Windows 10 key after deployment



  • Server
    • FOG Version: 1.4.4
    • OS: ubuntu
    Description

    Hello, i wanted to know how it works for the licence key if i want to deploy windows 10 image ?

    I have OEM licence on computers, i installed one of them as Master and then deployed the image on the others computers. But the licence key is not activate.

    With windows 7 it could work like that but for windows 10 it seems different.

    How should i do to clone properly and activate my windows 10 licence key ?

    thanks



  • @x23piracy Well for windows 7 it wasn’t needed to sysprep to activate windows 7 licence and since we don’t have a microsoft domain it wasn’t necessary to use sysprep anyway… i think… :D It was working at least… xD



  • @sunks what have you thougth when to sysprep? :) sure this needs to be done before you image.



  • @x23piracy I think this is the problem, i have to sysprep before imaging if i want to activate a cloned windows 10 (for OEM w10 key).
    If i don’t sysprep, he don’t want to activate it and say something like: “the previous windows, before the upgrade to windows 10, wasn’t activate”.



  • @sunks

    <?xml version="1.0" encoding="utf-8"?>
    <unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="windowsPE">
    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <SetupUILanguage>
    <UILanguage>de-DE</UILanguage>
    </SetupUILanguage>
    <InputLocale>0407:00000407</InputLocale>
    <SystemLocale>de-DE</SystemLocale>
    <UILanguage>de-DE</UILanguage>
    <UILanguageFallback>de-DE</UILanguageFallback>
    <UserLocale>de-DE</UserLocale>
    </component>
    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <DiskConfiguration>
    <Disk wcm:action="add">
    <CreatePartitions>
    <CreatePartition wcm:action="add">
    <Order>1</Order>
    <Type>Primary</Type>
    <Size>100</Size>
    </CreatePartition>
    <CreatePartition wcm:action="add">
    <Extend>true</Extend>
    <Order>2</Order>
    <Type>Primary</Type>
    </CreatePartition>
    </CreatePartitions>
    <ModifyPartitions>
    <ModifyPartition wcm:action="add">
    <Active>true</Active>
    <Format>NTFS</Format>
    <Label>System Reserved</Label>
    <Order>1</Order>
    <PartitionID>1</PartitionID>
    <TypeID>0x27</TypeID>
    </ModifyPartition>
    <ModifyPartition wcm:action="add">
    <Active>true</Active>
    <Format>NTFS</Format>
    <Label>OS</Label>
    <Letter>C</Letter>
    <Order>2</Order>
    <PartitionID>2</PartitionID>
    </ModifyPartition>
    </ModifyPartitions>
    <DiskID>0</DiskID>
    <WillWipeDisk>true</WillWipeDisk>
    </Disk>
    </DiskConfiguration>
    <ImageInstall>
    <OSImage>
    <InstallTo>
    <DiskID>0</DiskID>
    <PartitionID>2</PartitionID>
    </InstallTo>
    <InstallToAvailablePartition>false</InstallToAvailablePartition>
    </OSImage>
    </ImageInstall>
    <UserData>
    <AcceptEula>true</AcceptEula>
    <FullName>admin</FullName>
    <Organization>company</Organization>
    </UserData>
    <EnableFirewall>true</EnableFirewall>
    </component>
    </settings>
    <settings pass="offlineServicing">
    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <EnableLUA>false</EnableLUA>
    </component>
    </settings>
    <settings pass="generalize">
    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <SkipRearm>1</SkipRearm>
    </component>
    </settings>
    <settings pass="specialize">
    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <InputLocale>0407:00000407</InputLocale>
    <SystemLocale>de-DE</SystemLocale>
    <UILanguage>de-DE</UILanguage>
    <UILanguageFallback>de-DE</UILanguageFallback>
    <UserLocale>de-DE</UserLocale>
    </component>
    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <SkipAutoActivation>true</SkipAutoActivation>
    </component>
    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <CEIPEnabled>0</CEIPEnabled>
    </component>
    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <WindowsFeatures>
    <ShowMediaCenter>false</ShowMediaCenter>
    <ShowWindowsMail>false</ShowWindowsMail>
    </WindowsFeatures>
    <ShowWindowsLive>false</ShowWindowsLive>
    <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
    <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
    <ComputerName>company-pc</ComputerName>
    <CopyProfile>true</CopyProfile>
    </component>
    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <BlockPopups>yes</BlockPopups>
    <CompanyName>company</CompanyName>
    <Home_Page>http://www.google.de</Home_Page>
    <DisableFirstRunWizard>true</DisableFirstRunWizard>
    </component>
    </settings>
    <settings pass="oobeSystem">
    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <AutoLogon>
    <Password>
    <Value>password</Value>
    <PlainText>true</PlainText>
    </Password>
    <Enabled>true</Enabled>
    <LogonCount>1</LogonCount>
    <Username>username</Username>
    </AutoLogon>
    <OOBE>
    <HideEULAPage>true</HideEULAPage>
    <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
    <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
    <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
    <NetworkLocation>Work</NetworkLocation>
    <SkipUserOOBE>true</SkipUserOOBE>
    <SkipMachineOOBE>true</SkipMachineOOBE>
    <ProtectYourPC>3</ProtectYourPC>
    </OOBE>
    <UserAccounts>
    <LocalAccounts>
    <LocalAccount wcm:action="add">
    <Password>
    <Value>password</Value>
    <PlainText>true</PlainText>
    </Password>
    <Description></Description>
    <DisplayName>username</DisplayName>
    <Group>Administrators</Group>
    <Name>username</Name>
    </LocalAccount>
    </LocalAccounts>
    </UserAccounts>
    <RegisteredOrganization>company</RegisteredOrganization>
    <RegisteredOwner>admin</RegisteredOwner>
    <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>
    <FirstLogonCommands>
    <SynchronousCommand wcm:action="add">
    <Description>SetupComplete</Description>
    <Order>1</Order>
    <CommandLine>C:\Windows\Setup\Scripts\SetupComplete.cmd</CommandLine>
    <RequiresUserInput>false</RequiresUserInput>
    </SynchronousCommand>
    <SynchronousCommand wcm:action="add">
    <Description>Control Panel View</Description>
    <Order>2</Order>
    <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine>
    <RequiresUserInput>false</RequiresUserInput>
    </SynchronousCommand>
    <SynchronousCommand wcm:action="add">
    <Description>Control Panel Icon Size</Description>
    <Order>3</Order>
    <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 1 /f</CommandLine>
    <RequiresUserInput>false</RequiresUserInput>
    </SynchronousCommand>
    </FirstLogonCommands>
    <TimeZone>W. Europe Standard Time</TimeZone>
    </component>
    </settings>
    </unattend>
    


  • @x23piracy In the past we had some problems with sysprep and our anitivirus, so we are not using it. We don’t have a windows domain so it’s not a problem.

    I still would like to see ur unattend.xml to see how you make it work!



  • @thequicken i setup two virtual windows 10 machines in virtual box. one will be installed with gpt and one with mbr (legacy, efi image). (The ISO for install is created by the windows media creation tool, windows 10 pro).

    I start the install and then i go into admin-mode (when the first settings appear in the setup strg + shift +f3). Then i activate both machines with oem licenses (win 7 dvd box with a sticker), if windows 10 is not activated you cannot set every option until it’s activated.

    Then i install software and play with the settings.
    Finally i sysprep the machines and capture them.

    When i now deploy such image, i use setkey.exe as a snapin to read the bios key and activate the machine with it.
    don’t forget i use an answer file (unattend.xml) so the windows setup (oobe) will run automatically.

    If you need i can show you the scripts i use.

    FYI virtual box doesnt offer a EFI network boot, to capture or deploy a virtual box EFI system i disable EFI and boot via network boot in legacy mode, after deployment or capturing i enable EFI again for that vm host (else it won’t boot).

    What’s your installation base if you say you cannot activate with bios key? Do you use something else then OEM Media? Maybe a Install Base for VL?

    Regards X23



  • @x23piracy How are you fogging your Win10 machines?

    I can create a fresh image and deploy to Bios in Legacy mode but then I can’t use the embedded key.

    All my attempts at UEFI capture/deploy fail.

    We are a Dell shop – would love to know how you are accomplishing this.



  • I’ll keep you update soon for my problem and the resolution, for now i’m a bit busy,

    Thanks for your help !



  • @wayne-workman the only reason for this is that ms is pushing us in the enterprise sector. Think about the SAM examinations in the last couple months all over the world. The question is what could be an indicator for ms to detect an reimaged system that wasn’t allowed to be reimaged? Where are that dirty bits and flags on the system, registry, filesystem?

    I even don’t understand why i am should not allowed to reimage such OEM System, every of our computers has its unique key for windows 10 pro in its bios, after each deployment i read out that key from bios and activate that windows with this key right after deployment by executing a snapin thats doing the job.

    I would loose a big amount of time if i go to install each computer by hand, even each software and its special settings.


  • Moderator

    @x23piracy said in Windows 10 key after deployment:

    @sunks said in Windows 10 key after deployment:

    @x23piracy

    Thanks, i’ll check that :)

    don’t forget reimaging is not allowed with OEM, but pssst i also do it :)

    Regards X23

    You crack me up, x23.

    Personally, my view of the OEM thing is that the rules explained in layman’s terms are outdated. Computer cloning was what we did in the past (an absolute copy in every regard from one computer to another) and that computer imaging is what we have now with FOG (image deployment that is not an exact copy). FOG is able to deploy sysprepped systems, and deploy the exact OS key to the exact system it belongs to - without re-using keys. I think that if the actual words in Microsoft’s TOS were re-evaluated today while taking into consideration what FOG can offer, I believe wholehartedly that MS would find FOG’s capabilities to be within compliance of their TOS if the admin inputs each OEM key for each individual host that it belongs to. Failure to see this would just mean more organizations abandoning windows totally (like my last job did) in favor of ChromeOS or Linux…



  • @sunks for my masters i use two old windows 7 oem licenses (dvd box) one for legacy and one for uefi image.
    I use virtual box to prepare my images and i activate each with one of the windows 7 oem licenses.
    (I need to activate win 10 before sysprep because else you cannot configure all system settings)

    Then i sysprep without removing any license information.

    After deployment on a computer which has windows 10 oem license key in bios i run my setkey.exe snapin and the machine is activated.

    Actually i have no idea why that isn’t working for u.

    Is it possible to have access via teamviewer to one of your machines to have a look?

    Regards X23



  • @x23piracy No, habitually we activate the windows and then we take the master image.



  • @sunks Hi, do you remove the key before you take your golden image?
    I activate all our machines this way (they all have the oem win 10 pro key in the bios).



  • @x23piracy Yea sorry. I used oemkey.exe, he don’t want to activate it aswell, it say that the previous windows version wasn’t activate before the upgrade to windows 10. So he don’t want to activate my windows 10 with the OEM key.


  • Moderator

    @x23piracy said in Windows 10 key after deployment:

    but pssst i also do it :)

    Shame on you lol



  • @sunks why powershell? This is not what i gave you.
    Make a dry run with oemkey.exe then you will see the bios embedded license key in a dos box (not powershell)
    My Script will automate the process, from running oemkey.exe up to add the key with slmgr and the activation.

    Please follow the instructions i wrote in the link i gave u.

    Regards X23



  • @x23piracy

    I just tried to activate my windows 10 computer with the licence key the powershell gave me:

    (Get-WmiObject -query ‘select * from SoftwareLicensingService’).OA3xOriginalProductKey

    And it’s not working, the key is not valid. It’s a cloned windows 10.



  • @sunks said in Windows 10 key after deployment:

    @x23piracy

    Thanks, i’ll check that :)

    don’t forget reimaging is not allowed with OEM, but pssst i also do it :)

    Regards X23



  • @x23piracy

    Thanks, i’ll check that :)


Log in to reply
 

354
Online

39.3k
Users

11.0k
Topics

104.4k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.