All the steps you need for a no muss, no fuss deployment of the new OS
Your testing for Windows 7 is probably complete by now. You know which applications and drivers will run properly and which won’t. But more importantly, you've found out that some of your existing hardware won't run Windows 7. In this article, I'll walk you through deploying Windows 7, complete with applications, drivers, and packages, to a new; bare-metal machine. Not only will I show you how, but I'll also explain all your options so you can deploy everything in a way that best suits your environment. And don’t forget that imaging solutions aren't built for one-time use just on new machines—always keep re-imaging in mind as well.
This article assumes you've installed MDT 2010 and its prerequisites and created a deployment share as described in "XP to Windows 7 Migration with Microsoft Deployment Toolkit 2010." All steps in this article are performed in MDT's Deployment Workbench (DW) snap-in. After MDT is installed, you launch the DW by selecting Start, All Programs, Microsoft Deployment Toolkit, Deployment Workbench.
Step 1: Import an OS into MDT 2010
You need to import an OS into MDT's DW before deploying it to your target machines. The supported OSs to deploy are Windows Server 2008 R2, Windows Server 2008 (all service packs), Windows Server 2003 R2, Windows 7, Windows Vista SP1, and Windows XP SP3. The steps for importing an OS are the same regardless of the OS. In the DW, expand the Deployment Shares node, then expand the node for your deployment share; if you're using the deployment share you created by following the steps from the previously mentioned "XP to Windows 7" article, your deployment share should be called MDT Deployment Share (F:\DeploymentShare). If for some reason you've closed the deployment share and need to re-open it, right-click the Deployment Shares node, select Open Deployment Share, then navigate to your deployment share.
To import an OS, right-click the Operating Systems node and select Import Operating System, which launches the Import Operating System Wizard. Follow these steps in the wizard:
- The OS Type page offers three choices, as Figure 1 shows. The Full set of source files option requires an OS CD, DVD, or equivalent (e.g., a copy of a CD of DVD in a local folder). The Custom image file option lets you import a .wim image you've created. If you're importing a custom image, you need to specify where the OS's setup files reside. The Windows Deployment Services images option lets you import all OS images from a Windows Deployment Services (WDS) server. To specify a WDS server, both NetBIOS and Fully Qualified Domain Names (FQDNs) are acceptable. You can't select specific images; it's all or nothing. For this example, select Full set of source files, then click Next.
- On the Source page, click the Browse button and navigate to a Windows 7 DVD or equivalent.
- The Destination page prompts you to enter the name for the folder in which you'd like to store this OS. The folder will be created in your deployment share's Operating Systems folder. For example, mine is at F:\DeploymentShare\Operating Systems. Then click Next.
- The Summary page displays your settings. Review your choices; to make any changes, click the Previous button until you're back on the page you need to change. If all your settings are correct, click Next.
- The Progress page appears and displays each step required to import an OS. When the import is complete, the Progress page disappears and the Confirmation page appears. Click Finish.
Importing OSs can take a while, depending on the size of the OS and speed of your server. The OS is displayed in the DW under the Operating Systems node when the import is complete.
Step 2: Create Folders to Organize the DW
MDT 2010 is the first version of MDT that lets you organize components in the DW. Why is this so cool, you might ask? When you added components to past versions of MDT, they were all dumped into one container—well, one container for all applications, another for packages, and a third for out-of-box drivers. It was difficult to tell which drivers belonged to Dell, which belonged to HP, and so forth. Now, it's a snap. To create a folder, follow these steps:
- Right-click the node in which you'd like to create the new folder and select New Folder.
- On the General Settings page, give the new folder a name and description, then click Next.
- On the Summary page, review your settings, make any changes if necessary, then click Next.
- When the Confirmation page appears, click Finish.
You can cut and paste from one folder to another by right-clicking the components you want to move and selecting Cut. Then navigate to the folder you want to move the components into, right-click in the target folder, and select Paste. You might have to press F5 to refresh your screen to see that the components were deleted from their original location. If you want the component in more than one folder, you can use Copy and Paste.
Step 3: Add MDT Components
You need to import your applications, drivers, and packages that you want included with the OS installation into the DW. To import an application, right-click the node in the DW where you want to import the application and select New Application. Then, in the New Application Wizard, follow these steps:
- The Application Type page gives you three choices. The Application with source files option let's you deploy an application via its source files. The Application without source files or elsewhere on the network option lets you specify a command to run on the target machine or you can enter a Universal Naming Convention (UNC) path where the application resides (e.g., \\<ServerName>\<SharedFolderName>). The Application bundle option lets you define a list of applications to be installed and the order in which they should be installed. Choose Application with source files, then click Next.
- On the Details page, fill in the fields for Publisher, Application Name (this is the name that appears in the DW; you can name it whatever you like), Version, and Language of the application, then click Next.
- On the Source page, click the Browse button and navigate to the folder where you've stored your application source files, then click Next.
- The Destination page lets you enter the name of a new folder to store the application—this folder should not already exist. Click Next.
- The Command Details page requires the command line that performs a quiet installation of the application which Figure 2 shows.
Cmd /c wrdviewer.exe
To run that same command silently, you'll need to add a switch such as /q, /qn, /quiet, or /verysilent. But which one? That's the point—every application has its own unique switches. The best website for help with installing applications is Bob Kelly's AppDeploy.com—it really rocks!
For .msi applications (or an .exe that contains an embedded .msi application), you'll want a command line that resembles this:
msiexec /i XmlNotepad.msi
To run the same command silently and suppress the application from rebooting, you would use
msiexec /i XmlNotepad.msi /qn /norestart
Applications should never be allowed to restart the target machine because MDT will lose control of the deployment and the installation will fail. Switches are application-dependant with .exe applications, and .msi applications are no different.
The working directory is how the target machine finds the source files needed to install the application. The path is .\Applications\XMLNotepad. The dot (.) represents the root of the deployment share. If you accepted the default settings when creating your deployment share, the root would be \\<ServerName>\DeploymentShare$. Within the root, you'll find the Applications folder and then the folder you created earlier to store your application. Click Next.
- On the Summary page, review your choices, make any changes if necessary, then click Next.
- When the Confirmation page appears, click Finish.
Next it's time to import out-of-box drivers. Driver management is much easier with the new hierarchical folder structures you can create in MDT 2010. If you've already imported drivers, you can cut or copy and paste them into any folder. Before importing your drivers, create a folder for each type. For example, I've copied my Dell drivers into C:\Dell Drivers along with their accompanying files (.inf, .sys, and catalog files). If you want to organize your drivers by manufacturer and model, you'll need to create a folder for each manufacturer and model. Then in the DW, create a similar folder structure, although the names of the folders don't have to match.
To import drivers, right-click the folder you'd like to import the drivers into and select Import Driver. Follow these steps in the Import Driver Wizard:
- On the Specify Directory page, click Browse and navigate to the folder where you stored your drivers, then click Next.
- The Summary page is displayed. Click Next, and when the Confirmation page appears, click Finish.
Finally, you need to import OS packages. The term package includes OS patches and language packs. First, you'll need to download your packages from Microsoft and store them locally (e.g., C:\Packages). In the DW, right-click the Packages node (or a folder you've created beneath the Packages node), and choose Import OS Packages. In the Import Packages Wizard, perform these steps:
- On the Specify Directory page, click Browse and navigate to the folder where you've stored the downloaded packages (.cab or .msu files), then click Next.
- The Summary page is displayed. Click Next, and when the Confirmation page appears, click Finish.
Step 4: Create an MDT Task Sequence
A task sequence is a list of tasks that are performed during the deployment process along with the order the tasks will be performed. The task sequence determines which OS is deployed along with any applications, drivers, and packages to include. You create a new task sequence within the DW by right-clicking the Task Sequences node (or any subfolder you've created within the Task Sequences node) and selecting New Task Sequence. Follow these steps in the New Task Sequence Wizard:
- On the General Settings page, supply a Task sequence ID and Task sequence name. For example, my Task sequence ID is W7BM (for Windows 7 bare metal) and my Task sequence name is Windows 7 Bare Metal Installation. In the Comments field, enter information so you can remember—in six months—why you created the task sequence and what the end result should be, such as what applications, drivers, and packages should have deployed successfully. Then click Next.
- From the Select Template page, choose Standard Client Task Sequence from the drop-down list, then click Next. Table 1 gives an explanation of all the built-in task sequence templates.
- Select the OS (Windows 7) that this task sequence will deploy on the Select OS page, then click Next.
- On the Specify Product Key page, enter a product key if needed; you can choose to not specify a product key at this time but then you'll be prompted during deployment to input it unless you're a volume license customer or you automate this step. (I covered automating your deployment in "Create Windows 7 Media for Deployment.") Click Next.
- On the OS Settings page, fill in the Full Name, Organization, and Internet Explorer (IE) Home Page fields, then click Next.
- On the Admin Password page, fill in the field for Administrator Password; what you enter becomes the local administrator password on your target machine. If you created a deployment share using the default selections (which I highly recommend), the Allow Admin Password page was set to not prompt for a local administrator password during the deployment process. If you don't specify an administrator password at this time, the new Windows 7 local administrator password will be blank when the deployment is complete. Input a password and confirm it, then click Next.
The Summary page lets you review your choices. If everything looks good, click Next. When the Confirmation page appears, click Finish.
Step 5: Customize Your WinPEs and Update the Deployment Share
Updating your deployment share is when the gears of the MDT start to turn. When you update your deployment share, MDT creates two custom Windows Preinstallation Environments (WinPEs), among other things. But before you update the deployment share, which can take a while, let's look at the settings and components you can tweak to control how those WinPEs are created and what they contain.
You customize your MDT WinPEs in the DW in the properties of your deployment share. To edit the properties of your deployment share, expand the Deploymfent Shares node, right-click your deployment share, and choose Properties. The deployment share's Properties dialog box has six tabs: General, Rules, Windows PE x86 Settings, Windows PE x86 Components, Windows PE x64 Settings, and Windows PE x64 Components. As Figure 3 shows, the General tab displays fields such as Description, Comments, Network (UNC) path, Local path, and Platforms Supported. All these fields are editable, but there are two I recommend leaving alone: the Network (UNC) path and Local path of your deployment share. Editing either of these fields could break your deployment share. If you want to open a different deployment share, do so by right-clicking the Deployment Shares node in the DW and choosing Open Deployment Share, then navigate to the deployment share you want to open.
By default, the General tab shows that both x86 and x64 platforms are supported. The platform you choose determines which WinPEs are created and which other tabs you'll configure. The settings you can tweak in your WinPEs are on the Windows PE x86 Settings and Windows PE x64 Settings tabs. And the components you can add to your WinPEs are on the Windows PE x86 Components and Windows PE x64 Components tabs. The two Settings tabs are identical as are the two Components tabs. Leaving both platforms selected on the General tab creates 32-bit and 64-bit WinPE .wim and .iso files.
Figure 4 shows the Windows PE x86 Settings tab which lets you name the .iso file MDT creates when the deployment share is updated, choose a custom background (if you don't like the Solution Accelerators image), and set the scratch space size; scratch space is used as temporary storage space in RAM during the deployment.
The Components tabs let you choose which drivers and packages are injected into your WinPEs. MDT components (drivers and packages) can be grouped together by something called selection profiles. The steps for creating a selection profile are covered in "Create Windows 7 Media for Deployment." In the Driver Injection box, choose your selection profile, or you can use the default selection profile, All Drivers and Packages. After choosing a selection profile, you can choose to include all drivers from the selection profile or only specific types of drivers. The four types of drivers are network, mass storage, video, and system-class. The one and only feature pack that can be added—and is selected by default—is ADO support for MDT's database feature. (MDT's database feature is outside the scope of this article; look for future articles that will cover this feature.) You can also add optional fonts to your WinPE—specifically, Chinese, Japanese, and Korean.
The settings on the Rules tab determine the behavior of the deployment wizard, such as which pages are displayed during the deployment process and which aren't, and how the deployment wizard gets information if a given page isn't displayed. Table 2 shows your settings if you accepted the default settings when you created your deployment share. Also on the Rules tab, in the bottom right corner, is the Edit Bootstrap.ini button. Clicking this button shows the root of your deployment server, which is where your target clients will connect to deploy an OS.
After you've selected your platforms and configured the settings and components, you'll need to update the deployment share to create the new MDT WinPEs. In the DW, expand the Deployment Shares node. Right-click your deployment share and select Update Deployment Share to launch the Update Deployment Share Wizard. Follow these steps in the wizard:
- On the Options page, choose Optimize the boot image updating process, then click Next. You could also have chosen Completely regenerate the boot images; the first time you update the deployment share, it doesn't matter which you select—they do the same thing.
- On the Summary page, review your selections and make any necessary changes, then click Next. Click Finish on the Confirmation page to complete the wizard.
After you've updated the deployment share for the first time, there will be new WinPEs created in the \DeploymentShare\Boot folder. These WinPEs won’t show up in the DW; use Windows Explorer to find them. On subsequent updates to your deployment share within the DW, the options in the Update Deployment Share Wizard make a little more sense. Choose Optimize the boot image updating process when you want your existing WinPEs modified. If you have a corrupt WinPE and want to create new ones, choose Completely regenerate the boot images.
Step 6: Deploy the OS to the Client
Now you're ready to deploy your first Windows 7 OS to a target machine. Make sure your target machine has networking functionality and access to the MDT deployment share. Boot the target machine with one of the custom MDT-generated WinPEs (LiteTouchPE_x86.iso or LiteTouchPE_x64.iso), which you'll need to have burned to disk or stored on an external hard disk or USB flash drive. Follow these steps in the Windows Deployment Wizard, which launches automatically:
- The Welcome Windows Deployment page has three options to choose from: Run the Deployment Wizard to install a new Operating System, Run the Windows Recovery Wizard, and Exit to Command Prompt. There's also the Configure with Static IP Address button. Before you dive in and start deploying, let's look at how the target machine receives an IP address. By default, the target machine is a DHCP client, so it should receive an IP address, subnet mask, and any configured options from a DHCP server. If a DHCP server isn't available, you need to assign static IP information by clicking the Configure with Static IP Address button. If you need to confirm the statically configured IP information, press the F8 key to launch a command prompt and use ipconfig to review your settings; don't use Exit to Command Prompt because this option ends the deployment. Run the Windows Recovery Wizard launches a custom WinPE that searches for all files required to boot the target machine after an OS has been deployed; any missing or corrupt files are replaced. Select Run the Deployment Wizard to install a new Operating System to kick off the deployment process when you're deploying an image to a target machine.
- On the User Credentials page, supply a User Name, Password, and Domain for an account that has permissions to your deployment share, then click OK.
- The task sequence we created earlier, Windows 7 Bare Metal Installation, appears on the Select a task sequence to execute on this computer page. If your task sequence isn't listed, ensure you booted the correct platform of WinPE. A 32-bit WinPE displays only 32-bit task sequences, and a 64-bit WinPE shows only 64-bit task sequences. Choose your task sequence, then click Next.
- On the Configure the computer name page, enter a name for the target machine, then click Next.
- The Join the computer to a domain or workgroup page gives you the option to join the target machine to a workgroup or domain. Joining a domain requires domain credentials with permissions to join the new machine to the domain. For this example, I'm choosing to join a workgroup. Click Next.
- The Specify whether to restore user data page lets you restore the user's data and settings—IE favorites, My Documents, and Outlook settings to name a few—from an existing machine if you've already gathered the user's data and settings and stored them on a server. To restore this information, choose Specify a location and enter the UNC path to where you stored it. After Windows 7 is installed, the user's settings and data will be copied to the target machine. I'm selecting Do not restore user data and settings. Click Next.
- On the Language and other preferences page, select your language, time and currency format, and keyboard layout from the drop-down list, then click Next.
- Choose your time zone on the Set the Time Zone page, then click Next.
- If you've added applications to the DW, the next page will be the Select one or more applications to install page. From the list provided, select the applications you want to install. If you haven't added any applications to the DW, this page won't display. Click Next.
- The Specify whether to capture an image page let's you capture an image of the target machine after the deployment successfully completes. The Prepare to capture the machine option copies the files needed to run sysprep on the machine but doesn't run sysprep or capture an image of the target machine. Choose the Do not capture an image of this computer option, then click Next.
- The Specify the BitLocker configuration page lets you enable BitLocker on the target machine and specify where the BitLocker encryption key will be stored. Accept the default, Do not enable BitLocker for this computer, then click Next.
- Finally, the Ready to begin page is displayed. Click Details to review your selections. If you need to make changes, click the blue back arrow in the bottom left corner to return to the appropriate page; if everything looks good, click Begin. You'll see the Installation Progress bar showing the stages of the installation. One note of caution: If the Installation Progress bar appears to freeze, move it aside to reveal any error messages. When errors occur during deployment, the message sometimes gets hidden under the Installation Progress bar. As Figure 5 shows, the Installing Windows page appears under the Installation Progress bar to help you monitor the deployment process.
No Muss, No Fuss
I hope with these steps you'll be able to deploy Windows 7 complete with applications, drivers, and packages—no muss, no fuss, and at no extra cost. (Well, no cost other than a little time.) As always, let me know if I can help with your deployments. If you have questions or comments, you can email Rhonda@DeploymentDr.com.