Windows Sysprep Breaking

george1421

@agray said in Windows Sysprep Breaking:

Do I need to use the iso from the volume license?

I would say yes, start with your VLK media. The setupcomplete.cmd will run as expected as well as a few other things that MS has blocked from running if you use the OEM media kit. And if it was me with MS coming out with 2 releases per year… I would create my reference image with MDT (microsoft deployment toolkit) to avoid that whole audit mode mess. Just have MDT create your golden image on a VM using the lite touch approach. You will probably spend a better part of one work week setting up MDT and perfecting your image. But on the back end, when a new version of win10 is released you just import the media and copy over your task sequences to a new task sequence and deploy. Using the lite touch approach all of your applications and custom settings can be auto installed into your Golden image. I can go from having a new version ISO to start to deploy a new golden image in about 20 minutes. That golden image will be ready to be captured by FOG without any human interactions after the task sequence has completed.

agray

This post is deleted!

agray

@george1421 I looked into MDT and it looks a lot easier and simplifies FOG. There is a problems I am seeing and would like to know how you work around them.

1. How does Fog interact with the WIM files?

george1421

@agray said in Windows Sysprep Breaking:

How does Fog interact with the WIM files?

It doesn’t. WIM files are windows only.

Maybe I did not explain the concept for MDT well enough. The idea is to use MDT to build your golden image in a virtual machine. MDT will take the WIM file and deploy it to a virtual machine. You can configure MDT to also install any current windows updates as well as any global applications you want into your golden image. In my case I use vSphere, and part of setting up MDT is that MDT will create a iso boot disk that connects the target computers to the MDT server (which can be run on a windows desktop OS) to run the install task sequences. When the MDT creation process is done you will have a computer ready for sysprep. At this point MDT’s job is done it has created your golden image. Now you sysprep the golden image and capture with FOG for deployment.

You could use MDT for low volume image deployments (< 5 a week). The differences between MDT/WDS/SCCM and FOG is that the former use file level cloning where FOG/Ghost/Clonezilla use disk block level cloning. Both methods have their advantages and disadvantages. The advantage of FOG and disk block level cloning is SPEED. FOG can deploy a disk over a 1 GbE network at a rate of 6GB/m or about 4 minutes for a 25GB fat image. With MDT/SCCM it will take about 1hr to fully deploy a windows image.

Each application has its roles in this set.

1. MDT creates a repeatable and verifiable golden image the same way every time.
2. FOG captures and deploys images very fast every time.

sudburr

@george1421 What George says, about OEM.

Also try something simpler first. Instead of creating a gold-leafed banana sundae, just put a single scoop of ice cream into a bowl first, then add things one at a time with each attempt … though I’d blame the AV straight up. ESET Endpoint AV pulls the same with its self-defense setting which must be disabled prior to sysprep. If you check the sysprep log it will show you where the error occurs and I’d bet dollars to donuts that it’s the AV.

agray

@george1421 So MDT is basically adding more steps to take out the time of windows updates?
MDT would make basically be my physical machine would be easier to restart every time it fails?
I have yet to try and capture a VM using FOG so I may have some issues with that, I don’t think the process would be much different, right?

george1421

@agray said in Windows Sysprep Breaking:

So MDT is basically adding more steps to take out the time of windows updates?

Well that’s not exactly right. You will more steps initially to setup MDT, that is for sure. But what once MDT is setup it will give you a reliable way to build your reference image, every time. If you only make 1 or 2 images a month you can use MDT directly and not use FOG to clone your systems. You would just boot into MDT via the MDT boot disk, select your task sequence and deploy to your hardware. It will take you 1-2 hours of (you no touch time) for MDT to build your system.

Now MDT will NOT work if you need to reimage a 30 computer class room in 20 minutes. You will need FOG, WDS, or SCCM to do that.

Since you are at the beginning, I would take some time and watch some videos on MDT on how to set it up and how to use it. If you understand my process your time will not be wasted learning MDT. You can decide after you build your golden image with MDT. 1. Do I just use MDT to imaging my computer or 2. Do I use FOG to capture the MDT image and deploy that way if you need speed. Your efforts will not be wasted learning MDT. There are MANY good tutorials on the internet on how to setup and use MDT.

agray

@george1421 said in Windows Sysprep Breaking:

If you only make 1 or 2 images a month you can use MDT directly and not use FOG to clone your systems.

We image, on advantage around 10 an entire year. we are just looking for a quick fix if something brakes and we need one out fast.
Even though MDT bootable, like you said, isn’t fast; it seem simpler than this long process with FOG, at least for my needs.

george1421

@agray said in Windows Sysprep Breaking:

it seem simpler than this long process with FOG, at least for my needs

I can agree with that too. My goal is to help you make an informed decision. What works for me, probably isn’t the best for someone else.

agray

@Quazz After running tests, it was Sophos that was causing the issue. Thank you!