Windows 10 unattend.xml (sysprep answer file) challenge
-
Mine is a little thicker, I have integrated the FOG service to turn it on and start it (Doesn’t do so well in my VM to have it on). As you can see I am using a typical naming that FOG will rename before adding it to the domain. There are two accounts that are setup also. Copying the default admin accounts allow for easier user setup in the long run also.
<?xml version="1.0" encoding="utf-8"?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> <settings pass="specialize"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <WindowsFeatures> <ShowMediaCenter>false</ShowMediaCenter> <ShowWindowsMail>false</ShowWindowsMail> </WindowsFeatures> <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled> <ComputerName>CIN-RENAME</ComputerName> <CopyProfile>true</CopyProfile> <ProductKey>tisk-tisk</ProductKey> <RegisteredOrganization>Sheakley Group</RegisteredOrganization> <RegisteredOwner>Sheakley Group</RegisteredOwner> <TimeZone>Eastern Standard Time</TimeZone> </component> <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <RunSynchronous> <RunSynchronousCommand wcm:action="add"> <Description>Enable Administrator Account</Description> <Order>1</Order> <Path>net user administrator /active:yes</Path> </RunSynchronousCommand> </RunSynchronous> </component> <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <BlockPopups>no</BlockPopups> <CompanyName>Sheakley Group</CompanyName> <Home_Page>http://intranet/SheakleyIntranet/</Home_Page> <DisableFirstRunWizard>true</DisableFirstRunWizard> </component> <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DomainProfile_EnableFirewall>false</DomainProfile_EnableFirewall> <PrivateProfile_EnableFirewall>false</PrivateProfile_EnableFirewall> <PublicProfile_EnableFirewall>false</PublicProfile_EnableFirewall> </component> </settings> <settings pass="oobeSystem"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <OOBE> <HideEULAPage>true</HideEULAPage> <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>1</ProtectYourPC> <SkipMachineOOBE>true</SkipMachineOOBE> <SkipUserOOBE>true</SkipUserOOBE> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> </OOBE> <UserAccounts> <AdministratorPassword> <Value>Look-Away</Value> <PlainText>false</PlainText> </AdministratorPassword> </UserAccounts> <RegisteredOrganization>Sheakley Group</RegisteredOrganization> <RegisteredOwner>Sheakley</RegisteredOwner> <TimeZone>Eastern Standard Time</TimeZone> <AutoLogon> <Password> <Value>Look-Away</Value> <PlainText>false</PlainText> </Password> <Enabled>true</Enabled> <LogonCount>3</LogonCount> <Username>Administrator</Username> </AutoLogon> <FirstLogonCommands> <SynchronousCommand wcm:action="add"> <CommandLine>del /Q /F c:\windows\system32\sysprep\unattend.xml</CommandLine> <Order>1</Order> <Description>Deletes unattend.xml</Description> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <CommandLine>del /Q /F c:\windows\Panther\unattend.xml</CommandLine> <Description>Deletes unattend.xml</Description> <Order>2</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <CommandLine>sc config FOGService start= auto</CommandLine> <Description>Changes FOG server to Automatic</Description> <Order>3</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> <SynchronousCommand wcm:action="add"> <CommandLine>net start FOGService</CommandLine> <Description>Starts FOG service </Description> <Order>4</Order> <RequiresUserInput>false</RequiresUserInput> </SynchronousCommand> </FirstLogonCommands> </component> <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <InputLocale>en-US</InputLocale> <SystemLocale>en-US</SystemLocale> <UILanguage>en-US</UILanguage> <UserLocale>en-US</UserLocale> </component> </settings> <settings pass="generalize"> <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipRearm>1</SkipRearm> </component> </settings> <cpi:offlineImage cpi:source="wim:e:/sources/install.wim#Windows 7 PROFESSIONAL" xmlns:cpi="urn:schemas-microsoft-com:cpi" /> </unattend>```
-
@Psycholiquid Ah, so the pieces you’re doing in “FirstLogonCommands” I’m doing in the SetupComplete.cmd script.
del /Q /F C:\Windows\system32\sysprep\unattend.xml del /Q /F C:\Windows\panther\unattend.xml net start FOGService
-
@MRCUR Yeah I figured why add another file when I can just do it all in one motion.
-
@Psycholiquid You are a beautiful person and I love you.
You may have just ended my 5 year hate war against sysprep.Maybe I wasn’t looking hard enough, but everytime I tried sysprep or tried to customize it to my needs it failed miserably. Destroying customizations, getting stuck at oobe screens, just overall breaking everything. However, I just used your xml as a template and was able to successfully run sysprep on my windows 10 image and it worked pretty well and now I think I will be able to better search for the bits of the unattend.xml I need.
Also, a problem I ran into in windows 10 with sysprep is it sometimes gives an error about a metro app (movies and tv aka Microsoft.ZuneVideo for example) not being provisioned for each user or something. I had to run this powershell script I found in a microsoft tech forum (that I can’t seem to find again right now, but I saved the script for future use) on each user and it worked.
$AppsList = "Microsoft.Bing" , "Microsoft.BingFinance" , "Microsoft.BingMaps" , "Microsoft.BingNews"` , "Microsoft.BingSports" , "Microsoft.BingTravel" , "Microsoft.BingWeather" , "Microsoft.Camera"` , "microsoft.microsoftskydrive" , "Microsoft.Reader" , "microsoft.windowscommunicationsapps"` , "microsoft.windowsphotos" , "Microsoft.XboxLIVEGames" , "Microsoft.ZuneMusic"` , "Microsoft.ZuneVideo" , "Microsoft.Media.PlayReadyClient" ForEach ($App in $AppsList) { $PackageFullName = (Get-AppxPackage $App).PackageFullName if ((Get-AppxPackage $App).PackageFullName) { Write-Host "Removing Package: $App" remove-AppxProvisionedPackage -online -packagename $PackageFullName remove-AppxPackage -package $PackageFullName } else { Write-Host "Unable to find package: $App" } }
Save that guy as a .ps1 file and run it on each user if you’re getting an error when trying to run sysprep on windows 10 (or 8/8.1 for that matter)
-
@Arrowhead-IT You can remove the “Modern” apps in audit mode so you don’t run into any issues. See here: https://forums.fogproject.org/topic/6720/image-windows-10-upgrade/5
-
@MRCUR Oooh, cool. However it wouldn’t let me enter audit mode either until I found this script. I did read something about using audit mode to get rid of modern apps, but I had to remove them to get to audit mode.
-
@Arrowhead-IT You have to be on the network selection screen in OOBE to get into audit mode. (I know this is completely non-obvious - it’s a very MS thing to do.)
-
@Arrowhead-IT That’s because Audit mode is triggered by sysprep which only runs if the apps make it past the checks, it’s stupid, but hey.
-
@MRCUR said in Windows 10 unattend.xml (sysprep answer file) challenge:
@Arrowhead-IT You have to be on the network selection screen in OOBE to get into audit mode. (I know this is completely non-obvious - it’s a very MS thing to do.)
MS should watch themselves… If they keep making things more and more difficult, and Linux distros keep making things more and more easy… well then… You know.
-
Hi there all,
i tried a couple of times a sysprep on w10.
Sysprep on w10 is taking so long… Longer then w7 , how is this with you guys? -
@boeleke said in Windows 10 unattend.xml (sysprep answer file) challenge:
Sysprep on w10 is taking so long… Longer then w7 , how is this with you guys?
I know it does take quite a while, but I’ve never timed it. I will typically start sysprep and then go do something else while it runs. When I come back the vm is powered off. I can say the speed of sysprep is dependant on if you are running on a vm vs physical hardware (phy hardware has more drivers) and if you are deploying all of the bloat ware vs a clean image.
-
My sysprep on Windows 10 LTSB is around 3 mins max. But it is a very clean image.
-
You did it with Audit-Mode?
-
@MRCUR Thanks for the XML, it does open up in SIM but produces this when tested in the real world:
-
@Boyan-Biandov Your image has a driver it doesn’t like if you are getting that, for the most part I don’t really audit mode anymore. I do what I need to do in Windows and go straight to OOBE from there makes it cleaner and easier to deal with. I am still using the same XML I have posted here and it still works so you might want to check your drivers.
Always keep in mind that you can get past that by hitting Shift F10 sometimes and running Explorer. Then you can check the Setup,log in the Panther folder to see what is happening.
-
Thanks, driver I don’t know about but there’s definitely something that baffles me: why would it look for the xml in this directory? I’m stumped on this one…Do you all have to copy the xml file to both locations before running sysprep against one of the copies?
2016-07-09 08:11:52, Error [oobeldr.exe] User input error was detected in unattend file. Error: [0x0] 2016-07-09 08:11:52, Info IBS UnattendErrorFromResults: Hit an unattend error; dumping any info we have about the failure... 2016-07-09 08:11:52, Info IBS UnattendDumpSetting: ------Unattend setting error / warning------ 2016-07-09 08:11:52, Info IBS UnattendDumpSetting: Error code = 0x8030000b 2016-07-09 08:11:52, Info IBS UnattendDumpSetting: Pass = oobeSystem 2016-07-09 08:11:52, Info IBS UnattendDumpSetting: Component name = [Microsoft-Windows-Shell-Setup] 2016-07-09 08:11:52, Info IBS UnattendDumpSetting: -------------------------------------------- 2016-07-09 08:11:52, Info IBS UnattendErrorFromResults: Error text = Windows could not parse or process unattend answer file [C:\Windows\Panther\unattend.xml] for pass [oobeSystem]. The settings specified in the answer file cannot be applied. The error was detected while processing settings for component [Microsoft-Windows-Shell-Setup].
-
@Boyan-Biandov That’s the directory that sysprep is actually run from & where logs are sent. I don’t believe the directory location is your issue.
-
@MRCUR said in Windows 10 unattend.xml (sysprep answer file) challenge:
@Boyan-Biandov That’s the directory that sysprep is actually run from & where logs are sent. I don’t believe the directory location is your issue.
You’ve been super patient so I really want to thank you for that and I don’t mean to contradict every post, I mean it. So it was exactly that, I had to copy my xml file to BOTH locations and then everything worked. Either I’m nuts or nobody had tested the November build of Windows 10 Pro ISO (the one that comes with SP1 integrated so to speak; version 1511 build 10586.420) to discover all those regularities. The ISO is MAK license specific (not retail) straight off eOpen under an EA (same key, few thousand activation allowed). I’ve monkeyed with sysprep for a decades and this is the first I see crazy crap like this
-
@Boyan-Biandov Hmm, that’s really odd. The unattend file I posted is what I still use today on brand new installs of 10586 (the Nov update) and I place the file (named unattend.xml) in C:\Windows\system32\sysprep - that’s it, nowhere else. Below is the sysprep command I execute (I run this from C:\Windows\system32\sysprep):
sysprep.exe /generalize /oobe /shutdown /unattend:unattend.xml
-
@MRCUR I actually put it in both out of habit, if you look at my scripts, (I think I have them posted) I delete the xml from both locations. But again this is habit form doing it for so many years.