How to Setup Ubuntu Server/FOG 1.2.0/Create Univeral Windows 7 Image using Sysprep - Step-by-Step

Liam Sullivan

[B]WORKSTATION IMAGE CREATION[/B]
The installation of FOG only helps if you have an image to deploy. I’m going to focus first on the unattend.xml sysprep file, then we’ll quickly go through image creation and installation/configuration of the FOG client on the workstation.

20. First download the Windows Automated Installation Kit (WAIK) for Windows 7 – [URL=‘http://www.microsoft.com/en-us/download/details.aspx?id=5753’]Here[/URL]
21. Download and install the Windows 7 ISO image from the Volume Licensing Center
22. Using a zip tool (I like 7-zip) extract the ISO to a folder.
23. Open the Windows System Image Manager (the WAIK executable for our next step)
    • In the Bottom Left frame right click Select a Windows image or catalog file.
    • Browse to the extracted Windows 7 folder \Sources\install.wim and click Open.
    • Now we need to configure these unattended installation configuration. The settings are similar for an
    x86 installation but I’m going to be focusing on the 64 bit configuration in this guide.
    • Under Windows Image expand the section Components.
    i. Scroll down to amd64_Microsoft-Windows-Security-SPP_ (NOT the UX!!)
24. Right Click -> Add to Pass 3 Generalize
25. You’ll now see it appear under Components -> Pass 3 Generalize in the Answer File
    Frame.
26. Select it, and in the right frame Microsoft-Windows-Security-SPP set SKIPREARM to 0
    ii. On the left frame scroll down to amd64_Microsoft-Windows-Deployment_neutral
27. Right Click -> Add to Pass 4 Specialize
    a. Expand amd64_Microsoft-Windows-Deployment_neutral
    b. Right Click -> Extend OS Partition -> Add to Pass 4 Specialize
    c. Select in the middle frame d. In the right frame set
    i. Extend -> True
    e. Back in the left frame Expand -> RunSychronous
    f. Right Click -> RunSynchronousCommand -> Add to Pass 4 Specialize
    g. Select in the middle frame, and in the right i. Action -> AddListItem
    ii. Order -> 1
    iii. Path -> net user administrator /active:yes
    iv. Windows 7 natively disables the local admin account, we want to make
    sure it’s turned back on.
    iii. On the left frame scroll down to amd64_Microsoft-Windows-Shell-Setup_Neutral
28. Right Click -> Add to Pass 4 Specialize
    a. Select and add the following settings to the right frame b. ComputerName -> *
    c. CopyProfile -> True
    d. ProductKey -> If you use a KMS server you can enter the generic KMS client key for your copy of windows. Otherwise enter your Volume Activation License key.
    e. ShowWindowsLive -> False

f. TimeZone -> your current time zone. NOTE the documentation isn’t clear on how to enter these. You need to fully write it out e.g. Eastern Standard Time
iv. In the left frame scroll down to amd64_Microsoft-Windows-International-Core_neutral

1. Right Click -> Add to Pass 7 oobeSystem
2. Select in the middle frame
3. In the right frame.
   a. InputLocale -> en-US
   b. SystemLocale -> en-US
   c. UILanguage -> en-US
   d. UserLocale -> en-US
   v. In the left frame scroll down to amd64_Microsoft-Windows-Shell-Setup_Neutral
4. Right Click -> Add to Pass 7 oobeSystem
   a. DisableAutoDaylightTimeSet -> False
   b. DoNotCleanTaskBar -> True
5. Expand amd64_Microsoft-Windows-Shell-Setup_Neutral
   a. Right Click -> OOBE -> Add to Pass 7 oobeSystem
   i. HideEULAPage -> True
   ii. NetworkLocation -> Work
   iii. ProtectYourPC -> 1
   b. Expand -> UserAccounts
   i. Right Click -> AdministratorPassword -> Add to Pass 7 oobeSystem
6. Set Value – to your desired local administrator account password.
   ii. Right Click -> Local Accounts -> Add to Pass 7 oobeSystem
   iii. Right Click -> Local Accounts in middle frame iv. Insert New Local Account
7. Action -> AddListItem
8. Description -> LocalAdministrator
9. DisplayName -> Administrator
10. Group -> Administrators
11. Name -> Administrator
    v. Set password to match previous administrator password.
    vi. It seems odd to add this twice, but otherwise after sysprep it will still prompt for an initial local account name. It may be possible to remove the OOBE section, but I haven’t experimented with it.
    vi. You can also configure Taskbar and Start Menu settings to apply to all users. [URL=‘http://blogs.technet.com/b/askcore/archive/2010/03/16/how-to-customize-the-windows-7-start-menu-and-taskbar-using-unattend-xml.aspx’]Technet Article[/URL]
    • Save this file as unattend.xml
12. Now for the easier part – Creating the windows install.
    • I like configuring my Windows 7 client images by installing them in a VM. This gains me the advantage of taking a snapshot prior to the sysprep. That way I can occasionally do windows update, add new software etc. then sysprep and recapture the image instead of starting over. I also recommend setting the hard drive or partition size at 20-25GB depending on how much you need to install. The reason for this is that the image can then be cloned to anything with a hard drive over that size, instead of needing to match the original drive size.
    • Either mount your ISO image or insert the CD into your test computer.

i. After installing Windows, when you reach the Windows Welcome Screen and it asks you to create a username press [B]SHIFT-CTRL-F3[/B]

1. This will enter Windows Audit mode, this mode is meant for image configuration prior
   to deployment and greatly simplifies the sysprep process.
   ii. One you’re at the desktop proceed with installing any necessary software, Windows Updates etc. This will really depend on your personal workstation needs for labs, offices and the like. My software image is pretty sparse as I use SCCM to auto-install most of my lab apps.
   [B]iii. For best results DO NOT ADD THIS COMPUTER TO YOUR DOMAIN!![/B]
   [B]1. OPTIONAL[/B]
   a. I configure my major system options through Group Policy, but you may want to set things such as System restore settings, Power Options, defrag, disk cleanup options etc.
   [B]iv. FOG Client Installation[/B]
2. On your build system open your web browser and navigate to the FOG interface
   a. Download the FOG Client Service b. Extract the file and run Setup.exe c. On the Configuration page
   i. Enter the host name of the FOG Server. (you can use IP, but depending on firewalls and routing non-domain computers may have issues communicating which will disable the auto-domain join feature)
   ii. You can leave all other options selected as once the client service connects to the server it will copy the configured FOG options.

[B]v. DRIVERPACKS!!![/B]

1. This will be the greatest thing you ever use. Windows 7 has a number of built-in drivers and auto-detects a ton of hardware, but it can always be improved.
2. So what we want to do is look at the DriverPacks repository - [URL=‘http://driverpacks.net/driverpacks/latest’]here[/URL]
3. Find the version of Windows you are working with from the list.
4. Not all of these files are needed, for most peripheral hardware (Touchpads, webcams etc.) the built-in windows drivers will function fine. What we need is the main system drivers crucial to booting the machine and getting network connectivity.
5. I download Audio, Chipset, Graphics A, B, Mobile; LAN, Mass Storage and WLAN.
6. Extract these files into C:\Windows\inf\DriverPacks
7. There are other ways to install drivers but I found for adding 3-4GB to your image but gaining universal hardware functionality this is the easiest.

[B]vi. Preparing to Sysprep[/B]

1. **If using a VM as suggested, I HIGHLY recommend taking a snapshot before starting this process. If something is misconfigured you can easily revert back and fix it or use the snapshot to update software before refreshing your image file. **
2. Browse to C:\Windows\System32\sysprep
3. Copy your unattend.xml file to this location.
4. Open a command prompt in administrative mode and browse to
   C:\Windows\System32\sysprep
5. When you are absolutely ready to create your initial image, enter the following command
6. sysprep /oobe /generalize /unattend:c:\windows\system32\sysprep\unattend.xml
   a. I’ll breakdown what this does as you may find you want to play with other
   settings.
   b. OOBE – configures Windows Welcome Mode, we’ve passed the initial user
   configuration to re-enable the admin account which is all this is used for
   c. Generalize – This resets the Security ID of the computer, removes all restore points and event logs and passes the initial hardware configuration and services startup to make the image hardware independent.
   d. Unattend – Just the command to reference our unattend.xml file for
   predetermined options.
7. OPTIONAL
   a. You may find it useful to include a script for other functions post setup. If so create the directory C:\Windows\Setup\Scripts. At this location make a file SetupComplete.cmd
   b. The passwords are encrypted, but you may want to delete the unattend.xml after the workstation is fully setup or reference Microsoft Office’s license key service to automatically register itself.

Liam Sullivan

[B]Uploading your reference image to FOG[/B]

24. After sysprep completes it will shut down your VM or workstation.

25. On another machine, open your Fog Management Console [url]http://FogServer/Fog/Management[/url]

26. Clicks Image Management -> New Image
    • Name the image something meaningful, enter a description if you desire and for Windows 7 make sure to set Image Type -> Multiple Partition Image – Single Disk (Not Resizable)
    i. This is why you need to use a smaller partition and we set the System Disk – Extend feature in
    the unattend.xml file.
    • Save your changes.

27. Power the sysprep computer on and enter the BIOS screen. Ensure that the computer is set to PXE boot and that FOG’s PXE functionality is working on your network.

28. When the computer reaches the FOG PXE boot menu, select Registration and Inventory and register the host. It helps to name it something that reminds you of its purpose. I usually do Win7x64Sysprep or the like.

29. As you enter the options, make sure to select your new Host Image from the options and you can set the HOST OS.

30. After the host registers shut the computer down.

31. Now back in the web management interface; click Host Management -> List all Hosts – Select your imaging host. (Win7x64Sysprep)

32. Click Update to save your changes.

33. Click Basic Tasks (on the left) -> Upload

34. Select Shutdown after Task Completion, if you need any scheduling you can enter that, and click Upload Image.

35. Start up your VM or workstation you sysprepped. As it starts the PXE boot it will detect a waiting task from FOG
    and begin the image upload process.

36. Once completed let the workstation power off and congrats! You’ve just created a universal Windows 7 image
    with easy deployment through FOG!!

I hope I haven’t missed anything, I have attached this guide as a PDF in the original post that may be a bit easier to read! Good luck all

Jaymes Driver

I like what you have done here, thank you for taking the time to make a write up. I think this should curb some of the issues that users are having with installing a FOG server for the first time, and you have touched most of the bases including image creation, very nicely done.

falko

Jaymes Driver has said it already, great stuff and thanks for the share.
I have made this a sticky for now as it is great for newcomers

Junkhacker

quick correction. db password is now stored in [SIZE=13px][FONT=arial][COLOR=#262626]/var/www/fog/lib/fog/Config.class.php in fog 1.2.0+[/COLOR][/FONT][/SIZE]

Liam Sullivan

Cheers Junkhacker. Was bound to miss something. Will edit to reflect.

prince xyryl

What if my dhcp is served by pfsense?

And computers on my main network are on static ip?

Jaymes Driver

[quote=“prince xyryl, post: 34301, member: 25316”]What if my dhcp is served by pfsense?

And computers on my main network are on static ip?[/quote]

Then you look on the wiki or you ask a question in the help section and you don’t hijack someone’s tutorial thread.

My suggestion is using DNSMasq [url]http://fogproject.org/wiki/index.php/Using_FOG_with_an_unmodifiable_DHCP_server/_Using_FOG_with_no_DHCP_server#DNSMASQ_settings_for_iPXE[/url]

If you have issues please post in the Fog forums section and do not muddle up this thread.

It does not matter what ip address your machines have, when they enter TFTP they look for a dhcp server and DNSMasq will offer the correct information to the clients so they can boot.

prince xyryl

Highjack? Muddleup? I didnt intend to do that , im sorry if I did. You can warn me in a more nice and professional way though… Thanks anyway

Tom Elliott

[quote=“prince xyryl, post: 34306, member: 25316”]Highjack? Muddleup? I didnt intend to do that , im sorry if I did. You can warn me in a more nice and professional way though… Thanks anyway[/quote]

I don’t think it was meant as an “unprofessional” point of retention. It was more meant to inform. He still answered the question, and gave the “warning” in a descriptive way. Sometimes people’s phrasing may come off as “harsh”. We must all remember we’re reading text on a forum. There is no conceptual method of portraying the true intentions. Maybe it was meant to be degrading, maybe it was not intended in such a form at all.

Please understand that it’s just meant to suggest to a person that the tutorials, and especially those that are not requesting tutorials but actually giving tutorial descriptions, to use the appropriate forum areas to ask questions. If you need to link back to the relevant thread, simply copy the link in your post.

Hopefully this helps clarify the intentions of what we’re trying so hard to maintain and accomplish.

braindead

Jesus. Great job! As one who rights how-to’s myself, I know that took a lot of work. Thanks.

braindead

[S]Perhaps dumb question, but I can’t find a clear answer: where exactly do you download the client service application?[/S]

Searched a little harder and found it.

The Fog Client Service Application can be found at [url]http://<your[/url] fog server>/fog/client.

Tom Elliott

Or, if you need a direct link, it would be:
[url]Http://<your[/url] fog server hostname or ip>/fog/management/index.php?node=client

prince xyryl

[quote=“Tom Elliott, post: 34308, member: 7271”]I don’t think it was meant as an “unprofessional” point of retention. It was more meant to inform. He still answered the question, and gave the “warning” in a descriptive way. Sometimes people’s phrasing may come off as “harsh”. We must all remember we’re reading text on a forum. There is no conceptual method of portraying the true intentions. Maybe it was meant to be degrading, maybe it was not intended in such a form at all.

Please understand that it’s just meant to suggest to a person that the tutorials, and especially those that are not requesting tutorials but actually giving tutorial descriptions, to use the appropriate forum areas to ask questions. If you need to link back to the relevant thread, simply copy the link in your post.

Hopefully this helps clarify the intentions of what we’re trying so hard to maintain and accomplish.[/quote]

oh? ok sir. Thanks

TCUAdmin

Hey all,
I am a District IT for a School District and we are mass deploying new teacher/lab computers

I have everything set up and ready to pull a master image to send out to other PC and I am running into a problem. I have my FOG management up and running and I have a image created in Image Management. I have my FOG management on one laptop connected to a Linksys 8 port switch and the master laptop that I want the image from connected also. I have Sysprep the Master Image and booted it to Onboard NIC. It finds the Client IP that I have set up but can not find the PXE and the TFTP times out.

Anyone got a answer for this problem?

Thanks

Junkhacker

[quote=“TCUAdmin, post: 34426, member: 25341”]Hey all,
I am a District IT for a School District and we are mass deploying new teacher/lab computers

I have everything set up and ready to pull a master image to send out to other PC and I am running into a problem. I have my FOG management up and running and I have a image created in Image Management. I have my FOG management on one laptop connected to a Linksys 8 port switch and the master laptop that I want the image from connected also. I have Sysprep the Master Image and booted it to Onboard NIC. It finds the Client IP that I have set up but can not find the PXE and the TFTP times out.

Anyone got a answer for this problem?

Thanks[/quote]

TCUAdmin’s question is addressed here [url]http://fogproject.org/forum/threads/cant-find-pxe-and-tftp.11278/[/url]

Mike Stoltzfus

Thanks for investing the time to write this up! I have been using FOG for a few years now, using a FOG server instance that originally I downloaded as a Virtual Appliance on a Hypervisor server. We recently moved all of our servers to Hyper-V on Windows 2012, so I followed your directions to install the latest version from scratch in a Hyper-V VM. I created another Hyper-V VM for setting up an image machine. However, when I went to upload the image (after spending considerable time getting the image’s OS prepared, including driverpacks, etc), I found that the VM wouldn’t boot to iPXE. After doing a bit of looking, I found that I’m not the only one having this problem on Hyper-V ([url]http://fogproject.org/forum/threads/change-needed-for-vm-to-pxe-boot-to-fog.10146/[/url]).

What VM platform did you use to create your image machine VM?

Liam Sullivan

I used Oracle virtualbox. Free and works perfectly every time

falko

@Mike Stoltzfus
I think there are many of us the use Virtualbox for the image building vm

purpleturtle99

@Liam thanks for the great step by step guide really appreciate it. But I am quite new to Fog and struggle sometimes with the basic of things. You lost me between creating the unattended.xml file and the creating the iso to boot the test pc from.
My question is where did you save this .xml file too? and how was this incorporated into the iso too b used in a VM or physical box. did u use software? If you could explain this step in detail it will be mush appreciated.

oh and BTW for all other noobs out there please ensure that you download the [COLOR=#ff0000]exact[/COLOR] version of WAIK that you are trying to use e.g. win7 sp1 WAIK isn’t compatible with win 7 WAIK and visa versa. Windows has released a supplement but it has no install files