Windows 7 Deployment FOG- SAD2 Driver tool
-
[B]STEP 4: Making an unattend.xml[/B]
[B][/B]
Now we are going to create an answer file. What you do here will vary depending on what you want automated. An answer file is responsible for automating the setup stage of windows 7 once deployed to a machine from FOG. This part is difficult to write a tutorial for, as it is complicated to explain- but is actually very simple once you have looked into it for a while.
You should have downloaded AIK tools and installed. From your physical machine start menu launch “Windows system image manager”.
NOTE: If you need more detailed information on the Answer file process check here:
[url]http://technet.microsoft.com/en-us/library/dd349348(WS.10).aspx#BKMK_1[/url]You will need to have your .ISO or win 7 DVD mounted/inserted. Choose “File>Select windows image”. Choose the win 7 DVD iso. You now need to choose a .clg file. In this case choose “install_windows 7 PROFESSIONAL.clg”
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/16.png[/IMG]
What this does is give you the “catalogue” options for that version of Windows 7.
Now make a new answer file. Go “New> Answer file”. Be sure to save this now- call it “unattend.xml”.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/17.png[/IMG]
IMPORTANT: If you are making an X86 and X64 version, you must make two different answer files. Make one after the other. You will need to unmount the first DVD and then select the other, and re open the .clg catalogue files as explained above. I suggest making a folder called “unattend files”-then making one sub folder for your X86 and one for your x64. Note the difference between 86 and 64:
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/18.png[/IMG]
Now basically you can add “components” to the file, by dragging and dropping things you want into the answer file. I will detail what I have added to my answer file- you may want to customize your own further.-
Windows PE
Add “x86_Microsoft-Windows-Setup_Nuetral” or “amd64_Microsoft-Windows -Setup_neutral”.
Set "Use ConfigurationSet to “true”.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/19.png[/IMG] -
Generalize
Add “x86_Microsoft-Windows-Security-SPP_neutral” or “amd64_ Microsoft-Windows-Security-SPP_neutral”- Set value to “1”. This will skip the windows licensing program.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/20.png[/IMG] -
Specialize
Add these three components. Substitute x86 or amd64 depending on which answer file you are doing.
a) _Microsoft-Windows-Deployment_Neutral
b) _Microsoft-Windows-Security-SPP-UX_Neutral
c) _Microsoft Windows-Shell-Setup_neutral
Like so:
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/21.png[/IMG]
I will now show what to add for each above component.
a) _Microsoft-Windows-Deployment_Neutral
Right click and “Insert new Runsyncronouscommand”.
Set the options below. This will activate the built in administrator account during setup.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/22.png[/IMG]
b) _Microsoft-Windows-Security-SPP-UX_Neutral
Set to “true”. This will skip automatic activation.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/23.png[/IMG]
c) _Microsoft Windows-Shell-Setup_neutral
I set computer name to “RENAME”- Fog will rename when first logged on, or you can do it manually.
Set copy profile to “true”- this will copy your administrator account profile as the default profile for other users, including domain users.
You can put a dummy product key in to make sure it skips this during setup. You can set the real license key later. A full list of keys is below.
Operating System Edition
Product Key
Windows 7Windows 7 Professional
FJ82H-XT6CR-J8D7P-XQJJ2-GPDD4
Windows 7 Professional N
MRPKT-YTG23-K7D7T-X2JMM-QY7MG
Windows 7 Enterprise
33PXH-7Y6KF-2VJC9-XBBR8-HVTHH
Windows 7 Enterprise N
YDRBP-3D83W-TY26F-D46B2-XCKRJ
Windows 7 Enterprise E
C29WB-22CC8-VJ326-GHFJW-H9DH4
Set “show windows live” to False.
Set your time zone.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/25.png[/IMG]- OOBE System
a) _Microsoft-Windows-International-Core_neutral
Set your language settings here, mine is for En-Au (English:Australia)
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/26.png[/IMG]
b) Microsoft-Windows-Shell-Setup_Neutral
Under “autoLogon” set enabled to: true (this will set windows to automatically log on after imaging)
Set logon count to 3 (this means it will automatically log on three times to the local admin account after deploying image from FOG)* I have since dropped this to 2, because I’ve found I don’t need 3 for my setup.
Set username to “administrator”
Then add the administrator password also.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/27.png[/IMG]
Under “OOBE” set the options as follow:
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/28.png[/IMG]
Under “User account” set the administrator password.
Now you need to add something extra here to the Shell setup. Go back to components and to the Shell setup neutral component. By default, shell setup won’t add local accounts as an option. You have to drill down like below then drag local accounts across under shell setup.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/29.png[/IMG]
Now configure the local administrator account as below:
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/30.png[/IMG]
…and don’t forget to set a password. This will be the account windows uses to log on the first time after install.
Ok that’s it for the unattend file. As mentioned above make sure you have a x86 and x64 unattend.xml if you are making both SOE. -
-
[B]Step 5: Customizing windows installation- Free for all[/B]
Ok this section is really up to you. Here you can make any changes you want to windows for when it is deployed. I will list some of the things I have done to give you an idea of what you might like to do. I’m sure you will come up with your own idea for how you want to customize windows 7. I suggest making snapshots as you go along.
Installed VNC 1.0.9 set password - This allows us to remote control machines across the network for support reasons.
Enabled Remote desktop (windows)- As a backup to VNC.
Added Sysinternals
Upgraded IE to 9
Disabled System restore- Not needed, FOG is our system restore
Set boot animation custom- I made my own custom windows boot animation- I animated our company logo- instead of the normal win 7 startup animation. It’s not hard to do, and you can download a neat tool to do it very easily here:
[url]http://www.coderforlife.com/projects/win7boot/[/url]
Your animation has to be 105 frames long- and it is 7 seconds long- running at 15/fps. The first 4 seconds play then the last 3 seconds loop until the machine starts up.
IMPORTANT NOTE: Some third party tools like can really ruin your day- I used another program to change the startup sound for win 7 and after a lot of trouble shooting figured out it was the cause of a problem I was having where the imaged machines were not working properly. That said I have fully tested the above boot animation changer tool and it works flawlessly.
Set Desktop background
Set win 7 basic theme as default
Set log on backgrounds in regedit- Here you can create custom logon screens. This is the screen before you logon. You can make one for each common resolution- and also set a default background for when it can’t find the right resolution.- Start registry editor (Start>Regedit)
- HKLM\SOFTWARE\Policies\Microsoft\Windows\System
Click on background- and Create a new 32 bit DWORD called “useOEMBackground”. Set the value to “1”.
EDIT: I found that while this does work, it won’t use your other dimensions, only background default. You should actually modify this registry key:
[INDENT=1][COLOR=#333333][FONT=Arial][SIZE=13px]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background Now in right-side pane, change value of [B][SIZE=13px]OEMBackground[/SIZE][/B] to [B][SIZE=13px]1[/SIZE][/B][/SIZE][/FONT][/COLOR][/INDENT]
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/31.png[/IMG]
Now you have to create the folders in C:\Windows\System32\oobe\info\backgrounds
Now place all of your background files in that folder. You have to name them in this fashion:
background1024x768, background1920x1080 etc. The images you make should be the correct dimensions or they won’t work. Also they can’t be over 250 kilobytes or they won’t work. I use Photoshop’s save for web feature which cuts the size down of images greatly.
Now users will see a custom background when they get to the log on screen.Set a few local accounts for our company that we use
Set default user account picture
Local Group policies
Load specific theme
Prevent users changing theme (can still change background/window colours etc)
Allowed users to install print drivers/usb hub drivers
Set screen to 15 min Lock out
Prevent changing screen saver/password on wake up
(SECPOL) Behaviour of the elevation prompt for admins in admin approval mode: Evaluate without prompting
(SECPOL) Interactive Logon hide last user
(SECPOL) Switch to the secure desktop prompt for elevation: disabled
Windows Defender off
Power options: never turn off hard disk
Remove windows media centre
Turn off all warning messages in windows action centre
Set OEM information via regedit- Here you can customize what it says when viewing system properties. You can do this via a regedit. Just copy and paste the below into a .reg file and edit the field I mark in red.
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation]
“Manufacturer”=“Kramerica Industries”
“Logo”=“C:\Windows\System32\oemlogo.bmp”
“SupportHours”=“24/7”
“SupportPhone”=“555-5163”
“SupportURL”=“[url]http://www.overclockers.com.au/[/url]”
You also need to create a .bmp file in the location C:\Windows\System32\ called “oemlogo.bmp”, it should be no bigger than 115x115 pixels.
Recuva
Speccy
X64 ICON RESTORER
CCleaner
Windows Updates- We pointed our image to our WSUS server, and installed as many updates as possible before upload.
Again, the above is just an example, you don’t have to follow these steps if you don’t want- that said I will make a couple of exceptions and say that the secpol (secpol.msc) changes really are necessary and you should do them. If not you can cause problems with snapins prompting for approval, instead of being fully unattended.[B]Step 6: An important thing to do[/B]
Now you need to place your unattend.xml file in it’s location. This location is the same for both x64 and x86 images:
C:\Windows\System32\sysprep
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/32.png[/IMG]
Your unattended file will be processed during sysprep.[B]Step 7: First log on script- This is important![/B]
After FOG has imaged your computer and setup has run, windows will run a script that we will now make. You need to make a folder called “scripts” in the C:\Windows\setup\ directory:
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/33.png[/IMG]In the scripts folder you need to create a .cmd script called “setupcomplete.cmd”. Copy and paste the below into this script.
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
@echo off
del /Q /F c:\windows\system32\sysprep\unattend.xml
del /Q /F c:\windows\panther\unattend.xml
START C:\Drivers\SAD2-111118\DP_Install_Tool.cmd
Exit
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::This script will perform three critical things: It will delete your unattend.xml file from the original location and the location it is copied to during sysprep, and it will also call the wonderful SAD2 driver install tool to run. I will explain more about the SAD 2 drivers tool in the next step.
[B]Step 8: Drivers- SAD2[/B]
This is the method this guide uses to install drivers on any machine after the initial imaging.
Essentially after install on first logon, the “setupcomplete.cmd” script will call the “SAD2” driver tool to run. The SAD2 driver tool was made by community members of the driverpacks.net forums.
[B]UPDATE:[/B] There is some confusion on which version to use, how to modify it, where to download it, etc, so I’m making it very simple.
You can download the folder which has the SAD2 script already modified and the correct folder structure setup. There is no need to download the latest version of the SAD2 script from driver packs forums.
[B]DOWNLOAD THE FILE AT THE BOTTOM OF THIS POST.[/B]
[COLOR=#000000][SIZE=3][FONT=Open Sans]If you can’t download it from there PM me and I will email it to you.[/FONT][/SIZE][/COLOR]
First, extract the .zip archive and you will get a folder called “Drivers”.
Put this folder “drivers” in root of C:\
Then download the driver packs you want from here:
[url]http://driverpacks.net/driverpacks/latest[/url]
If it is [B]x64 bit image[/B] you are making, put driver packs here:
C:\Drivers\SAD2-111118\NT6\x64\
Or [B]here for x86:[/B]
C:\Drivers\SAD2-111118\NT6\x86
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/35.png[/IMG]This is what SAD2 looks like:
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/34.png[/IMG]So in the x64 image you only put the 64 bit drivers into the x64 folder, and for the x86 image you only put the 32bit drivers into the x86 folder.
I made a few changes to the “DP_Install_Tool” to make it fully unattended, and also so that it restarts the PC after the drivers have been installed, and deletes the driver packs from the image.I suggest creating another snapshot and testing that the tool runs correctly. You can also try the tool out manually. Just manually run the DP_Install_tool.cmd and it will install required drivers for your machine.
[url=“/_imported_xf_attachments/0/608_Drivers.zip?:”]Drivers.zip[/url]
-
[B]Step 9: FOG service and sysprepping/fogprepping[/B]
[B][/B]
Now the final steps should be to:- Install the FOG service, navigate to:
[url]http://fogserver/fog/client/[/url]
And install the FOG client service. [BE SURE TO REPLACE YOUR “Hostnamechanger.dll” or your machine won’t rename and add to domain after imaging". Replace this after FOG client is installed. - Download and Run “FOG Prep”- This is important for uploading windows 7 machines.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/36.png[/IMG]
The virtual image almost ready to upload to FOG. The last step is to run the system preparation too. If you closed it you can access it in:
C:\Windows\System32\sysprep\sysprep
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/37.png[/IMG]
Before doing the below, I strongly suggest to take a snapshot! It’s likely you will want to re-upload the image many times before you are happy with it. Plus you can then easily add updates/changes from that snapshot position.
Have the cleanup action to go into OOBE mode, and tick generalize. Set the shutdown option to “shutdown”, then hit OK. Sysprep will start working. Once finished the machine will then shutdown. Now the next time it powers on we want to upload FOG before windows starts again. You can also take a snapshot before you run sysprep and then let it reboot without capturing it, to make sure everything works on the next boot up before uploading it to FOG.Step 10: Creating the image in FOG
Select “Image management” in the FOG console. Then choose “new image”. Name the image-and select “Single Partition” (NTFS Only, Resizable).
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/38.png[/IMG]Now go to your host and reference the newly made host image to your registered host machine.
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/39.png[/IMG]
Then choose “Basic Tasks” from the menu to the left. Choose “upload Image”>“Upload image”. The task will start. Fog will automatically resize the partition for upload.
Now you just need to turn your virtual machine back on, and hit F12 to ensure it network boots. If it PXE boots then FOG will grab the image and upload it! If windows starts then you have not successfully PXE booted and you need to return to your snapshot- and re run sysprep. My Final image size was approx 10GB.
You are finished!
[IMG]http://i1127.photobucket.com/albums/l629/Andrew_Hingston/40.png[/IMG]
That’s pretty much it. Now you can deploy the image to other psychical machines by the standard process. Thanks to the SAD2 tool drivers are a breeze, that said, Windows 7 and Sysprep will handle the majority of the essential drivers, but it’s nice to get the correct drivers from SAD2.
I have deployed this on many machines. Most recent machine I was testing was a Lenovo desktop, CPU i5 quad, 4GB ram, onboard graphics and I put an SSD in it and it imaged in two minutes dead (I tried another with the original mechanical drive, and it managed two minutes- five seconds)… It finished the windows deployment in another 2 minutes approx. It auto logged on and deployed SAD2 and installed drivers in around 4 minutes, then rebooted, joined the domain and renamed. All up it was probably done in around 15 minutes max.
I hope this guide will help you in some small way. I don’t think it’s possible to make a ‘one guide fits all’ for win 7 deployment, because there are just so many variables, but I hope this might help get you started. Thanks for reading!Please feel free to comment etc below.
- A. Hingston 2012
- Install the FOG service, navigate to:
-
great article, I myself have been going through similar process based on this guide [URL=‘http://blog.ibuddy.info/index.php/2011/05/fog-29-my-windows-7-guide-3264-bit-docv1/’]http://blog.ibuddy.info/index.php/2011/05/fog-29-my-windows-7-guide-3264-bit-docv1/ [/URL](just what you have done but with VirtualBox) my next stage was to look into the automation of drivers, which you have covered.
Thanks for sharing will definitely help me and others, a few of my new machines network cards are not detected by Win 7 so cannot auto join domain until I manually installed the driver
UPDATE: just implemented this into a test image, and it works great, now it will install missing NIC driver and allow fog to continue with AD joining. Cheers
-
Hi Falko,
I hope it can help you out, if you have problems just ask and I will help if I can! I might clean up the formatting in this thread tomorrow and I will no doubt make changes/additions as I continue to test this into the future.
-
Now that’s a great guide. good job Andyroo45.
-
Great guide Andy. I’ve found this site as well that could help with creating the unattend.xml file. Might work for some, and def save some headaches [url]http://www.bauer-power.net/2011/02/how-to-sysprep-windows-7-on-easy.html[/url]
-
Hi Kevin thanks, and yes any resources, the more the better. No one guide for this will be perfect, especially the XML as it so customizable . And I encourage others if they use this guide to post their results, and suggest changes if they see fit.
-
Thank you very much, andyroo54!
Although I haven’t read the whole document, I’m sure it will help. -
This post is deleted! -
This post is deleted! -
There will be some small updates to this, I’ve found that if FOG is installed before syspep then while the DP install tool is running it can cause the machine to restart in order to rename/join to domain. I will update tonight with my solution.
-
[quote=“andyroo54, post: 1849, member: 267”]There will be some small updates to this, I’ve found that if FOG is installed before syspep then while the DP install tool is running it can cause the machine to restart in order to rename/join to domain. I will update tonight with my solution.[/quote]
I haven’t had this issue when testing, I thought FOG is only meant to restart when no user is logged in?
-
Thanks for the guide, i have 3 days to learn to create and deploy a windows 7 image and this is helping a great deal. Am i missing something though? You said in the guide you get the to entering the correct install key? I cant see that part anywhere.
Also If all the keys are different how does activation work? I have 7 new Windows 7 machines that are factory sysprepped but i want to windows update them and install company specific software and then sysprep again ready for FOG deployment.
-
Activation should be done by the KMS server (assuming you are using a volume license server). Otherwise you will need to hand-activate all the machines or use something like the opa tool - [url]http://forums.mydigitallife.info/threads/28649-OpaTool-updated-v0-8[/url] (again… YOU MUST KEEP YOUR LICENSES STRAIGHT! IF YOU ARE LICENSED FOR PRO, LOAD PRO, etc.) I’m not condoning piracy here… use your head people.
thx.
-
What i meant to say is, each of my PCs have their own key on the case label. They have a factory image on at the moment as in when they boot up it goes through the sysprep steps and is activated automatically. so i dont fully understand which key i would use in sysprep to get them to activate. I could go round after each machine has been imaged and enter the key on the case but that kinda defeats the point of an automated system. XP was so much easire o_O
-
[quote=“Mike Mcloughlin, post: 1955, member: 187”]What i meant to say is, each of my PCs have their own key on the case label. They have a factory image on at the moment as in when they boot up it goes through the sysprep steps and is activated automatically. so i dont fully understand which key i would use in sysprep to get them to activate. I could go round after each machine has been imaged and enter the key on the case but that kinda defeats the point of an automated system. XP was so much easire o_O[/quote]
Hi Mike,
Glad you are finding it useful, but as ssx4life says the only way to make that part automated is use a license server, there really isn’t anyway for this process to grab the product key automatically, because the only place it exists is stuck onto the side of your pc. At some point you would have to type it in anyway, so why not just once the PC is imaged and you are checking it over.
There could be a way to manually enter the key during sysprep, if you removed that option from the unattend.xml file. But I wouldn’t suggest that. You are better off doing as I detailed in the guide:
"You can put a dummy product key in to make sure it skips this during setup. [B]You can set the real license key later.[/B] A full list of keys is below.
Operating System Edition
Product Key
Windows 7Windows 7 Professional
FJ82H-XT6CR-J8D7P-XQJJ2-GPDD4"Note, these are [B]NOT[/B] pirate license keys, they are provided by Microsoft to make the process unattended. Windows will SKIP activation using this key, but it will not auto activate, so you will have 30 days to enter the real product key.
For me, I always check a PC over anyway while it is installing snapins. It’s not too hard to enter the product key then. Especially because 7 PC’s is not a lot really. It might be annoying, but just think of the time an unattended install will save you!
[quote=“Mike Mcloughlin, post: 1949, member: 187”]
I have 7 new Windows 7 machines that are factory sysprepped but i want to windows update them and install company specific software and then sysprep again ready for FOG deployment.[/quote]So in your case, the best thing to do would be to get one of the machines, (don’t bother with a virtual, it will be faster with a psychical PC and since you are deploying to the same machines it will make more sense).
1)Fresh install windows 7, and then launch it into audit mode from the start of setup as detailed above,
2)Install any MS windows updates you need to,
-
Install any company software you need, if you are not going to use snapins,
-
In your case, if you are in a rush, and they are all the same hardware, I would just update the drivers in this master image, and not worry about the SAD DPinstall tool. That way the other machines you deploy to will have the correct drivers already.
5)Make any other changes you want to the OS, local user accounts, etc etc.
- Use an unattended.xml file as detailed above to make the deployment unattended.
7)Then start the sysprep, and then upload it to FOG as it reboots.
- Make sure you don’t activate Windows with a key before you upload it, you will need to do that after you have deployed it to all your machines.
Hope this helps.
-
-
[quote=“falko, post: 1907, member: 48”]I haven’t had this issue when testing, I thought FOG is only meant to restart when no user is logged in?[/quote]
Well I have this problem, and it was annoying! My work is evacuated all this week due to floods and I can’t remote in due to telecommunications dropped out, so I can’t show my modified script, I will post it when I can but this is what I did:
Image before sysprep, before fog upload
1)Removed fog
2)To the DPInstalltool.cmd script, at the end of the drivers installation before the script exits, I added a command to silently install FOG, then I let the script sleep a bit using PING ( I found that SLEEP.exe wouldn’t run when it was being called by the setupcomplete.cmd script, very strange).
-
Then I got the script to move the “hostnamechanger.dll” to the Fog directory.
-
Then I got the script to clean up the SAD folders and delete all the drivers and D folder, and then restart the machine with a 30 second warning.
This took a little bit of testing playing around to get it right, but it appears fine now. Again I will update the guide+this thread when I can.
Thanks,
-
-
Best Regards!!
Works very good!! Best Tutorial! Thank you andyroo54
-
cheers for the update, any chance of updating to the latest DP Tool?