arto94 Posted December 10, 2007 Share Posted December 10, 2007 (edited) It's 6:21AM, I've been at work since about 8PM (prior days night), and will be here until 5 or 6PM EST. I have been given the task to create a standard image (one) for the company to work across ALL hardware platforms (old desktops to our spiffy new dual core laptops). This will continue.I've almost mastered the art of Sysprep long ago....there isn't really much to master.I've got most of my drivers on the image (still need tweaking, that can come later). What i'm really having a hard time with, is WinPE. I've never used this before, and none of the documentation really goes over my biggest question."How the hell do I get this to work on computers with different HALs?" My master image is already ACPI, built on an IBM Thinkpad T42. Setting the updatehal command line in my sysprep.ini file resulted in 2 things. Either the image working on a dual core machine, or not. With every half hour that drains away as I re-ghost my master computer to pre-sysprepped state, I've been reading up, and came across some interesting articles both here and outside of here. Namely http://www.myitforum.com/articles/15/view.asp?id=8997 a script that would basically do the work for me.However..."1. Download the sample scripts from this article and store it on your WinPE image or on the deployment server (note the script expects to find the DiskpartActivate.txt script in the working directory). This script assigns a driveletter (C:) to the partition (using a diskpart script), detects the hal type and modifes sysprep.inf with correct info. Some details about the script."How the heck would I set it up on my image? Should I just keep the scripts on my machine? Which I guess will be the deployment server? How do I run deployment server software, i'm rambling, lack of sleep. sorry.Main concerns.1. How do I 'inject' the HAL-Change script into my WinPE image.2. Deployment server - seperate software? If so, can it be run on a winxp machine.3. My syspreps take FOREVER. Should I use mini setup on them? Automatically isntall non pnp drivers? I'm going to clean it up a tiny bit, sysprep it and say "to hell with it, winpe will save me"I guess that's really all for now. Thanks in advance, even if you can give me a good old fashioned "Hi arto94, welcome to the forums, please check out this link for answers to your ultra-basic questions!" Edited December 10, 2007 by arto94 Link to comment Share on other sites More sharing options...
mats Posted December 10, 2007 Share Posted December 10, 2007 Well you got a little challange ahead of you I would read up on Microsofts BDD solution. IT's a free download from MS and if you can do with Light touch you only need a server 2003 box and some clients to test the stuff.Johans skript is intended (if i remember correctly) to run from win pe during the deployment phaze of BDD Link to comment Share on other sites More sharing options...
arto94 Posted December 10, 2007 Author Share Posted December 10, 2007 (edited) Well you got a little challange ahead of you I would read up on Microsofts BDD solution. IT's a free download from MS and if you can do with Light touch you only need a server 2003 box and some clients to test the stuff.Johans skript is intended (if i remember correctly) to run from win pe during the deployment phaze of BDDI enjoy challenges, it gives me an opportunity to stop becoming a contractor and start becoming a staff employee for this company and finally have some decent health insurance....Also, I'll be looking for a new job if I don't get it done! But anyway, to the matter at hand. BDD installed and i'm going through it. so far so good! Thanks!I've gotten nowhere. I have all the tools, put the script in the image file (only at the same directory as every other file) and I really don't know where to go from there, or how to activate the script or anything. Edited December 10, 2007 by arto94 Link to comment Share on other sites More sharing options...
IcemanND Posted December 10, 2007 Share Posted December 10, 2007 the script should be running from PE after you put your image on the machine. Example sequence:1. boot from PE2. Deploy image to machine from PE, if possible do next step without a reboot.3. Run script to determine desired system HAL and modify now deployed OS accordingly.4. reboot system.The issue usually is accessing the deployed os without first rebooting the system. There were various steps you had to go through with earlier versions of Ghost (prior to Solutions Suite 2), You can use WIM files and WinPE2 but I'm not sure if the HAL is detected the same way in PE2 since it is based on Vista and it needs a minimum of 384mb of memory to run diskpart to partition the drive before deploying the image. Link to comment Share on other sites More sharing options...
GTOOOOOH Posted December 11, 2007 Share Posted December 11, 2007 2 weeks huh? Took me 8 months the first time I had to do that, in my spare time at work. Now-a-days I use PE 2.0 and went completely away from "images" because I think with all the extra stuff you have to do in order to make it hardware independent, it's time prohibitive. At the end of the day you might have a working image to be proud of, but in a matter of days it's outdated. Antivirus falls behind, patch levels fall behind, hotfixes, service packs, programs that you realized you needed. You have to re-deploy, let it reinstall, install the stuff you're missing, and re-image. Then test. Now with PE I use a bare metal scripted install, I slipstream my hotfixes, and the ones I can't slipstream, I have scripted as a post install. For hardware I just keep adding drivers through custom DriverPacks, and any programs, etc that I need to add as time marches on, I just add in as installs through some scripted INI's I've written. The "image" all sits nicely on a USB Key, and we have 30 of them in the company that our techs use if they need to rebuild a machine. The Key gets updated through scripts on our network, you plug in, run 1 executable, and within a few minutes you've got a fully updated "image". It's even fully encrypted so if anyone loses a Key or one gets stolen, our "image", apps, programs, serials, etc, etc are all secure. Took me a long time to get to this point... man 2 weeks huh? F that. I pity your situation. I can't even offer advice because you have such a silly deadline IMO. Good luck. Link to comment Share on other sites More sharing options...
cluberti Posted December 11, 2007 Share Posted December 11, 2007 I've got to second GTOOOOOH's sentiment - hardware independent images with anything prior to Vista is just not feasible. You can get close, yes, but never 100% independent. And the post is spot-on about applications and updates, too - unless you're imaging a base Windows install and post-installing all apps and updates, it really makes it hard to stay current.I don't do desktop deployment anymore for a variety of reasons, but when I did, I had a RIS server that could push out a base XP or 2000 OS, from a flat install source (not an image) and install and configure all apps in about 90 minutes a machine, from POST to ready-to-go. And if I wanted to update the image, I could re-write a script or replace an app on the RIS server or deployment point and never have to touch much to keep things updated.I wish you luck if you go the image route - 2 weeks is pretty unrealistic. Link to comment Share on other sites More sharing options...
p4ntb0y Posted December 12, 2007 Share Posted December 12, 2007 if the script your talking about is Johan's then......Build your image on a machine that is a uni proc place all your drivers in your desried location.Download spdrvscn.exe from www.vernalex.comdownload...pskill.exepsloglist.exesync.exefrom sysinternals.Place all these files in your sysprep folder.use this batch file and adjust it to point to your driver folder..rem Infrastructure Team@ECHO OFFCLSECHO System Preparation ToolECHO.ECHO Before continuing please:ECHO 1. Be sure that the pre-sysprep steps were followed.ECHO 2. Image the computer previous to this, as the sysprepECHO process may fail and this would corrupt the installationECHO you have prepared.ECHO 3. Restart the computer before attempting this so thatECHO system buffers are cleared.ECHO 4. Close all open windows before continuing.ECHO.pauseECHO.ECHO Flushing data to disks (preliminary):sync -r -eECHO.ECHO Cleaning up old driver caches:del /s /q c:\drivers\infcache.1ECHO.ECHO Creating driver path (SysPrep Driver Scanner):spdrvscn /p c:\drivers /e inf /d C:\windows\inf /a /s /qECHO.ECHO Closing open SMB connections:net use * /delete /yesECHO.ECHO Terminating unneeded processes:kill /f vptraykill /f ccappkill /f explorerkill /f algkill /f ati2evxxkill /f ccevtmgrkill /f ccsetmgrkill /f defwatchkill /f lucoms~1kill /f mdmECHO.ECHO Stopping unnessary services:net stop alerter /yesnet stop wuauserv /yesnet stop browser /yesnet stop cryptsvc /yesnet stop dhcp /yesnet stop mdm /yesnet stop trkwks /yesnet stop protectedstorage /yesnet stop remoteregistry /yesnet stop seclogon /yesnet stop samss /yesnet stop wscsvc /yesnet stop lanmanagerserver /yesnet stop "symantec antivirus" /yesnet stop defwatch /yesnet stop ccevtmgr /yesnet stop sndsrvc /yesnet stop ccpwdsvc /yesnet stop ccsetmgr /yesnet stop sens /yesnet stop srservice /yesnet stop schedule /yesnet stop lmhosts /yesnet stop ups /yesnet stop uphclean /yesnet stop webclient /yesnet stop audiosrv /yesnet stop sharedaccess /yesnet stop msiserver /yesnet stop w32time /yesnet stop wzcsvc /yesnet stop lanmanworkstation /yesnet stop spooler /yesECHO.ECHO Removing cached OEM drivers...attrib -r -a -s -h C:\windows\inf\oem*.*del /q c:\windows\inf\oem*.*del /q c:\windows\inf\infcache.1ECHO.ECHO Clear the event logs...psloglist -c applicationpsloglist -c securitypsloglist -c systemECHO.ECHO Flushing data to disks (finalization):sync -r -eECHO.ECHO Executing system preparation tool (reseal / minisetup)...start sysprep -reseal -mini -quiet -shutdownOnce your image is built go into device manager and then expand the computer icon, right click and then update the ACPI type click "Install from a list" option and then click "Don't search I will choose option" click "next" and then choose " Advanced Configuration and Power Interface (ACPI) PC" Ok now for the sysprep.inf make the settings you require. Do not use the oempnpDriverspath spdrvscan will scann all dirs and then place this directly into the registry for windows to search for drivers paths.Don't forget to add your mass storage Device Driver IDS into the sysprep.inf for the machine to boot.If your running new hardware that has the new Sata drivers then use "IDE Merge" attachd to this post this will pre-stage the drivers into the windows registry so that when windows boots it will correctly install the correct Sata driver..iaahci.inf or iastor.infSet up Windows 2003 with WDS with PXE for your winpe image to deploy to your clients (Do not forget that you need Drivers for the Mass Storage Device Drivers and network in the winpe image) now as Iceman said if your going with winpe 2.0 then you need at least 348mb of ram to create a pri a partition The PXE server will answer requests for the "F12" send the winpe image to the client partition the drive lay an image from a share, look up the hal type "HKLM\SYSTEM\CurrentControlSet\Enum\Root\ACPI_HAL\0000\HardwareID" (winpe 2.0 and winpe 2005 use the same reg key to find hal type) Run the ztihaldetect.vbs to adjust the sysprep to correctly which will adjust the sysprep depending on the hal IE: if it reports "Advanaced Power Interface ACPI PC" it will not do anything. if it reports "ACPIAPIC_MP" then it adds an entry to sysprep in the unattended part "UpdateHAL=ACPIAPIC_MP,%WINDIR%\Inf\Hal.inf this will then get its files that are required from the "dllcache" the machine will now have the correct hal.If you would like the "IDE Merge" then please PM me (its 201k :-()I have managed to reduce the companys images from 35 to 1 which includes laptops.Only thing I need to work out is how to do laptop hardware profiles from the cmd line. Link to comment Share on other sites More sharing options...
GTOOOOOH Posted December 13, 2007 Share Posted December 13, 2007 if the script your talking about is Johan's then......Build your image on a machine that is a uni proc place all your drivers in your desried location.Download spdrvscn.exe from www.vernalex.comdownload...pskill.exepsloglist.exesync.exefrom sysinternals.Place all these files in your sysprep folder.use this batch file and adjust it to point to your driver folder..rem Infrastructure Team@ECHO OFFCLSECHO System Preparation ToolECHO.ECHO Before continuing please:ECHO 1. Be sure that the pre-sysprep steps were followed.ECHO 2. Image the computer previous to this, as the sysprepECHO process may fail and this would corrupt the installationECHO you have prepared.ECHO 3. Restart the computer before attempting this so thatECHO system buffers are cleared.ECHO 4. Close all open windows before continuing.ECHO.pauseECHO.ECHO Flushing data to disks (preliminary):sync -r -eECHO.ECHO Cleaning up old driver caches:del /s /q c:\drivers\infcache.1ECHO.ECHO Creating driver path (SysPrep Driver Scanner):spdrvscn /p c:\drivers /e inf /d C:\windows\inf /a /s /qECHO.ECHO Closing open SMB connections:net use * /delete /yesECHO.ECHO Terminating unneeded processes:kill /f vptraykill /f ccappkill /f explorerkill /f algkill /f ati2evxxkill /f ccevtmgrkill /f ccsetmgrkill /f defwatchkill /f lucoms~1kill /f mdmECHO.ECHO Stopping unnessary services:net stop alerter /yesnet stop wuauserv /yesnet stop browser /yesnet stop cryptsvc /yesnet stop dhcp /yesnet stop mdm /yesnet stop trkwks /yesnet stop protectedstorage /yesnet stop remoteregistry /yesnet stop seclogon /yesnet stop samss /yesnet stop wscsvc /yesnet stop lanmanagerserver /yesnet stop "symantec antivirus" /yesnet stop defwatch /yesnet stop ccevtmgr /yesnet stop sndsrvc /yesnet stop ccpwdsvc /yesnet stop ccsetmgr /yesnet stop sens /yesnet stop srservice /yesnet stop schedule /yesnet stop lmhosts /yesnet stop ups /yesnet stop uphclean /yesnet stop webclient /yesnet stop audiosrv /yesnet stop sharedaccess /yesnet stop msiserver /yesnet stop w32time /yesnet stop wzcsvc /yesnet stop lanmanworkstation /yesnet stop spooler /yesECHO.ECHO Removing cached OEM drivers...attrib -r -a -s -h C:\windows\inf\oem*.*del /q c:\windows\inf\oem*.*del /q c:\windows\inf\infcache.1ECHO.ECHO Clear the event logs...psloglist -c applicationpsloglist -c securitypsloglist -c systemECHO.ECHO Flushing data to disks (finalization):sync -r -eECHO.ECHO Executing system preparation tool (reseal / minisetup)...start sysprep -reseal -mini -quiet -shutdownOnce your image is built go into device manager and then expand the computer icon, right click and then update the ACPI type click "Install from a list" option and then click "Don't search I will choose option" click "next" and then choose " Advanced Configuration and Power Interface (ACPI) PC" Ok now for the sysprep.inf make the settings you require. Do not use the oempnpDriverspath spdrvscan will scann all dirs and then place this directly into the registry for windows to search for drivers paths.Don't forget to add your mass storage Device Driver IDS into the sysprep.inf for the machine to boot.If your running new hardware that has the new Sata drivers then use "IDE Merge" attachd to this post this will pre-stage the drivers into the windows registry so that when windows boots it will correctly install the correct Sata driver..iaahci.inf or iastor.infSet up Windows 2003 with WDS with PXE for your winpe image to deploy to your clients (Do not forget that you need Drivers for the Mass Storage Device Drivers and network in the winpe image) now as Iceman said if your going with winpe 2.0 then you need at least 348mb of ram to create a pri a partition The PXE server will answer requests for the "F12" send the winpe image to the client partition the drive lay an image from a share, look up the hal type "HKLM\SYSTEM\CurrentControlSet\Enum\Root\ACPI_HAL\0000\HardwareID" (winpe 2.0 and winpe 2005 use the same reg key to find hal type) Run the ztihaldetect.vbs to adjust the sysprep to correctly which will adjust the sysprep depending on the hal IE: if it reports "Advanaced Power Interface ACPI PC" it will not do anything. if it reports "ACPIAPIC_MP" then it adds an entry to sysprep in the unattended part "UpdateHAL=ACPIAPIC_MP,%WINDIR%\Inf\Hal.inf this will then get its files that are required from the "dllcache" the machine will now have the correct hal.If you would like the "IDE Merge" then please PM me (its 201k :-()I have managed to reduce the companys images from 35 to 1 which includes laptops.Only thing I need to work out is how to do laptop hardware profiles from the cmd line.Man that's a lot for an unknown end result. As for your last statement about laptop hardware profiles let me expand on that with a little elegance. If you use PE with any kind of WMI scripting you can query the BIOS and determine just about any manufacturers info, specifically the model. If they're custom built computers, that's nearly impossible but if they are, you're probably not in a corporate environment anyway and this doesn't really pertain to you. So, you query the BIOS get the model, then based on the model you only install the drivers you need. The way I did this was by heavily rescripting DriverPacks and making my own bastardized version. So my installs go as follows.Plug in USB keyAnswer a few questions like machine name, IP Segment you're currently on, Domain you'll be joining, etcProvide the password for the encrypted volume on the keyAfter a few minutes it prompts you to remove the key, now, sit back and relax.In the background it determines what sort of hardware it is, copies the right driverpacks to the C: drive, and moves ahead with the installation. Post install gets all our corporate apps/tweaks/settings/etc. 0 interaction from the tech once they unplug the key.It takes about an hour from start to finish which most people scoff at because it's not UBER quick and it's not GHOST, and it's not coming down from a network share, blah blah blah. But if you've ever had to maintain images you know you'll spend FAR more time on maintenance tasks and testing then actually improving your product. So, start to finish most images take about a 1/2 hour with apps and all sorts of setting changes etc.. however once you get new hardware the process starts out all over again and it's an absolute pain to continue rebuilding and testing images in a hardware diverse environment. So, you double your "imaging" time, but you by creating a solution that takes 5 minutes to deploy, but 55min to setup, you lower your costs because a tech can walk away and come back while the user works on a loaner machine or is out to lunch. The only thing I WISH for is a faster network where we COULD push the same solution down via PXE, but that's impossible for now, so this solution is great and scalable, cost effective and fast. Link to comment Share on other sites More sharing options...
p4ntb0y Posted December 13, 2007 Share Posted December 13, 2007 lolUnknown result? I know what the result it is all documented.I work for the biggest IT contract currently alot of users more than 250,000 across more than 1000 sites.the information I have provided is all the info I have received from this board :-).I have one Image when I say image I mean I have one "Imagex Image" not really an Image its a bunch of files, this includes all my drivers for my current models.I can deploy this by WDS, CD/DVD or USB it takes 3 mins on my slowest machine by USB. If I have any other models then I can inject the drivers into the "Image" I can do a SMS wipe and load if I want to. The user can rebuild his machine using WDS if he wishes everything is locked down.Every last Detail is documented this includes the drivers used, I can hardly say download "The Driver packs" etc. Not that i am knocking the driverpacks by sneaky I can not use them in my Enterprise cause I can not truly say how it works.I allready have a way of setting custom actions widescreens , DVD Writers, local printers, etc with the single build that I never have to update unless I have to go to a different windows version. The question with hardware profiles is how can I script this? I could run an autoit script to manually send the keys but thats not our way.I would go with the BDD way 2.5 or the 2007.You can then decide if you want drivers in your image or out and let the BDD inject these depending on what you want, be warned there are loads of ways you can do this in the BDD. I will take more than two weeks to read and digest the thing!BDD is free and supported which has to be in my case as I am not allowed to deploy anything that is not supported due to our "contract"unknown result lol TCO's depend on the size of the company if you have 2 Weeks to do a single image for less then 100 users then I would not bother with the BDD if you have more than 500 then the cost to invest time into the BDD will in the end lower the TCO. Link to comment Share on other sites More sharing options...
jgallas Posted December 13, 2007 Share Posted December 13, 2007 I've got to second GTOOOOOH's sentiment - hardware independent images with anything prior to Vista is just not feasible. You can get close, yes, but never 100% independent.I disagree. It is definitely possible to do, I have done it (22 models, 3 different manufacturers and a combination of laptops and desktops as well as 3 HAL types). I would give it a few months though and not 2 weeks. It does take an awful long time getting everything to work together nicely (namely because it takes so **** long to sysprep, reboot, test, resysprep). For a while I used mysysprep to get the HALs right. Now I am attempting to use haldetect.vbs. I will let everyone know how that goes. I also had a lot of vbscripts running at different times and for different reasons (auto naming the PC based on the Asset Tag and a "site" prefix, joining the domain, installing "helper" apps such as synaptics touchpad drivers but only if the devices existed on the system, etc.).One could make a career out of building images! Link to comment Share on other sites More sharing options...
GTOOOOOH Posted December 14, 2007 Share Posted December 14, 2007 (edited) I wish I only had 22 models and that right there is the reason why imaging with sysprep and re-sysprepping would be so prohibitive on time for me, by the time I'm "done" we'd have new models to test. Currently at the last count we had over 6 manufacturers and 53 models, now for the most part as long as the HAL is the same, you can cut that number in half, however staying on top of virus dat's and critical KB's from MS because we run Safe Access to lock down all our machines requires I stay up to date by no less then 4 days, otherwise a machine in our domain is quarantined and the user unable to get a production IP. This also forces us to use local media rather then a network install because PXE can't hand out addresses in our production environment because Safe Access blocks machines not in our domain. Your way of doing things is really pie-in-the-sky for me, one day maybe, but with so much legacy equipment, SOX restrictions, and red-tape... 1 hour is the best we got at this point. Edited December 14, 2007 by GTOOOOOH Link to comment Share on other sites More sharing options...
Nuno Brito Posted December 15, 2007 Share Posted December 15, 2007 I had a very similar challenge some time ago and automated all needed steps onto a single project.This helped me to speed a lot of the testing and improving process until it I reached my expected results.Now I only need to update the driverpacks or any of the included addons and rebuild again as needed.------------I've released this project today as beta - it's not based on sysprep as I preferred the traditional XP install but I hope it can still help you.http://www.boot-land.net/forums/index.php?showtopic=3651It allows to automate customization of the windows source and also adds a XP PE environment to apply any additional tasks with MMC such a disk partitioning or running Winnt32.exe with custom switches from command line. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now