In the previous blog post we looked at how to install Windows Deployment Services on Windows Server 2012 R2, and we also looked at how to configure WDS server properties. In part two of this two part series, we will go through the different image types that are used by WDS. We will also cover drivers, servicing images, prestaging devices, and other tasks related to managing Windows Deployment services in Windows Server 2012 R2.
1. Managing WDS
There are four types of images used by WDS: boot images, install images, capture images, and discover images.
Boot images are images that enables computers to boot and begin installing the operating system using the install image. A default boot image is located on the Windows installation media as \Sources\Boot.wim. The Boot.wim file includes both Windows PE and the WDS client.
Install images are the actual operating system images that are deployed to the client computer. You can use the default image in the \Sources folder of the installation media (\Sources\Install.wim), or you can create a custom image by using a capture image or other tools. Custom images can contain other components, such as security updates, hotfixes, additional software and added features and roles.
Capture images are used to create a custom install (reference) image from an existing template computer. You must prepare the template computer with Sysprep and then boot by using the capture image. You have to have sufficient spare disk space on the template computer to save the captured image to a local volume. It can also be saved to a SMB share from a network computer, as long as the share has an assigned drive letter.
If the WDS client does not support PXE boot, you can use a discover image to load appropriate network drivers to begin a session with a WDS server. You will have to boot the Discover image from removable media such as a USB flash drive. Obviously, you can not put a .wim file on a USB flash drive and hope to boot from it, so you will have to use Windows ADK to create a proper WinPE bootable USB flash drive/ISO, which will utilize the Discover image as boot image (replace \media\sources\boot.wim with the Discover image boot.wim).
Both Capture and Discover images are created from a Boot image.
1.1 Boot images
1.1.1 To add a Boot image, Right-click Boot Images node → Add Boot Image
1.1.2 Specify the location for the boot image, click Next
1.1.3 Give the image a name and description, click Next
1.1.4 Click Next and the image will be added to the server.
1.1.5 Click Finish
The priority is a configurable property for both boot and install images. It controls the order boot and install images are presented to clients. Lower value takes presedence, which means the image with the lowest priority value will appear first on the menu that displays the selection of images to choose from.
1.1.6 On the right-click context menu of the boot image, you can perform various actions
Properties, This will bring up the properties sheet, where you can change description and priority of the image
Enable/Disable, A disabled boot image will not be presented to the user on the boot menu
Export Image, Lets you create a backup of the Boot image
Replace Image, Lets you replace the old image with a new one. Old image will be deleted.
Add Driver Packages to Image, Lets you add Driver Packages to the boot image. If you add a boot-critical driver that is corrupt to the boot image, the image may not be bootable or repairable, so it is advised to back up the image before adding drivers.
1.2 Capture Images
1.2.1 To create a capture image, right-click a boot image, and select Create Capture Image
Give the image a name and description, then specify the location you want to save it to. Click Next
1.2.2 At the end of the Wizard you can choose to add the capture image as a boot image on the WDS server.
1.2.3 To capture the operating system state of a computer as an install image, you need to perform the following steps;
A, On the template computer, install Windows, features/roles, security updates, hotfixes and applications.
B, Run sysprep with the generalize option, and shutdown the template computer. Sysprep /oobe /generalize /shutdown
C, Start the template computer with the capture image, and run through the wizard (it will not be covered here).
D, The wizard will let you upload the captured image to the WDS server, as an install image.
1.3 Discover Images
1.3.1 To create a Discover image, right-click a boot image, and select Create Discover Image. Give the image a name and description, then specify the location you want to save it to. You can also optionally specify the name of the WDS server which will respond when you boot a computer with this Discover image. Click Next
1.3.2 Click Finish. You can now save the image to media (for example a USB flash drive) and then boot a computer to the media.
1.4 Install images
WDS organizes install images into an image group to enable them to share common file resources and security. You must create at least one image group.
1.4.1 Right-click the Install Images node, select Add Image Group
1.4.2 Enter a name for the Image Group, click OK
1.4.3 Right-click the Image Group, select Add Install Image
1.4.4 Enter the location of the Windows Image File, click Next. The Image File can be in either .wim , .vhd or .vhdx format
1.4.5 If the image file contains multiple images, you can select the images you want to add to the WDS server
1.4.6 Specify a name and description for the images
1.4.7 Click Next and the images will be added to the WDS server
1.4.8 Click Finish
1.4.9 On the right-click context menu of the install image, you can perform various actions
Properties – This will bring up the properties sheet
Lets you change Description and priority of the install image. In addition, you can allow the image to be installed in unattended mode by specifying an answer file.
Gives you various information about the image
You can use filters to define which clients get this image for installation. Such as computers from a specific manufacturer or biosvendor.
User Permissions Tab
Lets you define permissions various users and groups have for the install image. Authenticated Users for example have the Read&Execute and Read permissions.
You can define user permissions for all install images in an image group, by right-clicking the Image Group and selecting Security
Enable/Disable – A disabled install image will not be presented to the user on the install image menu
Export Image – Let you create a backup of the Boot image. If you want to copy install images between Image Groups, you can utilize this action. You can also use the Export-WdsInstallImage and Import-WdsInstallImage Powershell cmdlets. The Copy-WdsInstallImage cmdlet allows you to copy an image only within the same image group.
Replace Image – Lets you replace the old image with a new one. Old image will be deleted.
1.5 Pending Devices Node
Unkown Computers that are awaiting administrator approval during PXE boot will be found here. You can Approve, Reject or Name and Approve these devices. If you select Name and Approve, you can specify various options.
1.5.1 You can define the Device Name and which OU it should be created in
1.5.2 You can also define if it should download Boot Program and Boot Image from a specific server, and which Boot Program and Boot Image it should download
1.5.3 Next you can configure the client to use an unattended answer file
1.5.4 And finally, you can configure permissions on the computer account in AD for a specific user
1.6 Active Directory Prestaged Devices Node
You can prestage devices before you PXE boot them. These are defined as known client computers
1.6.1 To prestage a device you need to define a Device ID, which must be a GUID, MAC address or DUID. You can also link the device to a Device Group.
1.6.2 The rest of the steps are quite similar to when you Name and Approve a device in the Pending Devices Node, only real difference is that you can define PXE Prompt Policy for prestaged devices
You can add driver packages to the WDS server, and then define which client computers will install them using driver groups. You can also add the driver packages to boot images. The package must be extracted (driver’s .inf file), and cannot be an .msi or .exe file.
1.7.1 To add a Driver package, right-click Drivers -> Add Driver Package
1.7.2 You can either import individual driver packages, or all of the drivers in a set of folders
1.7.3 If you select the Select all driver packages from a folder option, it will search recursively in all subfolders, and then you can select which one of the driver packages in the specified location you want to add to the server
1.7.4 Once you have made your selection, and clicked Next, you can then view more information about a specific package by double-clicking it. You can for example find out which files the package is composed of. Or what drivers are included in the package.
1.7.5 After adding the drivers to the server, you can add them to a driver group. A driver group is a collection of driver packages that are available to a select group of clients. Drivers must be added to driver groups in order for them to be available to clients. Only driver packages that have been added to the server, can be added to Driver groups.
1.7.6 You can modify the filters that determine which clients get the drivers at the end of the wizard. Or you can right-click the driver group, and select Modify filters for this Group. If you do not define any filters, the drivers in the group will be available to all clients, but they will only be installed if they match the client hardware.
In addition to the Windows Deployment Services console, you can use the Windows PowerShell *-WdsDriverPackage cmdlets to manage your drivers and driver packages. The cmdlets available include these:
Add-WdsDriverPackage Adds a driver package from the WDS driver store into a driver group or injects it directly into a boot image.
Disable-WdsDriverPackage Makes a driver package in the WDS driver store unavailable to clients without removing it from the driver store.
Enable-WdsDriverPackage Makes a driver package in the WDS driver store available to clients. Packages are enabled by default when added to the WDS driver store.
Get-WdsDriverPackage Gets the properties of all the driver packages in the WDS driver store, or the properties of a specific package if you specify the name or ID (GUID) of the package.
Import-WdsDriverPackage Imports a driver package into the WDS driver store and optionally adds it to a driver group.
Remove-WdsDriverPackage Removes a driver package from a WDS driver group, or removes it from all driver groups and deletes it completely from the driver store.
The WDS Windows PowerShell cmdlets do not allow you to create or directly manage the properties of driver groups. You can manipulate the contents of driver groups, but not create new driver groups.
1.8 Multicast Transmissions
You can significantly reduce the amount of network bandwidth used for transmission of install images by creating a multicast transmission for specific install images. The multicast transmission transmits the image to multiple clients using a single transmission, instead of one transmission for each client. You can only create one multicast transmission per install image.
1.8.1 On the Multicast Type page, you can define what type of multicast transmission you will perform
A transmission starts when a client requests the image. If another client requests the same image, the client will join the existing transmission.
You can choose to either start the transmission when a specified numbers of clients have requested the image, or at a particular date and time. This is the best option when performing large deployments. Btw, if you don’t select any of the options, you will have to manually start the transmisson.
2. Serivcing Images
2.1 Updating images with security updates, hotfixes, and drivers
2.1.1 You can use a capture image to create an updated install image that includes current hotfixes and updates, or you can use the Dism commands and the Powershell Dism module to mount an offline image and update it directly. I will not be getting into details about that here, as the blog post has already gotten quite lengthy.
2.2 Installing or removing features in offline images
2.2.1 You can add or remove Windows features in an existing image or virtual hard disk by using the Enable-WindowsOptionalFeature cmdlet or the Disable-WindowsOptionalFeature cmdlet, respectively. You can modify the currently running image with the -online parameter, or modify an offline image or virtual hard disk by mounting it and modifying the mounted image. You can also use the Install-WindowsFeature and Uninstall-Windowsfeature to add or remove roles, features and role services on on an offline virtual hard disk (VHD) on which Windows Server 2012 R2 is installed.
2.3 Working with vhd and vhdx install images
You can add vhd and vhdx files as install images. .vhd images are only used for booting from VHD scenarios, and they are not applied directly to volumes. The .vhdx format is supported for VHD boot scenarios in addition to direct application to system volumes (similar to .wim deployments).