Deploying Vista – Part 12: Understanding Image-Based Deployment

by [Published on 30 Sept. 2008 / Last Updated on 30 Sept. 2008]

This series of articles on automating Windows Vista deployment continues by examining how image-based deployment works.

If you missed the previous articles in this series, please read:

In the previous two articles of this series we learned about the Windows Preinsallation Environment (Windows PE) and how to create a customized, bootable Windows PE 2.1 CD using the Windows Automated Installation Kit (Windows AIK) version 1.1, which provides you with tools you can use to deploy Windows Vista with Service Pack 1 and Windows Server 2008. In this article we’ll examine how to perform a basic image-based deployment of Windows Vista SP1 using the ImageX utility and the Windows PE CD we created in the previous article. Then in the next article we’ll walk through the actual steps of performing a simple, image-based deployment of Vista SP1.

Understanding ImageX

Before you can perform image-based deployment, you first need to understand the ImageX tool, which is included in the Windows AIK (and which we copied onto our Windows PE CD in the previous article). ImageX is a command-line utility for capturing, servicing and applying Windows Imaging Format (WIM) files, which are file-based Windows disk images used by Windows Vista and later. Table 1 shows the different command-line options available when using ImageX.

Option

Description

/append

Used to append an image to an existing WIM file

/apply

Used to apply an image to a specified volume

/capture

Used to capture an image from a volume to a new WIM file

/delete

Used to delete the specified image from a WIM file containing multiple images

/dir

Used to view a list of the files and folders within a specified image

/export

Used to export a copy of the specified WIM file to another WIM file.

/info

Displays the total file size, image index number, directory count, file count, description and other information for the specified WIM file

/mount

Used to mount a WIM file to a specified directory with read-only permission, which lets you to view but not change the information contained in the directory

/mountrw

Used to mount a WIM file to a specified directory with read/write permission, which lets you to view and change the information in the directory.

/unmount

Used to dismount a mounted image from a specified directory

Table 1: Command-line options for ImageX

We’ll see examples of how to use ImageX when we walk through image-based deployment in a moment.

Steps for Image-Based Deployment

Before we walk through performing a simple image-based deployment of VistaSP1, let’s step back and take a high-level view of how the deployment process works. Image-based deployment is the process of creating a master image, capturing that image, and then applying the captured image to one or more destination computers. In more detail, the steps for performing image-based deployment look like this (see Figure 1):


Figure 1:
Seven-step process for image-based deployment

Step 1: Install Vista on a reference computer that will server as the model for the other computers you want to deploy Vista onto. This reference computer is known as the master computer because it contains the master installation of Vista which you plan to duplicate onto multiple destination computers across your enterprise. You can install your reference computer manually, or you can do it using the unattended install from DVD method outlined in Part 8 of this series

Step 2: Customize your master installation by adding drivers, turning on Windows features, installing applications, and performing other kinds of customizations needed by your users.

Step 3: Now sysprep your master installation to remove any machine-specific information from it such as security identifiers (SIDs).

Short aside: Step 3 is necessary whenever you want to duplicate an image and apply it to other machines because if you have two or more computers on your network that have the same SIDs, you’re in trouble. By design, each Windows installation has a unique machine SID that includes a randomly-generated 96-bit number. This machine SID is used as a prefix for the SIDs of any user and group accounts created on the computer. Specifically, the unique machine SID is concatenated with the relative ID (RID) of the user or group account to create a unique identifier for the account. So if you duplicate an image onto another computer without removing the SIDs first, you’ll end up with two computers that have identical SIDs, and one of the consequences of this is that user accounts on one computer will have access to files stored on removable media on the other computer even if NTFS permissions are configured to deny access. In other words, security breaks down when you duplicate installations that haven’t been sysprepped. Even worse security issues will occur if you have computers with duplicate SIDs in a domain including login problems, trust issues, problems accessing resources, roaming profile failures, and more.

Step 4: Boot your sysprepped master installation using the bootable Windows PE CD you created in the previous article in this series.

Step 5: Once the Windows PE command prompt is displayed, capture a Windows image of your master installation. Your captured image is called your base image because you will base your deployment on it.

Step 6: Copy your base image to a network share.

Step 7: You’re now ready to deploy your base image to your destination computers which currently have no operating system installed. To deploy the base image to a destination computer, use your bootable Windows PE CD to boot your bare-metal destination computer. Once the Windows PE command prompt appears, partition and format your hard drive using the Diskpart command. Then map a drive to the network share where your based image (the captured image of your master installation) is stored. Then use ImageX to apply the base image to your destination computer. Repeat as needed for as many destination computers as you need to deploy.

Variations on Image-Based Deployment

The above seven-step procedure outlines how to perform a simple, basic image-based installation of Vista onto multiple bare-metal systems starting from a  customized reference installation you created. In the next article of this series we’ll walk through these steps and see in detail how to perform each step. There are two other ways of performing image-based deployment you should know about however. These include the following variations on the above process:

  • Image-based deployment using Windows Setup. In this approach, you create your master installation and capture it to a network share as described above. Then you use Windows System Image Manager (Windows SIM) on your technician computer to create an answer file for unattended installation of your master installation by opening the captured WIM file in Windows SIM, creating your answer file, and saving the answer file to the same network share where the captured WIM file resides. Then you boot your destination computers using Windows PE, connect to the network share where the captured WIM file and answer file are located, and run Windows Setup by typing <mapped drive>\setup.exe /unattend:unattend.xml. Windows Setup then copies the captured image onto your destination computer and installs it using the options you’ve specified in your answer file. For more information concerning this scenario, see the Windows AIK Help file.

  • Image-based deployment using Windows Deployment Services. In this approach, you create your master installation and capture it from a server running Windows Deployment Services (Windows DS). Windows DS is a server role in Windows Server 2008 that represents the next evolutionary version of Remote Installation Services (RIS) which first appeared in Windows 2000 Server. The nice thing about this approach is that you don’t need to use a Windows PE CD to boot each destination computer. Instead, you simply turn them on and they use PXE to obtain an IP address from a DHCP server, then they use TFTP to download a boot client from the Windows DS server, then the boot client applies the captured image. We’ll see how to use Windows DS soon in future articles in this series.

If you missed the previous articles in this series, please read:

Advertisement

Featured Links