-
Posts
242 -
Joined
-
Last visited
-
Days Won
1
Everything posted by jamitupya
-
Here's the first part of it. http://www.windows-noob.com/forums/index.php?/topic/2855-build-and-capture-windows-7-enterprise-for-vdi/
-
i beleive this could be done in USMT by customizing the collected data.... or you could just script the deletion of the startmenu items if they are all static/the same... checkout halfway down the post for an example.. http://www.windows-noob.com/forums/index.php?/topic/2855-build-and-capture-windows-7-enterprise-for-vdi/
-
We build a single ENGLISH image. EDIT for clarification: We support around 15 languages from a single image, we use the separate deployment TS's to specify Language Packs to install. We are currently using UDI in our first customer to provide user generated configurations for specific LP's. (also tier2/3 applications) Yes we used protected DP's for the onsite DP's however our Central, Region and Country Servers are a hybrid. We only allow Site Server Transfers for these and lock down with protected DP's which sites can access.. (its logical only doesnt affect how the servers get data, more for engineers to understand the traffic / package flow) In our 3.5Gb image we have tier0 and sometimes tier1... dependent on the sites bandwidth. generally around 2 hours from whoa to go.... (including updates and starting the deployment for TIER2/3 Apps)
-
yeah x64 is a bit nitpicky i find also... some of my scripts dont operate as expected always either... i'll buildup a new 64bit TS today/tommorrow and test again.... can you export your TS (censor it) and send it over? give us something more to work with :-)
-
That's curious....have you gotten anywhere further with this?
-
We do a staged image also.... TIER0 / Base Windows 7 + Updates Office Standard + Updates Runtimes (.net4, flash, shockwave, silverlight, java, etc) Common Apps (reader, compression tools, OCS client, pstools, BGInfo, etc) TIER1 / LOB APPS SAP / CRM , etc. Office Professional Plus, etc Livemeeting TIER2 / Business Use Project Visio Etc TIER3 / User Specific DVD burning tool (security precaution) Filezilla Apps only used in small amount of users... We use this for most of our projects 10,000 desktops - 300,000 and seems to work well in our deployments.... Each to their own Incidentally we keep our image as max size 3.5GGb as we will make TS media for some remote sites with small bandwidth.
-
@lucid FYI, We use the autologon once the image and applications are deployed, there are some things we simply cannot do whilst deploying the image, we use a series of post install scripts to take care of these functions. Things like setting screen resolutions for widescreen laptops, forcing wireless networks to connect to a network, then various other things. It becomes very useful to be able to auto boot to desktop @sabkor in your restart are you coming back into the boot os or boot pe mode?
-
i know this may sound simplistic, but recently i've taken to just removing the component and waiting...then adding again.... have you tried this? i assume you've assigned the correct permissions to the SYSTEMS MANAGEMENT container? as per http://www.windows-noob.com/forums/index.php?/topic/616-how-can-i-create-the-system-management-container-in-active-directory/
-
So Anyweb asked me in this post to describe where and how i would used this in one of my task Sequences. I will use a current Windows 7 LAB in vNEXT to describe this. Now its not perfect as its currently under construction. The purpose of this LAB is to dynamically provision VM's in Citrix XenDesktop and to add these Desktops to the Pooled Desktop. For the purposes of this however we will limit the scope to just building and provisioning the vDesktop, without any Backend Infra or adding the vDesktop to Citrix. You will need to create Two (2) Packages for these scripts to be distributed. I used to dynamically update the scripts from the source since they are so small, however i find this just as quick in SCCM 2012/vNEXT. PACKAGE 1: Customized Build Scripts. The folder Structure is as Follows: PRESETUP POSTSETUP TOOLS CLEANUPSCRIPTS PACKAGE 2: Customized Deploy Scripts (GoProduction) The folder Structure is as Follows: (To be Attached later) The TASK SEQUENCE. As you can See its mostly just standard, but down the bottom is where we start running commands. BUILD Windows 7 ENT for VDI Image.xml Begin: Firstly we install our Runtimes and Frameworks like Java, Silverlight, etc. I have just included the command lines here as normally we will copy the data locally to the PC, STORE a COPY and then run a VBS file to do the installation. this is helpfull for troubleshooting and allowing SLOWLINK re-installation and repairs of packages. However in this LAB everthing will be in the DC so speed and data transfers are of no consequence. After these are completed we begin installing software, We are only going to install Adobe, Lync Client and Office 2010. Again i have included only command lines so you can see how it is done, and the methods are generally the same throughout. Next we begin customizing the WIM FILE. This is where we copy the scripts and start running them. This looks like a small amount of things that happens here however it is quite substantial and we are in the process of moving everything to powershell from vbscript. We still utilize .cmd files to launch most of the tools as its easier to track the process with multiple open windows. INSTALL-ImageFilesV0.2.cmd @echo off cls echo. echo BEGIN BUILD of Windows 7 Enterprise VDI Image. echo Version v0.2 echo. echo. echo Apply Versioning Information echo Allows you to see which BUILD TS the Image is echo. regedit /s %~d0%~p0BuildVersionV0.2.reg echo. echo Copy Profile Customized Sysprep File echo. del /f /q C:\Windows\system32\sysprep\panther\unattend.xml del /f /q C:\Windows\system32\sysprep\unattend.xml del /f /q C:\WINDOWS\Panther\unattend.xml del /f /q C:\WINDOWS\MININT\unattend.xml xcopy /y %~d0%~p0unattend.xml C:\Windows\system32\sysprep\ echo. echo Copying Standard Operating System Based Customisations echo xcopy /y %~d0%~p0Corporate.jpg C:\WINDOWS\Web\Wallpaper\ xcopy /y %~d0%~p0Corporate.Theme C:\WINDOWS\Resources\Themes\ echo. echo Copying PRE-SYSPREP FILES echo. xcopy /y /e /i %~d0%~p0PRESETUP\*.* C:\PRESETUP\ echo. echo Copying post-sysprep files echo. xcopy /y /e /i %~d0%~p0POSTSETUP\*.* C:\POSTSETUP\ REM You can include anything you want here. MAP a network drive and copy A/V, other agents, etc. here if you have a need to run locally. echo. echo Copying cleanup scripts echo. xcopy /y /e /i %~d0%~p0CleanupScripts\*.* C:\WINDOWS\Temp\ echo. echo Copying Tools echo. xcopy /y /e /i %~d0%~p0Tools\*.* C:\WINDOWS\ exit BuildVersionV0.2.reg Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Corporate\Build] "Name"="Win7ent_Off2010_VDI_SCCMToolSet" "Build"="0.2" "BuildDate"="01/10/2010" "BuildOwner"="Virtual Desktop Engineering" CALL-Pre-Setup Pre-SysprepCmds.cmd @echo off cls cd\ cd PRESETUP echo. echo ***************************** echo echo Running PRE SYSPREP commands echo echo ***************************** echo. echo. echo Set OEM Information echo. regedit /s OEM.reg echo. echo Enable features based on customer request echo. start /wait EnableWindowsFeatures.cmd echo. echo Remove US English echo. regedit /s RemoveUSEnglish.reg echo. echo Remove Shortcuts echo. del /f /q "C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk" del /f /q "C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk" del /f /q "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk" rmdir /s /q "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance" rmdir /s /q "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games" echo. echo Adding Shortcuts echo. xcopy /Y "BGInfo.lnk" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" echo. echo Customise Current Profile echo Set Corporate Theme echo Close the Theme setting window to set the Theme echo. rem start C:\WINDOWS\Resources\Themes\Corporate.Theme echo. echo *********************************** echo echo Running PRE configuration commands echo echo *********************************** echo. echo. echo Waiting for 30 seconds echo. ping 127.0.0.1 -n 31 > %TEMP%null echo. echo Copy Default User Picture echo. rename "C:\ProgramData\Microsoft\User Account Pictures\user.bmp" user.bmp.bk xcopy /y user.bmp "C:\ProgramData\Microsoft\User Account Pictures\" echo. echo Set NumLock Off echo. regedit /s HKCU_ControlPanel_Keyboard.reg echo. echo Set Default Keyboard echo. regedit /s HKCU_CTF.reg echo. echo Set Explorer View and Start Menu Options echo. regedit /s HKCU_Explorer_Advanced.reg echo. echo Set Keyboard Layout echo. regedit /s HKCU_KeyboardLayout.reg echo. echo Set Language Bar Options echo. regedit /s HKCU_LangBar.reg echo. echo Set Media Player first Run preference echo. regedit /s HKCU_MediaPlayerFirstRun.reg echo. echo Set Default Locale echo. REG DELETE "HKU\.Default\Software\Microsoft\CTF\Assemblies" /f regedit /s HKU_DOT_DEFAULT_CTF.reg echo. echo Set Default NumLock off echo. REG DELETE "HKU\.DEFAULT\Control Panel\Keyboard" /f regedit /s HKU_DOT_DEFAULT_ControlPanel_Keyboard.reg echo. echo Set Default Keyboard echo. REG DELETE "HKU\.Default\Keyboard Layout" /f regedit /s HKU_DOT_DEFAULT_KeyboardLayout.reg echo. echo Set Default Wallpaper to avoid blank background for default users echo. REG LOAD HKU\DefaultUser C:\Users\Default\NTUSER.DAT REG IMPORT HKDU_ControlPanel_Desktop.reg REG UNLOAD HKU\DefaultUser echo. echo Removes MS Office Registration Info echo. regedit /s Remove_MS_Off_UserInfo.reg echo. echo Add MS Office Registration only for Company echo Will prompt for name and initials echo. regedit /s Add_MS_Off_CompanyInfo.reg echo. echo Disable Windows Media Player Network Sharing Service echo Requirement for Win 7 Sysprep echo. net stop WMPNetworkSvc sc config WMPNetworkSvc start= disabled echo . echo Adding Local Admins echo Requirement for Autologon echo . CreateLocalAdmins.cmd cls echo. echo Pause to customise anything else in your image echo Check to make sure NumLock is off for the user echo Check Windows Updates echo Check to see if all PRE SYSPREP apps are installed echo. pause echo. echo Waiting for 30 seconds echo. ping 127.0.0.1 -n 31 > %TEMP%null exit SET-SpecialLogonScreen SetSpecialLogonScreen.cmd [size=3] xcopy /y %~d0%~p0CorporateBuild.jpg C:\WINDOWS\system32\oobe\Info\backgrounds\ regedit /s "%~d0%~p0EnableLogonInWindows7.reg" regini -b "%~d0%~p0SetBackgroundPermission.ini" exit[/size] EnableLogonInWindows7.reg Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background] "OEMBackground"=dword:00000001 SET-AutoLogon desktopadminautologon.cmd On Error Resume Next Dim WshShell Set WshShell = Wscript.CreateObject("Wscript.Shell") Dim objFileSys Set objFileSys = CreateObject("Scripting.FileSystemObject") Dim oNetwork Set oNetwork = CreateObject("WScript.Network") WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon", "1" WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName", "desktopadmin" WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword", "password" WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName", "." CustomiseDefaultProfile.cmd @ECHO OFF REM ***************************************************** REM Script configures the Default User Profile REM ***************************************************** REM Load the default profile hive REG LOAD HKU\Default C:\Users\Default\NTUSER.DAT REM Configure the default user profile REM Customise Wallpaper Theme Screensaver REG IMPORT HKDUser\HKU_ControlPanel_Desktop.reg REG IMPORT HKDUser\HKU_Themes.reg REG IMPORT HKDUser\HKU_Software_MSWin_DWM.reg REG IMPORT HKDUser\HKU_ControlPanel_Colors.reg REG IMPORT HKDUser\HKU_ControlPanel_Cursors.reg REM Set Keyboard Layout Settings REG DELETE "HKU\Default\Keyboard Layout" /f REG IMPORT HKDUser\HKU_KeyboardLayout.reg REM Turn off NumLock as a default REG IMPORT HKDUser\HKU_ControlPanel_Keyboard.reg REM Turn off Language bar REG IMPORT HKDUser\HKU_LangBar.reg REM Set Default Language REG DELETE "HKU\Default\Software\Microsoft\CTF\Assemblies" /f REG IMPORT\HKDUser\HKU_CTF.reg REM Set Explorer Settings REG IMPORT HKDUser\HKU_Explorer_Advanced.reg REM Set Media Player Settings REG IMPORT HKDUser\HKU_MediaPlayer.reg REM Unload the default profile hive REG UNLOAD HKU\Default exit WSUS-WindowsUpdate WindowsUpdate.cmd @echo off cls cd\ cd PRESETUP echo. echo Connects machine to WSUS SOEBUILD Group echo Runs the powershell script WSUSNow to obtain updates and install echo. regedit /s %~d0%~p0wsusWin7SOEBuild.reg PowerShell set-executionpolicy remotesigned -force start /wait PowerShell "& {%~d0%~p0WSUSNow.ps1}" exit WSUSNow.ps1 I cannot provided this file as it is very proprietary. Basically it connects to your WSUS Server and downloads the mandatory updates , downloads and installs. WSUS-Cleanup WSUSCleanup.cmd [/size] @echo off cls echo. echo WSUS Cleanup before image capture echo Avoids duplicate WSUS entries echo. REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /f REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f exit[size=3] [/size] [size=3] That's the Basics of building our image upto the point of Capturing... once sysprep kicks in we run a heap of other things, but you'll be able to figure out what and where in the next part. Another week or so and i'll get it up. I have included the .ZIP of all the reg files, but these should be customized to what you wish to setup. Yes, we use GPO to apply alot of this also, however alot of this is easily locked into the image so we do. PRESETUP.zip
-
yeah no problem... Monday ... I was planning on putting up that whole pack ;-)
-
and you need trace32.exe which is available in the SCCM 2007 Resource Kit @ ms.com in the console... right click the component you want to view the log and select "show messages: -> All"
-
have you tried to load another reg hive, delete the reg keys, then unload? checkout http://www.windows-noob.com/forums/index.php?/topic/2848-script-to-modify-default-user-profile/ see if this suits...
-
Just something i use to modify the default user hive for our windows 7 deployments.... @ECHO OFF REM ***************************************************** REM Script configures the Default User Profile REM ***************************************************** echo. echo. Load default profile HIVE and apply registry settings. echo. REM Load the default profile hive REG LOAD HKU\Default C:\Users\Default\NTUSER.DAT REM Configure the default user profile REM Customise Wallpaper Theme Screensaver etc. REG IMPORT HKDUser\HKU_ControlPanel_Desktop.reg REG IMPORT HKDUser\HKU_Themes.reg REG IMPORT HKDUser\HKU_Software_MSWin_DWM.reg REG IMPORT HKDUser\HKU_ControlPanel_Colors.reg REG IMPORT HKDUser\HKU_ControlPanel_Cursors.reg REM Unload the default profile hive REG UNLOAD HKU\Default exit
-
Product Key and Default Language
jamitupya replied to fred19's question in Windows System Image Manager (WSIM)
For the MAK, this is pretty well standard in my experience, we run a script later to call slmgr.vbs to install and activate. only thing i can think of for the language issue is the fall back language..... or use the numeric value for the french LP (040c) instead of fr-FR -
are you still getting this error? its a bit weird.... when i do a build and capture i get this issue... however when i deploy an image i don't have this problem.
-
Deploy SNMP
jamitupya replied to Haim Chibotero's question in Deploy software, applications and drivers
Just create a package with a script to install the snmp service (in win7/2k8+ can use servermanagercmd command line...), Then just have a preprepared registry file and import it. Or if from base install include it in your unattended XML -
In my experience this setting is better set as a solo GPO and selected as the highest priority gpo to run... Specified as enforced it should kick in quite quickly... If the gpo is taking a long time to apply, this may or may not be an option. I also have a login script built in vbs that blanks the screen with nothing but our logo on it until all the drives are mapped.... There's a rudimentary copy of this script in the scripting forum here if you wanted to check it out. One question, what do you mean by quick... 1-2 seconds or more.... If your concern is about them accessing the Internet without the proxy, have your network team add a firewall rule for your LAN segments to drop all traffic except from the proxy server... This should be done by default if using a proxy in schools.. I built an education infrastructure for a govt previously and their tricky little buggers to lockout...if you don't have a firewall to do this, and you have managed switches you can use an access list or group on the switch ... Messy but works
-
Yeah after i changed the IIS services to delayed start it seems to get it all working, still trying to find out what the cause was....
-
ok, after 3 reboot's its solved... seemed to end up being a management point failure of some kind. EDIT: Sorry, i did change one thing, i specified the IIS Services to have a delayed start.
-
I swear, you go to lunch and all hell breaks loose.... its telling me Auth error to get the TS data....but nothing has changed i can think of... all i've been working on is a TS. I've checked the DP and MP are operational... any ideas? <![LOG[Getting MP time information]LOG]!><time="05:03:50.969+480" date="11-02-2010" component="TSMBootstrap" context="" type="1" thread="1104" file="tsmediawizardcontrol.cpp:923"> <![LOG[Requesting client identity]LOG]!><time="05:03:51.062+480" date="11-02-2010" component="TSMBootstrap" context="" type="1" thread="1104" file="libsmsmessaging.cpp:5547"> <![LOG[CLibSMSMessageWinHttpTransport::Send: URL: JPTKYVDIV400.INFINITYCOMMONSSPAM!:80 CCM_POST /ccm_system/request]LOG]!><time="05:03:51.062+480" date="11-02-2010" component="TSMBootstrap" context="" type="1" thread="1104" file="libsmsmessaging.cpp:8159"> <![LOG[Authenticationm failure - 401]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="0" thread="1104" file="libsmsmessaging.cpp:8480"> <![LOG[pNext != NULL, HRESULT=80004005 (e:\nts_sccm_retail\sms\framework\osdmessaging\libsmsmessaging.cpp,1990)]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="0" thread="1104" file="libsmsmessaging.cpp:1990"> <![LOG[reply has no message header marker]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="3" thread="1104" file="libsmsmessaging.cpp:1990"> <![LOG[DoRequest (sReply, true), HRESULT=80004005 (e:\nts_sccm_retail\sms\framework\osdmessaging\libsmsmessaging.cpp,5645)]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="0" thread="1104" file="libsmsmessaging.cpp:5645"> <![LOG[Failed to get client identity (80004005)]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="3" thread="1104" file="libsmsmessaging.cpp:5885"> <![LOG[ClientIdentity.RequestClientIdentity (), HRESULT=80004005 (e:\nts_sccm_retail\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,994)]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="0" thread="1104" file="tsmediawizardcontrol.cpp:994"> <![LOG[failed to request for client]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="3" thread="1104" file="tsmediawizardcontrol.cpp:994"> <![LOG[Exiting TSMediaWizardControl::GetPolicy.]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="0" thread="1104" file="tsmediawizardcontrol.cpp:1293"> <![LOG[pWelcomePage->m_pTSMediaWizardControl->GetPolicy(), HRESULT=80004005 (e:\nts_sccm_retail\sms\client\tasksequence\tsmbootstrap\tsmediawelcomepage.cpp,300)]LOG]!><time="05:03:51.078+480" date="11-02-2010" component="TSMBootstrap" context="" type="0" thread="1104" file="tsmediawelcomepage.cpp:300"> <![LOG[setting wizard error: An error occurred while retrieving policy for this computer (0x80004005). For more information, please contact your system administrator or helpdesk operator.]LOG]!><time="05:03:51.094+480" date="11-02-2010" component="TSMBootstrap" context="" type="0" thread="1076" file="tsmediawizardcontrol.cpp:1466"> smsts.log
-
Yeah, interesting... got the same thing with enterpriseN x86 but enterpriseN x64 worked fine. i think its something to do with your answer file though now.... if you disable answer file it worked as expected on all versions i tested.
-
actually we don't use this function as we disable the builtin administrator account... i'll test it out today :-)
-
Creating and Searching for Collections
jamitupya replied to jamitupya's topic in Configuration Manager 2012
Yeah, i found that way a bit buggy though. For example, it'd error the console out if more than 1 nested sub-collection and i'd need to do a full system restart to get the console open again :S yeah it'd be to difficult to get an arrow in there wouldn't it :| -
Well, after a bit of digging i figured it out. I needed to create a collection for all Windows Server 2008 + R2 Servers however i accidentally created in the wrong place.... what was worse was i couldn't find it... So here we go.... how to create a collection: In this instance i'll be creating a Collection for Windows Server 2008 and R2 called Windows Server OS Since this is already covered and is essentially the same as SCCM 2007 R2, check out the following for creating a collection. how to find / locate a collection: (based on name) In the Console, select Assets and Compliance: Select Device Collections: In the Tasks Selection choose Search Folder: and then Click New Input a name for your Search Folder (in this case i will be searching for "Windows" so i just used "Windows") Scroll through the list of properties until you find name. Click Add Selected Click <text to find> Specify the Condition "contains" and type in the part of the known name of your missing collection Click OK Click OK Select your new search folders name in the window and Click OK Notice at the top its stating you are now viewing the search folder. and there's the elusive collection
-
Hi Jimm, im unsure however i will move this to the scripting forum as it seem more likely your talking around that area.