Upload
phungthien
View
222
Download
2
Embed Size (px)
Citation preview
Rhonda J. LayfieldSr. Deployment Architect
Deploy Windows 7 Using Microsoft’s FREE Deployment Tools
Sr. Deployment ArchitectDeployment Done Right
•I live in Washington DC in the States…
•Been in the IT industry for 30 years
•US Navy for 7 years
•Write for Windows IT Pro magazine
•Setup and Deployment MVP
Rhonda Layfield
•Setup and Deployment MVP
•Desktop Deployment Product Specialist (DDPS)
•I am self employed
•The name of my company is Deployment Done Right
Get In Touch With Me…
•Let me know how your deployments are going:
•Follow me on Twitter
•Sign up for one of my hands-on deployment classes•Sign up for one of my hands-on deployment classes
•September 2011 in Washington DC
•Contact me for details
•Bring me into your organization to hear more about deployment
•For short term consulting and in-house training
The Goal For This Session
•To help you decide which tool is right for you
•All tools deploy both Server and Desktop Operating Systems (OSs)
•All tools are either FREE or In-The-Box
•The tools are:
•Microsoft Deployment Toolkit 2012 (MDT 2012)•Microsoft Deployment Toolkit 2012 (MDT 2012)
•Windows Deployment Service (WDS)
•The One Tool Not Covered is System Center Configuration Manager (SCCM)
•But first…
Overview
•Image Formats and Scenarios
•MDT
•Installation
•Configuration•Configuration
•Network deployments
•XP migrations
•MDT advanced features
Overview
•WDS
•Installation
•Configuration
•Multicast traffic•Multicast traffic
•MDT & WDS integration
•Differences between MDT & WDS
.Wim Compared to .Vhd•.Wim
•Contain a single volume (c: d: e:)
•Multiple images may be stored in a single .wim file
•Single instancing
•No redundant file storage
•Service image offline•Service image offline
•Apply patches quick and easily
•.Vhd
•Contain an entire hard drive (multiple volumes)
•Service image offline
Three Types of Images:Thick, Thin, Hybrid
•Thick images contain an OS and all applications
•More difficult to make changes to later
•Thin images usually contain only the OS
•Applications are deployed after the OS
• Group Policy deployment• Group Policy deployment
• MDT 2010 U1
• Manually
•Hybrid images contain OS and corporate approved applications
•Like line of business (LOB) applications created in-house
4 Deployment Scenarios
Scenario Description
Bare Metal New machines
RefreshKeeping the old hardware installing a new OS on the
existing machine
Replacing existing computer with a new computerReplace
Replacing existing computer with a new computer
while maintaining user’s settings and data
UpgradeUnless your upgrading from Vista there is no direct
upgrade path
Setting Up MDT 2010:as easy as 1-2-3
Install WAIK1
Install MDT2
Operating Systems:
Server 2008 R2
Server 2003 R2
Vista
MDT 2010 U1
Deployment Server
Create a
Deployment
Share
3Vista
Windows 7
W7 DVD
MDT 2010 U1
Deployment
ServerW7 DVD
11Add an OS
22Deploy OS
33
SYSPREP
W7 DVD
Windows Server 2003 R2
Windows Server 2008 & R2
XP SP3
Vista SP1
Windows 7 & SP1
ServerW7 DVD
Add an OS
Create A ReferenceStore Image
33
Add Components
•Applications
•Office 2010
•Adobe Reader
•Drivers
•3rd party•3rd party
•Packages
•OS patches
•Language packs
Over Time You Will Have Multiple Images To Deploy:
•Multiple OSs
•Windows 7 SP1 base DVD
•Windows 7 custom Hybrid .wim image
•Windows Server 2008 R2
•Drivers for different models of machines•Drivers for different models of machines
•Applications for different groups of users
•So you will need a way to group components together for a specific deployment
•This is called a Task Sequence
Then You Need To Update The Deployment Share
•Updating the deployment share creates a custom MDT Windows Pre Installation Environment (WinPE)
•This WinPE is very intelligent
•Pre-configured to know who the MDT server is and the name of the Deployment Share
•Pre-configured to know who the MDT server is and the name of the Deployment Share
Add an OS, Application, DriversCreate a Task SequenceUpdate the Deployment ShareUpdate the Deployment Share
Then, Get MDT Ready To Deploy The Custom .wimImage
•Import the Custom .wim
•Create a task sequence
•Deploy
MDT WinPE
11 Copy WinPE
Boot Target22
Deployment Server
MDT 2010 U1
Deployment Server 33Connect to MDT
Server and
Download Image
Automate the Clients Experience
•When you run the Deployment Wizard
•Choose which screens are displayed during the deployment
•Suppress the ones you don’t want anyone to see or change like:• Product Key
• Administrator’s password• Administrator’s password
•Customize the words displayed on the pages
Automate The Client Deployment
•BootStrap.ini
•CustomSettings.ini
•If you make changes to the Boostrap.ini you will need to update the deployment share again to reflect those changes
•For Help on variables to add to these files:•For Help on variables to add to these files:
•Help
•Microsoft Deployment Toolkit Reference
• Properties
• Property Definitions
XP Migration “Refresh” Scenario
1Gather Application Information
Begin MDT Deployment Wizard 3
Configure MDT and Application
Information2
MDT 2010 U1
Deployment Server
XP SP2/SP3 Get list of Applications
Configured4
List & Registry Scan = New list
“Pre Selected”5
USMT Gathers User and
Application Settings (local store)6
XP Migration “Refresh” Scenario
7Boots to WinPE - Win 7 is Installed
Applications are Installed from MDT Applications are Installed from MDT
Deployment Share8
Windows 7XP SP2/SP3
USMT Applies User and Application
Settings (local store)9 MDT 2010 U1
Deployment Server
Get MDT Deployment Server Ready
•Add an Operating System
•Windows 7
•Add Drivers
•Create a Task Sequence•Create a Task Sequence
XP Migration With Applications
•Performing Refresh scenario
•Currently running XP
•Migrate to Windows 7
•Applications that are currently installed on XP should •Applications that are currently installed on XP should automatically be re-installed on Windows 7
Gather Application Information
• Log on as a standard user for read only mode
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall
1
Uninstall key name
• .Exe’s are easy – the application name is obvious
• .Msi’s are displayed as GUID’s – look for the DisplayName
.MSI
Gather Application Information1
EXE
.MSI
•This is what you will get:
•HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}
•This is the piece you want:
•HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio
1
•HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}
•If your doing a lot of applications at one time:XMLNotepad = {FC7BACF0-1FFA-4605-B3B4-A66AB382752D}
NetMon 3.3 = {365C5A10-6561-454F-B975-56EA878D0A06}
Office 2007 = {90120000-002A-0000-1000-0000000FF1CE}
Configure MDT Server: With Application Information
• Performed on the MDT deployment server
•Within the Deployment Workbench• Add an application
• Open the properties of the application
2
• Go to the Details tab
• Input the Uninstall registry key name from your Notepad file
•Create the script that will search for applications
•Create LTIAppDetect.vbs script
•Download LTIAppDetect.vbs from• http://www.deploymentdr.com/Download.html
2
• http://www.deploymentdr.com/Download.html
•Copy the LTIAppDetect.vbs script to your deployment share’s Scripts folder
•Configure MDT to look for applications - edit the properties of your deployment share• From within the Deployment Workbench / Properties of your deployment
share / Rules tab[Settings]Priority=DefaultProperties=MyCustomProperty
2
Properties=MyCustomProperty
[Default]OSInstall=YSkipAppsOnUpgrade=YESSkipCapture=YESSkipAdminPassword=NOSkipProductKey=YES
• Add LTIAppDetect.vbs
[Settings]
Priority=Default
Properties=MyCustomProperty
[Default]
2
[Default]
UserExit=LTIAppDetect.vbs
OSInstall=Y
SkipAppsOnUpgrade=YES
SkipCapture=YES
SkipAdminPassword=NO
SkipProductKey=YES
Begin MDT Deployment Wizard
•Launch LiteTouch.vbs from the XP workstation• Map a drive to your deployment server:
• Net use P: \\ServerName\DeploymentShareName\Scripts
• Deployment server = DeploySrv
• Deployment share = DeploymentShare$
• Net use P: \\Deploysrv\DeploymentShare$\Scripts
3
• Net use P: \\Deploysrv\DeploymentShare$\Scripts
• Then from the P: drive double click on LiteTouch.vbs
•OR• Start / Run /
Steps 4 and 5 – You won’t see these
Get a list of Applications Configured
These are the applications you configured on the deployment server in the deployment workbench
List & Registry Scan = New list “Pre Selected”
4
5
The list of configured applications on the deployment server and the list of applications from the XP registry are compared to create a third list
The third list is the list of applications displayed as pre selected during the deployment process
USMT Gathers User and Application Settings
•User State Migration Tool v4.0 gathers existing user data, settings and application settings
•This is called “Users State”
•User State is stored locally
scanstate.exe C:\MININT\StateStore /v:5 /o /c /hardlink
6
scanstate.exe C:\MININT\StateStore /v:5 /o /c /hardlink/nocompress /efs:hardlink /i:C:\MININT\USMT\MigApp.xml
/i:C:\MININT\USMT\MigDocs.xml /l:C:\MININT\SMSOSD\OSDLOGS\USMTcapture.log /progress:C:\MININT\SMSOSD\OSDLOGS\USMTcapture.prg
Steps 7 and 8 – Task Sequence Performs These:Steps 7 and 8 – Task Sequence Performs These:
Boots to WinPE - Windows 7 is Installed
Windows 7 is installed7
Applications are Installed from MDT Deployment Share
Applications selected from the “Select one or more applications to install” page (Windows Deployment Wizard) are installed
8
USMT Applies Locally Stored Settings
•USMT applies previously gathered user data, settings and application settings
loadstate.exe /v:5 /c /lac /hardlink /nocompress/i:C:\MININT\USMT\MigApp.xml
9
/i:C:\MININT\USMT\MigApp.xml /i:C:\MININT\USMT\Migdocs.xml /l:C:\MININT\SMSOSD\OSDLOGS\USMTrestore.log C:\MININT\StateStore /progress:C:\MININT\SMSOSD\OSDLOGS\USMTrestore.prg
Make Applications Mandatory
•If you don’t want a person to be able to de-select an application during deployment…
•Edit LTIAppDetect.vbs script
•Set oApplications = oEnvironment.ListItem("Applications")
To:To:
•Set oApplications = oEnvironment.ListItem("MandatoryApplications")
Clean Up Active Directory Users and Computers
•If you rename your newly migrated machine the old name still exists in AD
•So, you might want to clean that up by deleting the old machine namemachine name
What We Covered
•4 Deployment Scenarios
•Migrated an XP machine to Windows 7 while also maintaining:
•User’s data
•User’s Settings•User’s Settings
• IE Favorites
• Desktop settings
•Application Installations and Settings
MDT Components
•The MDT components are:
•Operating Systems
•Applications
•Drivers
•Packages
•Task Sequences•Task Sequences
•To use some of the Advanced Features of MDT you will need to group MDT components together
•The way you group MDT components is by creating a “Selection Profile”
MDT’s Selection Profiles
•The MDT components you group will determine what you can do with the selection profile:
•Group drivers and packages to inject into the MDT generated Windows Pre Installation Environments (WinPEs)
•Group drivers to inject into an OS task sequence•Group drivers to inject into an OS task sequence
•Control which MDT components are included in “Media”
•Group MDT components to replicate (and keep in sync) to linked deployment shares
Branch Offices
MDT
Deployment
Server
Dubai
Good WAN Unreliable
London New York
Good WAN
LinkUnreliable
WAN Link
MDTs Media Feature
•Media allows you create a fully deployable image
•OS
•Applications
•Drivers•Drivers
•Packages
•Task sequences
Storage Options
•If you choose a DVD burn the .ISO file to the DVD
•If you choose:
•External hard drive
•UFD (USB flash drive)•UFD (USB flash drive)
•You will need to prepare the media first
Steps For Media
•Create a selection profile
•Run the New Media Wizard
•Update the Media
•Prepare the media•Prepare the media
•Deploy
•Open an elevated command prompt
•DISKPART
• List disk (record the number of the external device)
• Select disk N (N is the disk number
• Select disk 2
• Clean
Preparing Media
• Clean
• create partition primary
• select partition 1
• Active
• format fs=ntfs
• Assign
• exit
• Close the command prompt
•Open Windows Explorer
•Turn on show hidden files
•Navigate to the Media “Content” folder
•Copy the entire Content folder
•Boot folder
Preparing Media Completed
•Boot folder
•Deploy folder
•EFI folder
•Autorun.inf
•Bootmgr
•Bootmgr.efi
Branch Offices
MDT
Deployment
Server
DubaiOS
Application
Drivers
Task Sequences
London New York
Good WAN
Links
Linked Deployment Shares (LDS)
•LDS allows you to copy a subset (or all if you choose) of components to another machine
•Even Windows 7 can host a LDS
•To create a LDS
•Begin on the target computer•Begin on the target computer
On The Target Computer
•This is the computer you want to copy the LDS to…
•Create a folder
•Ensure there is enough hard drive space
•MDT will not check this for you•MDT will not check this for you
•Share the folder
•Now you are ready to create the LDS on the MDT server
Create A LDS on The MDT Server
•Create a selection profile containing all the MDT components you would like copied (replicated) to the target computer
•Create a new LDS
•Type in the UNC path to where you want the new LDS•Type in the UNC path to where you want the new LDS
• Example \\server\share
• \\W7\LondonDS
•Choose your selection profile
Create A LDS on The MDT Server - Continued
•Select one of the options:
•Merge the selected contents into the target deployment share
•OR
•Replace the contents of the target deployment share folders with those selected
•Rename the LDS•Rename the LDS
•R-click the LDS and choose Replicate Content
•The contents you selected in your selection profile will be copied to the new LDS via ROBOCopy
When You Make Changes
•The changes need to be replicated to the target computer
•You can either right-click the LDS and choose “Replicate”
•This will replicate EVERYTHING again even things that have not changed
•OR
•Change the replication technology to use Distributed File System-•Change the replication technology to use Distributed File System-Replication (DFS-R)
•Create a scheduled task that will replicate changes whenever you want them replicated
•Only what has changed will be replicated
MDT Database•Automate what gets installed on a computer
•Imaged and re-imaged
•How it works:
•When a client begins the Deployment Wizard a script runs: ZTIGather.wsf
• Gathers all kinds of information from the client like:• Gathers all kinds of information from the client like:
• Universally unique ID (UUID)
• Serial number
• Asset tag
• MACAddress
• Queries the MDT database for a match
• Applies the configured settings
Set Up MDT Database
•SQL is not supported on DCs
•You’ll need a member server
•Install SQL (Express will work)
•Configure the database with the computer identifier
•The computer will check in with the database and perform whatever steps you choose
What We Covered:
Create a Master image
Automate the Deployment
Group MDT Components
Put a complete deployment on a USB flash drivePut a complete deployment on a USB flash drive
Create multiple deployment shares and keep them current
MDT Database feature
Windows Deployment Service
•WDS replaces Remote Installation Services (RIS)
•Provides both boot and installation images from the WDS server
•Supports .WIM and .VHD technology
Installing WDS
•In the box with Server products, well kind of
•Install WDS on a 2003 SP1 Server •Install RIS
•Install patch from the WAIK: windows_deployment_services_update.exe
•Install WDS on a 2003 SP2 Server•Install WDS on a 2003 SP2 Server• Control Panel / Add/Remove Programs / Windows Components / WDS
•Install WDS on a 2008 (& R2) server•Server Manager
•Add Roles
•Select Windows Deployment Services from the list of roles
Configuring WDS
WDS snap-in
Right-click Servers
Add Server –
defaults to local
serverserver
Right-click your
server and choose
Configure Server.
Add a Boot Image
•A boot image is a Windows Pre Installation Environment (WinPE)
•The most current will always be best
•Windows 7 SP1 Boot.wim can deploy
•Vista SP1 – Windows 7 – Windows 7 SP1
•Windows Server 2003 R2, 2008 and 2008 R2•Windows Server 2003 R2, 2008 and 2008 R2
•Use an older WinPE will produce undesired results
Add an OS Image•Both .wim and .vhd are supported
•Adding a .wim
•Right–click Install Images
• Add Install Image
• Image Groups• Image Groups
•Adding a .vhd
•Elevated command prompt
•WDSUTIL /Add-Image /ImageFile:\\Server\Share \Win7.vhd /Server:WDSServer /ImageType:Install /ImageGroup:Windows7 /Filename:"Windows7.vhd"
Add Drivers & Applications
•3rd party drivers only
•No Applications can be deployed from WDS
•Only a Thick image containing your applications•Only a Thick image containing your applications
From The Client
•Perform a Network Boot
•Sometimes called a Pre Execution Boot Process
•OR
•PXE Boot•PXE Boot
Multicast Transmissions
Server1 sends packet 1 to client1
Server1 sends packet 1 to client2
Server1 sends packet 1 to client3
Server1 sends packet 1 to all clients Server1 sends packet 1 to all clients
Server1 sends packet 1 to client1, client2, client3
Windows Deployment Services Multicast Enhancements
Multiple streams of trafficOptimized rates based on
client connection
Client Auto RemovalSlower clients can be dropped to
FastFastSlower clients can be dropped to
unicast or entirely (only in standard multicast)
Boot Image MulticastWindows PE boot
images can use multicast (clients with EFI)
MediumMedium
SlowSlow
WDS Server
MDT & WDS Together
MDT WinPE MDT WinPE
MDT 2010 U1
Deployment Server
Win 7 Image
Download Image
Targets
PXE Boot
Feature Comparison MDT WDS
Supports .wim images YES YES
Supports .vhd images NO YES
Requires Infrastructure NO YES
Manage images easily YES NO
Driver management Easy Difficult
Provides PXE capabilities W/ WDS YES
Provides Multicast W/ WDS YES
Creates offline or stand alone media YES NO
Automate Deployments YES YES
Corporate Deployment Share replicates DS to Branch Offices YES NO
What We Covered
•Image Formats and Scenarios
•MDT
•Installation
•Configuration•Configuration
•Network deployments
•XP migrations
•MDT advanced features
•WDS
•Installation
•Configuration
•Multicast traffic•Multicast traffic
•MDT & WDS integration
•Differences between MDT & WDS
Thank you for attending my session!
•Let me help-
•WWW.DeploymentDr.Com
•AND TrainSignal Deployment Training DVD Set
•I’ll tweet about new products as they are released:•I’ll tweet about new products as they are released: