• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Windows 10 unattend.xml (sysprep answer file) challenge

    Scheduled Pinned Locked Moved
    Windows Problems
    11
    35
    86.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Boyan BiandovB
      Boyan Biandov
      last edited by

      Hi everyone,

      I’ve been a huge proponent and user of FOG for close to 10 years starting with Windows XP. My beef is that it seems Microsoft (what a surprise) has changed the core structure of unattend.xml with the version of sysprep for Win 10.

      I’m reaching out to those using FOG with Win 10 for some assistance. In prior versions of sysprep it used to be that one can auto-name (use * for machine name) the PC and auto-join it to the domain all within the xml. Now I read some craziness about having to run power shell scripts and how the naming step is AFTER the joining step in sysprep and stuff like that.

      Do you use sysprep with FOG for auto naming and auto joining your Win 10 PCs? If yes how did you solve that sysprep craziness?

      Thank you!

      1 Reply Last reply Reply Quote 0
      • Wayne WorkmanW
        Wayne Workman
        last edited by

        I believe you found what you were looking for here? https://forums.fogproject.org/topic/4441/sysprep-windows-7-computer-name

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
        Daily Clean Installation Results:
        https://fogtesting.fogproject.us/
        FOG Reporting:
        https://fog-external-reporting-results.fogproject.us/

        1 Reply Last reply Reply Quote 0
        • Boyan BiandovB
          Boyan Biandov
          last edited by

          I wish Wayne

          That’s 7. Sysprep 10 is completely messed up and what works on 7 doesn’t on 10. So I’m hoping for someone who actually uses 10. D

          Wayne WorkmanW 1 Reply Last reply Reply Quote 0
          • Wayne WorkmanW
            Wayne Workman @Boyan Biandov
            last edited by Wayne Workman

            @Boyan-Biandov Is there no good documentation on the subject? I found this with a quick Google search for windows 10 sysprep unattend http://www.tenforums.com/tutorials/3020-windows-10-image-customize-audit-mode-sysprep.html

            A lot of times, good searching often means knowing what it is you’re looking for and using specific words that are likely to be found in what you’re looking for.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
            Daily Clean Installation Results:
            https://fogtesting.fogproject.us/
            FOG Reporting:
            https://fog-external-reporting-results.fogproject.us/

            R 1 Reply Last reply Reply Quote 0
            • R
              Rusty @Wayne Workman
              last edited by

              @Wayne-Workman This is still the best guide I have found so far. Details on setting up the unattend.xml are very limited but hopefully its basically the same as for windows 7. I’m just doing some trials at the moment.

              MRCURM 1 Reply Last reply Reply Quote 0
              • Q
                Quazz Moderator
                last edited by

                I’ve resorted to simply not using an unattend file for the time being. The few times I tried using unattend files (created in various ways) it never ended up coming out right. Microsoft kind of screwed it up as far as I can tell.

                1 Reply Last reply Reply Quote 0
                • MRCURM
                  MRCUR Testers @Rusty
                  last edited by

                  @Rusty I’m using our existing Win 7 unattend file without any issues on Win 10 Enterprise (1511). I made zero changes to the file and everything within the file is being completed.

                  R 1 Reply Last reply Reply Quote 1
                  • R
                    Rusty @MRCUR
                    last edited by

                    @MRCUR That is good to know ! Ill be trying that as soon as I get the chance. Ill post my results here (of course)

                    1 Reply Last reply Reply Quote 0
                    • PsycholiquidP
                      Psycholiquid Testers
                      last edited by

                      I can confirm the Unattended I had for my Windows 7 is working great in 10 Enterprise also.

                      Wayne WorkmanW 1 Reply Last reply Reply Quote 1
                      • Wayne WorkmanW
                        Wayne Workman @Psycholiquid
                        last edited by

                        @Psycholiquid Care to share? 😉

                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                        Daily Clean Installation Results:
                        https://fogtesting.fogproject.us/
                        FOG Reporting:
                        https://fog-external-reporting-results.fogproject.us/

                        PsycholiquidP 1 Reply Last reply Reply Quote 0
                        • PsycholiquidP
                          Psycholiquid Testers @Wayne Workman
                          last edited by

                          @Wayne-Workman You want the Unattend? I can send it minus the key if you want.

                          1 Reply Last reply Reply Quote 0
                          • MRCURM
                            MRCUR Testers
                            last edited by 

                            <?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="windowsPE">
        <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SetupUILanguage>
                <UILanguage>en-US</UILanguage>
            </SetupUILanguage>
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UILanguageFallback>en-US</UILanguageFallback>
            <UserLocale>en-US</UserLocale>
        </component>
        <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <UserData>
                <AcceptEula>true</AcceptEula>
                <FullName>End User</FullName>
                <Organization>Your Org</Organization>
            </UserData>
        </component>
    </settings>
    <settings pass="specialize">
        <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <RunSynchronous>
                <RunSynchronousCommand wcm:action="add">
                    <Order>1</Order>
                    <Path>net user Administrator /active:yes</Path>
                </RunSynchronousCommand>
            </RunSynchronous>
        </component>
        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipAutoActivation>true</SkipAutoActivation>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <CopyProfile>true</CopyProfile>
            <ShowWindowsLive>false</ShowWindowsLive>
            <TimeZone>Eastern Standard Time</TimeZone>
            <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
            <ComputerName>*</ComputerName>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UILanguageFallback>en-US</UILanguageFallback>
            <UserLocale>en-US</UserLocale>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <AutoLogon>
                <Password>
                    <Value>YourEncryptedPassword</Value>
                    <PlainText>false</PlainText>
                </Password>
                <Enabled>true</Enabled>
                <LogonCount>2</LogonCount>
                <Username>Administrator</Username>
            </AutoLogon>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
            </OOBE>
            <UserAccounts>
                <AdministratorPassword>
                    <Value>YourEncryptedPassword</Value>
                    <PlainText>false</PlainText>
                </AdministratorPassword>
                <LocalAccounts>
                    <LocalAccount wcm:action="add">
                        <Password>
                            <Value>YourEncryptedPassword</Value>
                            <PlainText>false</PlainText>
                        </Password>
                        <Description>Local Administrator</Description>
                        <DisplayName>Administrator</DisplayName>
                        <Group>Administrators</Group>
                        <Name>Administrator</Name>
                    </LocalAccount>
                </LocalAccounts>
            </UserAccounts>
            <RegisteredOrganization>Your Org</RegisteredOrganization>
            <RegisteredOwner>End User</RegisteredOwner>
        </component>
    </settings>
    <settings pass="generalize">
        <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <DoNotCleanUpNonPresentDevices>true</DoNotCleanUpNonPresentDevices>
            <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:d:/sources/install.wim#Windows 7 ENTERPRISE" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>
                            Boyan BiandovB 1 Reply Last reply Reply Quote 2
                            • PsycholiquidP
                              Psycholiquid Testers
                              last edited by Psycholiquid

                              Mine is a little thicker, I have integrated the FOG service to turn it on and start it (Doesn’t do so well in my VM to have it on). As you can see I am using a typical naming that FOG will rename before adding it to the domain. There are two accounts that are setup also. Copying the default admin accounts allow for easier user setup in the long run also.

                              <?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <WindowsFeatures>
                <ShowMediaCenter>false</ShowMediaCenter>
                <ShowWindowsMail>false</ShowWindowsMail>
            </WindowsFeatures>
            <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
            <ComputerName>CIN-RENAME</ComputerName>
            <CopyProfile>true</CopyProfile>
            <ProductKey>tisk-tisk</ProductKey>
            <RegisteredOrganization>Sheakley Group</RegisteredOrganization>
            <RegisteredOwner>Sheakley Group</RegisteredOwner>
            <TimeZone>Eastern Standard Time</TimeZone>
        </component>
        <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <RunSynchronous>
                <RunSynchronousCommand wcm:action="add">
                    <Description>Enable Administrator Account</Description>
                    <Order>1</Order>
                    <Path>net user administrator /active:yes</Path>
                </RunSynchronousCommand>
            </RunSynchronous>
        </component>
        <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <BlockPopups>no</BlockPopups>
            <CompanyName>Sheakley Group</CompanyName>
            <Home_Page>http://intranet/SheakleyIntranet/</Home_Page>
            <DisableFirstRunWizard>true</DisableFirstRunWizard>
        </component>
        <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <DomainProfile_EnableFirewall>false</DomainProfile_EnableFirewall>
            <PrivateProfile_EnableFirewall>false</PrivateProfile_EnableFirewall>
            <PublicProfile_EnableFirewall>false</PublicProfile_EnableFirewall>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
                <SkipMachineOOBE>true</SkipMachineOOBE>
                <SkipUserOOBE>true</SkipUserOOBE>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
            </OOBE>
            <UserAccounts>
                <AdministratorPassword>
                    <Value>Look-Away</Value>
                    <PlainText>false</PlainText>
                </AdministratorPassword>
            </UserAccounts>
            <RegisteredOrganization>Sheakley Group</RegisteredOrganization>
            <RegisteredOwner>Sheakley</RegisteredOwner>
            <TimeZone>Eastern Standard Time</TimeZone>
            <AutoLogon>
                <Password>
                    <Value>Look-Away</Value>
                    <PlainText>false</PlainText>
                </Password>
                <Enabled>true</Enabled>
                <LogonCount>3</LogonCount>
                <Username>Administrator</Username>
            </AutoLogon>
            <FirstLogonCommands>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>del /Q /F c:\windows\system32\sysprep\unattend.xml</CommandLine>
                    <Order>1</Order>
                    <Description>Deletes unattend.xml</Description>
                    <RequiresUserInput>false</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>del /Q /F c:\windows\Panther\unattend.xml</CommandLine>
                    <Description>Deletes unattend.xml</Description>
                    <Order>2</Order>
                    <RequiresUserInput>false</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>sc config FOGService start= auto</CommandLine>
                    <Description>Changes FOG server to Automatic</Description>
                    <Order>3</Order>
                    <RequiresUserInput>false</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>net start FOGService</CommandLine>
                    <Description>Starts FOG service </Description>
                    <Order>4</Order>
                    <RequiresUserInput>false</RequiresUserInput>
                </SynchronousCommand>
            </FirstLogonCommands>
        </component>
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
    </settings>
    <settings pass="generalize">
        <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipRearm>1</SkipRearm>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:e:/sources/install.wim#Windows 7 PROFESSIONAL" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>```
                              MRCURM 1 Reply Last reply Reply Quote 3
                              • MRCURM
                                MRCUR Testers @Psycholiquid
                                last edited by

                                @Psycholiquid Ah, so the pieces you’re doing in “FirstLogonCommands” I’m doing in the SetupComplete.cmd script.

                                del /Q /F C:\Windows\system32\sysprep\unattend.xml
del /Q /F C:\Windows\panther\unattend.xml
net start FOGService
                                PsycholiquidP 1 Reply Last reply Reply Quote 1
                                • PsycholiquidP
                                  Psycholiquid Testers @MRCUR
                                  last edited by

                                  @MRCUR Yeah I figured why add another file when I can just do it all in one motion.

                                  1 Reply Last reply Reply Quote 1
                                  • JJ FullmerJ
                                    JJ Fullmer Testers
                                    last edited by

                                    @Psycholiquid You are a beautiful person and I love you.
                                    You may have just ended my 5 year hate war against sysprep.

                                    Maybe I wasn’t looking hard enough, but everytime I tried sysprep or tried to customize it to my needs it failed miserably. Destroying customizations, getting stuck at oobe screens, just overall breaking everything. However, I just used your xml as a template and was able to successfully run sysprep on my windows 10 image and it worked pretty well and now I think I will be able to better search for the bits of the unattend.xml I need.

                                    Also, a problem I ran into in windows 10 with sysprep is it sometimes gives an error about a metro app (movies and tv aka Microsoft.ZuneVideo for example) not being provisioned for each user or something. I had to run this powershell script I found in a microsoft tech forum (that I can’t seem to find again right now, but I saved the script for future use) on each user and it worked.

                                    $AppsList = "Microsoft.Bing" , "Microsoft.BingFinance" , "Microsoft.BingMaps" , "Microsoft.BingNews"`
            , "Microsoft.BingSports" , "Microsoft.BingTravel" , "Microsoft.BingWeather" , "Microsoft.Camera"`
            , "microsoft.microsoftskydrive" , "Microsoft.Reader" , "microsoft.windowscommunicationsapps"`
            , "microsoft.windowsphotos" , "Microsoft.XboxLIVEGames" , "Microsoft.ZuneMusic"`
            , "Microsoft.ZuneVideo" , "Microsoft.Media.PlayReadyClient"

ForEach ($App in $AppsList)
{
    $PackageFullName = (Get-AppxPackage $App).PackageFullName
    if ((Get-AppxPackage $App).PackageFullName)
    {
        Write-Host "Removing Package: $App"
        remove-AppxProvisionedPackage -online -packagename $PackageFullName
        remove-AppxPackage -package $PackageFullName
    }
    else
    {
        Write-Host "Unable to find package: $App"
    }
}

                                    Save that guy as a .ps1 file and run it on each user if you’re getting an error when trying to run sysprep on windows 10 (or 8/8.1 for that matter)

                                    Have you tried the FogApi powershell module? It's pretty cool IMHO
                                    https://github.com/darksidemilk/FogApi
                                    https://fogapi.readthedocs.io/en/latest/
                                    https://www.powershellgallery.com/packages/FogApi
                                    https://forums.fogproject.org/topic/12026/powershell-api-module

                                    MRCURM 1 Reply Last reply Reply Quote 1
                                    • MRCURM
                                      MRCUR Testers @JJ Fullmer
                                      last edited by

                                      @Arrowhead-IT You can remove the “Modern” apps in audit mode so you don’t run into any issues. See here: https://forums.fogproject.org/topic/6720/image-windows-10-upgrade/5

                                      JJ FullmerJ 1 Reply Last reply Reply Quote 1
                                      • JJ FullmerJ
                                        JJ Fullmer Testers @MRCUR
                                        last edited by

                                        @MRCUR Oooh, cool. However it wouldn’t let me enter audit mode either until I found this script. I did read something about using audit mode to get rid of modern apps, but I had to remove them to get to audit mode.

                                        Have you tried the FogApi powershell module? It's pretty cool IMHO
                                        https://github.com/darksidemilk/FogApi
                                        https://fogapi.readthedocs.io/en/latest/
                                        https://www.powershellgallery.com/packages/FogApi
                                        https://forums.fogproject.org/topic/12026/powershell-api-module

                                        MRCURM Q 2 Replies Last reply Reply Quote 0
                                        • MRCURM
                                          MRCUR Testers @JJ Fullmer
                                          last edited by

                                          @Arrowhead-IT You have to be on the network selection screen in OOBE to get into audit mode. (I know this is completely non-obvious - it’s a very MS thing to do.)

                                          Wayne WorkmanW 1 Reply Last reply Reply Quote 1
                                          • Q
                                            Quazz Moderator @JJ Fullmer
                                            last edited by

                                            @Arrowhead-IT That’s because Audit mode is triggered by sysprep which only runs if the apps make it past the checks, it’s stupid, but hey.

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post

                                            157

                                            Online

                                            12.0k

                                            Users

                                            17.3k

                                            Topics

                                            155.2k

                                            Posts
                                            Copyright © 2012-2024 FOG Project