Microsoft

Deskto
p
Deployment Assistance Program

3. Deploying Windows XP

Thomas Lee
Chief Technologist QA plc
thomas.lee@qa.com
Deployment Assistance Program

Agenda
Windows XP SP2 Setup Improvements
Two types of Automated Deployment
Scripted Install
Image

Automation of the Installation process

Win PE
XP SP2

Setup Agenda
Unattended setup
WinPE new
Imaging
RIS
Setup Tools

Why not use OEM Build?

Breaks the license
SysPrep is different
Lots of OEM Stuff
Product Keys

Automated Installations
Unattended setup
Introduced in NT4 workstation
Scripted automated Windows Setup
Still supported, not recommend for production deployment

Imaging
Uses SysPrep and Microsoft (WIM) or 3 rd Party Disk Imaging technology
Copies Master build to multiple PCs

Remote Installation Services

Unattended Setup from Server
Imaging from Server (SMS OSD or 3 rd party products)
Great for that first build
Not recommended for Production deployment, due to broadcasts and
network boot

Unattended Setup
Most flexible deployment option
Also slowest
Starts and runs Windows XP Setup on each computer
individually
What you need:
Winnt.exe, Winnt32.exe or CD (BIOS must support bootable CD)
A distribution share with Setup files or Windows XP CD
An answer file (text file) or winnt.sif if running unattended from CD

Consider speed and amount of data transfer this involves

compared to an image

Unattended Installation
Input of information based
on boot menu, or missing
points from answer file.

Unattend.txt

Manual
Setup
First boot experience may
require some information
input.

Starting Unattended Install

From DOS/Windows 3.x:
winnt.exe /u:<answer file> /s: <source share >
Make sure you have smartdrv.exe loaded

From Windows 9x/NT/WinPE:

winnt32.exe /unattend:<answer file> /s: <source share>
/tempdrive:<target drive> /syspart:<target drive> ]

From CD (computer supports CD boot) - Place winnt.sif file on a

floppy disk, boot Setup from CD and insert the floppy when Setup
starts
Understand the implications this has on time and network
bandwidth

Win PE
Overview
Features
Limitations
Scenarios
Features for Windows PE
Discussion

What is Windows PE?

Reduced version of Windows XP
Can be created from either an x86 based 32 bit OS
SKU X64 or an IA64 bit OS Sku today
Windows PE provides full networking, driver injection,
WMI support, Ramdisk(SrSP1)
Windows PE is used to build, test and deploy OS
images
Windows PE is a base platform for a variety of 3 rd
party support related solutions:
Virus scanning and recovery based products
Hardware and software test and diagnostic tools
OS and utilities based deployment

Windows PE Overview
An NTFS-capable boot disk with
TCP/IP networking
Mass-storage controller support
VESA mode video support

What is it used for?

Deployment
Recovery
Troubleshooting

Originally designed to provide cross-architecture

deployment platform

Windows PE Overview
Release history
First release was concurrent with Windows XP in 2001
Windows XP Service Pack 1:
Standalone DFS root connectivity
New (easier) boot from HDD ability

Windows Server 2003

Ability to build Windows PE from Windows Server 2003 products

Windows XP Service Pack 2 release called WinPE2004

WMI
Firewall
Driver injection

Updated with Windows Server 2003 Service Pack 1

USB Boot
Any PXE Server Boot

Features
Works with all systems that Windows XP and
Windows Server 2003 support
Can be built from Windows XP or Windows
Server 2003
Device support:
Networking*
Mass-storage*
VESA video support (single driver)
*Includes all built in drivers for this class from the version of Windows it was
built from. New drivers of this class can be easily added.

Features
VESA support specified by display controller hardware
determines resultant color depth and resolution
Can connect to standalone DFS roots and other SMB
shares
Ability to build-out storage, partition, do native FAT or
NTFS disk formatting, 32-bit disk imaging, I/O

Features
Boot support
CD
DVD (ISO only)
Hard disk
PXE (RIS only for WinPE 2004)

Supported for deploying

Windows 2000
Windows XP
Windows Server 2003

Non-Features
Windows Explorer shell
Audio support
DirectX
Visual Studio .NET applications
ADSI connectivity

Uses For WinPE

Deployment (broadest use today)
Maintenance/repair/recovery
Other utilities ISVs use;
Anti-virus
Diagnostics
File-system repair tools

Non-Uses For WinPE

Embedded operating system
Reboots every 24 hours
Use Windows XP Embedded

General use operating system

No Explorer Shell
No IE
Limited Application Support

Building WinPE
mkimg.cmd
Creates directory structure for CD

If required manually tailor the platform

Drivers, utilities

Optionally customize the default scripts

startnet.cmd

Optionally create custom shell

C/C++
Windows Script Host*
HTA (HTML Applications)*
*Support can be added using buildoptionalcomponents.vbs

Building WinPE continued

OSCDimg.exe
Creates ISO CD image of your directory
El-torito bootable
Same tool to create supported custom CD

Demo
Using Setup Manager to build answer
files
WinPE and Diskpart.exe

New Licensing Model

The new licensing model enables 3 options:
Ability to use Windows PE in-house for tools development,
testing, and OS deployment (free)
IHV/OEM ability to develop support related test and diagnostic
tools and ship these BIOS-locked to their hardware (free)
IHV/ISV/SI/OEM/ODM ability to create support related products
(Virus scan, test and diagnostic, recovery etc) and ship these
tools in a retail setting for a profit. (pay royalty when ship)
licwinpe@microsoft.com for all queries

Scenario - Scripted
Scenario: Deploying new systems, using scripted installation
Windows PE launched via RIS

1. New system arrives and is sent to employee

2. Machine is powered on and PXE boots
3. Boots to Windows PE
4. Disks are partitioned and formatted using diskpart and format
5. Winnt32 is launched with a custom unattend
6. Exit Windows PE when that completes
7. Install applications when setup completes

Scenario - Scripted
Task examples: DISKPART

Clean
SEL DIS 0
CLEAN

Partition Creation
SEL DIS 0
CRE PAR PRI
ACTIVE
ASSIGN LETTER=C
EXIT

Scenario - Scripted
Task examples:

Format /Q /Y /FS:NTFS
Winnt32 syntax
Winnt32 /syspart:C: /tempdrive:C: /makelocalsource /dudisable
/unattend:unattend.txt

Scenario Imaging (SMS OSD?)

Scenario: Migrating to XP, using USMT and Windows PE (with
imaging tools)

1.
2.
3.
4.
5.
6.
7.

USMT migrates files and settings off system

CD of Windows PE provided to employee
Machine is powered on and CD boots
Boots to Windows PE
Imaging tool used to apply image from UNC
Exit Windows PE when that completes
USMT migrates files and settings back

Building An OS Image
Clean install OS
Ensure same HAL type (ACPI, non-ACPI)

Customize installation
Install applications

Prepare for management infrastructure

Generally handled by domain
User State Migration
Group Policy

Building An OS Image (cont.)

Run Sysprep.exe
-reseal for end-user boot experience
-factory for customizing on reboot

Create image
3rd party imaging tools
Boot to Windows PE and xcopy to server

Maintain image
Edit Sysprep.inf on image
Add files, drivers

Problems with Previous WinPE

1. No support for WMI
2. No support for retrieving SMBIOS info
3. Can only PXE boot from RIS
4. CD swapping is complicated (/INRAM)
5. If Windows PE boots from hard-disk that disk
cannot be repartitioned/reformatted

Windows PE 2004 New Features

Targeted Windows PE specific changes include:
Ability to inject 32/64 bit device drivers easily into
Windows PE (Windows XP and Windows Server 2003
drivers)
WMI support for hardware based diagnostic tool access
Built in firewall support enabled by default
Build scripts documented to reduce the size of
Windows PE
Boot Windows PE in a RAMDisk via PXE, from Hard
disk or CD
Full support for all architectures Windows supports

Add Device Drivers

Change build scripts to support additional
hardware device classes and drivers in base
Windows PE image
Provide ability to add additional 32 drivers outside
of in-box drivers to existing build of Windows PE
using drvinst.cmd
Add drivers after Windows PE image is built for
test and diagnostic of the latest hardware/drivers
avoiding full rebuilds

DRVINST.CMD
Source Options
[/inf] path to specific driver
[/oscd] path to OS CD

Filter Options
[/onlyid] only install with matching PNP IDs
[/ignoreid] - do not install these PNP IDs
[/onlyclass] only install this class of driver
[/ignoreclass] ignore these classes of driver

Action Options
[/inject] specifies path to WinPE image (c:\winpe)
[/preview] list drivers that would be installed

WMI Support
Add WMI base support to provide access to
underlying hardware within Windows PE
Support for over 40+ providers and 1500+
classes.
Leverage the ability to load a native driver for
hardware validation and query

RAMDisk Boot
Ability to boot, load and run Windows PE within a
RAMDisk on a PC via network (any PXE server),
hard disk, or CD
Provides ability to run tests and diagnostics
remotely from the server or on local media
Allows for CD swapping for deployment/recovery
media

Windows PE New Features - Summary

Windows XP Service Pack 2
WMI Support w/ 47 providers and 1500 classes
Enables IP addresses to be changed on the fly after
the WinPE CD has booted.
Driver Injection and PnP support
Windows Firewall support
Set IP for multiple NICs, rather than just first NIC
enumerated

Windows PE New Features - Future

Windows Server 2003 Service Pack 1
All features listed for XPSP2 plus
Major Overhaul release; lots of bug fixes
Documentation getting a major clean up
RAMDisk boot support for HD, CD and any vendors PXE*
Full support for all architectures Windows Server 2003 Service Pack 1
will support

MKIMG -- No longer need to maintain separate build directories with

ia64/amd64/x86 tools. Correct tools pulled from platform-specific
build directories, allowing same modified build scripts across
architectures to be used.
ADO -- support named-pipe as well as TCPIP transport

*Requires minimum of 256MB

Installing Windows XP from Source

Windows XP
Copy i386 folder from XP CD ROM

Windows XP SP2
Run XPSP2.EXE /S:d:\winxp
(see support\tools\spdeploy.htm)
(see support\tools\deploy.cab for GREAT info)

Let SUS/WU add the rest

Distribution Share/Folder Explanation

What do the various directory structures in a Build source
look like?
Below contains installation files - Windows XP, device
drivers, any additional files
Structure ($OEM$ can be moved in unattend.txt)
\i386
\$OEM$
Contains all OEM files
Contains Txtsetup.oem, SCSI and HAL files
\Textmode
Maps to %systemroot%
\$$
\$1
Maps to %systemdrive%.
\<drivers_dir>
Contains PnP drivers and infs
Maps to a drive on the computer. E.g. E:\
\<drive_letter>
\<drive_letter>
Windows XP files

Customising the Build

$OEM$ copies files to local disk
Cmdlines.txt executes commands at the end of setup
Cmdlines.txt is run synchronously
Commands in cmdlines.txt execute asynchronously
Use start /wait to call a CMD file
Use start /wait for each command in the CMD file
Cmdlines.txt has no user environment and no network access
useful only for $OEM$
Cmdlines.txt cannot install MSI packages
Use GUIRunOnce
Use GUIRunOnce for network app installs

Adding support for PnP hardware

Drivers must be available during GUI mode setup
Place files in $OEM$\$1\Drivers can make this a more detailed sub structure
Create sub-folders (audio, net, etc) or vendor specific
Unattend.txt
[Unattend]
OEMPnPDriversPath=drivers\audio;drivers\net;drivers\etc
Setup prepends %systemdrive% to each path

Sysprep =
System preparation tool
Prepares a reference system duplication
SMS OSD
3rd party imaging tools
XCopy

Similar to RIPrep, used for RIS imaging

Requires relatively similar hardware
Runs Mini-Setup (or Windows Welcome
in Windows XP) rather than full setup

Sysprep 2.0
Enhancements
Support for longer OEMPnPPath strings
Increased to 4096 characters
Administrator profile copied to Default User
Simplifies Default User configuration
Factory switch
Allows for updated or out of box drivers to be picked up by
image at install time when PnP occurs
Winbom.ini Allows gathering of files (e.g., drivers, apps) from
network or custom scripting/application installs
-PnP switch not recommended

Sysprep
How it works
Reference
Computer

File
Server

Reference Computer is prepared as

desired Windows and applications

2 Sysprep is run on the Computer,

which then powers of

3 Using Windows PE or an imaging

tool, the image is stored (here, to a
server)
4 Destination Computer is booted
using Windows PE or an imaging
tool, image is installed.
5

Destination
Computer

Destination Computer is powered

on, mini-setup runs

6 Destination Computer is powered

of & ready to redistribute
7

Steps 4-6 repeated as needed for

each new Computer desired

Sysprep
Components
Sysprep.exe
Main tool

Setupcl.exe
used to regenerate security IDs

Factory.exe
When sysprep is run with the factory option

Sysprep.inf
Answer file used by Sysprep

Files must be in %systemdrive%\Sysprep folder

Unattend And Setup Manager

Setup Manager creates and modifies unattended
setup answer files
Unattend
Sysprep
RISetup
Can be found with other deployment tools and
guides in Deploy.cab on the product CD
Updated versions of tools with XP SP1 and XP SP2

Unattend And Setup Manager

Enhancements

Local admin password can be encrypted

Setup Manager features Improved
user interface
Improved .chm file on the product CD
for unattended setup and deployment

Remote Installation Services

RIS

Remote Installation Service

Allows for network initiated setup
Clean scripted install (RISetup)
Clean imaged install (RIPrep)

Uses PXE network cards to initiate setup with minimal

user interaction
Boot floppy supports select additional network cards
that are not PXE capable

RIS
How it works
Client

DHCP Server

1 The client requests an IP address

2 The IP address is supplied by a
DHCP server

1
2
3

3 The client contacts the RIS server

4 The RIS server checks Active

Directory to see if the client has

been pre-staged

5 RIS responds or forwards the

request to another RIS server

5
4
RIS Server

Active Directory DC

6 The RIS server sends startrom.com

to the client launches OSChoice

RIS
Windows 2003 Enhancements

Support for deploying

All retail versions of Windows 2000 (including Server and
Advanced Server)
Windows XP Professional
All Windows Server 2003 products
All 64-bit versions of Windows Server 2003*

Significant performance increase over RIS

in Windows 2000
*RISetup only, not RIPrep-based images

RIS Installation
Ristndrd.sif

RIS

RIS
Setup

RiPrep
RiPrep.sif
Mini Setup or
Windows Welcome

RIS Server Services

BINL (Boot Information Negotiation Layer)
The boot server service; interacts with the AD
and other boot servers to remote install a client
TFTPD (Trivial File Transfer Protocol Daemon)
Protocol used to transfer files needed to remote install, maintain and
troubleshoot a client machine
SIS (Single Instance Storage)
Runs on NTFS partition to reduce disk space usage by removing
duplicate files from RIS images

Creating RIS OS Install

Configure RIS Server as mentioned
Creates a default CD-based image

Configure client computer names and locations

Configure client installation options
Modify installation using answer file
Set permissions on image - set ACLs on .sif files (or
templates folder)

RIS Tips
Must have Windows 2000 SP2 on server
Must have new RISETUP.EXE
See Q287546

Must copy new files from .NET server

RIPREP.EXE
IMIRROR.DLL
SETUPCL.EXE
RIPREP.INF

 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only.
MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.