The Deployment Bunny

OS Deployment, Virtualization, Microsoft based Infrastructure…

  • Archives

  • Meta

Archive for March, 2011

MDT Debugger 2.0

Posted by Mikael Nystrom on March 31, 2011

The Deployment Guys has done it once more and we say Thank you Smile

Here it is – The MDT Debugger 2.0 for LiteTouch

/Mike

Technorati Tags:

Posted in Deployment | Tagged: | Leave a Comment »

I’m still a Geek

Posted by Mikael Nystrom on March 28, 2011

That means that now have a Laptop with dual monitors, 2 x 256 SSD, 8 cores I7 and 16 GB of ram, if my demos runs slow I cant really blame the hardware…

I have updated my laptop, it “was” a HP 8540w I7 CPU, 8 GB of RAM and a 256 SSD Drive from the start. No I have added things:

No 1: Since I only use the DVD for, hmm, lets see I have never used the CD/DVD in my Laptop to be honest. Any way, I replaced it with a drive bay instead. I got it last week at MMS 2011 in Las Vegas, took 2 days to get it directly to the hotel (Thank you FedEx) and I bought it online from: http://www.newmodeus.com/shop/index.php?main_page=product_info&products_id=252&zenid=df56a10cf8d674872544505d2e56959b The installation needed a screw driver and luckily I was given one the day before from Jeremy Chapman at his session on Office Deployment (thank you). In that bay I added another 256 SSD drive, so now I have 2 x 256 SSD’s in my 8540w that by the way runs Windows Server 2008 R2 SP1 as a Hyper-V host

HP12-2BAY-8730p%20sm

No 2: Also needed more memory, so thanks to http://webhallen.com and http://www.kingston.com I found some nice memory http://www.ec.kingston.com/ecom/configurator_new/vendorpn_se.asp?root=se&LinkBack=http://www.kingston.com/seroot&ktc_partno=KTH%2DX3B%2F4G I opened the machine but found only one open slot for memory, but since my friend Johan Arwidmark told me that there will be one other slot under the keyboard it was Easley fixed, took like 2 minutes, so now I have 16 GB of RAM

No 3: I also need a extra portable screen, and so asking around I found one of course. It is from  http://www.deltaco.com It has touch, can be fitted in cars, desktops, cases and so on. Looks like this when I’m preparing for tomorrows “demos”

 

IMG_0019

/mike

Posted in Other | 2 Comments »

Why the name Deployment Bunny?

Posted by Mikael Nystrom on March 26, 2011

Well, i have just spent a week in Las Vegas on MMS 2011 and as always it is funny to meet community folks, speakers and friends and of course it is funny to do a couple of sessions. The name Deployment Bunny was “invented” by a really funny guy with the name of Jason Sandys (Microsoft MVP on ConfMgr) that I happens to know. We were hanging out where are the speakers are supposed to be in the end of the day and we had some beers. Then we started to free-wheeling new ideas on to present on stage, and bunch of crazy ideas where flying around and one of them was “Mike should go on stage in a pink fluffy bunny suite. Luckily I did not do that, but to honor my Jason I will at least change my blog and put in a small quite bunny.

/The Deployment Bunny aka Mike

Posted in Deployment | 2 Comments »

Security Breach–Install KB2524375 ASAP

Posted by Mikael Nystrom on March 24, 2011

Today it was revealed that a serious security breach occurred at Comodo, a trusted certificate provider. The breach appears to have come from Iran and several “high value certificates” were obtained.
These X.509 certificates include:

  • login.live.com
  • mail.google.com
  • www.google.com
  • login.yahoo.com (3 certificates)
  • login.skype.com
  • addons.mozilla.org
  • “Global Trustee”

To protect your Windows computer (PC or server) from trusting these high value certificates, download and install KB2524375 Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing from Microsoft as soon as possible. The installation takes only a minute and does not require a restart.
KB2524375 updates both the Computer’s and User’s Untrusted Certificates list to include the compromised certificates.
Here’s what the list looks like before the update:

clip_image002

And here’s what it looks like after the update:

clip_image004

Please take a minute to update your computers now. This update is also being pushed out through Windows Update as I write this.

Posted in Uncategorized | Leave a Comment »

How to create a Windows 7/2008R2 Reference Image for deployment? – Part 1

Posted by Mikael Nystrom on March 22, 2011

There seems to be some kind of confusion on how to create reference images (or golden images, just another name). There has to be one way for each and every one, or does it.

I have decided to create a series of post on “how-to” on Ref Images and this is the first one.

Note: Yes, there is a plan to do the rest, the plan is to create a readymade deployment share with all settings done, task sequences, app wrappers, cleanup commands and all that. I’ll update this text as soon as it is ready…

What is a Ref Image?

Reference Image, Custom Image, Golden Image, well same stuff different name. It is when you take the image from Microsoft and add patches, applications and settings and then redeploy it. Now, there are some rules that must be followed and one is that the image must be sysprepped when deploying it. So that basic steps are:

  • Install the OS
  • Install Applications
  • Install Patches
  • Tweak it
  • Sysprep & capture

Seems pretty easy, but, there are a bunch of “but’s” here that is for sure. Since Windows Vista things have changed. Now what we get is an “Image”, it’s a wim file, so we do not really need to create one, we could use the WIM file as is and we also have Offline Servicing and that means that we could take the WIM file, mount it, update it with patches and save the WIM file and now deploy it and there are other real cool features that we can do, more on that later. Before we begin, there are some rules you need to follow:

The image must be sysprep:ed, otherwise it is not supported nor does it work correctly in the long run. This is NOT an option, you simply MUST sysprep the image.

The ref image should be created on a “neutral” computer system, and that means a Virtual Machine. There are two reasons here, short-term and long-term.

Short-term: Running on a VM makes it easier and faster, you can undo, test, re-test and do whatever stunt you need to. Running an a VM means that it require less infrastructure (I run my lab on my laptop).

Long-term: If you create the ref image on a new fast laptop/desktop, it will work, trust me. But you will most likely have problems later on, Why?. When you install Windows on a computer it will adjust itself to that particular model, regarding settings and drivers, some of these drivers will also install software and that is fine, well. When you capture the image you need to sysprep it first and that process is supposed to “generalize” the OS and it does. But every vendor does not really handle a sysprep the way they should. Applications that was installed as a part of a driver does not always gets “uninstalled” and that will be a problem when deploying on other hardware, vendor, version and so on. It works perfect if you want to have one image per model and per OS, but that will be like going back into the stone age.

Use Thin images as much as possible. It is much easier to add applications at deployment time instead of doing it in the image, the “only” reason I can figure to be a good reason is to save time, meaning it is much faster to install the app in ref image and the deploy the image. Well isn’t that obvious?, No, many apps are being updated so often that when ever you deploy the image there will be a new version of that app and the first thing that happens is that the old app will uninstall and then install the new version, well that takes time. So when ever you think of adding an app to the image, think twice and focus on the question “Do I really save time doing this”

Do not try to solve every problem you have, just make it work and then add more and more things you need, but first just make it work. Think versions, V1, V2 and V3. Version number one is the “look it works, almost” and version number 2 is “It works, just some minor stuff to fix” and version number 3 is “WOW, Awesome”, (in most cases I never do V3)

It should e automated, creating ref images manually takes to much time, it is boring and the “human error factor” is the biggest issue and there for it should be as automated as possible

There are some things you need: (You don’t need the trial if you already have the OS of course)

Time to prepare your Image-Creation-System

We are now going to install WAIK, MDT, create a deployment share, import OS, create a task sequence, create boot images and the  we are done. After this you will be able to boot a VM, run the wizard and select to install a Ref Image including sysprep and capture. 

  • Install WAIK using default settings (next, next, next…)
  • Install MDT 2010 using default settings (next, next, next…)
  • Using Deployment Workbench – Right click on Deployment Shares and select
    • Create a Deployment Share
    • Location  = C:\MDTBuildLab
    • Share Name = MDTBuildLAB$
    • Share Description = MDT Build LAB
    • Click next on rest of the questions…
    • image
  • Using Deployment Workbench – Right click on the Operating system node and select “Import Operating system”
    • Browse to the DVD for the OS and import it using default settings
  • Using Deployment Workbench – Right click on the Task Sequences node and select “New Task Sequence”
    • Task sequence ID = RW7X86 (if the ref image is going to be Windows 7 x86 as an example)
    • Task sequence name = Ref – Windows 7 x86
    • Task Sequence Template = Standard Client Task Sequence
    • Operating System = Select Windows 7 x86 (if that is what you want)
    • Do not specify product key
    • OS Settings
      • Full Name = A name
      • Organization = A Org
      • Home page = Any
    • Do not specify the local Administrator Password
  • Right click on the task sequence you just created and select properties and enable Windows Update (It is disabled by default)
    image
  • Using Deployment Workbench – Right click on “MDT Build LAB” and select “Properties”
    • On the Windows PE x86 settings and on Windows PE x64 Settings
      • Check – Generate a Lite Touch bootable ISO image (This way we will be able to boot the VM on a ISO image and that is MUCH faster then booting over PXE)
  • Using Deployment Workbench – Right click and select update and wait

Done, we are ready to install a ref image. Create VM in Hyper-V, VMware or whatever you are using, attach the ISO file (They are in the C:\MDTBuildLAB\Boot folder, be sure to use the correct ISO. The x86 will only install X86 OS and x64 will only install x64 OS)

Next time I will spend more time on how to automate the process

/mike

Posted in Uncategorized | 16 Comments »

 
Follow

Get every new post delivered to your Inbox.

Join 3,843 other followers