Serva PXE/BINL - AN05: MDT - Microsoft Deployment Toolkit

Starting an automated network install of anything from Windows 2000 to Windows 8 taking no more than 15 minutes and a ~1 MB download.

The objective of this document is to show you how to implement a net started portable MDT solution without requiring Active Airectories, nor Server platforms , nor WDS either.

Procedures described in this document require Serva "Supporter"

Serva PXE/BINL - Application Note Set
Serva PXE/BINL - AN01: Windows Install
Serva PXE/BINL - AN02: Windows Install Adv & WinPE Boot
Serva PXE/BINL - AN03: Non-Windows Boot/Install
Serva PXE/BINL - AN04: Custom menu
Serva PXE/BINL - AN05: Windows MDT


0 Index

  1. Requirements
  2. Definitions
  3. MDT Overview
  4. Installing Components
  5. Stage
  6. Deployment
  7. Customization
  8. Security
  9. Performance
  10. Troubleshooting
  11. Final Words

 

1 Requirements

1.1 Required Software
1.1.1 Microsoft Windows 7 / Windows Server 2008 and up running on the deployment station
1.1.2 Microsoft Windows ADK
1.1.3 Microsoft Windows MDT 2012 Update 1
1.1.4 Microsoft Windows Serva 2.1 or higher.

1.2 Assumed knowledge
1.2.1 Serva PXE/BINL - AN01: Windows Install
1.2.2 Serva PXE/BINL - AN02: Windows Install Adv & WinPE Boot

 

2 Definitions

Let's define some key terms used on this and following documents.

2.1 Windows ADK or WADK: The Windows Assessment and Deployment Kit is a software bundle providing the foundational assessment and deployment components used by Microsoft’s deployment solutions in the background. It replaces the Microsoft WAIK from Windows 8 and up, it includes:

  1. DISM: Deployment Image Servicing and Management.
  2. WSIM: Windows System Image Manager.
  3. USMT: User State Migration Tool.
  4. VAMT: Volume Activation Management Tool.
  5. ACT: Application Compatibility Toolkit.
  6. Windows Assessment Services.
  7. Windows Performance Toolkit
  8. Windows PE.

2.2 MDT: Microsoft Deployment Toolkit 2012 Update 1 is a free deployment solution from Microsoft. It provides the framework and tools to accelerate and automate deployments of Windows 8, Windows 7, Windows Vista, Windows XP, Windows Server 2012, Windows Server 2008 R2, Office 2010, etc. MDT is constructed over ADK foundations offering two main operational modes:

  1. Lite Touch: Stand alone deployment solution.
  2. Zero touch: Extension to System Center 2007/2012 Configuration Manager (SCCM)

2.3 SC: System Center 2012 is a corporate oriented system management solution from Microsoft for managing large groups of Windows-based computer environments. System Center 2012 is made of a cooperative set of frameworks and tools:

  1. Configuration Manager (SCCM): System Center 2012 Configuration Manager is a solution including tools for efficiently handling hardware and software inventory, OSs deployment, application distribution, etc. etc.
  2. Service Manager (SCSM): System Center 2012 Service Manager is an integrated platform for automating and adapting IT Service Management best practices when handling incidents, changes, users, tasks, etc.
  3. Operations Manager (SCOM): System Center 2012 Operations Manager is a single interface monitoring health, performance, and availability of machines, services, and applications.
  4. Orchestrator (SCO): System Center 2012 Orchestrator is an automation environment for the creation, monitoring, and deployment of resources.
  5. Virtual Machine Manager (SCVMM): System Center 2012 Virtual Machine Manager is a management platform for hosts and virtual machines.
  6. App Controller (SCAC): System Center 2012 App Controller is an environment for deploying, and managing virtual machines and services across private and public clouds.
  7. Endpoint Protection (SCEP): System Center 2012 Endpoint Protection provides desktop security (Antivirus/Antimalware) and management in a single solution.
  8. Data Protection Manager (SCDPM): System Center 2012 Data Protection Manager is a disk-based and tape-based data protection and recovery solution for servers and desktops.

 

3 MDT Overview

3.1- MDT Philosophy.

MDT is a deployment solution able to run from a single deployment station. MDT is locally controlled by its "Deployment Workbench"; a Windows application where we create and administer MDT's "Deployment Shares". A "Deployment Share" is an entity offered as a network resource to booting clients, bundling an specifically pre-configured assortment of MDT deployment resources and capabilities.

Every "Deployment Share" solution is split into a back-end and front-end both linked by a dedicated network share. While a "Deployment Share" back-end consists of an MDT hosted directory structure containing resources like:

  1. Operating Systems
  2. Drivers
  3. Applications
  4. Captured Images
  5. Task Sequences
  6. etc

A "Deployment Share" front-end consist of a bootable Windows PE executive able to interact with its corresponding back-end through the dedicated network share.

A client requiring the services of an MDT "Deployment Share" has to boot from the corresponding "Deployment Share" Windows PE executive. This booting agent could be physically delivered to the booting client on a CD/DVD or it could also be conveniently net delivered by PXE.
Once the Windows PE executive is booted it will be able to connect to the dedicated network share and bring to the client all the "Deployment Share" included resources and functionality.

The functionality a "Deployment Share" is capable to offer is defined within its "Task Sequences". MDT includes "Task Sequences" templates implementing commonly required deployment procedures. These ready to use templates can be easily customized if requiered and finally added to our "Deployment Share" at creation time.

MDT included templates:

  1. Sysprep and Capture: Performs a Sysprep operation and captures an image of a reference computer.
  2. Standard Client Task Sequence: Creates the default task sequence for deploying operating system images to client computers, including desktop and portable computers.
  3. Standard Client Replace Task Sequence: Backs up the system entirely, backs up the user state, and wipes the disk.
  4. Custom Task Sequence: Creates a customized task sequence that does not install an operating system.
  5. Litetouch OEM Task Sequence: Pre-loads operating systems images on computers in a staging environment prior to deploying the target computers in the production environment (typically by a computer OEM).
  6. Standard Server Task Sequence: Creates the default task sequence for deploying operating system images to server computers.
  7. Post OS Installation Task Sequence: Performs installation tasks after the operating system has been deployed to the target computer.
  8. Deploy to VHD Client Task Sequence: Deploys client operating system images to a virtual hard disk (VHD) file on the target computer.
  9. Deploy to VHD Server Task Sequence: Deploys server operating system images to a VHD file on the target computer

Many times you can use the provided templates without any modification. However, you can modify task sequences created from the templates to meet your specific requirements.

 

3.2- Deployment Scenarios.

The different deployment needs can somehow be reduced to three main deployment scenarios. when considering parameters like:

  1. User state migration
  2. File system preservation
  3. Need of the existing OS running

Scenario Description Preserves target file system Migrates user state Uses existing target computer

New Computer

A new installation of a Windows operating system is deployed to a new computer that has never been a member of the network. No No No

Refresh Computer

A computer is refreshed, including computers that must be re-imaged to address a problem or for image standardization. No Yes Yes

Replace Computer

A new computer replaces an existing computer on the network. The existing user state migration data is saved from the original computer. Then, a new installation of Windows is deployed to the new computer. Finally, the user state data is restored to the new computer. No Yes No

 

 

3.2- Our MDT Approach.

An introductory MDT solution can be implemented by a single "Deployment Share". In this case the single entity would be used for OS installation, Application installation, Image capture, Image deployment, etc, on both testing and production phases.
A more elaborated strategy (as the one presented in this Application Note) can be achieved creating two "Deployment Shares"; one used as "MDT Factory" where we create, test, and polish our deployment resources and the second one used as "MDT Outlet" where we distribute the ready for consumption resources previously elaborated at the "MDT Factory".

 

4 Installing Components

In this chapter we build and initially configure our deployment station.

3.1- Installing Windows ADK.

Download the ADK downloader adksetup.exe from here. Run the downloader taking default options. The setup process will add the required .Net Framework if necessary.
For extra guidance on installing ADK (i.e. installing on an Offline Computer) please read here

Note
Downloading ADK implies an Internet transfer of about 2.5 GB and finally installed in your HDD it will take about 3.9 GB


3.2- Installing Windows MDT.

Download the corresponding MDT installer (MicrosoftDeploymentToolkit2012_x64.msi or MicrosoftDeploymentToolkit2012_x86.msi) from here. Run the installer taking default options.

Note
Downloading MDT implies an small Internet transfer of about 24 MB


3.3- Installing Serva.

Download and install Serva as explained at chapter "4- Deployment" in Serva PXE/BINL - AN01: Windows Install.
After Serva first Close-Restart cycle you should have gotten Serva's empty repository structure.


C:\SERVA_ROOT
    pxeserva.cfg
    WIA_RIS
      ServaReadme.txt
    WIA_WDS
      ServaReadme.txt
    NWA_PXE
      ServaReadme.txt

3.4- Create the MDT Factory "Deployment Share".

  1. Open the "Deployment Workbench", right click the "Deployment Shares" folder and select "New Deployment Share"
    1. Populate the "New Deployment Share Wizard" with the following information:
      1. Path
        1. Deployment share Path: C:\MDT_Factory
      2. Share
        1. Share Name: MDT_Factory$
      3. Descriptive Name
        1. Name Deployment share description: MDT Factory
          Note
          This name will be displayed at Serva's menu
      4. Options
        1. (default)
  2. Right click the "MDT Factory" folder and select "Properties"
    1. Windows PE/x86/General/
      1. Image description: MDT Factory
      2. Generate a Lite Touch bootable ISO: unchecked
    2. Windows PE/x64/General/
      1. Image description: MDT Factory
      2. Generate a Lite Touch bootable ISO: unchecked
    3. Rules/Edit Bootstrap.ini
      Add the missing variables.
      [Settings]
      Priority = Default
      
      [Default]
      DeployRoot = \\MDT_COMPUTER_NAME\MDT_Factory$
      
      ;We can add credentials here and password protect Serva's menu entry later
      ;If MDT PC does not belong to a Windows domain make UserDomain = MDT_COMPUTER_NAME
      UserDomain   = MDT_COMPUTER_NAME
      UserID       = MDT_Factory$_UserID 
      UserPassword = MDT_Factory$_UserPassword
      
      SkipBDDWelcome = YES

    4. Apply changes

  3. Right click the "MDT Factory" folder and select "Update Deployment Share"
    1. (default) (the process can take 5/10 minutes, if longer temporary disable any antivirus)
  4. The image capture process requires the user account used when performing the capture having "Modify" permissions (NTFS Permissions) over C:\MDT_Factory\Captures

3.5- Create the MDT Outlet "Deployment Share".

  1. Open the "Deployment Workbench", right click the "Deployment Shares" folder and select "New Deployment Share"
    1. Populate the "New Deployment Share Wizard" with the following information:
      1. Path
        1. Deployment share Path: C:\MDT_Outlet
      2. Share
        1. Share Name: MDT_Outlet$
      3. Descriptive Name
        1. Name Deployment share description: MDT Outlet
          Note
          This name will be displayed at Serva's menu
      4. Options
        1. (default)
  2. Right click the "MDT Outlet" folder and select "Properties"
    1. Windows PE/x86/General/
      1. Image description: MDT Factory
      2. Generate a Lite Touch bootable ISO: unchecked
    2. Windows PE/x64/General/
      1. Image description: MDT Factory
      2. Generate a Lite Touch bootable ISO: unchecked
    3. Rules/Edit Bootstrap.ini
      Add the missing variables.
      [Settings]
      Priority = Default
      
      [Default]
      DeployRoot = \\MDT_COMPUTER_NAME\MDT_Outlet$
      
      ;We can add credentials here and password protect Serva's menu entry later
      ;If MDT PC does not belong to a Windows domain make UserDomain = MDT_COMPUTER_NAME
      UserDomain   = MDT_COMPUTER_NAME
      UserID       = MDT_Outlet$_UserID 
      UserPassword = MDT_Outlet$_UserPassword
      
      SkipBDDWelcome = YES

    4. Apply changes

  3. Right click the "MDT Outlet" folder and select "Update Deployment Share"
    1. (default) (the process can take 5/10 minutes, if longer temporary disable any antivirus)

 

3.4- Adding Serva's PXE capabilities to MDT.

  1. MDT Factory 32Bits
    1. Create directory mdt_factory_32 under C:\SERVA_ROOT\WIA_WDS\
    2. Copy C:\MDT_Factory\Boot\LiteTouchPE_x86.wim to
      C:\SERVA_ROOT\WIA_WDS\mdt_factory_32\
    3. Copy C:\MDT_Factory\Boot\x86\Boot\boot.sdi to
      C:\SERVA_ROOT\WIA_WDS\mdt_factory_32\
  2. MDT Factory 64Bits
    1. Create directory mdt_factory_64 under C:\SERVA_ROOT\WIA_WDS\
    2. Copy C:\MDT_Factory\Boot\LiteTouchPE_x64.wim to
      C:\SERVA_ROOT\WIA_WDS\mdt_factory_64\
    3. Copy C:\MDT_Factory\Boot\x64\Boot\boot.sdi to
      C:\SERVA_ROOT\WIA_WDS\mdt_factory_64\
  3. MDT Outlet 32Bits
    1. Create directory mdt_outlet_32 under C:\SERVA_ROOT\WIA_WDS\
    2. Copy C:\MDT_Outlet\Boot\LiteTouchPE_x86.wim to
      C:\SERVA_ROOT\WIA_WDS\mdt_outlet_32\
    3. Copy C:\MDT_Outlet\Boot\x86\Boot\boot.sdi to
      C:\SERVA_ROOT\WIA_WDS\mdt_outlet_32\
  4. MDT Outlet 64Bits
    1. Create directory mdt_outlet_64 under C:\SERVA_ROOT\WIA_WDS\
    2. Copy C:\MDT_Outlet\Boot\LiteTouchPE_x64.wim to
      C:\SERVA_ROOT\WIA_WDS\mdt_outlet_64\
    3. Copy C:\MDT_Outlet\Boot\x64\Boot\boot.sdi to
      C:\SERVA_ROOT\WIA_WDS\mdt_outlet_64\
  5. Close-Restart Serva

 

 

 

4 Deployment

 

 

5 Customization

 

 

6 Security

 

 

7 Performance

 

 

8 Troubleshooting

 

 

8 Final words

Initially targeting the sysadmin in a hurry and the average IT enthusiast, Serva PXE/BINL was originally designed as the simple alternative to the server functionality of those fantastic pieces of software called Microsoft RIS and WDS. Today Serva PXE/BINL also includes advanced features like unattended installs, Windows PE booting, or single-menu multi-repository integration. Please read about these exiting new features here Serva PXE/BINL - AN02: Windows Install Adv & WinPE Boot.

When Serva PXE/BINL services are enabled, "non-supporter" builds of Serva stop processing network requests after 50 minutes of use. This amount of time is more than enough for any OS installation. Supporter builds of Serva on the other hand do not have this limit (see Serva's download page for further details).
If you find Serva useful please consider contributing to the project by purchasing Serva's "Supporter" build. Supporter builds make possible Serva's maintenance and future development.

Serva bugs, comments, or ideas on how to improve the information contained in this document please contact me here.

Originally published 05/08/2012
2nd Edition 02/01/2013
Edited by Tyler Cookson