Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: Populating the MDT Deployment Share

I wanted to start off this series with populating our MDT Deployment Share with the various bits and pieces we need before building our Task Sequence. Having said that, I assume you already have Microsoft Deployment Toolkit (MDT) installed and know your way around the Deployment Workbench.

I’ve had to break norm and chose not to provide step-by-step instructions with screenshots here due to the length of this post. Also I won’t be going into how to organise the Deployment Workbench to house your scripts, applications and packages, etc. Needless to say, you should organise it in such way to make life easier for yourself and those around you for the long run.

Fire up the Deployment Workbench and let’s get started.

1) Create a Deployment Share

The very first thing you have to do is set up your deployment share. This is essentially a shared folder which will house all your scripts, packages, images, etc.

Right-click on the Deployment Share node in the Deployment Workbench and select “New Deployment Share”. In the wizard, choose or create a folder on your local disk to use as your deployment share. Give your deployment share a name (best not to remove the $ at the end) and finish the wizard with the default values.

Now, browse to the deployment share folder on your local disk and give yourself full security and share permissions, along with any domain user/groups if required.

2) Import Windows 10 1703 into MDT

First things first, use something like 7-zip to extract the contents of the ISO into a folder of your choice. Right-click on Operating Systems in the MDT Deployment Workbench and then import this into MDT, choose full set of source files, point to the extracted ISO folder and give your Windows image a name.

3) Add cumulative updates to install

The latest cumulative update for Windows 10 1703 is KB4016251 at the time of writing. Download the cumulative update from the Microsoft Update Catalog.

Update: Download Cumulative Update KB401620 (April 25 2017) instead as it fixes an issue with loss in network connectivity in virtual machines while provisioning IP addresses (this was causing an intermittent issue with Step 6 in this post).

Save it to a folder.

Create a folder called “CUs for Windows 10 1703” under the Packages node to house your CUs. Right-click on that folder, select Import OS Packages and browse to the folder you saved the CU.

Click Next twice and wait for the import to be finished.

4) Add Language Packs

Obtain the language packs from whichever source is convenient for you – WSUS, SCCM SUP, Microsoft, etc. Bear in mind that each Windows 10 build has its own language pack so make sure you have the correct language pack for your Windows 10 version (1703 in this case).

I’m going to install the UK English language packs in my image.

Copy the language packs into its own folder.

Create a folder under the Packages node and call it something like “EN-GB Language Packs for Windows 10 1703”.

Right-click on that folder, select Import OS Packages and browse to the folder you saved the CU.

Complete the wizard and wait for the import to be finished.

5) Create a Selection Profiles

Expand the Advanced Configuration node and right-click on Selection Profiles and select New Selection profile

Give it a name, click Next

Expand the Packages node, and check the two folders you created in step 2 and 3 which contains your language pack and cumulative update.

6) Add Script to Disable Internet Connectivity

As I explained in the post introducing this series, we need to disable Internet connectivity on our reference machine to prevent Windows Store apps from being updated, which ends up breaking Sysprep. In my lab all I have to do is set a static IP and DNS address using PowerShell without setting default gateway. The PowerShell is only two lines:

New-NetIPAddress –InterfaceAlias "Ethernet" –IPAddress 192.168.0.x -PrefixLength 24
Set-DNSClientServerAddress –InterfaceAlias "Ethernet" –ServerAddresses ("192.168.0.x")

Be sure to change it to suit your own environment. Save it as Set-StaticIP.ps1 in its own folder and add to MDT as an Application as follows:

Choose Application with source files

Application Name: Action – Disable Internet Access

For source directory browse to the folder where you saved the PowerShell script

Leave the destination directory to be created the same as the name of the application

Choose to “Move” the folder instead of copying

Command line:

PowerShell.exe -ExecutionPolicy Bypass -File "Set-StaticIP.ps1"

7) Add Office 2016

I add the MSI version of Office 2016 Professional Plus 32-bit to my image. Before you can add this to MDT you will need to customize the installation. There’s an excellent guide over at AdminArsenal.com to accomplish just that. Start with extracting the ISO into a folder and then follow the instructions up until Step 11 (before the PDQ Deploy bit).

Once you’ve done the above you can add it to MDT. You’ll need the .MSP file that is created as part of the instructions, which should be saved in the root of the folder.

Choose Application with source files

Application Name: Install – Microsoft Office 2016 MSI 32-bit

For source directory browse to the folder where you extracted the ISO and saved the .MSP file

Leave the destination directory to be created the same as the name of the application

Choose to “Move” the folder instead of copying

Command line:

setup.exe /adminfile MSPFILENAME.MSP

8) Add .Net Framework 4.6.2

Download the offline installer from Microsoft and save it in a folder of its own. Rename it to dotnet462.exe

Add this to the Deployment Workbench with the following settings:

Choose Application with source files

Application Name: Install – Microsoft .Net Framework 4.6.2

For source directory browse to the folder where you saved the offline installer

Leave the destination directory to be created the same as the name of the application

Choose to “Move” the folder instead of copying

Command line:

dotnet462.exe /passive /norestart

(We’ll cover installing .Net Framework 3.5 when building the task sequence in the next post)

9) Add the Visual C++ Redistributable Packages

Download the Visual C++ runtimes from here and extract the zip contents.

We’re going to create a package for each runtime folder in this zip. Create the first application in MDT with the following settings:

Choose Application with source files

Application Name: Install – Visual C++ 2005 SP1 – x86 x64

For source directory browse to the directory where you extracted the zip file above and choose the first folder (VisualC++2005SP1)

Leave the destination directory to be created the same as the name of the application

Choose to “Move” the folder instead of copying

Command line:

cmd.exe /C InstallVC.cmd

Repeat the above steps for each of the other runtimes.

10) Add registry script to set Explorer to “This PC” for all users

We use a simple .reg file to accomplish this. Save the following as LaunchExplorerToThisPC.reg

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"LaunchTo"=dword:00000001

Add it to MDT as an Application, name it “Tweak – Set Explorer to Launch to This PC” and use the command line “regedit /s LaunchExplorerToThisPC.reg”

11) Add registry script to put the Computer icon on the Desktop for all users

Save the following as PutComputerIconOnDesktop.reg

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=dword:00000000

Add it to MDT as an Application, name it “Tweak – Put Computer Icon on the Desktop” and use the command line “regedit /s PutComputerIconOnDesktop.reg”

12) Add script to clean up and reduce the Windows image size

This is a fantastic script by Mikael Nystrom, aka The Deployment Bunny, to reduce the size of the Windows image before capturing it. Bear in mind that this script appears to hang at 100% for up to 45 minutes or so but it does go through in the end.

This script shaves off about 800-900Mb from the final captured image so well worth using it in my opinion, despite the above bug.

Download the script from his website and add it to MDT:

Choose Application with source files

Application Name: Action – Clean Up Before SysPrep

For source directory browse to the directory where you saved the script

Leave the destination directory to be created the same as the name of the application

Choose to “Move” the folder instead of copying

Command line:

cscript.exe Action-CleanupBeforeSysprep.wsf

13) Add Script to Re-Enable Internet Connectivity

The very last step here is to add our short PowerShell script to re-enable Internet connectivity – for my own environment the script simply enables DHCP and renews the IP address:

Set-NetIPInterface –InterfaceAlias "Ethernet" –Dhcp Enabled
Sleep 5
IPConfig renew
Sleep 5

Save it as Enable-DHCP.ps1 in its own folder and add to MDT as an Application as follows:

Choose Application with source files

Application Name: Action – Enable Internet Access

For source directory browse to the folder where you saved the Powershell

Leave the destination directory to be created the same as the name of the application

Choose to “Move” the folder instead of copying

Command line:

Powershell.exe -ExecutionPolicy Bypass -File " Enable-DHCP.ps1"

We’ll leave this post here.

In the next post we’ll create our Build and Capture Task Sequence and edit it to customise our reference image by running the registry edits and installing the applications and packages we added to MDT in this post.

Advertisements

2 thoughts on “Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: Populating the MDT Deployment Share

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s