Windows 7 Automated Imaging and ZCM Registration

0 Likes
Download: scripts_0.zip

Building the base image



Downloads required:



Windows Driver Kit Version 7.1.0 (to get access to DPINST.exe utility)



Windows AIK for Windows 7



Steps


  • Insert the Windows Driver Kit DVD on your machine and install.

  • Browse to install folder, then down to Redist\DIFx\dpinst\MultiLin\x86 and take a copy of DPINST.exe – this will be used later.

  • Insert the Windows AIK DVD on your own machine and install Windows System Image Manager. This will be used to build the unattend.xml file for the Windows 7 image.

  • Insert the Windows 7 DVD on your own machine and take a copy of the DVD onto a folder somewhere on your machine.

  • Launch Windows System Image Manager

    • Click on File, New Answer File

  • In the bottom left window, Right click and select "Select Windows Image" and browse to either the install.wim or install_windows7.clg file (both should be in the same "sources" folder extracted from the Windows 7 Installation DVD above)

  • In the bottom left window locate the sections listed below, right click them and add to the relevant section on the popup



These are the settings for Windows 7 32-bit. For Windows 7 64-bit use the relevant sections starting with amd64_ instead of x86_


x86_Microsoft-Windows-LUA-Settings_neutral2 offline Servicing

x86_Microsoft-Windows-Security-SPP_neutral3 generalize

x86_Microsoft-Windows-Deployment_neutral4 specialize

x86_Microsoft-Windows-Security-SPP_UX_neutral4 specialize

x86_Microsoft-Windows-Shell-Setup_neutral4 specialize

x86_Microsoft-Windows-International-Core_neutral7 oobeSystem

x86_Microsoft-Windows-Shell-Setup_neutral7 oobeSystem



We now need to go through each section and change some settings.



In the Answer file Section, do the following:





Section

Setting Name

Value

Reason


2 offline Servicing
x86_Microsoft-Windows-LUA-Settings_neutral
EnableLUAFalseDisables User Access Control

3 generalize
x86_Microsoft-Windows-Security-SPP_neutral
SkipRearm1Licensing

4 specialize
x86_Microsoft-Windows-Deployment_neutral
RunSynchronousAdd a new command
Order 1
Net user administrator /active:yes
Active the local administrator account

4 specialize
x86_Microsoft-Windows-Security-SPP-UX_neutral
SkipAutoActivationTrue 

4 specialize
x86_Microsoft-Windows-Shell-Setup_neutral
ComputerName*Generates a random Computer name. My script later on picks up BIOS name and sets computer name

CopyProfileTrue 

ProductKeyxxxxx-xxxxx-xxxxx-xxxxx-xxxxxValid Product Key

RegisteredOrganizationLeave as Microsoft 

RegisteredOwnerLeave as AutoBVT 

ShowWindowsLiveFalse 

TimeZoneGMT Standard TimeSet as appropriate for your region


7 oobeSystem

X86_Microsoft-Windows-International-Core_neutral

InputLocale

SystemLocale

UILanguage

UserLocale

en-GB

Set as appropriate for your region


7 oobeSystem

x86_Microsoft-Windows-Shell-Setup_neutral
RegisteredOrganizationxxxxxxxxxxxxxxxxxxxxYour Company Name

RegisteredOwnerxxxxxxxxxxxxxxxxxxxxYour Company Name

TimeZoneGMT Standard TimeSet as appropriate for your region

Subsection AutoLogonEnabledTrue 

LogonCount3Do 3 auto logons before leaving user at login screen (to cater for automated scripts and reboots)

Usernameadministrator 

PasswordPa55wordSet as appropriate - make sure it matches up with other sections in this guide

Subsection FirstLogonCommandsCommandLine

Order 1

RequiresUserInput false
cscript //b C:\windows\system32\slmgr.vbs /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx 

CommandLine

Order 2

RequiresUserInput false
%SystemRoot%\
system32\
WindowsPowerShell\
v1.0\powershell.exe -Command "&{set-executionpolicy RemoteSigned -Force}"
Enables Powershell Scripts

CommandLine

Order 3

RequiresUserInput false
%SystemRoot%\
system32\
WindowsPowerShell\
v1.0\powershell.exe "c:\setup\Win7Image-Script1.ps1"
 

Subsection OOBEHideEULAPageTrue 

NetworkLocationWork 

ProtectYourPC1 

Subsection UserAccountsAdministratorPasswordPa55word 

LocalAccounts
Add record for user administrator
Description: administrator

DisplayName: administrator

Group: administrators

Name: administrator

Password Pa55word
 




Save the unattend.xml answer file




  • On Target Windows 7 machine

  • Install Windows 7 from DVD, making sure that you zap any and all partitions on the disk at the start

  • Once initial install is complete, and you're prompted to create a username on the welcome screen, press CTRL-SHIFT-F3 to reboot machine into admin audit mode.

    AT THIS POINT, take an image as a "pre-sysprep" image if needed

  • On reboot, you'll be automatically logged in under the built-in administrator account. A SYSPREP GUI box will appear – close this for now. You are now ready to carry out any customizations.

  • Due to issues with a strange access rights issue on Windows 7 64-bit (that worked fine in Windows 7 32-bit), create a folder called C:\SETUP and make sure administrators group has full control

  • Place the unattend.xml file created above into the folder C:\WINDOWS\SYSTEM32\SYSPREP

  • Bring up a command prompt and browse to C:\WINDOWS\SYSTEM32\SYSPREP

  • Run the following command

    • SYSPREP /generalize /oobe /shutdown /unattend:unattend.xml

  • Wait for the machine to shutdown

  • You are now ready to take an image of the Windows 7 SYSPREP'd machine.



Additional addon-images were created following instructions located here as follows:




Win7-Addon-Drivers.zmgContains the driver files for any unknown devices – creates a folder on C: called C:\SETUP\DRIVERS

Contains 32 and 64 bit drivers

Win7-Addon-Scripts.zmgContains the relevant Powershell Scripts and any utilities that are required as part of the imaging process. Files are stored under C:\SETUP

Current Files are:

BiosConfigUtility.exe - HP Utility to read BIOS settings - use to rename computer

Win7Image-Script1.ps1

Win7Image-Script2.ps1

Win7Image-Script3.ps1

dpinst.exe, dpinst64.exe, dpinst.xml - used to do a hardware scan for any unknown devices

Win7-32-Addon-ZCMAgent.zmg (or Win7-64-Addon-ZCMAgent.zmg)Latest ZCM agent copied to C:\SETUP.

The Scripts above call this to register the machine in ZCM. Since agent name is always the same, this can be replaced with the latest agent whenever required.



The important thing to make sure when creating these is to make sure that the partition number on the image matches the partition number inside the Windows 7 ZMG file for the boot disk – as a default this is partition 2 as partition 1 is the 100MB hidden area for Windows 7.



The imaging bundle applies the relevant base image (32 or 64 bit), followed by these addon images.



i.e. ZCM Windows Bundle has the following 4 images listed as part of the image



Windows_7_Base_Image.zmg

Win7-Addon-Drivers.zmg

Win7-Addon-Scripts.zmg

Win7-32-Addon-ZCMAgent.zmg



NOTES:

Win7Image-Script3.ps1 - needs updating for your specific domain information re name of domain, relevant user account, and password to join computer to domain

One final step to take is to delete the C:\SETUP folder to remove any files that may contain passwords etc.



================

Editor's Note: When it comes to Windows 7 Migration projects, ZENworks can be your new best friend. Check it out.

Labels:

How To-Best Practice
Comment List
Anonymous
Parents
  • Andy,

    One thing missing adding drivers to the gold image. I got some new Dells and spent ages trying to get info on injecting drivers. Ended up on the ghost forums and they have the same issue. Anyway taken from the ghost and twisted to support your format. I had posted in the forums but figure I would stick it on here as well if people are looking for a complete solution.

    And for those who may need to inject drivers, I would only recommend Mass storage and maybe NICs as you don't want to bloat the gold image, with to many drivers you don't need. This is why you are creating a specific drivers image for machine types.
    Follow AndyStewartSL guide on creating sysprep.
    On his unattend.xml add
    Microsoft-Windows-PnpCustomizationsWinPE line in the windowsPE pass in the answer file. Insert a Path line there too with the path & the credentials matching what you put in for it during the auditSystem pass. (c:\drivers\msd)
    Save the unattend.xml

    Create a new answer file called audit.xml
    Within the 5 audit system pass add
    1. x86_Microsoft-Windows-Deployment_neutral
    a) With a "Reseal" line in there too. Reseal can be set to "ForceShutdownNow" as "False" and "Mode" to "Audit"
    2. x86_Microsoft-Windows-PnpCustomizationsNonWinPE_netural
    a) With a Path line in there too. The path should point at a directory containing your drivers. It will search recursively. So you can have one path that points at a parent directory with sub-directories in it. c:\drivers\msd
    3. x86_Microsoft-Windows-Shell-Setup_neutral
    Autologin - username Administrator
    Save this answer file.
    Copy the drivers you want to c:\drivers\msd - creating as many subfolders as you want. Rather than going to each model type we have, I went to driver packs and got the complete list. You could have it pointing to a network share if you wanted.

    Okay copy both answer files to c:\windows\system32\sysprep in your gold image

    Make sure you have the drivers copied.

    open a dos box cd c:\windows\system32\sysprep
    sysprep /audit /reboot /unattend:audit.xml
    This will reboot the machine into audit mode injecting the drivers. You maybe in audit mode already. This is not an issue.

    open a dos box cd c:\windows\system32\sysprep
    sysprep /generalize /shutdown /oobe /unattend:unattend.xml
    Sysprep runs and shutdowns the machine, take the image, ready to deploy to new hardware.

    Hope this info helps people with the migration to 7 and getting Mass storage drivers injected.

    Just remember you will need to create answer files for 64 and 32 bit versions of windows.

    Environment I am using is Oracle VM VirtualBox as it allows snapshots so you can keep going back to play.
Comment
  • Andy,

    One thing missing adding drivers to the gold image. I got some new Dells and spent ages trying to get info on injecting drivers. Ended up on the ghost forums and they have the same issue. Anyway taken from the ghost and twisted to support your format. I had posted in the forums but figure I would stick it on here as well if people are looking for a complete solution.

    And for those who may need to inject drivers, I would only recommend Mass storage and maybe NICs as you don't want to bloat the gold image, with to many drivers you don't need. This is why you are creating a specific drivers image for machine types.
    Follow AndyStewartSL guide on creating sysprep.
    On his unattend.xml add
    Microsoft-Windows-PnpCustomizationsWinPE line in the windowsPE pass in the answer file. Insert a Path line there too with the path & the credentials matching what you put in for it during the auditSystem pass. (c:\drivers\msd)
    Save the unattend.xml

    Create a new answer file called audit.xml
    Within the 5 audit system pass add
    1. x86_Microsoft-Windows-Deployment_neutral
    a) With a "Reseal" line in there too. Reseal can be set to "ForceShutdownNow" as "False" and "Mode" to "Audit"
    2. x86_Microsoft-Windows-PnpCustomizationsNonWinPE_netural
    a) With a Path line in there too. The path should point at a directory containing your drivers. It will search recursively. So you can have one path that points at a parent directory with sub-directories in it. c:\drivers\msd
    3. x86_Microsoft-Windows-Shell-Setup_neutral
    Autologin - username Administrator
    Save this answer file.
    Copy the drivers you want to c:\drivers\msd - creating as many subfolders as you want. Rather than going to each model type we have, I went to driver packs and got the complete list. You could have it pointing to a network share if you wanted.

    Okay copy both answer files to c:\windows\system32\sysprep in your gold image

    Make sure you have the drivers copied.

    open a dos box cd c:\windows\system32\sysprep
    sysprep /audit /reboot /unattend:audit.xml
    This will reboot the machine into audit mode injecting the drivers. You maybe in audit mode already. This is not an issue.

    open a dos box cd c:\windows\system32\sysprep
    sysprep /generalize /shutdown /oobe /unattend:unattend.xml
    Sysprep runs and shutdowns the machine, take the image, ready to deploy to new hardware.

    Hope this info helps people with the migration to 7 and getting Mass storage drivers injected.

    Just remember you will need to create answer files for 64 and 32 bit versions of windows.

    Environment I am using is Oracle VM VirtualBox as it allows snapshots so you can keep going back to play.
Children
No Data
Related Discussions
Recommended