Windows Server Update Services (WSUS) can use a lot of resources, so why not use Windows Server Core and make the most of the resources you have. In this post I’ll go through the initial steps on how to deploy and configure a WSUS server using command line and PowerShell. Important note: If you need the to boot Windows Server 2016 ISO from a USB flash drive, use the Windows USB/DVD Tool available to download direct from Microsoft.
Windows Server Core is an ideal choice for Active Directory Domain Controllers due to it’s low resource usage and greatly reduced attack surface. In this post I’ll go through the initial steps on how to deploy a new Active Directory forest and add an additional Domain Controller to the domain, and finally I’ll run some basic checks on the health of the domain after installation. Important note: If you need the to boot Windows Server 2016 ISO from a USB flash drive, use the Windows USB/DVD Tool available to download direct from Microsoft.
Update 2018-11-04: I’ve evolved the script in this post into a more friendly utility which I’ve posted about here. If you are familiar with my other PowerShell scripts/utilities this isn’t as complete or polished as them, but it get’s the job done, and that’s all we can really ask for right? Let’s say it’s in early beta. The purpose of this script is to automate the process of setting the location and Office 365 license for users, using a local Active Directory to specify the users.
Microsoft Deployment Toolkit build 8450 is out. You can read more about it here over on the MS Deployment Blog. Installing & Configuring Microsoft Deployment Toolkit and Dependencies Here are the links the software we’ll be using: Windows 10 1703 Assessment and Deployment Kit (ADK) Microsoft Deployment Toolkit (8450) First we’ll install the Windows 10 1703 ADK which is now fully supported by MDT in build 8450. The setup will need to download additional files so it may take some time depending on your internet connection.
In a previous post I wrote about my Image Factory PowerShell script for MDT. This post is about a script derived from that which I setup to test my images and my deployment task sequences. Since this script is only an edit of the previous one I don’t intend to release it “officially” on the TechNet Gallery or the PowerShell Gallery. To explain succinctly what this script does, it turns Task Sequences into Virtual Machines.
Update 16/01/2018: Updated this post to reflect the release of Microsoft Deployment Toolkit 8450, which fully supports Windows 10 1709. Update 30/10/2017: If SysPrep is consistently failing when building your Windows 10 1709 image, it is most likely due to the Windows Store update process updating the built in UWP apps. This issue is a known issue, but one I’ve managed to dodge when building previous versions of Windows 10. With 1709, I’ve had SysPrep fail every time.
This is a round-up all my previous posts regarding deployment and configuring Windows 10, installing Microsoft Deployment Toolkit and Windows Server Update Services into one post for reference. Installing and Configuring a WSUS Server Installing WSUS from scratch! Resolving WSUS Connection Errors On Windows Server 2012 R2 Installing and Configuring Microsoft Deployment Toolkit Getting Started With Microsoft Deployment Toolkit 8443 and Windows 10 1607/1703 PXE Booting for Microsoft Deployment Toolkit PXE Booting with WDS for UEFI and BIOS Devices Building and Deploying a Windows 10/Windows Server 2016 Reference Image Building a Windows 10 1607 Reference Image with Microsoft Deployment Toolkit 8443 Deploying a Windows 10 1607 Reference Image with Microsoft Deployment Toolkit 8443 Walkthrough: Building a Windows 10 1703 (Creators Update) Reference Image with Microsoft Deployment Toolkit Walkthrough: Building a Windows 10 1709 (Fall Creators Update) Reference Image with Microsoft Deployment Toolkit Walkthrough: Building a Windows Server 2016 Reference Image with Microsoft Deployment Toolkit Customising and Configuring Windows 10 Stuck Windows Updates from WSUS on Windows 10 1607/Windows Server 2016 Windows 10 1607 (Anniversary Update) opens msn.
With Hyper-V it is possible to run VMs inside of VMs without needing to install third-party virtualization software. You might not have the need to run an entire Virtual Machine inside of another, but some upcoming security features of Windows 10 require Hyper-V to be enabled so this could be a way to have those security features on a Windows 10 VM that you otherwise would not be able to take advantage of.
As Windows is now delivered ‘as-a-service’ with major updates being released biannually, you may want to push out these major updates using WSUS. In previous posts I’ve covered deploying Windows 10 1703 (Creators Update) as a clean install with Microsoft Deployment Toolkit and also how to perform an upgrade to Windows 10 1703 using MDT. In this post, I’ll walk through the process of pushing out the upgrade to Windows 10 1703 using WSUS.
If you’re looking to deploy the latest version of Windows 10 1703 (better known as the Creators Update) as a fresh install, please check out this post. This post is designed to walk through installing and configuring Microsoft Deployment Toolkit and to create a Task Sequence to upgrade to Windows 10 1703 from a previous version of Windows. The Windows upgrade process has come along way in recent years, so in certain circumstances it may be worth while running an upgrade, rather than a wipe-and-load.
In a previous post I walked through how to install MDT, it’s dependencies, and how to create a reference image to deploy. In this post I’ll be doing the same thing but centred around building a Windows Server 2016 image using a Hyper-V virtual machine. Installing & Configuring Microsoft Deployment Toolkit and Dependencies. We’ll be using Microsoft Deployment Toolkit (MDT) version 8443, which (at the time of writing: 24/07/2017) is the most recent release and fully supports Windows Server 2016.
In my previous scripts I’ve included a function to send log files to an on-premises Exchange server. I’ve now put together an example script to improve this function to send emails to external e-mail providers, for example: Office 365, Outlook.com or GMail.com. This new code is designed to support many different requirements: No logging at all. Logging but with no e-mail. Logging with e-mail. E-mail with username & password authentication, with SSL.
At the time of writing (2017-07-18) the latest PowerShell available is PowerShell 5.1 which is a part of Windows 10 1607 and Windows Server 2016. To find which version of PowerShell you have, type this command into PowerShell: 1 $PSVersionTable.PSVersion To upgrade PowerShell, you’ll need the latest Windows Remote Management for your version of Windows. You might also need to upgrade WinRM to remotely manage servers using the Server Manager tool, which comes with Windows Server and is a part of RSAT for Windows 10 version 1607 and later.