Getting Started With Microsoft Deployment Toolkit 8443 and Windows 10 1607/1703

For this post the demo network consists of an Active Directory Domain Controller (DC01), a WSUS server (WSUS01) – here’s a previous post on installing WSUS, a server that will have Microsoft Deployment Toolkit installed (WDS01) and a blank Hyper-V Virtual Machine for creating the reference image.

Update 02/05/2017: Please note that this post is also relevant to building Windows 10 1703 (Creators Update) images. I’ve posted about the differences here.

The WDS01 server is a Hyper-V VM configured like so:

  • 2 vCPUs
  • 4GB RAM
  • C:\ for Windows
  • E:\ for MDT

We’ll be using Microsoft Deployment Toolkit (MDT) version 8443, which at the time of writing is a recent release, after a long time of being at version 2013 Update 2. Microsoft explain in this blog post about removal of the year/update naming scheme and development going forward – essentially, it’s not going away, they will still keep developing it.

Software we’ll be using:

Install

First we’ll install the Windows 10 1607 ADK. The setup will need to download additional files so it may take some time depending on your internet connection. On the Select the features you want to install screen select:

  • Deployment Tools
  • Windows Preinstallation Environment (Windows PE)
  • Imaging And Configuration Designer (ICD)
  • Configuration Designer
  • User State Migration Tool (USMT)

Now install MDT by running the setup file downloaded earlier, there is no specific configuration during the install wizard.

Create the Deployment Share and an Import Operating System

  1. Open the Deployment Workbench from the Start Menu.
  2. Right click on Deployment Shares.
  3. Select New Deployment Share.
  4. Enter the path for the Deployment Share: E:\DeploymentShare.
  5. Enter the Share nameDeploymentShare$.
  6. Give the share a descriptive name.
  7. On the Options screen, accept the defaults as you can change them later.
  8. Complete the wizard to create the share.

Now we’re going to add Windows 10 1607 as an Operating System to deploy.

  1. Mount the Windows 10 1607 .iso in File Explorer.
  2. Go to Deployment WorkbenchOperating Systems.
  3. Right click and select Import Operating System.
  4. In the wizard, select Full set of source files and then enter the root of the mounted .iso as the Source directory.
  5. For the destination directory name enter Windows 10 Enterprise 1607 x64 and complete the wizard.
  6. Go to the Operating Systems node again and rename the OS you just added to Windows 10 Enterprise 1607 x64.

Importing Packages & Creating Selection Profiles

We will now import the Cumulative Update for Windows 10 Version 1607 (KB3193494) into MDT, so that it can be installed with the OS.

  1. Go to Deployment Workbench > Packages.
  2. Create a folder named Windows 10 1607 x64.
  3. Right click on the folder and select Import OS Packages and go through the wizard to add the package. The package must be in a folder by itself.

Now we will create a selection profile so that the package is only installed for Windows 10 1607 x64.

  1. Expand the Advanced Configuration node.
  2. Right click on Selection Profiles and select New Selection Profile.
  3. Name it Windows 10 1607 x64.
  4. On the Folders page, tick the Windows 10 1607 x64 folder under Packages and complete the wizard.

Importing Applications

We’ll now import VLC Media Player, so it can be installed as part of the reference image.

  1. In Deployment Workbench right click on Applications and select New Application.
  2. Select Application with source files, then on the Details page, enter VLC Player as the Application Name.
  3. On the Source page, enter the location of the VLC executable, it will need to be in a folder by itself as the wizard will copy all files in the location specified.
  4. Enter the name: VLC for the directory.
  5. On the Command Details page enter the name of the VLC executable with the /S option – this will install VLC silently without user interaction.
  6. Complete the wizard.
  7. In the Applications node, rename the VLC app to Install – VLC.

Create a Task Sequence

We’ll now create a Task Sequence to build a fully updated Windows 10 1607 x64 reference image, with VLC installed.

  1. In Deployment Workbench, go to Task Sequences.
  2. Right click and select New Task Sequence.
  3. For the ID enter: B-W10-1607.
  4. Name it Build Windows 10 1607.
  5. Select Standard Client Task Sequence.
  6. Select the Operating System Windows 10 1607 x64.
  7. Do not specify a product key at this time.
  8. Enter an Organization name.
  9. Do not specify an Administrator password at this time.
  10. Complete the wizard.

Configure the Task Sequence

  1. Right click on the Task Sequence just created and select Properties.
  2. Go to the OS Info tab and click Edit Unattend.xml. It will take sometime to generate the catalog.
  3. When the Unattend.xml opens, go to 7 oobesystemamd64_Microsoft-Windows-Shell-Setup__neutral > OOBE.
  4. Change the ProtectYourPC setting to 3. This will prevent the image from randomly checking for updates whilst it is being built.
  5. Save the Unattend.xml, you can safely ignore an warnings.
  6. Go to the Task Sequence tab on the Properties window of the Task Sequence.
  7. Expand the Preinstall folder, and select the Apply Patches item.
  8. Change the Selection Profile to Windows 10 1607 x64.
  9. Go to the State Restore folder and select Windows Update (Pre-Application Installation).
  10. On the right side of the Properties window, go to the Options tab.
  11. Uncheck the Disable this step tick box and do the same with Windows Update (Post-Application Installation).
  12. Go to the Install Applications item.
  13. In the right side of the Properties box, select the Install a single application option and click the Browse… button.
  14. Select Install – VLC and change the name Install Applications to Install – VLC.
  15. Click Apply and close the Task Sequence.

Configure Deployment Rules

Before we create the boot media we must configure several settings that will effect how the boot media will connect to the deployment environment.

  1. In Deployment Workbench, right click the deployment share and select Properties.
  2. On the Windows PE tab, select the Drivers and Patches sub-tab.
  3. Under the Selection Profile drop down menu, change it to All Drivers.
  4. Select the Platform dropdown menu and select x64 and again change the Selection Profile to All Drivers.

Now we must create an Active Directory account for MDT to use and give it permissions to the Deployment Share.

  1. Go to Active Directory Users and Computers.
  2. Create a user called mdt_admin.
  3. On WDS01 (where the deployment share is hosted), give mdt_admin Full Control share permissions and Full Control permissions to all the files and folders under the deployment share.

We will now configure the Rules and Bootstrap.ini. The settings below enable auto log in and skip the welcome screen.

  1. In Deployment Workbench, right click the deployment share and select Properties.
  2. Select the Rules tab and click the Edit Bootstrap.ini button.
  3. Add the settings below to the Bootstrap.ini.
  4. Close and Save the Bootstrap.ini
[Settings]
Priority=Default

[Default]
DeployRoot=\\WDS01\DeploymentShare$
UserDomain=contoso.com
UserID=mdt_admin
UserPassword=p@ssw0rd
SkipBDDWelcome=YES

On the Rules tab of the Deployment Share properties window, add the settings below. A lot of the settings are specific to my demo environment such as my location in the world. The [Virtual Machine] section near the top is one example of how to manage drivers and auto fill computer names for when deploying images based on the model reported by Windows. I’ll cover this in more detail a future post.

[Settings]
Priority=Model, Default, SetOSD
Properties=OSDPrefix

[Virtual Machine]
DriverGroup001=Virtual Machine
DriverSelectionProfile=nothing
OSDPrefix=VM

[Default]
_SMSTSORGNAME=Mike Galvin | OSD Solutions
_SMSTSPackageName=%TaskSequenceName%
UserDataLocation=NONE
ComputerBackupLocation=\\WDS01\DeploymentShare$\Captures
BackupFile=%TaskSequenceID%_#year(date) & "-" & month(date) & "-" & day(date)#.wim
OSInstall=Y
TimeZoneName=GMT Standard Time
KeyboardLocale=0809:00000809
UILanguage=en-GB
UserLocale=en-GB
KeyboardLocale=en-GB
BitsPerPel=32
VRefresh=60
XResolution=1
YResolution=1
WSUSServer=http://wsus01:8530
SkipAdminPassword=YES
SkipCapture=NO
SkipRoles=YES
SkipProductKey=YES
SkipUserData=YES
SkipComputerBackup=YES
SkipBitLocker=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
SkipDomainMembership=YES
SkipSummary=YES
SkipFinalSummary=YES
FinishAction=SHUTDOWN
OSDComputerName=%OSDPrefix%-%SerialNumber%

Creating Boot Media

Now we’ll create the boot media.

  1. In Deployment Workbench, right click on the Deployment Share.
  2. Select Update Deployment Share.
  3. Select Completely regenerate the boot images.
  4. Complete the wizard. It will take some time to create the boot images.

Testing Boot Media

To test the boot media, copy the LiteTouchPE_x64.iso from \\WDS01\DeploymentShare$\Boot to a location where the new Hyper-V VM will be able to access it. Set the configuration of the VM as such:

  • 2 vCPUs
  • 4GB RAM
  • NIC

Add the LiteTouchPE_x64.iso as a boot device. Start the VM and it should boot from the iso into the MDT environment, which is using Windows PE. You should be presented with a wizard and the Task Sequence you created earlier. Select it and click Next. The Computer Name should be already filled in with something like VM-1234-1234…etc. Replace it with vm-ref-w10. Select Capture an image of this reference computer. The Task Sequence should now run, install Windows 10, update from the WSUS server, install VLC and then capture the image. When this process completes the VM will be shutdown and a file named B-W10-1607_YEAR_MONTH_DAY.wim will be in \\WDS01\DeploymentShare$\Captures.

You now have a functioning MDT server and a Task Sequence to build and capture a reference image with Windows 10 1607. I will post in future on how to deploy the captured image, manage drivers, and deploy common application like Microsoft Office 2016. Hopefully for now, this post has given you what you need to get started with MDT and deploying Windows 10.

Follow me on Twitter @Digressive.

4 thoughts on “Getting Started With Microsoft Deployment Toolkit 8443 and Windows 10 1607/1703

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s