When you have imaged a Windows machine and you are deploying it to tens or even hundreds of other computers you need to Sysprep the machine.
The most important reason why we Sysprep our computers is because we need a new generated sid for the machine. Of course we also need a new computername to prevent us from having network problems because of duplicate computernames.
In the previous article I talked about Sysprep in general and how to generate a Sysprep file. In this article I'm showing you all the options and explain them so you can get the best out of it.
FIRST of all.
Make sure you use the correct Sysprep. If you have Sysprep from Windows XP SP2 it will not run on SP3. So get the newest version and use that. It is backwards compatible, so you can use it also on your SP1 and SP2 machines.
Download Sysprep Windows XP SP3 from: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=673a1019-8e3e-4be0-ac31-70dd21b5afa7
Running Sysprep
You run Sysprep just before you create a disk image of a master installation. This ensures that any changes Sysprep makes are present on the disk image, which in turn ensures that the changes are present on every destination computer onto which you copy the disk image.
When you run Sysprep without specifying any parameters, Sysprep:
- Searches for Sysprep.inf, and, if the file is found, temporarily stores the path to Sysprep.inf in the registry.
- Determines whether a master computer is a member of a domain, and, if it is, removes the master computer from the domain.
- Copies Setupcl.exe to systemroot\System32, and then runs Setupcl.exe, which resets SIDs.
- Removes all network adapters (except legacy network adapters), which removes all network settings such as DNS and IP configuration settings.
- Configures the registry so that Mini-Setup runs the next time a destination computer is started.
- Issues a shutdown command so a disk image of the master installation can be created.
You can run Sysprep on a master installation without specifying any parameters if:
- You do not want to perform any auditing or testing after a disk image is copied onto a destination computer and before it is delivered to an end user.
- You are not performing automated installation and configuration tasks by using a Winbom.ini file.
- You do not want to install or configure software, device drivers, or system components after a disk image is copied onto a destination computer and before it is delivered to an end user.
- You do not need to enumerate non-Plug and Play devices the first time a destination computer starts.
- Your master computer shuts down properly after you run Sysprep. Some computers do not shut down after you run Sysprep; if this is the case, you must use the -forceshutdown parameter with Sysprep.
- You do not want to reset the grace period for Windows Product Activation, nor clear the critical devices database, nor run Sysprep without generating new SIDs.
If you cannot run Sysprep with its default settings, you need to specify optional parameters. You can use the following guidelines to help you configure Sysprep
.
Now we have to go through all the possible parameters
Using the -activated parameter
Use the -activated parameter if you activate your destination computers in Factory mode. For more information about Windows Product Activation and Sysprep, see article Q299840, "How to Use Sysprep with Windows Product Activation or Volume License Media to Deploy Windows XP," in the Microsoft Knowledge Base. To find this article, see the Microsoft Knowledge Base link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources. The -activated parameter is not applicable if you have a volume license.
Using the -audit parameter
Use the -audit parameter to audit or test a computer in Factory mode. If you use this parameter, you must clear the event logs and delete all files that you created while you were auditing or testing. You cannot use the -audit parameter with any other Sysprep parameters.
Using the -bmsd parameter
Use the -bmsd parameter to populate the [SysprepMassStorage] section of Sysprep.inf with the Plug and Play IDs of mass-storage devices specified in Machine.inf, Scsi.inf, Pnpscsi.inf, and Mshdc.inf. Sysprep only builds the list of mass-storage devices; it does not install these devices in the critical device database or complete any other processing.
You can only use this parameter if the [SysprepMassStorage] section exists in Sysprep.inf, but does not contain any entries. You do not need to add the BuildMassStorageSection parameter to the [Sysprep] section in Sysprep.inf when you use the -bmsd parameter. In addition, you cannot use the -bmsd parameter with any other Sysprep parameters.
Using the -clean parameter
Use the -clean parameter to delete device drivers for mass storage controllers that are loaded but not physically present on a computer. You can only use the -clean parameter if you used the [SysprepMassStorage] section in Sysprep.inf and the -bmsd parameter to load device drivers for mass storage controllers. You typically run Sysprep with the -clean parameter in a Cmdlines.txt file. You cannot use the -clean parameter with any other Sysprep parameters.
Using the -factory parameter
Use the -factory parameter to perform installation and configuration tasks - such as installing, configuring, auditing, or testing software and system components - before you prepare a computer for delivery to an end user. You must run Sysprep again on the destination computer when you are finished performing installation and configuration tasks in Factory mode. To do this, use the Reseal and ResealMode entries in the [Factory] section of Winbom.ini.
Using the -forceshutdown parameter
Use the -forceshutdown parameter if a computer with an ACPI BIOS does not shut down after you run Sysprep.
Using the -noreboot parameter
Use the -noreboot parameter to test installation and configuration changes in a nonproduction environment. When you run Sysprep with this parameter, Sysprep performs all tasks without shutting down or restarting the computer.
Using the -nosidgen parameter
Use the -nosidgen parameter if you are not duplicating the computer on which you are running Sysprep.
Using the -pnp parameter
Use the -pnp parameter only if legacy (non-Plug and Play) hardware is not being detected properly. The -pnp parameter can only be used to install legacy hardware, such as COM ports, and cannot be used to install unsigned device drivers. In addition, a destination computer can take up to 20 minutes to start when you use the -pnp parameter. This is because the -pnp parameter forces a computer to enumerate every device.
Using the -quiet parameter
Use the -quiet parameter to run Sysprep without displaying onscreen confirmation messages. This is useful if you are automating Sysprep. For example, if you plan to run Sysprep immediately following an unattended Setup, add Sysprep -quiet to the [GuiRunOnce] section of the Unattend.txt file.
Using the -reboot parameter
Use the -reboot parameter to force a computer to automatically reboot and then start Mini-Setup, or Factory mode, as specified. This is useful when you want to audit the system and verify that the first-run experience is operating correctly.
Using the -reseal parameter
Use the -reseal parameter to prepare a destination computer for final delivery to an end user after you have performed installation and configuration tasks in Factory mode. This parameter clears the Event Viewer logs and configures the registry so that Mini-Setup is set to start at the next boot. If you run the command Sysprep -factory, you must seal the installation as the last step in your preinstallation process, either by running the command Sysprep -reseal or by clicking the Reseal button in the Sysprep dialog box.
If we have generated a Sysprep.inf file then we can open it and edit it, change values and we can also add values to the Sysprep.
Below you find a summary of options inside a Sysprep.inf file.
SetupMgrTag
; ----------------- Sysprep Notes -----------------
; Note: All notes in this files must have a ';' before them, and the first line should not be changed from ';SetupMgrTag'
;
; Steps to using this file:
; 1: Run the file c:\Sysprep\utils\PNPPath.bat - this will set the OemPnPDriversPath below for Syspreps use
; 2: Verify if you need a new HAL and add appropriate UpdateUPHAL or UpdateHAL lines below under the [unattended] section
; 3: Verify the admin password in the [GuiUnattended] section
; If done properly this file is deleted after Sysprep completes so this should not be a security issue
;
[Unattended]
OemPnPDriversPath="Drivers\1\1;Drivers\1\10;Drivers\1\11;Drivers\1\12;Drivers\1\13;Drivers\intel"
DriverSigningPolicy=Ignore
InstallFilesPath=C:\Sysprep\i386
TargetPath=\WINDOWS
KeepPageFile=0
OemSkipEULA=Yes
UpdateInstalledDrivers=Yes
NonDriverSigningPolicy=Ignore
UpdateServerProfileDirectory=1
[Sysprep] BuildMassStorageSection=Yes
[GuiUnattended]
AdminPassword="0h S0 S3cure"
EncryptedAdminPassword=NO
OEMSkipRegional=1
OEMDuplicatorstring="Demo Clone"
TimeZone=10
OemSkipWelcome=1
AutoLogon=Yes
AutoLogonCount=3
[FavoritesEx]
URL1=http://google.com
[UserData]
FullName="Your Name"
OrgName="Your Organization"
ComputerName=*
ProductKey=xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
[Display]
BitsPerPel=32
Xresolution=1024
YResolution=768
Vrefresh=72
AutoConfirm=1
[TapiLocation]
CountryCode=1
Dialing=Tone
AreaCode=719
LongDistanceAccess="9"
[RegionalSettings]
LanguageGroup=13,17,3,2,5,16,4,12,15,7,8,10,11,9,6,14,1
Language=00000409
[Networking]
InstallDefaultComponents=Yes
[Identification]
JoinWorkgroup=Altiris
[GuiRunOnce]
Command0=c:\drivers\scripts\cleanup.bat
[SysprepMassStorage]
*pnp0a00=c:\windows\inf\machine.inf
*pnp0a01=c:\windows\inf\machine.inf
*pnp0a04=c:\windows\inf\machine.inf
*pnp0a03=c:\windows\inf\machine.inf
pci\cc_0604=c:\windows\inf\machine.inf
pci\cc_0601=c:\windows\inf\machine.inf
pci\ven_1055&dev_9130=c:\windows\inf\mshdc.inf
pcmcia\micron-mtcf____-392d=c:\windows\inf\mshdc.inf
pci\ven_1179&dev_0105=c:\windows\inf\mshdc.inf
-Section by Section
[Unattended]
OemPnPDriversPath=... We talked about this in Part 1 of this series
DriverSigningPolicy=Ignore This will let Sysprep silently install drivers that are not signed
InstallFilesPath=c:\Sysprep\i386 This should be the location of the i386 folder from the Windows XP CD
TargetPath=\Windows The folder name to install windows to
KeepPageFile=0 Deletes the page file to help make sure no residual from the other hardware is still hanging around
OEMSkipEULA=Yes Accepts the EULA for you automatically
UpdateInstalledDrviers=Yes Reinstalls any drivers that have updates to them
NonDriversSigningPolicy=Ignore Ignores warnings about unsigned files that are not drivers
UpdateServerProfileDirectory=1 More Info The article talks about this setting with a hotfix and SP2, but in this hotfix seems to be included in SP3. This setting takes the administrator profile and copies it to the default profile.
[Sysprep]
BuildMassStorageSection=Yes Extremely important as this will build all mass storage drivers
[GuiUnattended]
AdminPassword=... Set this to your password
EncrypedAdminPassword=NO I always opt out of encrypting the admin password as I have had times this step fails and encrypting the password disables the autologon feature use further down
OEMSkipRegional=1 Skips the Regional options page
OEMDuplicatorString="Clones Name" This is a key put into the registry so you can track what clone a computer came from
TimeZone=10 10 just happens to MST so you will need to change this to your time zone
OEMSkipWelcome=1 Skips the Welcome Screen
AutoLogon=Yes Logs the administrator into the computer automatically after Sysprep finishes
AutoLogonCount=3 Will log the administrator on for 3 reboots. Note that if you log off the PC it will log you right back on until you restart
[FavoritesEX]
Title1="Google.com" This is to add a favorite to IE automatically but it has yet to work for me. Change the number for each new site
URL1=http://google.com The URL to match Title1
[UserData]
FullName="Your Name" The name in which the computer is registered to
OrgName="Your OrgName" The organization in which the computer is registered to
ComputerName=* Let Sysprep pick a random computer name
ProductKey= Put your volume license key in here, if you do not have one leave this value blank. Look for another post from me shortly to get around typing in the key on every computer if you don't have a VLK
[Display]
BitsPerPel=32 32bit color
xResolution=1024 set the monitor to 1024×768
yResolution=764 set the monitor to 1024×768
vRefresh=72 72 Hz
AutoConfirm=1 Confirm the resolution change, if you don't set this to 1 you will need to click ok within 15 seconds to keep the video settings once they change
[TapiLocation]
CountryCode=1 1 is for the US, change this accordingly
Dialing=Tone Set the modem to tone dialing
AreaCode=719 Your area code
LongDistanceAccess="9″ Set this to the number the computer will need to use to get an outside line
[RegionalSettings]
LanguageGroup=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 Installs all languages
Language=00000409 set the default to English/p>
[Networking]
InstallDefaultComponents=Yes Installs all the default network protocols
[Identification]
JoinWorkgroup=Temp Joins the computer to a workgroup called Temp
[GuiRunOnce]
Command0=c:\drivers\scripts\cleanup.bat Runs a program once the computer boots into windows. I will explain cleanup.bat in a little bit
[SysprepMassStorage]
This section is created automatically and contains a list of mass storage drivers.
- Creating the Mass Storage Devices List
Sysprep will need to know what type hard drive drivers to load during setup so you should always create you [SysprepMassStorage] section to help it out will all your drivers. The get this section filled in with all your values run Sysprep.exe with the -bmsd switch.
If you were paying attention to my sample Sysprep.inf file you noticed a cleanup.bat file that would be run on login once the computer was finished Syspreping. This is optional but I always delete the drivers folder off the root of the hard drive. To accomplish this with ease download movefile.exe from Microsoft and place it in a 'scripts' folder within the drivers folder along with a new batch file called cleanup.bat
Edit this cleanup.bat file and add the following to it:
@echo off
cls
title PCHS Clone Process - Cleaning Files
echo.
echo Cleaning unneeded drivers from Sysprep process.
cd /d c:
cd \
"c:\drivers\scripts\movefile.exe" c:\drivers\ "" 1>nul 2>nul
rmdir /s /q c:\drivers\ 2>Nul
del /s /q /f c:\drivers\ 2>nul
This will start a little command window on login that will delete as many drivers as it can and then proceed to delete any it couldn't delete on the next restart. The plug and play section of Sysprep should have installed all the drivers you need from this folder so there is very little use for this folder now.
For this article I used several sources to give you the best as possible explanation.
Resources used are: http://support.microsoft.com/kb/302577
and http://remyservices.wordpress.com/2007/09/28/Sysprep-in-depth-part-5-customizing-Sysprepinf/
In the third part I'm going to explain how to deal with Sysprep when you use VMware for handling your virtual machines.
Read Part 1 here: It's All About Sysprep