BDD 2007, as you probably already know, is End-to-end guidance, best practices, and tools for planning, building, and deploying Windows and Office. BDD 2007 is developed by a team led by Michael Niehaus (lead developer) and Mike Lewis (Architect).
This guide explains the necessary steps to install and configure the core BDD 2007 RC1 components for creating a virtual lab/test environment with BDD 2007 RC1.
For improvement suggestions (or bugs) in this guide, please drop a note to johan [dot] arwidmark [at] truesec [dot] com, at myitforum.com (alias jarwidmark) or post in the public Microsoft newsgroups (group: microsoft.public.deployment.desktop)
If you want to learn more, check out my public BDD 2007 classes, or bring me onsite to teach at your company location. Go http://www.truesec.com for more info (Click the Flag for English)
Microsoft MVP – Setup & Deployment
The guide covers the following steps
o Creating the BDD 2007 deployment server structure
o Add Windows Vista setup files
o Create a BDD 2007 Build of Windows Vista
o Create a Deployment Point
To complete the guide, you need a virtual machine with the following configuration.
· OS: Windows Server 2003 SP1
o Server name: SRV001 (Domain Controller for tslab.net)
o A C: and D: drive (for example 32 GB C: and 96 GB D:)
o DNS and DHCP installed and configured
o Latest Security patches installed, including Windows Installer 3.1 (KB 893803)
· On SRV001, download BDD 2007 RC1 to D:\Setup\BDD 2007
· On SRV001, download .NET Framework 2.0 to D:\Setup\Net Framework 2.0
· Download MMC 3.0 to D:\Setup\MMC 3.0
· Download USMT 3.0 to D:\Setup\USMT 3.0
· Download Word Viewer to D:\Setup\WordViewer 2003
· Download WAIK to D:\Setup\WAIK on SRV001
· If needed, download third party device drivers to D:\Setup\Drivers
· Recommended software (but not required)
o GPMC, Windows Server 2003 SP1 Resource Kit and Support Tools
Step 1 – Creating the server structure
In this part you will install BDD 2007 and add the Windows Vista installation files. You will also create the various service accounts used.
Install BDD 2007, USMT, WAIK and prerequisites
1. On SRV001, using Explorer, navigate to the D:\Setup folder.
2. Install .NET Framework 2.0 (netfxx86.exe) with default settings.
3. Install MMC 3.0 (WindowsServer2003-KB907265-x86-ENU.exe) with default settings.
4. Install MSXML 6.0 (msxml6x86.msi) with default settings.
5. Install WAIK (waikx86.msi) with default settings
6. Install BDD 2007 (BDD2007_x86.msi), verify that the Distribution Share is installed to the D: drive, otherwise use default settings.
7. Copy the USMT 3.0 files (InstallUSMT30_x86*) to D:\Distribution\Tools\x86
8. Due to a bug in the InstallUSMT30_x86_vista.msu package (/quiet switch not working), an USMT30.cab file should be created and copied to the D:\Distribution\Tools\x86 folder. Use the following steps:
a. On a Vista machine, install USMT 3.0 (InstallUSMT30_x86_vista.msu) manually to the default location (c:\program files\usmt30)
b. Copy c:\program files\BDD 2007\samples\USMT30_x86.ddf from SRV001 to C:\ on the vista machine
c. Start a command prompt, change directory to C:\ and run makecab.exe /F USMT30_x86.dff
d. Copy the usmt30.cab file to D:\Distribution\Tools\x86 folder on SRV001
9. Due to a bug in Windows PE 2.0 (security.dll is missing), create a folder named D:\ExtraFiles\Windows\System32 and copy Security.dll from the Vista Host PC to it.
Create the BDD 2007 service and test accounts
1. Using Active Directory User and Computers, create the following OU’s
2. Using Active Directory User and Computers, in the Deployment OU, create the following user accounts. Set password to P@ssw0rd.
Set permissions on the Workstations OU
1. Using Active Directory Users and Computers, allow JoinAccount permissions to manage computer accounts in the Workstations OU.
a. In the view menu, select Advanced Features,
b. Right-click the Workstations OU, select Properties, and then click the Security Tab.
c. Click the Advanced button.
d. In the Advanced Security Settings for Workstations window, click Add, type in Join Account and click OK
e. In the Permissions List, select the below list of permissions and click OK (Verify that the scope is set to This object and all child objects).
Scope: This object and all child objects is selected
i. Create Computer objects
ii. Delete Computer objects
f. In the Advanced Security Settings for Workstations window, click Add, type in Join Account again and click OK
g. In the Permissions List, select the below list of permissions and click OK (Verify that the scope is set to Computer objects).
Scope: Computer objects
i. Read All Properties
ii. Write All Properties
iii. Read Permissions
iv. Modify Permissions
v. Change Password
vi. Reset Password
vii. Validated write to DNS host name
viii. Validated write to service principal name
h. Click OK once more.
Step 2 – Add Windows Vista setup files
Add Windows Vista installation files to the Deployment Workbench
1. ON SRV001, capture an iso-file with Windows Vista
2. Using the BDD Workbench, expand the Distribution node, right-click on the Operating Systems node, and select New (Or Click New from the Actions pane). Use the following settings for the New Os Wizard.
a. Full set of source files
b. Source directory: <DVD-Drive>:\
c. Destination directory name: Windows Vista x86
Add applications to the BDD Workbench
1. Using the BDD Workbench, expand the Distribution node, right-click on the Applications node, and select New (Or Click New from the Actions pane). Use the following settings for the New Application Wizard.
a. Application with source files
b. Publisher: Microsoft
c. Application name: Word Viewer
d. Version: 2003
e. Language: English
f. Platform: x86 platform ONLY!
g. Source Directory: D:\Setup\WordViewer 2003
h. Specify the name of the directory that should be created: Microsoft Word Viewer 2003
i. Command Line: wdviewer.exe /q /c:”msiexec /I wordview.msi /qn”
j. Working directory: .\Applications\Microsoft Word Viewer 2003
Add Out-Of-Box drivers to the Deployment Workbench
1. Download drivers to D:\Setup\Drivers for your client hardware
2. Using the BDD Workbench,, expand the Distribution node, right-click on the Out-of-Box Drivers node, and select New (Or Click New from the Actions pane).
3. Add the drivers in D:\Setup\Drivers to the repository.
Step 3 – Create a Build
Create a Build
1. Using the BDD Workbench,, right-click on the Builds node, and select New (Or Click New from the Actions pane). Use the following settings for the New Build Wizard.
a. Build ID: Vista
b. Build name: Windows Vista
c. Build comment: Company Master Build
d. Operating System Image: Windows Vista Ultimate
f. Organization: TrueSec
g. FullName: TrueSec
h. Internet Explorer home page: http://www.truesec.com
i. Administrator Password and confirm Password: P@ssw0rd
Step 4 – Create a Deployment Point
Create a Deployment Point
1. Using the BDD Workbench,, right-click on the Deploy node, and select New (Or Click New from the Actions pane). Use the following settings for the BDD Deployment Wizard.
a. Lab or single-server deployment (default)
b. Deployment point name: TSLAB
c. Allow user to select additional application on Upgrade (default)
d. Ask if an image should be captured (default)
e. Do Not Allow the user to set Administrator Password (Default)
f. Do Not Allow user for specifying product key (default)
g. Share name: Distribution$ (default)
h. Allow the user to configure user state options (default)
2. Using the BDD Workbench, right-click the TSLAB Deployment Point and select Properties.
3. In the Windows PE Tab
a. In the Images to Generate area, make sure that the Generate a Lite Touch bootable RAM disk ISO image checkbox is selected
b. In the Extra directory to add, type in D:\ExtraFiles
c. Click OK
4. Using the BDD Workbench, right-click the TSLAB Deployment Point and select Update.
a. Note: The update process will take 5 - 10 minutes.
Set Distribution folder permissions
1. Allow BuildAccount modify permissions on the D:\Distribution folder (NTFS permissions)
Done! To start deploy Windows Vista, continue with Part2 (Lite Touch Deployment).