Microsoft's newest image deployment technology eases the task of rolling out your OS
|Executive Summary: Windows Deployment Service (WDS) replaces Remote Installation Services (RIS) and is much more streamlined and easier to use. With help from this guide, you can get WDS up and running on Windows Server 2008 in less than an hour and start rolling out operating systems over the network.|
Windows Deployment Services (WDS) is Microsoft’s newest image deployment product, designed to deploy Windows Vista and Windows Server 2008. (WDS also supports Windows XP and Windows Server 2003, but you’ll need to do a fair amount of tweaking.) You could call WDS the new Remote Installation Service (RIS). But wait—even if you took a look at RIS and went directly back to other imaging technologies, take a good look at WDS—it’s worth it. WDS is more streamlined and easier to use than RIS ever dreamed of being. This article is a step-by-step guide for you to get WDS up and running in your environment in less than an hour.
Installing and Configuring WDS
First let’s look at how WDS works. Clients receive IP information from a DHCP server during the boot sequence. Next, the WDS client finds the WDS server via broadcasting or DHCP, then connects to the WDS server and boots a special boot image called a Windows Preinstallation Environment (WinPE). Finally an OS image stored on the WDS server is installed on the client.
The WDS role ships with Server 2008 and requires three additional roles: DNS to find domain controllers (DCs); Active Directory (AD), either 2003 or 2008, for authentication; and DHCP for IP address information and options such as the IP address of the WDS server. The server on which you install WDS must be an AD member. All four roles (AD, DNS, DHCP, and WDS) can be installed on the same server, or you can separate the roles.
To install WDS on Server 2008, open Server Manager, highlight Roles, then click Add Roles (top right corner). The Add Roles Wizard launches and displays the Before You Begin page. Click Next. From the list of roles displayed, scroll down and select Windows Deployment Services. Click Next three times, accepting the defaults on each page (Overview of WDS, Select Role Services, Confirm Installation Selections). Click the Install button. When the installation is complete, click Close and you’re ready to configure your new WDS server—no reboot needed.
Configure WDS by opening the WDS snap-in found under Start, Administrative Tools, Windows Deployment Services, or in Server Manager. (Although you might need to close and reopen Server Manager to see the new snap-in.) Expand Servers; there should be a yellow yield sign next to your server’s name. Right-click your server name and choose Configure Server. The Welcome Page lists WDS’s requirements; click Next. On the Remote Installation Folder Location page, choose the drive on which you want to store your images and click Next. The drive you store the images on should be dedicated to image storage because of the amount of space that will be needed. The next page to be displayed is determined by whether DHCP is installed on the WDS server or not. If (and only if) DHCP is installed on the same server as WDS, you’ll get the DHCP Option 60 page. To learn more about DHCP Option 60 and the relationship between DHCP and WDS, see the webexclusive sidebar “Configuring DHCP and WDS,” at InstantDoc ID 100875.
The next page, PXE Server Initial Setting, lets you set whether you want the WDS server to respond to Preboot Execution Environment (PXE) client requests, and if so, how. You’ll see four options:
1. Do not respond to any client computer. This turns off WDS responses.
2. Respond only to known client computers. WDS will respond to clients that have been pre-staged in AD. Pre-staging is done in Active Directory Users and Computers just as it was done in RIS.
3. Respond to all (known and unknown) client computers. By itself, this option would cause WDS to respond to all PXE requests; if you select this option and also select option 4, your setup is a bit more secure.
4. For unknown clients, notify administrator and respond after approval. This option allows pre-staged machines to receive a response from the WDS server, but unknown clients would remain on the PXE boot screen until an administrator has approved the request within the WDS snap-in. To approve a request from an unknown client, you would open the WDS snap-in, expand Servers, and highlight Pending Devices. In the results pane, you’ll see a pending request. Right-click the pending request and choose either Approve, Reject, or Approve and Name. The first two choices are straightforward; the third option approves the request and names the computer object that will be created in Active Directory Users and Computers.
Select the appropriate option, and click Finish. On the Configuration Complete page, clear the Add images to the Windows Deployment Server now check box (because you have no image to add yet) and click Finish.
Adding an Image
There are two types of Windows Imaging Format (.wim) images you can add to WDS servers: boot and OS images. First I’ll show you how to add a boot image. After we create an OS image, I’ll explain how to add that image to the WDS server.
Before you can add a boot image, you need to create one using the Windows Automated Installation Kit (WAIK) 1.1. The WAIK is a free download from Microsoft that you install on the WDS server. After installation, click Start, All Programs, Microsoft Windows AIK, Windows PE Tools Command Prompt. (If you try to run this command in a normal command prompt, you’ll get the error message Imagex is not recognized as an internal or external command, operable program or batch file.) If you’re installing a 32-bit OS, you’ll need a 32-bit boot image; for a 64-bit OS, a 64-bit boot image. To create a 32-bit boot image from the PE Tools Command Prompt, type:
copype x86 c:\winpe_32
To create a 64-bit boot image, type
copype x64 c:\winpe_64
Continue to page 2
You can find help for creating a custom boot image or WinPE in Mark Minasi’s Windows Tech Support newsletter (www.minasi.com), issue 59, and in the Microsoft article “Creating Images” (technet.microsoft.com/en-us/library/cc730907.aspx#BKMK_2).
To add the new boot image to your WDS server, open the WDS snap-in and expand the Servers node, then expand your server. Right-click Boot Images and choose Add Boot Image. On the Image File page, browse to C:\winpe, select winpe.wim, and click Next. On the Image Metadata page, give the image a name and description, then click Next. For this example, I named mine “Create Image.” You can review your settings on the Summary page. If they are OK, click Next. When the task progress bar shows Operation Complete, click Finish. Your new boot image should be listed in the results pane. Next, you need to add a second boot image, which you’ll find on the Vista (or Server 2008) DVD in the Sources folder. Follow the above steps to add the boot image, but this time browse to the Vista DVD \Sources folder, select boot .wim, and name it “Deploy Image.” You’re not ready to boot the image yet, but you’ll need it for the next section.
Creating a New OS Image Using WDSCapture
To create your OS image, you’ll need a baremetal machine. Install an OS (Vista, Server 2008, XP, or Windows Server 2003 are supported, but this article is specific to Vista and Server 2008), and configure it as you wish. Now, you’re ready to use Sysprep to prepare the machine, which removes all the uniquely identifying information, such as computer name and IP information. To run Sysprep, click Start and choose Run. In the Run box, type sysprep. Double-click sysprep.exe when it appears in the results pane. In the Sysprep dialog box, select the Generalize check box and choose Shutdown in the Shutdown Options drop-down menu, as Figure 1 shows. Click OK. When Sysprep completes, the computer will shut down.
Next you’ll need to perform a network boot (aka PXE boot) on the Sysprepped machine. Restart the computer and get ready to perform a network boot—this happens really fast. Some machines make you press F12, some F2, and others have a special key you press for a network boot. If you don’t get the option to perform a network boot, you might need to change the system BIOS to include the option to do a network boot (Editing a system’s BIOS is different for each type of computer so you might need to do some research for the type of computer you’re working on.) The screen will remain black while the machine is getting an IP address from a DHCP server. You’ll then be prompted to “Press F12 for Network Service Boot.”
Select Create Image from the boot image choices that you added to the WDS server. Once the Create Image has booted, you will see a screen similar to the one Figure 2 shows. At the X:\windows\system32> command prompt, type
The Welcome to the Windows Deployment Services Image Capture Wizard screen will appear. Click Next. On the Image Capture Source page, choose the volume to capture from the drop-down list of available volumes. If the C: volume does not appear, then Sysprep wasn’t performed correctly. This is a common mistake; it’s easy to forget to put a check mark in Sysprep’s Generalize box. If no drive letters are displayed in the drop-down box, you’ll need to boot the machine, answer the questions asked by Sysprep’s mini-setup wizard, and run Sysprep again. After choosing the volume to capture, give the new image a name and description as Figure 3 shows. Click Next.
On the Image Capture Destination page, shown in Figure 4 browse for the folder in which to store the image (must be on a local drive). Enter the name of the image to be created and click Save. You have no choice here—you must save the image locally. Select Upload image to WDS server. Type the IP address of the WDS server. (You can use the name of the WDS server, but name resolution issues can cause the connection to the server to fail. The IP address is more reliable.)
You’ll be prompted to enter credentials to authenticate to the WDS server. Type the username and password and click OK. When the authentication completes, you’ll see a list of image groups in the Image Group name drop-down menu. Select the image group in which you want to store your new image, as Figure 5 shows, and click Finish. The image will appear in the results pane in the WDS snapin under Install Images and the Image group you choose.
Image groups reduce the amount of storage space needed for your images. Think of it like this: You add the first Server 2008 Enterprise OS image to an image group named Ent08. When you add the second Server 2008 Enterprise OS image (with different applications from the first) to the Ent08 image group, single instancing wakes up and checks each file before storing it. If a file already exists in the image group, the file itself is not stored again, but a pointer to the one and only file is created.
Images can be rather large—often too large to fit inside a single data packet to cross the network wire. Therefore, the image is sent across the network in many data packets. Multicast transmissions are new with Server 2008. Earlier versions had unicast transmissions only. What’s the difference? Let’s look.
Let’s say two clients are requesting the same image from a WDS server. The image is broken down at the packet level and sent across the network. The server sends packet 1 of the image to client 1, then sends the same packet to client 2, and so on until the entire image is deployed.
Continue to page 3
Imagine the workload that would be placed on the WDS server if there were 100 clients requesting the same image—packet 1 would be sent 100 times. With multicasting, when both clients request the same image, the WDS server sends packet 1 to all clients that are listening for it, then sends packet 2, packet 3, and so on. The workimage load on the WDS server is greatly reduced because each packet is sent only once. But (and here’s the bad news), multicast transmission is similar to broadcast traffic in that each packet is sent to a specific multicast IP address, so all machines will need to look at the packet to determine whether it’s addressed to that client.
To create a multicast transmission, in the WDS snap-in, rightclick the Multicast Transmissions node, and choose Create Multicast Transmissions. On the Transmissions Name page, type a friendly name and click Next. On the Select Image page, choose your image group from the Select the image group that contains the image drop-down list provided. Then, choose your image from the Select the image list and click Next.
The Multicast Type page, which Figure 6 shows, lets you turn on multicast for a specific image by selecting Auto-Cast. Auto-Cast uses new multicast technology that lets a client join the multicast transmission in midstream. For example, if 20 clients have already received packet 1624 and a new client joins, the new client would receive packet 1624 first and all subsequent packets until the image has been sent entirely. Then the client would ask the WDS server to start over again with packet 1.
The Scheduled-Cast option lets you schedule a transmission for when multicasting will be available. Scheduled-Cast requires that all clients be ready at the same time because the WDS server won’t restart from packet 1 after it finishes sending the image. You have two scheduling options: Schedule when x number of clients have requested an image (where x is specified by you), or schedule the date and time when multicast will start. After choosing the start criteria for the transmission, click Next. You have successfully created a multicast transmission when you see the Task Complete! message. Click Finish.
One important note about multicast transmissions: They are available only if the WinPE you boot the clients with is the boot .wim file from the Server 2008 DVD/Sources folder. The version that ships with Vista doesn’t provide multicast functionality.
Deploying the Image
To deploy an image, perform a network boot on the client. (F12 will perform a network boot.) Choose the boot image named Deploy Image (this is the boot.wim image you added from either the Vista or Server 2008 DVD/Sources folder). The Windows Deployment Services Wizard launchs automatically. Select the language and input method (e.g., keyboard), and click Next. In the authentication dialog box, enter your DomainName\Username. For example, to authenticate as Administrator in the Bigfirm domain, type
You can also use a user principal name (UPN) by typing Administrator@Bigfirm .com. Provide a password and click OK. From the list of OS images displayed, select the image to deploy and click Next. The Where do you want to install Windows page lets you create and format a partition. Choose Drive options, New, and type the size (in MB) of your first partition. Click Apply. Then select Format, click OK, and click Next. The Installing Windows screen opens and displays the phases of the installation and which one is currently being processed.
Once the installation is complete, Sysprep’s mini-setup wizard will prompt you for information such as administrative username and password, computer name, time zone, and a few other things. When you complete this last wizard, your image deployment is complete. You can automate the beginning and ending of your image deployment process so that you don’t have to choose the size of the first partition and file system used to format it or answer Sysprep’s mini setup wizard questions at the end by creating answer files. You can find instructions and a list of settings and values in the “Unattended Windows Setup Reference” Help file that ships as part of WAIK.
Just Try It
I hope that armed with this guidance, you’ll be able to install, configure, and tweak WDS to fit your environment. Don’t let the reputation of its predecessor deter you from taking a serious look at WDS. I think you’ll be pleasantly surprised. And one thing is for sure—the price is right!