Image Creation and Deployment the Microsoft way

Part 1:Creating the Virtual Machine

  1. Remote into virtualhd using a mvcc domain account.
  2. Open the Hyper-V Manager
  3. On the right pane; New > Virtual Machine
  4. A new wizard will pop up, ignore the 'Before you begin' screen if you get that. Go on to 'Specify Name and Location'. Ignore the location field, but enter an image name in the Name box. (i.e. art-image, nursing-image, base-image, faculty-image, etc.). Next.
  5. for 'Specify Generation' leave it on generation 1. Next.
  6. Start up memory, we usually use 2048MB. Leave dynamic memory unchecked.Next.
  7. Configure Networking; Connection: use Copper2 on the dropdown menu. Next.
  8. Connect Virtual Hard Disk: Change the location and add a folder name to match the image name.(ex. D:\Hyper-v\name of image). Leave it on default settings for size unless you are doing a large image like art or animation give it 200-250GB .Next.
  9. Installation Options: Select the bottom one which is 'Install an operating system from a network based installation server'. Next.
  10. Summary Page; hit finish. This will create the virtual machine but not start it up yet.
A few extra Settings
  1. Right click the Virtual machine that you just created in the center panel and select 'Settings'.
  2. Bump up the number of virtual processors from 1 to 4. Then click Ok.

Part 2: Creating the Image

  1. Double click on the name of the virtual machine that you created (middle panel again). This will open a new window but again not start up the virtual machine yet.
  2. Hit the green button on the top bar of that windows to start the virtual machine.
  3. It will start as if it is doing a normal PXE boot so hit F12 when prompted and it will load into MDT.
  4. MDT will ask for user credentials; use an mvcclabs domain account, domainjoiner is the one we use. Click Ok.
  5. It will come up to the task sequence selection.When creating an image, select 'Deploy Windows 10 to reference Computer'. Next.
  6. It will ask for a computername, this doesn't come into play at all for now so you can just leave the gibberish. We will select new names later anyway when deploying the image. Next.
  7. From the list of applications, select whatever ones you need for this image and check them. Which is going to be most of the list probably. Deepfreeze should be left off for now, it can cause problems. Best to install it later by hand.Next.
  8. Select the first option: Capture an image of this reference computer. Location you leave alone. For file name try to be descriptive, i,e. Art-image-7-13-2017.wim (important to leave the .wim at the end!!). Next.
  9. Hit begin at the ready screen. And let it do it's thing. It will take a while, especially if installing the adobe suite.
  10. During the task sequence, it will pause after installing the applications, leaving you at the windows 10 desktop. This is your opportunity to install anything additional such epson scanner drivers, or anything that is specialized to that lab. So do that.
    • File explorer > View tab at top > options > open file explorer to: This PC then under Privacy > uncheck 2 boxes and clear history
    • Create the MVCCIT folder in the c: drive and put the adobe serialization in there. Run it.
    • Open Adobe Acrobat and set as default PDF.
    • Create a RWG folder in the c: drive.
    • Open RWG and activate it.
    • Add scanner drivers for lab images.
    • Remove Adobe Creative Cloud from public desktop (enable hidden files then go to c:\users\public\desktop).
    • Go to \\knox\Installs\Browsers & Plugins folder.
      • Copy browser settings files - look in folder for directions.
      • open each browser
      • Check adobe extension - enable if needed
    • Windows settings - default file types and default browser and mail clients should be set during deployment so no worries here
    • Start Word and make sure first run wizard does not come up. It should not.
    • Open VLC uncheck the boxes.
    • Go to task manager > startup and disable any updater junk.
    • Check windows updates again.
  11. Before resuming the task sequence, create a checkpoint (snapshot) of the VM in case any issues happen during the next step.
  12. Once done, double click the desktop icon Resume Task Sequence and wait for it to run.
    • It will start the capture process automatically.
These created images are put in the mdt01 virtual server on \\mdt01\DeploymentShare$\Captures

Part 3: Uploading the image.

  1. Remote into mdt01
  2. Start the Deployment Workbench. Initially it should take you to the deployment share (left panel).
    • If nothing shows up beneath Deployment Shares:
    • Right click Deployment Shares > Open D.S. > Browse > This PC > Local Disk E:> DeploymentShare then ok
    • DO NOT check the box that says 'Upgrade the content of the deployment share
    • On mdt02 this is already mapped on C: (mdt02 is for Rome)
  3. On the left Pane navigate to Deployment Shares > MDT Deployment Share > Operating Systems. Right click Operating Systems and click 'Import Operating System'
  4. It should start up the Import Operating System Wizard. Select Custom Image file. Next.
  5. Your source file is going to be your wim so you want to point it E:\DeploymentShare\Captures and select the wim that you named/created during the last part. there should only be one in there if we stay good about keeping that directory clear
  6. Before hitting Next. Check the box underneath to move the files to the deployment share instead of copying them. Next.
  7. Select the first option; setup files are not needed. Next.
  8. Leave the default destination directory name. Next.
  9. Check the summary. Next.
  10. Once process completes, hit finish. You should see your new Operating System on the list in the middle pane. You will notice the name will have a repetition in it. Replace the first repetition with the word CAPTURED so that we know that it is a captured image. i.e. art-image-date-art-image-date gets renamed to CAPTURED-art-image-date
  11. On the left Pane navigate to Deployment Shares > MDT Deployment Share > Task Sequences. Right click Task Sequences and click 'New Task Sequence'
    • Note: if you are updating an image, you do not have to create a new task sequence, you can modify an existing one and just re-point it to the new image.
    • Do this by right clicking on one of the existing task sequences, then properties. Here you can update the name if you like.
    • under the Task Sequence tab in the middle scroll down to Install > Install Operating system , and on the right properties panel you can hit browse, and then select our newly captured image. Then Ok.
  12. A wizard will appear. Give him a cookie and some milk.
  13. For Task Sequence ID call it something like ArtImg (no spaces or special characters) (This one cannot be changed later, the task sequence would need to be recreated if you want to change the sequence id.)
  14. For Task Sequence Name call it something like Art Image
  15. For Comments write the date probably. Next.
  16. From the drop down select Standard Client Task Sequence. Next.
  17. Choose your custom wim that we have created in the previous steps. CAPTURED-whatever.wim Next.
  18. Leave the top option; Do not specify product key at this time. Next.
  19. For full name you can leave Windows User; for Organization use MVCC; for IE home page put in http://www.mvcc.edu/ Next.
  20. Admin Password; use the standard local admin password we always use. You know the one. *wink wink* Next.
  21. Summary. Check for your mistakes. Next.
  22. Finish.
  23. Few small customizations.
Note; disabling a folder from the task sequence will not disable the tree elements under/inside of that folder. Each one has to be selected and disabled individually.
    1. Under Preinstall > Offline user state capture , disable that element, and the two beneath/inside it.
    2. Also disable Refresh Only and Backup right underneath it.
    3. Disable Enable Bitlocker (offline)
    4. ONLY FOR FACULTY: Under State Restore > enable "Install Applications, in the properties select "Install a single application", then click browse and pick Malwarebytes Endpoint Agent. Disable Enable Bitlocker, and disable Restore User State. And the last element there, a folder named Imaging should be deleted entirely.
    5. Open another task sequence and copy the custom tasks; Join Domain and Start Layout, and paste them into new task sequence.
    6. Hit ok and you are ready to deploy.

Part 4: Deployment Process

  1. Enable PXE boot in bios
  2. Boot to network card, and then watch for the prompt to hit F12
  3. You should then end up at the Microsoft Deployment Toolkit wizard screen
  4. A credentials prompt will appear, use an account that has domain joining rights; domainjoiner or any domain admin account.
  5. Then you get your task sequence screen, use this to deploy (not capture, we already did this).
  6. When prompted enter a good computer name. Computer name does matter now since we are deploying. Standard naming convention, like user-model or purpose-model or for labs roomnumber-numbers
  7. Hit Next, then Begin. Let it run and do what it needs to do. This step might take a day+, it is much faster on SSDs though
  8. Eventually you end up with a Deployment Summary screen that says Success, and possibly any errors, which you should angrily report to Vincent.