Microsoft Deployment Toolkit & Deploying Windows 10 - From Scratch!

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everyone welcome to my channel and welcome to today's video walkthrough on Microsoft deployment toolkit and my name is Mike Galvin and I'm the author of the website gal Dolphin edgy AL dia where I writes a lot of articles and walkthroughs on Windows deployment and installing MTT in maintaining windows and all sorts of fun stuff like that so in in this video this is a a video to accompany my blog post on how to install NGT and deploy windows this is the blog post something going to be working from but it's gonna be a slightly different video because I'm going to focus on just installing MDT and building a tower sequence to deploy Windows customize it a bit add it to a domain that's all stuff what I usually do with these blog posts what I have been doing in the past is I would like a building one and a deploy one and the idea point is is that the build is like building a gold dimension and the deploy is deployed deploying the gold image and you're using two different shares to define an MDT shares that's all thing for the sake of simplicity and the way that I'm sorghum falls with this for myself in my own lab is I'm kind of just deploying Windows now rather than building gold images but this is also relevant if you need to build cold you cold images as well wooden building gold images is still a legitimate way of deploying windows and all that sort of thing it's it depends on your environment and what you need to know in the past I needed to deploy cold images these days not so much just I may need a different environment now so that's what this walkthrough is going to be going through and I'm gonna go through it from scratch so we're on a base install of Windows 10 1909 here nothing helps installed and we're just going to go through through the installation process and I'm going to be trying to cover everything I possibly can including said by program installs and all something in there in MDT with task managers and tasks on their test sequences and so on I'm gonna be doing it in sort of a basic sort of simple way I'm I'm not going to be covering anything to advance I don't think here using SCCM or anything about so you can do all this pretty much for free I suppose as one getting it so if you're already well into SCCM and MDT at this point you there might be a couple of things that you'll learn from this but then but possibly not as this is and more people want to get started with it cuz there's still a lot of people out there I think that when they get started with it okay so let's let's get right on into it then so the first thing that we need to do with 19:09 I would deploy in 1909 and all that good stuff is that we need to get all the prerequisites for MBC the dependencies and so on just like I say in the blog post here so we're just gonna go download these all right now we've got an update to do for the Windows System image manager WM in 1903 there's no update in 1909 for that there's no update to the ADK for 1909 and Mark stuff to confirmed all that have so that's what we're gonna have that's what we're gonna do so he's cruising in here as well like I said just base install no no austria browsers installed own to that so I just want to make sure that we're all on the same page for this so I scrapped this ADK so getting the a decade for Windows 10 1909 my course will be button bonging all this in the Downloads folder and the next thing we need is the we need a wooden PE and on so I'll grab that and we need the system image manager I dunno three updates or grabs up two and that should be that I believe a system manager ID UK and oh yeah of course we need an empty to yourself yeah which I don't believe has been updated for a while actually yeah let's get a 64-bit version I think it's worth noting noting that as well that this update for W sin 1903 is for 64-bit windows so if you're someone so easy but for whatever reason you don't actually need this this is just a book that exists in a 64-bit version go back to my my page here ok so everyone's got their phone now and of course you need your Windows 10 media we can get from the vitamin Licensing site or the the MSDN assignment whichever one works for you I haven't written a blog post on this and I won't be going into this in the in this video but what you can do is also just use the media creation tool download the recent version of Windows with that you'll get an ISO and if you open up the I so it's an ESD image rather than a whim you can convert the ESD image to a whim using a using some tools I think it's using disome and now think about it but as I say I'll mention that here but I'm not gonna go into it just because that's not the the focus of this tutorial and but I will be writing about that in future right I mentioned here where Windows USB DVD tool it's the same thing that we had with backward Windows 7 that's just so it's an easy way that you can put an ISO on a USB stick there's plenty of for the tools to doing it this is just that the Microsoft one and I've always used it and it's always done a good job and of course you might need also a remote administration tools for Windows 10 I'm not going to be downloading that here but that's something you might need it's also worth mentioning this point that I'm doing this on also Windows 10 clients this is like what I like to call like an admin PC and then my empty two server is a another VM running elsewhere so I'm going to be putting all the tools and stuff on here and the MDT sofa is essentially just a file server which is going to store these files and other people I know will put MDT on the server itself that's fine too you can do all this that way it works both ways is one basic I'm trying to say this is just the way I tend to do it so we've got all that bits and pieces let's install the ADK here and this is all pretty straightforward so we're just gonna stall it to the default path I won't send anonymous usage to when Microsoft for these this this kit this time as you can see like it says so we have deployment tools imaging configuration use the state then we'll just untick the rest of these what I usually do use not here but like in a corporation on a network is I also usually install the volume activation management tool this is some nice handy tools for checking the activation status of your Windows 10 clients servers server 2016 everything really it also enables you to you could put all your keys in it and keep track of them if you've got any Mac Keys you can keep track of them with this as well and it also enables you to do active directory based activation but again but again I'm gonna leave that out this particular video because that's something for end of the day I think but I think it's worth mentioning since we're here okay once that's installed I'll just close that and we'll install the winged PE setup and again we'll install it to the default path well just next next next through of this okay once wooden P is installed I can close up and then we'll move on to Microsoft deployment toolkit so as opposed to the ADK and wouldn't be there this takes a much shorter amount of time to install and again we're just clicking next installing it to the default no problem okay so if we go into the start me now we're gonna have a whole new host of things here so the important the point things here are Windows system image manager so that's peanut to start in I had deployment and imaging tools environment that will come in handy maybe not for this specific tutorial but you might want to hang on to that I'm not gonna be touching that in this one so we'll leave it the next most important thing is deployment workbench that's probably that's probably the main thing actually and then we've got Windows key switches those things okay so this loads of the deployment workbench and this is where we've been spending most of our most of our time so initially we might have any deployment shares if you've already got an MDT deployment share you can just connect it to an existing one and just to go through that process let me think I think it's yeah so this is an existing one if it's an offer from an older version you might want to take the upgrade the contents of the deployment share but I'm not going to because we're already on the same version and I'll add an existing one so but I'm going to close up and what we're gonna do is you know connect to the NBT server and we're gonna create a brand new share and just to say if you're doing this all on the same so if you're doing this on the PC maybe the PCs are gonna beat the MDT's over in this case which I guess you could do then you know you just create the folder locally and share it out in the same way you would it's yeah I'm sure you've created this shape before but just in case you haven't let's go through it again so I got a server here windows over 2019 in this case we go see drove an e Drive probably need to it's funny you drive of it okay I'm just gonna create a new folder I'll call this deployment show I'll go into the properties that's alt enter or right click on properties get the sharing and fan sharing share this folder I would advise to put a dollar sign on the end so it's hidden so let's do that I'll go to permissions what I generally do seen his waiver we're in a lab environment here their domain admins allow all and just do domain users leavin that read that being said I would recommend to lock this down a bit more to your specific needs I'm just doing this because we're in a lab environment here and that's all work for us so we just okay that and okay that and that's it that's all we need to do there if I go back to the deployment workbench no new diploma share just put a path in so its deployment share dollar go next show will call it that you can call this whatever you want you can leave these as the default it does not matter because you can configure it later on so you just go next next next and all its going to do is copy all the files and things it needs take this a diploma share so there we are it's current default the structure and the server a share that we just saw look so go next time open this up and we've got our deployment share okay so now we're going to add an operating system to our deployment deployment share here and so what we're gonna have to do here is we need to you to our PC and this is where you need the ISO so we've got our 90999 so here at one second I just add the extension to say yeah hyah so that's gonna mount that I just double click it mount it into the to the PC and then we're just gonna go back to deployment share here and we're gonna go full set of source files and we're just going to point to our driver to drive and then next and it always does that it always just sort of picks one of the one of the indexes and just cause of that I'm gonna call this Windows 10 1909 x64 and then we'll click that now you click Next and wait for it to copy the files okay so as you can see there it's created the new items we've got well that's just click finish there and we'll go to operating systems here obviously it's got all these funky names on the end but that's fine you can tell what it is that's what's the important thing is it so we've got our operating systems here now we need to do some preparation work for building a test sequences and at the moment we've got a completely empty deployment share here's an operating system so what we need to do here is forget the packages create a new folder let's call it 10 or W 10 it's my shorthand and we'll put the x64 in 99 x64 just in case for some reason we do in the future deploy x64 so create a new folder there we will be using this and then you need to go to advanced configuration and selection profiles I'll create a new selection profile call this one 10 1909 thanks 64 you're next and all we have to do here it's just pick that folder and all we're saying here is this selection for a profile or coming in handy in like the tie sequences so he uses to sort of say I only use the selection profile and in this selection profile basically says only installed these packages for this version this enables it to integrate the update at the time of OS installation okay so now we need some applications to install so we need to populate our applications list so I want to try and cover a couple of bases here let's let's get some third-party applications which I think people will want to install so if we grab 7-zip I think could do with the MSI okay I'll go grab the MSI there I think we'll also want good Google Chrome and the price so we can get the MSI for that which which will grab the 64 bit on bundle here okay and let's also get Dolby reader now here we go so yeah we want we're just done and and okay all right now yes I could have just grabbed these beforehand and have them all ready to go but I kind of wanted to show the process of getting the emissary's because not everybody knows how to get the MS always for a lot of these applications and you don't have to get the MSI's it's just it's more it's more helpful to get the MSI's xcs are fine too and just to just prove it actually it obviously helps if they're well-written X's which gladly VLC is and hopefully that should be downloading somewhere and notepad plus plus as well I just want to get a nice as of around collection of software and yeah we'll get the exe and six people bit and there we go so in my downloads folder should have them and then I went ahead beforehand and grabbed Microsoft Office 2016 and 2019 because I just want to demonstrate two things it obviously you'll have to grab these from your fee LC and site or and the subscription or if you get your office 2016 from office 2019 you should be able to grab that but again that's a different tutorial for a different time alright so if we go to our MDT server and it helps a few remember the name of your server there we go so there's a couple ways you can add applications into MDT the way i like to do it just because it's a little bit easier a little bit less involved I suppose is I just make a folder I call it VLC drop PLC in there and job done and then to get that into MDT let's go a new application you say at this list we got application without source files or elsewhere on a network you next generally I'll call it PLC I might put the version in I might not it depends because we will see is constantly being updated and usually you don't need to keep the old versions around though just half of a VLC folder and then we'll just drop the new EXCI there all the time and then just for the sake of this video VLC to eat sorry VLC e XE / yes this isn't the actual command but we'll come back to that in a minute then the working directory it will be dot backslash applications PLC next and finish and that's it we're already already there another way you can do it to get this in exactly the same way but just another way of doing it is you kind of have to create a folder for each application that you want to add so if we do 7-zip 7-zip in the 7-zip folder go back to NDT applications in your application application with source files and they go next and again we'll call it 7-zip and you get next and you give it the source directory and it's just gonna suck in all of the all of the files in this folder it's gonna go guess what 7-zip it's 7-zip dot and as I quiet and no GUI again this isn't correct we'll come back to listen and all it is there is it as the copying for you and crates a creates a folder drops although all the files are in this folder in there it just does it for you I just prefer doing the work of myself I guess rather than having to create folders for each each of these files and then drop them in there and so on songs on so yeah whilst we're here I'll grab office let's move that and to that folder just so it's that and then we also need to do Acrobat Reader this is PC not Marvel so Acrobat Reader than that oh and we also need to do notepad some reason I don't like point special characters in names so I literally just type notepad plus plus just in case yeah compatibility oh and we've got Google Chrome as well some article struck that it's a good thing with the Google Chrome Enterprise bundle is that you get the installers so we get a also get these other two which again I haven't really messed with I had too much of the memory legacy legacy browser support an endpoint verification I don't know what those are Department but we're looking for Google Chrome and this is what we need for Google Chrome so oh whoops I call it Google Chrome I just move that MSI in there and then just to go through this quickly you know some good documentation for all the MSI's and the preferences for both Mac and Windows and the admx files for for Windows so here's minimizer and then in configuration we've got a DMX sorry ADM files admx files I know we've got the Mac P lists as well and master preferences which firstly I think it's great and then just the Reg as well they were actually gotten never actually done a really good job with this I think so props to Google for that Righton so we've done our Google Chrome we're done 7-zip I've done my crack reader I got office we've gotten that published plus I think that's everything okay let's get these added in quickly to MDT so if you want to also you can put like a Microsoft in there it's just it's just they're easier to find welcome back to this there is a reason that I keep saying we'll come back to it I think we can delete that empty as well so that's good okay okay so we've got the applications we're going to be using for our example here so we're going to go back we're going to go back around and we're going to fill in all the correct information for them so they can do sila installs so you want to go to your application you want to get the the name of the complete executable or in this case Amazon and we're gonna go into 7-zip properties you can go into details and we're going to go into standard notification I'm gonna change it to the MSI you still want a slash quite end on the end and before that you want msi exec /i so that's MSI exact install this MSI do it quietly don't show a GUI and then the working directory is dot backslash is because MVT will always work within the MDT appointment share so everything is always the current folder and then applications 7-zip in this case and that's it and then for Adobe Reader which Topsy is in the XE we want to go back to our folder do the same thing again when I get Pat's name of that a XE now this is specific to the exe and I think for Adobe Reader that's slash lower case s and then all not all the time sorry it doesn't matter all the time but some applications it is case sensitive the to silent is case sensitive I've definitely had applications which /s lower case s doesn't doing thing but then slash of case s installs it silently and so keep an eye out for that and then again we're just gonna grab a path here and that's gonna be back slash applications and okay that's all there is to it so we're just going to do the rest of the use of real quick another MSI same as before good thing with MSI's are that they're more or less pretty much the same so it's msi exact again /i name of the msi /qn just crap that path and that's it right office we're gonna come back to here because office 2016 an office 2019 both have different ways of doing things and I want to give them both they're sort of time time to shine so we'll do that plus plus again this is a similar sort of thing that's with 7-zip and don't rather Adobe Reader I believe this is capitalism okay so that's /s and then what we got left we've just got veal so you left again same sort of thing you'll see / yes I find a lot of these open-source applications for whatever reason all pretty much standardized on slash capital asses like a sauna in store obviously not all of them but like notepad plus plus PLC and I think the 7-zip exceed us as well but not two percent sure about that right let's go to office and let's get familiar with that so the thing with office is is that office 2016 at least MVT actually integrates pretty well with it which is really good yeah we're gonna leave that set up there for now so that's okay that I minimize that so you saw me just then just put the folder in and we will go back here and open this up you'll see with a new tab here so go into office office products we basically get to configure how office 2016 is installed has similar to the office customization tool so you just because I sought from the the files that are in the office folder and we've got Pro Plus here install the language put your brother key in there or if you leave a blank if you've got kms and you use the the office kms key that will get from New York to dietary or from and kms server so if you leave that blank same as Windows it will get that display level none basic fall again this just gives you the GUI or not in our case we want none because entities got its own GUI that Ida puts in front customer name contoso you poke with everyone there obviously I never do the caching I've never really had need to and you accept the Euler always to press reboot and job done that's it if you're ok that then go back to details I think it's right and then if we go back to details you'll see and it's filled out the slash config purpose to read we backslash config.xml fart for you and because altering this creates that folder so it creates that file or edits that file and then it just automatically adds in and I thought that was really great that's a really nice integration of office 2016 and MDT of course both office 2016 and in MDT are both back from a different kind of error of Microsoft it's a bit different these days it doesn't do that apologies it doesn't do that with office 2019 but then office 2019 is and 365 for that matter as they're both essentially the same product they're both dealt with in sort of very different ways which we're gonna go into right now so we'll go back to our office 2019 and folder here I just get that folder and again we're gonna go to details and set up our working directory and then we're gonna need something a little bit different here so you'll see in my office 2019 folder here we've got the setup.exe hair which I believe is the the main thing you download and then you can make let's just open this up your own XML file so if you open up this XML file you see that this has like all the configuration information in like a 16 does so to create your configuration XML file for office 365 or office 2019 basically you've got to go to config dot office calm and if you scroll down here a little bit it's got an existing one that maybe something else previously made you can import that here and then alter it but if you go to create a new one which is what we're gonna do as you can see here you basically get the option to configure what architecture you want to download and install which version of office you want a professional Plus 2019 standard 2019 songs on 236 5 a Visio project and additional products at the update Channel so why not that's just good business we'll keep that there update channel so you get here you must be channeling your sudden semi-annual and then which version you want then you can turn off and turn on specific apps generally I turn off groove because most people don't use that scope for business it's being phased out so what I don't do that these days unless people specifically request it your language if you want install any additional language tracks just everything's here it's it's really really really good really well well put together a website really ideally I like I like this as well actually so this is what I was talking about for MDT you're going to need to preferably have two files locally you're probably gonna want them for your local network anyway so this is where you choose that and you can either create an external file which will install it from the web if you need that so you can create XML files for different needs really so if you'd like local source you can put whatever you want in there doesn't have to be doesn't have to be something that maybe exists even right now you just just put whatever you want because then you can always just edit it later you know it's an XML file and then you can do all the pinning icons to taskbar that sort of stuff really good stuff update and upgrade again it's you get to choose where it gets it from the internet whether you want to do a local source I should probably do a walk through so more specifically go into more depth about this but this is basically what you need you can figure this all you want and then you export your XML file and then you can use the XML file to download the files that you want locally and then use them for MDT or local install or whatever you need I should go to actually that's good with Google to get office 2019 I do believe it's just office deployment tool I'm pretty sure you don't even need like a you know you need to go to your volume license site or anything like that anymore I think you just download yeah that's it download the tool which is basically just it's just a setup by Exe and then it uses your XML file if you configure it to use XML file ill download your your files and it's button wherever you want locally where have you configured in the in the path so that's how you can get your office 365 or 2019 files really the only thing you really need your volume mice and stuff for is there's a key UK meskhi Mac key whatever so I just thought we cover that here um suddenly a quick dip into it like I said I probably should do in more in-depth walks Iran but back to MDT again this isn't a tutorial exactly how to install office or setup 365 whatever but just to give you a rough quick outline of how to get the files for MDT in this case and then what you're gonna want to do is once you've got those those files if I go into office data you see you got all these versions you're gonna get all these versions this is because I keep this up today once you've got those files you going to NDT putting your setup dot exe slash configure and give it the XML file there and I'll see working directory of the directory of your office 2019 or 365 files and it'll install office 365 or 2019 to your configuration just like 2016 a little bit more involved but this is the guess the new way of doing things with Microsoft software and 2016 and the MDT interface itself is kind of like the old way of doing it so that's the applications done that's probably the most complex section of this I think and because the the rest of it is relatively straight fold I would say so let's move on to actually creating a task sequence and installing Windows because that is of course or actually here to do so here we are new tire sequence we're installing Windows 10 1909 and let's just put an a on the end just to give it a ID and then this is going to be deploy Windows 10 1909 x64 Enterprise in this case this time we're just gonna do a standard client install but as you can see you can there's a lot of other options here but we're just gonna go with the standard client tasks sequence so good next we're going to pick our operating system which is going to be Windows 10 enterprise and we're not going to specify a product key because again if you've got a Mac heating you can put your nut cookie in but if you're running off kms which you probably are either from Active Directory based authentication over from kms server you just leave it blank and that will sort it out count Riario sense and you've got your full name and your organization and I'm just gonna put name and canto so here and you've got an internet explorer here but I was just leave a blank because we don't use it to make explore it alive so gonna go next and you probably got a group policy that actually writes anyway so it doesn't when your mother okay I'm gonna X now you can either for some reason not specify our administrator password this will enable the administrator account anyway you can disable it maybe if your policy does it disables it you could put a script in that one disable it but initially it's gonna need the administrator account to be at least there and if you put the password in that's fine it'll still keep it a secure it just Auto logs on for a couple of times but eventually we'll clean up after itself and then remove that so possibly a bit of a security risk there were suppose and but in this case we're gonna put a password in I'm gonna I'm gonna put in lame password conext and that's it that's just basically the test sequence all sewed up that's pretty much all there is to do so we're gonna do now is we're actually going to customize it and add in our applications and all that so first thing we're going to do is and two initialization we're going to expand this and get the local data row name you're going to want to gather local data and process rules files and the rules file is going to be custom settings dining and I'll come back to this in a bit so there's no need to change any of this other stuff other than pre-install and you're gonna want to go to apply patches and this is where we're going to use that selection profile to install patches for 19:09 x64 so that even before it's installing the operating system it's getting the patches and put them all together and I will cut down on windows update time so under the install that's where your operating system is that's that's where that's stored if you need to change that and then post install this is we've got inject drivers and more patches if you've got packages to install after the main install and then we've got state restore and this is this is where we're gonna want to add applications this time around so what I usually do is I enable Windows Update there and enable Windows Update there and then install applications I'm actually disabled and then we just apply that just su all that's saved and what we're gonna want to do here is we're gonna go to add a new group and I usually call this install apps grouping things up like this just enables you to move them around easier later on because what you can do is if you've got multiple task sequences and multiple deployment shares you can copy and paste all the stuff between them without any issue like our create new diploma shares and just grab everything from the old diploma share and dropped it in the the new one for example my all the applications you can just pick them up and grab them move them over and MDT just copies all the files know exactly what it's doing it's it's really quite good so you're gonna go new group and then I believe it's under general install application and then you're just going to want to go install a single application for house I'd say 7-zip and what I usually do it is just say 7-zip here so the name populates there and you can see what we're installing and then I have to admit I'm pretty big on just coughing and pasting because that's easier than through all that work more again and I just changed that Adobe Reader copy paste apply some touch that doesn't always update and again you do copy paste with a keyboard here so ctrl V I do be reader Google Chrome I need you just keep on going and where that's exactly what we're gonna do I'm just gonna keep on going now what's next bono publish button and then let's put the ASEAN and I think we'll put office 2019 on to okay there we go I'm just gonna move you'll see up there and so offices afterwards and that's it just click apply apply it is basically I always think of a place just the Save button so as I'm working through a sequence to see I just hit apply because MDT isn't known to crash as well occasionally and so there we go that's that's all there is to that now if you remember we downloaded a fix for W sim and we didn't do anything with that so I'm going to extract that and I'm just gonna demonstrate what the issue is there and then also go through the the fix so I'm gonna go properties in your OS info I'm gonna edit uh no ten Duyck so now now this will take a little bit of time but what will eventually happen is ill offer up an error so as you can see we've we've got the our our way over here so we're gonna fix this so we're just click OK I cancel out that the issue here is that there's a problem with the windows that the WSM windows system image manager that was released in ADK 1903 Microsoft released a fix for it and unfortunately we have to do it ourselves so basically Microsoft say run this command line with an elevated command prompt run this back file with an elevated command prompt um and essentially all that does is a couple these two files so we can do that but let's get in in deep here and do it ourselves and so because we installed the default path but lay list there is is exactly right for us so we're looking for image cat an image empty our image manager and they will be in W sim image can impinge upon those yeah hey sir that's the problem and we're just going to copy these over there yeah okay give it ourselves permission and there we go and that's it that's literally it's just that easy okay so as you can see even though we've put the fix in this store we're still having the problem here and the issue here is is that the fix fixes the W sim program but doesn't fix how it connects to MDC whatever the issue there is so let's let's go and do that now I don't actually need to edit that XML file there but I just want to demonstrate in case you do for clever reason so if we go to the window system image manager and open that up and what we're gonna have to do here is if we open up the answer file and we're going to be in the w7 folder here so we're gonna want to go to our deployment sure you're gonna want to go to control plan your task sequence and then under turn to toy XML and then you can change the the XML file out of you how we need to so for example log and count now again you can change this too and maybe you only want 99 8 so yeah so that's how you can change that how you just save the XML file I don't want to save the XML Huff book you just saved the XML file and that's how you can edit it so I'll close that so just as a small thing but worth mentioning I think okay so next up we're going to get some Windows updates for the for Windows 1099 and put them into packages and these will be installed so to do that you're gonna need to go to the Internet and we're going to go to a website we're gonna go to update Microsoft calm and then if you just search in there for Windows 10 version 1909 and then sort it by date updated so it's the most recent ones first I thought you'll get all the drivers and stuff as well which you don't necessarily want and then what we're gonna want here is 2019 11 cumulative update for Windows 10 version 1909 and in our case we want a 64-bit version so just click download and download that and then the other one you want is the servicing stack update the SSU 499 again again you're gonna want the 64-bit version of that which is their hair so again just download that and then we'll be good to go so we've got both those updates downloaded we no need to put them into a folder so that's doing 1909 11 see you SS here just grab both those and then we're gonna browse to that folder that we just created see you quick cumulative update and SSU servicing stack update and it's gonna copy those into MDT and register lamb as packages and that's what we need to do because in the task sequence we went to at a sequence on and under the pre-install we've got apply patches and we've got a selection profile and the selection profile if we go that matches the packages folder and then the 1909 x64 folder because of that it's kind of your only install those files and other they're there so the SSU and the C you should be installed as part of Windows and not having to go to Windows ok after the fact okay so let's actually configure the Diploma checks this is the last thing that we really need to do at this point so platform supported I just leave these both ticked sometimes I own take x86 it depends really but most the time you can just leave these both on it's it's not going to affect anything it's a fruit of rules if you remember when we first installed MDT and setup the deployment share we got asked a couple of questions about skipping admin passwords and that sort of thing the reason I said that you can totally skip that it's because this is where you can edit them and add in a whole load more so we're going to cover this in a minute you've got your wimpy you got x86 next 64 you have to just remember to make the changes for both if you need them for both but again generally you don't leave all this as this it's kind of more for specific circumstances but if we need to add in the.net framework to your wimpy boot image then this is where you do that and that sort of thing and extra drivers which you may need to do for network or mass storage devices that's pretty much the only reason that I would say - I didn't any extra drivers like any of the video drivers that sort of thing it's not really necessary you just need wimpy to load up and be able to communicate with the MDT server and put the image on the disk and that's what you needed to do the more drivers you put in the bigger the wimpy gets and the longer it takes to boot that's all thing so generally keep this is small you can and then finally there's just monitoring so usually I do my enabled us so if you do that all it does is it makes the PC or the server that's running this deployment console the the monitoring station I suppose but when they will enable that just to show it off it adds in firewall seconds if windows file was on air so this whole works automatically ok so let's go back to some rules first thing we're gonna do is edit the bootstrap so what we need to do here is this is where you tell it where the deployment share is and what to do with it when it boots up for the most part we can leave this as it is if you want it to automatically log in you have to put in the username password the main here obviously that's a security issue and I won't do that here just to demonstrate the point I think but you can do it it's in my blog post but if you did want to do that you just you can keep the point the Train yeah there we go and you just put the user domain in the user ID whatever user you want to use and then the password and that's it but like I said we're not gonna do that here I will do the skip welcome now just skip the page that says welcome to MDT that's all thing so we'll save that right now next we're going to go to custom sentence which is the the rules made but III know it's custom settings not any because in the deployment share it's called custom sent so let's just show that off whilst we're here under control and custom settings Donny that stats for that file and boots crapped out any that's where that father's there as well that's the bootstrap dining here so when you're editing these you're just editing these two files I think it's important to note is that there's no real sorcery with deployment toolkit it's just a collection of files and scripts and they're editable like without going through the GUI I think it's I think it's important to remember so throwback to my blog post I will scroll down here we have custom Saints tiny and this just shows you all host of possible custom sensei can have now this is gonna be for a primarily for capture and sysprep sort of environment and seen as we're not doing here let's go to my other blog post which covers two more let's say we're deploying the more the deployment sort of side of things rather than they capturing a gold image so if we go to areas so I'm just gonna copy all this and we'll go through this bit by bit okay so we're in here and our rules or our custom settings Donny let me just go through each of these sauce sections so right at the top you got a sentence this is where you put the priority basically that priority and says model there that's saying that this section here is way but your models like various models of pcs I haven't really covered and drivers yeah yet but basically this is where you were putting your drivers as come back to that and we'll do the custom sentence first so then you've got default and then the default as you can say here if you want to just make it look pretty but your name there or whatever you want to call it and the package name you just put tar sequence the sequence name in colons sorry incur lonesome percentage marks let's say variable built into DT and it will just populate that area with the sequence name so oh it's in store yes obviously just that automates installing an operating system I think it's pretty self-explanatory really skip captures skip admin passwords get brother keys skipped beat back of the skip BitLocker this restores notice to all those steps so just as yes yes just skip all these things don't do them let's get on to just employing the operating system there might be situations where you want these in which case maybe have another rules file that you swap out or maybe you just Creole new deployment share and have different deployment ships for different things you know that that's that's what I've done in the past so maybe that's what you would want to do here you say time zone cubed locale so I'm in England here but you know it could be us or Italian Germany or whatever this is a little bit of a hack that I learned over the years is that they're setting the X&Y resolution to one just means that the for the most part and the screen resolution of your deployed PC will be the recommended support resolution of the monitor windows all picklock from the monitor and then just display that by default if you don't put that in it always outputs to tonight 1024 by 768 which is just really weird these things and and in in the past environment it was like I gotta get around all these pcs now and chase the resolution it was just weird as though automated out I always think that's just a nice little thing to still do and it still works the hide shell it what that does is when you're installing and when it's going through like the application installs and stuff like that it just hides Windows Explorer as so it's just the MDT pop-up joined the main the main I've been demain admin password and an object to you this is you know the domain to join the account to use to join it unfortunately does mean putting in the password in plain text and then obviously the machine know you is just the air you where to dump the the computer account if it's new if the computer account already exists it will just reattach to that computer account where ever exists I think that's worth pointing out as well so then we have next section here I'd like to solve split these open to specific sections so I've got user data domain membership again it's just skipping these questions because they're they're already configured and then you've got finally finish action shutdown that can either be restart reboot or shut down obviously barista reboot it just restarts capir when it's done and then we've got the what server you just want to put the the were server whatever it is if you leave this blank but still have the Windows Update task in the task sequence it's going to try and connect to Windows Update on the internet or wherever it's configured to on group policy and finally here we've got these two sections the event service is just the name of the monitoring service so that's just the the host there and then SL share so this is really useful this basically configures MDT to dump the logs of when a deployment is completed whether a successful unsuccessfully it configures the location with where to dump those logs and it autumn's all all of them as well so he can go through all of the locks because trying to find them after the fact is always quite difficult and NDT also cleans up a lot of logs whether it succeeds or doesn't succeed and so it can be good to just get a nice sort of roll done before the locks you might want to turn this off if you're like deploying a thousand machines and it's definitely gonna work and interestingly enough if you want to just comment out any of these options just to you know keep them in there but still see what they do or something just use a semicolon at the beginning and that will comment it out so I'm just gonna configure these server names and passwords and things for our setup here and then we'll go through generating the boot medium oh one second before I do that I did say I was gonna go through the drivers hair correctly yeah so what I like to do is I like to do the complete control driver sort of management solution for MDT and that basically you open up MDT year to drivers and you create a folder in here of the model of PC that you want to manage your laptop or whatever so let's say it's a HP 450 something I forget exactly what they call them but let's say it's a beautiful 50 so you next create your folder and you put your drivers in there you create a folder for like VGA and then Wi-Fi and so on if you want to or you can just dump uh more than the folder preferably I would you know keep them contain the to each folder because then it's just easier to manage and easy you talk date and then what you can do is so you got your fault of their what you would do is for example where it says virtual machine there on say that HP machine that you were deploying to if you're open up command prompt and do a wmic computer system get model they'll return the model now here it says which machine because I'm running on a virtual machine pence witnesses there but let's say that said HP 450 or something there so you would change that to say HP 450 a chance to drive a group 0-1 there to say HP 450 as that is just the name sorry of that folder there and I'd say you had multiple folders here so you add Windows 10 and then HP 450 under Windows 10 there so this would be witness 10 - 450 for example driver selection profile nothing is fine and then I always be computing them that's not important for drivers I'll come back to that that command is your best friend that will give you a model it's not always what they say it is like especially good for having like a idea pad something something and then the model number is like said D for 5wl or whatever so that's that's where you want there and then the driver group zero zero one is where you want the folder as as Emily T C is it so just to say that's what that's for that section there has to match the the model number house reported by windows and that's it so let me really configure this for this set up but we've got here and distill domain and password and stuff and then we'll go through regenerating the boot medium okay so now we've got everything configured for our deployment share we need to generate the boom media that we're kind of used to do machines into and DT and this can be from pixie or it can be from an ISO and I will cover both so let me just talk about what I did there so you go to the top of your deployment share your right clicking it update deployment share you need to completely regenerate the boot images and then you just click next thing you leave it to it okay so after some time you'll see that this is finished hopefully should should have finished successfully if you're gonna finish that now that'll take a longer time if that's extra drivers to install into wimpy and generate the view image it also will take a while if you're generating both 64-bit and x86 boot image boot which is now to be honest I only ever create 64-bit images because we pretty much live in a 64-bit world and if you obviously disabled 32-bit images then you half the amount of time that it has to generate those those boot images and just in case you want to do that if you go to deployment share and properties where we said platform supported here if you own take x86 as I say it all after all your creation time there but you might you might need x86 too so just to mention just in case that is helpful to you at all okay so we have an ISO a whim and an XML file I never use XML for okay so the ISO file is what you're gonna want for say a VM just because I was fasting to be offered an i/o so then I wind generally and that's what I'm going to be using for the demonstration in a minute but just to show how to use a wind file with with pixie let's go to our MDT server okay on our MD 2 server as I say I pretty much don't have anything installed other than publish shares so it's essentially a file server the only thing I do have installed here is I have DHCP because this used to be a DAC visa but also I have Windows deployment services which it's still talking about you can only install it on a server where the GUI it says you can't for unfortunately you can't install it on the server which which is called only and has no GUI just because it's that old and they haven't updated it so it can be run remotely or whatever but anyway winds delimit services so if you install this which you can just do by going to server manager and adding into adding it in there if you don't already have it and then go to boot images and now you'll see I've got a couple here already ignore them for a second if you go to right-click and boot image and file location and on your MDT server we want to go to deployment share boot and then you just pick the wim and in this case as I say I'm gonna pick 64 but you might want to pick that X exit x86 32-bit if you want to and then you just do next next next and it'll add it in there and job done for the most part with I want to say most networks but if you're the majority of the windows-based networking you've got up-to-date and update DHCP server running Server 2016 plus and you've got help for addresses on your feelin's then without doing anything else you should just be able to pixie boot straight to straight to this you shouldn't have to have in any extra DHCP options or whatever some people do some people don't depends on the switches depends on the entire network I've used networks which are almost identical and one thing worked in the other word what the other thing didn't so your mileage may vary but just to mention that and there you go there's your RAM pixie boot image but as I say we're gonna use an ISO on our VM here now something I didn't mention before but I think we should cover is how to do the dotnet framework specifically dotnet framework 3.5 4.8 and 4.7 all that sort of you can basic install that just like a normal application you download the XC you need to download the offline installer bunker in applications do the silent install and there's an application in here no problem for dotnet 3.5 I've actually gone ahead and just create this here it's a little bit different let's get into that first thing we need to do is you need to mount the ISO again for Windows 10 these files for dotnet 3.5 they are specific to each version of Windows oddly enough even though it's not that so you're gonna want to isolate each dotnet 3.5 for each version of Windows just to be on the safe side because I've had it where I don't know framework 3.5 from one version of Windows doesn't install properly on the other version and it causes errors and I was racking my brain trying to figure out what it was for eight isn't it I eventually came down to the dotnet framework so you need to go to the ISO image and then sources and sxs and then you want the dotnet x3 files just these two the undermanned packages and you're gonna want to copy them and we're going to go to the MDT deployment share and then what I've done here is this is Jenny what I do for like the custom stuff you could just pull it in applications that would be totally fine but the way I just do is I create a little father called custom and then as you need to separate done that for each version of Windows I've created a 1909 folder and you just paste in the two where the two files there so once you've got that you're going to want to make note of the path here and then come back to your task sequence here and you're going to want to create a new sort of the general I believe and it's a command command line yeah so you're going to want to go to add and then general and then run command line and then in your black command line here I in the name section you probably won't kind of when I call this on the night dot that 3.5 install and then in command line what you want to do is that's just paste up path up there for a second if we come in the don't know three point five here you need to copy paste basically all of this now I've read a blog post on this I think if you go to my site and just switch for don't know three point five this should come up or there should be one of them yeah you know why not that's just I should do not now shall we here we go oh no three point five I believe it's in yeah it's Windows 10 changes tips and tricks so it's in it's in this one yeah so you've got this command line here so we're gonna copy paste this command line so basically what this does is this is have renamed ISM online enable future future named on there through every thought that fx3 and then the source is basically those files that we downloaded we need to change that and then use go Scott slash limit access on the end so we're going to go back to our they're gonna paste that in there in the sarsen we're just gonna do see Windows doesn't really matter but we'll do see Windows for now and then with the slash source I'll keep the colon and then remove all about there and what you're gonna want to do here is there's a bit of a trick to this so you want the the path that we got previously so in my case it's the underscore custom folder back flush done that love about you just need to put in the the folder there you don't need to put the files it'll find the files on its own you just need to direct it to where the files are so the case is this bit here is you need to put in in this case red colon backslash to tell it that you're using the deployment share now there's two ways to get into the deployment share there's using the variable percentage sign deploy share the percentage sign and that's a variable that I gave you there but sometimes that won't be available I hadn't or in this case maybe I think it might actually be the way that this is this command is run as it doesn't see the variable but in this case you need to put Z because the deployment share is always going to be mapped to wooden PE and Windows at least initially as C Drive also drive so in this case you just kind of want to put is that colon backslash there and regardless of what path or server name to the deployment share is as I'd cut long back social or handle it in this case that's fine forget to my dot no framework it you can see I did variable deploy share here and this failed I went ahead and just test this just now so yeah that that failed so basically we want to change that too so click on backslash so this is the same just double check that that is the same it is okay cool yeah so I'm going to remove my old one just to prove that what we've done is the right way okay so that's not no framework so let's test this task secrets then so if we run this task sequence I should install these updates cumulative update and the service stack update as part of Windows it should be slips trimmed in with the install so it doesn't need to install Windows and then we're in Windows Update after and then it should install the applications and all the rest so let's switch over to our virtual server and we'll demonstrate our rare to our sequence here so for this example I'm gonna be using hyper-v because that's what I know the best that's that's what I have access to and we're gonna just create a new virtual machine here this I should say is a hyper-v running on Sauveur 2016 and we just call this test and we're in the default location and generation 104 big around all connects up to the network and yet D Drive is an SSD so this should be substantially quicker than winning off a hard drive spending a hard drive and then this is where we've got our ISO so it won't connect to the guy so over a UNC path to the deployment share so what we'll have to do is go to our climate share as I say I'm gonna get the 64-bit ISO and I need to keep them so let's just dump that in there there we go and there we go oh if you want to test your pixie boot and you were able to cause them some virtual virtual environments have used do work with pixie boot and some of them don't seem to work because it depends entirely on how the network stood up and how the hyper-v cluster rose and all that sort of thing but you can just connect it up to a network based installation server and you can test pixie that way as well as I say we'll leave that for now right now we'll we'll do it with an ISO just to test the sequence so I'm gonna go into sentence I always like to tweak the sounds after making a VM I just like to give it to cause kind of a force of habit not even really sure where it's needed anymore and just for safety I was doing this off as well right and there we go so we'll start up the VM and it should boot into our deployment share if I've done everything correctly okay so we've moved into wimpy and we're just going to log in to log in to ad and connects to the share so I should say this doesn't need to be a sysadmin account just in case so it's not obvious it just needs to be an account which have access to that share and then you can see right here that we've got our test sequence that we just created they're going to go next so as you can see for the computer details it's got the computing name and then the the ID of the task sequence that we created before and let me just pop back to that because I did kind of skip over that if we go to where we are here we go so OSD prefix this is this is important so if we go to add deployment share properties and then rules so you can see here that under my first machine which is the it knows that it's the virtual machine because that's what the model windows reports back even Windows PE will report back virtual machine so I fill in OSD computer name which is a way for only to say okay what do you want this computer name to be and then I've put in here a percentage sign task sequence ID a percentage sign which is a built-in variable into MDT which is the task sequence ID so that's how it's getting its name if you want to say as I've put here I've got like an OC prefix which is Len for example so for a better example because that the model numbers aren't really a very descriptive there so you get the Yaga the HP 215 g5 no port PC for example you want the OSD prefix to be HD sorry HP and then under the default you've got OSD computer name percentage sign OSD prefix percentage sign and - and then percentage sign discernible percentage sign it's going to be HP - and in the serial number of that machine and the computer name will already be fixed in to be be entered in it will be prefilled in and if you put to skip the computer name then it won't ask you and it will just automatically enter that as the name now that's really nice for an automation perspective and if you know that all of you those names like with the prefix and the sorrel number are going to be under 16 characters I think you've got no problem but what can happen and why we had in the past is that the serial numbers weren't looking too long and then when it comes to the Machine being added into AD errors out because the names too wrong sorry too long and you kind of have to redo it and rethink this so you may want to only I were to say to only automate this if you know exactly what you've got otherwise leave it as my example here in which case when you boot up into MDT it'll ask you if you're if you're sure that you want their name to be whatever it is here so you can fill this in to still maybe have the prefix I'll still have a HB and maybe have the serial number and at least you can see if it's too long or not because this will warn you when it gets too long now I will start to ill prepare the VM and the disk and partition it and then we'll install Windows 10 with the updates that we mentioned earlier on there should be November's see you in SSU and then it should do the first run our box our stuff all automated and then connect to a domain and install the applications that we told it to put in the task sequence and it should shut down and when we booted up again they should be as all configured as we need it you okay so the task sequence has completed running and the virtual machines shut down as we configured and if I go back over to the admin PC and if we look in the deployment share in the logs folder you can see we've got a couple in here this is from my previous tests so we've got the folder with all the logs in from the from the install so if there's any problems you should be able to see them in here is why they were they happened in here alright let's go back to the vs and will boot up the VM and this should be all good to go it should be connected to the domain and have our applications installed including no framework so if we just boot this up in and we'll go through that and I'll show that all those are successfully installed okay so there we go so local administrator okay so if we check the system properties we'll see that we're connected to the domain you can already see from the desktop that we've got some icons installed so Google Chrome VLC Acrobat Reader let's go to up some features here so we've got a Cabrera leader we have Google Chrome you've got office 2019 project 2019 Visio 2019 it's that's all part of that same suite of applications that we'd installed if occur and no peppers plus [Music] VLC and I believe that was it was now oh there was 7-zip as well interestingly enough 7-zip doesn't appear to either and I wonder why that is so we seem to be missing seven SEPA which is certainly interesting that's gonna buy and find out why that might be so I put dot right there I definitely got 7-zip in there if we go to applications 7-zip and this oh there we go so 7-zip isn't installed but that's because I did mis exact and not ms:i exact so simple typo there so that should fix that but otherwise VLC was a Office 2019 was there notepad plus plus we didn't do office 2016 Google Chrome reader DC and don't that framework we also mentioned a good way of finding out no framework would be to go to scroll all the way down what programs are features and to turn Windows Features on or off and yet there we go see ya don't know framework 3.5 is installed there so aside from the 7-zip problem which is just a simple type of error all the applications are installed the machines catch the domain and it's pretty much run the deter sequence and it's completed successfully so if we go back to MDT here and we'll go to monitoring you see that's the one we just did was that one so I took slightly over an hour and these two previously this one was a test which failed that was my first one would donate framework and then this one appeared that was pre putting in the packages into the the updates do you see you a base in the SS your taste and I tested that out just to see how much it shaved off so not an awful lot of time granted but as these updates grow in size to see use and the SS use if you put in there rather than as part of the Windows Update and as the dates get larger you should see a larger amount of time saved so that brings this walkthrough to a close thanks very much for watching and I hope you found it interesting feel free to get in touch with me via the comments below or on my blog or via twitter i'll put all my links in the description and the opinion comment below please consider donating to support my work I'm doing all this work freelance and for free so if you could drop me a couple of dollars here now that'd be great I'm also just about getting started with a patron so if you consider and be joining my pension and checking that out again links will be below that would be much appreciated so again thanks very much for watching and I'll see you in the next one
Info
Channel: Mike Galvin
Views: 89,216
Rating: 4.9216456 out of 5
Keywords: Microsoft, Windows, OSD, Deployment, Operating System, Powershell, information technology, IT, Microsoft Deployment Toolkit, Windows 10, WaaS, Windows as a service, Operating System Deployment, Application Deployment, Office 365, Office 2019, WIM, Hyper-V, MDT, Walkthrough, How To, Automation
Id: IRBOqPEPmLw
Channel Id: undefined
Length: 84min 9sec (5049 seconds)
Published: Thu Nov 21 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.