This article describes the creation of a Windows 7 Enterprise x64 image. You can use the same process and create a Windows 8/8.1 or Windows 10 image with only a few changes
The prerequisities are
- If you are using a WSUS server, make sure it’s up and running
- Create a subfolder with the name Capture in the “upKeeper distribution point\OS” folder
- A Windows operating system installation media. If you don´t have it, download the media from Microsoft
- Download the “upKeeper_Unattended OS installation.zip” folder from link and then unpack it.
- A virtual machine to deploy the operating system o Minimum 4 G RAM o Minimum 1 CPU o Minimum 40 GB hdd o A network card that you don´t have to install any additional drivers to, the operating system must support the network card. The Virtual machine has to run in generation 1 (BIOS/Legacy).
- upKeeperSOS runs in 64 bit architecture! Else you have to use cross platform to deploy 64 bit operating system
Process
To create a new image (Detailed description on the next page) On the computer object (Master) in upKeeper web, change assignment to Reinstall + Scratch. PXE boot the computer and make sure it boots on the correct upKeeperSOS. The automatic image build starts, when everything is complete you have a new master image in the “upKeeper distribution point OS\capture folder”
Steps to do
It’s recommended to do this in a new organization.
- Copy the files from the folder Image commands to the distribution point, see section Commands
- Copy the OS installation media to the distribution point, see section OS media
- If you are using WSUS, activate WSUS integration in upKeeper, see section WSUS
- Copy the folder ImageBuild to your upKeeper applicataion area and create a new application in upKeeper web, see section Image Build Application
- Create a new platform and add settings, see section create new platform
- Create a new computer object in upKeeper, see section upk-Master
The client machine start on upKeeperSOS and will deploy the operating system unattended.
At first loggon, upKeeper client will be installed, after that WSUS patches are installed.
If you want to add any applications to your master image before you capture it, do it before the application "image build" are installed.
Client machine reboots and starts on upkeeperSOS and the operating system capture begin
Commands
Extract the Image Commands folder
- Copy dotNetFx40_full_x86_x64.exe to the upKeeper distribution point \Commands\Postinst\Client folder
- Copy NDP451-KB2858728-x86-x64-AllOS-ENU.exe to the upKeeper distribution point \Commands\Postinst\Client folder
- Copy windows_build.cmd to the upKeeper distribution point \Commands\Postinst folder
- Edit the file windows_build.cmd and modify ENDPOINTINT, ENDPOINTEXT and upkeeper.client version highlighted in yellow below o Endpoints should be the replaced with the endpoints you have in your environment o upKeeper.Client.Version should be replaced with the name of the upKeeper client located in the upKeeper distribution point \Commands\Postinst\Client folder
OS media
Extract the ISO (containing the Windows OS you intend to use) to your upKeeper distribution point, ex “upKeeper distribution point\OS\w7_x64_Ent_unattend”
WSUS
If you don’t have any WSUS server you can skip this step. When you install the Windows OS (before you capture the image) the installation will not join the computer to the domain, therefore you have to create a regfile with the WSUS settings. That regfile will be deployed when you install computers with your captured image
- Create a regfile with WSUS settings
- The file must be named WSUS.reg
- Copy the regfile to the upKeeper distribution point\commands\postinst folder
- Open the Configuration tab in upkeeper web and make sure that WSUS is activate in upKeeper
WSUS.reg file example
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"TargetGroupEnabled"=dword:00000001 "TargetGroup"="Client Computers" "WUServer"=http://WSUSserver01 "WUStatusServer"="http://WSUSserver01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"AutoInstallMinorUpdates"=dword:00000001 "DetectionFrequencyEnabled"=dword:00000001 "DetectionFrequency"=dword:00000008 "NoAutoUpdate"=dword:00000000 "AUOptions"=dword:00000004 "ScheduledInstallDay"=dword:00000000 "ScheduledInstallTime"=dword:00000004 "RebootWarningTimeoutEnabled"=dword:00000001 "RebootWarningTimeout"=dword:00000005 "NoAutoRebootWithLoggedOnUsers"=dword:00000000 "RebootRelaunchTimeoutEnabled"=dword:00000001 "RebootRelaunchTimeout"=dword:0000000a "RescheduleWaitTimeEnabled"=dword:00000001 "RescheduleWaitTime"=dword:00000005 "IncludeRecommendedUpdates"=dword:00000001 "UseWUServer"=dword:00000001
Extract the ImageBuild folder and move the files to a folder in your upKeeper application area
Edit the install.cmd file and modify the net use command, highlighted in yellow below
\\Server\upKeeper should be replaced with your upkeeper share
/USER should be replaced with the user account that you use when you install computers from upKeeper
Password should be replaced with the user account password
Create an application in upKeeper web, set the path to the folder containing the ImageBuild files you copied earlier, the application can only be installed When a user is logged on and with User Interaction, sett Priority to 900
Create new platform:
- Create a new Unattended platform in upKeeper web
- Set the path to the folder containing your extracted Windows OS
- Copy and edit the settings (from the section Settings below) and paste them to the Unattended platform settings tab.
Settings
- Copy the platform settings below or download settings.xml.txt
- Paste them to your unattended platform settings tab in upKeeper web
- Change part marked with blue text to match your environment
When you install this platform/OS for the first time, remember to debug the OS installation.
The settings below are general settings, if your unattended installation fails, check the settings again and edit the rest of the settings to match your environment
----------Copy settings below this line----------
<?xml version="1.0" encoding="utf-8"?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> <settings pass="windowsPE"> <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SetupUILanguage> <UILanguage>en-US</UILanguage> </SetupUILanguage> <InputLocale>en-US</InputLocale> <SystemLocale>en-US</SystemLocale> <UILanguage>en-US</UILanguage> <UserLocale>en-US</UserLocale> </component> <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <UseConfigurationSet>false</UseConfigurationSet> <ImageInstall> <OSImage> <InstallToAvailablePartition>false</InstallToAvailablePartition> <WillShowUI>OnError</WillShowUI> <InstallTo> <DiskID>0</DiskID> <PartitionID>2</PartitionID> </InstallTo> <InstallFrom> <Path>z:\os\W7\x64\ENT\unattend\sources\install.wim</Path> <MetaData wcm:action="add"> <Key>/IMAGE/NAME</Key> <VALUE>Windows 7 Enterprise</VALUE> </MetaData> </InstallFrom> </OSImage> </ImageInstall> <LogPath>s:\</LogPath> <Restart>Restart</Restart> <ComplianceCheck> <DisplayReport>OnError</DisplayReport> </ComplianceCheck> <UserData> <AcceptEula>true</AcceptEula> <FullName>User</FullName> <Organization>Organization</Organization> </UserData> </component> </settings> <settings pass="specialize">
<component name="Security-Malware-Windows-Defender" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DisableAntiSpyware>true</DisableAntiSpyware> </component> <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Identification> <JoinWorkgroup>upkeeper</JoinWorkgroup> </Identification> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <RegisteredOrganization>Company</RegisteredOrganization> <RegisteredOwner>Company AB</RegisteredOwner> <computername>[COMPUTERNAME]</computername> </component> </settings> <settings pass="oobeSystem"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <AutoLogon> <Enabled>true</Enabled> <Username>Administrator</Username> <Password> <Value>Password</Value> <PlainText>true</PlainText> </Password> </AutoLogon> <Display> <HorizontalResolution>1024</HorizontalResolution> <VerticalResolution>768</VerticalResolution> <ColorDepth>32</ColorDepth> <RefreshRate>60</RefreshRate> </Display> <FirstLogonCommands> <SynchronousCommand wcm:action="add" wcm:keyValue="100"> <Order>100</Order> <CommandLine>C:\Commands\Postinst\windows_BUILD.cmd</CommandLine> </SynchronousCommand> </FirstLogonCommands> <OOBE> <HideEULAPage>true</HideEULAPage> <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>3</ProtectYourPC> <SkipUserOOBE>true</SkipUserOOBE> <SkipMachineOOBE>true</SkipMachineOOBE> </OOBE> <UserAccounts> <AdministratorPassword> <Value>Password</Value> <PlainText>true</PlainText> </AdministratorPassword> </UserAccounts> <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> <TimeZone>W. Europe Standard Time</TimeZone> </component> <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <InputLocale>sv-SE</InputLocale> <SystemLocale>sv-SE</SystemLocale> <UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback> <UserLocale>sv-SE</UserLocale> </component> </settings> </unattend>
----------Copy settings above this line----------
Install upk-Master
- Create a new computer object in upKeeper web
- Add the unattended platform you created earlier
- Don´t add any hardware profile
- PXE boot and install the computer (It’s recommended to use a virtual machine to build your image)
When the computer is installed
- Make the changes you want the image to contain
- Install any applications you want the image to contain
- Make sure you have updated the image with Microsoft patches
- Reboot the computer (you don’t want to have a pending reboot in your resealed image)
Add the ImageBuild application to the master computer. The image capture will start when the application is installed on the computer and the computer reboots (this is done automatically)
Known Issue
For Windows 10 there are problem that sysprep crash if a Store application has been updated or removed, https://support.microsoft.com/en-us/help/2769827/sysprep-fails-after-you-remove-or-update-windows-store-apps-that-inclu
Solution for that is the disable Store update in windows_build.cmd and activate Store update in imageBuild application. To disable Store update
For Windows_build.cmd
REG ADD HKLM\SOFTWARE\Microsoft\WindowsStore /v RemoveWindowsStore /t REG_DWORD /d 0x00000001 /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate /v AutoDownload /t REG_DWORD /d 2 /f
REG ADD HKLM\Policies\Microsoft\Windows\CloudContent /v DisableWindowsConsumerFeatures /t REG_DWORD /d 1 /f
For install.cmd in ImageBuild package
REG DEL HKLM\SOFTWARE\Microsoft\WindowsStore /v RemoveWindowsStore /f
REG add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate /v AutoDownload /t REG_DWORD /d 4 /f
To activate that new feature store application to automatic installed, add the reg del command below to install.cmd in ImageBuild package.
REG DEL HKLM\Policies\Microsoft\Windows\CloudContent /v DisableWindowsConsumerFeatures /f
Comments
0 comments
Please sign in to leave a comment.