Установка Windows 7 по сети при помощи MDT и WDS

Установка Windows 7 по сети при помощи MDT и WDS. Часть 1

Рано или поздно любому эникейщику или системному администратору, при очередной установке или переустановке операционной системы, приходится искать флешку или диск с образом Windows. Затем если это старый компьютер мучаться с тем чтобы он определил флешку в загрузочном режиме, или столкнуться с отсутствием оптического привода, извращаться и придумывать какие-то сложные решения, и все это для того чтобы установить операционную систему. Для таких случаев и не только для них, существуют программные средства от Microsoft, под названием Microsoft Deployment Toolkit (MDT) и Windows Deployment Service.
Microsoft Deployment Toolkit ( MDT ) это программный пакет, который позволяет разворачивать Microsoft Windows и Microsoft Office по сети.

Сразу сделаю пометку, что для этого способа необходима серверная операционная система на которой у нас буду собираться и храниться образы необходимых операционных систем. Установка Windows 7 по сети при помощи MDT в этой статье будет происходить на примере Microsoft Windows Server 2008 R2.

Вкратце что мы будем делать:

1. Устанавливаем программный пакет Microsoft Deployment Toolkit и AIK.
2. Создаем новый образ операционной системы, которой мы будем разворачивать по сети.
3. Настраиваем роль WDS ( Windows Deployment Services) .
4. Загружаем созданный нами образ в WDS
5. Устанавливаем по сети Windows 7

Предполагаем что Windows Server у вас уже установлена в роли DHCP и DNS активированы и настроены. Стандартных настроек будет достаточно.

IP-адрес нашего сервера задан статический 192.168.1.2.

Upgrading to ADK 8.1 ^

MDT 2013 is able to support Windows 8.1 because of the underlying tools in Windows Assessment and Deployment Kit (ADK). Because of this, ADK 8.1 is a required prerequisite. Uninstall any previous version of the Automated Installation Kit (AIK) and ADK (including ADK 8) before continuing. Reboot your deployment server.

After rebooting, download and launch the ADK setup. If needed, the ADK 8.1 install can be found here. Proceed through the setup until you are prompted for new features to install. At a minimum, select Deployment Tools and Windows Preinstallation Environment (Windows PE).

Selecting features in the ADK 8.1 setup

Continue through the setup. If prompted to reboot at the end, do so now.

MDT with WDS Integration Overview

MDT and WDS working together

MDT with WDS Diagram Overview

MDT vs WDS

To understand how MDT and WDS work to complement each other it helps to first understand the differences between these two systems.

Windows Deployment Services (WDS) is a server based technology used for deploying images of Windows operating systems and operates as a server role in Windows Server 2003 SP2, Server 2008, Server 2008R2, Server 2012, and Server 2012R2. WDS utilizes disk imaging and can perform network based installations of captured images which are typically stored in a .wim format. Image deployment over the network is accomplished through WDS’s use of the Preboot Execution Environment (PXE) to load a miniature version of Windows known as Windows Preinstallation Environment (PE).

WDS supports the management and deployment of driver packages which allows you to manage a variety of devices and architectures within your environment. However, it does not support the ability to deploy software or configuration changes during the deployment process. This necessitates the use of thick images which contain all software, configurations, settings, and updates pre-configured and set in your master image before being captured and deployed.

When operating as the primary deployment solution WDS functions as both a storage repository for the PXE network boot images as well as a repository for the actual operating system images to be installed on the target computer.

The Microsoft Deployment Toolkit (MDT) is a “solution accelerator” used for designing and creating operating system and application deployment. It is typically used in concert with the Windows Automated Installation Kit (WAIK) to produce highly customized and automated deployment solutions.

MDT supports a wide variety of deployment methodologies: Zero Touch Installation (ZTI) (Requires integrations with SCCM), Lite Touch Installation (LTI), and User Driven Installation (UDI). Each of these can be combined with either a thin image deployment or thick image deployment resulting in six available deployment scenarios.

MDT is a task based deployment process that offers unparalleled control over every step of the deployment:

• Complete management of device drivers – identify the model during deployment and inject only the necessary drivers for that model
• Run custom scripts
• Install software
• Dynamically keep images up to date by adding Windows updates

Due to the dynamic nature that MDT provides it permits the use of a small, clean, thin base image that can be added to during the deployment process based on criteria you identify ahead of time. Additionally, because software and settings are added during the active deployment process the need for multiple specialty images is reduced. You can deploy the same base image to two different areas and through the use of varied task sequences deploy a completely varied set of software packages and settings.

Simplified, WDS can capture thick images of your reference device and deploy that thick image with driver support to various devices within your environment using PXE. MDT is more of a design tool for creating a highly custom step-by-step deployment sequence.

MDT with WDS

It’s important to note that MDT in and of itself doesn’t have a true deployment system. You can create a Lite Touch Deployment USB drive with MDT and visit each device independently, but for true deployment capability MDT works best in concert with WDS. Some people ask the question: WDS is already a complete and standalone OS deployment solution, why not just use it for deployment needs? The answer is simply customization capabilities. MDT offers unparalleled customization options during deployment. We are also moving away from thick images as discussed in this article: Image Build Best Practices. Thin images offer numerous advantages to the imaging building process and lifecycle. So, a combination of MDT’s customization and WDS’s PXE deployment capabilities results in an ideal deployment solution.

MDT and WDS deployment process

To give you some insight into how the two technologies work together I have created the diagram above.

The process begins with the deployment workbench which can be a server or client device typically loaded with the Microsoft Deployment Toolkit (MDT) and the Windows Automated Installation Kit (Windows AIK). In older versions of the MDT two were required to successfully configure both 64-bit and 32-bit answer files. Modern versions of the MDT support both 32-bit and 64-bit answer file configuration. The deployment workbench will be were you setup, configure, and customize the settings on the deployment share. (The deployment share is a storage location located on your network capable of sharing files with devices you wish to deploy to).

Once MDT is setup and configured properly you will go through a finalization process of updating the deployment share. During this process you will generate boot images. Dependent on your setup these boot images will be 32-bit and/or 64-bit WinPE boot images that contain the necessary information to access the MDT deployment share. They will typically contain LAN drivers for the devices in your environment but may also include storage drivers as well. Once created these boot images will reside on the MDT Deployment share in the following location: \MDT_Deployment_ShareShare_LocationWDSBoot. These boot images can be used to make a deployment CD, deployment USB, or imported into WDS to implement true PXE booting capabilities .

MDT and WDS process flow

The MDT/WDS diagram illustrates the use of the two technologies in a Lite-Touch deployment scenario. For the purposes of this explanation the WDS server exists as a separate server and is not integrated with the DHCP server. You can read more on my thoughts on that topic here: PXE booting with WDS – DHCP Scope vs IP Helpers.

1. Client/Server is powered on by tech/admin and F12 PXE boot is initiated.
2. IP address is supplied by the DHCP server to the client
3. Client broadcasts a PXE boot request
4. IP Helper Forwards the PXE broadcast to the WDS server
5. WDS presents boot image options – tech/admin selects appropriate Lite-Touch boot image – image is sent down to device
6. The WinPE boot image requests deployment information from the MDT Deployment Share
7. Tech/Admin utilizes the MDT Task Sequence selection menu and initiates deployment from the MDT Deployment Share for the desired OS

MDT is the star of the show

It’s worth noting that while WDS adds spectacular functionality with PXE booting, MDT is doing the real heavy lifting here. As soon as the WinPE boot image is downloaded, it immediately accesses the MDT Deployment Share and the remainder of the operation (over 90% – maybe more) is handled via the MDT Deployment Share. From a bandwidth and performance standpoint, this means that your MDT share should be a lot more powerful than your WDS server.

You can read more about MDT and the deployment process here:

I also recommend checking out Scriptimus Ex Machina – Andrew Barnes has some excellent MDT information there.

Got Apps?

I usually encourage most fellow IT Pros to skip the majority of the wizards in MDT lite touch, but skipping applications is not something I’m a huge fan of, that is unless I’m ready to cook hundreds of boxes and I’m certain they all need the same appplications. If you’re ready to go to prime time I can understand why you’d want to turn off the lite touch wizard’s prompt for apps, but I prefer to leave it on most the time. But like I said, If you’re ready to pull the trigger on a huge batch of identical systems, it makes sense to skip the prompt, and here’s three different strategies you can take from preselecting and confirming to mandating some but not all, and more…

First, you can default what’s checked, and leave the option to just verify, this is easily done in the customsettings.ini file.

Just get the GUID for the app from MDT and add it to your file.

SkipApplications=NO
Applications001=

This example would just check them for you, you’d verify and just click next (allows you to change your mind at deploy time).

You could also easily just do this, and set skip to yes.

Another more extreme solution is to make them mandatory apps one by one and add SkipApplications=YES to your CustomSettings.ini file.

SkipApplications=YES
MandatoryApplications001=
MandatoryApplications002=
MandatoryApplications003=

This example would just make the three apps mandatory, would not prompt, and you’d have no choice at deploy time.

However I prefer to simplify this, and create a bundle, make that bundle mandatory and also skip applications in the CS file. The best part of bundles is you set them once, and just update them from the workbench. However, once you’re done with the mass deployment you could roll back to just preselecting and confirming. It’s really up to you, and that’s the beauty of MDT, you have the flexibility to scale back the automation down the road if you so choose.

As always, if you have any questions, send them to me on the ASK MDT GUY page!

Share this:

• Click to email this to a friend (Opens in new window)
• Click to print (Opens in new window)
• Click to share on Facebook (Opens in new window)
• Click to share on Twitter (Opens in new window)

Like this:

1. Установка Microsoft Deployment Toolkit

Это задача не сложная, здесь нам необходимо скачать установочный файл MDT с официального сайта Microsoft.

Установка происходит просто, нажимаете везде ДАЛЕЕ и ГОТОВО. После установки в меню ПУСК>Программы у вас появится утилита DeploymentWorkbench ее то мы и запускаем.

Также необходимо установить набор инструментов Microsoft AIK, который содержит в себе оболочку PowerShell. Без которой будут не возможны следующие действия. Скачиваем с официального сайта Microsoft. И устанавливаем так же нажимая везде ДАЛЕЕ и ГОТОВО.

I – Concepts

Before starting, it should be interesting to see some terms/concepts about Windows Deployment Services and Microsoft Deployment Toolkit:

WinPE: the Windows Pre-installation Environment is a minimal version of Win32 operating system use as a standalone pre-installation environment on which the computer will boot to be able to deploy operating system.

WinPE exist in 32-bit and 34-bit versions, if you want to install a 64-bit operating system you need to have a WinPE 64-bit version.

WinPE is provided by WADK for MDT 2013, otherwise it is provided by the boot images in the WDS.

PXE: as specified above, WDS server use network connection to deploy operating system. To accomplish that WDS will use the Preboot eXecution Environment which allow to boot an operating system (here our WinPE) from the network. PXErequire a network card compatible with this protocol and a DHCP server.

Boot Images: a boot image is a file in the .wim format (Windows Imaging file) which provide the WinPE environment for our WDS client. The boot image can be find inside a Windows 7 or 8 DVD/ISO.
As for the WinPE, Boot images exist in both 32-bits and 64-bits. If you want to deploy 32-bits images, you need to have a 32-bits boot image.

Install images: the install images are the .wim images which will be deployed on the client computer from the WDS server.
Install image can be RAW images from a .wim file directly taken from a Windows DVD/ISO or from a captured operating system.

Microsoft Deployment Toolkit (MDT): MDT allow the administrators do provider deeper configurations and further functionalities as partition management, application deployment, updates management, and so on.

Windows Assessment and Deployment Kit (Windows ADK) for Windows 8.1 Update: WADK provide different functionalities and the WinPE environment for MDT. WADK is required by MDT to work.
Example of features provided by WADK which will be installed in our tutorial:

• Deployment Tool: used to manage, customize and deploy Windows operating system images.
• WinPE
• USMT (User State Migration Tool): tool used to transfer client data through different installations.

Upgrading to MDT 2013 ^

On your deployment server, download MDT 2013 and launch the setup. If needed, MDT 2013 can be downloaded from this link. There is no need to uninstall MDT 2012 before doing this.

The MDT 2013 setup

In our organization, we only differed from the default setup options by accepting the Customer Experience Improvement Program.

Once your install has completed, launch the MDT Deployment Workbench console and expand to your Deployment Share. Right click on your Deployment Share and select Update Deployment Share

Updating a Deployment Share in MDT 2013

Within the Update Deployment Share wizard, select completely regenerate the boot images and continue through the wizard.

Update Deployment Share wizard

MDT with WDS Integration Overview

MDT and WDS working together

MDT with WDS Diagram Overview

MDT vs WDS

To understand how MDT and WDS work to complement each other it helps to first understand the differences between these two systems.

Windows Deployment Services (WDS) is a server based technology used for deploying images of Windows operating systems and operates as a server role in Windows Server 2003 SP2, Server 2008, Server 2008R2, Server 2012, and Server 2012R2. WDS utilizes disk imaging and can perform network based installations of captured images which are typically stored in a .wim format. Image deployment over the network is accomplished through WDS’s use of the Preboot Execution Environment (PXE) to load a miniature version of Windows known as Windows Preinstallation Environment (PE).

WDS supports the management and deployment of driver packages which allows you to manage a variety of devices and architectures within your environment. However, it does not support the ability to deploy software or configuration changes during the deployment process. This necessitates the use of thick images which contain all software, configurations, settings, and updates pre-configured and set in your master image before being captured and deployed.

When operating as the primary deployment solution WDS functions as both a storage repository for the PXE network boot images as well as a repository for the actual operating system images to be installed on the target computer.

The Microsoft Deployment Toolkit (MDT) is a “solution accelerator” used for designing and creating operating system and application deployment. It is typically used in concert with the Windows Automated Installation Kit (WAIK) to produce highly customized and automated deployment solutions.

MDT supports a wide variety of deployment methodologies: Zero Touch Installation (ZTI) (Requires integrations with SCCM), Lite Touch Installation (LTI), and User Driven Installation (UDI). Each of these can be combined with either a thin image deployment or thick image deployment resulting in six available deployment scenarios.

MDT is a task based deployment process that offers unparalleled control over every step of the deployment:

• Complete management of device drivers – identify the model during deployment and inject only the necessary drivers for that model
• Run custom scripts
• Install software
• Dynamically keep images up to date by adding Windows updates

Due to the dynamic nature that MDT provides it permits the use of a small, clean, thin base image that can be added to during the deployment process based on criteria you identify ahead of time. Additionally, because software and settings are added during the active deployment process the need for multiple specialty images is reduced. You can deploy the same base image to two different areas and through the use of varied task sequences deploy a completely varied set of software packages and settings.

Simplified, WDS can capture thick images of your reference device and deploy that thick image with driver support to various devices within your environment using PXE. MDT is more of a design tool for creating a highly custom step-by-step deployment sequence.

MDT with WDS

It’s important to note that MDT in and of itself doesn’t have a true deployment system. You can create a Lite Touch Deployment USB drive with MDT and visit each device independently, but for true deployment capability MDT works best in concert with WDS. Some people ask the question: WDS is already a complete and standalone OS deployment solution, why not just use it for deployment needs? The answer is simply customization capabilities. MDT offers unparalleled customization options during deployment. We are also moving away from thick images as discussed in this article: Image Build Best Practices. Thin images offer numerous advantages to the imaging building process and lifecycle. So, a combination of MDT’s customization and WDS’s PXE deployment capabilities results in an ideal deployment solution.

MDT and WDS deployment process

To give you some insight into how the two technologies work together I have created the diagram above.

The process begins with the deployment workbench which can be a server or client device typically loaded with the Microsoft Deployment Toolkit (MDT) and the Windows Automated Installation Kit (Windows AIK). In older versions of the MDT two were required to successfully configure both 64-bit and 32-bit answer files. Modern versions of the MDT support both 32-bit and 64-bit answer file configuration. The deployment workbench will be were you setup, configure, and customize the settings on the deployment share. (The deployment share is a storage location located on your network capable of sharing files with devices you wish to deploy to).

Once MDT is setup and configured properly you will go through a finalization process of updating the deployment share. During this process you will generate boot images. Dependent on your setup these boot images will be 32-bit and/or 64-bit WinPE boot images that contain the necessary information to access the MDT deployment share. They will typically contain LAN drivers for the devices in your environment but may also include storage drivers as well. Once created these boot images will reside on the MDT Deployment share in the following location: \MDT_Deployment_ShareShare_LocationWDSBoot. These boot images can be used to make a deployment CD, deployment USB, or imported into WDS to implement true PXE booting capabilities .

MDT and WDS process flow

The MDT/WDS diagram illustrates the use of the two technologies in a Lite-Touch deployment scenario. For the purposes of this explanation the WDS server exists as a separate server and is not integrated with the DHCP server. You can read more on my thoughts on that topic here: PXE booting with WDS – DHCP Scope vs IP Helpers.

1. Client/Server is powered on by tech/admin and F12 PXE boot is initiated.
2. IP address is supplied by the DHCP server to the client
3. Client broadcasts a PXE boot request
4. IP Helper Forwards the PXE broadcast to the WDS server
5. WDS presents boot image options – tech/admin selects appropriate Lite-Touch boot image – image is sent down to device
6. The WinPE boot image requests deployment information from the MDT Deployment Share
7. Tech/Admin utilizes the MDT Task Sequence selection menu and initiates deployment from the MDT Deployment Share for the desired OS

MDT is the star of the show

It’s worth noting that while WDS adds spectacular functionality with PXE booting, MDT is doing the real heavy lifting here. As soon as the WinPE boot image is downloaded, it immediately accesses the MDT Deployment Share and the remainder of the operation (over 90% – maybe more) is handled via the MDT Deployment Share. From a bandwidth and performance standpoint, this means that your MDT share should be a lot more powerful than your WDS server.

You can read more about MDT and the deployment process here:

I also recommend checking out Scriptimus Ex Machina – Andrew Barnes has some excellent MDT information there.

10 Questions About MDT You Were Too Embarassed To Ask…

What is this MDT you speak of?

The Microsoft Deployment Toolkit is pretty much the best thing since Ghost. It’s Microsoft’s free imaging, provisioning, and PC deployment software. Think of it as the missing GUI and scripts that don’t come with the Windows Assessment and Deployment Kit (ADK). Unless you enjoy running dozens of commands by hand from the command line to image systems, it’s imperative you have both MDT and the ADK if you’re trying to deploy Windows 7 or 8 to multiple workstations.

So is this MDT stuff new or something?

No, it’s been around since Vista, but the so-called “experts” who refused to learn Vista have been left in the dust since MDT has just gotten better and better with every release since then. In fact, every major release of Windows since Vista has been accompanied with a new and improved Version of MDT. Yes, Vista’s launch was problematic for a few reasons, but half of whining about Vista was people were still trying to deploy a 21st century OS with tools developed in the Windows 95 days. Now that Windows 7 and 8 are out, lots of people are just now playing catch up.

MDT is kind of like Ghost or Clonezilla, right?

No, not even close. Not even in the same ballpark, not even in the same league. All Ghost or Clonezilla ever did was clone disks, and even Clonezilla did that poorly. MDT does so much more, because it’s more than just cloning software. This is an automation framework that sits on top of the low level tools like imagex and other commanline tools that came out with Vista back in the day. MDT can automate the backup of user data, naming of workstations, imaging, application installation, updating, user data restoration and joining to the domain in less than an hour if you know what you’re doing. Again, all Ghost ever did was clone discs.

Why is this any different? I already have and pay for [insert name of disk cloning software here].

If you’re paying for software to do any or all of the things I just listed in the previous question, you’re probally paying too much. It’s not 2001 any more. When Windows 2000 ruled the day, and Windows XP was the OS of choice for those on the “bleeding edge” you needed disk cloning software, but these days, there’s a solution that’s free and makes Clonezilla look like a bad joke, and it fully integrates with WDS which is even better.

How does WDS play into all of this?

Windows Deployment Services is an optional role that can be installed on a Windows 2008 / 2012 Server that allows you to PXE (network) boot systems and muticast deployments across the network. Unless you’re planning on deploying to hundreds of systems a day, this is optional. Sometimes people confuse this for a stand alone deployment solution, but it’s not.

This is confusing, all these acronyms make my brain hurt, can we take a break?

Yes here’s a hilarious video of a little girl. http://www.youtube.com/watch?v=dgKGixi8bp8
Don’t be like her, take a deep breath and focus on the essentials before you start yelling “Go!”

How do I get started?

First off, you need ADK 8.1 and MDT 2013 installed and I recommend getting a VM up and running to accelerate initial testing. Once that’s done, all you need to do is build a what’s called a deployment share. You’ll need one for building images and another for deploying images, but for now, just play with a test share and the generic image from the installation media aptly named install.wim. Once your share is built update it, and MDT will build a boot disc for you to use. Once you feel comfortable automating a basic windows windows installation, then start adding drivers, and applications to the share.

I really just want to build a super slick image, How do I do that?

Easy there young grasshopper, it’s good to have that kind of enthusiasm, but it’s important to not put the cart before the horse here and that you learn to WALK before you RUN. If you’re really new to this “automated installation” thing, do yourself a favour, and just rock the image that comes on the Windows Vista / 7 / 8.x media. Furthermore, its important to learn driver management and how to push applications after imaging, because those two skills will allow you to have “one image to rule them all”.

So I don’t put drivers or applications in my images?

If you like building lots of images and maintaining them, go for it. If you enjoy having one image for every make and model you support, keep applications like Java, Flash, and Firefox out of your image. No drivers either, build the image in a virtual machine, and let MDT install apps and drivers at deploy time. It’s easier than you think. This method helps keeps your total image count down. This is important, reducing your image count to one or two saves you and everybody you work with lots of pain down the road. Having one image that runs on laptops and desktops, Dells and HPs, is a thing of beauty, and the elusive goal of many windows engineers who do this kind of stuff for a living for many years. If you have more than two images, one for 32 bit and one for 64 bit, you may just be making your life more complicated than it needs to be.

Sounds pretty neat, are there free videos or books I can check out?

Yes, there’s tons of stuff out there, I highly recommend checking out the following resources: