Windows 10 key after deployment
-
@sunks Hi, do you remove the key before you take your golden image?
I activate all our machines this way (they all have the oem win 10 pro key in the bios). -
@x23piracy No, habitually we activate the windows and then we take the master image.
-
@sunks for my masters i use two old windows 7 oem licenses (dvd box) one for legacy and one for uefi image.
I use virtual box to prepare my images and i activate each with one of the windows 7 oem licenses.
(I need to activate win 10 before sysprep because else you cannot configure all system settings)Then i sysprep without removing any license information.
After deployment on a computer which has windows 10 oem license key in bios i run my setkey.exe snapin and the machine is activated.
Actually i have no idea why that isn’t working for u.
Is it possible to have access via teamviewer to one of your machines to have a look?
Regards X23
-
@x23piracy said in Windows 10 key after deployment:
@sunks said in Windows 10 key after deployment:
Thanks, i’ll check that
don’t forget reimaging is not allowed with OEM, but pssst i also do it
Regards X23
You crack me up, x23.
Personally, my view of the OEM thing is that the rules explained in layman’s terms are outdated. Computer cloning was what we did in the past (an absolute copy in every regard from one computer to another) and that computer imaging is what we have now with FOG (image deployment that is not an exact copy). FOG is able to deploy sysprepped systems, and deploy the exact OS key to the exact system it belongs to - without re-using keys. I think that if the actual words in Microsoft’s TOS were re-evaluated today while taking into consideration what FOG can offer, I believe wholehartedly that MS would find FOG’s capabilities to be within compliance of their TOS if the admin inputs each OEM key for each individual host that it belongs to. Failure to see this would just mean more organizations abandoning windows totally (like my last job did) in favor of ChromeOS or Linux…
-
@wayne-workman the only reason for this is that ms is pushing us in the enterprise sector. Think about the SAM examinations in the last couple months all over the world. The question is what could be an indicator for ms to detect an reimaged system that wasn’t allowed to be reimaged? Where are that dirty bits and flags on the system, registry, filesystem?
I even don’t understand why i am should not allowed to reimage such OEM System, every of our computers has its unique key for windows 10 pro in its bios, after each deployment i read out that key from bios and activate that windows with this key right after deployment by executing a snapin thats doing the job.
I would loose a big amount of time if i go to install each computer by hand, even each software and its special settings.
-
I’ll keep you update soon for my problem and the resolution, for now i’m a bit busy,
Thanks for your help !
-
@x23piracy How are you fogging your Win10 machines?
I can create a fresh image and deploy to Bios in Legacy mode but then I can’t use the embedded key.
All my attempts at UEFI capture/deploy fail.
We are a Dell shop – would love to know how you are accomplishing this.
-
@thequicken i setup two virtual windows 10 machines in virtual box. one will be installed with gpt and one with mbr (legacy, efi image). (The ISO for install is created by the windows media creation tool, windows 10 pro).
I start the install and then i go into admin-mode (when the first settings appear in the setup strg + shift +f3). Then i activate both machines with oem licenses (win 7 dvd box with a sticker), if windows 10 is not activated you cannot set every option until it’s activated.
Then i install software and play with the settings.
Finally i sysprep the machines and capture them.When i now deploy such image, i use setkey.exe as a snapin to read the bios key and activate the machine with it.
don’t forget i use an answer file (unattend.xml) so the windows setup (oobe) will run automatically.If you need i can show you the scripts i use.
FYI virtual box doesnt offer a EFI network boot, to capture or deploy a virtual box EFI system i disable EFI and boot via network boot in legacy mode, after deployment or capturing i enable EFI again for that vm host (else it won’t boot).
What’s your installation base if you say you cannot activate with bios key? Do you use something else then OEM Media? Maybe a Install Base for VL?
Regards X23
-
@x23piracy In the past we had some problems with sysprep and our anitivirus, so we are not using it. We don’t have a windows domain so it’s not a problem.
I still would like to see ur unattend.xml to see how you make it work!
-
<?xml version="1.0" encoding="utf-8"?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> <settings pass="windowsPE"> <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SetupUILanguage> <UILanguage>de-DE</UILanguage> </SetupUILanguage> <InputLocale>0407:00000407</InputLocale> <SystemLocale>de-DE</SystemLocale> <UILanguage>de-DE</UILanguage> <UILanguageFallback>de-DE</UILanguageFallback> <UserLocale>de-DE</UserLocale> </component> <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DiskConfiguration> <Disk wcm:action="add"> <CreatePartitions> <CreatePartition wcm:action="add"> <Order>1</Order> <Type>Primary</Type> <Size>100</Size> </CreatePartition> <CreatePartition wcm:action="add"> <Extend>true</Extend> <Order>2</Order> <Type>Primary</Type> </CreatePartition> </CreatePartitions> <ModifyPartitions> <ModifyPartition wcm:action="add"> <Active>true</Active> <Format>NTFS</Format> <Label>System Reserved</Label> <Order>1</Order> <PartitionID>1</PartitionID> <TypeID>0x27</TypeID> </ModifyPartition> <ModifyPartition wcm:action="add"> <Active>true</Active> <Format>NTFS</Format> <Label>OS</Label> <Letter>C</Letter> <Order>2</Order> <PartitionID>2</PartitionID> </ModifyPartition> </ModifyPartitions> <DiskID>0</DiskID> <WillWipeDisk>true</WillWipeDisk> </Disk> </DiskConfiguration> <ImageInstall> <OSImage> <InstallTo> <DiskID>0</DiskID> <PartitionID>2</PartitionID> </InstallTo> <InstallToAvailablePartition>false</InstallToAvailablePartition> </OSImage> </ImageInstall> <UserData> <AcceptEula>true</AcceptEula> <FullName>admin</FullName> <Organization>company</Organization> </UserData> <EnableFirewall>true</EnableFirewall> </component> </settings> <settings pass="offlineServicing"> <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <EnableLUA>false</EnableLUA> </component> </settings> <settings pass="generalize"> <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipRearm>1</SkipRearm> </component> </settings> <settings pass="specialize"> <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <InputLocale>0407:00000407</InputLocale> <SystemLocale>de-DE</SystemLocale> <UILanguage>de-DE</UILanguage> <UILanguageFallback>de-DE</UILanguageFallback> <UserLocale>de-DE</UserLocale> </component> <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipAutoActivation>true</SkipAutoActivation> </component> <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <CEIPEnabled>0</CEIPEnabled> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <WindowsFeatures> <ShowMediaCenter>false</ShowMediaCenter> <ShowWindowsMail>false</ShowWindowsMail> </WindowsFeatures> <ShowWindowsLive>false</ShowWindowsLive> <DoNotCleanTaskBar>true</DoNotCleanTaskBar> <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled> <ComputerName>company-pc</ComputerName> <CopyProfile>true</CopyProfile> </component> <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <BlockPopups>yes</BlockPopups> <CompanyName>company</CompanyName> <Home_Page>http://www.google.de</Home_Page> <DisableFirstRunWizard>true</DisableFirstRunWizard> </component> </settings> <settings pass="oobeSystem"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <AutoLogon> <Password> <Value>password</Value> <PlainText>true</PlainText> </Password> <Enabled>true</Enabled> <LogonCount>1</LogonCount> <Username>username</Username> </AutoLogon> <OOBE> <HideEULAPage>true</HideEULAPage> <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> <NetworkLocation>Work</NetworkLocation> <SkipUserOOBE>true</SkipUserOOBE> <SkipMachineOOBE>true</SkipMachineOOBE> <ProtectYourPC>3</ProtectYourPC> </OOBE> <UserAccounts> <LocalAccounts> <LocalAccount wcm:action="add"> <Password> <Value>password</Value> <PlainText>true</PlainText> </Password> <Description></Description> <DisplayName>username</DisplayName> <Group>Administrators</Group> <Name>username</Name> </LocalAccount> </LocalAccounts> </UserAccounts> <RegisteredOrganization>company</RegisteredOrganization> <RegisteredOwner>admin</RegisteredOwner> <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> <FirstLogonCommands> <SynchronousCommand wcm:action="add"> <Description>SetupComplete</Description> <Order>1</Order> <CommandLine>C:\Windows\Setup\Scripts\SetupComplete.cmd</CommandLine> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <Description>Control Panel View</Description> <Order>2</Order> <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <Description>Control Panel Icon Size</Description> <Order>3</Order> <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 1 /f</CommandLine> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> </FirstLogonCommands> <TimeZone>W. Europe Standard Time</TimeZone> </component> </settings> </unattend>
-
@x23piracy I think this is the problem, i have to sysprep before imaging if i want to activate a cloned windows 10 (for OEM w10 key).
If i don’t sysprep, he don’t want to activate it and say something like: “the previous windows, before the upgrade to windows 10, wasn’t activate”. -
@sunks what have you thougth when to sysprep? sure this needs to be done before you image.
-
@x23piracy Well for windows 7 it wasn’t needed to sysprep to activate windows 7 licence and since we don’t have a microsoft domain it wasn’t necessary to use sysprep anyway… i think… It was working at least… xD