In a previous post I walked through how to install MDT, it’s dependencies, and how to create a reference image to deploy. In this post I’ll be doing the same thing but centred around building a Windows Server 2016 image using a Hyper-V virtual machine.
Installing & Configuring Microsoft Deployment Toolkit and Dependencies.
We’ll be using Microsoft Deployment Toolkit (MDT) version 8443, which (at the time of writing: 24/07/2017) is the most recent release and fully supports Windows Server 2016.
Here are the links the software we’ll be using:
- Windows 10 1703 Assessment and Deployment Kit (ADK)
- Microsoft Deployment Toolkit (8443)
- Windows Server 2016.iso (Volume Licensing Service Center | MSDN Subscriptions site)
- The latest Cumulative Update for Windows Server 2016 – as of 13/03/2018 this is KB4088787, released March 13th 2018 bringing Windows Server 2016 to OS Build 14393.2125. More information is available here. Please note: Don’t download the Delta Update.
First we’ll install the Windows 10 1703 ADK which works with Windows Server 2016. The setup will need to download additional files so it may take some time depending on your internet connection.
IMPORTANT NOTE: If you have SecureBoot enabled, you’ll get a “Program Compatibility Assistant” dialog displayed and after installation, WIMs will fail to mount and unmount. This is a known issue and there is a workaround.
On the Select the features you want to install screen select:
- Deployment Tools
- Windows Preinstallation Environment (Windows PE)
- Imaging And Configuration Designer (ICD)
- Configuration Designer
- User State Migration Tool (USMT)
Now install MDT by running the setup file downloaded earlier, there is no specific configuration during the install wizard. After it’s installed we need to create the Deployment Share.
Create the Deployment Share
- Open the Deployment Workbench from the Start Menu.
- Right click on Deployment Shares.
- Select New Deployment Share.
- Enter the path for the Deployment Share: E:\BuildShare.
- Enter the Share name: BuildShare$.
- Give the share a descriptive name.
- On the Options screen, accept the defaults as you can change them later.
- Complete the wizard to create the share.
We now need to add an Operating System to work with.
Add an Operating System
- Mount the Windows Server 2016.iso in File Explorer.
- Go to Deployment Workbench > Operating Systems.
- Right click and select Import Operating System.
- In the wizard, select Full set of source files and then enter the root of the mounted .iso as the Source directory.
- For the destination directory name enter Windows Server 2016 and complete the wizard.
- Go to the Operating Systems node again and you should have four new entries, for each edition of Windows Server 2016. Rename them to: Windows Server 2016 Standard, Standard Core, Datacenter, and Datacenter Core.
Next we’ll be adding the latest Cumulative Update for Windows Server 2016 downloaded earlier, to do this we’ll be adding it to the Packages section of MDT. The reason we do this is so the CU will be installed with the Operating System, rather than relying on WSUS or Windows Updates to download and install it and in this case the initial release of Windows Server 2016 has a nasty bug which prevents it from receiving updates via WSUS, so installing the latest CU will fix this problem before it happens. Another advantage of doing it this way is the entire Task Sequence will be faster and Windows will be up to date when it is installed.
- Go to Deployment Workbench > Packages.
- Create a folder named Windows Server 2016.
- Right click on the folder and select Import OS Packages and go through the wizard to add the package. The downloaded update .msu file must be in a folder by itself.
Now we create a selection profile so that the Task Sequence only attempts to install the update for Windows Server 2016.
Creating A Selection Profile
- Expand the Advanced Configuration node.
- Right click on Selection Profiles and select New Selection Profile.
- Name it Windows Server 2016.
- On the Folders page, tick the Windows Server 2016 folder under Packages and complete the wizard.
We need to now create the Task Sequence that will create our reference image of Windows Server 2016. In this example, we’ll create a Task Sequence to build an image of a Standard Edition of Windows Server 2016. To create one for the other editions, repeat the steps and choose the other editions when choosing the Operating System.
Create a Task Sequence
- In Deployment Workbench, go to Task Sequences.
- Right click and select New Task Sequence.
- For the ID enter: WS16-S.
- Name it Build Windows Server 2016 Standard.
- Select Standard Server Task Sequence.
- Select the Operating System Windows Server 2016 Standard.
- Do not specify a product key at this time.
- Enter an Organization name.
- Do not specify an Administrator password at this time.
- Complete the wizard.
Now we’ll configure the Task Sequence.
Configure the Task Sequence
- Right click on the Task Sequence just created and select Properties.
- Go to the Task Sequence tab on the Properties window of the Task Sequence.
- Expand the Preinstall folder, and select the Apply Patches item.
- Change the Selection Profile to Windows Server 2016.
- Go to the State Restore folder and select Windows Update (Pre-Application Installation).
- On the right side of the Properties window, go to the Options tab.
- Uncheck the Disable this step tick box and do the same with Windows Update (Post-Application Installation).
- Go to the Install Applications item.
- In the right side of the Properties box, click the Options tab and then click the Disable this step tick box.
- Click Apply and close the Task Sequence.
Next we’ll create a domain user account for MDT.
Create an Active Directory User for MDT
- Go to Active Directory Users and Computers.
- Create a user called mdt_admin.
- On WDS01 (where the deployment share is hosted), give mdt_admin Full Control share permissions and Full Control permissions to all the files and folders under the deployment share.
Now we’ll configure the Bootstrap.ini and the Rules.ini files to control certain aspect of the deployment environment. The settings below enable auto log in and skip the welcome screen, so these should only be used for lab/closed environments.
- In Deployment Workbench, right click the Deployment Share and select Properties.
- Select the Rules tab and click the Edit Bootstrap.ini button.
- Add the settings below to the Bootstrap.ini.
- Close and Save the Bootstrap.ini
[Settings] Priority=Default [Default] DeployRoot=\\SERVERNAME\BuildShare$ UserDomain=contoso.com UserID=mdt_admin UserPassword=p@ssw0rd SkipBDDWelcome=YES
On the Rules tab of the Deployment Share properties window, add the settings below. A lot of the settings are specific to my demo environment such as my location in the world. The [Virtual Machine] section near the top is one example of how to manage drivers and auto fill computer names for when deploying images based on the model reported by Windows. I’ll cover this in more detail a future post.
[Settings] Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y SkipCapture=YES SkipAdminPassword=YES SkipProductKey=YES SkipComputerBackup=YES SkipBitLocker=YES SkipLocaleSelection=YES SkipTimeZone=YES SkipDomainMembership=YES SkipSummary=YES SkipFinalSummary=YES SkipComputerName=YES SkipUserData=YES _SMSTSORGNAME=Build Share _SMSTSPackageName=%TaskSequenceName% DoCapture=YES ComputerBackupLocation=\\SERVERNAME\BuildShare$\Captures BackupFile=%TaskSequenceID%_#year(date) & "-" & month(date) & "-" & day(date) & "-" & hour(time) & "-" & minute(time)#.wim WSUSServer=http://SERVERNAME:8530 FinishAction=SHUTDOWN SLShare=\\SERVERNAME\BuildShare$\Logs EventService=http://SERVERNAME:9800
Now it’s time to create the boot media to boot into the deployment environment.
Creating The Boot Media
- In Deployment Workbench, right click on the Deployment Share.
- Select Update Deployment Share.
- Select Completely regenerate the boot images.
- Complete the wizard. It will take some time to create the boot images.
Testing The Boot Media
To test the boot media, copy the LiteTouchPE_x64.iso from \\SERVERNAME\BuildShare$\Boot to a location where a Hyper-V Virtual Machine will be able to access it.
Create a new VM in Hyper-V and configure it as such:
- 2x vCPUs
- 4GB of RAM
- NIC with access the MDT server and WSUS server.
- Virtual Hard Drive of at least 80GB, preferably on an SSD.
- Boot from DVD Drive using the LiteTouchPE_x64.iso from MDT.
Start the VM and it should boot from the LiteTouchPE_x64.iso into the deployment environment. You should be presented with a wizard and the name of the Task Sequence you created earlier. Select it and click Next.
The Task Sequence will now run, install Windows Server 2016 Stanard Edition with the Cumulative Update included, update from the WSUS server, run SysPrep and the reboot back into the MDT environment and capture the image.
When this process completes the VM will be shutdown and a file named WS16-S_YEAR_MONTH_DAY_HOUR_MINUTE.wim will be in \\SERVERNAME\BuildShare$\Captures.
You now have a functioning Microsoft Deployment Toolkit server, with a Deployment Share specifically configured for building reference images, and a Task Sequence to build and capture a Windows Server 2016 Standard Edition reference image.