3. Deploying Windows XP
Download
Report
Transcript 3. Deploying Windows XP
Microsoft®
Desktop
Deployment Assistance Program
3. Deploying Windows XP
Thomas Lee
Chief Technologist QA plc
[email protected]
Deployment Assistance Program
Agenda
Windows XP SP2 Setup Improvements
Two types of Automated Deployment
Scripted Install
Image
Automation of the Installation process
Win PE
XP SP2
Setup Agenda
Unattended setup
WinPE new
Imaging
RIS
Setup Tools
Why not use OEM Build?
Breaks the license
SysPrep is different
Lots of “OEM Stuff”
Product Keys
Automated Installations
Unattended setup
Introduced in NT4 workstation
Scripted automated Windows Setup
Still supported, not recommend for production deployment
Imaging
Uses SysPrep and Microsoft (WIM) or 3rd Party Disk Imaging
technology
Copies “Master build” to multiple PCs
Remote Installation Services
Unattended Setup from Server
Imaging from Server (SMS OSD or 3rd party products)
Great for that first build
Not recommended for Production deployment, due to
broadcasts and network boot
Unattended Setup
Most flexible deployment option
Also slowest
Starts and runs Windows XP Setup on each computer
individually
What you need:
Winnt.exe, Winnt32.exe or CD (BIOS must support bootable CD)
A distribution share with Setup files or Windows XP CD
An answer file (text file) or winnt.sif if running unattended from CD
Consider speed and amount of data transfer this
involves compared to an image
Unattended Installation
Input of information based
on boot menu, or missing
points from answer file.
Unattend.txt
Manual
Setup
First boot experience may
require some information
input.
Starting Unattended Install
From DOS/Windows 3.x:
winnt.exe /u:<answer file> /s: <source share>
Make sure you have smartdrv.exe loaded
From Windows 9x/NT/WinPE:
winnt32.exe /unattend:<answer file> /s: <source share>
[ /tempdrive:<target drive> /syspart:<target drive> ]
From CD (computer supports CD boot) - Place winnt.sif file on a
floppy disk, boot Setup from CD and insert the floppy when Setup
starts
Understand the implications this has on time and network
bandwidth
Win PE
Overview
Features
Limitations
Scenarios
Features for Windows PE
Discussion
What is Windows PE?
Reduced version of Windows XP
Can be created from either an x86 based 32 bit OS SKU
X64 or an IA64 bit OS Sku today
Windows PE provides full networking, driver injection,
WMI support, Ramdisk(SrSP1)
Windows PE is used to build, test and deploy OS images
Windows PE is a base platform for a variety of 3rd party
support related solutions:
Virus scanning and recovery based products
Hardware and software test and diagnostic tools
OS and utilities based deployment
Windows PE Overview
An NTFS-capable boot disk with
TCP/IP networking
Mass-storage controller support
VESA mode video support
What is it used for?
Deployment
Recovery
Troubleshooting
Originally designed to provide cross-architecture
deployment platform
Windows PE Overview
Release history
First release was concurrent with Windows XP in 2001
Windows XP Service Pack 1:
Standalone DFS root connectivity
New (easier) boot from HDD ability
Windows Server 2003
Ability to build Windows PE from Windows Server 2003
products
Windows XP Service Pack 2 release called WinPE2004
WMI
Firewall
Driver injection
Updated with Windows Server 2003 Service Pack 1
USB Boot
Any PXE Server Boot
Features
Works with all systems that Windows XP and
Windows Server 2003 support
Can be built from Windows XP or Windows
Server 2003
Device support:
Networking*
Mass-storage*
VESA video support (single driver)
*Includes all built in drivers for this class from the version of Windows it was
built from. New drivers of this class can be easily added.
Features
VESA support specified by display controller hardware
determines resultant color depth and resolution
Can connect to standalone DFS roots and other SMB
shares
Ability to build-out storage, partition, do native FAT or
NTFS disk formatting, 32-bit disk imaging, I/O
Features
Boot support
CD
DVD (ISO only)
Hard disk
PXE (RIS only for WinPE 2004)
Supported for deploying
Windows 2000
Windows XP
Windows Server 2003
Non-Features
Windows Explorer shell
Audio support
DirectX
Visual Studio .NET applications
ADSI connectivity
Uses For WinPE
Deployment (broadest use today)
Maintenance/repair/recovery
Other utilities ISVs use;
Anti-virus
Diagnostics
File-system repair tools
Non-Uses For WinPE
Embedded operating system
Reboots every 24 hours
Use Windows XP Embedded
General use operating system
No Explorer Shell
No IE
Limited Application Support
Building WinPE
mkimg.cmd
Creates directory structure for CD
If required manually tailor the platform
Drivers, utilities
Optionally customize the default scripts
startnet.cmd
Optionally create custom shell
C/C++
Windows Script Host*
HTA (HTML Applications)*
*Support can be added using buildoptionalcomponents.vbs
Building WinPE continued
OSCDimg.exe
Creates ISO CD image of your directory
El-torito bootable
Same tool to create supported custom CD
Demo
• Using Setup Manager to build answer
files
• WinPE and Diskpart.exe
New Licensing Model
The new licensing model enables 3 options:
Ability to use Windows PE in-house for tools development,
testing, and OS deployment (free)
IHV/OEM ability to develop support related test and diagnostic
tools and ship these BIOS-locked to their hardware (free)
IHV/ISV/SI/OEM/ODM ability to create support related products
(Virus scan, test and diagnostic, recovery etc) and ship these
tools in a retail setting for a profit. (pay royalty when ship)
[email protected] for all queries
Scenario - Scripted
Scenario: Deploying new systems, using scripted installation –
Windows PE launched via RIS
1. New system arrives and is sent to employee
2. Machine is powered on and PXE boots
3. Boots to Windows PE
4. Disks are partitioned and formatted using diskpart and format
5. Winnt32 is launched with a custom unattend
6. Exit Windows PE when that completes
7. Install applications when setup completes
Scenario - Scripted
Task examples: DISKPART
Clean
SEL DIS 0
CLEAN
Partition Creation
SEL DIS 0
CRE PAR PRI
ACTIVE
ASSIGN LETTER=C
EXIT
Scenario - Scripted
Task examples:
Format /Q /Y /FS:NTFS
Winnt32 syntax
Winnt32 /syspart:C: /tempdrive:C: /makelocalsource /dudisable
/unattend:unattend.txt
Scenario – Imaging (SMS OSD?)
Scenario: Migrating to XP, using USMT and Windows PE (with
imaging tools)
1.
2.
3.
4.
5.
6.
7.
USMT migrates files and settings off system
CD of Windows PE provided to employee
Machine is powered on and CD boots
Boots to Windows PE
Imaging tool used to apply image from UNC
Exit Windows PE when that completes
USMT migrates files and settings back
Building An OS Image
Clean install OS
Ensure same HAL type (ACPI, non-ACPI)
Customize installation
Install applications
Prepare for management infrastructure
Generally handled by domain
User State Migration
Group Policy
Building An OS Image (cont.)
Run Sysprep.exe
-reseal for end-user boot experience
-factory for customizing on reboot
Create “image”
3rd party imaging tools
Boot to Windows PE and xcopy to server
Maintain “image”
Edit Sysprep.inf on image
Add files, drivers
Problems with Previous WinPE
1. No support for WMI
2. No support for retrieving SMBIOS info
3. Can only PXE boot from RIS
4. CD swapping is complicated (/INRAM)
5. If Windows PE boots from hard-disk that disk
cannot be repartitioned/reformatted
Windows PE 2004 New Features
Targeted Windows PE specific changes include:
Ability to inject 32/64 bit device drivers easily into
Windows PE (Windows XP and Windows Server
2003 drivers)
WMI support for hardware based diagnostic tool
access
Built in firewall support enabled by default
Build scripts documented to reduce the size of
Windows PE
Boot Windows PE in a RAMDisk via PXE, from Hard
disk or CD
Full support for all architectures Windows supports
Add Device Drivers
Change build scripts to support additional
hardware device classes and drivers in base
Windows PE image
Provide ability to add additional 32 drivers outside
of “in-box” drivers to existing build of Windows PE
using drvinst.cmd
Add drivers after Windows PE image is built for
test and diagnostic of the latest hardware/drivers
avoiding full rebuilds
DRVINST.CMD
Source Options
[/inf] – path to specific driver
[/oscd] – path to OS CD
Filter Options
[/onlyid] – only install with matching PNP IDs
[/ignoreid] - do not install these PNP IDs
[/onlyclass] – only install this class of driver
[/ignoreclass] – ignore these classes of driver
Action Options
[/inject] – specifies path to WinPE image (c:\winpe)
[/preview] – list drivers that would be installed
WMI Support
Add WMI base support to provide access to
underlying hardware within Windows PE
Support for over 40+ providers and 1500+
classes.
Leverage the ability to load a native driver for
hardware validation and query
RAMDisk Boot
Ability to boot, load and run Windows PE within a
RAMDisk on a PC via network (any PXE server),
hard disk, or CD
Provides ability to run tests and diagnostics
remotely from the server or on local media
Allows for CD swapping for deployment/recovery
media
Windows PE New Features - Summary
Windows XP Service Pack 2
WMI Support w/ 47 providers and 1500 classes
Enables IP addresses to be changed on the fly after
the WinPE CD has booted.
Driver Injection and PnP support
Windows Firewall support
Set IP for multiple NICs, rather than just first NIC
enumerated
Windows PE New Features - Future
Windows Server 2003 Service Pack 1
All features listed for XPSP2 plus
Major Overhaul release; lots of bug fixes
Documentation getting a major clean up
RAMDisk boot support for HD, CD and any vendors PXE*
Full support for all architectures Windows Server 2003 Service Pack
1 will support
MKIMG -- No longer need to maintain separate build directories with
ia64/amd64/x86 tools. Correct tools pulled from platform-specific
build directories, allowing same modified build scripts across
architectures to be used.
ADO -- support named-pipe as well as TCPIP transport
*Requires minimum of 256MB
Installing Windows XP from Source
Windows XP
Copy i386 folder from XP CD ROM
Windows XP SP2
Run XPSP2.EXE /S:d:\winxp
(see support\tools\spdeploy.htm)
(see support\tools\deploy.cab for GREAT info)
Let SUS/WU add the rest
Distribution Share/Folder Explanation
What do the various directory structures in a Build
source look like?
Below contains installation files - Windows XP, device
drivers, any additional files
Structure ($OEM$ can be moved in unattend.txt)
\i386
\$OEM$
Contains all OEM files
Contains Txtsetup.oem, SCSI and HAL files
\Textmode
Maps to %systemroot%
\$$
\$1
Maps to %systemdrive%.
\<drivers_dir>
Contains PnP drivers and infs
Maps to a drive on the computer. E.g. E:\
\<drive_letter>
\<drive_letter>
Windows XP files
Customising the Build
$OEM$ copies files to local disk
Cmdlines.txt executes commands at the end of setup
Cmdlines.txt is run synchronously
Commands in cmdlines.txt execute asynchronously
Use start /wait to call a CMD file
Use start /wait for each command in the CMD file
Cmdlines.txt has no user environment and no network
access – useful only for $OEM$
Cmdlines.txt cannot install MSI packages
Use GUIRunOnce
Use GUIRunOnce for network app installs
Adding support for PnP hardware
Drivers must be available during GUI mode setup
Place files in $OEM$\$1\Drivers – can make this a more
detailed sub structure
Create sub-folders (audio, net, etc) or vendor specific
Unattend.txt
[Unattend]
OEMPnPDriversPath=“drivers\audio;drivers\net;drivers\
etc”
Setup prepends %systemdrive% to each path
Sysprep =
System preparation tool
Prepares a reference system
duplication
SMS OSD
3rd party imaging tools
XCopy
Similar to RIPrep, used for RIS
imaging
Requires relatively similar hardware
Sysprep 2.0
Enhancements
Support for longer OEMPnPPath strings
Increased to 4096 characters
Administrator profile copied to Default User
Simplifies Default User configuration
Factory switch
Allows for updated or out of box drivers to be
picked up by image at install time when PnP
occurs
Winbom.ini Allows gathering of files (e.g., drivers,
apps) from network or custom scripting/application
installs
-PnP switch not recommended
Sysprep
How it works
File Server
Reference
Computer
1
Reference Computer is prepared as desired
– Windows and applications
2 Sysprep is run on the Computer, which
then powers off
3
3 Using Windows PE or an imaging tool, the
image is stored (here, to a server)
4
4 Destination Computer is booted using
Windows PE or an imaging tool, image is
installed.
5 Destination Computer is powered on,
mini-setup runs
Destination
Computer
6 Destination Computer is powered off &
ready to redistribute
7 Steps 4-6 repeated as needed for each new
Computer desired
Sysprep
Components
Sysprep.exe
Main tool
Setupcl.exe
used to regenerate security IDs
Factory.exe
When sysprep is run with the –factory
option
Sysprep.inf
Answer file used by Sysprep
Unattend And Setup Manager
Setup Manager creates and modifies
unattended setup answer files
Unattend
Sysprep
RISetup
Can be found with other deployment tools and
guides in Deploy.cab on the product CD
Updated versions of tools with XP SP1 and
XP SP2
Unattend And Setup Manager
Enhancements
Local admin password can be
encrypted
Setup Manager features
Improved
user interface
Improved .chm file on the
product CD for unattended
setup and deployment
Remote Installation Services
RIS
Remote Installation Service
Allows for network initiated setup
Clean scripted install (RISetup)
Clean imaged install (RIPrep)
Uses PXE network cards to initiate setup with
minimal user interaction
Boot floppy supports select additional network
cards that are not PXE capable
RIS
How it works
Client
DHCP Server
1 The client requests an IP address
2 The IP address is supplied by a
DHCP server
1
3 The client contacts the RIS server
2
3
4 The RIS server checks Active
6
Directory to see if the client has
been pre-staged
5 RIS responds or forwards the
request to another RIS server
5
4
RIS Server
Active Directory DC
6 The RIS server sends startrom.com
to the client – launches OSChoice
RIS
Windows 2003 Enhancements
Support for deploying
All retail versions of Windows 2000 (including Server
and Advanced Server)
Windows XP Professional
All Windows Server 2003 products
All 64-bit versions of Windows Server 2003*
Significant performance increase over
RIS in Windows 2000
*RISetup only, not RIPrep-based images
RIS Installation
Ristndrd.sif
RIS
RIS
Setup
RiPrep
RiPrep.sif
Mini Setup or
Windows Welcome
RIS Server Services
BINL (Boot Information Negotiation Layer)
The boot server service; interacts with the AD
and other boot servers to remote install a client
TFTPD (Trivial File Transfer Protocol Daemon)
Protocol used to transfer files needed to remote install, maintain and
troubleshoot a client machine
SIS (Single Instance Storage)
Runs on NTFS partition to reduce disk space usage by removing
duplicate files from RIS images
Creating RIS OS Install
Configure RIS Server as mentioned
Creates a default CD-based image
Configure client computer names and locations
Configure client installation options
Modify installation using answer file
Set permissions on image - set ACLs on .sif files (or
templates folder)
RIS Tips
Must have Windows 2000 SP2 on server
Must have new RISETUP.EXE
See Q287546
Must copy new files from .NET server
RIPREP.EXE
IMIRROR.DLL
SETUPCL.EXE
RIPREP.INF
© 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only.
MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.