Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: Building the Task Sequence

We’ll continue this series by creating a Build and Capture Task Sequence in this post and then adding the steps in our task sequence to add our applications, packages and scripts to customize the reference image.

(In the previous post we populated our MDT deployment share with our applications, packages, scripts and the Windows 10 1703 image we’re going to need for this post.)

Open up the Deployment Workbench and let’s go ahead and build our task sequence.

Create the Build and Capture Task Sequence

Right-click on the Task Sequence node and select “New Task Sequence”. Go through the Wizard and enter/choose the following options:

  • Task Sequence Id: buildw10-1703
  • Task sequence name: Build and Capture Windows 10 Reference Image (1703)
  • Template: Standard Client Task Sequence
  • Select OS: choose the Windows 10 1703 OS you imported in the previous post
  • Specify Product Key: Do not specify a product key at this time
  • Full Name: Naz (change to your liking)
  • Organization: Me, Myself and IT (change to your liking)
  • Internet Explorer home page: emeneye.wordpress.com (change to your liking)
  • Enter an Administrator password

What we have now is a pretty bare-bones task sequence which will only install Windows and nothing else. We need to edit it to add steps which will turn this Windows installation into a reference image.

Customize the Task Sequence

1) Right-click on the task sequence you created and choose “Properties”. On the “OS Info” tab click on “Edit Unattend.xml” which will Windows System Image Manager.

Expand Components > 7 oobeSystem > amd64_Microsoft-Windows-Shell-Setup__neutral > select OOBE. Enter “3” (without quotes) next to “ProtectYourPC” in the Properties pane (on the right).

Close the Windows System Image Manager window.

2) Back on the properties of the task sequence click on the “Task Sequence” tab. Here you will edit the task sequence to add the applications and packages to install and the scripts to customize our reference image.

Expand the Pre-install group and select the “Apply Patches” step. From the selection profile choose the profile you created which includes the language packs and cumulative update for Windows 10 1703 (this was covered in Step 4 in the previous post).

3) Expand the “State Restore” group and note that all your applications, packages and customisation steps should be added AFTER the “Tattoo” step.

I’ve got a before and after screenshot to show what you should currently have and what it should look like after adding our steps to the Task Sequence to customise our reference image. Use this screenshot and the notes that follow to add your steps.

Here’s the before and after screenshots (sorry it’s a bit :

Before adding customisations After adding customisations
image Picture2

Notes on Editing the Task Sequence

It may be easier to keep the above screenshots in sight while going through the following notes so you have both side by side for reference. Continue reading

Advertisements

Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: Populating the MDT Deployment Share

I wanted to start off this series with populating our MDT Deployment Share with the various bits and pieces we need before building our Task Sequence. Having said that, I assume you already have Microsoft Deployment Toolkit (MDT) installed and know your way around the Deployment Workbench.

I’ve had to break norm and chose not to provide step-by-step instructions with screenshots here due to the length of this post. Also I won’t be going into how to organise the Deployment Workbench to house your scripts, applications and packages, etc. Needless to say, you should organise it in such way to make life easier for yourself and those around you for the long run.

Fire up the Deployment Workbench and let’s get started.

1) Create a Deployment Share

The very first thing you have to do is set up your deployment share. This is essentially a shared folder which will house all your scripts, packages, images, etc.

Right-click on the Deployment Share node in the Deployment Workbench and select “New Deployment Share”. In the wizard, choose or create a folder on your local disk to use as your deployment share. Give your deployment share a name (best not to remove the $ at the end) and finish the wizard with the default values.

Now, browse to the deployment share folder on your local disk and give yourself full security and share permissions, along with any domain user/groups if required.

2) Import Windows 10 1703 into MDT

First things first, use something like 7-zip to extract the contents of the ISO into a folder of your choice. Right-click on Operating Systems in the MDT Deployment Workbench and then import this into MDT, choose full set of source files, point to the extracted ISO folder and give your Windows image a name.

3) Add cumulative updates to install

The latest cumulative update for Windows 10 1703 is KB4016251 at the time of writing. Download the cumulative update from the Microsoft Update Catalog.

Update: Download Cumulative Update KB401620 (April 25 2017) instead as it fixes an issue with loss in network connectivity in virtual machines while provisioning IP addresses (this was causing an intermittent issue with Step 6 in this post).

Save it to a folder.

Create a folder called “CUs for Windows 10 1703” under the Packages node to house your CUs. Right-click on that folder, select Import OS Packages and browse to the folder you saved the CU.

Click Next twice and wait for the import to be finished.

4) Add Language Packs

Obtain the language packs from whichever source is convenient for you – WSUS, SCCM SUP, Microsoft, etc. Bear in mind that each Windows 10 build has its own language pack so make sure you have the correct language pack for your Windows 10 version (1703 in this case).

I’m going to install the UK English language packs in my image.

Copy the language packs into its own folder.

Create a folder under the Packages node and call it something like “EN-GB Language Packs for Windows 10 1703”.

Right-click on that folder, select Import OS Packages and browse to the folder you saved the CU.

Complete the wizard and wait for the import to be finished.

5) Create a Selection Profiles

Expand the Advanced Configuration node and right-click on Selection Profiles and select New Selection profile

Give it a name, click Next

Expand the Packages node, and check the two folders you created in step 2 and 3 which contains your language pack and cumulative update.

6) Add Script to Disable Internet Connectivity

As I explained in the post introducing this series, we need to disable Internet connectivity on our reference machine to prevent Windows Store apps from being updated, which ends up breaking Sysprep. In my lab all I have to do is set a static IP and DNS address using PowerShell without setting default gateway. The PowerShell is only two lines: Continue reading

Automate the Process of Building and Capturing a Windows 10 1703 Reference Image using MDT – Introduction

The release of Windows 10 1703, dubbed the Creators Update, is nearly upon us and I’ve been hard at work testing my OSD scripts and processes using the last couple of Insider Preview builds of the OS (since build 15048). I’ve also taken great strides in automating my build and capture process, which makes sense considering Microsoft is releasing new Windows 10 builds twice a year. This is the first introductory post in a 5-part series on automating the process of building and capturing Windows 10 reference images. 

The image I will build in this series will be what I think of as a “hybrid” reference image with a few things baked into the image to begin with. I’m going to use a Build and Capture task sequence to:

  • Install Windows 10 1703
  • Install the latest Windows 10 cumulative update
  • Disable Internet connectivity (to prevent Windows Store apps from being updated, which ends up breaking Sysprep)
  • Install Office 2016
  • Install .Net Framework 3.5 and 4.6.2
  • Install Visual C++ runtimes
  • Install English UK Language Packs
  • Install Windows, Office and security updates
  • Customize the Windows reference image like below:
    • Set Explorer to launch to This PC
    • Put the Computer icon on the Desktop
    • Create a local account and add it to the Administrators group
    • Create a “mni-utils” folder on the C: drive
    • Remove Windows features (Windows Media Player, XPS Viewer, XPS Services)
  • Run clean up to reduce the image size
  • Re-enable Internet access
  • And finally, Sysprep and capture the reference image, ready to be deployed using SCCM

Automating the above tasks as part of building our reference image requires a few things in place to tie everything together, which includes customsettings.ini, unattend.xml, registry edits and PowerShell.

Here are the posts I have planned for this series:

  • Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: Populating the MDT Deployment Share
  • Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: The Task Sequence (Customizing the Reference Image Before Capturing)
  • Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: The CustomSettings.ini Rules (Skipping the MDT Deployment Wizard)
  • Automate the Process of Building and Capturing a Windows 10 1703 Reference Image: Automation Using PowerShell

I assume you already have Microsoft Deployment Toolkit up and running. If not then check out my post on Installing and Configuring MDT 2010 From Start To Finish. I know it’s a few years old but still works – just be sure to download and install MDT 8443 and give yourself security and share permissions on the Deployment Share. 

I’ll hold off publishing the next post until the Creators Update is officially released by Microsoft so I can do some final tests using the RTM build/ISO.

Adding Network (and Storage) Drivers to Boot Images in SCCM

Having written a post on Obtaining and Importing Drivers in SCCM for HP Client Devices it seems only fitting to follow it up with a post on adding drivers to boot images in SCCM. So here goes.

For this post I will add the driver for the StarTech USB-C to Gigabit Network Adapter (product id US1GC30B) to my boot image.

clip_image001

Although I have the drivers on a driver CD that came with the adapter I wanted to go ahead and look for a more up-to-date driver. I first had a look on the StarTech website for the drivers which told me a) the original chipset manufacturer (Realtek) and b) the chipset model (RTL8153). Armed with this information I then had a look on the Realtek website an immediately found a more up to date driver (10.13 vs 10.10). As I explained in my previous post, you almost always find the latest drivers from the original chipset manufacturer.

If you already have the driver imported in SCCM

Before going ahead with the step-by-step instructions, if you’ve already got the driver imported into SCCM then all you need to do is to go into the Properties of the boot image and add the drivers in the Drivers tab:

clip_image002

Continue reading

Configure your Task Sequence to Install Driver Packages for Client Devices

This is a continuation of  my post Obtaining and Importing Drivers in SCCM for HP Client Devices where we obtained drivers for our reference HP EliteBook 820 G3 laptop, imported them into the SCCM database, created a driver package and distributed the package to our Distribution Points.

Before carrying on with the instructions here please make sure you have the exact model name of your laptop as reported by WMI. We covered this under “Get the Correct Model Name of the Client Device” in the previous post. (Run “WMIC csproduct GET name” in a command prompt on your client device and make a note of the model name *exactly* as shown.)

As I explained in the previous post the idea is to configure our task task sequence to only install this driver package for this particular model. That’s where the model name comes into the picture. Any typos in the model name will cause the task sequence to skip this driver package from being installed during OSD.

Instructions for MDT Task Sequence

Locate the “Auto Apply Drivers” step under Post Install and disable it.

Add a group under Post Install called Install Drivers

Add a group under Install Drivers called HP

Under HP add an “Apply Driver Package” step, give it a name and choose the driver package you just created

Check “Do unattended installation of unsigned drivers on versions of Windows where this is allowed”

You should have something like this:

clip_image013

Select the HP group and add the following rules in the Options tab:

clip_image015

Select the HP EliteBook 820 G3 step and add the following rules in the Options tab:

clip_image017

This is where you’ll need the model name of the laptop which we obtained using a WMIC query earlier in the post (under Get the Correct Model Name of the Client Device).

Instructions for SCCM Task Sequence

For your SCCM task sequence locate the “Apply Device Drivers” step and disable it.

Add a group under Post Install called Install Drivers

Add a group under Install Drivers called HP

Under HP add an “Apply Driver Package” step, give it a name and choose the driver package you just created

Check “Do unattended installation of unsigned drivers on versions of Windows where this is allowed”

You should have something like this:

clip_image019

Select the HP group and add the following rules in the Options tab:

Add an If statement and choose Any

Add the following WMI Queries

SELECT * FROM Win32_ComputerSystem WHERE Manufacturer LIKE “HP”
SELECT * FROM Win32_ComputerSystem WHERE Manufacturer LIKE “Hewlett Packard%”

Select the HP EliteBook 820 G3 step and add the following rules in the Options tab:

SELECT * FROM Win32_ComputerSystem WHERE Model LIKE “HP EliteBook 820 G3”

Test your Task Sequence

At this point you’ve got everything set up. Go head and test your task sequence. Hopefully you won’t have any  exclamation marks in Device Manager.

 

Obtaining and Importing Drivers in SCCM for HP Client Devices

I quickly found while using the HP Client Integration Kit that, though the tool makes it easy to download and import drivers, the size of the resulting drivers and packages is excessively big. Using the HP EliteBook 820 G3 as an example device, when using the HP CIK the resulting size of the drivers is 2.3GB for this laptop compared to 823MB using the method I’ll describe in this post.

In this post we will:

  • Obtain the drivers for our device
  • Import the drivers into SCCM and create a driver package
  • Configure a task sequence to install the driver package
  • Set rules in the task sequence to only install this driver package on HP EliteBook 820 G3 laptops

I will assume you already have a Task Sequence created to build your Windows computer.

Obtaining the Drivers

I use the 820 G3 as an example here but you can adapt this for any make and model. This is a hands-on method of obtaining drivers which does take a little time but I’ve found this gives me the best result during OSD and less driver bloat.

1) Install HP Support Assistant and install any driver updates on your client device

2) Install Intel Driver Update Utility and install any updated drivers, if available

3) (Optional) Install drivers from third party manufacturers.

This step is more manual so will take some time which is why I’ve marked it as optional. This is preferable if you want to make sure you want to start off with the latest drivers for your devices in your SCCM database.

Open up Device Manager and identify devices from third party manufacturers like Broadcom, AMD, Realtek, etc. Go to each of their website and check if there’s a more recent driver available and install them.

4) Backup your installed drivers using Double Driver.

Double Driver basically scans your current system, identifies your device drivers and backs them up for you which you can then use with SCCM. I’ve been using Double Driver for a few years now but didn’t think of using this with SCCM until very recently.

Download the portable tool and run it on your client device. Click on Backup > Scan Current System and wait for the tool to identify your device drivers.

Here is a screenshot of the drivers identified on the HP EliteBook 820 G3:

clip_image004

Click on “Backup Now” and choose a destination to store your drivers. Make sure you leave the “Structured folder (default)” selected. Click on OK

clip_image005

Keep the resulting backup drivers handy to be imported into your SCCM database

Get the Correct Model Name of the Client Device

Further along in this post we’ll create a driver package for our drivers which we’ll then use in our task sequence. We’ll need to create a rule in our task sequence to only install this driver package for this particular computer model. For this reason we’ll need to extract the correct model name of this device at this stage using the following WMI query in an elevated command prompt:

WMIC csproduct GET name

clip_image007

Make a note of the result exactly as shown and keep it safe. We’ll need it further along in the post.

Create Source Folders for your Device Drivers and Driver Package

Note that before importing the drivers you need a source folder for your device drivers and a separate folder for your driver package. I always stress the importance of organising the SCCM software repository with a clear and easily identifiable folder structure to better manage your packages (or drivers in this case). Create a folder structure for your client device driver management similar to below:

Source folder for device drivers:

\\sccmserver\Source\OSD\Drivers\Device Drivers\HP\Windows 10 x64\EliteBook 820 G3

Source folder for driver packages:

\\sccmserver\Source\OSD\Drivers\Driver Packages HP\Windows 10 x64\EliteBook 820 G3

2) Copy the drivers you backed up using Double Driver into the source folder for device drivers similar to above.

Import the Drivers in SCCM and Create a Driver Package

1) Open up the SCCM console and select the Software Library workspace. Expand Operating Systems and select Drivers. Click on “Import Driver” in the ribbon

2) In the Import New Driver Wizard leave the first option selected and enter or browse to the UNC path where you copied your device drivers. In my case it’s \\sccmserver\Source\OSD\Drivers\Device Drivers\HP\Windows 10 x64\EliteBook 820 G3

Under “Specify the option for duplicate drivers” choose

clip_image009

3) Driver Details page:

Uncheck “Hide drivers that are not in a storage or network class (for boot images)”

Uncheck “Hide drivers that are not digitally signed”

Check “Enable these drivers and allow computers to install them”

Click on Categories and either select an existing category to add these drivers to or create a new category.

clip_image011

4) In the Add Drivers to Packages step we’ll create a new driver package HP EliteBook 820 G3

For the name of the package I suggest you enter a name which identifies the model of the computer and the OS and architecture the driver package is intended for.

Something like HP EliteBook 820 G3 – Windows 10 x64

Under “Path” enter or browse to the source folder you created for the driver package. In my case it’s \\sccmserver\Source\OSD\Drivers\Driver Packages HP\Windows 10 x64\EliteBook 820 G3

Finish the rest of the wizard without making any changes to the defaults (do not add any drivers to any boot images when asked).

Distribute the Driver Package to your Distribution Points

Go ahead and distribute the driver package to your DPs.

You may also want to create a folder structure in your SCCM console under Driver Packages and move your package to it. Something like Driver Packages\Windows 10 x64

Configure your Task Sequence to Install the Driver Package

I noticed this post is quite long so I’ve split it into two and moved this section into it’s own post titled Configure your Task Sequence to Install the Driver Package. You can continue with the rest of the instructions over there.

 

Windows 10 “Creators Update”

As a true fan of Windows 10 and an avid Windows Insider watching the Windows 10 Event was super exciting for me – as an enthusiast I hugely enjoy watching new technology and hardware being unveiled live. Microsoft announced some great things in the event but my focus was all on the Windows 10 Creators Update and I definitely liked what I saw was coming. You can watch the event on demand right here.

Watch the video below titled “Introducing the Windows 10 Creators Update” and keep a close watch for some of the features coming in the update, due in early 2017:

Here’s a look at some of my favourite among the many features coming in the Windows 10 Creators Update.

Paint 3D

We’ve been wondering all these years what Paint is STILL doing in Windows but now Microsoft decided to rewrite the app from the ground app. I first heard of this form Paul Thurrott on his website, but the video above shows what an awesome job Microsoft has done with Paint 3D.

Microsoft has made this as simple as taking a photograph, take a look at this GIF from the event below:

castlegif

You can see an actual sand castle is being scanned using a smart phone which is then instantly converted into a full 3D model.  Continue reading