This article explains a method where you can integrate (or slipstream) all of the necessary Service Packs and Windows Updates into your install script. This ensures that your computer is up-to-date (Martha Stewart would call this, "a good thing".) from the minute Windows is done installing.
With the number of hackers and ill doers out there, installing Windows can be a dangerous task. If you don't get the newest updates on your computer -- as quick as possible -- you open yourself to malicious attacks.
The only problem is that downloading and installing Windows updates takes time, a lot of time. This becomes a big task if you are using an original Windows XP install CD (from 2001). That means you have to download Service Pack 2 and over 90 Windows Updates.
In my opinion, that increases security and peace of mind a lot.
Let's roll up our sleeves and start building our scripted Windows XP CD.
Overview:
In this article I will walk you through all of the steps you need to take to integrate (or slipstream) all of the latest and greatest Windows Service packs, Windows Updates, and hotfixes.
Setting it all Up:
The first thing we need to do is copy your Windows XP CD to your computer. Create a folder on your desktop (right-click >> New >> Folder) and name it something like WinXP. Then, go to My Computer and right-click on your CD drive. On the menu, go to "Explore." A new window will appear. That window will show you the contents of your Windows CD. Select all of the files and copy them to your newly created "WinXP" folder. It will take a few minutes to copy all of those files, so sit back and relax until it is all done.
The Files:
When the files are done copying open the "WinXP" folder. I have a picture of what it should look like below:
It is important to have a basic understanding of what files are on the Windows CD. Below is a brief explanation of the most important files on the CD:
- DOCS: This folder contains the release notes for Windows XP. This folder can be deleted.
- DOTNETFX: This folder contains Microsoft .NET Framework Setup files
- I386: This folder contains Windows. The files in this folder are compressed. During the installation process, the files are uncompressed and organized in a way that makes Windows work properly. It contains thousands of files. It is amazing to me that they can all work together to make a modern operating system.
- SUPPORT\TOOLS: These files are really helpful to system admins. It contains a bunch of tools that help us do our jobs better. Make sure you poke around in this folder for a bit. The most useful file I have found is called "DEPLOY.CAB." This file goes through the ins and outs of creating a custom Windows install. This is what Microsoft says about the tools found in this folder: "The Windows Support Tools for Microsoft WindowsXP Professional and WindowsXP 64-Bit Edition are intended for use by Microsoft support personnel and experienced users to assist in diagnosing and resolving computer problems. For individual tool descriptions, see the Windows Support Tools online tool documentation (Suptools.chm)."
- VALUEADD: Microsoft describes the content best. They said: The Value Added Folder contains extra components that are shipped with Microsoft® Windows®XP. Many of these components have not been fully tested for compatibility with WindowsXP; however, they can still add value to your WindowsXP system if you decide to install them. The MSFT folder in the Value Added Folder contains software and associated information that is developed and written by Microsoft. The components in this folder are supported by Microsoft. The 3rdParty folder in the Value Added Folder contains software and associated information developed and written by other parties. None of the software programs in this section of the Value Added Folder is a Microsoft product, and Microsoft's inclusion of these programs in this Value Added Folder does not imply any endorsement by Microsoft of such programs, any claims made about such programs, or such programs' ability to operate in conjunction with any Microsoft products.
Most of what we will be doing now, and in the future deals with the I386 folder. That is actually where all of the files that will become the Windows operating system, it makes sense that most of the tweaks will occur here.
Service Pack 2:
The first thing that we need to do is to download Service Pack 2. Click the following link to download "Windows XP Service Pack 2 Network Installation Package for IT Professionals and Developers." If you are interested in what Service Pack 2 brought to the table, click here. Make sure to save it to your desktop so you can find it easily in the future. The file is about 266 MB. It may take a few minutes to download.
The file is named: "WindowsXP-KB835935-SP2-ENU.exe." Once the file has been downloaded, open a command prompt (Start >> Run >> cmd.exe). Navigate to the desktop. Now type in: "WindowsXP-KB835935-SP2-ENU.exe /?" (without the quotes). The following window will appear:
Once the files are done extracting you will see the following window:
This screen tells us everything that we can do with this file. I would like to integrate (slipstream) these files into the WinXP folder we created. Now, go back to the command prompt. Type in:
"WindowsXP-KB835935-SP2-ENU.exe /integrate:C:\path\to\desktop\WinXP"
(without the quotes). The following window will appear:
Now, all of the files are being extracted into the WinXP folder we created earlier. This is replacing all of the old and unneeded files from our original Windows XP CD with new files. After everything has been extracted, a window will appear telling us that everything extracted the way it should have. Press the OK button. If we use the files in the WinXP folder now, we would be installing Windows XP Service Pack 2. Pretty amazing huh?
Windows Updates and Hotfixes:
At this point, the files in the WinXP folder are current as of August 25, 2004 (the release date of Service Pack 2). Since then there have been over 90 updates to Windows XP. If we used the files right now. Our computer would be sort of, kind of secure. The thing that will really make our installation secure is to integrate those 90+ updates into our WinXP folder. How do we do that.
There are many ways to get all of the needed updates integrated. You can use "RyanVM Integrator" or "nLite." Both of these programs use the same files to integrate in. You can find them here. Many thanks to RyanVM for all the work he has contributed to this process.
I like to do things the hard way. For some reason, if I manually do things I feel like they turn out better. The first thing that I do is burn the files from the WinXP folder onto a CD (make sure the CD is bootable). Then, using the CD I just burned I install Windows on a computer that is not connected to the Internet. After Windows is installed, I run Windows Update. That will generate a list of the updates that are needed to bring our project up to date. Next, on another computer I start to search and download all of the Windows Updates. I have found that when searching for updates, it is best to go through Google. My searches look something like this: "KB873339 Windows XP download" (without the quotes).
Each update has to be integrated just like the Service Pack. Here is an example of how to integrate a downloaded update:
"WindowsXP-KB873339-x86-ENU.exe /integrate:C:\path\to\WinXP"
If you need some more help, please visit this useful site. If you want to see another approach, here is a different set of directions of what I just took you through.
The Problem:
Well, the problem is that a few updates won't integrate. There are several reasons for this. Lets say that you have 5 updates, we will call them A, B, C, D, and E. Lets say that update E will only install until after update B is installed. If you go through Windows Updates, this is not a problem. But, when you try to integrate these updates into our WinXP folder it does not work. Especially if update E replaces files found in update B. The Windows XP installer is not advanced enough to get around this problem. Another instance where the update will not work is if it requires a reboot. The reason that computers have to reboot after we install a file or update is because Windows is currently using a file that needs to be replaced. If update A needs to replace files, but can't until a reboot that is a problem. Especially if update C deals with the same files. I am not sure if I explained any of this very well, but it is complicated.
If you use RyanVM or nLite you won't have to worry about this. When you download RyanVM's Windows XP Post-SP2 Update Pack, it only has the updates that will integrate. Why did I go through all of this? I don't want you to be shocked when you install your new and up to date Windows and find that there are a few updates you need to install. That is a normal thing.
There a few updates that you should not try to update. Here they are:
- .NET Framework 2.0 (and updates or security updates)
- .NET Framework 3.0 (and updates or security updates)
- KB935448 (High Definition audio update)
Most of the updates will integrate, and it will save you a ton of time.
Service Pack 3:
There has been a lot of press about Service Pack 3. When it comes out, it it will include all of the updates since Service Pack 2. It will also contain some updated drivers. Hopefully it will also contain all of those updates and hotfixes that cannot currently be integrated.
Conclusion:
In this article we have copied our Windows XP CD to our computer into a folder called "WinXP." Then we downloaded and integrated the Windows XP Service Pack 2 files into the WinXP folder. The integration process updates our original Windows XP files with updated Service Pack 2 files. Next, after we determine what other Windows Update/Hotfixes are needed, we can download and integrate them into our WinXP folder. Once we have downloaded all of the files, we can burn the files in the WinXP folder onto a bootable CD. Using this CD we can securely install Windows XP (with most of the needed updates). This is a major step in the scripted Windows install.
In the next article we will talk about how to create an answer file. This answer file is what makes a silent install of Windows possible.
Scripted OS Install - Part 1: Installing Windows XP
Scripted OS Install - Part 3: The Answer File