Deploying Windows Server 2003 x64 with Hyper-V

By arwidmark / June 6, 2010

When deploying x64 legacy operating systems (XP/2003) you quickly realize the nic doesn’t work… here is the fix…

Use the legacy network card, and the nic driver from Windows Server 2008 R2 (dc21x4vm.sys och dc21x4vm.inf)

/ Johan

How to boot WinPE 2005 (WinPE 1.6) from WDS in Windows Server 2008 R2

By arwidmark / June 2, 2010

 

Ever needed to deploy a device not capable of running WinPE 2.x or WinPE 3.0?  Here are the steps to PXE boot WinPE 2005 (WinPE 1.6) from a WDS running Windows Server 2008 R2.

Disclaimer: This is not supported by Microsoft!  Use at your own risk…

Step 1 – Add a boot menu to WDS, follow this guide

Adding a boot menu to Windows Server 2008 R2 WDS
http://www.deployvista.com/Home/tabid/36/EntryID/126/language/en-US/Default.aspx

 

Step 2 – Create a WinPE 2005 bootable ISO

1. Copy the WINPE folder from the Windows PE 2005 CDROM to C:\

2. Insert the Windows Server 2003 SP1 CD-ROM (F: in this example). Start a command prompt and type:

cd /d c:\winpe

mkimg.cmd F: C:\winpe2005 /WMI

Note: This compiles WinPE 2005 with WMI support

3. Add support for WHS/ADO/HTA by starting a command prompt and type:

cd /d c:\winpe

Buildoptionalcomponents /S:F: /D:C:\winpe2005 /Q

4. Create a Bootable CD by starting a command prompt and type this

cd /d c:\winpe

oscdimg -h -n -betfsboot.com C:\workdir C:\WINPE2005.ISO

 

Step 3 – Add necessary boot files and create the entry for WinPE 2005 in the PXE menu

1. Expand the following files from a Windows Server 2003 SP1

setupldr.ex_
startrom.n1_

2. Copy the expanded files to D:\RemoteInstall

rename setupldr.ex_ to NTLDR

rename startrom.n12 to startrom.0

3. Copy C:\WINPE2005.ISO to D:\RemoteInstall

4. In D:\RemoteInstall\Boot\, create a file named winnt.sif with the following content

[SetupData] BootDevice = “ramdisk(0)”
BootPath = “\i386\System32\”
OsLoadOptions = “/noguiboot /fastdetect /minint /rdexportascd /rdpath=winpe2005.iso”

5. Update the default file in the pxelinux.cfg folder

LABEL WinPE 2005
 KERNEL startrom.0

Step 4 – Configure the readfilter in WDS to allow the WinPE2005.iso to boot

1. Add winpe2005.iso to HKLM\SYSTEM\CurrentControlSet\Services\WDSServer\Providers\WDSTFTP\Readfiler

2. Restart Windows Deployment Services

Bonus reading…

If you need scratchspace in WinPE 2005

How to create a custom WinPE 2005 SDI image 
http://www.myitforum.com/articles/8/view.asp?id=8832
 

If you need to reduce the WinPE 2005 size (Step 4)

Adding a Windows PE 2005 image to WDS (boot-in RAM)
http://www.deployvista.com/Blog/JohanArwidmark/tabid/78/EntryID/20/language/en-US/Default.aspx

/ Johan

 

 

 

 

Fully unattended answer file for Windows Embedded Standard 7

By arwidmark / May 25, 2010

Windows Embedded Standard 7 is componentized version of Windows 7, where you pick what components you want and you get a custom Windows 7 installation…

With Windows Embedded Standard 7 you can automate the Image Builder Wizard (IBW) with an answer file. Here is a fully unattended sample that will deploy a minimal Windows Embedded Standard 7 Image with the explorer shell. The resulting image file is only 175 MB, which is pretty good for a Windows 7 OS …

The answer file can be further modified using Image Configuration Editor (ICE), which is the Windows Embedded version of Windows System Image Manager (WSIM).

The only “non-standard” tweak I did was adding the HideEvaluationWarning value so that the process doesn’t stop and prompt you if you are testing with a trial version. The password for the Kiosk user is P@ssw0rd. You also need to update the product key placeholder with your own runtime key.

Download sample file

/ Johan

Deploying Hyper-V servers using ConfigMgr 2007 SP2

By arwidmark / May 24, 2010

When deploying Hyper-V servers using MDT 2010 Zero Touch Roles and Features and ConfigMgr 2007 SP2, you quickly realize that the Hyper-V installation reboots the task sequence during the process and never processes the rest of it. This also requires you do to some additional housecleaning afterwards…

But what if you want to do things in the task sequence after the step that installs Hyper-V, or want to avoid the housecleaning?

Well, simply create a separate operating system image package where Hyper-V is enabled offline already.

1. Create a copy of your Windows Server 2008 R2 image Custom Image

2. Mount the image using imagex

ImageX /mountrw W2K8R2-001.wim 1 D:\Mount

3. Inject Hyper-V using Dism

dism /image:d:\mount /Enable-Feature /FeatureName:Microsoft-Hyper-V

dism /image:d:\mount /Enable-Feature /FeatureName:Microsoft-Hyper-V-Management-Clients

4. Commit the changes

ImageX /unmount /commit D:\mount

5. Update the distribution point

/ Johan

Settings per Task Sequence using MDT 2010

By arwidmark / May 24, 2010

This is a quick guide for configuring settings per task sequence using MDT 2010, without the use of the database…

Some background info…
The Gather action in MDT is the process that gather all rules and it is run when the deployment wizard starts. But what if we want to set rules depending on what we select in the wizard? Well, then we simply have to run Gather once more, but after the wizard.

The following is a sample for configuring a few settings for a Windows 7 Task Sequence with id W7-X86-001, and some other setings for a Windows 7 Task Sequence with id W7-X86-002 .

1. Configure the two Task Sequence’s to run Gather local data and process rules (Rules file: customsettings.ini)

2. Update the deploymentshare rules (customsettings.ini) with the following

[Settings] Priority=TaskSequenceID, Default

[Default] OSInstall=Y
SkipAppsOnUpgrade=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipBDDWelcome=YES
SkipComputerName=YES
SkipDomainMembership=YES
SkipUserData=YES
SkipCapture=YES
DoCapture=NO
SkipLocaleSelection=YES
SkipTaskSequence=NO
SkipTimeZone=YES
SkipApplications=YES
SkipBitLocker=YES
SkipSummary=YES
SkipBDDWelcome=YES
TimeZone=004
TimeZoneName=Pacific Standard Time

[W7-X86-001] JoinDomain=TSLAB
DomainAdmin=TSLAB\JoinAccount
DomainAdminPassword=P@ssw0rd
MachineObjectOU=ou=Workstations,dc=tslab,dc=net
Applications001={785633b7-283b-420e-a4a3-2557377d204c}
Applications002={c47087e9-220e-4191-930e-819cf03e7cfe}

[W7-X86-002] JoinWorkgroup=WORKGROUP
Applications001={5e731fe1-ef93-44f9-bb17-8f7a5734cec8}
Applications002={c47087e9-220e-4191-930e-819cf03e7cfe}

/ Johan

Deploying Kiosk machines using MDT 2010 Lite Touch

By arwidmark / May 23, 2010

Here is a sample configuration for assigning a few settings via a role to a specific set of machines (mac address), and then a standard set of settings for all other machines. If you are prestaging all the machines into the database this is easy, but what if I don’t want to use the database…

Well , normally we would use the MacAddress and Default Prority in cs.ini for this, but since roles builds as an array we would still get both roles…This is where a userexit script comes to the rescue…

1. create a vbscript named ZTIRolePerMac.vbs and store it in \DeploymentShare\Scripts. Update the script with the mac address you want to set to the KioskPC role.

Function UserExit(sType, sWhen, sDetail, bSkip)
  UserExit = Success
End Function

Function RolePerMac(sMac)
  Select Case sMac
    Case “00:15:5D:0A:65:01”
      RolePerMac = “KioskPC”
    Case “00:15:5D:0A:65:02”
      RolePerMac = “KioskPC”
    Case Else
      RolePerMac = “StandardPC”
  End Select
End Function

2. Update the deploymentshare rules (customsettings.ini) with the following

[Settings] Priority=Default, Role

[Default] userexit=ZTIRolePerMac.vbs
Role1=#RolePerMac(“%MacAddress%”)#

OSInstall=Y
SkipAppsOnUpgrade=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipBDDWelcome=YES
SkipComputerName=YES
SkipDomainMembership=YES
SkipUserData=YES
SkipCapture=YES
DoCapture=NO
SkipLocaleSelection=YES
SkipTaskSequence=NO
SkipTimeZone=YES
SkipApplications=YES
SkipBitLocker=YES
SkipSummary=YES
SkipBDDWelcome=YES
TimeZone=004
TimeZoneName=Pacific Standard Time

[StandardPC] JoinDomain=TSLAB
DomainAdmin=TSLAB\JoinAccount 
DomainAdminPassword=P@ssw0rd
MachineObjectOU=ou=Workstations,dc=tslab,dc=net
Applications001={785633b7-283b-420e-a4a3-2557377d204c}
Applications002={c47087e9-220e-4191-930e-819cf03e7cfe}

[KioskPC] JoinWorkgroup=WORKGROUP
Applications001={5e731fe1-ef93-44f9-bb17-8f7a5734cec8}
Applications002={c47087e9-220e-4191-930e-819cf03e7cfe}

/ Johan

MDT 2010 Update 1 beta available on connect

By arwidmark / May 11, 2010

MDT 2010 Update 1 beta available on connect

MDT 2010 Update 1 provides new capabilities, such as:

  • Support for Microsoft Office 2010.
     
  • A new User-driven Installation (UDI) deployment method (formerly known as “Modena”) for Microsoft System Center Configuration Manager 2007. UDI gives information technology (IT) staff control over the deployment experience while empowering users to interact with and customize their operating system deployment through an easy-to-use wizard.
     
  • Improvements to the Deployment Workbench driver import process, detecting each driver’s true supported platforms.
     
  • Many bug fixes and other small improvements.

/ Johan

Windows 7 Network Location bug finally fixed!

By arwidmark / May 11, 2010

When deploying Windows 7 the Network Location dialog box is sometimes shown even though the machine is joined to a domain. It’s only on specific hardware but it’s quite common.

Microsoft now has a hotfix (KB 2028749) for this bug.

A “Set Network Location” dialog box appears when you first log on to a domain-joined Windows 7-based client computer
http://support.microsoft.com/kb/2028749/

Optional Workaround:

You can set a Group Policy for Network Location – Computer Configuration  / Windows Settings / Security Settings / Network List Manager Policies / All Networks. Change Network Location to User cannot change location

 

 

This is the dialog box you  might get without the hotfix…

/ Johan 

Error 5 – Access denied when importing drivers to Windows 7 using DISM

By arwidmark / May 6, 2010

I recently had a customer who was having issues when importing drivers to an offline Windows 7 image, but only some of the drivers.

The error they got was:

Error – An error occurred. The driver package could not be installed. For more information, check for log files in the \inf folder of the target image.

Error: 5

Access is denied.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

After some troubleshooting we discovered that the driver file they was trying to inject was blocked. After unblocking the file the import worked as expected.

Image of the blocked driver

/  Johan

 

Recovery Utility for USMT 3 and 4

By arwidmark / May 3, 2010

Some time ago I came across the MigRecover Utility for Microsoft’s Windows Easy Transfer (thanks Calle Malmstrom for the tip!), It works great for extracting data from a standard USMT 4 store as well. There is also a version for USMT 3.

The syntax is quite simple:

MigRecover.exe [/i:] [/e:] [/v] [password]

So for extracting all files in the C:\MigData\PC0003\USMT.MIG store to D:\Tmp you would use the following command:

MigRecover.exe /i:*.* C:\MigData\PC0003\USMT.MIG D:\Tmp

For download and additional info:
http://www.visser.com.au/blog/migrecover-for-microsofts-windows-easy-transfer

/ Johan

Page 3 of 15