDProfiles A comma-delimited list of user profiles that need to be saved by Scanstate.exe during the State Capture Phase. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
user_profiles
The list of user profiles to be saved, separated by commas.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
162
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO
UDShare The network share where user state migration data is stored. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UNC_path
The UNC path to the network share where user state migration data is stored.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
163
Example [Settings] Priority=Default [Default] DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ UDProfiles=Administrator, User-01, ExtranetUser UserDataLocation=NONE SkipAppsOnUpgrade=NO SkipCapture=NO
UILanguage The default language to be used with the target operating system. If not specified, the Windows Deployment Wizard uses the language configured in the image being deployed. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UI_language
The default language for the operating system on the target computer.
Example [Settings] Priority=Default [Default] UserLocale=en-us UILanguage=en-us KeyboardLocale=0409:00000409
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
164
UserDataLocation The location in which USMT stores user state migration data. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
blank
If UserDataLocation is not specified or is left blank, the Windows Deployment Wizard will default to using the AUTO behavior.
UNC_path
The UNC path to the network shared folder where the user state migration data is stored.
AUTO
The deployment scripts store the user state migration data on a local hard disk if space is available. Otherwise, the user state migration data is saved to a network location, which is specified in the UDShare and UDDir properties.
NETWORK
The user state migration data is stored in the location designated by the UDShare and UDDir properties.
NONE
The user state migration data is not saved.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DoCapture=YES BackupShare=\\NYC-AM-FIL-01\Backup$ BackupDir=%ComputerName% UserDataLocation=NETWORK DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
165
UserDomain The domain in which a user’s credentials (specified in the UserID property) reside. Note For a completely automated LTI deployment, provide this property in both CustomSettings.ini and BootStrap.ini. However, note that storing the user credentials in these files stores the credentials in clear text and therefore is not secure.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
domain
The name of the domain where the user account credentials reside.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE UserDomain=WOODGROVEBANK UserID=NYC Help Desk Staff UserPassword=complex_password
UserID The user credentials for accessing network resources. Note For a completely automated LTI deployment, provide this property in both CustomSettings.ini and BootStrap.ini. However, note that storing the user credentials in these files stores the credentials in clear text and therefore is not secure.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
166
Value
Description
user_id
The name of the user account credentials used to access the network resources.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UserDataLocation=NONE UserDomain=WOODGROVEBANK UserID=NYC-HelpDesk UserPassword=complex_password
UserLocale The user locale to be used with the target operating system. If not specified, the Windows Deployment Wizard uses the user locale configured in the image being deployed. Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
user_locale
The locale for the user on the target computer. For:
Solution Accelerators
•
Windows Server 2003, the value is specified as a hexadecimal value (0409:00004009).
•
Windows Server 2008, the value is specified as a text value (en-us).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
167
Example 1 [Settings] Priority=Default [Default] UserLocale=0409:00000409 KeyboardLocale=0409:00000409
Example 2 [Settings] Priority=Default [Default] UserLocale=en-us KeyboardLocale=en-us
UserPassword The password for user credentials specified in the UserID property. Note For a completely automated LTI deployment, provide this property in both CustomSettings.ini and BootStrap.ini. However, note that storing the user credentials in these files stores the credentials in clear text and therefore is not secure.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
user_password
The password for the user account credentials.
Example [Settings] Priority=Default [Default] UserDataLocation=NONE UserDomain=WOODGROVEBANK UserID=NYC-HelpDesk UserPassword=complex_password
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
168
USMTConfigFile The USMT configuration XML file that should be used when running Scanstate and Loadstate. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
USMTConfigFile
The name of the XML configuration file that should be used when running Scanstate.exe and Loadstate.exe.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ USMTMigFiles1=MigApp.xml USMTMigFiles2=MigUser.xml USMTMigFiles3=MigSys.xml USMTMigFiles4=MigCustom.xml USMTConfigFile=USMTConfig.xml UserDataLocation=NONE
USMTMigFiles A list of files in XML format that are used by USMT (Scanstate.exe) to identify user state migration information to be saved. When this property is not specified, the ZTIUserState.wsf script uses MigApp.xml, MigUser.xml, and MigSys.xml. Otherwise, ZTIUserState.wsf uses the files explicitly referenced in this property. The USMTMigFiles property has a numeric suffix (for example, USMTMigFiles001 or USMTMigFiles002). Note Use this property to specify the .xml files to be used by Scanstate.exe instead of using the /I parameter in the ScanStateArgs property. This prevents the ZTIUserState.wsf script from potentially duplicating the same list of .xml files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
169
Note This property name can be specified using single-digit nomenclature (USMTMigFiles1) or triple-digit nomenclature (USMTMigFiles001).
Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
USMTMigFile
The name of the .xml file to be used as input for Scanstate.exe, on separate lines. If not specified, the default is MigApp.xml, MigUser.xml, and MigSys.xml. Note If this value is specified, the default files (MigApp.xml, MigUser.xml, and MigSys.xml) must also be added to the list if these files are to be included.
Example [Settings] Priority=Default [Default] OSInstall=YES ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac DeployRoot=\\NYC-AM-FIL-01\Distribution$ ResourceRoot=\\NYC-AM-FIL-01\Resource$ UDShare=\\NYC-AM-FIL-01\MigData$ UDDir=%ComputerName% SLShare=\\NYC-AM-FIL-01\Logs$ USMTMigFiles001=MigApp.xml USMTMigFiles002=MigUser.xml USMTMigFiles003=MigSys.xml USMTMigFiles004=MigCustom.xml UserDataLocation=NONE
UUID The Universal Unique Identifier (UUID) stored in the System Management BIOS (SMBIOS) of the target computer. The format for UUID is a 16-byte value using hexadecimal digits in the following format: 12345678-1234-1234-1234-123456789ABC. Use this property to create a subsection that contains settings targeted to a specific computer. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
170
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
UUID
The UUID of the target computer.
Example None
VRefresh The vertical refresh rate for the monitor on the target computer. The vertical refresh rate is specified in hertz (Hz). In the example, the value 60 indicates that the vertical refresh rate of the monitor is 60 Hz. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows Server 2003 or in Unattend.xml for Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
refresh_rate
The vertical refresh rate for the monitor on the target computer in hertz.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
171
WDSServer The computer running Windows Deployment Services that is used for installing Windows Deployment Services images. The default value is the server running Windows Deployment Services from which the image was initiated. Note This property is dynamically set by the MDT 2008 scripts and is not configured in CustomSettings.ini. Treat this property as read-only.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
WDS_server
The name of the computer running Windows Deployment Services.
Example None
WipeDisk Specifies whether the disk should be wiped. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
TRUE
If WipeDisk is set to TRUE, the Win32_DiskPartition at DiskIndex 0 and Index 0 will be formatted.
FALSE
The disk will not be formatted.
Example [Settings] Priority=Default [Default] WipeDisk=TRUE Caution This property value must be specified in upper case so that it can be properly read by the deployment scripts.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
172
WUMU_ExcludeKB The list of Windows Update/Microsoft Update software updates to ignore (by associated Knowledge Base articles). Deployment project team members will want to periodically review the list of updates being installed by the ZTIWindowsUpdate.wsf script to verify that each update meets the project’s needs and expectations. All updates are logged and recorded in the ZTIWindowsUpdate.log file, which is generated during deployment. Each update will indicate its status as INSTALL or SKIP, and lists the UpdateID, the update name, and the QNumber associated with each update. If an update needs to be excluded, that update should be added to the CustomSettings.ini file (for LTI deployments). For example, if the installation of Windows Vista language packs should be excluded, look up the line in the ZTIWindowsUpdate.log that shows where the update was identified and installed, and then select the QNumber. For example, the QNumber for the Windows Vista language packs is 925471. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
WUMU_ExcludeKB
The list of Windows Update/Microsoft Update software updates to ignore, by QNumber.
Example [Settings] Priority=Default [Default] WUMU_ExcludeKB1=925471
WUMU_ExcludeID The list of Windows Update/Microsoft Update software updates to ignore (by associated update ID). Deployment project team members will want to periodically review the list of updates being installed by the ZTIWindowsUpdate.wsf script to verify that each update meets the project’s needs and expectations. All updates are logged and recorded in the ZTIWindowsUpdate.log file, which is generated during deployment. Each update will indicate its status as INSTALL or SKIP, and lists the UpdateID, the update name, and the QNumber associated with each update. If an update should be excluded, that update should be added to the CustomSettings.ini file (for LTI deployments).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
173
For example, if the installation of Windows Malicious Software Removal Tool should be excluded, look up the line in the ZTIWindowsUpdate.log that shows where the update was identified and installed, and then select the UpdateID number. For example, the UpdateID number for the Windows Malicious Software Removal Tool is adbe6425-65604d40-9478-1e35b3cdab4f. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
CustomSettings.ini
Deployment Database
ZTI for ConfigMgr
Value
Description
WUMU_ExcludeID
The list of Windows Update/Microsoft Update software updates to ignore, by UpdateID number.
Example [Settings] Priority=Default [Default] WUMU_ExcludeID1={adbe6425-6560-4d40-9478-1e35b3cdab4f}
WSUSServer This is the name of the Windows Server Update Services (WSUS) server that the target computer should use when scanning for, downloading, and installing updates. For more information about what script uses this property, see ZTIWindowsUpdate.wsf in the “Scripts” section of this reference. Property configured by
Property applies to
BootStrap.ini
LTI
ZTI for SMS
ZTI for ConfigMgr
CustomSettings.ini
Deployment Database Value
Description
server_name
The name of the WSUS server, specified in HTTP format.
Example [Settings] Priority=Default [Default] WSUSServer=http://WSUSServerName
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
174
XResolution The horizontal resolution of the monitor on the target computer, specified in pixels. In the example, the value 1024 indicates the horizontal resolution of the monitor is 1,024 pixels. This value is inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Value
Description
horizontal_resolution
The horizontal resolution of the monitor on the target computer, in pixels.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
YResolution The vertical resolution of the monitor on the target computer, specified in pixels. In the example, the value 768 indicates the vertical resolution of the monitor is 768 pixels. This value gets inserted into the appropriate configuration settings in Unattend.txt or Sysprep.inf for Windows XP and Windows Server 2003 or in Unattend.xml for Windows Vista and Windows Server 2008. Note The default values (in the template files Unattend.txt, Sysprep.inf, and Unattend.xml) are 1,024 pixels horizontal resolution, 768 pixels vertical resolution, 32-bit color depth, and 60 hertz vertical refresh rate.
Property configured by
Property applies to
BootStrap.ini
LTI
CustomSettings.ini
ZTI for SMS
Deployment Database
ZTI for ConfigMgr
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
175
Value
Description
vertical_resolution
The vertical resolution of the monitor on the target computer, in pixels.
Example [Settings] Priority=Default [Default] BitsPerPel=32 VRefresh=60 XResolution=1024 YResolution=768
Providing Properties for Skipped Windows Deployment Wizard Pages The following table lists the individual Windows Deployment Wizard pages, the property to skip the corresponding wizard page, and the properties that must be configured when skipping the wizard page. If the SkipWizard property is used to skip all the Windows Deployment Wizard pages, provide all the properties in the Configure These Properties column. For examples of various deployment scenarios that skip Windows Deployment Wizard pages, see “Fully Automated LTI Deployment Scenario” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide. Note In instances where the Configure These Properties column is blank, no properties need to be configured when skipping the corresponding wizard page.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
176
Skip this wizard page
Using this property
Welcome to the Windows Deployment Wizard
SkipBDDWelcome
Choose a migration type
SkipDeploymentType
•
DeploymentType
Configure the computer name
SkipComputerName
•
ComputerName
Join the computer to a domain or workgroup
SkipDomainMembership
•
JoinWorkgroup
•
JoinDomain
•
DomainAdmin
•
DomainAdminDomain
•
DomainAdminPassword
•
UDDir
•
UDShare
•
UserDataLocation
•
UDDir
•
UDShare
•
UserDataLocation
•
BackupDir
•
BackupShare
•
ComputerBackupLocation
Select a task sequence to SkipBuild, execute on this computer SkipTaskSequence
•
TaskSequenceID
•
BuildID
Specify the product key needed to install this operating system
SkipProductKey
•
ProductKey
Packages
SkipPackageDisplay
•
LanguagePacks
Locale Selection
SkipLocaleSelection
•
KeyboardLocale
•
UserLocale
•
UILanguage
•
TimeZone
•
TimeZoneName
•
Applications
Specify where to save your data and settings
Specify whether to restore user data
Specify where to save a complete computer backup
Set the Time Zone
SkipUserData
SkipUserData
SkipComputerBackup
SkipTimeZone
Configure these properties
Select one or more applications to install
SkipApplications
Administrator Password
SkipAdminPassword
•
AdminPassword
Specify whether to
SkipCapture
•
ComputerBackupLocation
Solution Accelerators
SkipAppsOnUpgrade
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Properties
Skip this wizard page
177
Using this property
Configure these properties
SkipBitLocker
•
BDEDriveLetter
•
BDEDriveSize
•
BDEInstall
•
TPMOwnerPassword
•
UserID
•
UserDomain
•
UserPassword
capture an image Specify the BitLocker configuration
Specify credentials for connecting to network shares
Skipped by providing properties in next column
Ready to begin
SkipSummary
Operating system deployment completed successfully
SkipFinalSummary
Operating system deployment did not complete successfully
SkipFinalSummary
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Scr ipt s The scripts used in LTI and ZTI deployments reference properties that determine the process steps and configuration settings used during the deployment process. Use this reference section to help it determine the correct scripts to include in actions and the valid arguments to provide when running each script. The following information is provided for each script: •
Name. Specifies the name of the script.
•
Description. Provides a description of the purpose of the script and any pertinent information regarding script customization.
•
Input. Indicates the files used for input to the script.
•
Output. Indicates the files created or modified by the script.
•
References. Indicates other scripts or configuration files that are referenced by the script.
•
Location. Indicates the folder where the script can be found. In the information for the location, the following variables are used: •
program_files. This variable points to the location of the Program Files folder on the computer where MDT 2008 is installed.
•
distribution. This variable points to the location of the Distribution folder for the deployment point.
•
platform. This variable is a placeholder for the operating system platform (x86 or x64).
•
Use. Provides the commands and options that can be specified.
•
Arguments and description. Indicate the valid arguments to be specified for the script and a brief description of what each argument means.
•
Properties. The properties referenced by the script.
BDD_Autorun.wsf This script displays a dialog box that indicates the user inserted deployment media created by the MDT 2008 process (such as a bootable DVD or a removable hard disk). The message is displayed for 15 seconds. If no action is taken, the script starts LiteTouch.vbs. For more information about LiteTouch.vbs, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
None
Output
None
References
LiteTouch.vbs. Initiates LTI.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
179
Value
Description
Location
distribution\Scripts
Use
None
Arguments Arguments
Description
None
None
Properties Name
Read
Write
None
BDD_Welcome_ENU.xml This .xml file contains the script code and HTML layout for the Welcome to Windows Deployment page that is displayed at the start of the Deployment Wizard. This .xml file is read by Wizard.hta, which runs the wizard pages embedded in this .xml file. Value
Description
Input
None
Output
None
References
•
NICSettings_Definition_ENU.xml. Allows the user to provide configuration settings for network adapters.
•
RecEnv.exe. If this utility exists, the user is prompted to determine if they want to launch Windows PE.
•
WPEUtil.exe. Initializes Windows PE and network connections; initiates LTI.
Location
distribution\Tools\platform
Use
mshta.exe Wizard.hta BDD_Welcome_ENU.xml
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
180
Properties Name
Read
KeyboardLocale
Write
Credentials_ENU.xml This .xml file contains the script code and HTML layout for the Specify credentials for connecting to network shares wizard page in the Deployment Wizard. This .xml file is read by Wizard.hta, which runs the wizard pages embedded in this .xml file. Note This wizard page is only displayed if there is a failure while validating the predefined user credentials.
Value
Description
Input
None
Output
None
References
Credentials_scripts.vbs
Location
distribution\Scripts
Use
mshta.exe Wizard.hta /NotWizard /definition:Credentials_ENU.xml [/ValidateAgainstDomain:domain | /ValidateAgainstUNCPath:uncpath]
Arguments Value
Description
/ValidateAgainstDomain:domain
Specifies the domain in which the credentials exist (as specified in domain).
/ValidateAgainstUNCPath:UNCPat h
Specifies the shared network folder to be used to validate the credentials by connecting to the folder (as specified in UNCPath).
/DoNotSave
Does not write the properties to a file; connects to the path only.
/LeaveShareOpen
If UNC path is specified, then does NOT delete the share if successful.
Properties Name
Read
Write
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
181
Credentials_scripts.vbs This script parses the arguments that were provided when loading the Credentials_ENU.xml file into the Deployment Wizard. It also performs user credential validation. This script is read by the Credentials_ENU.xml file. For more information about Credentials_ENU.xml, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
None Event message are written to these log files:
Output •
Credentials_scripts.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="Credentials_scripts.vbs"/>
Arguments Value None
Description None
Properties Name
Read
Write
UserCredentials
DeployWiz_Definition_ENU.xml This .xml file contains the script code and HTML layout for each wizard page in the Deployment Wizard. This .xml file is read by Wizard.hta, which runs the wizard pages embedded in this .xml file. This .xml file contains the following wizard pages: •
Welcome to the Windows Deployment Wizard
•
Select a task sequence to execute on this computer
•
Specify the product key needed to install this operating system
•
Choose a migration type
•
Configure the computer name
•
Join the computer to a domain or workgroup
• Specify where to save your data and settings Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
182
•
Specify whether to restore user data
•
Specify where to save a complete computer backup
•
Packages
•
Locale selection
•
Set the time zone
•
Select one or more applications to install
•
Administrator password
•
Specify whether to capture an image
•
Specify the BitLocker configuration
•
Specify credentials for connecting to network shares
•
Ready to begin
Value
Description
Input
None
Output
None
References
•
DeployWiz_Initialization.vbs. Includes support functions and subroutines used by the script.
•
DeployWiz_Validation.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Properties Name
Read
ComputerName
DeployRoot
DeployTemplate
DeploymentMethod
DeploymentType
DoCapture
ImageBuild
ImageFlags
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
183
Name
Read
JoinDomain
OSGUID
SkipAdminPassword
SkipApplications
SkipAppsOnUpgrade
SkipBitLocker
SkipCapture
SkipComputerBackup
SkipComputerName
SkipDeploymentType
SkipDomainMembership
SkipLocaleSelection
SkipPackageDisplay
SkipProductKey
SkipSummary
SkipTaskSequence
SkipTimeZone
SkipUserData
UserDomain
UserID
UserPassword
Write
DeployWiz_Initialization.vbs This script initializes the pages in the Windows Deployment Wizard (stored in DeployWiz_Definition_ENU.xml). It also contains functions and subroutines that are called by the Windows Deployment Wizard during an LTI deployment. For more information about DeployWiz_Definition_ENU.xml, see the corresponding topic in the “Scripts” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
184
Value
Description
Input
•
Applications.xml. Contains a list of available applications.
•
DomainOUList.xml. Contains a list of domain OUs.
•
LocationServer.xml. Contains a list of available deployment points.
•
Packages.xml. Contains a list of available packages.
•
TaskSequences.xml. Contains a list of task sequences.
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Output
Event message are written to these log files: •
DeployWiz_Initialization.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="DeployWiz_Initialization.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
Write
Architecture
Applications
BDEInstall
ComputerBackupLocation
DeploymentType
DeployRoot
DomainAdmin
DomainAdminDomain
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
185
Name
Read
Write
DomainAdminPassword
DomainOUs
ImageBuild
ImageFlags
ImageLanguage
ImageProcessor
IsServerOS
KeyboardLocale
LanguagePacks
LanguagePacks1
LocalDeployRoot
MandatoryApplications
OSCurrentBuild
OSVersion
OverrideProductKey
ProductKey
SkipCapture
SkipDomainMembership
TaskSequenceID
TimeZone
TimeZoneName
TSGUID
UDDir
UDShare
UserDataLocation
UserDomain
UserID
UserLocale
UserPassword
DeployWiz_Validation.vbs This script initializes and validates the information typed in the pages of the Windows Deployment Wizard (stored in DeployWiz_Definition_ENU.xml). This script contains Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
186
functions and subroutines that are called by the Windows Deployment Wizard during an LTI deployment. For more information about DeployWiz_Definition_ENU.xml, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
•
OperatingSystems.xml. Contains the list of operating systems available for deployment.
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Output
None
References
Credentials_ENU.xml. Prompts the user for credentials that will be used when connecting to network resources.
Location
distribution\Scripts
Use
<script language=”VBScript” src=”DeployWiz_Validation.vbs”/>
Arguments Value
Description
None
None
Properties Name DeploymentType
Read
DeployTemplate ImageBuild
Write
ImageProcessor
OSGUID
OSVersion
SkipDeploymentType
TSGUID
UserCredentials
UserDomain
UserID
UserPassword
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
187
LiteTouch.vbs This script is called by the Windows Deployment Wizard to initiate LTI. The script: •
Removes the C:\MININT folder (if it exists).
•
Checks that the target computer meets the requirements for running the Windows Deployment Wizard by calling ZTIPrereq.vbs.
•
Starts the Windows Deployment Wizard by running LiteTouch.wsf.
For more information about ZTIPrereq.vbs and LiteTouch.wsf, see the corresponding topics in the “Scripts” section of this reference. Value
Description
Input
None
Output
None
References
•
ZTIPrereq.vbs. Used to determine if the target computer meets the prerequisites for deploying a new operating system.
•
LiteTouch.wsf. The script responsible for controlling the LTI deployment process.
Location
distribution\Scripts
Use
cscript LiteTouch.vbs
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
LiteTouch.wsf This script is called by LiteTouch.vbs and is responsible for controlling the LTI deployment process. This includes: •
Running the Windows Deployment Wizard.
•
Running the LTI deployment process by using the appropriate task sequence file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
188
For more information about LiteTouch.vbs, see the corresponding topic in the “Scripts” section of this reference. Value
Description
Input
•
task_sequence_file.xml. Contains the tasks and sequence of tasks for the LTI deployment process.
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
•
LiteTouch.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
BDD_Welcome_ENU.xml. Displays the Deployment Wizard Welcome page for LTI deployment.
•
CMD.exe. Windows Command Processor for running external commands while debugging the deployment.
•
DeployWiz_Definition_ENU.xml. Displays the Deployment Wizard pages for LTI deployment.
•
Diskpart.exe. Utility that allows the automated management of disks, partitions, and volumes.
•
LTICleanup.wsf. Performs cleanup tasks after deployment completes.
•
RecEnv.exe. If this utility exists, the user is prompted to determine if they want to launch Windows RE.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
Summary_Definition_ENU.xml. Displays the summary results for the LTI deployment.
•
TsmBootStrap.exe. Task sequence Bootstrap utility.
•
Wpeutil.exe. Initializes Windows PE and network connections; initiates LTI.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
BDDRun.exe “wscript.exe ScriptDirectory\LiteTouch.wsf ”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
189
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
_SMSTSPackageName
Write
Architecture
DeployDrive
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
ImageLanguage001
IsServerCoreOS
JoinDomain
JoinWorkgroup
KeyboardLocale
OSDAdapterCount
Phase
ResourceDrive
ResourceRoot
RetVal
SkipBDDWelcome
SkipFinalSummary
SkipWizard
TaskSequenceID
UILanguage
UserDomain
UserID
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
190
Name
Read
UserPassword
Write
UserLocale
WelcomeWizardCommand
WizardComplete
LTIApply.wsf This script is responsible for installing a Windows PE image, Windows XP image, or Windows Vista image to the target computer. The Windows PE image is used to collect information about the target computer and to run the deployment tasks on the target computer. Value
Description OperatingSystems.xml
Input Output
References
•
LTIApply.log. Log file that contains events generated by this script.
•
LTIApply_wdsmcast.log. Log file that contains events generated by the Wdsmcast utility.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
Bootsect.exe. Applies a boot sector to the hard disk.
•
ImageX.exe. A utility used to create and manage WIM files.
•
Wdsmcast.exe. A utility used by target computers to join a multicast transmission.
Location
distribution\Scripts
Use
cscript LTIApply.wsf
Arguments Value
Description
/pe
Uses the process for installing the Windows PE image on the target computer.
/post
Cleans up unnecessary files after the installation of an image.
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
Solution Accelerators
TRUE, event messages are sent to the console and the .log files.
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
Value
191
Description •
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeployRoot
OSGUID
OSVersion
ImageBuild
Write
ImageFlags
ImageProcessor
SourcePath
TaskSequenceID
UserDomain
UserID
UserPassword
WDSServer
LTICleanup.wsf This script removes any files or configuration settings (such as scripts, folders, registry entries, or automatic logon configuration settings) from the target computer after the deployment process completes. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
References
Location Solution Accelerators
•
LTICleanup.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
Bootsect.exe. Applies a boot sector to the hard disk. distribution\Scripts microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
192
Value Use
Solution Accelerators
Description cscript LTICleanup.wsf
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
193
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
_DoNotCleanLiteTouch
DeployRoot
DeploySystemDrive
ImageBuild
OSVersion
Write
LTICopyScripts.wsf This script copies the deployment scripts for the LTI and ZTI deployment processes to a local hard drive on the target computer. Value
Description
Input
None
Output
References
•
LTICopyScripts.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript LTICopyScripts.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
194
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Phase
Write
LTIGetFolder.wsf This script displays a dialog box that allows the user to browses to a folder. The selected folder path is stored in the FolderPath environment variable. Value
Description
Input
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Output
None
References
Location Use
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
WizUtility.vbs. Includes support functions and subroutines used by the user interface (such as wizard pages).
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts cscript LTIGetFolder.wsf
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
195
Properties Name
Read
DefaultFolderPath
Write
FolderPath
LTIOEM.wsf This script is used by an Original Equipment Manufacturer (OEM) during an LTI OEM scenario to copy the contents of a media deployment point to the target computer’s hard disk to prepare it for duplication. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
•
LTIOEM.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript LTIOEM.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/BITLOCKER
Enables BitLocker Drive Encryption
/BDE
Enables BitLocker Drive Encryption
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
196
Properties Name
Read
Write
_DoNotCleanLiteTouch
BdeInstall
DeployDrive
DeployRoot
TSGUID001
LTISysprep.wsf This script prepares the target computer for running Sysprep, runs Sysprep on the target computer, and then verifies that Sysprep ran successfully. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
References
•
LTISysprep.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Expand.exe. Expands compressed files.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript LTISysprep.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
197
Properties Name
Read
Architecture
DoCapture
OSCurrentBuild
SourcePath
Write
NICSettings_Definition_ENU.xml This .xml file contains the script code and HTML layout for the Configure Static IP Network Settings wizard page in the Windows Deployment Wizard. During an LTI deployment, Wizard.hta reads this .xml file and runs the embedded wizard page that prompts for the required network addressing configuration. If no static IP addressing configuration is supplied, the deployment scripts will default to using DHCP to obtain the required network configuration. Value
Description
Input
None
Output
None
References
ZTINICUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
198
Properties Name
Read
Write
OSDAdapter0DNSServerList
OSDAdapter0DNSSuffix
OSDAdapter0Gateways
OSDAdapter0IPAddressList
OSDAdapter0MacAddress
OSDAdapter0SubnetMask
OSDAdapter0WINSServerList
OSDAdapterCount
Summary_Definition_ENU.xml This .xml file contains the script code and HTML layout for the Deployment Summary wizard page in the Windows Deployment Wizard. During an LTI deployment, Wizard.hta reads this .xml file and runs the embedded wizard page that displays the summary results for the LTI deployment. This .xml file contains the following wizard pages: •
Success. Notification regarding the successful completion of the deployment tasks.
•
Failure. Notification regarding the failure to successfully complete the deployment tasks.
Value
Description
Input
None
Output
None
References
Summary_Scripts.vbs. Includes support functions and subroutines used by the wizard pages embedded in this .xml file.
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
199
Properties Name
Read
SkipFinalSummary
RetVal
Write
Summary_scripts.vbs This script is called by the Summary wizard page of the Windows Deployment Wizard. It contains functions and subroutines that are used for initialization and validation. Value
Description
Input
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
Event message are written to these log files: •
Summary_scripts.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language=”VBScript” src=”Summary_Scripts.vbs”/>
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
200
Properties Name
Read
DeploymentType
RetVal
Write
Wizard.hta This Hypertext Application (HTA) displays the Windows Deployment Wizard pages. Value
Description Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
Input
Output
References
Location
•
Wizard.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
WizUtility.vbs. Includes support functions and subroutines used by the script.
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
Use
mshta.exe Wizard.hta
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/NotWizard
Used to bypass wizard page prompts.
/Definition:filename
Specifies the .xml file that is to be loaded into the wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
201
Properties Name
Read
WizardComplete
Write
WizUtility.vbs This script contains functions and subroutines that are referenced by the various Windows Deployment Wizard scripts. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
WizUtility.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. LTIGetFolder.wsf. Script file that initiates a BrowseForFolder dialog box.
References Location Use
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts <script language=”VBScript” src=”WizUtility.vbs”/>
Arguments Value
Description
None
None
Properties Name
Read
DefaultFolderPath
FolderPath
OSVersion
UserDomain
UserCredentials
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
202
ZeroTouchInstallation.vbs This script is run to initiate the ZTI deployment process. The script: •
Checks that the target computer meets the requirements for running the Windows Deployment Wizard by calling ZTIPrereq.vbs.
•
Starts the Windows Deployment Wizard by running ZeroTouchInstallation.wsf.
For more information about ZTIPrereq.vbs and ZeroTouchInstallation.wsf, see the corresponding topics in the “Scripts” section of this reference. Value
Description
Input
None
Output
None
References
•
BDDRun.exe. Runs a command that requires user interaction.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
TsmBootStrap.exe. Task sequence Bootstrap utility.
•
ZTIGather.wsf. Gathers the properties and processing rules that control the deployment process.
•
ZTINicConfig.wsf. Configures network adapters.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the scripts in this file.
•
ZTIPrereq.vbs. Used to determine if the target computer meets the prerequisites for deploying a new operating system.
•
ZeroTouchInstallation.wsf. Initiates the ZTI deployment process.
Location
distribution\Scripts
Use
cscript ZeroTouchInstallation.vbs
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
203
Properties Name
Read
Write
None
ZeroTouchInstallation.wsf This script is responsible for controlling the ZTI deployment process. This includes running the ZTI deployment process using the appropriate task sequence file. Note
This script is initiated by ZeroTouchInstallation.vbs.
Value
Description
Input
•
task_sequence_file.xml. Contains the tasks and sequence of tasks for the ZTI deployment process (where task_sequence_file is the name of the task sequence file).
•
Environment Variables. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process. The environment variables are populated by ZTIGather.wsf.
•
ZeroTouchInstallation.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
BDDRun.exe. Runs a command that requires user interaction.
•
TsmBootStrap.exe. Task sequence Bootstrap utility.
•
ZTIGather.wsf. Gathers the properties and processing rules that control the deployment process.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZeroTouchInstallation.wsf
For more information about ZTIUtility.vbs, ZeroTouchInstallation.vbs, and task_sequence_file, see the corresponding topics in the “Scripts” section of this reference.
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
Solution Accelerators
TRUE, event messages are sent to the console and the microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
204
Value
Description .log files. •
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
_SMSTSPackageName
Architecture
DeployDrive
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
OSDAdapterCount
OSDInstallPackage
OSDPackageID
OSDPackagePath
OSVersion
Phase
ResourceDrive
ResourceRoot
ZTIApplications.wsf This script will initiate an installation of applications that have been configured on the Applications node in Deployment Workbench. This script will not attempt to install any application that: •
Does not support the target computer’s platform type.
•
Does not support the target computer’s processor type.
•
Has an uninstall entry in the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unin stall.
Note If the listed application has any dependent applications defined, this script will attempt to install those dependent applications before installing the listed application.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
205
Value
Description
Input
•
Applications.xml. Contains a list of applications to be installed. This file is created by Deployment Workbench.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIApplications.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
BDDRun.exe. Runs a command that requires user interaction.
Output
References
Location
distribution\Scripts
Use
cscript ZTIApplications.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
ApplicationGUID
DeploymentMethod
InstalledApplications
ResourceDrive
ResourceRoot
Write
SMSTSRebootRequested
SMSTSRetryRequested
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
206
ZTIAppXmlGen.wsf This script generates an .xml file, ZTIAppXmlGen.xml, to use when automatically capturing user data (documents) that are associated with installed applications. This script accomplishes this task by enumerating through the HKEY_CLASSES_ROOT\Software\Classes registry key and capturing any applications that: •
Are not associated with one of these file extensions: .mp3, .mov, .wma, .wmv, .chm, .evt, .evtx, .exe, .com, or .fon.
•
Are not associated with Microsoft Office, such as the 2007 Microsoft Office System or Microsoft Office 2003.
•
Have a valid open handler listed at: HKEY_CLASSES_ROOT\application\shell\open\command.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIAppXmlGen.xml. Contains a list of applications that are installed on the target computer.
•
ZTIAppXmlGen.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIAppXmlGen.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name USMTMigFiles
Solution Accelerators
Read
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
207
ZTIAuthorizeDHCP.wsf This script uses the Netsh tool to configure the target computer so that it is an authorized DHCP server in AD DS. For more information about authorizing DHCP servers, see “How to Use Netsh.exe to Authorize, Unauthorize and List DHCP Servers in Active Directory” at http://support.microsoft.com/kb/303351. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIAuthorizeDHCP.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Netsh.exe. A utility used to automate the configuration of networking components.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIAuthorizeDHCP.wsf
Note The security context that this script runs under must be a member of the Enterprise Admins group.
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name IPAddress
Solution Accelerators
Read
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
208
ZTIBackup.wsf This script performs a backup of the target computer using the ImageX utility. The backup is stored in the location specified in the BackupDir and BackupShare properties. For more information about the BackupDir and BackupShare properties, see the corresponding topics in the “Properties” section of this reference. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIBackup.log. Log file that contains events generated by this script.
•
ZTIBackup_imagex.log. Log file that contains events generated by ImageX.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ImageX.exe. A utility used to create and manage WIM files.
•
Reg.exe. The Console Registry Tool for reading and modifying registry data.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIBackup.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
BackupDir
BackupDisk
BackupDrive
BackupFile
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
209
Name
Read
BackupPartition
BackupShare
ComputerBackupLocation
DeploymentMethod
DeploymentType
DoCapture
ImageFlags
TaskSequenceID
Write
ZTIBCDUtility.vbs This script contains utility functions that are used by some of the MDT 2008 scripts when performing Boot Manager tasks. Value
Description
Input
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
None
References
•
BCDEdit.exe. A tool for editing the boot configuration of Windows Vista and later versions of Windows.
Location
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
Use
<script language="VBScript" src="ZTIBCDUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
Write
None
ZTIBde.wsf This script installs and configures BitLocker Drive Encryption on the target computer. Solution Accelerators microsoft.com/technet/SolutionAccelerators
210
Microsoft Deployment Toolkit 2008
Note The BitLocker Drive Encryption configuration is limited to New Computer and Upgrade Computer scenarios that have hard disks configured with a single partition.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
211
Value
Description
Input
•
BdeFixDiskPart.txt. Answer file used by the Diskpart tool to adjust drive letter assignments.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIBde.log. Log file that contains events generated by this script.
•
ZTIBdeFix_diskpart.log. Log file that contains events generated by the Diskpart tool.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
BdeHdCfg.exe. Manages the BitLocker Drive Encryption configuration.
•
Diskpart.exe. Utility that allows for the automated management of disks, partitions, and volumes.
•
ZTIDiskUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZTIBde.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
AdminPassword
BDEDriveLetter
BDEDriveSize
BDEInstall
BDEInstallSuppress
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
212
Name
Microsoft Deployment Toolkit 2008
Read
BDEKeyLocation
BDEPin
BDERecoveryKey
BDERecoveryPassword
BDESecondPass
BdeWaitForEncryption
ComputerName
DeploymentMethod
DeploymentType
OSDBitLockerCreateRecoveryPassword
OSDBitLockerMode
OSDBitLockerRecoveryPassword
OSDBitLockerStartupKey
OSDBitLockerStartupKeyDrive
OSDBitLockerTargetDrive
OSDBitLockerWaitForEncryption
OSVersion
Write
SMSTSRebootRequested
SMSTSRetryRequested
TPMOwnerPassword
ZTIBIOSCheck.wsf This script checks the BIOS on the target computer and then looks at a list of BIOSes that are incompatible with Windows Vista. The list of incompatible BIOSes is stored in the ZTIBIOSCheck.xml file. If the BIOS on the target computer is listed in the ZTIBIOSCheck.xml file, then the script returns a status that indicates the BIOS is incompatible with Windows Vista and the deployment process should be terminated. For information on populating the ZTIBIOSCheck.xml file with a list of incompatible BIOSes, see the corresponding topic in the “Support Files” section of this reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
213
Value
Description
Input
•
ZTIBIOSCheck.xml. Contains a list of BIOSes that are known to be incompatible with Windows Vista.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIBIOSCheck.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
Output
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIBIOSCheck.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
ZTICoalesce.wsf System Center Configuration Manager requires packages to be numbered sequentially, starting with PACKAGES001, with no gaps in the number sequence. Otherwise, installation will fail. This script allows variables to be defined and named using identifying information about the program to run—for example, ComputerPackages100, ComputerPackages110, or CollectionPackages150. Then, when this script is run, System Center Configuration Manager will find all variables that match a pattern (for example, all variable names that contain the string Packages), and build a sequential list, without gaps, using the base name PACKAGES.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
214
For example, if the following variables were defined (using computer variables, collection variables, or in CustomSettings.ini or the MDT 2008 database, for example): •
ComputerPackages100=XXX00001:Program
•
ComputerPackages110=XXX00002:Program
•
CollectionPackages150=XXX00003:Program
•
Packages001=XXX00004:Program
After the script runs, the list would be: •
PACKAGES001=XXX00004:Program
•
PACKAGES002=XXX00001:Program
•
PACKAGES003=XXX00002:Program
•
PACKAGES004=XXX00003:Program
System Center Configuration Manager would then be able to run all four programs. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTICoalesce.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTICoalesce.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
215
Properties Name
Read
CoalescePattern
Coalesce pattern to be used when performing the search. Default value is Packages.
CoalesceTarget
Get the target base variable name. Default value is PACKAGES.
Write
ZTIConfigure.wsf This script configures the Unattend.xml, Sysprep.inf, or Unattend.txt files with the property values specified earlier in the MDT 2008 deployment process. The script configures the appropriate file based on the operating system being deployed. This script reads the ZTIConfigure.xml file to determine how to update the Unattend.xml, Sysprep.inf, or Unattend.txt files with the appropriate values specified in the deployment properties. The ZTIConfigure.xml file contains the information to translate properties to settings in the Unattend.xml, Sysprep.inf, or Unattend.txt files. Value
Description
Input
•
ZTIConfigure.xml. Contains a list of property values (specified earlier in the deployment process) and their corresponding configuration settings.
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIConfigure.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
Output
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigure.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided). microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
216
Properties Name
Read
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
DomainAdminDomain
OSDTargetSystemDrive
Phase
TaskSequenceID
Write
Upgrade
ZTIConfigureADDS.wsf This script starts Dcpromo to configure the target computer as an AD DS domain controller. For more information about Dcpromo.exe, see Dcpromo at http://technet2.microsoft.com/windowsserver2008/en/library/d660e761-9ee7-4382-822a06fc2365a1d21033.mspx. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIConfigureADDS.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Dcpromo.exe. Installs and removes AD DS.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigureADDS.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
217
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
ADDSPassword
ADDSUserDomain
ADDSUserName
AutoConfigDNS
ChildName
ConfirmGC
DatabasePath
DomainLevel
DomainNetBiosName
ForestLevel
LogPath
NewDomain
NewDomainDNSName
OSVersion
ParentDomainDNSName
ReplicaOrNewDomain
ReplicaDomainDNSName
ReplicationSourceDC
SafeModeAdminPassword
SiteName
SysVolPath
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
218
ZTIConfigureDHCP.wsf This script configures DHCP on the target computer. Note
DHCP should already be installed on the target computer before running this script.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIConfigureDHCP.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Netsh.exe. A utility that permits automating the configuration of networking components.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigureDHCP.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DHCPScopes
DHCPScopesxEndIP
DHCPScopesxExcludeStartIP
DHCPScopesxExcludeEndIP
DHCPScopesxIP
DHCPScopesxName
DHCPScopesxOptionRouter
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
219
Name
Read
DHCPScopesxOptionDNSDomainName
DHCPScopesxOptionDNSServer
DHCPScopesxOptionLease
DHCPScopesxOptionNBTNodeType
DHCPScopesxOptionPXEClient
DHCPScopesxOptionWINSServer
DHCPScopesxStartIP
DHCPScopesxSubnetmask
DHCPServerOptionDNSDomainName
DHCPServerOptionDNSServer
DHCPServerOptionNBTNodeType
DHCPServerOptionPXEClient
DHCPServerOptionRouter
DHCPServerOptionWINSServer
IPAddress
Scopes
Write
Note The x in the properties listed here is a placeholder for a zero-based array that contains DHCP configuration information.
ZTIConfigureDNS.wsf This script configures DNS on the target computer. To perform the actual configuration tasks, the script uses the Dnscmd utility. For more information about Dnscmd.exe, see Dnscmd Overview at http://technet2.microsoft.com/windowsserver/en/library/5c497b2e-3387-4ecf-adf5562045620a961033.mspx. Note
DNS should already be installed on the target computer before running this script.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References Solution Accelerators
•
ZTIConfigureDNS.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Dnscmd.exe. Assists administrators with DNS management. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
220
Value
Description •
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConfigureDNS.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DNSServerOptionDisableRecursion
DNSServerOptionBINDSecondaries
DNSServerOptionFailOnLoad
DNSServerOptionEnableRoundRobin
DNSServerOptionEnableNetmaskOrdering
DNSServerOptionEnableSecureCache
DNSServerOptionNameCheckFlag
DNSZonesxName
DNSZonesxType
DNSZonesxMasterIP
DNSZonesxDirectoryPartition
DNSZonesxFileName
DNSZonesxScavenge
DNSZonesxUpdate
Write
Note The x in the properties listed here is a placeholder for a zero-based array that contains DNS configuration information.
ZTIConnect.wsf The MDT 2008 deployment process uses this script to authenticate with a server computer (such as a computer running SQL Server or another server that has a shared Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
221
network folder). When this script is run, it validates that a connection can be created to the network shared folder specified in the /uncpath argument. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIConnect.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIConnect.wsf /UNCPath:uncpath
Arguments Value
Description
/UNCPath:uncpath
Specifies a fully qualified UNC path to a network shared folder.
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
222
ZTICopyLogs.wsf Copy the Smsts.log and BDD.log files to a subfolder beneath the share specified by the SLShare property. The subfolder will be named the name specified by OSDComputerName, or OSDNewComputerName, or HostName. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTICopyLogs.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTICopyLogs.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
223
ZTIDeterminePartition.wsf Determines the user-specified hard disk partition layout. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTIDeterminePartition.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIDeterminePartition.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
DeploySystemDrive
ZTIDiskpart.wsf This script creates the disk partitions on the target computer by calling the Diskpart utility. The parameters used to configure the disk are specified by the Task Sequencer or in CustomSettings.ini. ZTIDiskpart.wsf is primarily run in New Computer scenarios. The process works like this: 1. The MDT 2008 deployment process runs the ZTIDiskpart.wsf script based on the steps and sequence of steps in the Task Sequencer. 2. ZTIDiskpart.wsf starts the Diskpart utility and sends it the required configuration commands. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
224
3. ZTIDiskpart.wsf runs ZTIDiskpart.cmd and provides this .txt file as a command-line parameter to ZTIDiskpart.cmd. 4. The disk is initially cleaned by sending Diskpart the CLEAN command. 5. If this is the first disk, and a disk configuration has not been specified by the Task Sequencer or in CustomSettings.ini, a single partition is created to store the operating system. However, if a disk configuration has been specified, the disk will be configured according to the specified configuration. 6. If BitLocker Drive Encryption is to be enabled, space is reserved at the end of the first disk. 7. All format commands are queued until after Diskpart has completed. If not explicitly specified by the Task Sequencer or in CustomSettings.ini, ZTIDiskpart.wsf performs a quick format of drive C using the following command: FORMAT C: /FS:NTFS /V:OSDisk /Q /Y 8. ZTIDiskpart.wsf copies the ZTIDiskpart_diskpart.log and BDD.log files from the RAM disk back to the hard drive. Customize the disk configuration of the target computer by providing the required information in the Task Sequencer or in CustomSettings.ini. For more information about configuring disks, see “Disk Customizations” in the MDT 2008 document, Deployment Customization Guide. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIDiskpart.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Diskpart.exe. Utility that allows for the automated management of disks, partitions, and volumes.
•
ZTIDiskUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIDiskpart.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
225
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
BDEDriveLetter
BDEDriveSize
BDEInstall
DeployDrive
DeploymentType
ImageBuild
OSDDiskIndex
OSDDiskpartBiosCompatibilityMode
OSDDiskType
OSDPartitions
OSDPartitionStyle
VolumeLetterVariable
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
226
ZTIDiskUtility.vbs This script contains disk-related functions and subroutines that are called by the various scripts in the MDT 2008 deployment process. Value
Description
Input
None
Output
•
ZTIDiskUtility.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="ZTIDiskUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
Write
None
ZTIDrivers.wsf This script installs additional device drivers onto the target computer before initiating the configuration of the operating system. This script reads the Drivers.xml file and copies the list of device driver files in the Drivers.xml file (created by and managed on the Drivers node in Deployment Workbench) to the target computer. When not deploying the Windows Vista operating system, the following updates are also performed on the target computer: •
The setup answer files Sysprep.inf or Unattend.txt are updated so that the OemPnPDriversPath property includes the new driver locations.
•
The following registry value is updated to include the new driver locations: HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\DevicePath.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
227
Value
Description
Input
•
Drivers.xml. Contains a list of device drivers to be copied to the target computer.
•
CustomSettings.ini. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
PnpEnum.xml. Contains a list of all devices installed on the target computer.
•
ZTIDrivers.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Microsoft.BDD.PnpEnum.exe. Utility that enumerates Plug and Play devices.
•
Reg.exe. The Console Registry Tool for reading and modifying registry data.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZTIDrivers.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentMethod
DeployRoot
DeploySystemDrive
DriverGroup
DriverPaths
OSDPlatformArch
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
228
Name
Read
Phase
ResourceRoot
TaskSequenceID
Write
ZTIGather.wsf This script gathers the properties and processing rules that control the deployment process. The properties and rules (also known as local properties) are explicitly defined in this script, and are contained in the ZTIGather.xml file, in the CustomSettings.ini file, and in the deployment database (created on the Database node in Deployment Workbench). Value
Description
Input
•
ZTIGather.xml. Contains a list of predefined properties that are parsed in the .ini file and deployment database.
•
CustomSettings.ini. Contains the list of property values, custom properties, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
•
ZTIGather.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
Wpeutil.exe. Initializes Windows PE and network connections; initiates LTI.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Output
References
Location
distribution\Scripts
Use
cscript ZTIGather.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
229
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
/localonly
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Returns only information about the target computer and the current operating system installed on the target computer. Does not parse the input .ini file (specified in the /inifile argument) and returns properties and rules specified in the .ini file. If not specified, the script will return information about the target computer and the currently installed operating system, and will parse the .ini file.
/inifile:ini_file_name
Name and path of the input .ini file that contains the properties and rules used in the deployment process. If not specified, the script uses the default value in CustomSettings.ini.
Properties Name All
Read
Write
ZTIGroups.wsf This script captures and restores the local group membership on the target computer. This script is called with the /capture argument to back up the group membership from the target computer before deploying the operating system. The CaptureGroups property contains the list of groups to be backed up by this script. The script is called with the /restore argument to restore the group membership after the operating system is deployed. When performing a restore, it will restore the membership of all groups that were backed up when the script was run using the /capture argument. Note When restoring group membership, the script does not create any destination groups that do not already exist on the target computer. Therefore, be sure to include all required groups in the reference computer when building the image file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
230
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIGroups.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIGroups.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/capture
Backs up the group membership of the local groups on the target computer as specified in the CaptureGroups property.
/restore
Restores the group membership to the local groups backed up earlier in the deployment process.
Properties Name
Read
CaptureGroups
Groups
HostName
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
231
ZTILangPacksOnline.wsf This script installs language packs for Windows Vista and Windows Server 2008. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTILangPacksOnline.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Lpksetup.exe. The Language Pack Setup tool used to add or remove language packs.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTILangPacksOnline.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
OSVersion
Write
ZTIMoveStateStore.wsf This script moves the captured user state and backup files to C:\Windows\Temp\StateStore. Note
This script is run only when deploying images using System Center Configuration Manager.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
232
Value
Description
Input
None
Output
•
ZTIMoveStateStore.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIMoveStateStore.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
None
ZTINextPhase.wsf This script updates the Phase property to the next phase in the deployment process. The Task Sequencer uses these phases to determine the sequence in which each task must be completed. The Phase property includes the following values: •
VALIDATION. Identify that the target computer is capable of running the scripts necessary to complete the deployment process.
•
STATECAPTURE. Save any user state migration data before deploying the new target operating system.
•
PREINSTALL. Complete any tasks that need to be done (such as creating new partitions) before the target operating system is deployed.
•
INSTALL. Install the target operating system on the target computer.
•
POSTINSTALL. Complete any tasks that need to be done before restoring the user state migration data. These tasks customize the target operating system before starting the target computer the first time after deployment (such as installing updates or adding drivers).
•
STATERESTORE. Restore the user state migration data saved during the State Capture Phase.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
233
For more information about the Phase property, see the corresponding topic in the “Properties” section of this reference. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTINextPhase.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTINextPhase.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DeploymentMethod
Phase
Write
ZTINICConfig.wsf This script configures activated network adapters with values that were captured by ZTIGather.wsf based on the properties listed in the CustomSettings.ini file or the deployment database (created on the Database node in Deployment Workbench). Value Input
Solution Accelerators
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
234
Value
Description
Output
•
ZTINICConfig.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTINicUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTINicConfig.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/ForceCapture
If there are any local networking adapters with static IP addresses saved, this script will capture those settings and save them to the local environment; for example, C:\MININT\SMSOSD\OSDLogs\Variables.dat. This script can be useful in capturing static IP settings for a large number of computers for automation.
/RestoreWithinWinPE
When specified, will apply any saved static IP network settings to the local computer, when appropriate. Used for internal processing only.
Properties Name
Read
Write
DeployDrive
DeploymentMethod
DeploymentType
DeployRoot
OSDAdapterCount
OSDMigrateAdapterSettings
OSGUID
Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
235
ZTINICUtility.vbs This script contains network adapter–related functions and subroutines that are called by the various scripts in the MDT 2008 deployment process. Value
Description
Input
None
Output
None
References
None
Location
distribution\Scripts
Use
<script language="VBScript" src="ZTINicUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name OSDAdapterAdapterIndexAdapterName
Read
Write
Note AdapterIndex in this property is a placeholder for a zero-based array that contains network adapter information.
ZTIOEM.wsf This script is used by the OEM duplication process when using MDT 2008 with System Center Configuration Manager. This script has two functions: 1. When run using the /PREOEM switch, the target computer is prepared for OEM duplication. 2. When run using the /POSTOEM switch, the target computer is reconfigured to allow starting from the hard drive so that it can complete the deployment task sequence. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
Solution Accelerators
•
ZTIOEM.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
236
Value
Description
References
•
ZTIDiskUtility.vbs. Includes support functions and subroutines used by the script.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIOEM.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
/PREOEM
Prepares the target computer for OEM duplication.
/POSTOEM
Completes the configuration of the target computer after OEM duplication.
Properties Name
Read
Write
ConfigFileName
ConfigFilePackage
ImagePackageID
InstallPackageID
Phase
OSArchitecture
OSDAnswerFilePath
OSDImageCreator
OSDImageIndex
OSDInstallEditionIndex
OSDImagePackageID
OSDInstallType
OSDisk
OSDTargetSystemDrive
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
237
Name
Read
Write
OSDTargetSystemRoot
OSVersionNumber
ZTIOSRole.wsf This script installs server roles for target computers that are running Windows Server 2008 and Windows Server 2003. The script reads the OSRoles, OSRoleServices, and OSFeatures properties to determine what should be installed. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIOSRole.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIOSRole.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
IsServerCoreOS
OSFeatures
OSRoles
OSRoleServices
OSVersion
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
238
Name
Read
Write
SMSTSRebootRequested
ZTIPackages.wsf This script installs a list of packages during the OSD State Restore Phase. During the installation process the script performs the following steps: 1. Verifies that the Osdswdexec executable file can be located. 2. Verifies the existence of the specified .ini file. The default .ini file is CustomSettings.ini. 3. Reads the Systems Management Server database connection information from the specified .ini file. 4. Connects to the Systems Management Server database. 5. Reads each package name from the Packages environment variable, and then, using the Osdswdexec executable, starts the package installation. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIPackages.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Osdswdexec.exe. SMS 2003 OSD Feature Pack application installer.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIPackages.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
239
Properties Name
Read
Write
PackageID
Packages
ProgramName
ZTIPatches.wsf This script installs updates (language packs, security updates, and so on) that are listed in the Packages.xml file. The script will terminate if the deployment is not in one of the following states: •
DeploymentMethod equals OSD and Phase equals POSTINSTALL
•
DeploymentMethod does not equal OSD and Phase equals PREINSTALL
The script will start Pkgmgr if the deployment is in the following state: •
DeploymentMethod equals OSD and Phase equals POSTINSTALL.
Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTIPatches.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Expand.exe. Expands compressed files.
•
Pkgmgr.exe. Installs or updates Windows Vista offline.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTIPatches.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
240
Value
Description (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeployRoot
DeploymentMethod
DeploymentType
LanguagePacks
OSDPlatformArch
PackageGroup
Phase
ResourceRoot
Write
ZTIPrereq.vbs This script checks to verify that the target computer has the prerequisite software installed, and that it is functional. The checks the script performs are: •
Determine if the Windows Script version is equal to or greater than version 5.6.
•
Verify that errors do not occur when object references are instantiated to Wscript.Shell, Wscript.Network, Scripting.FileSystemObject MSXML2.DOMDocument, and the Process environment.
If any one of the checks fail, an error is raised and the script exits the ValidatePrereq procedure. Value
Description
Input
None
Output
None
References
None
Location
distribution\Scripts
Use
None
Arguments Value
Description
None
None
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
241
Properties Name
Read
Write
None
ZTISCCM.wsf This script initializes ZTI when deploying using Systems Center Configuration Manager. The script performs the following procedure: 1. If debugging is activated, the script creates the OSD.Debug and Archive_OSD.sms files. 2. The script configures these properties: a. ScriptRoot is set to the parent folder of the currently running script. b. DeployRoot is set to the parent folder of ScriptRoot. c.
ResourceRoot is set to DeployRoot.
d. DeploySystemDrive is set to “C:.” e. DeploymentMethod is set to “CONFIGMGR.” 3. When DeployRoot contains “:\”: a. The DeployRoot folder is copied to _SMSTSMDataPath\WDPackage. b. ScriptRoot is set to _SMSTSMDataPath\WDPackage\Scripts. c.
DeployRoot is set to the parent folder of ScriptRoot.
d. ResourceRoot is set to DeployRoot. 4. When Phase is NULL: a. If the %SystemDrive% environment variable is “X:,” then DeploymentType is set to “NEWCOMPUTER” and Phase is set to “PREINSTALL.” Otherwise DeploymentType is set to “REPLACE” and Phase is set to “VALIDATION.” b. If the OldComputer.tag file exists in the parent folder of the current running script, then DeploymentType is set to “REPLACE” and Phase is set to “VALIDATION.” Otherwise DeploymentType is set to “REFRESH” and Phase is set to “VALIDATION.” For more information about these properties, see the corresponding topics in the “Properties” section of this reference. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
Solution Accelerators
•
ZTISCCM.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
242
Value
Description
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTISCCM.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
_SMSTSMDataPath
Architecture
BDDPackageID
DeploymentMethod
DeploymentType
DeployRoot
DeploySystemDrive
Phase
ResourceRoot
ScriptRoot
ToolRoot
ZTISetVariable.wsf This script sets the specified global task sequence variable that corresponds to the name contained in VariableName to the value contained in VariableValue. Value Input
Solution Accelerators
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process. microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
243
Value
Description
Output
•
ZTISetVariable.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTISetVariable.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
VariableName
VariableValue
Write
ZTIStorageDrivers.wsf This script injects required non-Microsoft mass storage drivers into Windows XP or Windows Server 2003 when deploying using a full set of source files and running Setup.exe. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIStorageDrivers.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
244
Value
Description
Use
cscript ZTIStorageDrivers.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentMethod
DeploySystemDrive
ImageBuild
InstallFromPath
OSDPlatformArch
ResourceRoot
StorageDriverGroupxxx
Write
ZTIStorageDriversSysprep.wsf This script injects required non-Microsoft mass storage drivers into Windows XP or Windows Server 2003 when deploying an image to the target computer that has been prepared using Sysprep. Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References Solution Accelerators
•
ZTIStorageDriversSysprep.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts. ZTIUtility.vbs. Includes support functions and subroutines used by the script. microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
Value
245
Description
Location
distribution\Scripts
Use
cscript ZTIStorageDriversSysprep.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentMethod
DeploySystemDrive
ImageBuild
OSDPlatformArch
ResourceRoot
StorageDriverSysPrepGroupxxx
Write
ZTITatoo.wsf This script tattoos the target computer with identification and version information. The script performs the following procedure: •
Locate and copy the ZTITatoo.mof file to the %SystemRoot%\System32\Wbem folder. Any preexisting ZTITatoo.mof that exists at the destination will be deleted before starting the copy operation.
•
Mofcomp.exe will be run using the following command: %SystemRoot%\System32\Wbem\Mofcomp.exe -autorecover %SystemRoot%\System32\Wbem\ZTITatoo.mof.
•
These deployment details are written to the registry at HKEY_LOCAL_MACHINE\Software\Microsoft\Deployment 4: •
Deployment Method is set to DeploymentMethod.
•
Deployment Type is set to DeploymentType.
• Deployment Timestamp is set to the current date in WMI date format. Solution Accelerators microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
246
•
•
•
Task Sequence ID is set to TaskSequenceID.
•
Task Sequence Name is set to TaskSequenceName.
•
Task Sequence Version is set to TaskSequenceVersion.
If OSDPACKAGEID is not NULL, these deployment details are written to the registry at HKEY_LOCAL_MACHINE\Software\Microsoft\Deployment 4: •
OSD Package ID is set to OSDPACKAGEID.
•
OSD Program Name is set to OSDPROGRAMID.
•
OSD Advertisement ID is set to OSDADVERTID.
If OSDPACKAGEID is not NULL, these deployment details are written to the registry at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion: •
Note
CM_DSLID is set to OSDSITECODE:OSDPACKAGEID. This script is not designed to run on Windows PE.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTITatoo.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Mofcomp.exe. Command-line .mof file compiler.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTITatoo.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
Solution Accelerators
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
247
Properties Name
Read
DeploymentMethod
DeploymentType
OSDAdvertID
OSDPackageID
OSDProgramID
OSDSiteCode
OSVersion
TaskSequenceID
TaskSequenceName
TaskSequenceVersion
Write
ZTIUserState.wsf This script initializes USMT to capture and restore user state on the target computer. Value
Description
Input
•
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
•
ZTIUserState.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Loadstate.exe. Deposits user state data on a target computer.
•
Msiexec.exe. Manages the installation of .msi-based applications.
•
Scanstate.exe. Collects user data and settings.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
References
Location
distribution\Scripts
Use
cscript ZTIUserState.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
248
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Architecture
DeploymentType
DeploySystemDrive
ImageSize
ImageSizeMultiplier
InstallFromPath
IsServerOS
LoadStateArgs
OSDPackagePath
OSDStateStorePath
OSVersion
ScanStateArgs
StatePath
UDDir
UDProfiles
UDShare
UserDataLocation
USMTConfigFile
USMTEstimate
USMTLocal USMTMigFiles
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
249
ZTIUtility.vbs This script contains utility functions that are used by most of the MDT 2008 scripts. Value
Description
Input
Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Output
None
References
Location
•
OSDConnectToUNC.exe. Connects to a UNC path.
•
Regsvr32.exe. Registers files (.dll, .exe, .ocx, and so on) with the operating system.
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
Use
<script language="VBScript" src="ZTIUtility.vbs"/>
Arguments Value
Description
None
None
Properties Name
Read
_OSDRESERVED1
_SMSTSAdvertID
_SMSTSCurrentActionName
_SMSTSCustomProgressDialogMessage
_SMSTSInstructionTableSize
_SMSTSLogPath
_SMSTSMachineName
_SMSTSNextInstructionPointer
_SMSTSOrgName
_SMSTSPackageID
_SMSTSPackageName
_SMSTSPackagePath
_SMSTSReserved1
_SMSTSReserved2
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
250
Name
Microsoft Deployment Toolkit 2008
Read
Architecture
AssetTag
ComputerName
Database
DBID
DBPwd
Debug
DeployRoot
EventShare
HostName
ImageBuild
Write
ImageFlags
ImageIndex
ImageLanguage
ImageMemory
ImageProcessor
ImageProcessorSpeed
ImageSize
InstallFromPath
Instance
JoinDomain
MacAddress
NetLib
OSDAdvertID
OSDComputerName
OSDNewMachineName
OSDPackageID
OSDPackagePath
OSGUID
OSVersion
ParameterCondition
Phase
Port
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
251
Name
Read
ResourceRoot
SLShare
SQLServer
SQLShare
StoredProcedure
Table
Write
TaskSequenceName
TaskSequenceVersion
UDDir
UDShare
UUID
UserID
UserPassword
UserDomain
WDSServer
ZTIValidate.wsf This script ensures that it is safe for the deployment to continue by validating the condition of the target computer. The script processes are: •
If DeploymentType equals REFRESH or UPGRADE and the target computer is a server, the script will exit.
•
If OSInstall exists and is not equal to YES, the script will exit.
•
Verify the minimum amount of RAM exists on the target computer. If not, the script will exit.
•
Verify the processor meets the minimum required speed. If not, the script will exit.
•
Verify the hard disk size meets the minimum size requirements. If not, the script will exit.
•
Verify that the target computer’s operating system is installed on drive C. If not, the script will exit.
•
During an Upgrade scenario: If VerifyOS = SERVER, verify that a server operating system is not pending deployment to a target computer that is running a workstation operating system.
•
During an Upgrade scenario: If VerifyOS = CLIENT, verify that a workstation operating system is not pending deployment to a target computer that is running a server operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
252
•
If DeploymentType equals REFRESH, verify that drive C is not compressed by running Compact /u C:\.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIValidate.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Compact.exe. Displays or alters the compression of files on NTFS file system partitions.
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIValidate.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
DeploymentType
ImageMemory
ImageProcessorSpeed
ImageSize
ImageSizeMultiplier
IsServerOS
Memory
OSDPackagePath
OSInstall
ProcessorSpeed
Solution Accelerators
Write
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
Name VerifyOS
Solution Accelerators
253
Read
Write
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
254
ZTIWindowsUpdate.wsf This script will download and install updates from computers on a corporate network that are running WSUS, Windows Update, or Microsoft Update, using the Windows Update Agent (WUA) API. By default, this feature is disabled in each task sequence and must be manually activated to run. This script was designed to run on Windows Vista, Windows Server 2008, Windows XP, and Windows Server 2003. Most enterprises will already have teams and infrastructures in place to update newly deployed computers over the corporate network. This involves tracking the latest set of patches, drivers, and updates available for each desktop configuration and determining which updates should be downloaded and installed for each configuration. If the organization already has an established process, this script might not be necessary. This script was designed to fill a need for deployment teams that might not have established processes, yet want to ensure that target computers are updated when deployed. This script will automatically scan the target computer and download a wide range of updates that are found to be applicable. Among these are: •
Windows service packs
•
Non-Microsoft drivers that were placed on Windows Update
•
Enhanced features for Windows Vista Ultimate
•
The latest Quick Fix Engineering (QFE) updates
•
Microsoft Office updates
•
Microsoft Exchange Server and SQL Server updates
•
Microsoft Visual Studio® updates
•
Some non-Microsoft application updates Tip Many hardware manufacturers have placed their drivers on Windows Update. These drivers no longer need to be maintained in the “Out of Box Drivers” directory. Experiment by removing drivers from the distribution share to see which ones are available on Windows Update. Note that if the drivers are not included with Windows by default, do not remove Networking or Storage drivers, because the operating system will require user input.
MDT 2008 supports the ability to deploy an updated version of WUA as part of the operating system deployment. This helps ensure that target computers are running the correct version of WUA when they are deployed. This also helps eliminate the need to connect to the Internet and download the latest version of WUA after deployment. MDT 2008 can also configure WUA to collect updates from computers on the corporate network that are running WSUS instead of connecting to Microsoft Updates over the Internet. MDT 2008 can optionally configure WUA to use a specific computer running WSUS using the WSUSServer property. For additional information and for WUA deployment instructions, go to http://technet.microsoft.com/en-us/library/bb932139.aspx. Obtain the latest version of the WUA stand-alone installer for: •
x86 versions (WindowsUpdateAgent30-x86.exe) at http://go.microsoft.com/fwlink/?LinkID=100334.
•
x64 version (WindowsUpdateAgent30-x64.exe) at http://go.microsoft.com/fwlink/?LinkID=100335.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
255
Windows Vista and Windows Server 2008 include the most recent version of WUA, so no upgrade is necessary for these operating systems. In Windows XP and Windows Server 2003, one of the following will occur: •
If the WUA 3.0 stand-alone installer files are in the TOOLS\architecture folder (where architecture is either x86 or x64) on the deployment point, MDT 2008 will automatically install WUA on the target computer. When downloading the WUA 3.0 stand-alone installer files, save them in the distribution\TOOLS\architecture folder (where distribution is the folder where the distribution point is created).
•
If the WUA 3.0 stand-alone installer files are not in the TOOLS\architecture folder on the deployment point and if the existing version of WUA is configured for a WSUS server, then WUA will attempt to update itself from a WSUS server. If the existing version of WUA is not configured for a WSUS server, then MDT 2008 will attempt to download and install WUA 3.0 from the Microsoft Update site. In this case, Internet access is required for the target computer.
Note
MDT 2008 does not support authentication with proxy servers.
For more information, see “Updating the Windows Update Agent” at http://msdn2.microsoft.com/en-us/library/aa387285.aspx. When enabled in the Task Sequencer, this script runs multiple times while in the State Restore phase of the operating system deployment. It is first run after the operating system has started for the first time. This ensures that the latest updates and service packs are installed before the installation of any applications that might be dependent on specific updates or service packs being installed on the target computer. For example, an application might be dependent on the latest version of the Microsoft .NET Framework being installed. This script is also run after the installation of applications. This ensures that the latest application service packs and updates have been applied. For example, use this script to ensure that the latest updates are applied to Microsoft Office 2003 or the 2007 Office system. It is possible, during the installation of one or more updates, that the target computer will need to be restarted to allow an update installation to fully complete. To ensure updates are properly installed, if the script detects that the installation of an update requires the target computer to be restarted, the script will automatically restart the target computer and resume again if additional updates have been detected and are pending installation. This script will exit if it determines that the target computer is fully up to date. An error will be logged if, while updating the target computer, the script has seven unsuccessful attempts to install the updates and the target computer still requires a reboot. During run time, the script performs the following tasks: •
Configures the target computer to use a WSUS server, if the WSUSServer property was specified.
•
Verifies that the latest version of the Windows Update Agent is installed on the target computer.
•
Searches the target computer for applicable updates that are not already installed and which might or might not be normally hidden.
•
Each update has an associated UpdateID and QNumber property: •
The UpdateID property is in GUID form, such as 67da2176-5c57-4614-a51433abbdd51f67.
•
The QNumber property is a numerical value, such as 987654.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
256
•
The script will compare the UpdateID and KBArticle property values against the list of exclusions specified in the following MDT 2008 properties: •
WUMU_ExcludeID: A list of UpdateIDs to exclude. Any update with an UpdateID found in this list will not be installed.
•
WUMU_ExcludeKB: A list of QNumbers to exclude. Any update with a QNumber found in this list will not be installed.
•
In addition, any update that requires user input will be excluded, and will not be installed.
•
All updates that require an End User License Agreement (EULA) to be approved will automatically be approved by the script. Be sure to manually read and check each EULA before running this script in a production environment.
•
The activity for each update is written to the ZTIWindowsUpdate.log file with the string INSTALL or SKIP if the update has been approved for installation, along with the UpdateID, a short description of the update, and the QNumber.
•
Each update that is to be installed is downloaded and installed in batches. The target computer might require more than one restart during the update installation.
Note
Internet Explorer 7 requires user interaction, so it is not installed using this script.
Note By default, include QNumber 925471 in the WUMU_ExcludeKB list to prevent Windows Vista Ultimate from installing extra language packs. Note If intranet sources are not available, this script will download two files from Microsoft Web sites: http://update.microsoft.com/redist/wuredist.cab and http://download.windowsupdate.com/v6/windowsupdate/redist/standalone/muauth.cab.
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
References
•
ZTIWindowsUpdate.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
•
Expand.exe. Expands compressed files.
•
WIZUtility.vbs. Includes support functions and subroutines used by the user interface (such as wizard pages).
•
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIWindowsUpdate.wsf
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Scripts
257
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is:
/UpdateCommand:para m
/Query:value
•
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
•
IsInstalled. Set to 0 to query for updates that are not installed.
•
IsHidden. Set to 0 to query for updates that are hidden.
•
True. Query only for required updates. Do not download and install any binaries.
•
False. Query for and install required updates. Download and install binaries.
Note
When specified, UpdateCommand requires at least one option.
Note
If specifying both options for UpdateCommand, they must be separated by “and”.
Note
The default value for UpdateCommand is IsInstalled=0 and IsHidden=0.
Properties Name
Read
Write
Architecture
MSIT_WU_Count
NoAutoUpdate_Previous
SMSTSRebootRequested
SMSTSRetryRequested
WSUSServer
WUMU_ExcludeID
WUMU_ExcludeKB
ZTIWipeDisk.wsf This script formats the target computer’s hard disk. The script: •
Exits if WipeDisk is not equal to TRUE.
•
Determines the appropriate drive to format.
•
Formats the drive by calling cmd /c format Drive /fs:ntfs /p:3 /Y (where Drive is the drive letter of the hard disk drive to be formatted).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
258
Value
Description Environment Variables. Contains the property values, custom property values, database connections, deployment rules, and other information required by the scripts to complete the deployment process.
Input
Output
•
ZTIWipeDisk.log. Log file that contains events generated by this script.
•
BDD.log. Log file that contains events generated by all MDT 2008 scripts.
References
ZTIUtility.vbs. Includes support functions and subroutines used by the script.
Location
distribution\Scripts
Use
cscript ZTIWipeDisk.wsf
Arguments Value
Description
/debug:value
Outputs the event messages to the console and to the .log files. If the value specified in value is: •
TRUE, event messages are sent to the console and the .log files.
•
FALSE, event messages are sent only to the .log files (this is the behavior when the argument is not provided).
Properties Name
Read
Write
ResourceRoot
WipeDisk
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Suppor t File s The utilities and scripts used in LTI and ZTI deployments reference external configuration files to determine the process steps and configuration settings used during the deployment process. The following information is provided for each utility: •
Name. Specifies the name of the file.
•
Description. Provides a description of the purpose of the file.
•
Location. Indicates the folder where the file can be found. In the information for the location, the following variables are used: •
program_files. This variable points to the location of the Program Files folder on the computer where MDT 2008 is installed.
•
distribution. This variable points to the location of the Distribution folder for the deployment point.
•
platform. This variable is a placeholder for the operating system platform (x86 or x64).
Some of the additional reference files are:
Applications.xml This .xml file contains metadata about the applications defined in the distribution share. This .xml file is created on the Applications node in Deployment Workbench and is read by ZTIApplications.wsf. Value
Description
Location
distribution\Control
BootStrap.ini The configuration file used when the target computer is not able to connect to the appropriate deployment point. This situation occurs in the New Computer and the Replace Computer scenarios. Value
Description
Location
distribution\Control
CustomSettings.ini The primary configuration file for the MDT 2008 processing rules used in all scenarios. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
260
Value
Description
Location
distribution\Control
Databases.xml This .xml file contains metadata about the databases used by MDT 2008. This .xml file is created on the Database node in Deployment Workbench. Value
Description
Location
distribution\Control
Deploy.xml This .xml file contains metadata about the configuration settings associated with MDT 2008 deployment points. This .xml file is created on the Deployment Points node in Deployment Workbench. Value
Description
Location
program_files\Microsoft Deployment Toolkit\Control
Drivers.xml This .xml file contains metadata about the device drivers defined in the distribution share. This .xml file is created on the Drivers node in Deployment Workbench and is read by ZTIDrivers.wsf. Value
Description
Location
distribution\Control
DriverGroups.xml This .xml file contains metadata that specifies the grouping of drivers as listed on the Groups tab for each defined driver. Each driver group node contains a listing of associated drivers. This .xml file is created on the Out-of-Box Drivers node in Deployment Workbench. Value
Description
Location
distribution\Control
ListOfLanguages.xml This .xml file contains metadata about the languages supported by MDT 2008 and is read by DeployWiz_Initialization.vbs. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Support Files Note
261
This .xml file is preconfigured and should never require modification.
Value
Description
Location
distribution\Scripts
OperatingSystems.xml This .xml file contains metadata about the operating systems in the distribution share. This .xml file is created on the Operating Systems node in Deployment Workbench. Value
Description
Location
distribution\Control
Packages.xml This .xml file contains metadata about operating system packages in the distribution share, including software updates and language packs. This .xml file is created on the OS Packages node in Deployment Workbench. Value
Description
Location
distribution\Control
ServerManager.xml This .xml file contains metadata about the OSRoles, OSRoleService, and OSFeatures that can be configured on Windows Server 2008 and Windows Server 2003. Note Not all values listed for OSRoles, OSRoleService, and OSFeatures are compatible with all server operating systems.
Value Location
Description program_files\Microsoft Deployment Toolkit\Bin
TaskSequences.xml This .xml file contains metadata about the task sequences that reside in the subfolders of distribution\Control. Value Location
Description distribution\Control
TS.xml This .xml file contains metadata about the task sequence definition. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
262
Value
Description distribution\Control\task_sequence_id
Location
Note Task_sequence_id is a placeholder for the task sequence ID that was assigned to each task sequence when it was created on the Task Sequences node in Deployment Workbench.
Variables.dat This .dat file contains property settings that are required when using the SMS 2003 OSD Feature Pack. Value
Description
Wimscript.ini This .ini file is an ImageX configuration file that contains the list of folders and files that will be excluded from being added to an image. It is referenced by ImageX during the LTI Capture phase. For assistance with customizing this file, see the section, “Create an ImageX Configuration File,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
distribution\Tools\platform
ZTIBIOSCheck.xml This .xml file contains metadata about BIOSes for target computers. This .xml file is edited manually and is read by ZTIBIOSCheck.wsf. Extract the necessary information from a target computer to create an entry in this .xml file using the Microsoft Visual Basic® Scripting Edition (VBScript) program (ZTIBIOS_Extract_Utility.vbs) that is embedded in this .xml file. Value
Description
Location
distribution\Scripts
ZTIConfigure.xml This .xml file is used by the ZTIConfigure.wsf script to translate property values (specified earlier in the deployment process) to configure settings in the Unattend.xml, Sysprep.inf, or Unattend.txt files. This .xml file is already customized to make the appropriate translations and should not require further modification. For more information about the ZTIConfigure.wsf script, see the corresponding topic in the “Scripts” section of this reference. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Support Files
263
Value
Description
Location
distribution\Scripts
ZTIDiskpart.txt This .txt file is an answer file used by the Diskpart.exe utility as part of the process for creating partitions on the target computer. This file contains actions that are processed by Diskpart.exe. The process is as follows: 1779.The MDT 2008 deployment process runs the ZTIDiskpart.exe based on the actions and sequence of actions in the Task Sequencer. 1780.ZTIDiskpart.wsf runs ZTIDiskpart.cmd and provides this .txt file as a command-line parameter to ZTIDiskpart.cmd. 1781.ZTIDiskpart.cmd runs Diskpart.exe and provides this .txt file as a command-line parameter to Diskpart.exe. 1782.Diskpart.exe reads the actions in this .txt file and then performs the corresponding action. This file can be customized to create different partition configurations on the target computer using a text editor. For more information about ZTIDiskpart.wsf and ZTIDiskpart.cmd, see the corresponding topics in the “Scripts” section of this reference. Value
Description
Location
distribution\Scripts
Use
Diskpart.exe /s ZTIDiskpart.txt
For more information about Diskpart, please see the section, “DiskPart Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide.
ZTIGather.xml In addition to the properties explicitly defined within each deployment script (also known as local properties), the deployment scripts also read this .xml file. This .xml file contains a list of properties that are to be processed by each deployment script to obtain values for the properties listed in the CustomSettings.ini file or the deployment database (created on the Deployment Workbench Database node). Note This .xml file is preconfigured and should never require modification. Define custom properties in the CustomSettings.ini file or the deployment database.
Value
Description
Location
distribution\Scripts
ZTISupportedPlatforms.xml This .xml file contains metadata about supported operating systems and associated queries. These queries can be used to identify target computers that are based on hardware platforms that are compatible with the supported operating systems. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
264
Value
Description
Location
•
distribution\Scripts
•
program_files\Microsoft Deployment Toolkit\Scripts
ZTITatoo.mof This .mof file, when imported into the WMI repository of the target computer using Mofcomp.exe, creates the Microsoft_BDD_Info WMI class. This class will contain deployment-related information, such as: •
DeploymentMethod
•
DeploymentType
•
DeploymentTimestamp
•
BuildID
•
BuildName
•
BuildVersion
•
OSDPackageID
•
OSDProgramName
•
OSDAdvertisementID
•
TaskSequenceID
•
TaskSequenceName
•
TaskSequenceVersion
Value Location
Solution Accelerators
Description distribution\Scripts
microsoft.com/technet/SolutionAccelerators
Uti lit ies The scripts used in LTI and ZTI reference utilities that perform specialized tasks that support the steps used during the deployment process. Use the following information to help determine the correct utilities to include in actions and the valid arguments to provide when running each utility. The following information is provided for each utility: •
Name. Specifies the name of the utility.
•
Description. Provides a description of the purpose of the utility.
•
Location. Indicates the folder where the utility can be found. In the information for the location, the following variables are used: •
program_files. This variable points to the location of the Program Files folder on the computer where MDT 2008 is installed.
•
distribution. This variable points to the location of the Distribution folder for the deployment point.
•
platform. This variable is a placeholder for the operating system platform (x86 or x64).
•
Use. Provides the commands and options that can be specified.
•
Arguments and description. Indicates the valid arguments to be specified for the utility and a brief description of what each argument means.
BCDEdit.exe BCDEdit.exe is a command-line tool for managing boot configuration data (BCD) stores. It can be used for a variety of purposes, including creating new stores, modifying existing stores, adding boot menu options, and so on. For more information about BCDEdit.exe, see BCDEdit Commands for Boot Environment at http://www.microsoft.com/whdc/system/platform/firmware/bcdedit_reff.mspx and BCDEdit Command-Line Options at http://technet2.microsoft.com/WindowsVista/en/library/08d64d13-4f45-4a05-bd86c99211a93dd91033.mspx. Value
Description
Location
Included in the Windows Automated Installation Kit (Windows AIK).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
266
Arguments Value
Description See the command-line help provided by this utility, Windows AIK, or the information found at the URLs listed in the utility description.
BDDRun.exe This utility is run as an action by the Task Sequencer for executables (such as a script or other code) that require user interaction. By default, the task sequence cannot run an executable that requires user interaction. However, this utility allows the Task Sequencer to run an executable that requires user interaction. The executable that requires user interaction is provided as an argument to this utility. This utility runs the executable in a separate command environment. Note This utility can only be used in LTI deployments. ZTI deployments prohibit any user interaction.
Value
Description
Location
distribution\Tools\platform
Use
BDDRun.exe commandline
Arguments Value
Description
commandline
The command to be run that requires user interaction.
Note Put double quotation marks around any part of the command-line portion of the argument that contains blanks. For example: BDDRun.exe MyAppInstaller.exe /destinationdir: "%ProgramFiles%\AppName".
BdeHdCfg.exe Manages the BitLocker Drive Encryption configuration. For detailed information about BdeHdCfg.exe, see the Microsoft Knowledge Base article, “Description of the BitLocker Drive Preparation Tool,” at http://support.microsoft.com/kb/930063. Value
Description
Location
Included in the Windows PE source files.
Arguments Value
Description
See KB article 930063. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Utilities
267
Bootsect.exe Bootsect.exe updates the master boot code for hard disk partitions to switch between BOOTMGR and NTLDR. Use this utility to restore the boot sector on the computer. For more information on Bootsect.exe, see the section, “Bootsect Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
distribution\Tools\platform
Use
bootsect.exe /nt52 C:
Arguments Value
Description
/Help
Displays the use instructions listed here.
/nt52
Applies the master boot code that is compatible with NTLDR to SYS, ALL, or DriveLetter. The operating system installed on SYS, ALL, or DriveLetter must be an earlier version of Windows Vista.
/nt60
Applies the master boot code that is compatible with BOOTMGR to SYS, ALL, or DriveLetter. The operating system installed on SYS, ALL, or DriveLetter must be Windows Vista.
SYS
Updates the master boot code on the system partition used to boot Windows.
All
Updates the master boot code on all partitions. ALL does not necessarily update the boot code for each volume. Instead, this option updates the boot code on volumes that can be used as Windows boot volumes, which excludes any dynamic volumes that are not connected with an underlying disk partition. This restriction is present because the boot code must be located at the beginning of a disk partition.
DriveLetter
Updates the master boot code on the volume associated with this drive letter. The boot code will not be updated if either 1) DriveLetter is not associated with a volume or 2) DriveLetter is associated with a volume not connected to an underlying disk partition.
/Force
Forcibly dismounts the volume(s) during the boot code update. Use this option with caution.
Compact.exe Displays or alters the compression of files on NTFS file system partitions.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
268
Value
Description
Location
Included in the Windows source files.
Arguments Value
Description
/C
Compresses the specified files. Directories will be marked so that files added afterward will be compressed.
/V
Uncompresses the specified files. Directories will be marked so that files added afterward will not be compressed.
/S
Performs the specified operation on files in the given directory and in all subdirectories. Default "dir" is the current directory.
/A
Displays files with the hidden or system attributes. These files are omitted by default.
/I
Continues performing the specified operation even after errors have occurred. By default, Compact.exe stops when an error is encountered.
/F
Forces the compress operation on all specified files, even those which are already compressed. Already-compressed files are skipped by default.
/Q
Reports only the most essential information.
filename
Specifies a pattern, file, or directory.
Diskpart.exe Diskpart is a text-mode command interpreter in Windows Vista, Windows XP, and Windows Server 2003. Using this utility allows management of objects (disks, partitions, or volumes) using scripts or direct input in a Command Prompt window. For more information on Diskpart.exe, see the section, “Diskpart Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
Included in the Windows PE source files.
Arguments Value
Description See the guide referenced in the utility description.
Expand.exe This utility is run to expand (extract) files from compressed files. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Utilities
269
Value
Description
Location
Included in the Windows source files.
Use
Expand.exe -r wuredist.cab -F:wuRedist.xml %temp%
Arguments Value
Description
-r
Rename expanded files.
-D
Display the list of files in the source directory.
Source
Source file specification. Wildcards may be used.
-F:Files
Name of files to expand from a .cab.
Destination
Destination file | path specification. Destination can be a directory. If Source is multiple files and -r is not specified, Destination must be a directory.
ImageX.exe ImageX is a command-line utility that enables original equipment manufacturers (OEMs) and corporations to capture, modify, and apply file-based disk images for rapid deployment. ImageX works with WIM files for copying to a network, or it can work with other technologies that use WIM images, such as Windows Setup, Windows Deployment Services, and the SMS 2003 OSD Feature Pack. For more information about ImageX, see the section, “What is ImageX,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
distribution\Tools\platform
Arguments Value
Description See the guide referenced in the utility description.
Microsoft.BDD.PnpEnum.exe This utility is run to enumerate Plug and Play devices that are installed on the target computer. Value
Description
Location
distribution\Tools\platform
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
270
Arguments Value
Description
None
Mofcomp.exe Mofcomp.exe is the Managed Object Format (MOF) compiler that parses a file that contains MOF statements and adds the classes and class instances defined in the file to the WMI repository. Mofcomp.exe provides command-line help on the switch use options. Value
Description
Location
Included in the Windows source files.
Arguments Value
Description See the command-line help provided by this utility.
Netsh.exe Netsh.exe is a command-line and scripting utility used to automate the configuration of networking components. For more information about Netsh.exe, see The Netsh Command-Line Utility at http://technet2.microsoft.com/WindowsServer/en/library/fd1e2fbe-15a6-413b-b71228afb312c92f1033.mspx. Value
Description
Location
Included in the Windows source files.
Arguments Value
Description See the command-line help provided by this utility or the information found at the URL listed in the utility description.
Reg.exe The Console Registry Tool and is used to read and modify registry data. Value
Description
Location
Included in the Windows source files.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Toolkit Reference: Utilities
271
Arguments Value
Description See the command-line help provided by this utility.
Regsvr32.exe This utility is used to register files (.dll, .exe, .ocx, and so on) with the operating system. Value
Description
Location
Included in the Windows source files.
Arguments Value
Description
file
The name of the file to register or unregister.
/s
Runs the utility in silent mode.
/u
Unregisters the file.
Wdsmcast.exe This utility is used by target computers to join a multicast transmission. It is only available in the Windows Server 2008 Windows AIK. For more information about Wdsmcast.exe, see the corresponding section in the Windows Server 2008 Windows AIK. Note The Windows Server 2008 Windows AIK is only available to organizations who are participating in the Windows Server 2008 Beta program.
Value
Description
Location
Included in the Windows Server 2008 Windows AIK.
Arguments Value
Description See the guide referenced in the utility description.
Wpeutil.exe The Windows PE utility (Wpeutil) is a command-line utility with which various commands can be run in a Windows PE session. For example, an administrator can shut down or reboot Windows PE, activate or deactivate a firewall, configure language settings, and initialize a network. MDT 2008 uses the utility to initialize Windows PE and network connections, and start LTI deployments. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Microsoft Deployment Toolkit 2008
272
For more information on Wpeutil.exe, see the section, “Wpeutil Command-Line Options,” in the Windows Preinstallation Environment (Windows PE) User’s Guide. Value
Description
Location
Included in the Windows PE source files.
Arguments Value
Description See the guide referenced in the utility description.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Table s and V iew s i n the Dep lo yment Wor kbenc h Da tabase In MDT 2008, many property settings can be stored (normally configured in the CustomSettings.ini file) in a database. Configuring the properties in a database helps create a generic CustomSettings.ini file that requires fewer modifications and allows one CustomSettings.ini file to be used in more images (because the file is more generic). Customize the database on the Database node in Deployment Workbench. Using Deployment Workbench, the deployment settings can be configured and saved in tables. However, queries about the information in the tables are done using views. Views help simplify the queries by joining results from multiple tables. ZTIGather.wsf queries the views to return the result set specified by the Parameters and ParameterCondition properties. For more information on configuring deployment settings on the Database node in Deployment Workbench, see the section, “Configuring the Database,” in the MDT 2008 document, Deployment Customization Guide.
Tables in the Deployment Workbench Database The following table lists the database tables that Deployment Workbench creates and manages. Table
Description
BDDAdminCore
Provides backward compatibility for BDD 2.5; not managed by Deployment Workbench.
ComputerIdentity
Used to identify a specific computer using any combination of the AssetTag, UUID, SerialNumber, and MACAddress properties. The table includes a Description column to provide a user-friendly method of describing the computer (usually the computer name).
LocationIdentity
Used to identify geographic locations using the Location property. The values for this property are stored in a corresponding column in the table.
LocationIdentity_DefaultGateway
Relates the default gateway values with a location identified in the LocationIdentity table. There is a one-to-many relationship between this table and the LocationIdentity table.
274
MSDN 2.0
Table
Description
MakeModelIdentity
Used to identify a specific make and model of a computer using the Make and Model properties. The values for these properties are stored in corresponding columns in the table.
PackageMapping
Used to associate the name presented in the Add or Remove Programs Control Panel item with a Systems Management Server package and program to be deployed in place of the application in Add or Remove Programs. For more information on this table, see the section, “Deploying Applications Based on Previous Application Versions,” in the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide.
RoleIdentity
Used to identify the purpose of a computer or the users of a computer using the Role property. The values for this property are stored in a corresponding column in the table.
Settings
Identifies the settings that are applied to an individual computer or a group of computers based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Administrators
Identifies the user accounts to be added to the local Administrator group on the target computer based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Applications
Identifies the applications to be deployed to the target computer based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Packages
Identifies the packages to be deployed to the target computer based on the settings in the Computers, Roles, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Settings_Roles
Identifies the roles to be associated with the target computer based on the settings in the Computers, Locations, and Make and Model nodes on the Database node in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
275
Views in the Deployment Workbench Database The following table lists and describes the database views that are used when querying configuration information in the Deployment Workbench database. View
Description
ComputerAdministrators
Used to find all accounts to be made members of the local Administrators group on the target computer. The view is a join of the ComputerIdentity and Settings_Administrators tables.
ComputerApplications
Used to find all applications to be deployed to the target computer. The view is a join of the ComputerIdentity and Settings_Applications tables.
ComputerPackages
Used to find all packages to be deployed to the target computer. The view is a join of the ComputerIdentity and Settings_Packages tables.
ComputerRoles
Used to find all roles to be associated with the target computer. The view is a join of the ComputerIdentity and Settings_Roles tables.
ComputerSettings
Used to find all property settings to be configured for the target computer. The view is a join of the ComputerIdentity and Settings tables.
LocationAdministrators
Used to find all the accounts to be made a member of the local Administrators group on the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Administrators tables.
LocationApplications
Used to find all the applications to be deployed to the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Applications tables.
LocationPackages
Used to find all the packages to be deployed to the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Packages tables.
LocationRoles
Used to find all the roles to be associated with the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings_Roles tables.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
276
MSDN 2.0
View
Description
Locations
Used to find the IP addresses for the default gateways within a location or for all the locations that contain a specified IP address for a default gateway. The view is a join of the LocationIdentity and LocationIdentity_DefaultGateway tables.
LocationSettings
Used to find all the property settings to be configured for the target computers within a location. The view is a join of the LocationIdentity, LocationIdentity_DefaultGateway, and Settings tables.
MakeModelAdministrators
Used to find all accounts to be made members of the local Administrators group on the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Administrators tables.
MakeModelApplications
Used to find all applications to be deployed to the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Applications tables.
MakeModelPackages
Used to find all packages to be deployed to the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Applications tables.
MakeModelRoles
Used to find all roles associated with the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings_Roles tables.
MakeModelSettings
Used to find all property settings to be configured for the target computers with a given make and model. The view is a join of the MakeModelIdentity and Settings tables.
RoleAdministrators
Used to find all accounts to be made members of the local Administrators group on the target computers with a given role. The view is a join of the RoleIdentity and Settings_Administrators tables.
RoleApplications
Used to find all applications to be deployed to the target computers with a given role. The view is a join of the RoleIdentity and Settings_Applications tables.
RolePackages
Used to find all packages to be deployed to the target computers with a given role. The view is a join of the RoleIdentity and Settings_Packages tables.
RoleSettings
Used to find all property settings to be configured for the target computers with a given role. The view is a join of the RoleIdentity and Settings tables.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
277
Microsoft® Deployment Toolkit 2008 Preparing for LTI Tools
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein might suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document might be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft might have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, BitLocker, SQL Server, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein might be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This guide contains detailed information about how to use Microsoft® Deployment Toolkit (MDT) 2008 Lite Touch Installation (LTI) process to deploy Windows® operating systems, the 2007 Microsoft Office system, and Microsoft Office 2003. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the Dep lo yment En vir onmen t Before deploying images to target computers, ensure that the deployment environment is properly prepared to run LTI tools. Some of the tasks shown in Table 1 might already have been completed in the environment. Skip steps that are complete. Table 1. Deployment Environment Checklist High-level steps to prepare the deployment environment q
Ensure the required infrastructure exists.
q
Install MDT 2008.
q
Create the deployment points.
q
Update the deployment point content.
Ensure the Required Infrastructure Exists See “Prerequisites for MDT 2008” in the MDT 2008 document Getting Started Guide.
Install MDT 2008 See the section, “Install MDT 2008,” in the MDT 2008 document, Quick Start Guide for Lite Touch Installation.
Create Deployment Points After MDT 2008 is installed, create the deployment point using the Deployment Point Wizard in Deployment Workbench.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Deployment Environment
3
Select the Appropriate Deployment Point Types Table 2 lists the deployment point options that are created using Deployment Workbench and the reasons for selecting each option. Table 2. Deployment Point Type Options Option
Select this option
Lab or single-server deployment (Lab)
When setting up the first deployment point in the environment. The environment should have only one of this deployment point type.
Separate deployment share (Network)
After creating a LAB deployment point type to provide additional deployment points for redundancy, load balancing, or to improve the performance of deployments in larger networks for LTI tools.
Removable media (Media)
After creating a Lab deployment point type so that bootable media can be created for deployments that are initiated from removable media (such as a DVDROM, USB flash drive [UFD], or other removable devices). Use this option when the deployment process cannot be initiated using Windows Deployment Services for LTI tools or when performing deployments by using the Litetouch OEM Task Sequence Template.
SMS 2003 OSD Feature Pack (OSD)
After creating a Lab deployment point type so that Microsoft Systems Management Server (SMS) 2003 Operating System Deployment (OSD) Feature Pack images can be created to be deployed using Zero Touch Deployment (ZTI) tools.
Note Network, Media, and SMS 2003 OSD Feature Pack deployment point types can be created without creating a Lab deployment point type. However, the Lab deployment point type should typically be the first deployment type created.
Create Additional Deployment Points The type of deployment point created determines the options the Windows Deployment Wizard is displayed. One Lab deployment point type is required in each environment (lab, test, prototype, or production). In addition to the Lab deployment point type, Network and Media distribution points can be created as necessary. SMS 2003 OSD Feature Pack deployment point types are used only with ZTI tools. Creating the Network and Media deployment points is covered in this section. For more information on creating the: •
Lab deployment point type, see the section, “Create the Deployment Point,” in the MDT 2008 document, Workbench Imaging Guide.
•
SMS 2003 OSD Feature Pack deployment point type, see the section, “Create the Deployment Point,” in the MDT 2008 document, Preparing for Microsoft Systems Management Server 2003.
To create a Network or Media deployment point, complete the following steps (skip any wizard pages that are not displayed based on the deployment point type selected): Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
1783.Start Deployment Workbench. 1784.In the console tree, expand Deploy, right-click Deployment Points, and then click New. The New Deployment Point Wizard starts. 1785.On the Choose Type page, click one of the options listed in Table 3 based on the environment’s requirements, and then click Next. Table 3. Deployment Point Type Options Option
Select this option to
Separate deployment share
Create a new deployment share on the same computer on which Deployment Workbench is running or on another computer.
Removable media
Create folders (and, optionally, an International Organization for Standardization [ISO] image file) to deploy images using removable media.
1786.On the Specify Deployment Point Name page, in the Deployment point name box, type deployment_point_name (where deployment_point_name is the descriptive name selected), and then click Next. 1787.On the Application List page, select or clear the Allow users to select additional applications on Upgrade check box based on the information in Table 4, and then click Next. Table 4. Allow Users to Select Additional Applications on Upgrade Check Box Options Check box
Select this option to
Selected
Display the page in the Windows Deployment Wizard that prompts users to select additional applications to be installed at the same time they are upgrading. The wizard page is displayed in the Windows Deployment Wizard when performing an Upgrade scenario.
Cleared
Suppress the page in the Windows Deployment Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Deployment Environment
5
1788.On the Allow Admin Password page, select or clear the Ask user to set the local Administrator Password check box based on the information in Table 5, and then click Next. Table 5. Ask User to Set the Local Administrator Password Check Box Options Check box
Select this option to
Selected
Display the page in the Windows Deployment Wizard that prompts users to provide the local Administrator password for the target computer.
Cleared
Suppress the page in the Windows Deployment Wizard.
1789.On the Allow Product Key page, select the Ask user for a product key check box based on the information in Table 6, and then click Next. Table 6. Ask User for a Product Key Check Box Options Check box
Select this option to
Selected
Display the page in the Windows Deployment Wizard that prompts users to provide a product key for the target computer.
Cleared
Suppress the page in the Windows Deployment Wizard.
1790.Complete the Network Share page based on the information in Table 7, and then click Next. Table 7. Configuration Options for the Network Share Wizard Page In this box
Type
Server name
computer_name (where computer_name is the name of the computer that will host the shared folder)
Share name
share_name (where share_name is the name of the share to be created on the computer that will host the shared folder)
Path for share
path_name (where path_name is the fully qualified path to the share on the computer that will host the shared folder) Note This should be an existing local path on the server where the network share will be created.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
1791.On the Configure User State page, click one of the options listed in Table 8 based on requirements, and then click Finish. Table 8. User Data Defaults Options Option
Select this option to
Automatically determine the location on the Network
Allow the MDT 2008 scripts and process rules to automatically determine the best location based on network shared folders available to the target computer.
Automatically determine the location on the Local System
Allow the MDT 2008 scripts and process rules to determine the best location based on local available disk space on the target computer.
Specify a location
Save the user state migration data to a specific location. In the Location box, type location (where location is the fully qualified path to the location for storing the user state migration data).
Do not save data and settings
Discard any existing user state migration data. Click this option when deploying a new computer with no existing data.
The New Deployment Point Wizard finishes, and the new deployment point name appears in the details pane.
Update Deployment Point Content The various nodes in Deployment Workbench may require updates since initially creating and populating the deployment point so that the deployment point reflects the most current configuration. For example, application or device drivers may have to be added to the deployment point. For more information on updating: •
Applications, see the section, “Applications,” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating systems, see the section, “Operating Systems,” in the MDT 2008 document, Workbench Imaging Guide.
•
Operating system packages, see the section, “Packages,” in the MDT 2008 document, Workbench Imaging Guide.
•
Device drivers, see the section, “Out-of-Box Drivers,” in the MDT 2008 document, Workbench Imaging Guide.
•
Task sequences, see the section, “Task Sequences,” in the MDT 2008 document, Workbench Imaging Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Pr ocess ing R ules At this step in the planning process, configure the appropriate processing rules based on the environment. The deployment process uses rules to configure target computers. For more information about configuring the appropriate processing rules, see the MDT 2008 document, Deployment Customization Guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Pr epar ing the W indo ws Dep lo yment Ser vi ces Se r ver Although Windows Deployment Services is used in stand-alone mode in the following example, note that MDT 2008 can use Windows Deployment Services for various purposes, including: •
Booting to Windows Preinstallation Environment (Windows PE) in a New Computer scenario.
•
Hosting custom images that can be deployed using Deployment Workbench.
Additionally, when using Windows Deployment Services with Microsoft System Center Configuration Manager 2007, a Pre-Boot Execution Environment (PXE) service point must be set on the computer on which Windows Deployment Services is installed. When migrating computers that neither Systems Management Server nor the System Center Configuration Manager manage, initiate the image-installation process using Windows Deployment Services. During the deployment process, Windows Deployment Services servers are responsible for installing: •
Windows PE on the target computers. Start Windows PE from Windows Deployment Services to prepare the computers for operating system image deployment.
•
Windows XP with Service Pack 2 (SP2) or Windows Vista on the target computers. Initiate a Windows XP with SP2 or Windows Vista deployment directly from the Windows Deployment Services server.
•
Windows Server 2008 or Windows Server 2003 on the target computers. Initiate a Windows Server 2008 or Windows Server 2003 deployment directly from the Windows Deployment Services server.
For networks that support multicasting, click Multicasting to deploy an image to a large number of client computers while minimizing bandwidth use. This feature is disabled by default. When creating a transmission, two options for the multicast type are available: •
Auto-Cast. In this option, as soon as an applicable client computer requests an installation image, a multicast transmission of the selected image begins. Then, as other client computers request the same image, they are joined to the transmission that has already started.
•
Scheduled-Cast. This option sets the start criteria for the transmission based on the number of client computers that are requesting an image or a specific day and time.
Note The plug-and-play process on dissimilar hardware takes time. Therefore, during the deployment process, allow time for the client computer to adapt to the hardware.
MDT 2008 supports only the multicast transfer of images contained on the LTI$ distribution share. Note
The Multicasting feature in MDT 2008 is only supported in Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Windows Deployment Services Server
9
Ensure that the Windows Deployment Services servers have copies of the Windows PE images when they become available from the development team that creates them. Table 9 provides a checklist for preparing Windows Deployment Services. Table 9. Windows Deployment Services Checklist High-level steps in the Windows Deployment Services preparation q
Select the Windows Deployment Services operational mode.
q
Add images to the server running Windows Deployment Services.
q
Pre-stage the target computers for Windows Deployment Services.
q
Configure MDT 2008 and Windows Deployment Services for multicast operation.
For more information about setting up and configuring the Windows Deployment Services server, see: •
The Windows Deployment Services Help file, included in Windows Deployment Services.
•
The white paper, “Deploying and Managing the Windows Deployment Services Update on Windows Server 2003,” at http://go.microsoft.com/fwlink/?LinkId=81031.
Select the Windows Deployment Services Operational Mode Windows Deployment Services is responsible for initiating the deployment process for PXE boot-enabled target computers. To use Windows Deployment Services for LTI, run Windows Deployment Services in Mixed or Native mode. Table 10 compares the operational modes of Windows Deployment Services.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Table 10. Windows Deployment Services Operating Modes Mode
Description
Legacy
Functionally equivalent to Remote Installation Service (RIS). This configuration supports only:
Mixed
Native
•
OSChooser as the boot operating system.
•
Images created by Remote Installation Service Setup (Risetup) and Remote Installation Preparation (Riprep).
•
Administration using the normal RIS tools.
Allows compatibility with RIS and Windows Deployment Services. This configuration supports only: •
OSChooser or Windows PE as the boot operating system.
•
Images created by Risetup, Riprep, or Windows Imaging Format (WIM).
•
Administration using the normal RIS tools or Windows Deployment Services management tools.
Provides only Windows Deployment Services–specific support and is incompatible with the SMS 2003 OSD Feature Pack and ZTI. This configuration supports only: •
Windows PE as the boot operating system.
•
Images created by WIM.
•
Administration using the Windows Deployment Services management tools.
For more information on configuring Windows Deployment Services to run in Mixed or Native modes, see: •
Windows Deployment Services Help files.
•
The white paper, “Deploying and Managing the Windows Deployment Services Update on Windows Server 2003,” at http://go.microsoft.com/fwlink/?LinkId=81031.
Add Boot Images to the Windows Deployment Services Server The operating system images that Windows Deployment Services uses were created during the section, “Operating Systems,” in the MDT 2008 document, Workbench Imaging Guide. Place these images on the server running Windows Deployment Services so that Windows Deployment Services can use the images.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Windows Deployment Services Server
11
Windows Deployment Services supports the following types of images: •
Install images. Install images are operating system images that are installed to target computers, which boot to a Windows Deployment Services server. The type of install images MDT 2008 supports is: •
•
WIM format. WIM files contain one or more compressed Windows images. WIM files are file-based rather than sector-based, making it easier to update existing images. WIM files also use Single Instance Storage (SIS) technology, eliminating duplication of files within a WIM image.
Boot images. Boot images are Windows PE images that contain the Windows Deployment Services client and are used to present an initial boot menu when a client contacts a Windows Deployment Services server. The type of boot image MDT 2008 supports is: •
Setup images. This is the default image type when a boot image is exported from the Windows Deployment Services image store. When a client computer boots to a Setup image, Windows Setup is immediately invoked.
For more information about adding an install or boot image to the server running Windows Deployment Services, see the topic, “Add an Image,” in Windows Deployment Services Help, which is included in Windows Deployment Services.
Pre-stage Target Computers for Windows Deployment Services PXE client computers can be pre-staged in Active Directory® Domain Services (AD DS) domains. When target computers are pre-staged, the computer accounts exist in AD DS domains (also called known computers). Target computers that are not pre-staged do not have computer accounts in AD DS domains (also called unknown computers). Windows Deployment Services can be configured to respond to computers that are known or unknown. Depending on the Windows Deployment Services configuration, the target computers may need to be pre-staged. This authorizes Windows Deployment Services to deploy operating system images to the target computer. Note If Windows Deployment Services is configured to respond to any computer (known or unknown), pre-staging the target computers is not necessary. LTI will not use a pre-staged computer account when joining the domain. Instead, LTI will use the computer name and credentials configured in the task sequence or through the rules process.
To pre-stage the target computers for Windows Deployment Services 1792.Click Start, point to Administrative Tools, and then click Active Directory Users and Computers. 1793.In the console tree, right-click organizational_unit (where organizational_unit is the name of the organizational unit that will contain the target computer), point to New, and then click Computer. 1794.In the New Object – Computer dialog box, in the Computer name box, type computer_name (where computer_name is the name of the target computer), and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
1795.In the Managed dialog box, select the This is a managed computer check box. Then, in the Computer’s unique ID (GUID/UUID) box, type guid_uuid (where guid_uuid is the globally unique identifier/universally unique identifier [GUID/UUID] of the computer), and then click Next. Note For more information on locating the GUID for target computers, see the Microsoft TechNet document, “Locate the GUID for client computers,” at http://technet2.microsoft.com/WindowsServer/en/library/c2d81caf-dd93-4f4b-bc2d907c0413805c1033.mspx.
1796.In the Host server dialog box, click one of the following options, and then click Next: •
Any available remote installation server. Clicking this option specifies that this computer can be serviced by any RIS/Windows Deployment Services server.
•
The following remote installation server. Clicking this option designates a specific server to service the computer. Specify the fully qualified domain name (FQDN) of the server running Windows Deployment Services.
1797.In the New Object – Computer dialog box, review the information displayed, and then click Finish. 1798.Close all open windows.
Configuring MDT 2008 and Windows Deployment Services for Multicast Operation Multicast deployment of images by Windows Deployment Services allows multiple computers to receive a single copy of an image, which reduces the amount of network traffic required when multiple computers need to receive the same image. MDT 2008 supports multicast-based deployments on the following deployment point types: •
Lab or single-server deployment (Lab). In this scenario, MDT 2008 is installed on a computer running Windows Server 2008 with the Windows Deployment Services role.
•
Separate deployment share (Network). In this scenario, the computer hosting the Network deployment point is running Windows Server 2008 with the Windows Deployment Services role and MDT 2008 is installed on the same computer, MDT 2008 can automatically configure Windows Deployment Services. If the computer on which MDT 2008 is installed is running Windows Server 2003, then Windows Deployment Service must be configured manually.
Note This method cannot be used to allow multicast for boot images, as the multicast client is not loaded until after Windows PE is running.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Preparing the Windows Deployment Services Server
13
Enabling Multicast Deployments on a Lab or Single-Server Deployment (Lab) Deployment Point In this scenario, MDT 2008 is installed on a computer running Windows Server 2008 with the Window Deployment Services server role. In this scenario, MDT 2008 can automatically configure Windows Deployment Services to support multicast deployments. To enable multicast deployments on a Lab or single-server deployment (Lab) deployment point 1799.Install Windows Server 2008 on the computer that is to be the deployment server. 1800.Install the Windows Deployment Services server role on the computer that is to be the deployment server. 1801.Install Window Automated Installation Kit (Windows AIK) version 1.1 on the computer that is to be the deployment server. 1802.Install MDT 2008 on the computer to be the deployment server. 1803.Start Deployment Workbench 1804.In the Deployment Workbench console tree, expand Deploy, and then click Deployment Points. 1805.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point for which multicast deployments will be enabled), and then click Properties. 1806.In the deployment_point Properties dialog box (where deployment_point is the name of the deployment point), on the General tab, select the Enable multicast for this deployment point check box, and then click OK. 1807.In the Actions pane, click Update. When completed, Deployment Workbench creates an Auto-Cast Windows Deployment Services multicast transmission from the deployment point.
Enabling Multicast Deployments on a Separate deployment share (Network) Deployment Point In this scenario, there are the following possibilities: •
MDT 2008, Windows Deployment Services, and Windows Server 2008 are all installed on the same computer. In this configuration, follow the same procedures as described in the section, “Enabling Multicast Deployments on a Lab or singleserver deployment (Lab) Deployment Point,” earlier in this guide.
•
Windows Deployment Services and Windows Server 2008 are all installed on the computer acting as the deployment server, but MDT 2008 is installed on another computer. In this configuration, remotely run the WDSUTIL command on the computer running Windows Deployment Services and Windows Server 2008.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
To enable multicast deployments on a Supporting multicast deployments on a Separate deployment share (Network) Deployment Point when MDT 2008 is installed on a different computer 1808.Install Windows Server 2008 on the computer hosting the Separate deployment share (Network) deployment point. 1809.Install the Windows Deployment Services server role on the computer hosting the Separate deployment share (Network) deployment point. 1810.Install Windows AIK 1.1 on the deployment server. 1811.Install MDT 2008 on the deployment server. 1812.On the computer hosting the Separate deployment share (Network) deployment point, in a Command Prompt window, type the following command, and then press ENTER (where remote_server is the name of the computer running Windows Server 2008 with the Windows Deployment Services server role and deploy_point_path is the fully qualified path to the root of the deployment point). wdsutil.exe /new-namespace /friendlyname:"BDD Share Deploy$" /server:remote_server /namespace:"Deploy$" /contentprovider:WDS /configstring:"deploy_point_path" /namespacetype:AutoCast When completed, the WDSUTIL tool creates an Auto-Cast Windows Deployment Services multicast transmission from the deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Con figu ri ng t he A ppr opr ia te Resour ce Access During deployment to the target computers, deployment scripts connect to the deployment point shares and shared folders. Create accounts for the scripts to use when accessing these resources. Table 11 provides the checklist for resource access tasks. Table 11. Resource Access Checklist High-level steps for resource access configuration q
Create additional shared folders.
q
Configure shared folder permissions.
q
Configure access to other resources.
Create Additional Shared Folders Before starting the deployment, create additional shared folders in which to store the user state migration data and the deployment logs. Table 12 lists the shared folders that must be created and describes the purpose of each. Table 12. Shared Folders and Their Descriptions Shared folder
Description
MigData
Stores the user state migration data during the deployment process.
Logs
Stores the deployment logs during the deployment process.
Note The files in Table 12 are recommended shared folder names. Use any name for these shared folders. However, the remainder of the deployment process refers to these shared folders by these names.
Configure Shared Folder Permissions After creating additional shared folders listed in Table 12, configure the appropriate shared folder permissions. Ensure that unauthorized users are unable to access user state migration information and the deployment logs. Only the target computer creating the user state migration information and the deployment logs should have access to these folders.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
To configure the shared folder permissions for the folders listed in Table 12, perform the following steps for each folder: 1813.In Windows Explorer, right-click SharedFolder (where SharedFolder is one of the shared folders listed in Table 12), and then click Properties. 1814.On the Security tab, click Advanced. 1815.On the Permissions tab, clear the Allow inheritable permissions from the parent to propagate to this object and all child objects check box. 1816.In the Security dialog box, click Remove. 1817.On the Permissions tab, click Add. 1818.In the Enter the object name to select box, type Domain Computers, and then click OK. This action allows domain computers to create subfolders. 1819.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Apply onto list, click This folder only. 1820.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Permissions list, click Allow for the Create Folders/Append Data permission, and then click OK. 1821.Repeat steps 6–9, substituting Authenticated Users for Domain Computers. 1822.On the Permissions tab, click Add. 1823.In the Enter the object name to select box, type CREATOR OWNER, and then click OK. This action allows domain computers and domain users to access the subfolders they create. 1824.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Apply onto list, click Subfolders and files only. 1825.In the Permission Entry for SharedFolder dialog box (where SharedFolder is one of the shared folders listed in Table 12), in the Permissions list, click Allow for the Full Control permission, and then click OK. 1826.Repeat steps 11–14 for each group that will receive Administrator privileges. The permissions set in these steps allow a target computer to connect to the appropriate share and create a new folder in which to store user state information or logs, respectively. The folder permissions prevent other users or computers from accessing the data stored in the folder.
Configure Access to Other Resources In addition to the shared folders just created, the MDT 2008 scripts might require access to other resources. The resources include application or database servers (such as Microsoft SQL Server® 2005, SQL Server 2000, or Microsoft Exchange Server 2003). Access is granted to the credentials specified in the: •
UserID, UserPassword, and UserDomain properties.
•
Windows Deployment Wizard.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Preparing for LTI Tools: Configuring the Appropriate Resource Access
17
Grant access to the following resources: •
MDT 2008 deployment point. Configure access to the deployment point created in Deployment Workbench.
•
Any resources accessed using the ZTIConnect.wsf script. Configure access to resources that are referenced using the ZTIConnect.wsf script. Note For further guidance on using the ZTIConnect.wsf script, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Samples Guide.
•
Any resources on application or database servers. Configure access to applications or databases that are accessed through the SQLServer, SQLShare, and Database properties. Note Other connections to the same servers, such as Named Pipes and Remote Procedure Call (RPC), use the same credentials listed above. Use the ZTIConnect.wsf script to establish these connections.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Upd ating t he Dep lo yment Poin ts After the initial configuration, modifications to the images created may need to be made. These modifications might change configuration files (such as CustomSettings.ini) or add files to or remove them from images. After making these modifications to the images, update the deployment points that are used to deploy the images. To update the deployment points 1827.Make the necessary modifications to the images or support files. 1828.Start Deployment Workbench. 1829.In the Deployment Workbench console tree, expand Deploy, and then click Deployment Points. 1830.In the details pane, right-click deployment_point (where deployment_point is the name of the deployment point to update), and then click Update. The Update Deploy Point dialog box appears and indicates the progress for updating the deployment point. The dialog box closes when the process is complete. 1831.Close all open windows.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Running the W indo ws Depl oymen t W iza r d To initiate the deployment of Windows to target computers, run the Windows Deployment Wizard. Initiate the Windows Deployment Wizard manually or by using Windows Deployment Services. Each deployment scenario (Upgrade Computer, Replace Computer, New Computer, or Refresh Computer) uses a different process. Initiate the deployment from Windows Deployment Services, a network share, from local drives, or using a DVD. After initiating the Windows Deployment Wizard, the deployment process begins. The process prompts for any configuration settings that are not already specified. Depending on the deployment scenario selected and the configuration options specified in CustomSettings.ini, the Windows Deployment Wizard displays different wizard pages. The logic for displaying (or not displaying) a wizard page is noted for each wizard page in the following steps. To deploy the new operating system to the target computer using the Windows Deployment Wizard, complete the following steps (skip any wizard pages that are not displayed based on the deployment point type selected): 1832.Verify that the folders in Table 13 no longer exist on the target computer. The Windows Deployment Wizard creates and uses the folders listed in Table 13 during the deployment process. If a previous deployment was terminated because of an error, these folders might still exist on the target computer. If these folders are not removed, the process will continue from the point where the process terminated instead of starting from the beginning. Remove these folders, if they exist, before initiating a new deployment. These folders exist on os_drive (where os_drive is the drive where the operating system is installed). Table 13. Folders to Remove Before Initiating the Windows Deployment Wizard Folder
Description
os_drive:\MININT
This folder is preserved through the deployment process and contains deployment state information (such as user state migration information and log files).
os_drive:\_SMSTaskSequence
This folder contains state information specific to the Task Sequencer.
20
MSDN 2.0
1833.Initiate the Windows Deployment Wizard by connecting to the appropriate deployment point (for example, \\servername\Distribution$\Scripts) and typing cscript litetouch.vbs. This wizard appears when the conditions in Table 14 are met. Table 14. Welcome to the Windows Deployment Wizard Page Conditions Property
Condition
DeployRoot
Begins when X:\ or the DeployRoot property equals “”. (Typically, the Windows Deployment console automatically sets this value.)
1834.On the Welcome to the Windows Deployment Wizard page shown in Figure 1, type the Universal Naming Convention (UNC) path to the Distribution share for a local server based on the environment’s requirements, and then click Next. Use this wizard page to select deployment shares (called deployment points in Deployment Workbench) based on a site. Sites are logical groupings of one or more deployment points.
Figure 1. Windows Deployment Wizard welcome page
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
21
1835.On the Select a task sequence to execute on this computer page, shown in Figure 2, in The following task sequences are available section, click task_sequence (where task_sequence is the name of the task sequence to run). Note If a task sequence based on the Litetouch OEM Task Sequence template appears in the list, ensure that the deployment is being performed from a removable media (MEDIA) deployment point type. Although task sequences based on the Litetouch OEM Task Sequence template can be selected from other deployment point types, the task sequence will not finish successfully.
Figure 2. Selecting a task sequence Note
All supported operating systems could have task sequences listed.
1836.On the Specify the product key needed to install this operating system page (shown in Figure 3), in the Product key box, type product_key (where product_key is the product key to be assigned to the target computer), and then click Next (see Table 16). This wizard appears when the conditions in Table 15 are met. Table 15. Specify the Product Key Needed to Install This Operating System Page Conditions Property
Condition
SkipProductKey
Not equal to YES
DeploymentType
Not equal to REPLACE
ImageBuild
The first character in the property is less than 6 (which indicates a Windows Vista or Windows Server 2008 build).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
MSDN 2.0
Figure 3. Specifying a product key Table 16. Windows Vista and Windows Server 2008 Product Key Options Option
Select this option to
No product key is required Assign product keys to target computers using a Key Management Server (KMS) key. Activate the machine with a Multiple Activation Key (MAK)
Assign a Multiple Activation Key (MAK) to the target computer and activate the computer over the Internet. In the Multiple activation key box, type mak (where mak is the MAK to be assigned to the target computer).
Use a specific product key Assign a specific license key for installation or retail activation. In the Product_key box, type product_key (where product_key is the product key to be assigned to the target computer). 1837.On the Choose a migration type page, shown in Figure 4, click one of the options listed in Table 18 based on the environment’s requirements, and then click Next. This wizard appears when the conditions in Table 17 are met.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
23
Table 17. Choose a Migration Type Page Conditions Property
Condition
SkipDeploymentType
Not equal to YES
DeploymentType
Not equal to NEWCOMPUTER or REPLACE or CUSTOM
OSGUID
Not equal to blank Note This wizard page will appear if the selected task sequence is deploying an operating system.
Figure 4. Choosing a migration type
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
MSDN 2.0
Table 18. Migration Type Options Option
Select this option to
Refresh this computer
•
Optionally, save the existing user state migration data.
•
Deploy the desktop standard environment, including operating system and applications.
•
Restore user state migration data on the same computer.
Upgrade this computer
Upgrade the existing computer using the upgrade features supported by the new operating system. Note The upgrade process will fail on target computers that have users logged on using Remote Desktop sessions. Ensure that no users are connected to the target computer by Remote Desktop before initiating the Windows Deployment Wizard.
Note Although it is not a migration scenario, the New Computer scenario can be used to deploy the new operating system to a new computer.
1838.On the Configure the computer name page (shown in Figure 5), in the Computer name box, type computer_name (where computer_name is the computer name to assign to the target computer), and then click Next. This wizard appears when the conditions in Table 19 are met. Table 19. Configure the Computer Name Page Conditions Property
Condition
SkipComputerName
Not equal to YES
DeploymentType
Not equal to NEWCOMPUTER or REPLACE or CUSTOM
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
25
Figure 5. Naming the computer 1839.On the Join the computer to a domain or workgroup page (shown in Figure 6), click one of the options listed in Table 21 based on requirements, and then click Next. This wizard appears when the conditions in Table 20 are met. Table 20. Join the Computer to a Domain or Workgroup Page Conditions Property
Condition
PrePopulateDomainMembership Equal to TRUE SkipDomainMembership
Not equal to YES
DeploymentType
Not equal to REPLACE or UPGRADE
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
MSDN 2.0
Figure 6. Domain or workgroup membership Table 21. Specify Computer Membership Configuration For this option
Perform this task to
Join a domain
Join an existing AD DS domain: 1840.In the Domain box, type domain (where domain is the name of the domain to be joined). 1841.In the User Name box, type user_name (where user_name is the name of a user account that has sufficient permissions to create the computer account in the domain). 1842.In the Password box, type password (where password is the password for the user account specified in the User Name box). 1843.In the Domain box, type domain (where domain is the name of the domain where the user account specified in the User Name box is located). 1844.In the Organizational Unit box, type organizational_unit (where organizational_unit is the name of the organizational unit [OU] in the AD DS domain where the computer account will be created).
Join a workgroup
Join a Windows workgroup. In the Workgroup box, type workgroup (where workgroup is the name of the workgroup to join).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
27
9. On the Specify where to save your data and settings page (shown in Figure 7), click one of the options listed in Table 23 based on requirements, and then click Next. This wizard appears when the conditions in Table 22 are met. Table 22. Specify Where to Save Your Data and Settings Page Conditions Property
Condition
SkipUserData
Not equal to YES
DeploymentType
Not equal to NEWCOMPUTER or REPLACE or CUSTOM
Figure 7. User data settings storage
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
MSDN 2.0
Table 23. User State Backup Options Option
Select this option to
Automatically determine the location
•
Allow the MDT 2008 scripts and process rules to automatically determine the best location based on local available disk space on the target computer.
•
Optionally, select the Allow data and settings to be stored locally when possible check box to give preference to storing the data locally.
Specify a location
Save the user state migration data to a specific location. In the Location box, type location (where location is the fully qualified path to the locations for storing the user state migration data). Note
Do not save data and settings
Alternatively, click Browse to go to the location.
Discard any existing user state migration data or deploy a new computer with no existing data.
1845.On the Specify whether to restore user data page (shown in Figure 8), click one of the options listed in Table 25 based on requirements, and then click Next. This wizard appears when the conditions in Table 24 are met. Table 24. Specify Whether to Restore User Data Page Conditions Property
Condition
SkipUserData
Not equal to YES
DeploymentType
Equal to NEWCOMPUTER
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
29
Figure 8. Restoring user data Table 25. User State Restore Options Option
Select this option if
Do not restore user data and settings
The migration type is New Computer and there is no user state migration data to restore.
Specify a location
The migration type is Replace Computer. In the Location box, type location (where location is the fully qualified path to the location where the user state migration back files are stored).
1846.On the Specify where to save a complete computer backup page (shown in Figure 9), click one of the options listed in Table 27 based on requirements, and then click Next. This wizard appears when the conditions in Table 26 are met. Table 26. Specify Where to Save a Complete Computer Backup Page Conditions Property
Condition
SkipComputerBackup
Not equal to YES
DeploymentType
Equal to REFRESH
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
MSDN 2.0
Figure 9. Saving a computer backup Table 27. Computer Image Backup Options Option
Select this option to
Automatically determine the location
•
Allow the MDT 2008 scripts and process rules to automatically determine the best location based on local available disk space on the target computer.
•
Optionally, select the Allow data and settings to be stored locally when possible check box to give preference to storing the data locally.
Specify a location
Save the computer image backup to a specific location. In the Location box, type location (where location is the fully qualified path to the locations for storing the computer backup).
Do not back up the existing computer
Discard any existing data on the target computer or deploy a new computer with no existing data.
The Windows Deployment Wizard uses the ImageX utility to perform the backup. ImageX is not intended to be used as a part of the overall backup and disaster recovery process. Instead, ImageX is designed to create a backup of the target computer to assist in recovering user state migration information that might not have been captured correctly. Note Windows Complete PC Backup is a feature of Windows Vista only. MDT 2008 uses the ImageX utility during migration because it works on all platforms that MDT 2008 supports. Use the Windows Complete PC Backup for enhanced disaster recovery protection after migration is complete.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
31
1847.On the Specify the product key needed to install this operating system page (shown in Figure 10), in the Product key box, type product_key (where product_key is the product key to be assigned to the target computer), and then click Next. This wizard appears when the conditions in Table 28 are met. Table 28. Specify the Product Key Needed to Install This Operating System Page Conditions Property
Condition
SkipProductKey
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
Figure 10. Specifying a product key 1848.On the Packages page (shown in Figure 11), in the Packages box, click the language pack to be installed, and then click Next. This wizard appears when the conditions in Table 29 are met. Table 29. Packages Page Conditions Property
Condition
SkipPackageDisplay
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
ImageBuild
The first character in the property is equal to 6 (which indicates the Windows Vista build), and there are active packages to display to the user.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
MSDN 2.0
Figure 11. Packages page For Windows Vista Ultimate, Windows Vista Enterprise, and all editions of Windows Server 2008, more than one language can be selected. For all other versions, select only one language. Note In an Upgrade scenario, additional language packs can be included. However, if the languages are not already installed in the earlier version of Windows or Windows PE, some problems in displaying fonts might occur.
1849.On the Locale Selection page (shown in Figure 12), click one of the options listed in Table 31 based on requirements, and then click Next. This wizard appears when the conditions in Table 30 are met. Table 30. Locale Selection Page Conditions Property
Condition
SkipLocaleSelection
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
ImageBuild
The first character in the property is equal to 6 (which indicates the Windows Vista build).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
33
Figure 12. Locale Selection page Table 31. Locale Options In this box
Select
What is your Locale
The default locale for the target operating system.
Keyboard
Keyboard locale to be used with the target operating system.
1850.On the Set the Time Zone page (shown in Figure 13), click the time zone where the target computer is located, and then click Next. This wizard appears when the conditions in Table 32 are met. Table 32. Set the Time Zone Page Conditions Property
Condition
SkipTimeZone
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
MSDN 2.0
Figure 13. Setting the time zone 1851.On the Select one or more applications to install page (shown in Figure 14), select the appropriate applications to deploy, and then click Next. This wizard appears when the conditions in Table 33 are met. Table 33. Select One or More Applications to Install Page Conditions Property
Condition
DeploymentType
Not equal to REPLACE or UPGRADE
SkipAppsOnUpgrade
Not equal to YES
IsThereAtLeastOneApplicationPresent Greater than one SkipApplications
Solution Accelerators
Not equal to YES
microsoft.com/technet/SolutionAccelerators
Template User Instructions
35
Figure 14. Selecting application to install 1852.On the Administrator Password page (shown in Figure 15), in the Administrator Password and Please confirm Administrator Password boxes, type password (where password is the password for the local built-in Administrator account on the target computer), and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
MSDN 2.0
Figure 15. Setting the administrator password This wizard appears when the conditions in Table 34 are met. Table 34. Administrator Password Page Conditions Property
Condition
SkipAdminPassword
Not equal to YES
DeploymentType
Not equal to REPLACE or CUSTOM
1853.On the Specify whether to capture an image page (shown in Figure 16), click one of the options listed in Table 36 based on requirements, and then click Next. This wizard appears when the conditions in Table 35 are met. Table 35. Specify Whether to Capture an Image Page Conditions Property
Condition
SkipCapture
Equal to NO
DeploymentType
Equal to NEWCOMPUTER
JoinDomain
Equal to “”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
37
Figure 16. Capturing an image Table 36. Image Capture Options Option
Select this option to
Capture an image of this reference computer
Run the System Preparation Tool (Sysprep), and then capture an image of the target computer. Then, store the image in the location specified. In the Location box, type location (where location is the fully qualified path to the location for storing the image of the target computer). In the File name box, type file_name (where file_name is the name of the image file).
Prepare to capture the machine
Copy the required Sysprep files to the target computer, but do not initiate Sysprep. Use this option when the Image Capture Wizard in the SMS 2003 OSD Feature Pack will be used.
Do not capture an image of this computer
Deploy the target operating system to the target computer without capturing a Sysprep image of the computer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
MSDN 2.0
1854.On the Specify the BitLocker configuration page (shown in Figure 17), click one of the options listed in Table 38 based on requirements, and then click Next. This wizard appears when the conditions in Table 37 are met. Table 37. Specify the BitLocker Configuration Page Conditions Property
Condition
SkipBitLocker
Not equal to YES
DeploymentType
Equal to REPLACE or CUSTOM
DoCapture
Not equal to YES
ImageBuild
The first character in the property is equal to 6 (which indicates the Windows Vista build)
ImageFlags
Equal to ENTERPRISE or ULTIMATE
Figure 17. Windows BitLocker Drive Encryption configuration
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
39
Table 38. Windows BitLocker Drive Encryption Configuration Options Option
Select this option to
Do not enable BitLocker for this computer
Deploy the new operating system without activating Windows BitLocker™ Drive Encryption.
Enable BitLocker using TPM
Activate Windows BitLocker Drive Encryption and use Trusted Platform Module (TPM) version 1.2 or later. Then, select one of the following options for using TPM:
Enable BitLocker using only an external key Note
•
To use TPM only, click Enable BitLocker using TPM only.
•
To use TPM with a personal identification number (PIN), click Enable BitLocker using TPM and a PIN; and, in the PIN box, type pin (where pin is the BitLocker Drive Encryption PIN for the target computer).
•
To use TPM with a startup key, click Enable BitLocker using TPM and a startup key.
Enable BitLocker Drive Encryption, and use a randomly generated, 48-character external key.
The default setting for Windows BitLocker Drive Encryption is always enabled.
1855.Complete the Specify credentials for connecting to network shares page (shown in Figure 18) based on the information in Table 40, and then click Next. This wizard appears when the conditions in Table 39 are met. Table 39. Specify Credentials for Connecting to Network Shares Page Conditions Property
Condition
UserID_isDirty
Equal to TRUE
UserID
Equal to “”
DeploymentType
Not equal to REPLACE
DeploymentMethod
Not equal to MEDIA
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
MSDN 2.0
Figure 18. Specifying credentials These credentials are used to access network shared folders used during the deployment process. These shared folders include folders used to store user state migration data or image backups of the target computer. Table 40. Credentials Options Option
Type
User Name
user_name (where user_name is the user name of the account that has the appropriate permissions on the network shared folders used by the deployment scripts)
Domain
domain (where domain is the name of the domain where the user account, specified in the User Name box, is located)
Password
password (where password is the password for the user account specified in the User Name box)
1856.Review the information on the Ready to begin page (shown in Figure 19), and then click Begin. The Windows Deployment Wizard finishes, and deployment of the new operating system begins.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Template User Instructions
41
Figure 19. Ready to begin page Note
To expand the details of this deployment, click Details.
Microsoft® Deployment Toolkit 2008 Troubleshooting Reference
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
MSDN 2.0
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference
xliii
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Active Directory, ActiveX, BitLocker, SQL Server, Visual Basic, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion The deployment of operating systems and applications as well as the migration of user state can be a challenging endeavor even when an organization is equipped with appropriate tools and guidance. This reference, which is part of Microsoft® Deployment Toolkit (MDT) 2008, provides information on current known issues, possible workarounds for those issues, and brief troubleshooting guidance. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Kno wn Issues and Wor k-A r ounds This chapter describes known issues that may be encountered while using MDT 2008.
Deployment Workbench The following are possible solutions for issues that may arise with the Deployment Workbench.
Adding Custom Vista WIMs Problem: The following error might be displayed when trying to add a custom Windows Vista Windows Imaging Format (WIM) file to the Deployment Workbench: Error during wizard processing An unexpected error occurred while processing the wizard results. Collection was modified; enumeration operation may not execute. Possible Solution: This issue may be resolved by applying the update mentioned in Microsoft Knowledge Base article 941595 at http://support.microsoft.com/kb/941595.
Removing Operating Systems Problem: If the following steps are performed, a task sequence may become configured to reference an incorrect operating system: 1857.While working in the Operating Systems node of the Deployment Workbench, someone deletes an operating system that is referenced by one or more task sequences. 1858.Someone opens a task sequence that references the deleted operating system, and then clicks the Task Sequence tab. 1859.The Task Sequence Editor parses the TS.xml file and populates the task sequence tree view. If, while parsing the TS.xml file, the Task Sequence Editor cannot match the operating system specified in the Install Operating System task sequence step to one of the operating systems listed in the Operating Systems node of the Deployment Workbench, the Task Sequence Editor updates the Install Operating System task sequence step with the first operating system listed in the Operating Systems node. 1860.If OK or Apply is clicked, the TS.xml file is updated with the incorrect operating system reference.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
For example, two operating systems (Windows XP Professional with Service Pack 2 [SP2] and Windows Server 2003 Enterprise Edition SP2) are listed in the Operating Systems node. A task sequence, named ServerDeploy, has been configured to deploy Windows Server 2003 Enterprise Edition SP2. If the Windows Server 2003 Enterprise Edition SP2 operating system is deleted from the Operating Systems node and someone views the Task Sequence tab of the ServerDeploy task sequence, and then clicks OK or Apply, the ServerDeploy task sequence will now reference the Windows XP with SP2 operating system. Possible Solution: After removing an operating system from the Deployment Workbench, open each task sequence that referenced the operating system that was removed and assign an appropriate operating system to the Install Operating System task sequence step.
Windows Deployment Services Specific files must be copied to Program_files\Bin when adding images from Windows Deployment Services. Scenario 1. Copying from Windows Vista RTM source media: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
Scenario 2. Copying from Windows Server 2008 or Windows Vista SP1 source media: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
•
Wdstptc.dll
Note Program_files in the path listed above is a placeholder that points to the Program Files folder on the computer where MDT 2008 is installed. This is usually C:\Program Files\Microsoft Deployment Toolkit\Bin. Caution When copying the files, the Windows source directory or media that is used must match the platform of the operating system running on the computer where MDT 2008 is installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Unde r stand ing Logs Before effective troubleshooting of MDT 2008 can begin, a clear understanding is required of the many .log files used during an operating system deployment. When it is clear which .log files must be researched for what failure condition and at what time, certain issues that were once mysterious and difficult to understand may become clear and understandable. The MDT 2008 .log file format is designed to be read by Trace32, which is part of the Microsoft Systems Management Server 2003 Toolkit 2 (available for download from http://www.microsoft.com/downloads/details.aspx?FamilyID=61e4e21f-2652-42dd-a04db67f0573751d). This tool should be used whenever possible to read the .log files, because it makes finding errors much easier. The rest of this section details the .log files created during the deployment as well as during Windows Setup. This section also provides examples of when the files can be used for troubleshooting.
MDT 2008 Logs Each MDT 2008 script automatically creates .log files during its execution. The names of these .log files match the name of the script—for example, ZTIGather.wsf creates a .log file named ZTIGather.log. Each script also updates a common master .log file (BDD.log) that aggregates the contents of the .log files that MDT 2008 scripts create. MDT 2008 .log files reside in C:\MININT\SMSOSD\OSDLOGS during the deployment process. Depending on the type of deployment being conducted, the .log files are moved at the completion of the deployment to either %WINDIR%\SMSOSD or %WINDIR%\TEMP\SMSOSD. MDT 2008 creates the following .log files: •
BDD.log. This is the aggregated MDT 2008 .log file that is copied to a network location at the end of the deployment if the SLShare property is specified in the Customsettings.ini file.
•
DeployUpdates_Platform.log. This file is created when deployment points are updated or when updating Windows Preinstallation Environment (Windows PE). Platform represents the platform being updated—either x86 or x64. This .log file is useful when troubleshooting Windows PE driver-integration issues. It resides in the %TEMP% folder.
•
LiteTouch.log. This file is created during Lite Touch Installation (LTI) deployments. It resides in %WINDIR%\Temp\BDDLogs unless the /debug:true option is specified.
•
Scriptname.log. This file is created by each MDT 2008 script. Scriptname represents the name of the script in question.
•
SMSTS.log. This file is created by the Task Sequencer and describes all Task Sequencer transactions. Depending on the deployment scenario, it may reside in %TEMP%, %WINDIR%\System32\ccm\logs, C:\_SMSTaskSequence, or C:\SMSTSLog.
•
Wizard.log. The deployment wizards create and update this file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Understanding Logs
5
•
WPEinit.log. This file is created during the Windows PE initialization process. This .log file is useful for troubleshooting errors encountered while starting Windows PE.
•
ZeroTouchInstallation.log. This file is created during Zero Touch Installation (ZTI) deployments. It may reside in C:\Temp\SMSOSD or C:\SMSOSD unless the C:\MININT\Archive_OSD.SMS file is found.
Operating System Logs Review several Windows Setup .log files during troubleshooting activities.
Windows Vista The following list is a subset of the Windows Setup .log files that are most useful for troubleshooting deployment issues. For more detailed information about Windows Vista Setup .log files, see the Microsoft Help and Support article, “Windows Vista setup log file locations,” at http://support.microsoft.com/kb/927521. •
Netsetup.log. Resides in %WINDIR%\Debug; useful when troubleshooting domain join issues.
•
Setupact.log. Resides in %WINDIR%\panther; lists installation actions and is useful when investigating failed installations.
•
Setupapi.dev.log. Resides in %WINDIR%\inf; useful when investigating failed driver installations.
•
Setuperr.log. Resides in %WINDIR%\panther; details errors that occurred during installation.
Windows XP The following .log files, located in %WINDIR%, are the most useful when troubleshooting Windows XP with SP2: •
Netsetup.log. Resides in %WINDIR%\Debug; useful when troubleshooting domain join issues.
•
Setupact.log. Lists installation actions; useful when investigating failed installations.
•
Setupapi.log. Contains information about hardware detection during the installation; useful for investigating failed driver installations.
•
Setuperr.txt. Contains information about Setup errors during the installation.
•
Setuperr.log. Details errors that occurred during installation.
•
Setuplog.txt. Contains information about Setup actions during the installation.
System Center Configuration Manager Operating System Deployment Logs For information about what operating system deployment .log files Microsoft System Center Configuration Manager 2007 creates, see Log Files for Operating System Deployment at http://technet.microsoft.com/en-us/library/bb932135.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
6
Microsoft Deployment Toolkit 2008
SMS 2003 OSD Feature Pack Logs The following .log files, located in the C:\Minint\SMSOSD\OSDLOGS folder, are created during the deployment phases of the Systems Management Server (SMS) Operating System Deployment (OSD) Feature Pack. After the .log file name is the information contained in the file: •
IDUser.log. Provides information about user notifications.
•
IDUserNotification.log. Provides information about user notifications.
•
MachineState.log. Contains computer state migration information (computer name, IP address, registered owner, and organization).
•
OSDAgent.log. The primary .log file; the first place to look to determine which step failed.
•
OSDBootstrap.log. Contains errors if the Advanced Client Network Access account is not configured correctly.
•
OSDEnv.log. Details which SMS 2003 OSD Feature Pack environment variables are set.
•
OSDInstallWIM.log. Details image-installation options.
•
OSDInstallWizard.log. Details startup operations.
•
OSDLaunch.log. Contains errors if the Advanced Client Network Access account is not configured correctly.
•
OSDShell.log. Details the start of the OSD Install Wizard.
•
OSDSWDProgramExec.log. Details the running of the Run SWD Program actions.
•
OSDUsmtLoadstate.log. Details USMT Restore operations.
•
OSDUsmtScanstate.log. Details USMT Capture operations.
•
ScanState.log. Details USMT Scanstate information.
•
SMSCMT.log. Details Systems Management Server client migration information such as site code and client globally unique identifiers (GUIDs).
•
WinPEInstall.log. Details Windows PE installation information.
Note The C:\Minint folder is lost during the disk partitioning process. To troubleshoot issues that occur before this point, disable the disk partitioning task in the Task Sequencer.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Understanding Logs
7
User State Migration Tool Logs When executing Windows User State Migration Tool (USMT) operations, MDT 2008 automatically adds the logging options to save the USMT .log files to the MDT 2008 .log file locations. The log files and when they are created are as follows: •
USMTEstimate.log. Created when estimating the USMT requirements.
•
USMTCapture.log. Created by the USMT when capturing data.
•
USMTRestore.log. Created by the USMT when restoring data.
The ZeroTouchInstallation.vbs script automatically scans the USMT progress .log files for errors and warnings. During this process, the script writes each error and warning to the ZeroTouchInstallation.log file. (The script writes at least the first 100 errors and warnings while ignoring Failed to locate the file object warnings, because these are too common.) In addition, the script generates event ID 41010 to Microsoft System Center Operations Manager 2007 with the following summary (where
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Iden ti fyi ng Er r or Codes Table 1 lists the error codes that ZeroTouchInstallation.vbs returns as well as a description of each error code. These return codes are recorded in the SMS 2003 OSD Feature Pack .log file (OSDAgent.log), which is stored in one of the following locations: •
If the %TEMP% environment variable is set for the LocalSystem or default user profile, the SMS 2003 OSD Feature Pack .log file is stored in the %WINDIR%\TEMP\SMSOSD folder.
•
Otherwise, the SMS 2003 OSD Feature Pack .log file is stored in the %WINDIR%\SMSOSD folder.
Table 1. ZeroTouchInstallation.vbs Error Codes and Their Description Error code
Description
5000
Windows Script Host (WSH) is not installed.
5001
The version of WSH is prior to version 5.6.
5002
The script was unable to create the WScript.Shell object. This code indicates that WSH is operating improperly and must be reinstalled.
5003
The script was unable to create the WScript.Network object. This code indicates that WSH is operating improperly and must be reinstalled.
5004
The script was unable to create the Scripting.FileSystemObject object. This code indicates that WSH is operating improperly and must be reinstalled.
5005
The script was unable to initialize the WshShell.Environment object. This code indicates that WSH is operating improperly and must be reinstalled.
5006
The script was unable to create the MSXML2.DOMDocument object. This code indicates the Microsoft XML Parser (Microsoft XML Core Services [MSXML]) version 3.0 is operating improperly and must be reinstalled.
Listing 1 provides an excerpt from an SMS 2003 OSD Feature Pack .log file that illustrates how to find the error code in OSDAgent.log. In this excerpt, the error code reported is 5001. Listing 1. Excerpt from an OSDAgent.log File That Contains Error Code 5001 . . .
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Identifying Error Codes
9
component="OSDAgent" context="" type="3" thread="856" file="actionengine.cpp:1567"> . . .
Converting Error Codes Many error codes presented in the .log files seem cryptic and difficult to correlate to an actual error condition. However, the following process demonstrates how to convert an error code and obtain meaningful information that may assist in problem resolution. Problem: An image capture fails with error code 0x80070040. Possible Solution 1: The error code presented is in hexadecimal format that needs to be converted to decimal format. To do this, a scientific calculator is required. The calculator included with Windows operating systems is well suited for this task. Start the Windows Calculator, place it in scientific mode, click the Hex option, and then enter the last four digits of the code, in this case 0040 as shown in Figure 1. Notice in this example that leading zeros are not displayed while the calculator is in Hexadecimal mode.
Figure 1. Error conversion Next, click the Dec option. The hexadecimal value of 40 is converted to a decimal value of 64.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
Finally, start the Windows Command Processor, type NET HELPMSG 64, and press ENTER. The NET HELPMSG command translates the numerical error code into meaningful text. In the case of the error code provided here, it is translated to “The specified network name is no longer available.” This information indicates that a networking problem may exist on the target computer or between the target computer and the server where the deployment point is located. These problems might include network drivers’ not being installed properly or a mismatch in speed and duplex settings. Possible Solution 2: The Microsoft Exchange Server Error Code Look-Up utility is a command-line utility that is valuable in assisting with error code translation. It can be downloaded from http://www.microsoft.com/downloads/details.aspx?familyid=be5968997bb8-4208-b7fc-09e02a13696c.
Review of Sample Logs Failure to Access the Database Problem: An error occurs while executing a deployment that used a CustomSettings.ini file containing numerous sections and specifying, via the Priority property, the priority of each section to be processed. BDD.log contains the following error messages: •
ERROR - Opening Record Set (Error Number = -2147217911) (Error Description: The SELECT permission was denied on the object 'ComputerAdministrators', database 'AdminDB', schema 'dbo'.)
•
ADO error: The SELECT permission was denied on the object 'ComputerAdministrators', database 'AdminDB', schema 'dbo'. (Error #2147217911; Source: Microsoft OLE DB Provider for SQL Server; SQL State: 42000; NativeError: 229
•
ERROR - Unhandled error returned by ZTIGather: Object required (424)
Note For clarity, the .log file contents above have been represented as they appear while being viewed using the Trace32 program.
Possible Solution: The issue, as pointed out on the first line of the .log file sample, is that permission to access the database was denied. Therefore, the script cannot establish a secure connection to the database, because OSDConnectToUNC.exe is not available, nor are a user ID and password available. As a result, the database access was attempted using the computer account. The easiest way to work around this issue is to grant everyone Read access to the database.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Tr oubleshoot ing Prior to embarking on in-depth troubleshooting processes, first verify that the following items have been reviewed and that any associated requirements have been met: •
Installation issues can result if all software and hardware prerequisites have not been met. For these requirements, see the section, “System Requirements,” in the MDT 2008 document, Getting Started Guide.
•
MDT 2008 uses the tools from the Windows XP Deploy.cab file as part of the LTI process. This process uses the System Preparation Tool (Sysprep) to properly prepare the Windows XP master image before capturing the operating system in a WIM file. The Deploy.cab file must be copied into the DistributionShare\Tools\platform folder, where DistributionShare is the name of the share and platform is the name of the platform folder. MDT 2008 will find the Deploy.cab file and extract the necessary files.
Application Installation Blocked Executables Problem: If installation source files are downloaded from the Internet, it is likely that they will be marked with one or more NTFS file system data streams. For more information about NTFS data streams, see File Streams at http://msdn2.microsoft.com/enus/library/aa364404(VS.85).aspx. The existence of NTFS file system data streams might cause an Open File – Security Warning prompt to be displayed. The installation will not proceed until Run is selected on the prompt. As Figure 2 shows, NTFS file system data streams are viewable using the More command and the Streams utility, downloadable from http://technet.microsoft.com/enus/sysinternals/bb897440.aspx.
Figure 2. NTFS data streams Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Possible Solution 1: Right-click the installation source file, select Properties, click the Unblock button, and finally, click OK. This will remove the NTFS file system data streams from the file. This process must be repeated for each installation source file that is blocked by the existence of one or more NTFS file system data streams. Possible Solution 2: Use the Streams utility, as Figure 2 shows, to remove the NTFS file system data streams from the installation source file. The Streams utility is able to remove NTFS file system data streams from one or more files or folders at once.
Lost Network Connections Problem: An installation may fail if it installs device drivers or alters device and network configurations. These changes may result in a lapse in network connectivity which will cause the installation to fail. Possible Solution: Implement the ZTICacheUtil.vbs script to enable download and execute for the installation. This script is designed to tweak the advertisement to enable download and execute. The download uses Background Intelligent Transfer Service (BITS) if the Systems Management Server distribution point (DP) is Web-based Distributed Authoring and Versioning (WebDAV) and BITS-enabled. At the same time, it also modifies the Systems Management Server program to run the ZTICache.vbs script first, which makes sure the program doesn’t delete itself during the deployment process.
The 2007 Microsoft Office System Problem: While deploying the 2007 Microsoft Office system and including an .msp file, the installation may fail with error code 30029. Further investigation in the ZTIApplications.log shows the following messages: •
About to run command: \\Server\Distribution$\Tools\X86\bddrun.exe \\Server\Share\Microsoft\Office\2007\Professional\setup.exe /adminfile \\Server\Share\Microsoft\Office\2007\Professional\file.msp
•
ZTI Heartbeat: command has been running for 12 minutes (process ID 1600) Return code from command = 30029
•
Application Microsoft Office 2007 Professional returned an unexpected return code: 30029
Possible Solution 1: Relocate the .msp file to the Updates directory and run setup.exe without specifying the /adminfile option. For more information about deploying updates during the installation, see “Setup sequence of events in the 2007 Office system” at http://technet2.microsoft.com/Office/en-us/library/97bf0177-9438-4584-b86fe608fc995d971033.mspx and “Deploying the 2007 Office system” at http://technet2.microsoft.com/Office/en-us/library/78ad4dd8-f15e-41a9-8bf192cfeaac47801033.mspx. Possible Solution 2: Verify the .msp file does not have the Suppress modal box selected. For more information about configuring this setting, see the guide, Overview of 2007 Office System Deployment, at http://technet.microsoft.com/enus/library/bb490141.aspx.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
13
BIOS Problem: While deploying to a target computer that is equipped with Intel vPro technology, the deployment may end with a stop error. Even though all updated drivers have been included as out-of-box drivers in the Deployment Workbench, the target computer does not start. Possible Solution: Review the settings in the target computer’s basic input/output system (BIOS) and determine if the default Serial Advanced Technology Attachment (SATA) mode is configured as Advanced Host Controller Interface (AHCI). Unfortunately, certain Windows operating systems do not support AHCI by default.
Database Problems Named Pipe Connections Problem: During the MDT 2008 deployment process, information can be retrieved from Microsoft SQL Server® databases. However, errors might be generated that relate to broken SQL Server connections. These can be caused by not enabling named pipe connections in SQL Server 2005 or SQL Server 2000. Possible Solution: To resolve these problems, enable named pipes in SQL Server. Also, specify the SQLShare property, because it is required when making a connection to an external database using named pipes. When connecting using named pipes, use integrated security to make the connection to the database. In the case of LTI deployments, the user account that an administrator specifies makes the connection to the database. For Zero Touch Installation (ZTI) deployments that use the SMS 2003 OSD Feature Pack or System Center Configuration Manager the network access account connects to the database. Because Windows Preinstallation Environment (Windows PE) has no security context by default, a network connection must be made to the database server to establish a security context for the user who will be making the connection. The network share that the SQLShare property specifies provides administrators a means to connect to the server to gain a proper security context. Administrators must have Read access to the share. When the connection is made, the named pipe connection to the database can then be established. The SQLShare property is not needed and should not be used when making a TCP/IP connection to the database.
Enable Named Pipe Connections in SQL Server 2005 To enable named pipe connections in SQL Server 2005, complete the following steps: 1861.On the computer running SQL Server 2005 that hosts the database to be queried, click Start, and then point to All Programs. Point to Microsoft SQL Server 2005, point to Configuration Tools, and then click SQL Server Surface Area Configuration. 1862.In the SQL Server 2005 Surface Area Configuration dialog box, click Surface Area Configuration for Services and Connections. 1863.In the Surface Area Configuration for Services and Connections – server_name dialog box (where server_name is the name of the computer running SQL Server 2005), in Select a component and then configure its services and connections, expand MSSQLSERVER, expand Database Engine, and then click Remote Connections. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1864.Click Local and remote connections, click Using both TCP/IP and named pipes, and then click Apply. 1865.In the Surface Area Configuration for Services and Connections – server_name dialog box (where server_name is the name of the computer running SQL Server 2005), in Select a component and then configure its services and connections, expand MSSQLSERVER, expand Database Engine, and then click Service. 1866.Click Stop. The MSSQLSERVER service stops. 1867.Click Start. The MSSQLSERVER service starts. 1868.Click OK. 1869.Close SQL Server 2005 Surface Area Configuration. For additional information, see the Microsoft Help and Support article, “How to configure SQL Server 2005 to allow remote connections,” at http://support.microsoft.com/kb/914277.
Enable Named Pipe Connections in SQL Server 2000 To enable named pipe connections in SQL Server 2000, complete the following steps: 1870.On the computer running SQL Server 2000 that hosts the database being queried, click Start, and then point to All Programs. Point to Microsoft SQL Server, and then click Server Network Utility. 1871.In the SQL Server Network Utility dialog box, on the General tab, ensure that Named Pipes is in the Enabled protocols list. If Named Pipes is in the Disabled protocols list, click Named Pipes, click Enable, and then click OK. 1872.Click Start, and then point to All Programs. Point to Microsoft SQL Server, and then click SQL Server Service Manager. 1873.In the SQL Server Service Manager dialog box, in Services, select SQL Server, and then click Stop. 1874.In the SQL Server Service Manager dialog box, click Start. 1875.Close SQL Server Service Manager.
Deployment Scripts Credentials_script Problem: During the last startup of a newly deployed computer, the user is prompted to provide user credentials and may receive error 0x80070035, which indicates the network path was not found. Possible Solution: Be sure that the WIM file does not include a MININT or _SMSTaskSequence folder. To delete these folders, first use the ImageX utility to mount the WIM file, and then delete the folders.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
15
Note If an Access Denied error occurs when attempting to delete the folders from the WIM file, start the Windows Command Interpreter, switch to the root of the image contained in the WIM file, and run RD MININT and RD _SMSTaskSequence.
ZTIWindowsUpdate Problem: If the ZTIWindowsUpdate.wsf script is implemented to apply software updates during deployment, note that this script may communicate directly with the Microsoft Update (MU) Web site to download and install the required Windows Update Agent binaries, scan for applicable software updates, download the binaries for the applicable software updates, and then install the downloaded binaries. This process requires that the organization’s networking infrastructure be configured to allow the target computer to gain access to the MU Web site. If the deployment share does not contain the Windows Update Agent installation files and the target computer does not have appropriate Internet access, the following error is reported in the ZTIWindowsUpdate.log and BDD.log files: “wuredist.cab not found.” Possible Solution: Follow the steps outlined in “ZTIWindowsUpdate.wsf”, located in the Scripts section of the Toolkit Reference.
Deployment Wizard Wizard Pages Are Not Skipped Problem: A wizard page is displayed even though the Deployment Workbench database or CustomSettings.ini file specify that the wizard should be skipped Possible Solution: To properly skip a wizard page, all properties that would be specified on that wizard page must be included, where appropriate, in the Deployment Workbench database or CustomSettings.ini file with appropriate values. If any property is not properly configured for a skipped wizard page, that page will be shown. For more information about what properties are required to ensure a wizard page is skipped, see “Providing Properties for Skipped Windows Deployment Wizard Pages” in the MDT 2008 document, Toolkit Reference.
Disks and Partitioning The sections that follow describe methods for resolving BitLocker™ Drive Encryption– related problems and disk partitioning errors.
BitLocker Drive Encryption Using MDT 2008 LTI deployment to deploy BitLocker Drive Encryption requires specific configuration for proper deployment. The following potential problems may be related to the configuration of the target computer: •
USB devices, CD drives, DVD drives, or other removable media devices on the target computer that appear as multiple drive letters.
•
Shrinking drive C on the target computer to provide sufficient unallocated disk space.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Devices Appear as Multiple Drive Letters Problem: Some devices can appear as multiple logical drive letters, depending on how they are partitioned. In some cases, they can emulate a 1.44-megabyte (MB) floppy disk drive and a memory storage drive. Therefore, the same device may be assigned drive letters A and B for floppy disk emulation and F for the memory storage drive. By default, MDT 2008 scripts use the lowest drive letter (in this example, A). Possible Solution: Override the default setting on the Specify the BitLocker recovery details page in the Windows Deployment Wizard. The Windows Deployment Wizard summary page displays a warning to inform the user which drive letter was selected to store BitLocker Drive Encryption recovery information. In addition, the BDD.log and ZTIBDE.log files record the removable media devices detected and which device was selected to store the BitLocker Drive Encryption recovery information.
Problems with Shrinking Disks Problem: Not enough unallocated disk space exists on the target computer to enable BitLocker Drive Encryption. To deploy BitLocker Drive Encryption on a target computer, at least 2 gigabytes (GB) of unallocated disk space is required to create the system volume. The system volume is the volume that contains the hardware-specific files needed to load Windows computers after the BIOS has booted the platform. Possible Solution 1: On existing computers, shrink drive C so that the system volume can be created. Use the Diskpart tool to shrink drive C. In some instances, though, the Diskpart tool may not be able to shrink drive C sufficiently to provide 2 GB of unallocated disk space. This may be caused by fragmented disk space within drive C. One possible solution to this problem is to defragment drive C. To do so, complete the following steps: 1876.Run the Diskpart shrink querymax command to identify the maximum amount of disk space that can be unallocated. 1877.If the value returned in step 1 is less than 2 GB, clean drive C of any unnecessary files and defragment it. 1878.Run the Diskpart shrink querymax command again to verify that more than 2 GB of disk space can be unallocated. 1879.If the value returned in step 3 is still less than 2 GB, perform one of the following tasks: •
Defragment drive C multiple times to ensure that it is fully optimized.
•
Back up the data on drive C, delete the existing partition, create a new partition, and then restore the data to the new partition. Possible Solution 2: The ZTIBDE.wsf script runs the Disk Preparation Tool (bdehdcfg.exe) and configures the system volume partition size to 2 GB by default. It is possible to customize the ZTIBDE.wsf script to change the default, if necessary. However, modifying the MDT 2008 scripts is not recommended.
Disk Partitioning Errors Problem: When LTI is used to deploy Windows XP on some hardware, the machine halts with a stop error or stops responding while loading Mup.sys after the computer attempts to start into mini-setup. This problem occurs because Windows Vista and Windows PE version 2.0 create disk partitions differently than Windows XP does. This problem occurs only on computers that use certain BIOS firmware. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
17
Possible Solution 1: See the Microsoft Help and Support article, “You cannot install Windows XP successfully after you use Windows Vista or Windows PE 2.0 to create partitions on a hard disk,” at http://support.microsoft.com/kb/931760/en-us, which describes the problem and provides an update for Windows XP that can serve as a workaround for the issue. This problem can also occur because of a hardware abstraction layer (HAL) mismatch between the source computer and the destination computer or may be the result of a missing mass storage driver. Possible Solution 2: Add data and values to the registry of Windows PE version 2.0. These settings change how Windows PE partitions and formats the hard disk before the Windows XP image is applied. Add the following settings to the Windows PE registry to work around the issue: [HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\VDS\ALIGNME NT] "LessThan4GB"=dword:00000000 "Between4_8GB"=dword:00000000 "Between8_32GB"=dword:00000000 "GreaterThan32GB"=dword:00000000 Possible Solution 3: Perform a simple change to the DistributionShare\Scripts\ZTIDiskpart.txt file (where DistributionShare is the name of the appropriate distribution share) that MDT 2008 uses. If the file is changed as follows, Windows PE partitions the drive in such a manner that there is no need for either of the above steps: •
Original ZTIDiskpart.txt file: select disk 0 clean create partition primary assign letter=c: active exit
•
Modified ZTIDiskpart.txt file: select disk 0 clean create partition primary align=16065 assign letter=c: active exit The align=16065 command solves the issue described in the Microsoft Help and Support article referenced above, because it does not create the partition in the area that the BIOS bug associated with some computer systems overrides but rather reduces the disk space by approximately 2 MB.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008
Driver Installation To ensure the best possible user experience, installation of both hardware device and software driver should run as seamlessly as possible, with little or no user intervention. Microsoft provides tools and guidelines to help create installation packages that meet this goal. For general information about driver installation, see Driver Lifecycle at http://www.microsoft.com/whdc/driver/install/default.mspx.
Troubleshooting Device Installation with SetupAPI.log The “Troubleshooting Device Installation with the SetupAPI Log File” white paper that is downloadable from http://www.microsoft.com/whdc/driver/install/setupapilog.mspx provides information about debugging device installation for Windows XP and later versions of the operating system. Specifically, the paper provides guidelines for driver developers and testers to interpret the SetupAPI .log file. Windows XP and later versions log system operations more extensively than previous versions of Windows do. One of the most useful .log files for debugging is the SetupAPI .log file (Setupapi.log). This plain-text file maintains the information that SetupAPI records about device installation, service pack installation, and update installation. Specifically, the file maintains a record of device and driver changes, as well as major system changes, beginning from the most recent Windows installation. This paper focuses on using the SetupAPI .log file to troubleshoot device installation; the paper does not describe the log-file sections that are associated with service pack and update installations. Included in this white paper: •
“How Is the SetupAPI Log File Organized?”
•
“Windows Installation Header Section”
•
“Device-Setup Class Installation Sections”
•
“Driver-Installation Sections”
•
“Device-Removal Sections”
•
“Common Device-Installation Problems”
•
“Appendix A: Setting the SetupAPI Logging Level”
•
“Appendix B: Message Formats”
•
“Appendix C: Section Markers”
•
“Appendix D: Definition of Example Placeholders”
•
“Call to Action and Resources”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
19
Logon Security Banners Problem: MDT 2008 task sequences are processed during an interactive user session. This requires that the target computer be allowed to log on automatically using a specified administrative account. If a Group Policy Object (GPO) is in place that enforces a logon security banner, this automatic logon will not be allowed to process because the security banner halts the logon process while it waits for a user to accept the stated policy. Possible Solution: Be sure that the GPO is applied to specific organizational units (OUs) and not included in the default domain GPO. When computers are added to the domain, specify that they should be added to an OU that is not affected by a GPO that enforces a logon security banner. In the Task Sequence Editor, include as one of the last task sequence steps, a script that relocates the computer account to the desired OU. Note If reusing existing Active Directory® Domain Services (AD DS) accounts, ensure, prior to deploying to the target computer, that the target computer’s account has been relocated to an OU that is not affected by the GPO that enforces the security logon banner.
New Computer Deployments The following sections describe issues related to failed new computer deployments.
Failure to Copy .Log Files to Shared Folders Problem: When using the New Computer or Replace Computer deployment scenarios, a warning message may appear similar to the following, even though the specified share does exist: Warning - Unable to copy local logfile (C:\MININT\SMSOSD\OSDLOGS\ZeroTouchInstallation.log) because \\servername\Logs does not exist. Possible Solution: This message can occur because the SMS 2003 OSD Feature Pack may not have the appropriate credentials to access the \\servername\Logs folder when the \\servername\Logs folder resides on a server other than the distribution point. For more information on providing the appropriate credentials for the different deployment phases, see the MDT 2008 document, Microsoft Deployment Toolkit 2008 Deployment Concepts.
PXE Boot In brief, the Pre-Boot Execution Environment (PXE) protocol operates as follows: The client computer initiates the protocol by broadcasting a Dynamic Host Configuration Protocol (DHCP) Discover packet containing an extension that identifies the request as coming from a client computer that implements the PXE protocol. Assuming that a boot server implementing this extended protocol is available, the boot server sends an offer containing the IP address of the server that will service the client. The client uses Trivial File Transfer Protocol (TFTP) to download the executable file from the boot server. Finally, the client computer initiates execution of the downloaded image.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
The initial phase of this protocol piggybacks on a subset of the DHCP messages to enable the client to discover a boot server (that is, a server that delivers executable files for new computer setup). The client computer may use the opportunity to obtain an IP address (which is the expected behavior) but is not required to do so. The second phase of this protocol takes place between the client computer and a boot server and uses the DHCP message format as a convenient format for communication. This second phase of the protocol is otherwise unrelated to the standard DHCP services. The next few pages outline the step-by-step process during PXE client computer initialization. For more information on troubleshooting PXE boot-related issues in Windows Deployment Services running in Legacy or Mixed mode, see the Microsoft Help and Support article, “Description of PXE Interaction Among PXE Client, DHCP, and RIS Server,” at http://support.microsoft.com/kb/244036.
Disable Windows PE Logging on the Windows Deployment Services Server The first procedure recommended is to make sure that logging to setupapi.log has been disabled. To do so, follow the instructions in the section, “Disable Windows PE Logging on the Windows Deployment Services Server,” in the MDT 2008 document, Preparing for Microsoft Systems Management Server 2003.
Ensure the Proper DHCP Configuration Depending on the router models in use, the specific router configuration of DHCP broadcast forwarding may be supported to either a subnet (or router interface) or a specific host. If the DHCP servers and Windows Deployment Services servers are separate computers, ensure that the routers that forward DHCP broadcasts are designed so that both the DHCP and Windows Deployment Services servers receive the client broadcasts; otherwise, the client computer does not receive a reply to its remote boot request. Is there a router between the client computer and the remote installation server that is not allowing the DHCP-based requests or responses through? When the Windows Deployment Services client computer and the Windows Deployment Services server are on separate subnets, the router between the two systems must be configured to forward DHCP packets to the Windows Deployment Services server. This arrangement is necessary, because Windows Deployment Services client computers discover a Windows Deployment Services server by using a DHCP broadcast message. Without DHCP forwarding set up on a router, the client computers’ DHCP broadcasts do not reach the Windows Deployment Services server. This DHCP forwarding process is sometimes referred to as DHCP Proxy or IP Helper Address in router configuration manuals. Refer to the router instructions for more information about setting up DHCP forwarding on a specific router.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
21
Improve PXE IP Address Assignment Response Time Check the following elements if it is taking a long time (15–20 seconds) for the PXE client computer to get an IP address: •
Are the network adapter on the target computer and the switch or router set to the same speed (automatic, duplex, full, and so on)?
•
Is the IP address for the Windows Deployment Services server in the IP Helper file on the router through which the connection is made? If the list of IP addresses in the IP Helper file is long, can the address for the Windows Deployment Services server be moved near the top?
•
Be sure that Setupapi.log is disabled as described in the section, “Disable Windows PE Logging on the Windows Deployment Services Server,” in Preparing for Microsoft Systems Management Server 2003.
Printers Problem: Even though USMT is able to capture data stored in the registry at HKEY_CURRENT_USER\Printers, it does not migrate TCP/IP based printers. Possible Solution: Include task sequence steps that use the Microsoft Windows Server 2003 Print Migrator 3.1 utility to capture and restore printer configurations. The utility is downloadable from http://www.microsoft.com/WindowsServer2003/techinfo/overview/printmigrator3.1.mspx.
Restarting the Deployment Process Problem: While testing and troubleshooting a new or modified task sequence, it may be necessary to restart the target computer so that the deployment process can start over from the beginning. Unexpected results may occur because MDT 2008 keeps track of its progress by writing data to the hard disk and any restart of the target computer has MDT 2008 resume where it left off at the previous restart. Possible Solution: To allow the deployment process to restart from the beginning, it is necessary, prior to restarting the target computer, to delete the C:\MININT and C:\_SMSTaskSequence folders.
Sysprep Joining a Domain Problem: The target computer is not joined to the domain. Possible Solution 1: If the Sysprep.inf file contains both JoinDomain and JoinWorkgroup entries, the first one encountered takes precedence. Possible Solution 2: Verify that the specified credentials have sufficient rights to join computers to the domain.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
The Computer Account Is In the Wrong OU Problem: The target computer is properly joined to the domain, but the computer account is in the wrong OU. Possible Solution 1: If an account pre-exists for the target computer, the account will remain in its original OU. To move the account to the specified OU, add an additional task sequence step that uses an automation tool, such as a Microsoft Visual Basic® Scripting Edition (VBScript), to move the account. Possible Solution 2: Verify that the specified OU is in the correct format and that it exists. The correct OU format should be OU=Reception,OU=NYC,DC=Woodgrovebank,DC=com
Execution Limit Problem: The following Windows product activation error message is displayed after a master computer has had Sysprep run three times. Error 0x80040605 Re-arming Sysprep is limited to being run three times on an installed operating system. You cannot run Sysprep a fourth time. Note
This limitation does not affect volume licensed media.
Possible Solution 1: Never run Sysprep on the master image. Capture an image of the computer prior to running Sysprep. When the image requires updating, restore the master image, make any required changes, and recapture prior to running Sysprep. Possible Solution 2: When running Sysprep, use the –activated option to avoid resetting activations. For more information, see the Microsoft Help and Support article, “‘Error 0x80040605 Re-arming’ Error Message When You Try to Run Riprep.exe or Sysprep.exe on Windows XP,” at http://support.microsoft.com/kb/308554.
System Center Configuration Manager Problem: The error message shown in Figure 3 displays when attempting to create a System Center Configuration Manager PXE service point using the Create self-signed PXE certificate option. INCLUDEPICTURE "cid:[email protected]" \* MERGEFORMATINET INCLUDEPICTURE "cid:[email protected]"
\* MERGEFORMATINET Figure 3. PXE service point error
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
23
Possible Solution: If a PXE service point previously existed on the server being configured, the uninstallation of the PXE service point may not have deleted the selfcreated certificates. Delete the PXE certificate folder from C:\Documents and Settings\username\Application Data\Microsoft\Crypto\RSA\ where username is the name of the user who is performing the current configuration or who performed the previous configuration. The configuration wizard should successfully complete once the folder is deleted.
Systems Management Server Table 2 lists symptoms that indicate that the ZTI deployment process will fail, the possible problems, and suggested methods for resolving the problem. Table 2. Deployment Symptoms, Possible Problems, and Possible Solutions Related to Systems Management Server Symptoms
Possible problem
Resolutions
Target computers are not receiving the SMS 2003 OSD Feature Pack package advertisements.
Target computers are not included in the appropriate Systems Management Server collection.
Verify that the target computers are in the Systems Management Server collection used during the distribution of the SMS 2003 OSD Feature Pack package.
ZTI scripts do not run properly.
Target computers may not meet the hardware and software requirements.
Review target computer hardware and software requirements in the section, “System Requirements,” in the Getting Started Guide.
Appropriate permissions may not be set on MigData, .log files, or distribution point shares.
Log on as the appropriate account holder, and attempt to access files in the shares.
Updated packages and programs are not appearing on distribution points.
Scheduled distribution of updates to packages and programs may be taking longer than required.
Manually update the distribution points by using Systems Management Server Administrator Console.
Refresh Computer scenarios are incorrectly performed as Replace Computer scenarios.
The OldComputer.tag file exists on a Systems Management Server deployment point, because the OldComputer folder is incorrectly added to one of the SMS 2003 OSD Feature Pack custom action file lists.
Search for OldComputer.tag file on a Systems Management Server deployment point, and delete the file on Systems Management Server packages that are targeted for Refresh Computer scenarios.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Task Sequences Apply Network Settings Problem: When configuring the network connection name in the Deployment Workbench, a validation error is displayed that prompts the user with the following message: “Please enter a valid name for the network adapter.” Possible Resolution: Remove any spaces and invalid characters from the specified connection name.
Upgrading from BDD 2007—Missing Task Sequence Steps After upgrading a Business Desktop Deployment (BDD) 2007 distribution share to MDT 2008, customizations from the BDD 2007 task sequence are identified and moved to the new MDT 2008 task sequence using one of the following scenarios: •
If a custom task sequence step specifies an application that is matched to an application defined in the distribution share and if there is also a match between the command-line sequence of the step and the command-line sequence of the distribution share application, that task sequence step is added to the Custom Tasks group.
•
If a custom task sequence step specifies an application that cannot be matched to an application defined in the distribution share, that task sequence step is added to the Unknown Tasks group, which is disabled. Administrative intervention is required to edit the task sequence and move the step to an appropriate location within the new task sequence.
Note
Any custom task sequence steps that call a ZTI script are ignored.
Note Any custom task sequence steps that are relocated to the Custom Tasks or Unknown Tasks groups in the task sequence are disabled. To continue to use these task sequence steps in MDT 2008, the task sequence steps must be relocated to their proper location in the task sequence and enabled.
Using Continue on Error If a MDT 2008 task sequence is configured not to continue on error and that task sequence returns an error, all remaining task sequences in that task sequence group are skipped. However, the remaining, subsequent task sequence groups are processed. Consider the following. Two task sequence groups have been created, and each group contains more than one task sequence step. Group A Step A Step B Group B Step A Step B If Group A\Step A is configured not to continue on error, then Group A\Step B will not be processed. However, all task sequence steps in Group B will be processed. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
25
User State Migration Tool Missing Desktop Shortcuts Problem: While using USMT to migrate user data, shortcuts that point to network documents may not get restored. The shortcuts are captured during Scanstate; however, they never get restored to the target computer during Loadstate. Possible Resolution: Edit the MigUser.xml and comment out the following line as shown below: Original:
USMT-Related Errors During Deployment— Error 1618 Problem: While deploying a Windows XP image that was created by the SMS 2003 OSD Feature Pack with MDT 2008 installed, the following error messages may be logged during the State Restore phase when USMT is being installed: •
USMT installer found at \\Server\Packages$\SMSPKG\E000019B\InstallUSMT301_X86.msi. ZTIUserState 18/01/2008 16:00:12 0 (0x0000)
•
About to run command: msiexec.exe /I "\\Server\Packages$\SMSPKG\E000019B\InstallUSMT301_X86.msi" /quiet /passive /norestart ZTIUserState 18/01/2008 16:00:12 0 (0x0000)
•
Return code from command = 1618 16:00:15 0 (0x0000)
•
Non-zero return code from USMT 3.0.1 installation command, rc = 1618 ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
•
FindFile: The file USMT30_X86.cab could not be found in any standard locations. ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
•
ERROR: Unable to find USMT30_X86.cab file so it is not possible to install USMT 3.0, aborting ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
•
ERROR - Unable to install USMT 3.0 to restore user state. ZTIUserState 18/01/2008 16:00:15 0 (0x0000)
ZTIUserState
18/01/2008
The last three lines of the .log file are an attempt at recovering from the initial behavior— the MDT 2008 scripts have logic that attempts to install USMT by extracting the bits from a .cab file, but only after the initial Windows Installer–based installation fails.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
The problem is a result of a previous task sequence step in the deployment process. The 1618 message translates to, “Another installation is already in progress. Complete that installation before proceeding with this install.” This is probably the result of an incorrect command that caused execution of subsequent task sequence steps to immediately continue even though the installation was just starting. Possible Resolution A: Check the event log to see what other installations were initiated at or near the time as the USMT installation, and verify that the commands for those installations are appropriate. Possible Resolution B: This problem could be avoided by creating a USMT .cab file, but it’s likely other issues will be encountered if the cause of the original error is not corrected. Due to a bug in the Windows Vista installation program, Wusa.exe (used to install MSU files), USMT would not install quietly using the standard /quiet option. This resulted in a workaround implemented in the ZTIUserState.wsf script. The following steps should be repeated for the x86 and x64 versions of USMT to repackage the USMT files into .cab files from which MDT 2008 can extract USMT to the target computer during deployment: 1880.Manually install the x86 or x64 version of USMT, whichever is applicable to the environment, on a computer running Windows XP or Windows Vista. 1881.Copy C:\Program Files\Microsoft Deployment Toolkit\Samples\USMT30_platform.ddf, where platform is either x86 or x64, from a computer on which MDT 2008 is installed. If USMT is installed in a location other than the default (C:\Program Files\USMT301), edit USMT30_platform.ddf to indicate the correct path to the USMT program folder. 1882.Run the command Makecab /F USMT30_platform.ddf; then, copy the newly created .cab file (USMT30_platform.cab) to the \Tools\platform folder in the MDT 2008 distribution share. Possible Resolution C: An update is available for Windows Vista which may fix the USMT installation problem. If this update is included in the Windows Vista image, the steps outlined in “Possible Resolution B” in this section may not have to be performed. For more information about the update, see the Microsoft Help and Support article, “When you run Wusa.exe together with the /quiet option to try to install certain software packages on a Windows Vista-based computer, the installation fails,” at http://support.microsoft.com/kb/929761.
Windows Imaging Format (WIM) Files Corrupt WIM File Problem: When deploying an image, the deployment fails with the following entries in the BDD .log file: •
The image \\Server\Distribution$\Operating Systems\Windows XP SP2\version1.wim was not applied successfully by ImageX, rc = 2
•
LTIApply COMPLETED.
•
ZTI ERROR - Non-zero return code by LTIApply, rc = 2
Solution Accelerators
Return Value = 2
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Troubleshooting
27
Attempting to investigate the issue by mounting the WIM file using ImageX results in an error description stating, “The data is invalid.” Further investigation shows that the date stamp of the WIM file is many years before the current date. It is possible that another process, such as a virus scanner, was holding the WIM file open after it was previously closed at the conclusion of a read/write process. Possible Solution: The WIM file must be restored from backup media.
Windows PE Discussed next are a few common problems that users experience when configuring Windows PE.
Deployment Process Not Initiated—Limited RAM Problem: When deploying to certain target computers, Windows PE starts up, runs wpeinit, goes to the Windows Command Interpreter, but does not actually start the deployment process. Attempting to troubleshoot by mapping a network drive from the target computer indicates that the network adapter drivers are not loaded. Possible Resolution 1: The deployment wizard isn’t starting because there isn’t enough random access memory (RAM). Verify that the target computer has at least 512 MB of RAM and that any shared video memory doesn't consume more than 64 MB of the 512 MB. Windows PE 2.0 is unable to run on a target computer that has less than 512 MB of RAM. Also, due to the nature of Lite Touch in MDT 2008, Lite Touch will not run with Windows PE 2005. However, the SMS 2003 OSD Feature Pack could be used with Windows PE 2005, because it will work with 256 MB of RAM. Possible Resolution 2: Be sure that that wireless drivers have been not included in the Windows PE image.
Deployment Process Not Initiated—Missing Components Problem: When troubleshooting a failed deployment, a review of the BDD .log file lists the following entry: ERROR - Unable to create ADODB.Connection object, impossible to query SQL Server: ActiveX component can't create object (429).
Possible Resolution: This may indicate that the Windows PE image was not created by MDT 2008. If using System Center Configuration Manager, do not choose to use one of the existing Windows PE images that were created by System Center Configuration Manager, but instead, create one by using the Import Microsoft Deployment Task Sequence wizard. Note The Windows PE images created by System Center Configuration Manager contain components that support scripting, XML, and Windows Management Instrumentation (WMI), but they do not contain components that support Microsoft ActiveX® Data Objects (ADO).
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Deployment Process Not Initiated—Missing or Incorrect Drivers Problem: When deploying to certain target computers, Windows PE starts up, runs wpeinit, goes to the Windows Command Interpreter, but does not actually start the deployment process. Attempting to troubleshoot by mapping a network drive from the target computer indicates that the network adapter drivers are not loaded. A review of the SetupAPI .log file located in X:\Windows\System32\Inf indicates that Windows PE generates errors when it is configuring the network adapter. One of the errors said, "This driver is not meant for this platform." The drivers in the out-of-box drivers list have been injected into the image. Possible Solution: It is possible that Windows PE is having a driver conflict with another driver. When configuring the settings for the Windows PE image in the Deployment Workbench, create a Windows PE drivers group that contains only network adapter and storage drivers, and configure the deployment point to use only the Windows PE driver group. If both Windows XP and Windows Vista drivers have been included, just add the driver for Windows Vista into the Windows PE drivers group.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Dep lo yment Pr ocess Flo w Cha r ts In this chapter, two sets of flow charts are provided for MDT 2008: LTI/ZTI with SMS 2003 OSD Feature Pack and ZTI with System Center Configuration Manager. Each deployment phase has a corresponding set of flow charts that provide a pictorial representation of the tasks executed during deployment.
LTI/ZTI with SMS 2003 OSD Feature Pack Flow charts are provided for the following phases: •
Validation (Figure 4)
•
State Capture (Figure 5 and Figure 6)
•
Preinstall (Figure 7, Figure 8, and Figure 9)
•
Install (Figure 10)
•
Postinstall (Figure 11 and Figure 12)
•
State Restore (Figure 13, Figure 14, Figure 15, and Figure 16)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit Reference 2008
Figure 4. Flow chart for the Validation Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
31
Figure 5. Flow chart for the State Capture Phase (1 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment Toolkit Reference 2008
Figure 6. Flow chart for the State Capture Phase (2 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
33
Figure 7. Flow chart for the Preinstall Phase (1 of 3)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment Toolkit Reference 2008
Figure 8. Flow chart for the Preinstall Phase (2 of 3)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
35
Figure 9. Flow chart for the Preinstall Phase (3 of 3) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment Toolkit Reference 2008
Figure 10. Flow chart for the Install Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
37
Figure 11. Flow chart for the Postinstall Phase (1 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
38
Microsoft Deployment Toolkit Reference 2008
Figure 12. Flow chart for the Postinstall Phase (2 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
39
Figure 13. Flow chart for the State Restore Phase (1 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
40
Microsoft Deployment Toolkit Reference 2008
Figure 14. Flow chart for the State Restore Phase (2 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
41
Figure 15. Flow chart for the State Restore Phase (3 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
42
Microsoft Deployment Toolkit Reference 2008
Figure 16. Flow chart for the State Restore Phase (4 of 4)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
43
ZTI with System Center Configuration Manager Flow charts are provided for the following phases: •
Initialization (Figure 17)
•
Validation (Figure 18)
•
State Capture (Figure 19)
•
Preinstall (Figure 20)
•
Install (Figure 21)
•
Postinstall (Figure 22)
•
State Restore (Figure 23 and Figure 24)
•
Capture (Figure 25)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
44
Microsoft Deployment Toolkit Reference 2008
Figure 17. Flow chart for the Initialization Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
45
Figure 18. Flow chart for the Validation Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
46
Microsoft Deployment Toolkit Reference 2008
Figure 19. Flow chart for the State Capture Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
47
Figure 20. Flow chart for the Preinstall Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
48
Microsoft Deployment Toolkit Reference 2008
Figure 21. Flow chart for the Install Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
49
Figure 22. Flow chart for the Postinstall Phase Solution Accelerators
microsoft.com/technet/SolutionAccelerators
50
Microsoft Deployment Toolkit Reference 2008
Figure 23. Flow chart for the State Restore Phase (1 of 2) Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Troubleshooting Reference: Deployment Process Flow Charts
51
Figure 24. Flow chart for the State Restore Phase (2 of 2)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
52
Microsoft Deployment Toolkit Reference 2008
Figure 25. Flow chart for the Capture Phase
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Find ing A ddit iona l H el p Microsoft Services Premier Support The MDT 2008 team has received a number of e-mail messages and questions about how to receive support from Premier Support for MDT 2008. Several individuals have been routed to the incorrect support queue while trying to receive support for MDT 2008. We apologize for their frustration and inconvenience. To be routed to the correct support queue, call Premier Support at 1-800-936-3500, or go online to http://www.microsoft.com/services/microsoftservices/srv_premier.mspx. Note When seeking support, clearly state that there is a Business Desktop Deployment/Microsoft Deployment Toolkit issue. Mentioning “deployment” in general may result in routing to the incorrect queue. Note Please note that support for MDT 2008 is done on via callback with response times generally ranging between 1 and 4 hours depending on the severity of the issue and other issues in the queue.
Internet-Based Support Many online sources are available that provide additional troubleshooting assistance for MDT 2008 beyond what is covered in this reference. These online sources include: •
•
Microsoft-hosted blogs: •
MDT 2008 Team blog at http://blogs.technet.com/msdeployment/default.aspx
•
Deployment Guys blog at http://blogs.technet.com/deploymentguys/
•
Ben Hunter’s blog at http://blogs.technet.com/benhunter/default.aspx (Ben Hunter is a consultant with Microsoft Services-New Zealand.)
•
Michael Niehaus’ blog at http://blogs.technet.com/mniehaus/default.aspx (Michael Niehaus writes on Windows and Microsoft Office deployment.)
•
Richard Smith’s blog at http://blogs.technet.com/richardsmith/default.aspx (Richard Smith is a consultant with Microsoft Services–United Kingdom.)
Microsoft-hosted newsgroups: The following newsgroups are available with support from Microsoft employees, industry peers, and Microsoft Valued Professionals (MVPs): •
microsoft.public.deployment.desktop at news://msnews.microsoft.com/microsoft.public.deployment.desktop
•
microsoft.public.sms.tools at news://msnews.microsoft.com/microsoft.public.sms.tools
•
microsoft.public.office.setup at news://msnews.microsoft.com/microsoft.public.office.setup
•
microsoft.public.usmt at news://msnews.microsoft.com/microsoft.public.usmt
54
•
MSDN 2.0
•
microsoft.public.deployment.app_compatibility at news://msnews.microsoft.com/microsoft.public.deployment.app_compatibility
•
microsoft.public.windows.app_compatibility at news://msnews.microsoft.com/microsoft.public.app_compatibility
•
TechNet forum: Windows Vista Deployment and Imaging at http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=721&SiteID=17
Deployment-related information sources from outside Microsoft: •
DeploymentForum.com at http://www.deploymentforum.com
•
DeployVista.com at http://www.deployvista.com
•
myITforum.com at http://www.myitforum.com
Microsoft® Deployment Toolkit 2008 User State Migration Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: Contents
lv
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, Internet Explorer, Outlook, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This document describes how to save and retrieve user preferences during deployments using the Windows® User State Migration Tool (USMT). This guide is intended to serve as part of Microsoft® Deployment Toolkit (MDT) 2008. Note In this document, Windows applies to the Windows Vista®, Windows XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
US MT Usa ge Scenario s A distinction exists between how USMT is used during deployment and the development of the control files used during the deployment. This section discusses two example scenarios of how the USMT can be used during the deployment process. In the first scenario, an administrator runs a deployment wizard on a client computer scheduled for migration. The wizard collects information about the user and the user’s computer. The wizard then runs the Scanstate.exe tool in USMT to copy the user’s documents and settings from the computer to a temporary user state store file. The deployment process installs a new Windows Vista operating system image on the computer, and then runs the Loadstate.exe tool in USMT to copy the user’s documents and settings from the server onto the new computer. An example of this scenario is the Windows Deployment Wizard in a Lite Touch Installation (LTI) deployment. In the second scenario, a software-distribution tool runs the Scanstate.exe tool to run a fully unattended sequence of programs to save user state for multiple user profiles, and then installs a new operating system image, installs application packages, and finally runs the Loadstate.exe tool to restore user state, making the computer ready for the user. An example of this scenario is deployment performed by Microsoft System Center Configuration Manager 2007 and MDT 2008. This guide does not detail the usage of USMT described in the second scenario. See the USMT version 3.0.1 Help file for a complete description of this process. This guide does, however, address why and how to alter the control files that direct the behavior of USMT during the execution. Read the appendices of this document for detailed information on creating control files and running USMT. Before using USMT to capture and restore user state, make the USMT files available to the deployment tools. For information regarding how to make the USMT files available for MDT 2008 deployments by using LTI and Microsoft Systems Management Server (SMS) 2003, see “Appendix B: Preparing the MDT 2008 Distribution Share,” later in this guide. For information on how to make the USMT files available to System Center Configuration Manager, see “Create New Task Sequences Using the Import Wizard” in the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide.
System Center Configuration Manager State Capture System Center Configuration Manager also captures user state. Within System Center Configuration Manager, the Request State Store task automatically determines the space requirements and whether the computer on which state is captured can hold the information for reinsertion or whether the data needs to be placed on the share defined for user state within System Center Configuration Manager. User state capture is supported only on non-server Microsoft operating systems.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: USMT Usage Scenarios
3
The state can be captured when creating task sequences within System Center Configuration Manager. When capturing state, USMT version 3.0.1 must be installed on the computer running System Center Configuration Manager. System Center Configuration Manager must be configured as a migration point for the process to finish successfully. For more information on capturing state, see the MDT 2008 document, Microsoft System Center Configuration Manager 2007 Imaging Guide, especially the section on creating task sequences. For additional information on making System Center Configuration Manager a migration point, see Configuration Manager Documentation Library at http://technet.microsoft.com/en-us/library/bb680651.aspx.
Identify Operating System Settings When planning a migration, carefully consider which operating system settings to migrate. Several key elements to consider are: •
Appearance. Includes items such as wallpaper, colors, sounds, and the location of the taskbar
•
Action. Includes items such as key repeat rate, whether double-clicking a folder opens it in a new window or in the same window, and whether users must click or double-click an item to open it
•
Internet. Includes Internet connection settings and controls how the browser operates; additional items include home page, favorites or bookmarks, cookies, security settings, and proxy settings
•
Mail. Includes the information required to connect to mail servers, signature files, views, mail rules, local mail, and contact lists
Consider any previous migration experience in addition to the results of any surveys conducted and tests that have been completed. Also take into consideration elements that could eliminate or reduce help desk calls that result from the deployment. Note Do not migrate settings that Group Policy objects (GPOs) control. These settings have no effect on the client computer and only waste time and space during the migration.
USMT Components USMT consists of the following major components: •
Scanstate. The tool used to collect system state from the source computer
•
Loadstate. The tool used to install user state on the destination computer
•
XML control files. Files that control the USMT migration process
•
Component manifests. Files that maintain lists of Windows Vista system configuration settings and data
•
Downlevel manifests. Manifest files that list and locate settings and data for earlier versions of the Windows operating system (Windows XP and Microsoft Windows 2000)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
4
Microsoft Deployment Toolkit 2008
Scanstate During the USMT execution process, Scanstate.exe creates the USMT3.mig file in the default store directory (or any directory defined by command-line settings). Scanstate uses the following components: •
Scanstate.exe. This executable file runs on the source computer to capture user settings and files. A user can run Scanstate.exe to capture the settings stored in the registry and the files to which the user has permission. Alternatively, users can run Scanstate.exe in the Local System or Local Administrator security context, which permits unattended operation and capture of multiple user profiles. MDT 2008 scripts call Scanstate.exe during the deployment process.
•
MigSys.xml. When migrating from a source computer running Windows XP, this file controls which operating system and browser settings to migrate. Users can customize this file for specific needs.
•
MigApp.xml. This file controls which application settings are migrated from the source computer. Users can customize this file for specific needs.
•
MigUser.xml. This file controls which user folders, files, and file types to migrate from the source computer. Users can customize this file for specific needs. Note MDT 2008 uses generic versions of the preceding three common control files. If these files must be customized, replace the default versions or configure CustomSettings.ini (located in the Control folder) to specify the custom versions.
•
Config.xml. Create this file using the /genconfig option in the Scanstate commandline tool. This file contains all settings defined by component manifests in Windows Vista or by downlevel manifests (these terms are described in the sections “Component Manifests” and “Downlevel Manifests” later in this guide) included with USMT version 3.0.1. Specify this file in the Scanstate command-line tool. Note MDT 2008 does not currently use Config.xml, but the file can be called manually by specifying it in CustomSettings.ini.
For detailed instructions on preparing a Config.xml file, see the section, “Appendix A: Converting Control Files from Earlier Versions of USMT,” later in this guide. •
Custom.xml. A custom control file can be created to define custom rules for unique migration needs. For example, this file can contain information for migrating a custom business application. Multiple custom control files can be defined. Modify USMTMigFiles in CustomSettings.ini to call Custom.xml control files. Note For additional information on Scanstate syntax, refer to the USMT Help file (USMT.chm) located in the USMT installation directory.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: USMT Usage Scenarios
5
Loadstate Loadstate is the command-line tool that restores data to one or more user profiles. Loadstate runs in the context of an account with Administrator privileges and loads the users’ profiles before they log on for the first time. Note Loadstate requires network connectivity to a domain controller for a user’s domain to determine the security identifier (SID) of the destination profile.
Loadstate consists of the following components: •
MigSys.xml. When migrating to a Windows XP destination computer, this file controls which operating system and browser settings to migrate. This file can be customized for specific needs.
•
MigApp.xml. This file controls which application settings are migrated to the destination computer. This file can be customized for specific needs.
•
MigUser.xml. This file controls which user folders, files, and file types to migrate to the destination computer. This file can be customized for specific needs. Note MDT 2008 uses generic versions of the preceding three common control files. If these files must be customized, the default versions can be replaced or CustomSettings.ini (located in the Control folder) can be configured to specify the custom versions.
•
Custom.xml. A custom control file can be created to define custom rules for unique migration needs. For example, this file can contain information for migrating a custom business application. Multiple custom control files can be defined. Modify CustomSettings.ini to call Custom.xml control files. For details on creating a Custom.xml file, see the section, “Appendix A: Converting Control Files from Earlier Versions of USMT,” later in this guide.
•
Config.xml. Config.xml should not be specified during Loadstate unless only a subset of the settings and data from the Scanstate file are being migrated. Specify this file on the USMTMigFiles item in CustomSettings.ini. Note For information on Loadstate syntax, refer to the USMT Help file (USMT.chm) located in the USMT installation directory.
Component Manifests Component manifests are files that list settings and data important to components of Windows Vista. Scanstate reads this information during execution, creating a dynamic list of Windows Vista components, settings, and data to migrate. When Scanstate is run with the /genconfig option, it constructs a Config.xml file from information obtained in component manifests that are used to customize data collected. A collection run without a custom Config.xml collects all data that the component manifests, which cannot be modified, specify. Loadstate does not use component manifests when the destination system is running Windows XP.
Downlevel Manifests USMT includes a collection of manifests designed to act as component manifests when used to migrate user state from earlier versions of the Windows operating system. When migrating settings and data to a Windows Vista system from Windows XP or Windows 2000, these downlevel manifests determine which data to collect. Loadstate does not use downlevel manifests when the destination computer is running Windows Vista. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Tec hnica l Cons ider ations Technical considerations when planning to use USMT include: •
USMT supports migration from local user accounts and from computers that are members of workgroups. Use the /mu and /md options to migrate workgroup computers and local user accounts.
•
USMT migrates user state information only for computers on a Microsoft network. However, by modifying the destination computer user name and domain, USMT can support migration from Novell networks to Windows networks. Use the /mu and /md options to migrate computers on Novell networks.
•
USMT migrates file permissions. A domain controller must be available, and the local Administrator account (or its equivalent) must be used at the destination computer to facilitate setting appropriate access control entries.
•
USMT does not migrate passwords stored on the computer for applications such as the Microsoft Outlook® Express messaging client, Windows Internet Explorer®, and mapped network drives.
•
USMT does not migrate drivers—except for print drivers, which the USMT attempts to migrate if driver support is available on the Windows installation CD. Drivers can be specified in the distribution library. See the MDT 2008 document, Workbench Imaging Guide, for more information.
•
USMT can migrate application settings but not the applications themselves. Applications must be reinstalled on the destination computers. Note See the USMT release notes for more information about applications that must be installed before loading user state information.
•
USMT supports the migration of multiuser computers. When a single computer has multiple profiles, each with unique user data, USMT can capture all user states during a one-time Scanstate execution—including both domain and local users. For more information about how to migrate computer systems with many users, see “Migrate Data on Computers with Multiple Users” in the USMT product documentation.
•
Encrypting File Service (EFS) certificates can be migrated to Windows Vista automatically using the /efs:copyraw option. EFS certificates must be migrated to Windows XP computers manually. See the USMT product documentation in the USMT.chm file located in the USMT installation directory for use details.
•
USMT includes options to prevent migration of old profiles and to migrate specific profiles using command-line options.
•
USMT is available to use within the operating system. USMT does not have to be installed on the Components node; rather, the USMT301_platform.msi file (where platform is either x86 for 32-bit, or x64 for 64-bit) can be made available in the \Distribution\tools\platform directory.
Note Sometimes, issues exist with installation of the .msi file in Windows Vista. To correct the issues, see the information in the Microsoft Help and Support article, “When you run Wusa.exe together with the /quiet option to try to install certain software packages on a Windows Vistabased computer, the installation fails,” at http://support.microsoft.com/kb/929761/en-us. In addition, see the MDT 2008 document, Troubleshooting Reference, for information describing the creation of the USMT301_platform.cab file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix A: Co nver ting C on tr ol Fi les fr om Ear li er Ver sions of US MT Earlier versions of USMT used .inf files to control the collection and migration of documents and settings. Many organizations have spent time and resources creating migrations based on this technology. While there are significant differences between the two control file formats, an understanding of how each format controls USMT can allow developers to create XML files that closely replicate the effects of the former migration process.
USMT .Inf File Format Developers of legacy .inf files should already be familiar with the format and function of the commands in these files. Following is a brief overview of .inf file sections and syntax.
Sections of a USMT .Inf File USMT .inf files are segmented based on the type of migration being performed. Following are examples of the resulting sections: •
[Applications]. The [Applications] section defines application settings that USMT will migrate.
•
[System Settings]. The [System Settings] section migrates system configuration settings such as fonts and accessibility.
•
[User Settings]. This section migrates user preferences, such as desktop configuration, screen saver settings, and favorites.
•
[Files and Folders]. This section migrates files and folders. Migrations can be specified for individual files and folders and for files and folders based on pattern or file extension.
See the Help file in the earlier version of USMT for a complete listing of .inf file sections.
USMT .Inf File Syntax USMT .inf files use commands to control USMT operation. Examples of these commands are listed in this section. Examples of .inf command syntax follow each command.
[CopyFiles] The CopyFiles command specifies files that the migration must copy. The syntax for this command is: Path\FileName.ext, NewRootPath
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
Wild cards can be used in addition to environment variables. To migrate .doc files from the My Documents folder to the same folder on the new system, use the syntax: [Copy This State] CopyFiles=WordDocs [WordDocs] %CSIDL_PERSONAL%\*\*.doc, %CSIDL_PERSONAL%
[CopyFilesFiltered] This command copies only files that are relevant to the new system. For example, if program shortcuts are being copied to the desktop of a new system and a link points to a file that will not be migrated, CopyFilesFiltered does not copy the associated .lnk file. Following is an example of the CopyFilesFiltered syntax: [Copy This State] CopyFiles=Shortcuts [Shortcuts] %CSIDL_DESKTOP%\*.lnk, %CSIDL_DESKTOP% Note The CopyFilesFiltered command performs this filtering action during Loadstate.exe execution.
[AddReg] The syntax for the AddReg command is: RegRoot\RegKey\RegSubKey [RegValue] This command migrates registry entries on the destination computer according to the syntax of the command. To migrate an entry that runs Notepad automatically on startup, use the syntax: [Copy This User State] AddReg=RunNotepad AddReg [RunNotepad AddReg] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Notepad.exe C:\Windows\system32\notepad.exe Note
The specified registry key must exist in the source system to be successfully migrated.
[DelReg] The syntax for the DelReg command is: RegRoot\RegKey\RegSubKey [RegValue] This command removes registry entries on the destination computer according to the syntax of the command. To create an entry to remove the AddReg example in the previous section, use the syntax: [Copy This User State] DelReg=RunNotepad DelReg [RunNotepad DelReg] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Notepad.exe C:\Windows\system32\notepad.exe Note This command does not actively delete the defined registry key; it merely excludes it from the migration.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: Appendix A
9
The USMT Help file defines many more commands. See the Help file in the earlier version of USMT for a complete listing.
Find Equivalent Settings in XML The XML language format differs dramatically from the section-based formatting of .inf files. XML file sections are defined by the tags
[CopyFiles] The following example migrates all .doc files from the My Documents folder on one system to the My Documents folder on another:
[CopyFilesFiltered] Files can be filtered by first attempting to detect the condition under which the file would be migrated. If the condition is detected, then the subsequent migration actions would occur; otherwise, Loadstate.exe would ignore the subsequent child statements.
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
[AddReg] The following XML code migrates a specific registry setting: <migration urlid="http://www.microsoft.com/migration/1.0/migxmlext/test">
[DelReg] The following example replicates the DelReg action of the .inf file referenced in the previous section. (Note the <exclude>… pair.) <migration urlid="http://www.microsoft.com/migration/1.0/migxmlext/test">
microsoft.com/technet/SolutionAccelerators
User State Migration Guide: Appendix A
11
Create a Complete Migration in XML A substantial amount of XML code would need to be written to create a complete conversion. It is important, therefore, to attempt to migrate most settings using the included XML control files. When this migration is complete, create a Custom.xml file for the remaining elements that must be migrated. The finished product might be executed with a command similar to the following: Scanstate /config:Migration.xml /i:Migapp.xml /i:MigUser.xml /i:CustMigration.xml /l:Migration.log /v:15
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
A ppendix B: Pr epar ing the MDT 2008 Dis tr ibu tion Shar e This appendix describes the process required to prepare the distribution folder on the computer running MDT 2008 for USMT operation.
Prepare the USMT Component in the Distribution Folder MDT 2008 simplifies the process for installing any components that MDT 2008 requires. MDT 2008 requires USMT for the Replace Computer and Refresh Computer deployment scenarios. During deployment, when running the Capture User State and Restore User State task sequences, MDT 2008 automatically copies the required USMT installation files from the distribution share to the destination computer. Follow these steps to ensure that the distribution share contains the required USMT installation files. To prepare the USMT component with Internet connectivity Note If the computer running MDT 2008 has Internet connectivity, Deployment Workbench can automatically download the USMT installation files.
1883.Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. 1884.In the Deployment Workbench console tree, go to Deployment Workbench/Information Center, and then click Components. 1885.In the details pane, in the Available for Download section, click User State Migration Tool 3.0.1 (x86) (for 32-bit operating systems) or User State Migration Tool 3.0.1 (x64) (for 64-bit operating systems). 1886.In the details pane, click Download. After downloading the USMT, Deployment Workbench copies the USMT .msi files to the distribution\Tools\platform folder (where distribution is the distribution folder that was created while preparing the deployment environment and platform is the processor architecture, which is either x86 or x64).
Template User Instructions
13
To prepare the USMT component without Internet connectivity Note If the computer running MDT 2008 does not have Internet connectivity, download USMT from another computer.
1887.Using another computer, download the USMT installation files from Microsoft Download Center at http://www.microsoft.com/downloadS/details.aspx?familyid=799AB28C-691B-4B36B7AD-6C604BE4C595. 1888.Copy the USMT installation files (InstallUSMT301_x86.msi for 32-bit operating systems or InstallUSMT301_x64.msi for 64-bit operating systems) to the computer running MDT 2008, and then place them in the distribution\Tools\platform folder (where distribution is the distribution folder that was created while preparing the deployment environment and platform is the processor architecture, which is either x86 or x64).
Locate the Store Files Create a share on a server designated during the planning process for holding the USMT store files. MDT 2008 uses values found in CustomSettings.ini to locate the user state store folder. Configure the CustomSettings.ini properties detailed in Table 1. Table 1. CustomSettings.ini Properties Property
Controls
UDShare
Network share for user store
UDDir
User store folder
UserDataLocation
User store location selection
UDProfiles
Which user profiles will be migrated
Note DVD-RW discs and local store files can also be used during a user state migration by not setting the UserDataLocation value. The Windows Deployment Wizard will ask for the user data location. See the MDT 2008 document, Toolkit Reference, for more details on configuration settings.
Place the XML Control Files USMT uses the default versions of the migration XML files unless the path to the custom XML files is indicated. Place the path to custom XML files in the CustomSettings.ini file in the Control folder of the MDT 2008 distribution share. Inserting a line for USMTMigFiles causes MDT 2008 to use the listed files from migration control. Use the following format for this line: USMTMigFiles1=MigApp.xml USMTMigFiles2=MigUser.xml USMTMigFiles3=MigSys.xml USMTMigFiles4=MigCustom.xml USMTConfigFile=Config.xml Note See the MDT 2008 document, Toolkit Reference, for more details on configuration settings.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
MSDN 2.0
Microsoft® Deployment Toolkit 2008 Workbench Imaging Guide
Published: July 2008 For the latest information, please see microsoft.com/technet/SolutionAccelerators.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide
xv
The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. © 2008 Microsoft Corporation. All rights reserved. If the user of this work is using the work SOLELY FOR NON-COMMERCIAL PURPOSES INTERNALLY WITHIN A COMPANY OR ORGANIZATION, then this work is licensed under the Creative Commons AttributionNonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5 or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter within this document. Except as provided in any separate written license agreement from Microsoft, the furnishing of this document does not give you, the user, any license to these patents, trademarks, copyrights or other intellectual property. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Microsoft, ActiveX, Internet Explorer, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Contents
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
In tr oduct ion This technical guide is part of Microsoft® Deployment Toolkit (MDT) 2008. This document guides the creation of Lite Touch Installation (LTI) images using Deployment Workbench. Note In this document, Windows applies to the Windows Vista®, Windows® XP Professional, Windows XP Tablet PC Edition, Windows Server® 2008, and Windows Server 2003 operating systems unless otherwise noted.
Because this guide contains guidance specific to creating LTI images in Deployment Workbench, reviewing the guides that Table 1 describes can provide additional information. Table 1. Related Guides See this guide
For more information about
Image Customization Guide
Customizing LTI images. For example, this guide describes how to customize the task sequence, answer files, and so on.
Microsoft Deployment Toolkit 2008 Samples Guide
Sample customizations that can be used as the basis for customizing images for desktop and server computers.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Ins tal ling Dep lo yment Wor kbenc h Use Deployment Workbench to create distribution shares and develop disk images. The first step in the process is to install Deployment Workbench on the build server, which holds the source files (scripts, Windows media, device drivers, and applications) used as part of the scripted build process. The MDT 2008 document Getting Started Guide includes systematic instructions for installing MDT 2008, including Deployment Workbench and the Windows Automated Installation Kit (Windows AIK). Note For systematic installation procedures, see the MDT 2008 documents Getting Started Guide and Preparing for LTI Tools.
Create the Distribution Share The distribution share holds the operating systems, applications, operating system packages, task sequences, and out-of-box device drivers used for imaging. Use the Create Distribution Share Wizard to create the distribution share that Deployment Workbench uses to store the files used for imaging. To create the distribution share using the Create Distribution Share Wizard 1889.In the Deployment Workbench console tree, right-click Distribution Share, and then click Create Distribution share directory to start the Create Distribution Share Wizard. 1890.On the Specify the path for the distribution share directory page, type the path to the distribution share directory in the text box provided. 1891.Click Finish to complete the process.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Sta r ting Dep lo yment Wor kbenc h In Deployment Workbench, the left pane contains the console tree, the center pane—the details pane—shows the properties of the item in the console tree, and the right pane lists actions available. Table 2 lists the items available in Deployment Workbench and their descriptions. Table 2. Deployment Workbench Elements Item
Description
Information Center
Provides access to documentation, displays breaking news about MDT 2008, and lists the components required to use Deployment Workbench. Click this item to view details in the details pane.
Distribution Share
Lists operating systems, applications, operating system packages, and out-of-box drivers populated in Deployment Workbench. Click this item to view details in the details pane.
Task Sequences
Lists task sequences populated in Deployment Workbench. Click this item to view details in the details pane.
Deploy
Lists the deployment points available to Deployment Workbench and the database required to house Windows Deployment Services information.
To start Deployment Workbench •
Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench. CAUTION Open only a single instance of Deployment Workbench. Opening two or more instances of Deployment Workbench can result in unpredictable behavior.
Tip The default view of the Deployment Workbench console is the Action pane. Remove it by working in the management console. To work in the console, run %programfiles%\Microsoft Deployment Toolkit\Bin\DeploymentWorkbench.msc /a. On the View menu, click Customize; clear the Action pane check box, and then click OK. Save changes by clicking Save from the File menu. When prompted whether to display a single window interface, click Yes.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Up g r ading BDD 2007 to M DT 2008 It is possible to upgrade from Business Desktop Deployment (BDD) 2007 to MDT 2008. There are two options to choose from moving from BDD 2007 to MDT 2008: coexisting with BDD 2007 and upgrading from BDD 2007. For more information on upgrading to MDT 2008, see the following sections of the MDT 2008 document Getting Started Guide: •
“Coexist with BDD 2007”
•
“Upgrade from BDD 2007”
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea ting the Dis tr ibu ti on Shar e The distribution share contains all of the information and settings that MDT 2008 uses as well as the entire contents used during the LTI process. The following section describes the process to create a new distribution share or upgrade an existing distribution share. To create a new distribution share 1892.Open Deployment Workbench, right-click Distribution Share, and then click Create distribution share directory. 1893.In the Create Distribution Share Wizard, on the Specify Directory page, click Create a new distribution share. 1894.Type the location for the distribution share on the local system in the Path for new distribution share directory text box, and then click Finish. To upgrade an existing distribution share 1895.Open Deployment Workbench, right-click Distribution Share, and then click Create distribution share directory. 1896.In the Create Distribution Share Wizard, on the Specify Directory page, click Upgrade an existing distribution share. 1897.Type the path for the distribution share in the Path to existing distribution share directory box. 1898.Select or clear the Backup existing scripts and configuration files check box as necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Popul ate the Dis tr ibu ti on Shar e Using Deployment Workbench, the distribution share can be configured in the following ways: •
Add, remove, and configure operating systems.
•
Add, remove, and configure applications.
•
Add, remove, and configure operating system packages, including updates and language packs.
•
Add, remove, and configure out-of-box device drivers.
When adding operating systems, applications, operating system packages, and out-ofbox device drivers to the distribution share, the source files are stored in the distribution share folder. These stored items will be associated with task sequences later in the configuration process. In the distribution share’s Control subfolder, Deployment Workbench stores metadata about operating systems, applications, operating system packages, and out-ofbox device drivers in the files shown in Table 3. Table 3. Metadata Files Associated with Deployment Workbench File
Description
Applications.xml
Contains metadata about applications in the distribution share
Drivers.xml
Contains metadata about the device drivers defined in the distribution share
DriverGroups.xml
Contains metadata specifying the grouping of drivers as listed on the Groups tab for each defined driver
OperatingSystems.xml
Contains metadata about operating systems in the distribution share
Packages.xml
Contains metadata about operating system packages in the distribution share, including software updates and language packs
PackageGroups.xml
Contains metadata specifying the grouping of packages as listed on the Groups tab for each defined package
TaskSequence.xml
Contains the list of task sequences referenced in \Deployment\Control and its subfolders
TS.xml
Contains metadata about the task sequence and is the task sequence definition. (A TS.xml file resides in each subfolder under \Distribution\Control.)
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
7
Note DriverGroups.xml exists alongside the Drivers.xml file, and TaskSequence.xml replaces the Builds.xml file previously used in BDD 2007. Tip Deployment Workbench does not sort the metadata in the .xml configuration files. However, sorting these files can make choosing applications and operating systems easier later. Use any text editor to sort them. An easier way to sort these files is by using Microsoft XML Notepad 2007, which is available from the Microsoft Download Center at http://www.microsoft.com/downloads.
Operating Systems MDT 2008 offers the ability to add the following operating system types: •
Full set of source files. Contains the files from a Windows DVD, CD, or equivalent media source
•
Custom image file. A Windows Imaging Format (WIM) image previously captured for deployment
•
Windows Deployment Services images. Located on a specified Windows Deployment Services server
This feature copies the entire set of operating system source files from the distribution media or folder containing the distribution media. Optionally, operating system images can be added from a specific Windows Deployment Services server by clicking Windows Deployment Services images on the OS Type page of the New OS Wizard. For more information, see the section, “Add Images from Windows Deployment Services,” later in this document. Or, click Custom image file on the same wizard page to add a custom image, created by using the Windows Deployment Wizard.
Add an Operating System See the MDT 2008 document Getting Started Guide for additional information on supported operating systems. To add a supported operating system to the distribution share 1899.In the Deployment Workbench console tree, expand Distribution Share, right-click Operating Systems, and then click New to start the New OS Wizard. 1900.On the OS Type page, select Full set of source files. Click Next. 1901.On the Source page, type the path containing the operating system source files to be added to the distribution share. Click Next. Note If the operating system files have been staged on the local hard disk, optionally select Move the files to the distribution share instead of copying them to speed the process.
1902.On the Destination page, type the name of the operating system folder to create in the distribution share. Accept the default name, which Deployment Workbench derives from the source files, or use a name that describes the operating system version and edition. Deployment Workbench uses this name to create a folder for the operating system in the distribution share’s Operating Systems folder. 1903.Click Finish to complete the wizard. This copy process can take several minutes to finish.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
8
Microsoft Deployment Toolkit 2008
After adding an operating system to the distribution share, it appears in the details pane of Operating Systems. In addition, the operating system appears in the distribution share in Operating Systems\subfolder, where subfolder is the destination specified when adding the operating system.
Remove an Operating System To remove an operating system from the distribution share, complete the following steps: 1904.In the Deployment Workbench console tree, expand Distribution Share, and click Operating Systems. 1905.In the details pane, right-click the operating system to be removed, and then click Delete. 1906.Click Yes when prompted. Note When an operating system is deleted from Deployment Workbench, it is also removed from the Operating Systems folder in the distribution share. In other words, removing an operating system from Deployment Workbench also removes it from the file system.
Rename an Operating System To rename an operating system in the distribution share, complete the following steps: 1907.In the Deployment Workbench console tree, expand Distribution Share, and then click Operating Systems. 1908.In the details pane, right-click the operating system to be renamed, and then click Properties. The operating system Properties dialog box appears. 1909.In the Operating system name box, type a new name for the operating system. Click OK.
Add Images from Windows Deployment Services MDT 2008 can deploy Windows images added to a Windows Deployment Services server. It does not copy these images to the MDT 2008 distribution share; instead, it deploys them directly from the MDT 2008 share. To add Windows images to the distribution share from a Windows Deployment Services server 1910.Copy the following files from the \sources directory of the Windows Vista or Windows Server 2008 media to the folder %programfiles%\Microsoft Deployment Toolkit\bin: •
Wdsclientapi.dll
•
Wdscsl.dll
•
Wdsimage.dll
•
Wdstptc.dll (only applicable if copying from the Windows Server 2008 or Windows Vista with Service Pack 1 [SP1] source directories)
Note The Windows source directory being used must match the platform of the operating system running on the computer where MDT 2008 is installed.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
9
1911.In the Deployment Workbench console tree, expand Distribution Share, right-click Operating Systems, and then click New to start the New OS Wizard. 1912.On the OS Type page, select Windows Deployment Services images, and then click Next. 1913.On the WDS Server page, type the name of the Windows Deployment Services server from which to add the operating system images, and then click Finish. The New OS Wizard makes all the operating system installation images it finds on the Windows Deployment Services server available to MDT 2008. It does not copy the source files from the Windows Deployment Services server to the distribution share, however. MDT 2008 continues to use the source files from their original location. The images appear in the details pane of Operating Systems in the Microsoft System Center Configuration Manager 2007 Configuration Manager console.
Add Custom Image Files MDT 2008 can deploy custom images or previously captured images in the WIM format. Specify the source directory in which the WIM file resides, and optionally the New OS Wizard will move the file to the distribution share. To add a custom image operating system to the distribution share 1914.In the Deployment Workbench console tree, expand Distribution Share, right-click Operating Systems, and then click New to start the New OS Wizard. 1915.On the OS Type page, select Custom image file, and then click Next. 1916.On the Setup page, specify the operating system setup files from the following selections as appropriate, and click Next: •
Setup and Sysprep files are not needed. Does not copy any setup files for a Windows Vista or Windows Server 2008 image, or System Preparation Tool (Sysprep) files for a Windows XP or Windows Server 2003 image.
•
Copy Windows Vista or Windows Server 2008 setup files from the specified path. Specifies the directory containing the Windows Vista or Windows Server 2008 setup files required to install the image specified.
•
Copy Windows XP or Windows Server 2003 Sysprep files from the specified path. Specifies the directory containing the Windows XP or Windows Server 2003 Sysprep or DEPLOY.CAB files required to install the image specified.
1917.On the Destination page, enter the destination directory for the wizard to create to contain the required operating system files, and click Finish.
Hide and Unhide Feature MDT 2008 offers the hide and unhide feature for the following nodes: •
Applications
•
OS Packages
•
Task Sequences
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
10
Microsoft Deployment Toolkit 2008
The General tab of applications, operating systems packages, and task sequences contains the Hide this application in the Deployment Wizard check box. Select this check box to see the following properties: •
•
•
Application is Enabled and Hide option cleared: •
For LAB deployment points, the task sequence, application, or package will be displayed in the LTI Wizard.
•
For NETWORK deployment points, the task sequence, application, or package will be copied to the network share deployment point when selected to copy.
•
For MEDIA deployment points, the task sequence, application, or package will be copied in the media content when selected to copy.
Application is Enabled and Hide option selected: •
For LAB deployment points, the task sequence, application, or package will not be displayed in the LTI Wizard.
•
For NETWORK deployment points, the task sequence, application, or package will be copied to the network share deployment point when selected to copy.
•
For MEDIA deployment points, the task sequence, application, or package will be copied in the media content when selected to copy.
Application is Disabled. Hide option is ignored: •
For LAB deployment points, the task sequence, application, or package will not be displayed in the LTI Wizard.
•
For NETWORK deployment points, the task sequence, application, or package will not be copied to the network share deployment point, even when selected to copy.
•
For MEDIA deployment points, the task sequence, application, or package will not be copied in the media content, even when selected to copy.
Applications Use this feature to install applications on client computers, either from source files that are copied to the distribution share or from source files stored in an existing shared folder.
Add an Application To add an application to the distribution share, complete the following steps: 1918.In the Deployment Workbench console tree, expand Distribution Share. Right-click Applications, and then click New to start the New Application Wizard. 1919.On the Application Type page, perform one of the following actions, and then click Next: •
Select Application with source files to copy the application source files to the distribution share. During deployment, MDT 2008 installs the application from source files it copied to the distribution share. Select this option when the application source files are not available to the destination computer when installing the operating system build or when they must be customized.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
•
11
Select Application without source files or elsewhere on the network. Choosing this option does not copy the application source files to the distribution share. During deployment, MDT 2008 installs the application from another location on the network. Select this option when the application source files are available during installation of the operating system build or to run a command that requires no application source files.
1920.On the Details page, provide the following information about the application, and then click Next: •
Publisher. Type the name of the application’s publisher.
•
Application Name. Type the name of the application.
•
Version. Type a version label for the application.
•
Languages. Type the language value of the Locale Identifier.
1921.On the Source page, type the path of the folder containing the application to be added, and click Next. If the application source files will be copied to the distribution share, Deployment Workbench copies everything in this folder to the distribution share; otherwise, it adds this path to the application’s metadata as the application’s installation path. If the operating system files are staged on the local hard disk, optionally select Move the files to the distribution share instead of copying them to automatically move the files to the distribution share. 1922.On the Destination page, type the name of the folder to create for the application within the distribution share, and then click Next. Note
The default value is the publisher, application name, and version label concatenated.
CAUTION When adding applications to the distribution share by using Deployment Workbench, ensure that every application has a unique full name. Otherwise, users will see multiple applications with the same name, each of which installs a different application, during an LTI installation.
1923.On the Command Details page, type the command to use to install the application silently, and click Finish. The command is relative to the working directory specified in the Working directory box. Windows Installer applications use the command msiexec.exe /i package.msi /qb REBOOT=REALLYSUPPRESS. Applications packaged by using other technologies require different command-line options. After adding an application to the distribution share, it appears in the Applications details pane. In addition, it appears in the distribution share in Applications\subfolder, where subfolder is the destination specified when adding the application.
Remove an Application To remove an application from the distribution share, complete the following steps: 1924.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1925.In the details pane, right-click the application to be removed, and then click Delete. 1926.Click Yes when prompted. Note The applications cannot be removed on which other applications have installation dependencies.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
12
Microsoft Deployment Toolkit 2008
Note When an application is deleted from Deployment Workbench, it is also removed from the Applications folder in the distribution share. In other words, removing an application from Deployment Workbench also removes it from the file system.
Edit an Application’s General Information The properties of an application can be edited, including the display name and working directory. Additional options allow changing the reboot properties of the application and enabling or disabling the application. To edit the properties of an application 1927.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1928.In the details pane, right-click the application to be edited, and then click Properties. 1929.On the General tab, edit the following items as necessary, and then click OK: •
Full Name of the application
•
Name of the application
•
Version of the application
•
Publisher of the application
•
Language version of the application
•
Source Directory, relative to the distribution share
•
Comments about the application
•
Hide this application in the Deployment Wizard
•
Enable this application Note MDT 2008 uses the uninstall registry key name to determine whether an application is already installed on the destination computer. This is a subkey in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninst all. If MDT 2008 detects the presence of this key, it assumes that the application is already installed and skips the installation of that application and any dependencies.
Edit an Application’s Details The details of an application can be edited. These details define the installation commands, restart option, and platform associated with the application. To edit the details of an application 1930.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1931.In the details pane, right-click the application to be edited, and then click Properties. 1932.On the Details tab, edit the following items as necessary, and then click OK: •
Application bundle.
•
Standard application. Specify the Quiet install command, the working directory relative to the distribution share, and the Uninstall registry key name.
•
Reboot the computer after installing this application.
•
This can run on any platform.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
•
13
This can run only on the specified client platforms. Specify the appropriate platforms by selecting the check boxes corresponding to the application.
Edit an Application’s Dependencies When installing an application, MDT 2008 checks the application's dependencies. MDT 2008 installs each application on which the current application is dependent prior to installing the current application. This is true regardless of whether dependent applications are selected and also regardless of rules in the MDT 2008 database or the CustomSettings.ini file. After MDT 2008 installs all dependent applications in the order specified, MDT 2008 installs the current application. To add dependencies to or remove dependencies from an application 1933.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1934.In the details pane, right-click the application to be edited, and then click Properties. 1935.Click the Dependencies tab, complete one of the following tasks, and then click OK: •
Add dependencies. Click Add, and select an application.
•
Remove dependencies. Select an application from the list, and click Remove.
•
Reorder dependencies. Select an application, and click Up or Down.
Note When adding dependencies, Deployment Workbench displays only those applications that have already been added to the distribution share. When reordering dependencies, MDT 2008 installs the dependent applications in the order specified in the Dependencies list.
Enable or Disable an Application Disabling an application prevents MDT 2008 from choosing it for installation. Disabling an application also prevents installation of an application. To enable or disable an application 1936.In the Deployment Workbench console tree, expand Distribution Share, and click Applications. 1937.In the details pane, right-click the application to enable or disable, and then click Properties. 1938.On the General tab, complete one of the following tasks, and then click OK: •
Enable an application. Select the Enable this application check box.
•
Disable an application. Clear the Enable this application check box.
Tip If an application was added that will be installed during the task sequence, disable the application by clearing the Enable this application check box. The application will still be installed during the task sequence, but it will not appear in the applications list.
Restart the Computer After Installing an Application To cause the computer to restart after application installation, complete the following steps: Solution Accelerators
microsoft.com/technet/SolutionAccelerators
14
Microsoft Deployment Toolkit 2008
1939.In the Deployment Workbench console tree, expand Distribution Share, and then click Applications. 1940.In the details pane, right-click the application for which the Windows Deployment Wizard must restart the computer after installation, and then click Properties. 1941.Click the Details tab; select the Reboot the computer after installing this application check box, and then click OK. Note Selecting this check box causes the Windows Deployment Wizard to restart the computer after installing the application, and then continue with the next step in the task sequence. CAUTION Do not allow the application to restart the computer. MDT 2008 must control restarts, or the task sequence will fail. For example, use the command REBOOT=REALLYSUPPRESS to prevent some Windows Installer–based applications from restarting. To prevent the 2007 Microsoft Office system from restarting the computer, add the property SETUP_REBOOT=NEVER to the Config.xml file or the M file created by using the Office Customization Tool.
Packages Use this feature to install Windows package files (including security updates, service packs, and language packs) on client computers from CAB or MSU files.
Add a Package To add operating system packages, including language packs and updates, to the distribution share, complete the following steps: 1942.In the Deployment Workbench console tree, expand Distribution Share, right-click OS Packages, and then click New to start the New Package Wizard. 1943.On the Specify Directory page, type the path containing the package files to be added to the distribution share, and then click Finish. Deployment Workbench adds all the packages it finds in the folder and its subfolders. After adding packages to the distribution share, they appear in the OS Packages details pane. In addition, the packages appear in the distribution share in the Packages folder.
Remove a Package To remove a package from the distribution share, complete the following steps: 1944.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1945.In the details pane, right-click the package to be removed, and then click Delete. 1946.Click Yes when prompted. Note When a package is deleted from Deployment Workbench, it is also removed from the Packages folder in the distribution share. In other words, removing a package from Deployment Workbench also removes it from the file system.
View a Package’s General Information To view the general information about a package in the distribution share, complete the following steps: 1947.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
15
1948.In the details pane, right-click the package to view, and then click Properties. 1949.Click the General tab; view the properties in Table 4, and then click OK to exit.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
16
Microsoft Deployment Toolkit 2008
Table 4. Package Properties Property
Description
Package name
Name of the package
Type
Package type
Processor architecture Processor types available for installation by the package: x86, x64, ia64 Language
Languages of the package
Public key token
Public listing of the encryption key
Version
Package version
Product name
Products contained in the package
Product version
Version of the products contained in the package
Package path
Path to the package on the MDT 2008 server
Enable or Disable a Package To enable or disable a package on the distribution share, complete the following steps: 1950.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1951.In the details pane, right-click the package to enable or disable, and then click Properties. 1952.Click the General tab; complete one of the following tasks, and click OK: •
Enable the package. Select the Enable (approve) this package check box.
•
Disable the package. Clear the Enable (approve) this package check box.
Add a Package Group MDT 2008 allows PackageGroup functionality to be added. Package groups help to separate packages during installation. For instance, when multiple operating systems must be deployed and they use different packages or require different levels of updates or languages, assign packages to different groups. Assign the group to a particular operating system during deployment. To add a package group for association with OS Packages 1953.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1954.In the details pane, right-click the package to edit, click Properties, and then click the Groups tab. 1955.Click Add. 1956.Type the group name in the New Package Group dialog box, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
17
Change a Package Group Assignment To change a package group’s assignment, complete the following steps: 1957.In the Deployment Workbench console tree, expand Distribution Share, and then click OS Packages. 1958.In the details pane, right-click the package to edit, click Properties, and then click the Groups tab. 1959.Click Add. 1960.Type the group name in the New Package Group dialog box, and then click OK. For more information on: •
The PackageGroup property, see the section, “PackageGroup,” in the MDT 2008 document Toolkit Reference.
•
The LanguagePacks property, see the section, “LanguagePacks,” in the MDT 2008 document Toolkit Reference.
•
Customizing package groups, see the section, “OS Packages,” in the MDT 2008 document Deployment Customization Guide.
Out-of-Box Drivers Use this feature to install drivers on client computers that are not included in the Windows operating system image.
Add a Device Driver To add device drivers to the distribution share, complete the following steps: 1961.In the Deployment Workbench console tree, expand Distribution Share, right-click Out-of-Box Drivers, and then click New to start the New Driver Wizard. 1962.On the Specify Directory page, type or browse to the path containing the device drivers to be added to the distribution share using the Driver source directory text box. 1963.Select the driver group to assign the driver (defaults to All Drivers). 1964.Select or clear the Import drivers even if they are duplicates of an existing driver check box, and then click Finish. Deployment Workbench adds all the device drivers it finds in the folder and its subfolders. After adding device drivers to the distribution share, they appear in the Out-of-Box Drivers details pane. In addition, the device drivers appear in the distribution share in the Out-of-Box Drivers folder.
Remove a Device Driver To remove a device driver from the distribution share, complete the following steps: 1965.In the Deployment Workbench console tree, expand Distribution Share, and click Out-of-Box Drivers. 1966.In the details pane, right-click the device driver to remove, and then click Delete. 1967.Click Yes when prompted. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
18
Microsoft Deployment Toolkit 2008 Note When a device driver is deleted from Deployment Workbench, it is also removed from the Out-of-Box Drivers folder in the distribution share. In other words, removing a device driver from Deployment Workbench also removes it from the file system.
View a Device Driver's General Information To view the general properties of a device driver, complete the following steps: 1968.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1969.In the details pane, right-click the device driver to view, and then click Properties. 1970.Click the General tab, view the properties listed in Table 5, and then click OK to close the window. Table 5. Device Driver Properties Property
Description
Driver name
Display name of the driver
Manufacturer
Manufacturer providing the driver
Version
Version of the driver
Driver date
Date the driver was created
Driver type (class)
Driver framework
INF path
Path to the .inf file relative to the MDT 2008 distribution share
Platforms
Platforms the driver supports (platforms include x86 and x64)
Supported OS versions
Operating systems the driver supports (supported operating systems include Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008)
Supported PnP IDs
Defines the address and IRQ of the device driver
Enable this driver
Enables or disables the device driver
Enable or Disable a Device Driver To enable and disable device drivers in the distribution share, complete the following steps: 1971.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1972.In the details pane, right-click the device driver to be enabled or disabled, and then click Properties. 1973.Click the General tab, complete one of the following tasks, and click OK: •
Enable the driver. Select the Enable this driver check box.
•
Disable the driver. Clear the Enable this driver check box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
19
Change a Device Driver's Group Assignment Driver groups help resolve device-driver collisions during installation. For example, if two computer models contain a similar device that has the same Plug and Play ID but require original equipment manufacturer (OEM)–specific device drivers, assign each device driver to a different driver group. Then, assign the model-specific driver group to a particular computer model by using the make-and-model table in the MDT 2008 database. Doing so helps ensure that the correct device driver is used for each computer model. To change a device driver's group assignment 1974.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1975.In the details pane, right-click the device driver to edit, and then click Properties. 1976.Click the Groups tab, select the device drivers group to include the device driver, and then click OK. Note During deployment, choose which device driver groups to include in the installation by using rules in CustomSettings.ini or the MDT 2008 database. For more information about using device driver groups, see the DriverGroup property in the MDT 2008 document Toolkit Reference.
Add a Device Driver Group To add a device group for association with drivers, complete the following steps: 1977.In the Deployment Workbench console tree, expand Distribution Share, and then click Out-of-Box Drivers. 1978.In the details pane, right-click the device driver to edit, click Properties, and then click the Groups tab. 1979.Click Add. 1980.Type the group name in the New Driver Group dialog box, and then click OK.
Use Legacy $OEM$ Folders MDT 2008 supports using legacy $OEM$ folders to organize and copy supplemental files to the destination computer. However, when deploying Windows Vista or Windows Server 2008, using data WIM files is preferred over using $OEM$ folders. Note For more information about using data WIM files or $OEM$ folders with Windows Vista or Windows Server 2008, see the Windows Automated Installation Kit User’s Guide in the Windows AIK. For more information about using an $OEM$ folder with Windows XP or Windows Server 2003, see the Microsoft Windows Corporate Deployment Tools User’s Guide (Deploy.chm) and the Microsoft Windows Preinstallation Reference (Ref.chm), both of which are in the Deploy.cab file in the Support\Tools folder on the Windows media.
MDT 2008 looks in the following locations within the distribution share, in the order specified, to find an $OEM$ folder: •
Control\Build, where Build is the name or ID of the build that MDT 2008 is installing. Create $OEM$ folders in this location to create a custom folder for each build.
•
Operating Systems\Name, where Name is the name of the operating system MDT 2008 is installing. Create $OEM$ folders in this location to create a custom folder for each operating system.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
20
Microsoft Deployment Toolkit 2008
•
Platform, where Platform is either x86 or x64. Create $OEM$ folders in this location to create a custom folder for each platform.
•
$OEM$, which is at the root of the distribution share and is the default $OEM$ folder if a folder is not found in the previous locations.
An $OEM$ folder contains supplemental files. The following list describes each folder that can be created within an $OEM$ folder to organize these files: •
$$. Windows Setup copies the contents of this folder to %SystemRoot% on each destination computer. It replicates all the folders, subfolders, and files that this folder contains in the %SystemRoot% folder of each destination computer. For Windows Setup to copy a file to %SystemRoot%\System32 on each destination computer, for example, put the file in $OEM$\$$\System32.
•
$1. Windows Setup copies the contents of this folder to %SystemDrive% on each destination computer. It replicates all the folders, subfolders, and files that this folder contains in the %SystemDrive% folder on each destination computer. This is typically drive C on most computers.
•
Drive. Drive is a drive letter (C, D, E, and so on). Windows Setup copies the contents of this folder to the root of the corresponding drive on each destination computer. It replicates all the folders, subfolders, and files that this folder contains in the corresponding drive during the setup process. For example, Windows Setup copies any files put in $OEM$\D to the root of drive D on each destination computer. Microsoft recommends that these folders not be used. The folders rely on a very specific disk configuration on the destination computer. Use $1 to represent %SystemDrive% instead. In most installations, $OEM$\$1 and $OEM$\C write to the same location: the root of drive C.
•
TEXTMODE. For Windows XP and Windows Server 2003, this folder contains hardware-specific files that Windows Setup and text-mode setup install on the destination computer during the text-mode phase of the installation process. These files may include OEM hardware abstraction layers (HALs), mass-storage device drivers, and the Txtsetup.oem file. The Txtsetup.oem file describes how to load and install these files. List these files in the [OemBootFiles] section of the answer file.
Task Sequences Use this feature to run a sequence of tasks after installing an operating system image.
Create Task Sequences To create a new task sequence, complete the following steps: 1981.In the Deployment Workbench console tree, right-click Task Sequences, and then click New to start the New Task Sequence Wizard. 1982.On the General Settings page, provide the following information, and then click Next: •
Task sequence ID. Type the unique ID for the task sequence.
•
Task sequence name. Type the descriptive name for the task sequence.
•
Task sequence comments. Type the necessary comments to help identify the properties of the task sequence.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
21
Tip Although a task sequence’s name and comments can be changed later, a task sequence’s ID cannot. Before creating task sequences, create a naming scheme to use in creating task sequence IDs that will provide meaningful information about each task sequence. An example naming scheme is Version-Edition-Level-Label, where Version is the operating system version (win2003, win2007), Edition is the operating system edition (Enterprise, Standard, Ultimate), Level is the service pack level (SP1, SP2), and Label is a descriptive label that identifies the customizations. Bear in mind the limit is 16 characters for the name.
1983.On the Select Template page, choose one of the templates listed in Table 6, and then click Next. Table 6. Task Sequence Templates Template
Description
Standard Client Task Sequence
Select this option to create the default task sequence for deploying operating system images to client computers, including desktop and portable computers.
Standard Client Replace Select this option to back up the system entirely, back up Task Sequence the user state, and wipe the disk. Custom Task Sequence
Select this option to create a customized task sequence that does not install an operating system.
Standard Server Task Sequence
Select this option to create the default task sequence for deploying operating system images to server computers.
Litetouch OEM Task Sequence
Select this option to pre-load operating systems images on computers in a staging environment prior to deploying the target computers in the production environment (typically by a computer OEM).
Note Litetouch OEM Task Sequence should only be selected when performing deployments by using a Removable media (MEDIA) deployment point type. Although the Litetouch OEM Task Sequence template can be selected from other deployment point types, the task sequence will not finish successfully.
1984.On the Select OS page, choose an operating system image to install with this task sequence, and then click Next. Note
Only the operating system images added to Operating Systems earlier are visible.
1985.On the Specify Product Key page, perform one of the following tasks, and then click Next: •
Use the specified product key. Type the product key in the Product Key box.
•
Do not use a product key when installing. Select Do not use a product key when installing.
Note For more information about volume activation and product keys in MDT 2008, see Windows Vista Volume Activation 2.0 Technical Guidance at http://go.microsoft.com/fwlink/?LinkID=75674. That documentation describes when a product key is necessary. Generally, volume license customers using a Key Management Service (KMS) host for activation (which requires 25 Windows Vista or five Windows Server 2008 computers) should select the Do not use a product key when installing option. Customers deploying Windows Vista or Windows Server 2003 or using Multiple Activation Keys (MAKs) should select the Use the specified product key option, and then type a product key in the Product Key box.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
22
Microsoft Deployment Toolkit 2008
1986.On the OS Settings page, provide the following information, and then click Next: •
Full Name. The owner name for the task sequence
•
Organization. The name of the organization
•
Internet Explorer Home Page. The URL for the default Windows Internet Explorer® home page
1987.On the Admin Password page, select one of the following options, and then click Finish to complete the wizard: •
Use the specified local Administrator password. This selection prompts for the administrative password for the package and to confirm the password to complete the task.
•
Do not specify an Administrator password at this time. Choose this option if the administrative password will be configured during the deployment process.
After adding a task sequence to the distribution share, it appears in the Task Sequences details pane. In addition, it appears in the distribution share in Control\subfolder, where subfolder is the task sequence ID. Deployment Workbench stores metadata about each task sequence in TaskSequences.xml, which also resides in the distribution share’s Control folder.
Remove a Task Sequence To remove a task sequence from Deployment Workbench, complete the following steps: 1988.In the Deployment Workbench console tree, click Task Sequences. 1989.In the details pane, right-click the task sequence to be removed, and then click Delete. 1990.Select Yes when prompted.
Edit a Task Sequence’s General Information To edit the general information of a task sequence in Deployment Workbench, complete the following steps: 1991.In the Deployment Workbench console tree, click Task Sequences. 1992.In the details pane, right-click the task sequence to edit, and then click Properties. 1993.Click the General tab, and edit the elements listed in Table 7 as necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
23
Table 7. General Task Sequence Information Property
Description
Task sequence ID
Cannot be edited; set when the task sequence is edited
Task sequence name
Name to associate with the task sequence
Task sequence version
Version label to associate with the task sequence
Comments
Section in which to comment about the current package
This can run on any platform
Tells MDT 2008 that this task sequence will run on any platform
This can run only on the specified client platforms
Indicates that the task sequence will be applicable/available only for the platform(s) selected from the list
Hide this task sequence in the Deployment Wizard
Removes the ability to select the specified task sequence in the Deployment Wizard
Enable this task sequence
Enables or disables the task sequence
1994.Click OK to complete the task.
Enable or Disable a Task Sequence To enable or disable a task sequence in Deployment Workbench, complete the following steps: 1995.In the Deployment Workbench console tree, click Task Sequences. 1996.In the details pane, right-click the task sequence to be enabled or disabled, and then click Properties. 1997.Click the General tab, complete one of the following tasks, and then click OK: •
Enable the task sequence. Select the Enable this task sequence check box.
•
Disable the task sequence. Clear the Enable this task sequence check box.
Define a Task Sequence To define a task sequence in Deployment Workbench, complete the following steps: 1998.In the Deployment Workbench console tree, click Task Sequences. 1999.In the details pane, right-click the task sequence to be edited, and then click Properties. 2000.Click the Task Sequence tab, and expand the deployment phases and conditions to configure the different tasks that will be run. Use the Add, Remove, Up, and Down buttons to configure the tasks within a phase. 2001.Click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
24
Microsoft Deployment Toolkit 2008
Edit the Unattended Setup Answer File Associated with the Task Sequence There are two options in the current release of MDT 2008. When editing Unattend.xml for Windows Vista or Windows Server 2008, use Windows System Image Manager (Windows SIM) to edit the file. When editing the Unattend.txt file for Windows XP or Windows Server 2003, use Microsoft Notepad to edit the file. Note For more information about Unattend.xml and Windows SIM, see the Windows Automated Installation Kit User’s Guide in the Windows AIK. For more information about Sysprep.inf and Unattend.txt, see the Microsoft Windows Corporate Deployment Tools User’s Guide (Deploy.chm) and the Microsoft Windows Preinstallation Reference (Ref.chm), both of which are in the Deploy.cab file in the Support\Tools folder on the Windows installation media.
Select the Packages Groups for a Task Sequence For each task sequence created in Deployment Workbench, select a packages group to be deployed with the task sequence. A package group is a logical grouping of one or more packages defined in the OS Packages node in Deployment Workbench. When the package group is selected for a task sequence, the packages are automatically copied to the deployment point and are available to the MDT 2008 scripts. The packages reside in the distribution_point\OS Packages\driver folder (where distribution_point is the name of the folder that is the root of the distribution point and driver is the name of the driver listed in Deployment Workbench). To select the package group for a task sequence 2002.Start Deployment Workbench. 2003.In the console tree, expand Distribution Share, and then click Task sequences. 2004.In the details pane, right-click task_sequence_id (where task_sequence_id is the ID of the task sequence for which to select a package group), and then click Properties. 2005.In the task_sequence_id Properties dialog box, on the Task Sequence tab, locate the Apply Patches task sequence step; and on the Properties tab, in Package group, select package_group (where task_sequence_id is the ID of the task sequence selected and package_group is the name of the packages group to deploy). Click OK. 2006.Repeat steps 3 and 4 for each Apply Patches task sequence step in the task sequence. Note To deploy all packages with a task sequence, in the Package group box, click All Packages.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
25
Deployment Points Deployment points define the shares that clients connect to when retrieving the operating system image, applications, drivers, and other deployment components. Table 8 describes the types of deployment points that MDT 2008 offers to deploy task sequences. Table 8. Deployment Point Types Selection
Description
Lab or single-server deployment
The distribution share located on the local machine
Separate deployment share
A deployment share on the local machine or another computer containing a subset of the files contained on the local distribution share
Removable media
A directory of the files or International Organization for Standardization (ISO) image needed for deployment from removable media (DVD, USB disks, USB flash drive [UFD])
SMS 2003 OSD
A directory containing the files needed for customizing a Microsoft Systems Management Server (SMS) 2003 Operating System Deployment (OSD) Feature Pack program
Note When using a MEDIA deployment point, Windows AIK version 1.0 has a 4 gigabyte (GB) size limitation. Windows AIK version 1.1 (for use with Windows Vista with SP1) removed this limitation, allowing for a MEDIA deployment point greater than 4 GB.
Create the Deployment Point Always create a LAB deployment point in Deployment Workbench. Additionally, use LAB deployment points to build and capture LTI images. To create a LAB deployment point 2007.In the Deployment Workbench console tree, expand Deploy, right-click Deployment Points, and then click New to start the New Deployment Point Wizard. 2008.On the Choose Type page, select Lab or single-server deployment, and then click Next. 2009.On the Specify Deployment Point Name page, type a name for the deployment point, and then click Next. 2010.On the Application List page, perform one of the following tasks, and then click Next: •
Allow users to select additional applications or upgrades. Select the Allow users to select additional applications on upgrade check box.
•
Do not allow users to select additional applications or upgrades. Clear the Allow users to select additional applications on upgrade check box.
2011.On the Allow Image Capture page, select the Ask if an image should be captured check box, and then click Next.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
26
Microsoft Deployment Toolkit 2008
2012.On the Allow Admin Password page, select the check box to allow users to set the local Administrator password during installation (if necessary), and then click Next. 2013.On the Allow Product Key page, select the check box to allow users to specify a product key during installation (if necessary), and then click Next. 2014.On the Network Share page, type a name for the share, and then click Next. Note The default name is Folder$, where Folder is the name of the folder containing the distribution share. The dollar sign ($) hides the share in the network browser list.
2015.On the Configure User State page, choose from the selections in Table 9, and then click Finish. Table 9. User State Selections Selection
Description
Automatically determine the location on the Network
Browses the local network to determine the location for storing the user-state data
Automatically determine the location on the Local System
Browses the local system to determine the location for storing the user-state data
Specify a location
Allows manual specification of the location in which to save user-state data
Do not save data and settings
Discards all user-state settings and data
Customize the Deployment Point To configure a deployment point, complete the following steps: 2016.In the Deployment Workbench console tree, expand Deploy, and click Deployment Points. 2017.In the details pane, right-click the deployment point to edit, and then click Properties. 2018.Click the General tab, and then edit the settings found in Table 10. Note
The settings available for editing depend on the type of deployment point.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
27
Table 10. Deployment Point Properties Property
Description
Deploy point name
Name associated with the deployment point
Type
Type of deployment point: Lab or single server deployment, Separate deployment share, Removable media, or SMS 2003 OSD
Network path
Universal Naming Convention (UNC) path location to the deployment point
Local path
Local path to the deployment point on the MDT 2008 server
Platform supported
x86 or x64
Enable multicast for this deployment point
Enables multicast broadcasts of Windows Preinstallation Environment (Windows PE) images and operating system images using Windows Deployment Services
Note Lab or Single Server and NETWORK deployment points are the only deployment point types that support multicast. For more information on multicasting, refer to the section, “Preparing the Windows Deployment Services Server,” in the MDT 2008 document Preparing for LTI Tools. Note The multicast features of MDT 2008 are available using Windows Deployment Services in Windows Server 2008.
2019.Click the Rules tab, and then edit the deployment point’s settings. Note These settings reside in CustomSettings.ini, which is in the deployment point’s Control folder. For more information about the settings that can be configured on this tab, see the MDT 2008 document Toolkit Reference.
2020.Click the Edit Bootstap.ini button to customize the Bootstrap.ini file, and edit the appropriate information. 2021.Click the Windows PE tab, edit the settings described in Table 11, and then click OK.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
28
Microsoft Deployment Toolkit 2008
Table 11. Windows PE Settings Area
Settings
Images to Generate
•
Generate a Lite Touch flat bootable ISO image. Select this option to generate flat bootable ISO images.
•
Generate a Lite Touch bootable RAM disk ISO image. Select this option to generate ISO images that start from RAM disk.
•
Generate a generic flat bootable ISO image. Select this option to generate a generic Windows PE flat bootable image that does not contain MDT 2008.
•
Generate a generic bootable RAM disk ISO image. Select this option to generate a generic Windows PE bootable image that starts from RAM disk and does not contain MDT 2008. Note Deployment Workbench always generates .wim image files containing Windows PE. These files reside in the distribution share’s Boot folder.
Optional Components
•
Optional Fonts
Select the font support to add to the Windows PE boot images that Deployment Workbench generates. Add these fonts when performing an LTI deployment of Windows Server 2008 images when the setup files are Japanese, Korean, or Chinese. The Optional Fonts area provides the following options:
ADO. Select this option to add the Microsoft ActiveX® Data Objects (ADO) optional component to the Windows PE bootable images.
•
Chinese (ZH-CN)
•
Chinese (ZH-HK)
•
Chinese (ZH-TW)
•
Japanese (JA-JP)
•
Korean (KO-KR)
Note Adding additional fonts to Windows PE boot images increases the size of the images. Add fonts only if necessary.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Workbench Imaging Guide: Populating the Distribution Share
29
Area
Settings
Driver Injection
In the Driver group list, select the driver group from which MDT 2008 should select device drivers. The default group is All Drivers. Then, select any of the following options:
Windows PE Customizations
•
Include all network drivers in the selected group. Select this option to inject all network drivers found in the distribution share into the Windows PE bootable images.
•
Include all mass storage drivers in the selected group. Select this option to inject all mass storage drivers found in the distribution share into the Windows PE bootable images.
•
Include all video drivers in the selected group. Select this option to inject all video drivers found in the distribution share into the Windows PE bootable images.
•
Include all system-class drivers in the selected group. Select this option to inject all system drivers (motherboard drivers, and so on) in the distribution share into the Windows PE bootable images.
•
Custom background bitmap file. Type the path and file name of a bitmap file to use as the Windows PE background.
•
Extra directory to add. Type the path of a folder containing extra files and subfolders to add to the Windows PE bootable images.
Tip Deployment Workbench always generates .wim image files, which can be used to start destination computers using Windows Deployment Services. Choose to generate only the Windows PE bootable ISO images that are required. Limiting the number of images generated accelerates the updating process.
Update the Deployment Point After creating and configuring a deployment point in Deployment Workbench, update it to create it on the file system. Updating a deployment point creates the folder structure, Windows PE boot images, and so on. Updating a LAB deployment point shares the distribution share and creates the Windows PE boot images (WIM and ISO files) necessary to start the LTI deployment process from the share. Deployment Workbench uses the Windows AIK software development kit (SDK) to create images. Version 1.1 of the Windows AIK includes changes in the servicing stack for Windows Vista and Windows Server 2008. As a result of these changes, Deployment Workbench cannot create catalog files for some Windows images of different architecture types.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
30
Microsoft Deployment Toolkit 2008
The following list describes the architecture types running Deployment Workbench and catalogs that can be created for each architecture: •
Deployment Workbench running on x86. Can create catalogs for x86 and x64 Windows images
•
Deployment Workbench running on x64. Can create catalogs only for x64 Windows images
To update a deployment point 2022.In the Deployment Workbench console tree, expand Deploy, and then click Deployment Points. 2023. In the details pane, right-click the deployment point to edit, and then click Update. Note Deployment Workbench can update a deployment point without generating new Windows PE boot images. To update the BootStrap.ini and CustomSettings.ini files without creating new Windows PE boot images, right-click the deployment point to update in the Deployment Points details pane, and then click Update (files only).
Create a Bootable USB Flash Drive In a lab environment, when developing operating system images, starting destination computers by using a UFD is often quicker and easier than starting computers by using Windows Deployment Services or CDs. The destination computer must support booting from UFD (as do most recent models). To create a bootable UFD 2024.On a computer running Windows Vista or Windows Server 2008, insert the UFD. 2025.Run Diskpart.exe, and type the command list disk to determine the disk number associated with the UFD. 2026.Input the following commands, where N is the disk number identified in the previous step: •
select disk N
•
clean
•
create partition primary
•
select partition 1
•
active
•
format fs=fat32
•
assign
•
exit
2027.Burn the ISO file to a CD, and then copy its contents to the UFD by using the command xcopy d:\*.* e:\*.* /s /e /f, where d is the driver letter of the CD and e is the drive letter of the UFD. Alternatively, mount the ISO file using a virtual CD program, and then copy its contents to the UFD by using the same command. 2028.Copy the contents of LiteTouchPE_x86.iso to the UFD device.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Cr ea te a Co mpute r I ma ge Creating an image is essentially an LTI deployment process (containing applications, language packs, and so on), which ends by capturing an image of the destination computer in the lab. The following list outlines the overall process for using Deployment Workbench to create and capture operating system images: 2029.Prepare the distribution share by storing operating system source files, applications, out-of-box device drivers, and packages in it. The section, “Populate the Distribution Share,” in this guide describes this process. 2030.Create and configure a task sequence. A task sequence describes how to install and configure an operating system. The section, “Create Task Sequences,” earlier in this guide describes this process. 2031.Create and configure a LAB deployment point, which contains the settings necessary to connect to the distribution share and install a task sequence from it. 2032.Update the deployment point to create Windows PE images that automatically connect to the LAB deployment point, and then begin installation. 2033.Start the destination computer using the Windows PE image created in the previous step. Then, install a task sequence from the distribution share. During the initial interview, the Windows Deployment Wizard asks whether to create a custom image after LTI deployment is complete. After capturing the custom image, add the image to the distribution share as a custom operating system image. Note Capturing an image for Zero Touch Installation (ZTI) deployment is different than capturing an image for LTI.
Capture an Image for LTI To capture an image of a task sequence, create a LAB deployment point that is configured to capture an image. On the Specify whether to prompt for image capture page of the Deployment Point Wizard, select the Ask if an image should be captured check box.
Prepare the Image for Capture To capture an image, start a lab computer using the Windows PE bootable image generated by updating the deployment point. Start the Windows PE bootable image in either of two ways. First, burn to a DVD the .iso images that MDT 2008 generates when a deployment point is updated. These ISO image files reside in the \Boot folder of the distribution share. Optionally, copy the contents of the image to a UFD, as described in the section, “Update the Deployment Point,” in this guide.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
32
Microsoft Deployment
Second, add the LiteTouchPE_x86.wim or LiteTouchPE_x64.wim image file to the Boot Images item of a Windows Deployment Services server. The .wim image files reside in the \Boot folder of the distribution share. For more information about adding boot images to a server, see the MDT 2008 document Preparing for LTI Tools. Note This section describes how to capture an image for LTI. Capturing an image for ZTI is different than capturing an image for LTI. For more information, see the section, “Capture an Image for Systems Management Server,” in this guide.
To install a task sequence and capture an image of it after starting the lab computer using the Windows PE image 2034.In the Welcome to Windows Deployment dialog box, click Run the Deployment Wizard. 2035.Click Next. 2036.In the User Credentials dialog box, type the credentials (user name, domain, and password) necessary to connect to the distribution share, and then click OK. The Windows Deployment Wizard starts automatically. 2037.On the Select a task sequence to execute on this computer page, choose one of the available task sequences, and then click Next. 2038.On the Configure the computer name page, type a computer name or accept the default, and then click Next. 2039.On the Join the computer to a domain or workgroup page, which starts automatically, click Join a workgroup. In the Workgroup box, type a workgroup name or accept the default. 2040.Click Next. Note If Join a workgroup is not selected, the Windows Deployment Wizard does not prompt to capture an image.
2041.On the Specify the product key needed to install the operating system page, perform one of the following tasks, and then click Next: •
If building a Windows Server 2003 image, type the volume license key in the Product key box.
•
If building a Windows Server 2008 image, select No product key is required.
2042.If building a Windows Vista or Windows Server 2008 image, on the Locale Selection page, perform the following tasks, and then click Next: •
In the What is your Locale list, click a locale.
•
In the Keyboard list, click a keyboard layout.
2043.On the Set the Time Zone page, select a time zone from the list, and then click Next. 2044.On the Select one or more applications to install page, select the applications to install on the image, and then click Next. 2045.On the Administrator Password page, type the password to use for the local Administrator account, confirm it, and then click Next. 2046.On the Specify whether to capture an image page, select Capture an image of this reference computer; then, in the Location box, type the UNC path of the folder in which to store the image. In the File name box, type the file name of the image, and then click Next. The default UNC path is the Captures folder of the distribution share; the name of the default image corresponds to the ID of the task sequence being installed. Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Test Feature Team Guide: Appendix
33
2047.On the Ready to begin page, click Begin. After clicking Begin, the Task Sequencer begins running the task sequence. By default, it begins by partitioning and formatting the hard disk. Then, it installs and configures the operating system, runs Sysprep to prepare the computer for imaging, and restarts the computer in Windows PE to capture the image. MDT 2008 stores the captured image in the folder specified on the Specify whether to capture an image page, which by default is the distribution share’s Captures folder.
Add a Custom Image to the Distribution Share To add a captured image as an operating system, complete the following steps: 2048.In the Deployment Workbench console tree, expand Distribution Share. Right-click Operating Systems, and then click New to start the New OS Wizard. 2049.On the OS Type page, select Custom image file, and then click Next. 2050.On the Image page, type the path and file name of the .wim image file, and then click Next. 2051.On the Setup page, choose one of the options listed in Table 12, and click Next. Table 12. Operating System Setup File Specifications Selection
Description
Setup and Sysprep files are not needed
Click to add the image to the distribution share without copying operating system setup or Sysprep files.
Copy Windows Vista setup files from the specified path
Click to copy the Windows Setup files from a specific path; then, type the path from which to copy the setup files in the Setup source directory box. Adding these files is not necessary if they are already available in another operating system contained in the distribution share. The version of these files must match the version of the operating system image.
Copy Windows XP Sysprep files from the specified path
Click to copy the Windows Server 2003 Sysprep files from a specified path or Deploy.cab file; then, type the path of the folder or Deploy.cab containing the files in the Sysprep directory box. Adding these files is not necessary if the operating system image will not be used to capture a new custom image. The version of these files must match the version of the operating system image.
2052.On the Destination page, type the name of the operating system folder to create in the distribution share, and click Finish. Note Deployment Workbench uses this name to create a folder for the operating system in the distribution share’s Operating Systems folder.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
34
Microsoft Deployment
Capture an Image for Systems Management Server Capturing a disk image for deployment by using Systems Management Server is similar to the process that the section, “Capture an Image for LTI,” in this guide describes, with minor differences. This section describes how to capture an image by using the Systems Management Server 2003 Image Capture Wizard. MDT 2008 requires the SMS 2003 OSD Feature Pack Update in order to be able to support Windows Vista, Windows Server 2008, and 64-bit operating system deployments. This update supports the newly released WIM version 1.0. In addition, this update requires Systems Management Server with SP2. For more information about this update, see SMS 2003 OSD Feature Pack Update at http://technet.microsoft.com/enus/sms/bb676770.aspx. Note Images created using earlier versions of the SMS 2003 OSD Feature Pack were made using WIM version 0.9 and cannot be used with Deployment Workbench in MDT 2008. New images must be created using WIM version 1.0 to use with Deployment Workbench after installing the SMS 2003 OSD Feature Pack Update.
Create an Image Capture CD Rather than using the Windows Deployment Wizard to capture the image, use the Systems Management Server 2003 Image Capture Wizard. To create an image capture CD 2053.From SMS Administrator Console, right-click Image Packages. Point to All Tasks, and then select Create Operating System Image Capture CD. 2054.On the Operating System Image Capture CD Wizard Welcome page, click Next. 2055.On the Windows PE settings page, select the following item, and then click Next: •
Include additional network drivers from this location. Select the check box, and then type the path to any additional network drivers required in the environment.
2056.On the Create CD image page, type the path and file name of the ISO file to create, and then click Next.
Prepare the Image for Capture To prepare an image for the Systems Management Server Image Capture Wizard, start a lab computer using the Windows PE bootable image generated by updating the LAB deployment point. Start the Windows PE bootable images in either of two ways. First, burn the ISO images that MDT 2008 generates when a deployment point is updated to a DVD. These ISO image files reside in the \Boot folder of the distribution share. Optionally, copy the contents of the image to a UFD, as described in the section, “Update the Deployment Point,” in this guide. Second, add the LiteTouchPE_x86.wim or LiteTouchPE_x64.wim image file to the Boot Images item of a Windows Deployment Services server. The .wim image files reside in the \Boot folder of the distribution share.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Test Feature Team Guide: Appendix
35
To install a task sequence and capture an image of it after starting the lab computer using the Windows PE image 2057.In the Welcome to Windows Deployment dialog box, click Run the Deployment Wizard, and then click Next. 2058.In the User Credentials dialog box, type the credentials (user name, domain, and password) necessary to connect to the distribution share, and then click OK. The Windows Deployment Wizard starts automatically. 2059.On the Select a task sequence to execute on this computer page, choose one of the available task sequences, and then click Next. 2060.On the Configure the computer name page, type a computer name or accept the default, and then click Next. 2061.On the Join the computer to a domain or workgroup page, which starts automatically, click Join a workgroup. In the Workgroup box, type a workgroup name or accept the default, and click Next. Note If Join a workgroup is not selected, the Windows Deployment Wizard does not prompt to capture an image.
2062.On the Specify the product key needed to install the operating system page, perform one of the following tasks, and click Next: •
Windows Server 2003 image. Type the volume license key in the Product key box.
•
Windows Server 2008 image. Select No product key is required.
2063.If building a Windows Vista or Windows Server 2008 image, on the Locale Selection page, perform the following tasks, and then click Next: •
In the What is your Locale list, click a locale.
•
In the Keyboard list, click a keyboard layout.
•
On the Set the Time Zone page, select a time zone from the list.
2064.On the Select one or more applications to install page, select the applications to install on the image, and click Next. 2065.On the Administrator Password page, type the password to use for the local Administrator account, confirm it, and click Next. 2066.In the Specify whether to capture an image page, select Prepare to capture the machine, and click Next. This causes the Windows Deployment Wizard to copy Sysprep and its related files to the destination computer without running Sysprep. Note This option can be configured in CustomSettings.ini: Set the property DoCapture to PREPARE. In addition, set SkipCapture to YES. Doing so automatically prepares the installation for image capture while skipping this page.
2067.On the Ready to begin page, click Begin. After clicking Begin, the Task Sequencer begins running the task sequence. By default, it begins by partitioning and formatting the hard disk. Then, it installs and configures the operating system. The task sequence does not run Sysprep, however, and it does not capture an image file.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
36
Microsoft Deployment
Capture the Image Prior to using the Systems Management Server Image Capture Wizard to prepare and capture an image of the lab computer, make sure the computer is configured to boot from the CD drive. To capture an image of the lab computer using the image capture CD 2068.On the lab computer running the installed build, insert the image capture CD created as described in the section, “Create an Image Capture CD.” 2069.On the Welcome page of the Systems Management Server 2003 Image Capture Wizard, click Next. 2070.On the Image Destination page, type the name of the WIM file in the Image file name box, complete the following, and then click Next: •
In the Network location box, type the UNC path in which to store the image file. For MDT 2008, type \\server\Distribution$\Captures, where server is the name of the server containing the distribution share.
•
In the Account name box, type the name of an account that has Write permission to the network location. Specify the account using the format Domain\User.
•
In the Password box, type the password for the account.
2071.On the Sysprep information page, do the following, and then click Next: •
In the Local Administrator’s Password box, type the password for the local Administrator account.
•
In the Confirm Password box, confirm the password for the local Administrator account.
•
In the Sysprep Parameters box, edit the Sysprep command-line options, if necessary.
2072.In the Image Properties dialog box, provide any comments, version information, and developer information as necessary, and click Next. 2073.Click Finish. The Systems Management Server 2003 Image Capture Wizard runs Sysprep, and then shuts down the computer. 2074.Turn on the computer, and start the computer using the image capture CD. If prompted to press a key to boot from the CD, press any key. The Systems Management Server 2003 Image Capture Wizard captures an image of the lab computer with no interaction.
Solution Accelerators
microsoft.com/technet/SolutionAccelerators
Related Documents
Application Packaging Guide
May 2020 2
Packaging
May 2020 14
Citrix Application Streaming Guide
June 2020 0
Ms Application Guide
October 2019 2
147_text Application Developer's Guide
October 2019 4