Leveraging the build and capture process
The build and capture process is often described as the process to create a reference image. You will create a Build and Capture task sequence that will deploy the operating system, install any additional standard applications, OS customizations, and software updates, and then perform an OS capture to create a .wim file (the reference image). The goal is for this process to be 100 percent automated, so that you can recreate the reference build at any time with little effort.
The Build and Capture process is not a requirement for using OS Deployment in CM12. You could manually create your own reference build, SYSPREP, and capture it to a .wim file. But as you will see next, creating the build and capture process in CM12 will allow you to take advantage of software updates and other applications that are already in CM12, and provide a completely unattended process to prepare a reference build on a regular interval.
Getting ready
You must first decide what applications you need to install into your reference build. There are two basic schools of thought on reference builds, thick image and thin image (or maybe a third one somewhere in-between).
A thin image is a reference build that contains minimal software. During your production task sequence, you can apply the image, and then install any additional software during the task sequence. A thick image is an image that contains just about everything you need for a standard build in your environment. Some may consider it the 90 percent rule. If 90 percent of users have a common application then it should be part of the reference build. There are advantages to each school.
For example, when Adobe Reader requires an update, you may not need to update the thin image, as Adobe Reader is being installed later in your production task sequence. But when Adobe Reader is in the reference build, you must re-create (sometimes referred to as re-spin) your reference builds to ensure you are installing up-to-date software.
On the other hand, you will generally find that a production OS deployment TS with a thicker reference build will complete faster than a production OS deployment TS with a thin reference build. For example, installing MS Office during a production build will take a considerable amount of time. If MS Office is a part of the reference build, Office is already installed in the image, and downloading the larger sized .wim file is generally faster than downloading the hundreds of smaller installation files too.
The key to success is to have an easily repeatable and automated reference build process. The more automated this process is, the easier it is to quickly create builds on a quarterly or monthly basis.
Before you create the TS, locate your licensed Windows 7 installation media in .iso format. Use an ISO extraction tool (such as www.7-zip.org) to extract the contents of the .iso file to a share that the CM site server has appropriate access to and follow these steps to create a Operating System Installer package:
- Navigate to Software Library | Operating Systems | Operating System Installers, and select Add Operating System Installer from the ribbon.
- On the Data Source page of the wizard, enter the UNC path to the OS media you extracted previously.
- On the General page, enter a friendly name, version, and comment.
- Continue the wizard to completion.
- Distribute the new OS Installer package to your local DP. As this process is only to create the reference build, you only need to send it to a DP local to your test VM.
How to do it...
Follow these steps to create a Build and Capture task sequence:
- Navigate to Software Library\Operating Systems, right click Task Sequences, and select Create Task Sequence.
- On the Create a new Task Sequence page, select Build and capture a reference operating system image.
- On the Task Sequence Information page, enter a TS Name, description, and select the required boot image. Select the default boot image that matches the architecture of the OS you plan to build. For example, if the OS installer is Windows 7 x64, select Boot image (x64). This is the default boot image. As this is a reference build and will only be built on a VM, there is no need for a custom boot image or additional drivers.
- On the Install Windows page select the OS Installer package that you selected previously. Verify your licensed edition is selected in the Edition drop-down box. Some OS media may contain more than one edition of Windows.
- Enter the Multiple Activation Key (MAK) if you have one; otherwise leave the Product key blank and activate later with Key Management Service (KMS). Enable the radio button to Always use the same administrator password.
Note
This password will only be valid for the reference build, so you will probably only use it when you're troubleshooting the build and capture process. When you deploy the captured image in a production task sequence, you will specify a new password (or elect to disable the admin account) at that time.
- On the Configure Network page, leave the default to Join a workgroup, and enter a temporary workgroup name.
- On the Install Configuration Manager page, select the Configuration Manager Client Package. This package is in the root of the Packages node by default, and is automatically created by CM12 during site installation. Add any additional installation properties you need. In order to install patches during OSD, you do need to specify the
SMSMP=<myMP server>parameter in the command-line installation. On the Install Updates page, select whether to install only mandatory, mandatory and option, or no updates. - On the Install Applications page, click on the starburst to select one or more applications to install. The application must be able to run as the system account with no user interaction. Dependent applications will be installed if applicable. Also, choose whether to continue installing applications even if one application in the list fails.
- On the System Preparation page, you will see that it is disabled. Sysprep is now native to all supported operating systems except Windows XP and Server 2003. If you must use either of these operating systems, simply create a package with the appropriate Sysprep files, and select that package on this page.
- Add any custom info you need on the Image Properties page. This information will be captured in the metadata of the image.
- On the Capture Image page, specify a UNC Path, as well as credentials that can create/copy files to that path.
- Click on the Summary button and finish the wizard.
How it works...
Select the new TS and choose Properties from the ribbon. Review the General and Advanced tabs so that you know how to change the boot image or rename the task sequence in future.
Next, select the new TS and choose Edit from the ribbon. Now you can see all the TS steps that were created during the wizard. If you have additional steps you need to run during the TS, you can select the Add button from the Task Sequence Editor. For example, under Add | General, you see options such as Run Command Line and Install Package (for package/programs). If you are new to CM task sequences, start small and verify things are working properly, then copy your working task sequence, and then begin to add additional required steps.
Also notice that by following the wizard, you will have a Install Updates step before the Install Applications step. Depending on the applications you chose to install, you may want to switch the order of these steps. For example, if you install Microsoft Office during the task sequence, you will probably want to run the Install Updates step after the Office installation, to ensure all targeted Office patches are installed to your reference build.
There's more...
After creating the task sequence, you need to send content to a DP. As this is a reference build you only need to send content to the DP that will be used to build and capture your reference image. Select the desired task sequence and choose Distribute Content from the ribbon. As you walk through the wizard you will see that all associated content for the task sequence will be distributed. Choose the desired DP and complete the wizard.
Tip
Verify that the Network Access Account has been configured. Verify from the Administration | Overview | Site Configuration node. Choose Sites and select Configure Site Components | Software Distribution from the ribbon. View the Network Access Account tab. You should use a low-rights account configured to be used to connect to DPs; a member of domain users only is generally sufficient.
Move to the Monitoring tab and view the Distribution Status | Content node to view the status for each package.
As mentioned previously, the standard boot image should suffice for a reference build using a VM. You will want to modify the default boot image by viewing the boot image properties, and on the Customization tab, select Enable Command Support. When you click on OK you will see the Distribution Point Update Required dialog. Select Yes to update the distribution points for the boot disk and complete the wizard. During this process, CM will mount the boot.wim file, apply any modifications (for this example, enable command support), un-mount the .wim file and commit changes, and then send to DPs.
After the DP is updated, create a .iso with the following steps:
- Select the Task Sequences node, and then choose Create Task Sequence Media from the ribbon.
- On the Select Media Type page, choose Bootable media:
- On the Media Management page, choose Dynamic media, if you have more than one primary site.
- On the Media Type page, choose CD/DVD set, and enter a valid path and filename for the Media file. Specify
.isoas the file extension. - On the Security page, choose whether to allow unknown computer support, and whether to protect boot media with a password.
- On the Boot Image page, choose the desired boot image, as well as the DP that will be used as the boot image source to create the
.isofile. Also click Add to add the required MP(s) for the reference build. - Leave the Customization page as default.
- View the Summary page, and complete the wizard. You will use this boot image in the next section.
Create a collection, and add Unknown Systems to the collection if required (be very careful not to select All Systems here). If you do not add Unknown Systems to the collection, you must import the computer to a collection. To import a computer, select Devices, and then choose Import Computer Information from the ribbon. To import, you will need the MAC address or the SMBIOS GUID of the systems. Be sure to add the system to the proper collection during import, so that the reference build task sequence will be available to it.
Perform the following steps to deploy the task sequence:
- From Software Library | Overview | Operating Systems | Task sequences, select the desired TS and choose Deploy from the ribbon.
- Choose the desired target collection. Note that you cannot change the deployment name—it will be automatically generated, based on the TS name.
- On the Deployment Settings page, choose whether the install is Available or Required. For this example, choose Available:
- Skip the Scheduling tab, as this deployment will be an optional deployment.
- Leave the defaults for the User Experience page. Also leave defaults for the Alerts page.
- On the Distribution Points tab, choose whether to download content when needed, or download all content before the TS begins. You can also choose the client actions to prefer when no DP is available, and to allow clients to fallback to a source location (for example, primary site) for content.
- View the summary page, and complete the Deploy Software Wizard.
Now that you've confirmed all content is on the DP, and you have a bootable .iso, you're ready to start building your test system. In Hyper-V, connect to the test VM created earlier in this chapter. Select Media/Insert Disk and browse to the .iso file created previously.
Power up the VM. If this is a brand new VM, the boot media will automatically start. If this is a VM that already has a formatted disk, you will need to quickly press a key to boot to media. Next you will see a welcome screen, clicking Next will display a list of optional deployments. Select the build and capture TS to continue.
A basic build and capture may run for 30 minutes or more, depending on network speed, VM performance, and the number and type of applications and security updates to apply. The key is that this process will be fully automated. You may spend some time working the kinks out to get everything working properly, but once you do, maintaining a reference build will take very little time out of your day, and allow you to quickly update the build as required.
If you encounter failures during the build and capture process, take a look at monitoring status for the task sequence. Also, as you enabled command support for the boot media, you can press F8 to open a command prompt during the TS to view the logs. After pressing F8, run CMTrace.exe from the current directory to launch the Configuration Manager Trace Utility. This tool will help you read CM logs. If the TS is currently in the WinPE phase, view SMSTS.log in x:\windows\temp\smstslog\. If the TS is currently in the Windows phase, view SMSTS.log in C:\windows\ccm\logs\smstslog\.
Once the capture is complete, you can add the .wim file as an OS Image into CM. This chapter does not walk you through the process of creating your production TS—the process is almost identical to the steps you have completed for a build and capture TS. The rest of the chapter will focus on specific steps within your production TS.
See also
- You will find many demos and walk-throughs at http://www.configmgrsurvivalguide.com/ for OS deployment
- Review the TechNet documentation for OS deployment at http://technet.microsoft.com/en-us/library/gg681992.aspx.