GSS2/Vista/Sysprep/3rd party drivers
Updated: 11 Sep 2010 | 13 comments
I want to preface this post with an apology in case a sysprep focused topic is not welcome on this forum and also for the shear length of what I am about to write. I am writing this to hopefully help others working on a Vista/GSS deployment method. We have been using GSS 1/1.1 to successfully deploy various XP images for a few years. A simple overview of what we do is build a fully patched and sysprep'ed Windows image with all needed drivers for our hardware platforms (mostly Dell Optiplex and Latitude). When this image is deployed via Ghost the only option given to the technician is to name the computer. After getting a name, sysprep continues with normal items such as resetting the machine SID, detecting drivers, binding to the domain and running pre-defined scripts. If the image is pushed from the console in conjuction with configuration the name is automatically filled in and the deployment is zero-touch.
My project for the last week has been to get similar functionality using Vista and the new sysprep with GSS2. While all the pieces appear to be present, it wasn't quite as straight-forward to assemble. I had no problem creating basic images with GSS2 as it worked nearly the same as previous versions. Same results with restoring images; it just worked. The real problems are with sysprep because Microsoft tailored much of the functionality to the new imagex/BDD tools which are part of Vista. While this new method is very promising (free, built-in to the OS) it does not have mutlicast and that is a deal breaker for us.
There are several pieces of the new sysprep which caused me problems. I won't go into exact details here, but will cover the basics of what I did to overcome the problems. The main reason I am putting this on the forum is that I couldn't find the slightest bit of documentation in regards to sysprep'ed Vista deployment via Ghost. I don't claim anything listed here to be official or correct and others may have better knowledge. If you do have better methods or you have learned a trick or two please list it in the forum so everyone can benefit.
The first issue was forcing sysprep to automatically fill in all Windows Welcome settings EXCEPT the computer name. This is deceiving because the Windows System System Image Manager (http://www.microsoft.com/downloads/details.aspx?FamilyID=c7d4bc6d-15f3-4284-9123-679830d629f2&DisplayLang=en) actually includes settings named SkipMachineOOBE and SkipUserOOBE which, when enabled, skip all of the Windows Welcome settings, but doesn't allow to define them properly. In order to maneuver this section you must fill in the proper values listed here (http://technet2.microsoft.com/WindowsVista/en/library/3a66e19d-55b4-4d61-95ba-0b648b349a811033.mspx?mfr=true). By filling in all settings barring computer name, I am only prompted for the computer name (and the final "Start" button) during install.
The next issue is forcing the newly sysprep'ed and named computer to join our domain. Once again, this is deceiving because the WSIM tool actually has settings which force a domain join and they appear simple. After several failed and frustrating tests I found that my problem was workflow related as opposed to a malfunctioning Microsoft tool. The UnattendedJoin step can only occur during the specialize pass (pass #4), but the computer does not get a correct name until the oobeSystem pass (pass #7). This is where I discovered the primary problem with the new WSIM tool; many of the components seem very useful in any number of the 7 passes, but are only available in a select few. Because of this I am not able to add the UnattendedJoin at the end of the sysprep proecess. To side-step the problem I downloaded the netdom.exe tool (part of WinXPSP2 Tools - http://www.microsoft.com/downloads/details.aspx?FamilyID=49ae8576-9bb9-4126-9761-ba8011fabf38&DisplayLang=en) to my image and call it via a FirstLogonCommand script to perform the AD join with the correct computer name.
The final piece I will try to cover in this post is adding/detecting/installing 3rd party hardware drivers during the sysprep process. Once again, Microsoft seems to have given us the needed tools in WSIM, but it didn't work for me with Ghost. The obvious solution is to use the DriverPath component during the WindowsPE (pass #1) or AuditSystem pass (pass #5). I should state that this does work, but it presented several problems. First of all we aren't using WindowsPE so that is useless and the AuditSystem pass nearly doubles the amount of time it takes to complete the sysprep process at first boot and more importantly, it ceases the unattend process at the AuditSystem pass. This may be where another more seasoned WSIM/sysprep guru could help because I could not find a realistic method to script a reboot into the OOBE pass at this point. It could be done with a RunOnce script built-in to the image, but that would need to be managed to run exactly when needed. Once again I was not able to run a (A)Synchronous command/script at this point because that is not available for the AuditSystem pass (only AuditUser). This led me to rule out the Audit passes as an option and move another direction. What I found to fill the gap was a new tool built into Vista called pnputil.exe which specifically manages driver install/uninstall. By placing all needed drivers in a folder such as C:\drivers in my image and running a RunSynchronous command (script) containing the line "C:\Windows\System32\pnputil.exe -i -a C:\drivers\*.inf" during the specialize pass I was able to correctly install needed drivers. At this point I also added the line ("C:\Windows\System32\reg.exe" add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f) to set the type of network because the ProtectYourPC and NetworkLocation settings in the OOBE pass of WSIM do not seem to work correctly. I believe this has been reported as a legitimate bug to Microsoft, because regardless of setting this in the unattend.xml file I was always prompted during first logon to choose my network type.
As I stated at the beginning, this is just a ramble of the methods I used to get Vista sysprep to cooperate with Ghost in our environment and it may not be perfect, but I wanted to share my findings so others could possibly benefit. Happy Ghosting!
Message Edited by rmlenger on 05-06-200704:29 PM
Discussion Filed Under:
Comments
Excellent post! Thanks for this, and there is no need to apologise... process tips and tricks like this are always welcome here and I appreciate you taking the time to share it with everyone.
for adding and installing 3rd party drivers
for adding and installing 3rd party drivers, has anyone tried using the program sysprep driver scanner. http://www.vernalex.com/tools/spdrvscn/index.shtml
Used it for Windows XP and it worked great.
I still use that utility on
I still use that utility on our XP builds, however Vista, Windows 7, Server 2008 & Server 2008 R2 change the way drivers are searched for. The whole reason for spdrvscn is so INF files can be recursively added to the registry; XP just doesn't do that on its own. Vista and the others do search recursively, so using that utility isn't needed. I'm not even sure that it works with Vista.
The other reason why spdrvscn works so well is because if you use the PnPDeviceDrivers line in a XP sysprep file, it has a hard limit. The registry theoretically doesn't. Vista's method (and the other OS's) make things much easier.
Hi Luman how do you add third
Hi Luman
how do you add third party drivers to Windows 7.
I'm trying to make my image work with different Dell optiplex and during the sysprep process it will automatically install 3rd party drivers for the different optiplex that I have. I used the spdrvscn on Windows XP which worked great.
For Vista, Windows 7, Server
For Vista, Windows 7, Server 2008, and Server 2008 R2, sysprep as a whole is completely different. Adding drivers involves one of a few methods.
a) Run %systemdrive%\Windows\System32\sysprep\sysprep.exe /audit /reboot /unattend:<path to your sysprep.xml file>
Your sysprep file needs to have a few things in it if you're going to run Audit. Namely you should have, in the auditSystem pass,if you're running in a 32-bit environment:
1. x86_Microsoft-Windows-Deployment_neutral
a) With a "Reseal" line in there too. Reseal can be set to "ForceShutdownNow" as "False" and "Mode" to "Audit"
2. x86_Microsoft-Windows-PnpCustomizationsNonWinPE_netural
a) With a Path line in there too. The path should point at a directory containing your drivers. Again, Vista, 7, and Server '08 search recursively. So you can have one path that points at a parent directory with sub-directories in it. This way you can keep things real organized however way you want. Up until recently (because I'm using point "b" below, with DPInst now, primarily) I had all my drivers stored in the image. Unfortunately with all drivers this was beefing up my image by a few Gigs. Now I only have S-ATA/AHCI/LAN drivers stored locally. All other drivers are stored on a server and get installed via point "b" below.
3. x86_Microsoft-Windows-Shell-Setup_neutral
a) With an "AutoLogon" line in there too. This is so the machine has something to log into during the Audit phase. In my case, because I'm also using the built-in admin to setup a custom default profile (see "CopyProfile" in the WSIM), I set this to log into the built-in admin. By default the built-in admin is disabled. It gets enabled during Audit for however many times you have it set to auto-login during Audit. When I'm logged in as the typical admin account, outside of the Audit phase, I have set the built-in admin's password to some value. You need to insert that value in the "AutoLogon" as well in order to have Audit completely succeed.
4. Once you're done with Audit, you can create your image. Tell Ghost (via Task in my case) to start creating your image. Use sysprep with /generalize. I do this while logged in as the built-in admin during the Audit phase.
5. Stick in a similar x86_Microsoft-Windows-PnpCustomizationsWinPE line in the windowsPE pass in the WSIM in your answer file. Insert a Path line there too with the path & the credentials matching what you put in for it during the auditSystem pass.
or
b) In the WSIM, in the Specialize pass , you can insert a RunSynchronous command using DPInst. Get to know this tool if you choose this route. It's from Microsoft and obtainable in the Windows Driver Kit (think that's the name). In my Synchronous Command I run:
And in that .cmd file:
Now, see where I call dpinst.exe? In the same directory as dpinst.exe there exists a file that MUST be named dpinst.xml, this is where I call the flags for dpinst.exe. Nice part about dpinst.exe is that it's fairly modular. No dll's to really rely on, you can tote the .exe just about anywhere. Here's my dpinst.xml file:
When DPInst is done installing drivers, I have a second RunSynchronous command that deletes that .cmd file, given I have a password stored in the cmd file. That's the downside. Be responsible with your server shares, accounts, etc. The account I use has read-only access to only that share and that's it.
So with all that, I can get my drivers installed in the Specialize pass during Sysprep. Now this thing WILL BREAK if you do not get your LAN drivers installed during the WinPE pass first, because if the LAN drivers are installed during Specialize, and the network connection is broken because a newer driver is installed, or the network connection can't be made because the LAN drivers weren't there in the first place, it stops this thing dead in its tracks.
This hasn't been a problem for me as long as I include the LAN drivers in the image, using /audit like I mentioned. Using DPInst isn't some requirement, it's something I've picked up and pieced together over numerous forum postings, checking MS's MSDN & TechNet sites, etc. As long as you run /audit and have all drivers in there, you should be ok. If you want to reduce the overall size of your image and speed up the Audit phase, then adding in this DPInst strategy works really well.
As as word of caution, during Audit, if you choose to just go with it and forego using DPInst, thus having all your drivers in your image, Audit can take a while depending on how many drivers you have. We had about 7+ Gig's of drivers for our models with Vista. With 7 I really streamlined it by paying attention to which drivers apply to multiple models (thus reducing overlap, duplication, etc). With Vista, Audit used to take 3+ hours on an Optiplex 760, which was the machine I used to create my builds. I have found that Windows 7 takes about 30 minutes, a HUGE difference, even with my old driver set; 7+ Gigs.
I hope this all makes some sense.
Luman does your instructions
Luman
does your instructions work for Windows 7 64bit RTM.
Instead of using your x86_Microsoft-Windows-Deployment_neutral can I use the amd54 Microsoft Windows Deployment neutral
thanks for the info Luman, I
thanks for the info Luman, I building the ghost image for the Optiplex 755 and want that one ghost image to work with a Optiplex 745 will your instruction work for that. I just using simple Ghost cast server for single machine deployment at this time. Our company wants to deploy Windows 7 64bit. Will that mean any changes in your instructions.
Thanks for your help.
in the answer file panel
in the answer file panel there is the Create Partition component. Did I need to have this section filled out. Ghost does make a Partition for me automatically.
Luman question for you!
After messing around with sysprep for quit sometime now, I have decided to try your second method of using dpinst.exe. I have everything setup like you show above, but I keep getting an error message during sysprep that says "Sysprep encounter an error during the Window-Deployment section. I have input a Synchronous command in the Specialize pass. Any ideas or suggestions. Thanks!
AUDIT Pass for Device Drivers
I have been experimenting with the first option, since image size isn't an issue in this case, and I have some questions.
I used Microsoft's USB tool to copy my Windows 7 Enterprise x32 KMS CD to a USB drive.
I used Microsoft Deployment Workbench to build my driver folder. I unpacked most of the drivers from Dell self-executing files, and some from Intel Zip files. I then imported them into the Out-of-Box Drivers in MDW. This uppacked all the cab files and created a very nice driver folder structure with no repeated drivers.
I copied the drivers from that deployment share to my USB drive in a sysprep folder.
I used WAIK to build my answer files. I created an autounattend.xml, auditdrivers.xml and a sysprep.xml. The autounattend.xml I created using the guide above.
I copied the autounattend.xml to the root of my USB drive, and the others to the sysprep folder.
I wrote a couple batch files to make my process more repeatable.
First BATCH 1 is ran to copy the drivers to C:\D, and run the AUDIT pass.
BATCH 1
After that BATCH 2 is ran to perform the SYSPREP
BATCH 2
PROBLEM:
After BATCH 1 is ran the computer boots back up into AUDIT mode, and apears to have some new drivers installed. After I cancel the AUDIT GUI, I notice several "Open File - Security Warning" boxes for EXE's were loaded by the drivers.
IGFXTRAY.EXE (Intel Graphics tray icon)
IGFXPES.EXE (Intel Graphics exe)
HKCMD.EXE (another Intel Utility)
SMAX4PNP.EXE (SoundMax Audio Driver)
I figure at this point it's because it hasn't been syspreped and is still in AUDIT mode, so I run BATCH 2.
After I Ghost the computer and deploy it to a couple workstations, they all complete OOBE and then present with similar Open File - Security Warnings. Clicking continue on any of these warnings results in the same action as if I had hit cancel.
This process is different than what I'm used to. In XP, I hand grew my sysprep process over years, eventually ending up with Universal XP images using a combination of MySysprep (HAL correction), DriverGenius (to farm drivers off of computers) and DriverPacks for thier Mass Storage driverpack.
I never had this happen were an EXE attempted to lauch after a driver install, and was blocked.
Anyone run into this before?
Correction. All of my
Correction. All of my drivers seem to be loading, but any EXE file that is lauched on first boot is prompting the "Security Warning - Open File" dialog.
If I allow it the driver utility will load.
Next reboot it starts all over again, prompted to allow the execution of the touchpad, audio, and graphics driver utility EXE files.
What did I do wrong?
THIS was my problem
THIS was my problem :(
http://blogs.msdn.com/gblock/archive/2006/12/19/tips-steams-zones-vista-and-blocked-files-in-ie.aspx?CommentPosted=true#commentmessage
I had downloaded all of my drivers from Dell. I never used vista in the Enterprise so this was a new one to me.
Would you like to reply?
Login or Register to post your comment.